Hello,

I am using vCenter Server Appliance 6.7 (6.7.0.52000 - build 19300125)

Noticed the following "Bind Request Failed - Error 49" in the VCSA /var/log/vmware/vmdird/vmdird-syslog.log :

2022-03-29T20:36:43.996456+00:00 err vmdird t@139834228188928: SASLSessionStart: sasl error (-20)(SASL(-13): user not found: no secret in database)
2022-03-29T20:36:43.996892+00:00 err vmdird t@139834228188928: VmDirSendLdapResult: Request (Bind), Error (49), Message ((49)(SASL start failed.)), (0) socket (127.0.0.1)
2022-03-29T20:36:43.997247+00:00 err vmdird t@139834228188928: Bind Request Failed (127.0.0.1) error 49: Protocol version: 3, Bind DN: "", Method: SASL
2022-03-29T20:36:47.089087+00:00 err vmdird t@139834228188928: VmDirSRPGetIdentityData (stgadmin2@vsphere.local) failed, (9106)
2022-03-29T20:36:47.089645+00:00 err vmdird t@139834228188928: VmDirSRPGetIdentityData (stgadmin2@vsphere.local) failed, (9106)
2022-03-29T20:36:47.090027+00:00 err vmdird t@139834228188928: SASLSessionStart: sasl error (-20)(SASL(-13): user not found: no secret in database)
2022-03-29T20:36:47.090352+00:00 err vmdird t@139834228188928: VmDirSendLdapResult: Request (Bind), Error (49), Message ((49)(SASL start failed.)), (0) socket (127.0.0.1)

In this case, the user stgadmin2@vsphere.local has been removed from the vsphere.local domain.    

I have read technotes on resetting account password.  It appears user account(s) that have been removed are still somehow still in the PCS config.   Our VCSA is config for syslog which is how this problem was first discovered.  

Questions:

1. Is there a way to list user accounts that PCS thinks are present via cli? 
2. Is there a way to remove user accounts from PCS / other config causing this issue knowing that the user (ie. stgadmin2@vsphere.local) was previously removed from Administration > Users > vsphere.local domain ?
3. Other ideas on how to solve this issue ?