Masters,
Vsphere Client and Vcenter both version 5.1
On May.29 one of our Exchange certificate experied. (IMAP, POP, IIS, SMTP services was assigned to this certificate). We created a new self-signed certficate, and assigned the services to this new one.
Unfortunatelly the backups stopped working on this day evening.
The error messages on backup tasks:
Cannot complete login due to an incorrect user name or password.
The error message:
The error message when try to browse the vcenter server on Veeam --> Virtual machines
Failed to login to "192.168.1.7" by SOAP, PORT 443, user "mydomain\administrator", proxy srv port:0
Cannot complete login due to an incorrect user name or password.
When i connect to the windows server which host the Vcenter Server via RDP and start Vsphere client to connect with domain user i get the following error:
A general system error occured:Authorize Exception.
I tried to restart SSO and Vcenter services with no luck.
Ist it possible the problem caused the experied certificate?
Any help apperitiated!
Hi,
Did you check here ? http://vhorizon.co.uk/veeam-backup-failed-unable-to-login-error/
An upgrade of your ESXi or vcenter recently?
Can you provide somes logs? like system or application event.
Regards,
Julien VARELA.
Nope. I did'nt try this.
There was no upgrade, so in this case the root of the problem is the certificate which expired.
I think i need to "update" the certificate somewhere but i don't find any options in Vsphere Client. I think i have to do with the Web Client but web client not installed.
1. I tried to install but need the admin@system.local password which i don't know
2. I tried a few blog which explain how to replace "predefined" password hash (VMware1234!) but even i replace the installer can't accept when try to install WebClient
3. I installed a test server, with test vcenter and try to import tables from test RSA database to the original database but:
- i don't know which tables need i import/export
- i don't know if i need to import vim_exprs database too?
4. I tried to detach - atache the test mdf into the productive server but i can't because version differenties.
So i think i will reinstall the full vcenter, but i have to find a good tutorial:
- how to reinstall vcenter (how to keep settings..)
- will this affect the Veeam backup (may i reinstall / reconfigure veaam too?)
you can reset your admin password with this kb article:
VMware KB: Unlocking and resetting the VMware vCenter Single Sign-On administrator password
When i try to connect with "use windows credetials" the user name and password filed greyed out, and the backgrund i see user MYDOMAIN\administrator
But if i check the VPXD-981.log file which is updated when trying to connect i see MYDOMAIN\myusername. But i don't understand not see the mydomain\administrator
47d124b8-3649-d299-8c23-03e92d6819ef
2015-06-04T13:52:59.949+02:00 [05844 info '[SSO]' opID=b2f7c219] [UserDirectorySso] Authenticate(<MYDOMAIN\myusername>, "not shown")
2015-06-04T13:53:00.105+02:00 [05844 error '[SSO]' opID=b2f7c219] [UserDirectorySso] AcquireToken SsoException: Unexpected SOAP fault: ns0:RequestFailed; request failed.
2015-06-04T13:53:00.105+02:00 [05844 error 'authvpxdUser' opID=b2f7c219] Failed to authenticate user <MYDOMAIN\myusername>
2015-06-04T13:53:03.116+02:00 [05844 info 'commonvpxLro' opID=b2f7c219] [VpxLRO] -- FINISH task-internal-30767 -- -- vim.SessionManager.login --
2015-06-04T13:53:03.116+02:00 [05844 info 'Default' opID=b2f7c219] [VpxLRO] -- ERROR task-internal-30767 -- -- vim.SessionManager.login: vim.fault.InvalidLogin:
--> Result:
--> (vim.fault.InvalidLogin) {
--> dynamicType = <unset>,
--> faultCause = (vmodl.MethodFault) null,
--> msg = "",
--> }
--> Args:
-->
i dont't know the master password to reset the SSO admin password...
Check this thread ... Re: vCenter Single Sign On master password
Thank you but thats not work. I don't know why.
I run the query below, and run succesfull. If i check the password field i see tha hash is changed as expected. I restarted the SSO service, and try to install WebClient.
Unfortunatelly the installer say the "provided credetials not valid".
So i don't know what happenin' but the hash replaced with sql query and password not accepted...
if SSO password ( admini@system-domain ) needs to be reset, please execute below query on RSA database:
UPDATE
[dbo].[IMS_PRINCIPAL]
SET
[PASSWORD] = '{SSHA256}KGOnPYya2qwhF9w4xK157EZZ/RqIxParohltZWU7h2T/VGjNRA=='
WHERE
LOGINUID = 'admin'
AND
PRINCIPAL_IS_DESCRIPTION = 'Admin';
This will reset the password to "VMware1234!", after which you login and change the password as needed.
Note: Take backup of RSA database before executing this