I have three ESX hosts. Two are vCenter managed, one is just runnign ESXi free.
We placed all three into lockdown mode. They all ran fine. Then we applied U4 (to both vCenter and all hosts). Ever since, the two that are vCenter managed, have been spamming their event logs like this:
Failed to login user : No permission
It's been going about two per second, for the last few days. These boxes are on a private network, the only machine that has networking access to them is the vCenter machine. Virtualcenter management seems to be running fine however.
This is because of the lockdown mode.
Please shutdown CIM and see if the messages go away.
-
Thanks,
Jason Barnes
VPS-Hosting
ESX Server Hosting :: Server Co-Location :: Support Services
I don't fully follow.
How does someone shutdown CIM?
Won't shutting down CIM break any hardware monitoring? Is it known that lockdown mode breaks CIM in some way?
Some additional information here.
The "target" on these events is always empty. If I connect to either of the hosts directly, there is nothing logged. It appears the problem is failed logons directly on the vCenter server.
We have the same issue. Clearing and then reenabling lockdown mode will stop the issue for a while. Our logs are constantly filling and so I would like to fix this issue.
Seems to be an easily replicable issue for some environments. Just enable lockdown mode, and away you go.
This is frustrating - lockdown mode is fairly important for security, given there's no firewalling built into ESXi and the root username is well known.
What's being logged to hostd.log?
Just the same thing over and over every few seconds.
Log for VMware ESX Server, pid=1581, version=3.5.0, build=build-158869, option=Release, section=459
ot
Event 197555 : Failed to login user root@127.0.0.1: No permission
(vim.fault.NoPermission) {
dynamicType = ,
object = 'vim.Folder:ha-folder-root',
privilegeId = "System.View",
msg = ""
}
Event 197556 : Failed to login user root@127.0.0.1: No permission
(vim.fault.NoPermission) {
dynamicType = ,
object = 'vim.Folder:ha-folder-root',
privilegeId = "System.View",
msg = ""
}
Event 197557 : Failed to login user root@127.0.0.1: No permission
(vim.fault.NoPermission) {
dynamicType = ,
object = 'vim.Folder:ha-folder-root',
privilegeId = "System.View",
msg = ""
}
Event 197558 : Failed to login user root@127.0.0.1: No permission
(vim.fault.NoPermission) {
dynamicType =
cc
Subject
New message: "Login failed, U4"
,
A new message was posted in the thread "Login failed, U4":
http://communities.vmware.com/message/1249082#1249082
Author : Dave.Mishchenko
Profile : http://communities.vmware.com/people/Dave.Mishchenko
Message:
Does anyone have a solution for this? We have the same problem with ESXi 3.5 U4 - HP version. We need to have Lockdown mode enabled for security.
Mark
We opened an SR with VMware (1218081901). They acknowledged the issue. They said it would be fixed in a future release. The SR is still pending.
In the meantime we just disable lockdown mode after any restart. Then we reenable it. This seems to work around the problem.
Mark