OPERATIONAL DEFECT DATABASE
...
...
Joining an ESXi host to Active Directory using the vSphere Authentication Proxy service fails with the error: The specified vSphere Authentication Proxy Server is not reachable, or has denied access to the service. In the hostd.log file, located at /var/log/, you see entries similar to: <YYY-MM-DDTHH:MM:SS>.506Z [34564B90 info 'Vimsvc.TaskManager' opID=2F9716C2-000001B3-a3-fa] Task Created : haTask-ha-hostvim.host.ActiveDirectoryAuthentication.joinDomainWithCAM-305724229 CamHttpQueryDomainInfo: 13 <YYY-MM-DDTHH:MM:SS>.880Z [34564B90 error 'ActiveDirectoryAuthentication' opID=2F9716C2-000001B3-a3-fa] vmwauth ConnectionRefusedException: Exception 0x000004c9: The remote computer refused the network connection. <YYY-MM-DDTHH:MM:SS>.880Z [34564B90 info 'Vimsvc.ha-eventmgr' opID=2F9716C2-000001B3-a3-fa] Event 85 : Join domain failed. <YYY-MM-DDTHH:MM:SS>.881Z [34564B90 info 'Vimsvc.TaskManager' opID=2F9716C2-000001B3-a3-fa] Task Completed : haTask-ha-host-vim.host.ActiveDirectoryAuthentication.joinDomainWithCAM-305724229 Status error <YYY-MM-DDTHH:MM:SS>.216Z [34440B90 verbose 'SoapAdapter'] Responded to service state request <YYY-MM-DDTHH:MM:SS>.609Z [FFDC2B90 info 'Solo.Vmomi'] Activation [N5Vmomi10ActivationE:0x5720578] : Invoke done [waitForUpdates] on [vmodl.query.PropertyCollector:ha-property-collector] <YYY-MM-DDTHH:MM:SS>.609Z [FFDC2B90 verbose 'Solo.Vmomi'] Arg version: "2" <YYY-MM-DDTHH:MM:SS>.609Z [FFDC2B90 info 'Solo.Vmomi'] Throw vmodl.fault.RequestCanceled <YYY-MM-DDTHH:MM:SS>.609Z [FFDC2B90 info 'Solo.Vmomi'] Result: (vmodl.fault.RequestCanceled) { dynamicType = <unset>, faultCause = (vmodl.MethodFault) null, msg = "", } In the vpxd.log file, located at C:\ProgramData\VMware\VMware VirtualCenter\Logs\, you see entries similar to: <YYY-MM-DDTHH:MM:SS>.089+01:00 [01616 info 'Default' opID=2F9716C2-000001B3-a3] [VpxLRO] -- ERROR task-70 -- host-38 -- vim.host.ActiveDirectoryAuthentication.joinDomainWithCAM: vim.fault.CAMServerRefusedConnection: Result: (vim.fault.CAMServerRefusedConnection) { dynamicType = <unset>, faultCause = (vmodl.MethodFault) null, errorCode = 1225, camServer = "10.10.10.102", msg = "The specified vSphere Authentication Proxy server is not reachable, or has denied access to the service.", } Args:
This issue occurs if the Authentication Proxy service is not listening on port 51915.
To resolve this issue, change the Authentication Proxy service to port 51915. To change the Authentication Proxy service to port 51915: Log in to the server that is running the vSphere Authentication Proxy as an administrative user. Click Start > Run, type services.msc and click OK.Right-click Authentication Proxy Services and click Stop.Open Server Manager and navigate to Roles > Web Server > Internet Authentication Services > Computer Account Manager > Bindings.Select https and select Edit Change Port.Change the current port to 51915.Modify the vmconfig-cam.xml file, located at C:\ProgramData\VMware\vSphere Authentication Proxy\, using the text editor. Set the port to 51915.Open the C:\ProgramData\VMware\vSphere Authentication Proxy\ssl directory and remove any host-XX files.Restart the Authentication Proxy Services service.
Currently vSphere Authentication Proxy supports only IIS 6 and IIS 7. Windows 2012 and 2012 R2 running IIS 8.x are not supported. For related information, see: VMware vSphere 5.1 Security GuideVMware vSphere 5.0 Security Guide To be alerted when this document is updated, click the Subscribe to Article link in the Actions box Note: The preceding link was correct as of September 15, 2014. If you find the link is broken, please provide feedback and a VMware employee will update the link. vSphere Authentication Proxy を使用してESXi ホストを Active Directory に参加させると次のエラーで失敗する:The specified vSphere Authentication Proxy Server is not reachable, or has denied access to the service
Click on a version to see all relevant bugs
VMware Integration
Learn more about where this data comes from
Bug Scrub Advisor
Streamline upgrades with automated vendor bug scrubs
BugZero Enterprise
Wish you caught this bug sooner? Get proactive today.
