VMware Cloud Community
Josh26
Virtuoso
Virtuoso

Login failed, U4

I have three ESX hosts. Two are vCenter managed, one is just runnign ESXi free.

We placed all three into lockdown mode. They all ran fine. Then we applied U4 (to both vCenter and all hosts). Ever since, the two that are vCenter managed, have been spamming their event logs like this:

Failed to login user : No permission

It's been going about two per second, for the last few days. These boxes are on a private network, the only machine that has networking access to them is the vCenter machine. Virtualcenter management seems to be running fine however.

Reply
0 Kudos
9 Replies
JasonBarnes
Contributor
Contributor

This is because of the lockdown mode.

Please shutdown CIM and see if the messages go away.

-


Thanks,

Jason Barnes

VPS-Hosting

www.vps-hosting.ca

ESX Server Hosting :: Server Co-Location :: Support Services

-------------------------- Thanks, Jason Barnes VPS-Hosting www.vps-hosting.ca ESX Server Hosting :: Server Co-Location :: Support Services
Reply
0 Kudos
Josh26
Virtuoso
Virtuoso

I don't fully follow.

How does someone shutdown CIM?

Won't shutting down CIM break any hardware monitoring? Is it known that lockdown mode breaks CIM in some way?

Reply
0 Kudos
Josh26
Virtuoso
Virtuoso

Some additional information here.

The "target" on these events is always empty. If I connect to either of the hosts directly, there is nothing logged. It appears the problem is failed logons directly on the vCenter server.

Reply
0 Kudos
MarkBK
Contributor
Contributor

We have the same issue. Clearing and then reenabling lockdown mode will stop the issue for a while. Our logs are constantly filling and so I would like to fix this issue.

Josh26
Virtuoso
Virtuoso

Seems to be an easily replicable issue for some environments. Just enable lockdown mode, and away you go.

This is frustrating - lockdown mode is fairly important for security, given there's no firewalling built into ESXi and the root username is well known.

Reply
0 Kudos
Dave_Mishchenko
Immortal
Immortal

What's being logged to hostd.log?

Reply
0 Kudos
MarkBK
Contributor
Contributor

Just the same thing over and over every few seconds.

Log for VMware ESX Server, pid=1581, version=3.5.0, build=build-158869, option=Release, section=459

ot

Event 197555 : Failed to login user root@127.0.0.1: No permission

Activation : Invoke done on

Throw vim.fault.NoPermission

Result:

(vim.fault.NoPermission) {

dynamicType = ,

object = 'vim.Folder:ha-folder-root',

privilegeId = "System.View",

msg = ""

}

: User root

Event 197556 : Failed to login user root@127.0.0.1: No permission

Activation : Invoke done on

Throw vim.fault.NoPermission

Result:

(vim.fault.NoPermission) {

dynamicType = ,

object = 'vim.Folder:ha-folder-root',

privilegeId = "System.View",

msg = ""

}

: User root

Event 197557 : Failed to login user root@127.0.0.1: No permission

Activation : Invoke done on

Throw vim.fault.NoPermission

Result:

(vim.fault.NoPermission) {

dynamicType = ,

object = 'vim.Folder:ha-folder-root',

privilegeId = "System.View",

msg = ""

}

: User root

Event 197558 : Failed to login user root@127.0.0.1: No permission

Activation : Invoke done on

Throw vim.fault.NoPermission

Result:

(vim.fault.NoPermission) {

dynamicType =

cc

Subject

New message: "Login failed, U4"

,

A new message was posted in the thread "Login failed, U4":

http://communities.vmware.com/message/1249082#1249082

Author : Dave.Mishchenko

Profile : http://communities.vmware.com/people/Dave.Mishchenko

Message:

Reply
0 Kudos
MarkCrossley
Enthusiast
Enthusiast

Does anyone have a solution for this? We have the same problem with ESXi 3.5 U4 - HP version. We need to have Lockdown mode enabled for security.

Mark

Reply
0 Kudos
MarkBK
Contributor
Contributor

We opened an SR with VMware (1218081901). They acknowledged the issue. They said it would be fixed in a future release. The SR is still pending.

In the meantime we just disable lockdown mode after any restart. Then we reenable it. This seems to work around the problem.

Mark

Reply
0 Kudos