Connecting XenServer to XenCenter with AD User credentials fails with incorrect username/password

book

Article ID: CTX204224

calendar_today

Updated On:

Description

When trying to add a new host to XenCenter console, the process fails with the message "XenCenter has encountered a problem connecting to this server" and "Incorrect username and/or password". A second XenServer pool using the same AD authentication configuration (same domain, same AD groups) can successfully connect using the same user & credentials.

Resolution

To resolve the issue:

1. Disconnected the XenServer from the Domain
2. Stopped the lsassd service
3. Deleted the likewise database:
#service lsassd stop
#rm -rf /var/lib/likewise/db/*
4. Started the lsassd
#service #service lsassd start
5. Connected the Server to the Domain

Problem Cause

The issue was caused because the password for the user had expired in the local likewise cache.

Below is the error message from the log /var/logmessages :

Sep 16 11:32:31 trodeehnxs21 xapi: [ info|trodeehnxs21|2098311 INET :::80|session.login_with_password D:8050f3568dfa|xapi] Failed to externally authenticate user fcadmin@trost.local from HTTP request from Internet with User-Agent: XenCenter/6.5.2: The authentication request could not be handled
Sep 16 11:32:34 trodeehnxs21 lsassd[3347]: 0x7fdb984d5940:Permission granted for (uid = 0, gid = 0, pid = 10020) to open LsaIpcServer
Sep 16 11:32:34 trodeehnxs21 lsassd[3347]: [IPC] (session:11c17c9830c61abd) Accepted association 0x1d1bf40
Sep 16 11:32:34 trodeehnxs21 lsassd[3347]: 0x7fdb597da940:Cache entry for Sid S-1-5-21-2557590035-4015778651-1097594630-24859 is expired
Sep 16 11:32:34 trodeehnxs21 lsassd[3347]: 0x7fdb5dfe3940:Cache entry for sid S-1-5-21-2557590035-4015778651-1097594630-24859 expired 3027924 seconds ago
Sep 16 11:32:34 trodeehnxs21 lsassd[3347]: [IPC] (assoc:0x1d1bf40) Dropping: Connection closed by peer

Was this article helpful?

thumb_up Yes

thumb_down No

Welcome to "KB Articles"