After an ESXi v6 host is added to the domain and add domain security group to the ESXi permissions, users might not able to login to ESXi host using domain credential. There can be many reason for this. One of the reasons is that the ldap cache is not big enough to catch require ladp data.

/var/log/syslog.log file will have a entry lwsmd: encoded packet size too big (4612 > 4096)

To fix the issue, /etc/likewise/openldap/ldap.conf needs to configure. The default cache value on the file is 4096 or 4K. Since the file is read-only, the bootbank needs to recreate to update this file.

In the example below, the default value of 4K has been changed to 512K.

vsish -e set /sched/groups/$(vsish -e set /sched/groupPathNameToID host vim vmvisor likewise | cut -d ‘ ‘ -f 1)/increaseMemMinMaxInMB max=200

cd /vmfs/volumes/<DATASTORE>
zcat /bootbank/s.v00 > /vmfs/volumes/<DATASTORE>/s.vtar
vmtar -vx ./s.vtar -o /vmfs/volumes/<DATASTORE>/temp/s.tar
rm /vmfs/volumes/<DATASTORE>/s.vtar
cd /vmfs/volumes/<DATASTORE>/temp
tar xf s.tar
rm s.tar
sed -i “s@4096@524288@” /etc/likewise/openldap/ldap.conf
tar cvf ../s-new.tar *
cd ..
vmtar -c s-new.tar -o s-new.vtar

Wait for a moment before run next commonds, otherwise you will see error message –

gzip s-new.vtar
cp /bootbank/s.v00 /vmfs/volumes/NNMGT01_DSC01_001/s.v00.orig
cp s-new.vtar.gz /bootbank/s.v00