Re: PSC MultiSite joining issue

vishalchand · ‎01-26-2016

Hi There, We are in a processing of joining SSO 5.5 U3 into multiSite configuration to a PSC 6.0U1b running on secondary site. Once the connection is established, we will upgrade SSO 5.5U3 to identical version. However, the install just hangs with the following error as per below.

2016-01-21 16:33:30.785:t@9217728:VERBOSE: cert (C:\ProgramData\VMware\cis\cfg\vmdird\\serversso1.local.com.pem) used in ssl server cert verification

2016-01-21 16:33:30.785:t@9217728:VERBOSE: ldap_initialize: ldaps://serversso1.local.com:11712 (DN='cn=Administrator,cn=users,dc=vsphere,dc=local')

2016-01-21 16:33:30.832:t@9217728:VERBOSE: VmDirOpenSSLCallback, digest compare succeeded

2016-01-21 16:33:30.863:t@9217728:VERBOSE: VmDirCreateBindingHandleA, string binding (ncalrpc:[VMWareDirectoryService])

2016-01-21 16:33:30.957:t@9217728:INFO: Service account (cn=host/serversso2.local.comt@VSPHERE.LOCAL,cn=Managed Service Accounts,dc=vsphere,dc=local) created

2016-01-21 16:33:30.957:t@9217728:VERBOSE: VmDirCreateBindingHandleA, string binding (ncalrpc:[VMWareDirectoryService])

2016-01-21 16:33:30.957:t@9217728:INFO: RpcVmDirInitializeHost (vsphere.local)(PROD2)(serversso.local.com) passed

2016-01-21 16:33:30.957:t@9217728:INFO: Reading Reg: ConfigPath

2016-01-21 16:33:30.957:t@9217728:ERROR: Error message (VmDirPrepareOpensslClientCtx() failed), error code (9120)

2016-01-21 16:33:30.957:t@9217728:VERBOSE: ldap_initialize: ldaps://localhost:11712 (DN='')

2016-01-21 16:33:33.004:t@9217728:ERROR: ldap simple bind failed. Error(4294967295)

2016-01-21 16:33:36.082:t@9217728:ERROR: ldap simple bind failed. Error(4294967295)

2016-01-21 16:33:39.113:t@9217728:ERROR: ldap simple bind failed. Error(4294967295)

2016-01-21 16:33:42.144:t@9217728:ERROR: ldap simple bind failed. Error(4294967295)

2016-01-21 16:33:45.207:t@9217728:ERROR: ldap simple bind failed. Error(4294967295)

2016-01-21 16:33:48.223:t@9217728:ERROR: ldap simple bind failed. Error(4294967295)

2016-01-21 16:33:51.254:t@9217728:ERROR: ldap simple bind failed. Error(4294967295)

2016-01-21 16:33:54.317:t@9217728:ERROR: ldap simple bind failed. Error(4294967295)

2016-01-21 16:33:57.348:t@9217728:ERROR: ldap simple bind failed. Error(4294967295)

2016-01-21 16:34:00.379:t@9217728:ERROR: ldap simple bind failed. Error(4294967295)

2016-01-21 16:34:01.395:t@9217728:ERROR: VmDirConnectLDAPServerByDN to (ldaps://localhost:11712) (DN=) failed. Error(231) Verify Server Cert (0) 2016-01-21 16:34:11.411:t@9217728:WARNING: LDAP connect (ldaps://localhost:11712) failed (231), 10 seconds passed

Did anyone came across this issue and know what is the root cause... Thanks in Advance...

vishalchand · ‎02-08-2016

Hi All, Just to follow up on this issue, even the latest PSC 6.0U1 multi Site deployment failed to join external PSC at remote site. Hope someone can lead me to the root issue...

vminst.log sInstUtil-3343021| I: ProcessMsiMsg: ACTIONDATA reporting "Starting VMware Authentication Framework..."

2016-02-08 17:25:51.054+11:00| vcsInstUtil-3343021| I: Leaving function: UpdatePkgMgrProgressFromStatusFile

2016-02-08 17:25:51.054+11:00| vcsInstUtil-3343021| I: Leaving function: ParseStatusFile

2016-02-08 17:25:52.898+11:00| vcsInstUtil-3343021| I: Entering function: ParseStatusFile

2016-02-08 17:25:52.898+11:00| vcsInstUtil-3343021| I: ParseStatusFile: curr error msg: "Failed to run vdcpromo"

2016-02-08 17:25:52.898+11:00| vcsInstUtil-3343021| E: ParseStatusFile:

Displaying error message for "install.vmafd.vmdir_vdcpromo_error": "Failed to run vdcpromo Please search of these symptoms in the VMware Knowledge Base for any known issues and possible workarounds. If none can be found, please collect a support bundle and open a support request."

vmdir.log

2016-02-08T05:47:18.499Z:t@22405328:INFO: Setting up a host instance (vsphere.local).

2016-02-08T05:47:18.780Z:t@22405328:ERROR: _VmDirSchemaATCompatibleCheck failed (9601)(missing attributetypes)

2016-02-08T05:47:18.780Z:t@22405328:ERROR: _VmDirSchemaOCCompatibleCheck failed (9601)(incompatible objectclass/contentrule (vmwSTSSingleLogoutService))

2016-02-08T05:47:18.780Z:t@22405328:ERROR: CoreLogicModifyEntry failed, DN = cn=aggregate,cn=schemacontext, (9623)(PreModifyPlugins failed - (9623))

2016-02-08T05:47:18.780Z:t@22405328:ERROR: InternalModifyEntry: VdirExecutePostModifyCommitPlugins - code(9623)

2016-02-08T05:47:18.780Z:t@22405328:ERROR: VmDirCopyPartnerSchema,421 failed, error(9623)

2016-02-08T05:47:18.796Z:t@22405328:ERROR: VmDirSrvSetupHostInstance failed. Error(9623)

2016-02-08T05:47:18.796Z:t@22405328:ERROR: VmDirSrvInitializeHost failed (9623)(vsphere.local)(Administrator)(PROD1)(ldap://ssoserver.local.net)(1)

droordaEPG · ‎04-13-2016

I don't know if you are attempting to do What I am, but I did get the same error attempting to install the 5.5 SSO.

I am bringing 5.0 server up 6, joining it to my existing SSO. The version6 installer would not connect to my current PSC for some reason. claimed password issue which I verified was correct.

After several attempts to install the 55 SSO i realized that the PSC for version 6 can function an the SSO for my 5.5 install. meaning that the 5.5 sso install can just be skipped. If your site will need a dedicated PSC just install it before you start the 5.5 install