Today, I decided to change my vCenter from being Windows based to the vCenter Server Appliance (VSA) 5.1.0a and when I tried to enter the LDAP details for Active Directory Authentication, I received various error messages:
- Error: Invalid Active Directory domain
- Error: Enabling Active Directory failed
- Error: Invalid SRV Records
The first thing to always check is your DNS settings to make sure you have forward and reverse look up records set up correctly, check these are all OK.
Next, I did a basic ping test to VMF-VSA01 which is the name of my VSA, again all working.
Ah, I thought, perhaps I have entered in something wrong on the VSA network settings, so I double checked these, again all looked good.
Then I remembered, that I should be using FQDN’s (Fully Qualified Domain Names) for my VSA, so rather than using VMF-VSA01 I should use VMF-VSA01.vmfocus.local
Another try at authenticating, and it still failed with ‘Error: Invalid Active Directory domain’.
One more try, this time I changed the domain to vmfocus.local and boom, we have success!
So to summarise:
- Make sure you use a FQDN for your vCenter Server Appliance
- Make sure you have forward and reverse look up record for your vCenter Server Appliance
- Make sure your domain is entered as a FQDN
VMFocus 
Thanks very much. Solved my problem.
Reverse DNS, i cant believe it. Thankyou so much, Ive spent two hours pulling my hair out
Hi Craig,
I just had the same DOH moment. Just thought I should let you know that you’re not the only one. π
Thank you very much, It saved my life π
Thanks man! Feeling DOHish too!
perfect. for me it was the FQDN… so freaking simple. thanks
Thank you for this! It’s guides like this that keep me sane π
Thank you very much! Sometimes you can’t see the wood for the trees π
Thans for your post,
BTW I still add a problem it was because my account for authentification add a “#” for the first caracter…
The trick that worked for me after making sure all of the above was to enter username as: domain\username