Launching soon: The world's first vendor agnostic bug scrubLearn more & join waitlist
OPERATIONAL DEFECT DATABASE
...
...
Instant clones fail to complete customization and fail on the creation of the computer account in Active Directory:Instant Clone Provisioning fails with a Log Line entry similar to the below in a Connection Server debug file: Location of Horizon (VDM) log files (1027744) Error during Provisioning Initial publish failed: Fault type is AD_FAULT_FATAL - com.vmware.daas.cloneprep.ldap.LdapException: createComputerAccount: Fail to create computer account , entryDn: CN=,OU,OU=,OU=,OU=,DC=,DC=, description: Internal Template account. Can be deleted if vm cp-template-e7e9e57f-08a9-46f9-xxxx-c63afxx012fb does not exist in the VC. - unable to create entry, resultCode=52 (unavailable), errorMessage=000020EF: SvcErr: DSID-0319018F, problem 5002 (UNAVAILABLE), data 1285 Error during Provisioning Initial publish failed: Fault type is AD_FAULT_FATAL - com.vmware.daas.cloneprep.ldap.LdapException: createComputerAccount: Fail to set entry password and enable account test, entryDn: CN=*,OU=*,OU=*,DC=*,DC=*,DC=*, description: Internal Template account. Can be deleted if vm cp-template-* does not exist in the VC. - entry already exists: CN=vm,OU=*,OU=*,DC=*,DC=*,DC=* (resultCode=68 (entry already exists), errorMessage=00000524: UpdErr: DSID-031A1261, problem 6005 (ENTRY_EXISTS), data 0 ) For intermittent AD faults, please reference AD_FAULT_RETRYABLE - unable to contact peer: unable to create connection pool Instant Clone Creation Error (91071)
Horizon relies on API calls to the active directory to process jobs in a timely manner. Environmental Matters and Customization Issues can have varied causes, Please see these resources for additional context: Troubleshooting Vmware Horizon Machines that do not complete Customization (83985) Horizon View Best Practices: Parent Image Creation and Maintenance. (90152) This can occur when you are trying to create a new computer account in an Active Directory domain using LDAP protocol, and the operation fails.resultCode=68 (entry already exists) indicated the presence of an existing entry in the database that is a match for the requested DN.resultCode=52 (unavailable) indicates that the server is currently not available to process the requested operation. Causes can vary including Server not ready to process request Resources that the server are reliant on are unavailable due to administrative operations or other causes.
Ensure the computer account used for the domain join has all appropriate permissions needed to complete the task. Create a User Account for Instant-Clone OperationsEnsure there is no conflict in terms of the computer name , that it does not conflict with any existing object in active directory outside of Horizon View.Check the event logs of the domain controller for any errors or warnings related to the creation of the computer account utilizing the timestamp of the failure message in the horizon logs to filter results.Often, an unavailable result code 52 may be an transitory issue and a retry or resubmission of the provisioning task could succeed.
This is a child article of AD_FAULT_FATAL: An Index of Instant Clone Creation Errors returned by Active Directory (91065)