If you are facing AD Account login issue with "Invalid Credentials" for all the domain accounts
or If adding to AD from UI not reflecting then perform the below steps in order.
Note: Custom permissions added in the vCenter Server Inventory will be lost if the user is from the Specific Domain which you are trying to disjoin/remove and Identity Source is configured for that specific domain as Active Directory (Windows Integrated Authentication) option. Take necessary backups before trying Leave Domain operation.
- Leave vCenter Server Appliance from Domain
- Join the vCenter Server Appliance to Domain
- Verify Domain Join Status from VCSA Command line
- Reboot the vCenter Server and retry login
- Connect to the vCenter Server console or SSH session and log in using root credentials.
- Run this command to query the domain join status of Appliance:
/opt/likewise/bin/domainjoin-cli query
Note: Custom permissions added in the vCenter Server Inventory will be lost if the user is from the Specific Domain which you are trying to disjoin/remove and Identity Source is configured for that specific domain as Active Directory (Windows Integrated Authentication) option. Take necessary backups before trying Leave Domain operation.
- Connect to the vCenter Server console or SSH session and log in using root credentials.
- Run this command to disjoin the Appliance from the domain:
/opt/likewise/bin/domainjoin-cli leave
For example:
/opt/likewise/bin/domainjoin-cli leave
- Verify the status using "/opt/likewise/bin/domainjoin-cli query
"command. - Run this command to restart the vCenter Server services:
service-control --stop --all
service-control --start --all
- Connect to the vCenter Server console or SSH session and log in using root credentials.
- Run this command to join the Appliance to the domain:
/opt/likewise/bin/domainjoin-cli join domain.com Domain_Administrator Password
For example:
/opt/likewise/bin/domainjoin-cli join vmware.local Administrator Passw0rd (Note: It will prompt for Password if password is not provided in the Command line)
- Run this command to restart the vCenter services or reboot the VCSA:
service-control --stop --all
service-control --start --all