Trying to join a ESXi host to AD domain getting Failed – Errors in Active Directory operations


Join Domain





Enables ActiveDirectory authentication on the host



Failed – Errors in Active Directory operations.


ESXi host and DC are in separate vlans


The following ports are allowed from ESXi to DC, not seeing any denied packets in the firewall logs when I attempt to join

ESXi firewall has both TCP and UDP allowed for DNS


  1. TCP 88 (Kerberos Key Distribution Center)
  2. TCP 135 (Remote Procedure Call)
  3. TCP 139 (NetBIOS Session Service)
  4. TCP 389 (LDAP)
  5. TCP 445 (SMB,Net Logon)
  6. UDP 53 (DNS)
  7. UDP 389 (LDAP, DC Locator, Net Logon)
  8. TCP 49152-65535 (Randomly allocated high TCP ports)


DNS records (forward and reverse) are created for the hosts in DNS


What would be the next step in troubleshooting AD joining?

Source link

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *