VMware Cloud Community
stabnom
Contributor
Contributor
Jump to solution

Adding ESXi 7.0 to vCenter fails due to incorrect credentials

Hello

I've stumbled upon problem with adding ESXi 7.0.0 Build 16324942 host to my vCenter 7.0.1Build:16858589. When i'm adding it by the root credentials it's added without problems, but when i'm trying to do the same thing but with custom user, with Administrator privileges, i'm getting "Could not connect to the host due to an invalid username and password combination" even i'm sure that credentials are right, because i can log in with them to ESXi UI and by ssh. Licences are fine, adding older ESXi hosts, like 6.7 works perfecly fine. I'm attaching vpxd.log, vsphere_client_virgo.log and screen of error i'm getting. 

If there are more information i can provide do not hestiate to ask.

Best regards 

Reply
0 Kudos
1 Solution

Accepted Solutions
Ajay1988
Expert
Expert
Jump to solution

Follow   https://kb.vmware.com/s/article/79905 

If you think your queries have been answered
Mark this response as "Correct" or "Helpful".

Regards,
AJ

View solution in original post

Tags (1)
6 Replies
Lalegre
Virtuoso
Virtuoso
Jump to solution

Hey @stabnom,

I do not think this is possible and however you should not concern of which user you use to add the ESXi to vCenter as it is only used at the beginning and then vCenter creates the vpxuser in to the ESXi with a random password that is fully encrypted in the vCenter database.

 

stabnom
Contributor
Contributor
Jump to solution

Hi @Lalegre,
Thanks for fast reply.

Unfortunatelly it is possible and even if it's not neccessary to log in as any different user, we have some automated solutions with other credentials and it would be bit time consuming, if we have to change it.
some things that looks odd is that in vpxd log were getting

 

2021-01-12T11:10:14.553Z info vpxd[09235] [Originator@6876 sub=[SSO][SsoCertificateManagerImpl] opID=kjtvqrk6-499-auto-dx-h5:70000329-5d] Try to connect to SSO VMOMI endpoint
2021-01-12T11:10:14.601Z error vpxd[09235] [Originator@6876 sub=TrustedInfrastructure.HostConfig opID=kjtvqrk6-499-auto-dx-h5:70000329-5d] [StsUploader] Failed to set STS certificates to host '10.172.181.177'. Error:
--> Error:
-->    com.vmware.vapi.std.errors.unauthorized
--> No messages!
--> 
2021-01-12T11:10:14.776Z info vpxd[17294] [Originator@6876 sub=vpxLro opID=vb-75:auto-name-15:01-e] [VpxLRO] -- BEGIN lro-2086 -- ResourceModel -- vim.dp.ResourceModel.queryBatch -- 52176f76-a9d4-e826-0a5c-95ef15dfd90d(52563083-b2cc-7676-cd8d-f1dad3310c7a)

 

according to which, it may be certificate problem. Also, there is that snippet

2021-01-12T11:10:05.852Z info vpxd[17353] [Originator@6876 sub=Default opID=kjtvqrk6-487-auto-dk-h5:70000320-84] [VpxLRO] -- ERROR lro-2050 -- datacenter-1267 -- vim.Datacenter.queryConnectionInfo: vim.fault.SSLVerifyFault:
--> Result:
--> (vim.fault.SSLVerifyFault) {
-->    faultCause = (vmodl.MethodFault) null, 
-->    faultMessage = <unset>, 
-->    selfSigned = false, 
-->    thumbprint = "D4:CA:AE:5A:8E:38:0C:53:AA:9D:96:1D:AB:03:45:C6:14:AA:DC:D9"
-->    msg = ""
--> }
--> Args:
--> 
--> Arg hostname:
--> "10.172.181.177"
--> Arg port:
--> -1
--> Arg username:
--> "vci"
--> Arg password:
--> (not shown)
--> 
--> Arg sslThumbprint:

which i believe is somehow responsible for verification, but the thumbprint is different from the one that we can see at DCUI of ESXi.

Reply
0 Kudos
Lalegre
Virtuoso
Virtuoso
Jump to solution

May I know if DNS and NTP is properly configured in the ESXi.

Looking for the error it seems that it is related with the Security Token Service and it could be an issue with vCenter Server but I do not think you are facing expiration as this is probably a newly installed one. 

Silly question but have you applied the administrator role by using the ESXi Host Client? Does the user appears in /etc/passwd?

 

Ajay1988
Expert
Expert
Jump to solution

Follow   https://kb.vmware.com/s/article/79905 

If you think your queries have been answered
Mark this response as "Correct" or "Helpful".

Regards,
AJ
Tags (1)
stabnom
Contributor
Contributor
Jump to solution

Gentlemen,

Thank You both for help, the solution provided by @Ajay1988 works like charm !  

Best regards

Reply
0 Kudos
albatros99
Enthusiast
Enthusiast
Jump to solution

please use the new version 7.01C for vsphere and vcenter, then the problem is solved.

i had the same issue!

cg

Reply
0 Kudos