VMware Cloud Community
KLX351AU
Contributor
Contributor
Jump to solution

VCSA 6.7 install failing due to LDAP error

Hi all,

I'm installing VCSA in workstation, in stage 2 I'm having issues with the process failing due to LDAP Error.

Stage 1 I have the hostname set to vcenter.local, and it resolves both forward and reverse.

For the SSO I set the domain to vsphere.local, also tried vcenter.local, it failed with the same error.

Does SSO require a value LDAP server running on AD? I don't have a windows server, does this mean I can't install VCSA?

Thanks

Reply
0 Kudos
1 Solution

Accepted Solutions
daphnissov
Immortal
Immortal
Jump to solution

Word of advice for the future:  Limit all special characters to only a "!" because inevitably any other special character will produce a failure somewhere.

View solution in original post

Reply
0 Kudos
11 Replies
daphnissov
Immortal
Immortal
Jump to solution

You're getting this error because "vsphere.local" is a reserved name used only for the internal SSO process (which you should leave at the default during installation). You cannot name vCSA or any of the hosts it manages with the vsphere.local domain. So change your domain, ensure you have forward and reverse DNS resolution, and try again.

Reply
0 Kudos
KLX351AU
Contributor
Contributor
Jump to solution

Thanks for the reply, on the console I access the web portal using https://vcenter.local:5480, and I have forward and reverse DNS setup for this.

vcenter.local = 192.168.100.26

On the SSO setup, what domain should I be using? Do I not populate the domain name, or choose something different, eg sso-vcenter.local?
If I do use sso-vcenter.local, do I point that to the same IP as the host? 192.168.100.26, or create a new IP?

Thanks again!

Reply
0 Kudos
daphnissov
Immortal
Immortal
Jump to solution

When you deploy vCSA, use the default SSO domain of just "vsphere.local" like it already has there. Don't change that. For the hostname of your vCenter, that needs to be on a totally separate domain. Something like "myname.local" or "foo.bar". Whatever it is, just don't make it vsphere.local. You need A and PTR records for this hostname.

Reply
0 Kudos
KLX351AU
Contributor
Contributor
Jump to solution

I've completed stage 1 and hostname of the vcenter is as below.

console.png

Dig Results

dig.png

In stage 2, I'm actually typing in "vsphere.local" in the SSO Domain field, if I don't enter any text there is greyed out text "vsphere.local"

Should I NOT put any text in this field, and only populate a password?

Thanks

Reply
0 Kudos
daphnissov
Immortal
Immortal
Jump to solution

Put vsphere.local in for good measure.

Reply
0 Kudos
KLX351AU
Contributor
Contributor
Jump to solution

And point that to the same IP 192.168.100.26 ?

Reply
0 Kudos
daphnissov
Immortal
Immortal
Jump to solution

I'm confused. Where are you talking about? The SSO domain name only is "vsphere.local". Anything else should be on your own internal domain.

Reply
0 Kudos
KLX351AU
Contributor
Contributor
Jump to solution

Failed with the same issue, I've downloaded the logs, however there's quite a few in the tar ball. Happy to post the contents, which log file should I be looking at?

error.png

Reply
0 Kudos
KLX351AU
Contributor
Contributor
Jump to solution

I managed to FINALLY get this installed and working, the issue appears to be the password I'd used for SSO, it contained a $, replaced it with an @ and bingo!

Appreciate the help.

Thanks

Reply
0 Kudos
daphnissov
Immortal
Immortal
Jump to solution

Word of advice for the future:  Limit all special characters to only a "!" because inevitably any other special character will produce a failure somewhere.

Reply
0 Kudos
KLX351AU
Contributor
Contributor
Jump to solution

I actually had to redeploy, I was having issues with SSO, created a different password only using ! as the special character and it working great now.

Thanks

Reply
0 Kudos