Hello,
I'm in the last step of hardening our domain network to use LDAPS rather than LDAP and the only thing left I need to reconfigure is the vCenter Identity source.
But, when I change the settings to use LDAPS, I get this error:
Check the network settings and make sure you have network access to the identity source.
Where can I look (logs etc) to see why this is failing?
I've searched high and low but can't find any solution to this and have updated vcenter to latest version (6.7.0.42100)
The username does indeed need to be provided in either the principal name format (username@domainname) or as a UPN.
Did you provide the certificate for the CA that signed your domain controller certificates? It looks like the signing CA is mox-MOX-DC1-CA.Mox.local.
I receive the same error "ERROR com.vmware.identity.admin.vlsi.IdentitySourceManagementServiceImpl] 'IdentityStore certificates' value should not be empty" when I didn't select an SSL Certificate for the authentication provider. Once I select the CA cert, the error goes away.
Check the logs within the folder /var/log/vmware/sso. When attempting to add an authentication source that fails, I see information related to the failure specifically in /var/log/vmware/sso/vmware-identity-sts-default.log.
Moderator: Moved to vCenter Server
Thanks.
I pulled the log and see here's a chunk of it where it shows changing from ldap to ldaps and changing the AD than for ldap://mox.local to ldaps://MOX-DC1.MOX.LOCAL:3269,
It doesn't like it. I tried changing my username to distinguished name as I see there's a bunch of UPN errors but it still fails.
Any ideas?? I can ping the DC from vcenter with no issues and can telnet from my pc to that port on that DC..
[2020-02-07T21:16:23.354Z pool-2-thread-5 INFO com.vmware.identity.vlsi.RoleBasedAuthorizer] User {Name: miles, Domain: mox.local} with role 'Administrator' is authorized for method call 'ServiceInstance.retrieveServiceContent'
[2020-02-07T21:16:23.366Z pool-2-thread-6 INFO com.vmware.identity.vlsi.RoleBasedAuthorizer] User {Name: miles, Domain: mox.local} with role 'Administrator' is authorized for method call 'IdentitySourceManagementService.updateLdapAuthnType'
[2020-02-07T21:16:23.375Z pool-2-thread-5 INFO auditlogger] {"user":"miles@mox.local","client":"","timestamp":"02/07/2020 21:16:23 UTC","description":"Updating the authentication type of ldap identity source with name 'MOX.LOCAL' to 'password'","eventSeverity":"INFO","type":"com.vmware.sso.IdentitySourceManagement"}
[2020-02-07T21:16:23.375Z pool-2-thread-5 INFO com.vmware.identity.admin.vlsi.IdentitySourceManagementServiceImpl] [User {Name: miles, Domain: mox.local} with role 'Administrator'] Updating the authentication type of ldap identity source with name 'MOX.LOCAL' to 'password'
[2020-02-07T21:16:23.385Z pool-2-thread-5 vsphere.local 56222754-62ae-4e93-bcf2-9ae550c28bc0 ERROR com.vmware.identity.idm.ValidateUtil] userName in UPN format=[mox\miles] is invalid: not a valid UPN format
[2020-02-07T21:16:23.385Z pool-2-thread-5 ERROR com.vmware.identity.idm.ValidateUtil] userName in UPN format=[mox\miles] is invalid: not a valid UPN format
[2020-02-07T21:16:23.657Z pool-2-thread-5 vsphere.local 78cdedd8-9df8-4230-8fa9-60e8901b0735 INFO com.vmware.identity.idm.server.IdentityManager] Provider [MOX.LOCAL] successfully set for tenant [vsphere.local]
[2020-02-07T21:16:23.657Z pool-2-thread-5 INFO com.vmware.identity.admin.vlsi.IdentitySourceManagementServiceImpl] Vmodl method IdentitySourceManagementService.updateLdapAuthnType return value is null
[2020-02-07T21:16:23.751Z pool-2-thread-6 INFO com.vmware.identity.vlsi.RoleBasedAuthorizer] User {Name: miles, Domain: mox.local} with role 'Administrator' is authorized for method call 'IdentitySourceManagementService.updateLdap'
[2020-02-07T21:16:23.753Z pool-2-thread-5 INFO auditlogger] {"user":"miles@mox.local","client":"","timestamp":"02/07/2020 21:16:23 UTC","description":"Updating ldap identity source 'MOX.LOCAL' details to 'com.vmware.vim.sso.admin.LdapIdentitySourceDetails@3b887329 friendlyName=MOX, userBaseDn=OU=Users,OU=MoxOU,DC=Mox,DC=local, groupBaseDn=OU=Users,OU=MoxOU,DC=Mox,DC=local, primaryUrl=ldaps://MOX-DC1.MOX.LOCAL:3269, failoverUrl=null, searchTimeoutSeconds=0, isSiteAffinityEnabled=false'","eventSeverity":"INFO","type":"com.vmware.sso.IdentitySourceManagement"}
[2020-02-07T21:16:23.753Z pool-2-thread-5 INFO com.vmware.identity.admin.vlsi.IdentitySourceManagementServiceImpl] [User {Name: miles, Domain: mox.local} with role 'Administrator'] Updating ldap identity source 'MOX.LOCAL' details to 'com.vmware.vim.sso.admin.LdapIdentitySourceDetails@58e9ef4e friendlyName=MOX, userBaseDn=OU=Users,OU=MoxOU,DC=Mox,DC=local, groupBaseDn=OU=Users,OU=MoxOU,DC=Mox,DC=local, primaryUrl=ldaps://MOX-DC1.MOX.LOCAL:3269, failoverUrl=null, searchTimeoutSeconds=0, isSiteAffinityEnabled=false'
[2020-02-07T21:16:23.773Z pool-2-thread-5 vsphere.local 6c53f85e-f7d5-4ea0-bb37-14c40bd10086 ERROR com.vmware.identity.idm.ValidateUtil] userName in UPN format=[mox\miles] is invalid: not a valid UPN format
[2020-02-07T21:16:23.774Z pool-2-thread-5 ERROR com.vmware.identity.idm.ValidateUtil] userName in UPN format=[mox\miles] is invalid: not a valid UPN format
[2020-02-07T21:16:23.784Z pool-2-thread-5 vsphere.local f5d62f07-54f6-4373-bc5b-08fd3ea5867d ERROR com.vmware.identity.idm.ValidateUtil] 'IdentityStore certificates' value should not be empty
[2020-02-07T21:16:23.784Z pool-2-thread-5 vsphere.local f5d62f07-54f6-4373-bc5b-08fd3ea5867d ERROR com.vmware.identity.idm.server.IdentityManager] Failed to set Ldap provider for tenant [vsphere.local]
[2020-02-07T21:16:23.784Z pool-2-thread-5 vsphere.local f5d62f07-54f6-4373-bc5b-08fd3ea5867d ERROR com.vmware.identity.idm.server.ServerUtils] Exception 'java.lang.IllegalArgumentException: 'IdentityStore certificates' value should not be empty'
java.lang.IllegalArgumentException: 'IdentityStore certificates' value should not be empty
at com.vmware.identity.idm.ValidateUtil.logAndThrow(ValidateUtil.java:475) ~[vmware-identity-idm-interface-7.0.0.jar:?]
at com.vmware.identity.idm.ValidateUtil.validateNotEmpty(ValidateUtil.java:237) ~[vmware-identity-idm-interface-7.0.0.jar:?]
at com.vmware.identity.idm.server.IdentityManager.probeProviderConnectivity(IdentityManager.java:2841) ~[vmware-identity-idm-server-7.0.0.jar:?]
at com.vmware.identity.idm.server.IdentityManager.setProvider(IdentityManager.java:2540) ~[vmware-identity-idm-server-7.0.0.jar:?]
at com.vmware.identity.idm.server.IdentityManager.setProvider(IdentityManager.java:9547) [vmware-identity-idm-server-7.0.0.jar:?]
at com.vmware.identity.idm.client.CasIdmClient.setProvider(CasIdmClient.java:929) [vmware-identity-idm-client-7.0.0.jar:?]
at com.vmware.identity.admin.server.ims.impl.IdentitySourceManagementImpl.updateLdap(IdentitySourceManagementImpl.java:536) [sso-adminserver-7.0.0.jar:?]
at com.vmware.identity.admin.vlsi.IdentitySourceManagementServiceImpl$7.call(IdentitySourceManagementServiceImpl.java:269) [sso-adminserver-7.0.0.jar:?]
at com.vmware.identity.admin.vlsi.IdentitySourceManagementServiceImpl$7.call(IdentitySourceManagementServiceImpl.java:253) [sso-adminserver-7.0.0.jar:?]
at com.vmware.identity.admin.vlsi.util.VmodlEnhancer.invokeVmodlMethod(VmodlEnhancer.java:186) [sso-adminserver-7.0.0.jar:?]
at com.vmware.identity.admin.vlsi.IdentitySourceManagementServiceImpl.updateLdap(IdentitySourceManagementServiceImpl.java:253) [sso-adminserver-7.0.0.jar:?]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_221]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_221]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_221]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_221]
at com.vmware.vim.vmomi.server.impl.InvocationTask.run(InvocationTask.java:65) [vlsi-server-7.0.0.jar:?]
at com.vmware.vim.vmomi.server.common.impl.RunnableWrapper$1.run(RunnableWrapper.java:47) [vlsi-server-7.0.0.jar:?]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:1.8.0_221]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:1.8.0_221]
at java.lang.Thread.run(Thread.java:748) [?:1.8.0_221]
[2020-02-07T21:16:23.784Z pool-2-thread-5 ERROR com.vmware.identity.admin.server.ims.impl.IdentitySourceManagementImpl] 'IdentityStore certificates' value should not be empty
[2020-02-07T21:16:23.785Z pool-2-thread-5 ERROR com.vmware.identity.admin.vlsi.IdentitySourceManagementServiceImpl] 'IdentityStore certificates' value should not be empty
java.lang.IllegalArgumentException: 'IdentityStore certificates' value should not be empty
at com.vmware.identity.admin.server.ims.impl.IdentitySourceManagementImpl.updateLdap(IdentitySourceManagementImpl.java:546) ~[sso-adminserver-7.0.0.jar:?]
at com.vmware.identity.admin.vlsi.IdentitySourceManagementServiceImpl$7.call(IdentitySourceManagementServiceImpl.java:269) ~[sso-adminserver-7.0.0.jar:?]
at com.vmware.identity.admin.vlsi.IdentitySourceManagementServiceImpl$7.call(IdentitySourceManagementServiceImpl.java:253) ~[sso-adminserver-7.0.0.jar:?]
at com.vmware.identity.admin.vlsi.util.VmodlEnhancer.invokeVmodlMethod(VmodlEnhancer.java:186) [sso-adminserver-7.0.0.jar:?]
at com.vmware.identity.admin.vlsi.IdentitySourceManagementServiceImpl.updateLdap(IdentitySourceManagementServiceImpl.java:253) [sso-adminserver-7.0.0.jar:?]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_221]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_221]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_221]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_221]
at com.vmware.vim.vmomi.server.impl.InvocationTask.run(InvocationTask.java:65) [vlsi-server-7.0.0.jar:?]
at com.vmware.vim.vmomi.server.common.impl.RunnableWrapper$1.run(RunnableWrapper.java:47) [vlsi-server-7.0.0.jar:?]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:1.8.0_221]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:1.8.0_221]
at java.lang.Thread.run(Thread.java:748) [?:1.8.0_221]
[2020-02-07T21:16:29.446Z pool-2-thread-6 INFO com.vmware.identity.vlsi.RoleBasedAuthorizer] User {Name: miles, Domain: mox.local} with role 'Administrator' is authorized for method call 'ServiceInstance.retrieveServiceContent'
[2020-02-07T21:16:29.458Z pool-2-thread-6 INFO com.vmware.identity.vlsi.RoleBasedAuthorizer] User {Name: miles, Domain: mox.local} with role 'Administrator' is authorized for method call 'IdentitySourceManagementService.updateLdapAuthnType'
[2020-02-07T21:16:29.464Z pool-2-thread-5 INFO auditlogger] {"user":"miles@mox.local","client":"","timestamp":"02/07/2020 21:16:29 UTC","description":"Updating the authentication type of ldap identity source with name 'MOX.LOCAL' to 'password'","eventSeverity":"INFO","type":"com.vmware.sso.IdentitySourceManagement"}
[2020-02-07T21:16:29.465Z pool-2-thread-5 INFO com.vmware.identity.admin.vlsi.IdentitySourceManagementServiceImpl] [User {Name: miles, Domain: mox.local} with role 'Administrator'] Updating the authentication type of ldap identity source with name 'MOX.LOCAL' to 'password'
[2020-02-07T21:16:29.477Z pool-2-thread-5 vsphere.local 86b4675d-1aa5-4287-a3e1-aea9dfda1272 ERROR com.vmware.identity.idm.ValidateUtil] userName in UPN format=[mox\miles] is invalid: not a valid UPN format
[2020-02-07T21:16:29.477Z pool-2-thread-5 ERROR com.vmware.identity.idm.ValidateUtil] userName in UPN format=[mox\miles] is invalid: not a valid UPN format
[2020-02-07T21:16:29.630Z pool-2-thread-5 vsphere.local 5e83383a-e100-41de-9508-a027eb7c8f9f INFO com.vmware.identity.idm.server.IdentityManager] Provider [MOX.LOCAL] successfully set for tenant [vsphere.local]
[2020-02-07T21:16:29.630Z pool-2-thread-5 INFO com.vmware.identity.admin.vlsi.IdentitySourceManagementServiceImpl] Vmodl method IdentitySourceManagementService.updateLdapAuthnType return value is null
[2020-02-07T21:16:29.721Z pool-2-thread-5 INFO com.vmware.identity.vlsi.RoleBasedAuthorizer] User {Name: miles, Domain: mox.local} with role 'Administrator' is authorized for method call 'IdentitySourceManagementService.updateLdap'
[2020-02-07T21:16:29.736Z pool-2-thread-6 INFO auditlogger] {"user":"miles@mox.local","client":"","timestamp":"02/07/2020 21:16:29 UTC","description":"Updating ldap identity source 'MOX.LOCAL' details to 'com.vmware.vim.sso.admin.LdapIdentitySourceDetails@74125659 friendlyName=MOX, userBaseDn=OU=Users,OU=MoxOU,DC=Mox,DC=local, groupBaseDn=OU=Users,OU=MoxOU,DC=Mox,DC=local, primaryUrl=ldaps://MOX-DC1.MOX.LOCAL:3269, failoverUrl=null, searchTimeoutSeconds=0, isSiteAffinityEnabled=false, certificate=[\n[\n Version: V3\n Subject: CN=mox-dc1.mox.local\n Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5\n\n Key: Sun RSA public key, 2048 bits\n modulus: 28479401761953262868123033954888581543358638446238984544625367016240244221722002820977672172003348209186920333223848529992521624218204182567991841642014220731975226060662303715390275572119850801398676657396476144612542132102305481767592492573523714514610416457742877488668938800186737159749481721865828564883138030933018949394073543518664105981213626760598454695100480124847217128450713917926926863058635730406901617838368260327308943738640640678501443193516105852715946596187563112552211773788204594022792881625842476655136532606446174196592999832295259526136409163899386479170000444870345197774381377383962458729097\n public exponent: 65537\n Validity: [From: Tue May 28 15:38:26 UTC 2019,\n To: Wed May 27 15:38:26 UTC 2020]\n Issuer: CN=mox-MOX-DC1-CA, DC=Mox, DC=local\n SerialNumber: [ 30000000 115fa957 1f1e6d7e 6a000000 000011]\n\nCertificate Extensions: 9\n[1]: ObjectId: 1.3.6.1.4.1.311.21.10 Criticality=false\nExtension unknown: DER encoded OCTET string =\n0000: 04 26 30 24 30 0A 06 08 2B 06 01 05 05 07 03 01 .&0$0...+.......\n0010: 30 0A 06 08 2B 06 01 05 05 08 02 02 30 0A 06 08 0...+.......0...\n0020: 2B 06 01 05 05 07 03 02 +.......\n\n\n[2]: ObjectId: 1.3.6.1.4.1.311.21.7 Criticality=false\nExtension unknown: DER encoded OCTET string =\n0000: 04 31 30 2F 06 27 2B 06 01 04 01 82 37 15 08 87 .10/.'+.....7...\n0010: E8 E9 72 82 9D DE 70 81 E9 99 30 87 9E 97 4E 84 ..r...p...0...N.\n0020: EB A4 1C 81 29 85 AF D9 03 84 80 F7 04 02 01 64 ....)..........d\n0030: 02 01 01 ...\n\n\n[3]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false\nAuthorityInfoAccess [\n [\n accessMethod: caIssuers\n accessLocation: URIName: ldap:///CN=mox-MOX-DC1-CA,CN=AIA,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=Mox,DC=local?cACertificate?base?objectClass=certificationAuthority\n]\n]\n\n[4]: ObjectId: 2.5.29.35 Criticality=false\nAuthorityKeyIdentifier [\nKeyIdentifier [\n0000: BA B0 E4 72 46 D5 00 92 AB 65 7F D2 66 86 E9 AA ...rF....e..f...\n0010: E3 64 1C E7 .d..\n]\n]\n\n[5]: ObjectId: 2.5.29.31 Criticality=false\nCRLDistributionPoints [\n [DistributionPoint:\n [URIName: ldap:///CN=mox-MOX-DC1-CA,CN=Mox-DC1,CN=CDP,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=Mox,DC=local?certificateRevocationList?base?objectClass=cRLDistributionPoint]\n]]\n\n[6]: ObjectId: 2.5.29.37 Criticality=false\nExtendedKeyUsages [\n serverAuth\n 1.3.6.1.5.5.8.2.2\n clientAuth\n]\n\n[7]: ObjectId: 2.5.29.15 Criticality=true\nKeyUsage [\n DigitalSignature\n Key_Encipherment\n]\n\n[8]: ObjectId: 2.5.29.17 Criticality=false\nSubjectAlternativeName [\n DNSName: vpn.dhc.bc.ca\n]\n\n[9]: ObjectId: 2.5.29.14 Criticality=false\nSubjectKeyIdentifier [\nKeyIdentifier [\n0000: CD 00 6B FF 65 0E BA 63 70 F7 20 62 84 D6 B9 25 ..k.e..cp. b...%\n0010: 83 67 88 C1 .g..\n]\n]\n\n]\n Algorithm: [SHA1withRSA]\n Signature:\n0000: 42 52 AF 61 47 6F CD AA D1 67 FE 20 B0 78 F5 80 BR.aGo...g. .x..\n0010: 7A C5 31 12 E0 4E C2 F4 BD C4 2E 62 91 CB 56 75 z.1..N.....b..Vu\n0020: B7 E9 19 91 2F 25 C5 BA 36 45 3E AD 35 80 6C B9 ..../%..6E>.5.l.\n0030: 44 60 CF DF 82 46 A8 6E A3 6A E9 3D BC 24 3C D0 D`...F.n.j.=.$<.\n0040: 33 2A 6C 9E 8E DA F4 D5 A0 A8 4F B6 7A 14 10 D0 3*l.......O.z...\n0050: E3 2D 36 14 3C 6B 28 CB D8 32 EA 5B 65 EA 83 1B .-6.<k(..2.[e...\n0060: 25 37 5D C6 8C A2 9E 55 E5 2E 6A F1 DA 16 43 51 %7]....U..j...CQ\n0070: B7 A5 C2 8A 5F 61 67 2A 95 97 B4 9E 59 5A 66 6D ...._ag*....YZfm\n0080: 93 DB FA D1 14 BD 82 00 CE F8 FF B7 17 26 E9 A4 .............&..\n0090: BF 22 EF E1 75 AD F2 3C 1D AE 75 FF C2 10 27 E2 .\"..u..<..u...'.\n00A0: 12 7D D9 1A 9C FA B5 E3 39 7F 05 ED 2E 53 5D 3E ........9....S]>\n00B0: 58 DB 1E 01 A5 1E 15 4D 33 EF DF D1 A2 14 7C C6 X......M3.......\n00C0: 6F 42 9B ED A8 F4 54 21 DA 29 FA B7 E6 32 7E 58 oB....T!.)...2.X\n00D0: AA 8C A1 77 73 C0 3E BC 37 C8 54 65 B4 8D 74 32 ...ws.>.7.Te..t2\n00E0: B5 FB 4F E9 5A 24 E7 60 98 79 8E F8 7B CF 16 EF ..O.Z$.`.y......\n00F0: 06 2F 7F BD 34 3B 79 29 B8 03 00 82 A1 99 CD 58 ./..4;y).......X\n\n]'","eventSeverity":"INFO","type":"com.vmware.sso.IdentitySourceManagement"}
[2020-02-07T21:16:29.748Z pool-2-thread-6 INFO com.vmware.identity.admin.vlsi.IdentitySourceManagementServiceImpl] [User {Name: miles, Domain: mox.local} with role 'Administrator'] Updating ldap identity source 'MOX.LOCAL' details to 'com.vmware.vim.sso.admin.LdapIdentitySourceDetails@6cad7bed friendlyName=MOX, userBaseDn=OU=Users,OU=MoxOU,DC=Mox,DC=local, groupBaseDn=OU=Users,OU=MoxOU,DC=Mox,DC=local, primaryUrl=ldaps://MOX-DC1.MOX.LOCAL:3269, failoverUrl=null, searchTimeoutSeconds=0, isSiteAffinityEnabled=false, certificate=[
[
Version: V3
Subject: CN=mox-dc1.mox.local
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 2048 bits
modulus: 28479401761953262868123033954888581543358638446238984544625367016240244221722002820977672172003348209186920333223848529992521624218204182567991841642014220731975226060662303715390275572119850801398676657396476144612542132102305481767592492573523714514610416457742877488668938800186737159749481721865828564883138030933018949394073543518664105981213626760598454695100480124847217128450713917926926863058635730406901617838368260327308943738640640678501443193516105852715946596187563112552211773788204594022792881625842476655136532606446174196592999832295259526136409163899386479170000444870345197774381377383962458729097
public exponent: 65537
Validity: [From: Tue May 28 15:38:26 UTC 2019,
To: Wed May 27 15:38:26 UTC 2020]
Issuer: CN=mox-MOX-DC1-CA, DC=Mox, DC=local
SerialNumber: [ 30000000 115fa957 1f1e6d7e 6a000000 000011]
Certificate Extensions: 9
[1]: ObjectId: 1.3.6.1.4.1.311.21.10 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 26 30 24 30 0A 06 08 2B 06 01 05 05 07 03 01 .&0$0...+.......
0010: 30 0A 06 08 2B 06 01 05 05 08 02 02 30 0A 06 08 0...+.......0...
0020: 2B 06 01 05 05 07 03 02 +.......
[2]: ObjectId: 1.3.6.1.4.1.311.21.7 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 31 30 2F 06 27 2B 06 01 04 01 82 37 15 08 87 .10/.'+.....7...
0010: E8 E9 72 82 9D DE 70 81 E9 99 30 87 9E 97 4E 84 ..r...p...0...N.
0020: EB A4 1C 81 29 85 AF D9 03 84 80 F7 04 02 01 64 ....)..........d
0030: 02 01 01 ...
[3]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
[
accessMethod: caIssuers
accessLocation: URIName: ldap:///CN=mox-MOX-DC1-CA,CN=AIA,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=Mox,DC=local?cACertificate?base?objectClass=certificationAuthority
]
]
[4]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: BA B0 E4 72 46 D5 00 92 AB 65 7F D2 66 86 E9 AA ...rF....e..f...
0010: E3 64 1C E7 .d..
]
]
[5]: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: ldap:///CN=mox-MOX-DC1-CA,CN=Mox-DC1,CN=CDP,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=Mox,DC=local?certificateRevocationList?base?objectClass=cRLDistributionPoint]
]]
[6]: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
serverAuth
1.3.6.1.5.5.8.2.2
clientAuth
]
[7]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_Encipherment
]
[8]: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
DNSName: vpn.dhc.bc.ca
]
[9]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: CD 00 6B FF 65 0E BA 63 70 F7 20 62 84 D6 B9 25 ..k.e..cp. b...%
0010: 83 67 88 C1 .g..
]
]
]
Algorithm: [SHA1withRSA]
Signature:
0000: 42 52 AF 61 47 6F CD AA D1 67 FE 20 B0 78 F5 80 BR.aGo...g. .x..
0010: 7A C5 31 12 E0 4E C2 F4 BD C4 2E 62 91 CB 56 75 z.1..N.....b..Vu
0020: B7 E9 19 91 2F 25 C5 BA 36 45 3E AD 35 80 6C B9 ..../%..6E>.5.l.
0030: 44 60 CF DF 82 46 A8 6E A3 6A E9 3D BC 24 3C D0 D`...F.n.j.=.$<.
0040: 33 2A 6C 9E 8E DA F4 D5 A0 A8 4F B6 7A 14 10 D0 3*l.......O.z...
0050: E3 2D 36 14 3C 6B 28 CB D8 32 EA 5B 65 EA 83 1B .-6.<k(..2.[e...
0060: 25 37 5D C6 8C A2 9E 55 E5 2E 6A F1 DA 16 43 51 %7]....U..j...CQ
0070: B7 A5 C2 8A 5F 61 67 2A 95 97 B4 9E 59 5A 66 6D ...._ag*....YZfm
0080: 93 DB FA D1 14 BD 82 00 CE F8 FF B7 17 26 E9 A4 .............&..
0090: BF 22 EF E1 75 AD F2 3C 1D AE 75 FF C2 10 27 E2 ."..u..<..u...'.
14 7C C6 X......M3.......
00C0: 6F 42 9B ED A8 F4 54 21 DA 29 FA B7 E6 32 7E 58 oB....T!.)...2.X
00D0: AA 8C A1 77 73 C0 3E BC 37 C8 54 65 B4 8D 74 32 ...ws.>.7.Te..t2
00E0: B5 FB 4F E9 5A 24 E7 60 98 79 8E F8 7B CF 16 EF ..O.Z$.`.y......
00F0: 06 2F 7F BD 34 3B 79 29 B8 03 00 82 A1 99 CD 58 ./..4;y).......X
]'
[2020-02-07T21:16:29.763Z pool-2-thread-6 vsphere.local 7b357dcc-da99-4ced-b65c-a6383f8e1f2b ERROR com.vmware.identity.idm.ValidateUtil] userName in UPN format=[mox\miles] is invalid: not a valid UPN format
[2020-02-07T21:16:29.763Z pool-2-thread-6 ERROR com.vmware.identity.idm.ValidateUtil] userName in UPN format=[mox\miles] is invalid: not a valid UPN format
[2020-02-07T21:16:29.856Z pool-2-thread-6 vsphere.local bfc3fabc-5e5e-406f-9680-f85f52111fc8 ERROR com.vmware.identity.interop.ldap.SslX509EqualityMatchVerificationCallback] Server SSL certificate verification failed for [Subject: CN=Mox-DC1.Mox.local] [SHA1 Fingerprint: 2A:7B:8A:58:C0:E5:AF:46:F4:4C:6F:67:22:15:DA:B3:E5:45:88:B0].: No match found in the trusted certificates store.
[2020-02-07T21:16:29.856Z pool-2-thread-6 vsphere.local bfc3fabc-5e5e-406f-9680-f85f52111fc8 ERROR com.vmware.identity.interop.ldap.OpenLdapClientLibrary] Server SSL certificate not trusted; bytes: [48, -126, 5, 120, 48, -126, 4, 96, -96, 3, 2, 1, 2, 2, 19, 48, 0, 0, 0, 13, -60, -29, -86, 26, 46, 53, -96, -97, 0, 0, 0, 0, 0, 13, 48, 13, 6, 9, 42, -122, 72, -122, -9, 13, 1, 1, 5, 5, 0, 48, 69, 49, 21, 48, 19, 6, 10, 9, -110, 38, -119, -109, -14, 44, 100, 1, 25, 22, 5, 108, 111, 99, 97, 108, 49, 19, 48, 17, 6, 10, 9, -110, 38, -119, -109, -14, 44, 100, 1, 25, 22, 3, 77, 111, 120, 49, 23, 48, 21, 6, 3, 85, 4, 3, 19, 14, 109, 111, 120, 45, 77, 79, 88, 45, 68, 67, 49, 45, 67, 65, 48, 30, 23, 13, 49, 57, 48, 53, 50, 56, 49, 52, 50, 49, 48, 48, 90, 23, 13, 50, 48, 48, 53, 50, 55, 49, 52, 50, 49, 48, 48, 90, 48, 28, 49, 26, 48, 24, 6, 3, 85, 4, 3, 19, 17, 77, 111, 120, 45, 68, 67, 49, 46, 77, 111, 120, 46, 108, 111, 99, 97, 108, 48, -126, 1, 34, 48, 13, 6, 9, 42, -122, 72, -122, -9, 13, 1, 1, 1, 5, 0, 3, -126, 1, 15, 0, 48, -126, 1, 10, 2, -126, 1, 1, 0, -21, 127, 59, -125, -89, -120, 121, 53, 114, -84, -103, -68, 84, 108, 35, -21, -39, -60, -36, -56, 21, -62, 117, -46, -8, 51, 78, -43, -38, -72, 51, 62, 30, 126, 16, 40, -43, -123, -43, -22, 37, 117, -123, 72, 123, 50, -55, -64, 109, -80, 94, -77, 52, -103, 116, 48, 119, 50, 21, 93, -34, -57, -40, -27, 52, -33, -77, 25, -71, -9, -124, 127, 40, 109, 94, -27, 93, 95, 113, -88, 27, 39, -69, 123, -77, -96, -64, -10, -9, -122, 66, 39, -38, 55, -65, -19, 109, -91, 47, 39, 32, -88, 27, 85, -114, -93, 121, 37, 124, 68, 11, -65, -125, 25, 59, -65, -99, 26, 6, 11, -81, 55, -52, -33, 0, -2, -69, 120, -121, -9, 98, 89, 98, 80, 20, -73, -26, -84, 84, -29, -120, 30, 9, -95, 62, -66, 62, 127, -24, 106, -66, -92, 18, 5, -126, -117, 39, -28, 29, -46, 40, -84, -90, -127, 74, -114, -88, -98, 103, 84, 84, -66, -70, 11, -32, -18, -52, -92, 45, 21, -93, -125, 82, -36, -98, 9, 39, 86, -54, -90, -51, -35, -87, 51, -7, -82, -72, 92, 76, -14, 39, -92, 48, -50, 104, 121, -14, 83, -84, -17, -122, 93, -92, -124, 25, 24, 77, 49, -93, -19, 46, -25, -89, 53, 68, -110, 95, -66, 49, 124, 113, -88, -69, 44, -120, 49, -18, -34, 60, 80, 58, -95, 89, 54, 114, -26, 48, -90, 6, 127, 59, 108, -120, 61, 7, 1, 2, 3, 1, 0, 1, -93, -126, 2, -120, 48, -126, 2, -124, 48, 62, 6, 9, 43, 6, 1, 4, 1, -126, 55, 21, 7, 4, 49, 48, 47, 6, 39, 43, 6, 1, 4, 1, -126, 55, 21, 8, -121, -24, -23, 114, -126, -99, -34, 112, -127, -23, -103, 48, -121, -98, -105, 78, -124, -21, -92, 28, -127, 41, -121, -23, -5, 63, -122, -102, -114, 3, 2, 1, 100, 2, 1, 2, 48, 29, 6, 3, 85, 29, 37, 4, 22, 48, 20, 6, 8, 43, 6, 1, 5, 5, 7, 3, 1, 6, 8, 43, 6, 1, 5, 5, 7, 3, 2, 48, 14, 6, 3, 85, 29, 15, 1, 1, -1, 4, 4, 3, 2, 5, -96, 48, 39, 6, 9, 43, 6, 1, 4, 1, -126, 55, 21, 10, 4, 26, 48, 24, 48, 10, 6, 8, 43, 6, 1, 5, 5, 7, 3, 1, 48, 10, 6, 8, 43, 6, 1, 5, 5, 7, 3, 2, 48, 29, 6, 3, 85, 29, 14, 4, 22, 4, 20, 15, -46, 29, -82, -78, -90, 124, -55, 25, -69, 78, 27, -103, -46, 32, 29, -64, 22, -13, 109, 48, 31, 6, 3, 85, 29, 35, 4, 24, 48, 22, -128, 20, -70, -80, -28, 114, 70, -43, 0, -110, -85, 101, 127, -46, 102, -122, -23, -86, -29, 100, 28, -25, 48, -127, -54, 6, 3, 85, 29, 31, 4, -127, -62, 48, -127, -65, 48, -127, -68, -96, -127, -71, -96, -127, -74, -122, -127, -77, 108, 100, 97, 112, 58, 47, 47, 47, 67, 78, 61, 109, 111, 120, 45, 77, 79, 88, 45, 68, 67, 49, 45, 67, 65, -127, -66, 6, 8, 43, 6, 1, 5, 5, 7, 1, 1, 4, -127, -79, 48, -127, -82, 48, -127, -85, 6, 8, 43, 6, 1, 5, 5, 7, 48, 2, -122, -127, -98, 108, 100, 97, 112, 58, 47, 47, 47, 67, 78, 61, 109, 111, 120, 45, 77, 79, 88, 45, 68, 67, 49, 45, 67, 65, 44, 67, 78, 61, 65, 73, 65, 44, 67, 78, 61, 80, 117, 98, 108, 105, 99, 37, 50, 48, 75, 101, 121, 37, 50, 48, 83, 101, 114, 118, 105, 99, 101, 115, 44, 67, 78, 61, 83, 101, 114, 118, 105, 99, 101, 115, 44, 67, 78, 61, 67, 111, 110, 102, 105, 103, 117, 114, 97, 116, 105, 111, 110, 44, 68, 67, 61, 77, 111, 120, 44, 68, 67, 61, 108, 111, 99, 97, 108, 63, 99, 65, 67, 101, 114, 116, 105, 102, 105, 99, 97, 116, 101, 63, 98, 97, 115, 101, 63, 111, 98, 106, 101, 99, 116, 67, 108, 97, 115, 115, 61, 99, 101, 114, 116, 105, 102, 105, 99, 97, 116, 105, 111, 110, 65, 117, 116, 104, 111, 114, 105, 116, 121, 48, 28, 6, 3, 85, 29, 17, 4, 21, 48, 19, -126, 17, 77, 111, 120, 45, 68, 67, 49, 46, 77, 111, 120, 46, 108, 111, 99, 97, 108, 48, 13, 6, 9, 42, -122, 72, -122, -9, 13, 1, 1, 5, 5, 0, 3, -126, 1, 1, 0, 96, -1, -116, 60, 71, -101, 20, -79, 55, -55, -52, 110, -15, -92, -116, -113, -80, -116, -35, 19, -121, -28, -73, -81, -98, -67, 51, -119, -36, -35, -121, -62, 27, 82, -101, 12, 94, -12, 57, -99, 71, 19, -29, -41, -12, -56, 43, 2, -98, -36, -30, 25, -101, -106, 62, -49, 38, -58, 115, 53, 23, 18, -122, -63, 17, 121, -123, -59, 99, -109, 103, 97, 75, -105, 62, 126, -111, 99, -115, 14, -37, -83, 85, -11, -125, -41, 13, 67, 66, -75, -18, -42, 85, 69, 21, -51, -55, 34, -127, 52, -3, 39, 34, -56, 104, 60, 80, 65, 71, -101, -106, 113, -78, -105, 53, -107, -107, -79, 100, 118, 121, -10, 30, 55, 1, -41, -25, 115, 82, 60, 44, 63, 94, -37, 21, 13, 89, -126, -61, 1, -97, -31, -128, -117, 30, -119, 16, 15, 22, 50, -53, -118, 29, -99, -22, 98, 90, -16, 16, 6, -114, 103, -60, -61, 5, 94, 94, 62, 74, -25, -115, -32, -105, 68, -37, 98, 121, -68, 112, -53, -20, 45, 26, 85, 125, 94, 52, -36, -71, 8, -71, -114, -23, -120, -77, -102, -32, 117, 93, -3, 68, -80, -8, 39, -12, -51, 16, 1, -31, -36, -7, -116, -21, 12, -11, -11, 82, 123, -1, 40, 82, -81, 103, -15, 81, -114, 38, 50, -57, -76, -95, 84, 11, 109, -75, -85, -70, -124, -26, 127, -31, -99, -122, 25, -98, -124, 113, -28, 33, -86, -57, 113, -75, 56, 108, 97]
[2020-02-07T21:16:29.865Z pool-2-thread-6 vsphere.local bfc3fabc-5e5e-406f-9680-f85f52111fc8 WARN com.vmware.identity.interop.ldap.LdapErrorChecker] Error received by LDAP client: com.vmware.identity.interop.ldap.OpenLdapClientLibrary, error code: -1
[2020-02-07T21:16:29.865Z pool-2-thread-6 vsphere.local bfc3fabc-5e5e-406f-9680-f85f52111fc8 WARN com.vmware.identity.idm.server.ServerUtils] cannot bind connection: [ldaps://MOX-DC1.MOX.LOCAL:3269, mox\miles]
[2020-02-07T21:16:29.865Z pool-2-thread-6 vsphere.local bfc3fabc-5e5e-406f-9680-f85f52111fc8 ERROR com.vmware.identity.idm.server.ServerUtils] cannot establish connection with uri: ldaps://MOX-DC1.MOX.LOCAL:3269
[2020-02-07T21:16:29.865Z pool-2-thread-6 vsphere.local bfc3fabc-5e5e-406f-9680-f85f52111fc8 WARN com.vmware.identity.idm.server.IdentityManager] Failed to probe provider connectivity [URI: ldaps://MOX-DC1.MOX.LOCAL:3269 ]; tenantName [vsphere.local], userName [mox\miles]
[2020-02-07T21:16:29.865Z pool-2-thread-6 vsphere.local bfc3fabc-5e5e-406f-9680-f85f52111fc8 ERROR com.vmware.identity.idm.server.IdentityManager] Failed to set Ldap provider for tenant [vsphere.local]
[2020-02-07T21:16:29.865Z pool-2-thread-6 vsphere.local bfc3fabc-5e5e-406f-9680-f85f52111fc8 ERROR com.vmware.identity.idm.server.ServerUtils] Exception 'com.vmware.identity.idm.IDMLoginException: Failed to probe provider connectivity [URI: ldaps://MOX-DC1.MOX.LOCAL:3269 ]; tenantName [vsphere.local], userName [mox\miles]'
com.vmware.identity.idm.IDMLoginException: Failed to probe provider connectivity [URI: ldaps://MOX-DC1.MOX.LOCAL:3269 ]; tenantName [vsphere.local], userName [mox\miles]
at com.vmware.identity.idm.server.IdentityManager.probeProviderConnectivity(IdentityManager.java:2866) ~[vmware-identity-idm-server-7.0.0.jar:?]
at com.vmware.identity.idm.server.IdentityManager.setProvider(IdentityManager.java:2540) ~[vmware-identity-idm-server-7.0.0.jar:?]
at com.vmware.identity.idm.server.IdentityManager.setProvider(IdentityManager.java:9547) [vmware-identity-idm-server-7.0.0.jar:?]
at com.vmware.identity.idm.client.CasIdmClient.setProvider(CasIdmClient.java:929) [vmware-identity-idm-client-7.0.0.jar:?]
at com.vmware.identity.admin.server.ims.impl.IdentitySourceManagementImpl.updateLdap(IdentitySourceManagementImpl.java:536) [sso-adminserver-7.0.0.jar:?]
at com.vmware.identity.admin.vlsi.IdentitySourceManagementServiceImpl$7.call(IdentitySourceManagementServiceImpl.java:269) [sso-adminserver-7.0.0.jar:?]
at com.vmware.identity.admin.vlsi.IdentitySourceManagementServiceImpl$7.call(IdentitySourceManagementServiceImpl.java:253) [sso-adminserver-7.0.0.jar:?]
at com.vmware.identity.admin.vlsi.util.VmodlEnhancer.invokeVmodlMethod(VmodlEnhancer.java:186) [sso-adminserver-7.0.0.jar:?]
at com.vmware.identity.admin.vlsi.IdentitySourceManagementServiceImpl.updateLdap(IdentitySourceManagementServiceImpl.java:253) [sso-adminserver-7.0.0.jar:?]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_221]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_221]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_221]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_221]
at com.vmware.vim.vmomi.server.impl.InvocationTask.run(InvocationTask.java:65) [vlsi-server-7.0.0.jar:?]
at com.vmware.vim.vmomi.server.common.impl.RunnableWrapper$1.run(RunnableWrapper.java:47) [vlsi-server-7.0.0.jar:?]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:1.8.0_221]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:1.8.0_221]
at java.lang.Thread.run(Thread.java:748) [?:1.8.0_221]
Caused by: com.vmware.identity.interop.ldap.ServerDownLdapException: Can't contact LDAP server
at com.vmware.identity.interop.ldap.LdapErrorChecker$44.RaiseLdapError(LdapErrorChecker.java:623) ~[vmware-identity-platform-7.0.0.jar:?]
at com.vmware.identity.interop.ldap.LdapErrorChecker.CheckError(LdapErrorChecker.java:1090) ~[vmware-identity-platform-7.0.0.jar:?]
at com.vmware.identity.interop.ldap.OpenLdapClientLibrary.CheckError(OpenLdapClientLibrary.java:1248) ~[vmware-identity-platform-7.0.0.jar:?]
at com.vmware.identity.interop.ldap.OpenLdapClientLibrary.ldap_bind_s(OpenLdapClientLibrary.java:717) ~[vmware-identity-platform-7.0.0.jar:?]
at com.vmware.identity.interop.ldap.LdapConnection.bindConnection(LdapConnection.java:130) ~[vmware-identity-platform-7.0.0.jar:?]
at com.vmware.identity.idm.server.ServerUtils.getLdapConnection(ServerUtils.java:390) ~[vmware-identity-idm-server-7.0.0.jar:?]
at com.vmware.identity.idm.server.ServerUtils.getLdapConnectionByURIs(ServerUtils.java:259) [vmware-identity-idm-server-7.0.0.jar:?]
at com.vmware.identity.idm.server.provider.BaseLdapProvider.getConnection(BaseLdapProvider.java:436) ~[vmware-identity-idm-server-7.0.0.jar:?]
at com.vmware.identity.idm.server.provider.BaseLdapProvider.getConnection(BaseLdapProvider.java:185) ~[vmware-identity-idm-server-7.0.0.jar:?]
at com.vmware.identity.idm.server.provider.BaseLdapProvider.probeConnectionSettings(BaseLdapProvider.java:127) ~[vmware-identity-idm-server-7.0.0.jar:?]
at com.vmware.identity.idm.server.IdentityManager.probeProviderConnectivity(IdentityManager.java:2855) ~[vmware-identity-idm-server-7.0.0.jar:?]
... 17 more
[2020-02-07T21:16:29.866Z pool-2-thread-6 ERROR com.vmware.identity.admin.server.ims.impl.IdentitySourceManagementImpl] cannot establish connection to null
com.vmware.identity.idm.IDMLoginException: Failed to probe provider connectivity [URI: ldaps://MOX-DC1.MOX.LOCAL:3269 ]; tenantName [vsphere.local], userName [mox\miles]
at com.vmware.identity.idm.server.ServerUtils.getRemoteException(ServerUtils.java:124) ~[vmware-identity-idm-server-7.0.0.jar:?]
at com.vmware.identity.idm.server.IdentityManager.setProvider(IdentityManager.java:9551) ~[vmware-identity-idm-server-7.0.0.jar:?]
at com.vmware.identity.idm.client.CasIdmClient.setProvider(CasIdmClient.java:929) ~[vmware-identity-idm-client-7.0.0.jar:?]
at com.vmware.identity.admin.server.ims.impl.IdentitySourceManagementImpl.updateLdap(IdentitySourceManagementImpl.java:536) [sso-adminserver-7.0.0.jar:?]
at com.vmware.identity.admin.vlsi.IdentitySourceManagementServiceImpl$7.call(IdentitySourceManagementServiceImpl.java:269) [sso-adminserver-7.0.0.jar:?]
at com.vmware.identity.admin.vlsi.IdentitySourceManagementServiceImpl$7.call(IdentitySourceManagementServiceImpl.java:253) [sso-adminserver-7.0.0.jar:?]
at com.vmware.identity.admin.vlsi.util.VmodlEnhancer.invokeVmodlMethod(VmodlEnhancer.java:186) [sso-adminserver-7.0.0.jar:?]
at com.vmware.identity.admin.vlsi.IdentitySourceManagementServiceImpl.updateLdap(IdentitySourceManagementServiceImpl.java:253) [sso-adminserver-7.0.0.jar:?]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_221]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_221]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_221]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_221]
at com.vmware.vim.vmomi.server.impl.InvocationTask.run(InvocationTask.java:65) [vlsi-server-7.0.0.jar:?]
at com.vmware.vim.vmomi.server.common.impl.RunnableWrapper$1.run(RunnableWrapper.java:47) [vlsi-server-7.0.0.jar:?]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:1.8.0_221]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:1.8.0_221]
at java.lang.Thread.run(Thread.java:748) [?:1.8.0_221]
[2020-02-07T21:16:29.867Z pool-2-thread-6 ERROR com.vmware.identity.admin.vlsi.IdentitySourceManagementServiceImpl] null
java.lang.AssertionError: null
at com.vmware.vim.sso.admin.exception.DirectoryServiceConnectionException.<init>(DirectoryServiceConnectionException.java:29) ~[admin-interfaces-7.0.0.jar:?]
at com.vmware.identity.admin.server.ims.impl.IdentitySourceManagementImpl.updateLdap(IdentitySourceManagementImpl.java:540) ~[sso-adminserver-7.0.0.jar:?]
at com.vmware.identity.admin.vlsi.IdentitySourceManagementServiceImpl$7.call(IdentitySourceManagementServiceImpl.java:269) ~[sso-adminserver-7.0.0.jar:?]
at com.vmware.identity.admin.vlsi.IdentitySourceManagementServiceImpl$7.call(IdentitySourceManagementServiceImpl.java:253) ~[sso-adminserver-7.0.0.jar:?]
at com.vmware.identity.admin.vlsi.util.VmodlEnhancer.invokeVmodlMethod(VmodlEnhancer.java:186) [sso-adminserver-7.0.0.jar:?]
at com.vmware.identity.admin.vlsi.IdentitySourceManagementServiceImpl.updateLdap(IdentitySourceManagementServiceImpl.java:253) [sso-adminserver-7.0.0.jar:?]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_221]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_221]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_221]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_221]
at com.vmware.vim.vmomi.server.impl.InvocationTask.run(InvocationTask.java:65) [vlsi-server-7.0.0.jar:?]
at com.vmware.vim.vmomi.server.common.impl.RunnableWrapper$1.run(RunnableWrapper.java:47) [vlsi-server-7.0.0.jar:?]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:1.8.0_221]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:1.8.0_221]
at java.lang.Thread.run(Thread.java:748) [?:1.8.0_221]
The username does indeed need to be provided in either the principal name format (username@domainname) or as a UPN.
Did you provide the certificate for the CA that signed your domain controller certificates? It looks like the signing CA is mox-MOX-DC1-CA.Mox.local.
I receive the same error "ERROR com.vmware.identity.admin.vlsi.IdentitySourceManagementServiceImpl] 'IdentityStore certificates' value should not be empty" when I didn't select an SSL Certificate for the authentication provider. Once I select the CA cert, the error goes away.
Yes I did but I just tried a exporting a different one as I noticed the one I had before was for NPS also as the server has a few self-issued certs.
She's all good now, thanks heaps for taking the time.
Miles
I'm glad you were able to get it resolved Miles!
If you don't mind, please mark any responses as helpful or the answer to your question.
Thanks!