We were having LDAP issues within our VRA 7.3 lab deployment which started directly after an array outage that took down our domain controllers. During recovery of the domain controllers they were upgraded to 2016 before I was able to look into the LDAP issue within VRA. Below is how I solved the connector issue that came about because of changing domain controller names.
- VRA 18.104.22.1686 Build 5493917 – Compact deployment
- Active Directory before outage
- labdc01-0 (Server ’08 R2)
- labdc02-0 (Server ’08 R2)
- labdc03-16 (Server ’16 R2)
- labdc04-16 (Server ’16 R2)
- Active Directory currently
- labdc01-16 (Server ’16 R2)
- labdc02-16 (Server ’16 R2)
The first thing I came across was KB 2145438. I reviewed the log files but didn’t have any of the errors mentioned within the Symptoms section. I decided to review the config-state.json files within each Tenant folder and noticed “labdc03-16” listed for the domain server. I took a snapshot of the appliance, backed up all config-state.json files, changed all instances of “labdc03-16” within them to “labdc01-16”, and restarted the horizon-workspace service per instructions. I was still unable to logon or verify the directory configuration.
I decided to remove the domain integration and add it back since this is just a lab. I removed the appliance from the domain within Connectors and deleted the directory from every tenant and tried to add it back to the system tenant. I received the error message “Connector Communication Failed because of invalid data: Problem connecting to directory:”
I checked the /storage/log/vmware/horizon/connector.log and noticed it was failing while trying to bind to “labdc04-16.”
Naturally, I checked the DC’s for any remnants of this server including Sites & Services, ADUC and DNS. I couldn’t find anything. Checked /etc/hosts but nothing there.
I then decided to try grep -R labdc04-16 * starting in /usr/local/horizon/ BINGO!!! It found it within /usr/local/horizon/conf/domain_krb.properties which based on time stamp of file was added 5 months ago when I deployed this lab.
I backed up the file, fixed it with the correct domain controller names, and the restarted the horizon-workspace service again.
I was then able to add the domain back as as a Directory. All existing rights were still in place so I didn’t have to redo any anything else.
Turns out there’s a KB for this as well – KB2147737