After configuring the AD authentication on the ESXi 6.0 as per the KB 2075361 , we were not able to login to the ESX shell using the AD Authentication .
From the /var/log/ auth.log , we have noticed the below error.
pam_access(sshd:auth): access denied for user
sshd: [module:pam_lsass]pam_sm_authenticate: failed [error code:40286
As per the KB 2145400 it is mentioned as the known issue and also mentioned the workaround but it didnt help so we contacted the VMware support and they fixed the issue by doing the changes below.
1. Run the command
cp /etc/likewise/openldap/ldap.conf /tmp <—- Copy the file ldap.conf to /tmp directory
2. give write permission to /tmp/ldap.conf
chmod +w /tmp/ldap.conf
3. Modify the file /tmp/ldap.conf to set buffer size to 15KB
Replace the line ‘SASL_SECPROPS maxbufsize=40960’ with ‘SASL_SECPROPS maxbufsize=5242880‘ –> 5 MB
4. Save the file
5. Copy /tmp/ldap.conf to /etc/likewise/openldap/ldap.conf
6. Verify the contents of /etc/likewise/openldap/ldap.conf is modified.
7. restart the likewise daemon lwsmd