Problem
I was trying to add my vCenter to my internal AD but I kept keeping the error that vCenter could not connect.
ldm client exeption: Error trying to join AD, error code [40075], user [user], domain [domain], orgunit []
Solution
First I checked if the domain was reachable via DNS from the vCenter server by connecting via SSH to the vCenter VM and pinging the domain.
So there was no issues there, but i thought lets try the command line to see if we can add it like this. so I typed in the commands
Shell /opt/likewise/bin/domainjoin-cli join [domain] [user name] [password] |
where domain, user name and password of my own domain. I got an interesting error..
Clock skew detected with active directory server..
Ok so there’s a timing issue with the domain and the vcenter appliance…
To resolve this you need to add NTP servers to the vCenter appliance!
you must log on to the management portal :5480
And add the time servers there
After that double check your time settings on the VMware host(s) and the domain controller to see if they all point to the same (internal or external) NTP host
On the domaincontroller you can use this command
W32time /query /status |
It would give you something simelar to this:
and on the VMware host you need to check:
pro tip: Also check if the NTP service is running, if it is stopped as it was on my hosts you can start it via:
So after checking and changing the NTP settings on the domain controller, VMware hosts and vCenter i once again tried to connect to the domain through SSH.
And it worked :-). Don’t forget to reboot vCenter to let it authenticate to the Active Directory domain in the correct way!
(thanks to memegenerator.net for the meme that captured my feelings best)