Hi,
I have 2 sites each running vCenter Server on ESXi hosts. On site A I was able to deploy vSphere replication, however on site B I cannot do it, the task fails with the following:
The operation failed due to A general system error occurred: PBM error occurred during PreCreateCheckCallback: Fault cause: pbm.fault.InvalidLogin
The two sites and vCenter servers are connected and in the same domain. Furthermore I use the default administrator. Administrator @Mydomain.local
Later I checked, I cannot even copy virtual machines, the same error occurs.
Everything seemed fine until site B was added to the domain.
I have restarted VMware vSphere Profile-Driven Storage Service numerous times on both vCenter server but the issue still persist.
I do know what is the problem, anyone encountered similar?
Thanks!
EDIT: I use Replication 8.3.1, vCenter Server 7.0.1 and ESXi 7U1
Hi kozi! Can you run a VCSA Replication check to verify the PSC are replicating correctly?
Here is how: https://kb.vmware.com/s/article/2127057
Hi @kozi_1200 ,
This does look like an issue related to SPS service on vCenter server. Please check sps.log to see if it is reports any details about the error:
/var/log/vmware/vmware-sps/sps.log
I Found some errors in the sps.log
Alas I do not know if they are relevant to the problem.
The errors:
2020-11-12T15:31:55.944Z [Timer-0] ERROR opId=sps-Main-195107-572 com.vmware.vim : [K
[K.sms.provider.vasa.cert.CertificateAuthority - Failed to propogate root certific ate and CRL to VPs
2020-11-12T15:31:56.472Z [main] ERROR opId=sps-Main-195107-572 com.vmware.pbm.ca pability.CapabilityMetadataRegistration - Failed to locate common capability met adata file: CommonCapabilitySchema.xml
2020-11-12T15:35:25.435Z [pool-3-thread-7] ERROR opId=kheyjwq7-1060-auto-ts-h5:7 0000659 com.vmware.pbm.util.PBMUtils - Invalid constraints type: class com.vmwar : [K
[Ke.vim.binding.pbm.profile.CapabilityConstraints
2020-11-12T15:36:33.467Z [pool-3-thread-8] INFO opId=40f49b1f-01-01-01 com.vmwa re.identity.token.impl.SamlTokenImpl - Error parsing SAML token.
org.xml.sax.SAXParseException; lineNumber: 1; columnNumber: 1; Content is not al lowed in prolog.
at com.sun.org.apache.xerces.internal.parsers.DOMParser.parse(DOMParser. java:257)
at com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderImpl.parse(Doc umentBuilderImpl.java:339)
at com.vmware.identity.token.impl.SamlTokenImpl.parseTokenXmlToDom(SamlT okenImpl.java:755)
at com.vmware.identity.token.impl.SamlTokenImpl.<init>(SamlTokenImpl.jav a:277)
at com.vmware.vim.sso.client.DefaultTokenFactory.parseToken(DefaultToken Factory.java:69)
at com.vmware.vim.sso.client.DefaultTokenFactory.parseToken(DefaultToken Factory.java:77)
at com.vmware.vim.storage.common.security.CommonSessionManager.parseSaml Token(CommonSessionManager.java:258)
at com.vmware.vim.storage.common.security.CommonSessionManager.loginByTo ken(CommonSessionManager.java:158)
at com.vmware.pbm.auth.impl.SessionManagerImpl.loginByToken(SessionManag erImpl.java:44)
: [K
[K at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl. java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces sorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at com.vmware.vim.vmomi.server.impl.InvocationTask.run(InvocationTask.ja va:78)
at com.vmware.vim.vmomi.server.common.impl.RunnableWrapper$1.run(Runnabl eWrapper.java:47)
at com.vmware.vim.storage.common.task.opctx.RunnableOpCtxDecorator.run(R unnableOpCtxDecorator.java:38)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:51 1)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor. java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor .java:624)
at java.lang.Thread.run(Thread.java:748)
2020-11-12T15:36:33.467Z [pool-3-thread-8] ERROR opId=40f49b1f-01-01-01 com.vmwa re.vim.storage.common.security.CommonSessionManager - Login by token failed
com.vmware.vim.sso.client.exception.MalformedTokenException: Error parsing SAML : [K
[Ktoken.
at com.vmware.identity.token.impl.SamlTokenImpl.parseTokenXmlToDom(SamlT okenImpl.java:760)
at com.vmware.identity.token.impl.SamlTokenImpl.<init>(SamlTokenImpl.jav a:277)
at com.vmware.vim.sso.client.DefaultTokenFactory.parseToken(DefaultToken Factory.java:69)
at com.vmware.vim.sso.client.DefaultTokenFactory.parseToken(DefaultToken Factory.java:77)
at com.vmware.vim.storage.common.security.CommonSessionManager.parseSaml Token(CommonSessionManager.java:258)
at com.vmware.vim.storage.common.security.CommonSessionManager.loginByTo ken(CommonSessionManager.java:158)
at com.vmware.pbm.auth.impl.SessionManagerImpl.loginByToken(SessionManag erImpl.java:44)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl. java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces sorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at com.vmware.vim.vmomi.server.impl.InvocationTask.run(InvocationTask.ja va:78)
: [K
[K at com.vmware.vim.vmomi.server.common.impl.RunnableWrapper$1.run(Runnabl eWrapper.java:47)
at com.vmware.vim.storage.common.task.opctx.RunnableOpCtxDecorator.run(R unnableOpCtxDecorator.java:38)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:51 1)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor. java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor .java:624)
at java.lang.Thread.run(Thread.java:748)
2020-11-12T15:36:33.470Z [pool-3-thread-8] ERROR opId=40f49b1f-01-01-01 com.vmwa re.vim.storage.common.VmodlErrorStrings - Login to PBM failed
: [K
[Kcom.vmware.vim.storage.common.fault.LoginException: com.vmware.vim.sso.client.ex ception.MalformedTokenException: Error parsing SAML token.
at com.vmware.vim.storage.common.security.CommonSessionManager.loginByTo ken(CommonSessionManager.java:176)
at com.vmware.pbm.auth.impl.SessionManagerImpl.loginByToken(SessionManag erImpl.java:44)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl. java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces sorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at com.vmware.vim.vmomi.server.impl.InvocationTask.run(InvocationTask.ja va:78)
at com.vmware.vim.vmomi.server.common.impl.RunnableWrapper$1.run(Runnabl eWrapper.java:47)
at com.vmware.vim.storage.common.task.opctx.RunnableOpCtxDecorator.run(R unnableOpCtxDecorator.java:38)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:51 1)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor. java:1149)
: [K
[K at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor .java:624)
at java.lang.Thread.run(Thread.java:748)
Caused by: com.vmware.vim.sso.client.exception.MalformedTokenException: Error pa rsing SAML token.
at com.vmware.identity.token.impl.SamlTokenImpl.parseTokenXmlToDom(SamlT okenImpl.java:760)
at com.vmware.identity.token.impl.SamlTokenImpl.<init>(SamlTokenImpl.jav a:277)
at com.vmware.vim.sso.client.DefaultTokenFactory.parseToken(DefaultToken Factory.java:69)
at com.vmware.vim.sso.client.DefaultTokenFactory.parseToken(DefaultToken Factory.java:77)
at com.vmware.vim.storage.common.security.CommonSessionManager.parseSaml Token(CommonSessionManager.java:258)
at com.vmware.vim.storage.common.security.CommonSessionManager.loginByTo ken(CommonSessionManager.java:158)
... 13 more
Caused by: org.xml.sax.SAXParseException; lineNumber: 1; columnNumber: 1; Conten t is not allowed in prolog.
at com.sun.org.apache.xerces.internal.parsers.DOMParser.parse(DOMParser. java:257)
at com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderImpl.parse(Doc : [K
[KumentBuilderImpl.java:339)
at com.vmware.identity.token.impl.SamlTokenImpl.parseTokenXmlToDom(SamlT okenImpl.java:755)
... 18 more
Do you know if these are the errors preventing the deployment?
Thanks for the help so far!
Seems like a certificate a token issue from the logs. I would suggest raising a support request.
It's worth try checking the SMS(Storage monitoring service) certificates --> https://kb.vmware.com/s/article/2120105?lang=en_US
did you figure this out? having same thing and vCenter / everything is going crazy with a cluster.
Thanks!
Hi!
No, sadly I could not figure it out, and my project was stopped...
The next step would have been a support ticket because pretty much tried everything.
Good luck!
have redeployed vCenter and in linked mode again, still having issues, VMware support has been at it for over a week just wasting time.
update - the vCenter server sso domain was deployed in linked mode with an uppercase S (vSphere.local) instead of vsphere.local, there is no gui check and turns out to be case sensitive. took a lottttttt of time but after escalation they notice and we fixed it.
Hi,
We have the same problem. Could you tell us how you solved this problem? via repoint ?
I could not figure it out, however the poster above You found something.