Today I was struggling with an ESX host. The ESX host was unable to leave the Windows domain. I got the following error:

image

From the vSphere client I was unable to fix this issue. Apply Host profile failed also with the same error. So I started a search in the VMware KB and found an article about problems while attempting to join a Windows domain. In this article you’ll find a way to clean up the AD configuration from the CLI.

The solution for me was to stop the lsassd service:

/etc/init.d/lsassd stop

Remove the db directory:

/etc/likewise/db directory

and start the lasassd service again:

/etc/init.d/lsassd start

Now I was able to leave the Windows domain.

Advertisement

Published by afokkema

2 thoughts on “ESXi: Leave Windows Domain: The operation is not allow in the current state

  1. If you connect vsphere client directly to the ip of the host with the vsphere client, you can usually remove it from AD. You will get this error if you are trying to remove it in version 5.0 while logged into a vsphere client connected to vcenter using an AD account.

    Reply

  2. I have the same issue, I tried restarting the management services on the host. After disconnecting the ESXi host from vCenter and reconnect the host I was able to power on virtual machines, also my CPU/Memory activity is back

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.