from vca01 vcenter 6.7 with embedded PSC replication partner to vca02 6.7 with embedded PSC getting the following in the log
2020-12-11T08:49:17.688349+00:00 err vmdird t@139909918594816: VmDirSendLdapResult: Request (Bind), Error (49), Message ((49)(SASL step failed.)), (0) socket (111.222.112.223)
2020-12-11T08:49:17.688591+00:00 err vmdird t@139909918594816: Bind Request Failed (111.222.114.223) error 49: Protocol version: 3, Bind DN: "cn=vca02.xyz.com,ou=Domain Controllers,dc=vsphere,dc=xyz,dc=com", Method: SASL
2020-12-11T08:49:49.921099+00:00 err vmdird t@139909364938496: SASLSessionStep: sasl error (-13)(SASL(-13): authentication failure: client evidence does not match what we calculated. Probably a password error)
should I just reset the machine password for vca02 ? remove replication agreement and recreate agreement ?
TIA,te ?
Peter W
Hi @peterwood1
Yes we need to change the password. Please refer this article --> https://kb.vmware.com/s/article/2147280
Note: If this vCenter is part of enhanced linked mode(replicated to other PSCs), please power off all PSCs in replication and take a snapshot of all of them.
Hope that helps.
Please mark my comment as the Correct Answer/Kudos if this solution resolved your problem
I followed the article steps 1 to 13 on the vca02 server, but after restarting the vcenter server, still same error in vdird-syslog.log
confirmed password has been set but still getting ;
VmDirSendLdapResult: Request (Bind), Error (49), Message ((49)(SASL step failed.)), (0) socket (127.0.0.1)
2020-12-14T22:42:09.225696+00:00 err vmdird t@139965056935680: Bind Request Failed (127.0.0.1) error 49: Protocol version: 3, Bind DN: "cn=vca01.xyz.com,ou=Domain Controllers,dc=vsphere,dc=xyz,dc=com", Method: SASL
please help on this issue
Please confirm if the password generated had supported characters. Some times it needs a few attempts before a password with all supported characters is generated.
I will redo the new password and confirm there are no invalid characters. Before attempting again I am going to remove the replication agreements from the psc1 to psc2 and psc3, and confirm that the agreements from psc2 and psc3 to psc1 are removed.
I will then generate a new password for psc1, confirm valid characters and then apply the new password as per the article.
I will create a replication agreement from psc1 to psc2 and check if it works ok. If not, what would be my next step to resolve this issue ?
Thanks,
Peter