Hi,
a vCenter died in our environment, and now whenever I log into the vSphere Web Client, it gives me an error message at the top saying it could not connect to one or mover vCenter Server systems.
In Administration > SSO Users and Groups, I see a whole bunch of Application Users that I'm probably supposed to delete, however there is no reference to vCenter name and we have many vCenters so I don't want to mistakenly delete the wrong one.
What is the proper way to clean out your SSO registrations (inventory service, etc) when a vCenter was not cleanly removed?
Thanks.
Just want to give an update in case it helps:
- issue was application users from the old vcenter were still registered in web client
- web client > administration > sso users and groups > application users
- problem was i couldn't tell which user belonged to the dead vcenter as they do not have references to hostnames or IP, did not want to risk deleting the wrong ones
- end up restoring the dead vcenter from backups, then did a full uninstall of vcenter, which deleted the proper application user accounts from web client
all is good now
Hi.
I had the same issue when I deleted a no longer used Vcenter last week. Searching Google this post was the only thing that came up with the issue I was facing. In short you are correct that the accounts listed in Administration > SSO Users and Groups are related to the Vcenters and services registered with the SSO server.
In my case I didn’t have a backup as it was a test vcenter but I did want to get rid of the message so I logged a case with VMware. In short you can browse various services to determine which accounts you should keep and those you can get rid of (see below). For me I guessed which accounts were OK as they also appeared to have dates associated with them, presumably registration date. Either way it was good to verify that my thinking was correct. After I removed the accounts we had to search the SSOserver using the ssocli to find the serviceID associated with the dead server and de-register it. It appears that the VMware KB is still being written and is due to be published soon as the instructions are not quite what we ended up doing. Either way the KB when it is published should be 2043509 but don’t quote me ![]()
Anyway all sorted and no more annoying message.
Paul
-------------
To check usernames in vSphere Web Client 5.1:
Log in to vSphere Web Client 5.1 as admin@System-Domain Click Administration Expand the Access tab if necessary and click SSO Users and Groups.
Click the Application Users tab
The Application User usernames and descriptions will be listed.
Check the usernames against the names in the configuration files. The default locations of these files are listed below.
Inventory Service Solution User Configuration File:
<Installation path of Inventory Service>\conf\sso.ini
Default Path:
C:\Program Files\VMware\Infrastructure\Inventory Service\conf\sso.ini
vCenter Server Solution User Configuration File:
<Installation path of vCenter Server>\ssoregtool\vcsso.properties
Default Path:
C:\Program Files\VMware\Infrastructure\VirtualCenter Server\ssoregtool\vcsso.properties
Web Client and Log Browser Solution Configuration Files:
For the Web Client:
<Installation path of Web Client>\SsoRegTool\sso_conf\solution.ini
Default Path:
C:\Program Files\VMware\Infrastructure\vSphereWebClient\SsoRegTool\sso_conf\ssoregmm.prp
For the Log Browser:
<Installation path of Log Browser>\SsoRegTool\sso_conf\solution.ini
Default Path:
C:\Program Files\VMware\Infrastructure\vSphereWebClient\SsoRegTool\sso_conf\solution.ini
