- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks for the reply Vijay2027, you nailed it, I ended up opening a ticket with VMware support. They checked these log files:
- /var/log/vmware/rbd/rbd-cgi.log (VCSA)
- /var/log/vmware/vmcad/vmcad-syslog.log (PSC)
We have an external PSC deployment in our environment, the key was in the following lines of the vmcad-syslog.log file:
2019-10-18T18:27:47.942203+00:00 warning vmcad t@140271253645056: error code: 0x00000005
2019-10-18T18:27:47.942370+00:00 warning vmcad t@140271253645056: error code: 0x00000005
2019-10-18T18:27:47.942537+00:00 warning vmcad t@140271253645056: error code: 0x00000005
2019-10-18T18:28:08.373709+00:00 info vmcad t@140271253645056: VMCACheckAccessKrb: Authenticated user waiter-d0cef9c5-5f40-4671-83f7-f611d19354cb@vsphere.local
2019-10-18T18:28:08.380445+00:00 info vmcad t@140271253645056: Checking upn: cn=CAAdmins,cn=Builtin,dc=vsphere,dc=local against CA admin group: waiter-d0cef9c5-5f40-4671-83f7-f611d19354cb@vsphere.local
2019-10-18T18:28:08.380970+00:00 warning vmcad t@140271253645056: error code: 0x00000005
2019-10-18T18:28:08.381299+00:00 warning vmcad t@140271253645056: error code: 0x00000005
2019-10-18T18:28:08.381563+00:00 warning vmcad t@140271253645056: error code: 0x00000005
2019-10-18T18:28:09.205803+00:00 info vmcad t@140271253645056: VMCACheckAccessKrb: Authenticated user waiter-d0cef9c5-5f40-4671-83f7-f611d19354cb@vsphere.local
2019-10-18T18:28:09.210938+00:00 info vmcad t@140271253645056: Checking upn: cn=CAAdmins,cn=Builtin,dc=vsphere,dc=local against CA admin group: waiter-d0cef9c5-5f40-4671-83f7-f611d19354cb@vsphere.local
What support ended up doing is connecting via LDAP (with JXplorer) to the PSC and creating that waiter-d0cef9c5-5f40-4671-83f7-f611d19354cb@vsphere.local user that was missing from the CAAdmins group.After this user was created I was able to re-deploy the ESXi host without any issue. There were 2 other waiter users with a different string of chars after them but for some reason Auto Deploy was looking for this one specifically but was missing from that group of users.
I hope this helps.
