VMware Cloud Community
ddemond
Contributor
Contributor
‎02-02-2016 07:57 AM

vCenter Server Appliance 5.5 can't add SSO Identity Source

I'm trying to add an "Active Directory as an LDAP server" Identity Source on our 5.5 vcsa and keep receiving the following message even though there's no Identity Source listed in Administration->Single Sign-On->Configuration->Identity Sources

"Type or value exists"

2016-02-02 13:50:15,284 WARN   [LdapErrorChecker] Error received by LDAP client: com.vmware.identity.interop.ldap.LinuxLdapClientLibrar

y, error code: 20

2016-02-02 13:50:15,284 ERROR  [IdentityManager] Failed to add identity provider for tenant [vsphere.local]

2016-02-02 13:50:15,284 ERROR  [ServerUtils] Exception 'com.vmware.identity.interop.ldap.AttributeOrValueExistsLdapException: Type or v

alue exists

LDAP error [code: 20]'

com.vmware.identity.interop.ldap.AttributeOrValueExistsLdapException: Type or value exists

LDAP error [code: 20]

        at com.vmware.identity.interop.ldap.LdapErrorChecker$20.RaiseLdapError(LdapErrorChecker.java:298)

Testing the LDAP settings are successful and I'm using the same procedure that worked for adding SSO to another vcsa.

Is there a CLI way to check/remove SSO Identity Sources that don't show on the Web GUI?

Preview file
18 KB
0 Kudos
2 Replies
npadmani
Virtuoso
Virtuoso
‎02-02-2016 08:39 AM

Is there any way to add Identity Source through command line?

No, currently there is no way of adding an Identity Source . For more information, see Adding an Integrated Active Directory (IWA) Identity Source without the vSphere Web Client for vCent....

Above lines have been taken from VMware KB: VMware vCenter Single Sign-On Server 5.5 FAQs

now, that KB in that FAQ answer is giving you some CLI option with the help of particular Script which you got to download manually, but it's still not much help in this case because it's talking about 'Adding Identity source as Integrated AD' and but there's no cli option available to do the same as 'AD as LDAP'.

Regarding issue you are facing, have you tried rebooting VCSA 5.5 and try to view the list or add identity source again in web client?

Narendra Padmani VCIX6-DCV | VCIX7-CMA | VCI | TOGAF 9 Certified
0 Kudos
ddemond
Contributor
Contributor
‎02-02-2016 09:53 AM

Thanks for your reply. I just tried rebooting the vCenter Server Appliance and the same issue is occuring, no listed Identity Source but I can't add a new one (same error of "Type or value exists").

I see from that KB that there's no way to add an Identity Source from the cli, but is there possibly a way to examine/modify the database directly?

0 Kudos