Nice demonstration. One quick question, what will happen to the vcenter local ac after vcenter joined AD? Will it be disabled? Can someone access the vcenter using the local account after vcenter joined AD?
Local account is NOT disabled and you can access vCenter with local account unless you disable it in vCenter . Furthermore I am NOT recommending to disable administrator @vsphere.local
Hi great video! I'm curious does it mean my vCenter server must set the DNS server to the domain controller? I have a separate DNS server in my LAN, i use that to resolve all domain names, but I assume vCenter use FQDN, does it mean regular DNS server cannot resolve that, we would have to use a Domain controller DNS to resolve FQDN? Thank you!
Hey Looper, You don't necessarily have to set the DNS server on your vCenter server to the domain controller. A separate DNS server can be used as long as it can resolve the FQDNs of all the relevant components in your environment, including the domain controller and other systems that need to communicate with the vCenter server. Using a regular DNS server should not be an issue for resolving FQDNs. An FQDN is essentially a domain name that specifies the complete location of a system within the domain hierarchy, and any DNS server configured to handle your domain should be able to resolve FQDNs.
@@AngryAdmin Thanks a lot for the reply, I was just using pihole as my local DNS server, but it looks like it doesn't support FQDN tho. Haha I think I need a more capable DNS server.
i get ldm client exception error code [2453] anyone know the solution to fixing this? ive checked my dns records and everything seems fine but i just cant join my active directory very frustrated been trying for days
Hey @thejwil45 The error code [2453] in vCenter Server typically indicates that there is a problem with the vCenter Server's ability to communicate with the Active Directory domain controller. Maybe remove stale DNS record for vCenter and re-create new record, check if you can communicate with DNS, check firewalls etc
A bad packet was received from a DNS server. Potentially the requested address [domain.local] does not exist. Caused by: A bad packet was received from a DNS server. Potentially the requested address [domain.local] does not exist.
Well explained👍...would you do one video on how to renew - identity source LDAP certificate?
I will put it on my list to-do
Nice demonstration. One quick question, what will happen to the vcenter local ac after vcenter joined AD? Will it be disabled? Can someone access the vcenter using the local account after vcenter joined AD?
Local account is NOT disabled and you can access vCenter with local account unless you disable it in vCenter . Furthermore I am NOT recommending to disable administrator @vsphere.local
Very nice only one video this issue
what is the issue?
Did you have to pre-create the computer account in AD DS, or does the Domain Join create it?
No, you don't, you need to have a user which can join to AD but not computer account
Cool 😎
Thanks
Hi great video! I'm curious does it mean my vCenter server must set the DNS server to the domain controller? I have a separate DNS server in my LAN, i use that to resolve all domain names, but I assume vCenter use FQDN, does it mean regular DNS server cannot resolve that, we would have to use a Domain controller DNS to resolve FQDN? Thank you!
Hey Looper, You don't necessarily have to set the DNS server on your vCenter server to the domain controller. A separate DNS server can be used as long as it can resolve the FQDNs of all the relevant components in your environment, including the domain controller and other systems that need to communicate with the vCenter server.
Using a regular DNS server should not be an issue for resolving FQDNs. An FQDN is essentially a domain name that specifies the complete location of a system within the domain hierarchy, and any DNS server configured to handle your domain should be able to resolve FQDNs.
@@AngryAdmin Thanks a lot for the reply, I was just using pihole as my local DNS server, but it looks like it doesn't support FQDN tho. Haha I think I need a more capable DNS server.
@@looper6120 haven't played with pihole yet.
i get ldm client exception error code [2453] anyone know the solution to fixing this? ive checked my dns records and everything seems fine but i just cant join my active directory very frustrated been trying for days
Hey @thejwil45 The error code [2453] in vCenter Server typically indicates that there is a problem with the vCenter Server's ability to communicate with the Active Directory domain controller. Maybe remove stale DNS record for vCenter and re-create new record, check if you can communicate with DNS, check firewalls etc
@@AngryAdmin will try this thank you for replying!
@@thejwil45 fingers crossed :)
A bad packet was received from a DNS server. Potentially the requested address [domain.local] does not exist. Caused by: A bad packet was received from a DNS server. Potentially the requested address [domain.local] does not exist.
Is it a question or a statement ?
it's a question@@AngryAdmin
That indicate issue with your DNS, can you ping your DNS? Also check firewall if you have one.
@@CiroFuentes well, you need to check your setup, do you have the correct DNS record? Can you ping your DNS from the vCenter server?