Unable to join ESXi host to the domain – Error when handling SMB socket

I was recently joining ESXi (5.5.0, 1892794) hosts to a domain to which the task would  fail with the status ‘Errors in Active Directory operations’.  On further investigation of the Likewise agent log on the impacted ESXi host, the following was being written to the log file:

 

ERROR:[SMBSocketReaderMain() /build/mts/release/bora-1471401/likewise/esxi-esxi/src/linux/lwio/server/rdr/socket.c:660] Error when handling SMB socket

 

This issue is due to  the size of the Kerberos Ticket Granting Service (TGS) being very high. From the network capture for SMB errors in the Likewise agent logs where the ‘Security Blob Length’ and ‘Byte Count’ values are greater than the  Max Buffer Size on the domain controller to which the ESXi host is setting up a SMB session which by default is 16644 bytes or 4356 bytes if total memory is less than or equal to 512 MB on the host.

Below is an example of the above values in an SMB network capture:


Security Blob Length: 19314
Byte Count (BCC): 19371

 

In order to resolve this issue, I was required to add a DWORD value name ‘SizeReqBuf’ to the registry key ‘HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters’ where the the value data (Decimal) is greater than the values being returned from the network capture and then restart the domain controller(s).

 

 

Retrieve Domain Name for Guest VMs using PowerCLI

I was recently required to return a collection of VMs and the domain to which they were a member. This was possible to retrieve by using the Get-VM cmdlet and manipulating the value of the ‘Guest.HostName property’.

By returning this value for a single VM we can see that it is possible to return the fully qualified domain name:

(Get-VM "server1").Guest.HostName
server1.domain.local

Now that we have this value it is possible to manipulate the string to obtain the information required.  By invoking the split operator to split the string into substrings we using the ‘\.’ as the delimiter pattern.

The escape character ‘\’  is required as ‘.’ matches any character except a new line.

(Get-VM "server1").Guest.HostName -Split '\.'

This would return the following output:

server1
domain
local

In order to retrieve the domain name we will require to remove the host name from the output, this can be performed by returning all the substrings after the first match.

$Domain = (Get-VM "server1" ).Guest.HostName -Split'\.'
$Domain[1..($Domain.Count)]

This would return the following output:

domain
local

All that is required now is for the substrings to be joined with the ‘.’ delimiter to generate the domain name:

$Domain = (Get-VM "server1").Guest.HostName -Split '\.'
$Domain[1..($Domain.Count)] -Join '.'

domain.local

This script can be run agaisnt a collection of VMs to return the VM name and the domain and to output to a file as below:

$VMs = Get-VM

$Output = ForEach ($VM in $VMs) 

    { 
    "" | Select @{N="Name";E={$VM.Name}},
    @{N="Domain";E={$Domain = $VM.Guest.HostName -Split'\.'
    ($Domain[1..($Domain.Count)] -Join'.').ToLower()}}
    } 
    
$Output = Export-CSV -Path D:\Output\VMDomainNames.csv -NoTypeInformation