VMware Cloud Community
dschro
Contributor
Contributor

VCenter 5.5 constant login failures with Identity Management Service

I recently changed a domain account password and now on the vcenter server there are constant login failures that reference the VMware identity management service.   The service is logging in as a local system and is running.  Everything appears to be working within VMware and I can login using SSO but I constantly am getting login failures for that account.

Tags (2)
Reply
0 Kudos
10 Replies
greco827
Expert
Expert

Are you sure that same account and password weren't used somewhere else, like for a vROps registration or something along those lines? 

If you find this or any other answer useful please mark the answer as correct or helpful https://communities.vmware.com/people/greco827/blog
Reply
0 Kudos
dschro
Contributor
Contributor

So far I have shutdown the VCops, vshield manager, and 3 other servers that could use the login but it still happens.  In the log the source and destination machine is the vcenter server.

Reply
0 Kudos
greco827
Expert
Expert

Just to make sure it's not some strange coincidence, could you change the password back to what it previously was and see if the login failures cease?

If you find this or any other answer useful please mark the answer as correct or helpful https://communities.vmware.com/people/greco827/blog
Reply
0 Kudos
dschro
Contributor
Contributor

I can't because that account has other processes that run under it.  But looked into some more logs and found this

015-09-16 09:15:39,056 ERROR  [ServerUtils] Exception 'com.vmware.identity.idm.IDMLoginException: The user name or password is incorrect.'

com.vmware.identity.idm.IDMLoginException: The user name or password is incorrect.

at com.vmware.identity.idm.server.IdentityManager.authenticate(IdentityManager.java:2481)

at sun.reflect.GeneratedMethodAccessor11.invoke(Unknown Source)

at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)

at java.lang.reflect.Method.invoke(Unknown Source)

at sun.rmi.server.UnicastServerRef.dispatch(Unknown Source)

at sun.rmi.transport.Transport$2.run(Unknown Source)

at sun.rmi.transport.Transport$2.run(Unknown Source)

at java.security.AccessController.doPrivileged(Native Method)

at sun.rmi.transport.Transport.serviceCall(Unknown Source)

at sun.rmi.transport.tcp.TCPTransport.handleMessages(Unknown Source)

at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(Unknown Source)

at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.access$400(Unknown Source)

at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler$1.run(Unknown Source)

at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler$1.run(Unknown Source)

at java.security.AccessController.doPrivileged(Native Method)

at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(Unknown Source)

at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)

at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)

at java.lang.Thread.run(Unknown Source)

2015-09-16 09:15:39,056 INFO   [IdentityManager] Authentication failed for user [Username] in tenant [vsphere.local] in [46] milliseconds

Reply
0 Kudos
greco827
Expert
Expert

That looks to me to be an SSO issue.  Was this account used to configure the Active Directory or Open LDAP identity source?

Check this KB if you haven't already.  VMware KB: Logging into the vSphere Web Client 5.5 fails with the error: Provided credentials are no...

If you find this or any other answer useful please mark the answer as correct or helpful https://communities.vmware.com/people/greco827/blog
Reply
0 Kudos
dschro
Contributor
Contributor

It is using the active directory integrated authentication and I have deleted it and re-added and set it as the default domain as per that article but same thing happens.

Reply
0 Kudos
greco827
Expert
Expert

Maybe try using the machine account option rather than the SPN (if you haven't already).

If you find this or any other answer useful please mark the answer as correct or helpful https://communities.vmware.com/people/greco827/blog
Reply
0 Kudos
dschro
Contributor
Contributor

So I tried restarting the vcenter server after setting the default name now the local administrator account is failing to login trying to login to the domain.  I'll try your other option to.

Reply
0 Kudos
dschro
Contributor
Contributor

I looked and it was already using the machine account.

Reply
0 Kudos
dschro
Contributor
Contributor

This is resolved.  It was the server the anti-virus uses for agentless anti-virus.

Reply
0 Kudos