KLX351AU
Contributor
Contributor

VCSA 6.7 install failing due to LDAP error

Jump to solution

Hi all,

I'm installing VCSA in workstation, in stage 2 I'm having issues with the process failing due to LDAP Error.

Stage 1 I have the hostname set to vcenter.local, and it resolves both forward and reverse.

For the SSO I set the domain to vsphere.local, also tried vcenter.local, it failed with the same error.

Does SSO require a value LDAP server running on AD? I don't have a windows server, does this mean I can't install VCSA?

Thanks

0 Kudos
1 Solution

Accepted Solutions
daphnissov
Immortal
Immortal

Word of advice for the future:  Limit all special characters to only a "!" because inevitably any other special character will produce a failure somewhere.

View solution in original post

0 Kudos
11 Replies
daphnissov
Immortal
Immortal

You're getting this error because "vsphere.local" is a reserved name used only for the internal SSO process (which you should leave at the default during installation). You cannot name vCSA or any of the hosts it manages with the vsphere.local domain. So change your domain, ensure you have forward and reverse DNS resolution, and try again.

0 Kudos
KLX351AU
Contributor
Contributor

Thanks for the reply, on the console I access the web portal using https://vcenter.local:5480, and I have forward and reverse DNS setup for this.

vcenter.local = 192.168.100.26

On the SSO setup, what domain should I be using? Do I not populate the domain name, or choose something different, eg sso-vcenter.local?
If I do use sso-vcenter.local, do I point that to the same IP as the host? 192.168.100.26, or create a new IP?

Thanks again!

0 Kudos
daphnissov
Immortal
Immortal

When you deploy vCSA, use the default SSO domain of just "vsphere.local" like it already has there. Don't change that. For the hostname of your vCenter, that needs to be on a totally separate domain. Something like "myname.local" or "foo.bar". Whatever it is, just don't make it vsphere.local. You need A and PTR records for this hostname.

0 Kudos
KLX351AU
Contributor
Contributor

I've completed stage 1 and hostname of the vcenter is as below.

console.png

Dig Results

dig.png

In stage 2, I'm actually typing in "vsphere.local" in the SSO Domain field, if I don't enter any text there is greyed out text "vsphere.local"

Should I NOT put any text in this field, and only populate a password?

Thanks

0 Kudos
daphnissov
Immortal
Immortal

Put vsphere.local in for good measure.

0 Kudos
KLX351AU
Contributor
Contributor

And point that to the same IP 192.168.100.26 ?

0 Kudos
daphnissov
Immortal
Immortal

I'm confused. Where are you talking about? The SSO domain name only is "vsphere.local". Anything else should be on your own internal domain.

0 Kudos
KLX351AU
Contributor
Contributor

Failed with the same issue, I've downloaded the logs, however there's quite a few in the tar ball. Happy to post the contents, which log file should I be looking at?

error.png

0 Kudos
KLX351AU
Contributor
Contributor

I managed to FINALLY get this installed and working, the issue appears to be the password I'd used for SSO, it contained a $, replaced it with an @ and bingo!

Appreciate the help.

Thanks

0 Kudos
daphnissov
Immortal
Immortal

Word of advice for the future:  Limit all special characters to only a "!" because inevitably any other special character will produce a failure somewhere.

View solution in original post

0 Kudos
KLX351AU
Contributor
Contributor

I actually had to redeploy, I was having issues with SSO, created a different password only using ! as the special character and it working great now.

Thanks

0 Kudos