Yesterday we were having trouble trying to login and it looked like it was the service for the vCenter server wouldn’t start. Done a couple of reboots and troubleshooting the error. It was coming back with an issue with the transaction log in the database to say it was full and needed to be amended to unlimited the transaction log. We couldn’t get onto the internal database as we don’t have access or the SA password.
We had a snapshot of the server and I went back to it but looked like it was a while back. Services that are needed are starting ok and everything looks ok but when I try login it doesn't like my username and password. It looks like it’s out of sync with my AD details and any other details.
I have been troubleshooting it online all yesterday and today but getting nowhere.
Have you come across this before? Any help would be much appreciated.
Try to login to vCenter using SSO credential, I hope that it should work.
Then try to avoid database issue, by setting retention policy for database logs. Refer: https://www.vmadmin.co.uk/resources/36-virtualcenter/247-vcenterdbretention
Sorry forgot to show screenshot of error message im getting now.
Just to note ROOT password not working either. I can only log directly into the ESXi hosts but its the vCenter i need to get into.
Thanks for your reply Ganesh but SSO Credentials not working either. I never setup the SSO Server but was sure the password I had would work but its doesnt like any passwords.
Is it a vcenter appliance?? What is the service status now. Service is up and are you not able to login?
vCenter version?
No its Windows based Suresh, Service is up and not able to login
5.1.0.34460 Ganesh
Workaround: When vCenter Single Sign On is installed on a Windows system, Active Directory users with custom suffixes must log into the vSphere Web Client by entering their user name and password, where the user name has the non-customized domain name as a suffix. This workaround is only valid for users who know their Windows system credentials.
========================================================================================================================
Are you able to relate your issues with the above "known issue" in vSphere 5.1??? Source: vSphere 5.1 Release Notes
Also look at the below in the same link provided in the above post:
Active Directory domain to which vCenter Server system belongs does not appear in the Single Sign On server list of identity sources
On Windows, if vCenter Server is installed on a machine that is joined to an Active Directory domain, the domain users do not appear in the vSphere Client or the vSphere Web Client. On Linux, the error message Unable to retrieve domain user appears.
Workaround: Configure a reverse forward lookup zone, a related pointer record, and synchronize the system clock.
Yeh i know what you mean Ganesh, So instead of using domain\username use username@domain. Made sure I was using the correct UPN Prefix.
Tried that but didnt work me unfortunately.
I didnt have the web client installed cause we never needed it but I cant even install it now with the details I have. it is saying it cant find the lookup service.
Is it wise to reinstall anything?
If you are running with older updates, Try to install newer ones. Get to know your build number and check VMware KB: Correlating VMware products build numbers to update levels to verify which "update" you are using currently.
Hi Ganesh, I cant see an update fixing this as it was working before.
it has to be something with the snapshot I used to go back, so its like its out of sync with the internal database.
Any other idea would be great please?
Found out in the IMSTRACE log that it was trying to connect to the old DC :smileyconfused::smileyconfused: was able to go into the database and change were it was pointing to.
Now the vcenter server service wont start - error code 2. This error is something with the transaction logs which I fixed but still the service wont start.
Has to be something else outstanding in the database that wont work.
What your VPXD log says? Please upload it, If it is possible.
Log location is "C:\ProgramData\VMware\VMware VirtualCenter\Logs\
"
2015-06-23T11:44:50.276+01:00 [04968 error 'Default'] Found dangling SSL error: [0] error:00000001:lib(0):func(0):reason(1)
2015-06-23T11:44:50.276+01:00 [04968 error 'Default'] Found dangling SSL error: [1] error:00000001:lib(0):func(0):reason(1)
2015-06-23T11:44:50.276+01:00 [04968 error '[SSO][SsoFactory_CreateFacade]'] Unable to create SSO facade: vmodl.fault.SystemError.
These are the errors what I see from the attached VPXD log file. Resolution for the same is described here - VMware KB: vCenter Server 5.1 fails to start with the error: Unable to create SSO facade: Invalid re...
Hope it will help you !!!
Hi,
Check with the Ganesh option, alternately you can check with this solution also might be because of this cause.
CAUSE :- In Single Sign-On (SSO), user authentication against AD is done via Lightweight Directory Access Protocol (LDAP) binds. This issue occurs if Log on to is restricted for a user, to a specific set of computers. LDAP binds to the AD domain controller will only be successful if AD Domain Controller is explicitly added to the list of allowed machines.
To resolve this issue, edit the Active Directory User and specify the Domain Controller (DC) in the list of workstations the user has permissions to logon to.
To edit the Active Directory User and specify the Domain Controller:
Came across that KB earlier but didn't work for me either, Restarted the server just to make sure but didn't work either.
Still receiving the error code 2. I think I have gone through all the error code 2 KB articles but nothing works.
Just to note, I have noticed that VMware vSphere Profile-Driven Storage Service keeps stopping. I don't know if this is any relevance to the VirtualCenter Service