VMware Cloud Community
jfvet
Enthusiast
Enthusiast
Jump to solution

Unable to log into vCenter 6.7 VMware Appliance Management page

vCenter 6.7 fresh vCenter Server Appliance install with an embedded Platform Services Controller on a 6.5 ESXi host.

Stage 1: Deploy appliance - Completed successfully

Stage 2: Configure appliance - Completed sucessfully

When I try to log in as root on the VMware Appliance Management web:5480 page using the IP address of the server, I receive the error. Unable to login, NOT the error Unable to authenticate user. I can successfully log in using the console with root credentials. Used a variety of browsers and validated security settings. Any ideas?

2 Solutions

Accepted Solutions
diegodco31
Leadership
Leadership
Jump to solution

You have sure this is the correct password. Try into the console or SSH.

Please consider marking this answer "correct" or "helpful" if you think your question have been answered correctly.

Diego Oliveira
LinkedIn: http://www.linkedin.com/in/dcodiego

View solution in original post

AbdulBasitKhan
Contributor
Contributor
Jump to solution

Fixed the issue by checking the df -h and found that log disk was full, just increase the Hard Disk 5 and run a command to autogrow lvm of vcenter, and right after that issue fixed for me. the solution in this link worked for me.

https://www.bomzan.com/2021/10/12/vmware-vcenter-upgrade-error-no-space-left-on-device/

 

Thanks

Abdul Basit Khan

View solution in original post

60 Replies
SupreetK
Commander
Commander
Jump to solution

Just to isolate, does the root login work via SSH too? Or only via VM console?

Cheers,

Supreet

Reply
0 Kudos
diegodco31
Leadership
Leadership
Jump to solution

You have sure this is the correct password. Try into the console or SSH.

Please consider marking this answer "correct" or "helpful" if you think your question have been answered correctly.

Diego Oliveira
LinkedIn: http://www.linkedin.com/in/dcodiego
jfvet
Enthusiast
Enthusiast
Jump to solution

Hello,

Able to log into the console and SSH sessions using the root credentials.

Not able to log into the VMware Appliance Management portal, receiving the error: Unable to login.

If I fat finger the password on the portal page, then I receive the error message: Unable to authenticate user.

The security setting on the browser have TLS 1.0, TLS 1.1, and TLS 1.2 turned on.

Reply
0 Kudos
diegodco31
Leadership
Leadership
Jump to solution

Did you test other navigators?

Diego Oliveira
LinkedIn: http://www.linkedin.com/in/dcodiego
Reply
0 Kudos
jfvet
Enthusiast
Enthusiast
Jump to solution

as stated in my original post:

Used a variety of browsers and validated security settings.

Reply
0 Kudos
jfvet
Enthusiast
Enthusiast
Jump to solution

Here is what I did as a workaround.

In the vSphere Web Client I added an Administrative user.

Then added that user to the SystemConfiguration.BashShellAdministrators group.

I was then able to use that user to log into the vCenter Server Appliance Management portal.

Reply
0 Kudos
Robert121281
Contributor
Contributor
Jump to solution

Hi jfvet,

I am having the same trouble. I can login via SSH (and console) with root and my password. It as well used to work in the past to access the VMware Appliance Management (https://x.x.x.x:5480). Now I am getting "! Unable to login". Tried in several browsers as well in private windows. The credentials are correct, 100%.

I do not get this. Why would I use another username (which one anyway?). I am trying to login with "root". That has to work, it is a root user. Why would I change any group assignments to users which are configured in the SSO domain.

I have rebooted the VCA, issue persists.

Does anybody have an idea please on how to fix this?

Thanks,

Robert

Reply
0 Kudos
Robert121281
Contributor
Contributor
Jump to solution

I have done some further investigation:

tail -f /opt/vmware/var/log/lighttpd/error.log

When I access the URL https://x.x.x.x:5480, the following logs show up:

2018-09-30 14:31:46: (/build/mts/release/bora-7927448/studio/src/vami/apps/lighttpd/1.4.45/src/mod_proxy.c.1417) proxy - re-enabled: 127.0.0.1 8201

2018-09-30 14:31:48: (/build/mts/release/bora-7927448/studio/src/vami/apps/lighttpd/1.4.45/src/mod_proxy.c.1041) establishing connection failed: Connection refused

2018-09-30 14:31:48: (/build/mts/release/bora-7927448/studio/src/vami/apps/lighttpd/1.4.45/src/mod_proxy.c.1153) proxy-server disabled: 127.0.0.1 8201 13

2018-09-30 14:31:48: (/build/mts/release/bora-7927448/studio/src/vami/apps/lighttpd/1.4.45/src/mod_proxy.c.523) no proxy-handler found for: /rest/appliance/system/version

2018-09-30 14:31:53: (/build/mts/release/bora-7927448/studio/src/vami/apps/lighttpd/1.4.45/src/mod_proxy.c.1417) proxy - re-enabled: 127.0.0.1 8201

I have checked the error.log file, those errors do only show up recently because in the past, I never had issues to log into the webinterface. The "! unable to login" error comes regardless if I use the correct or wrong credentials.

Any idea how to fix this please?

Thanks,

Robert

Reply
0 Kudos
daphnissov
Immortal
Immortal
Jump to solution

Is this a brand new vCSA 6.7 deployment?

Reply
0 Kudos
Robert121281
Contributor
Contributor
Jump to solution

Thanks for your answer. No, I updated from 6.5. I am running ESXi 6.7 and VCA 6.7 (both with latest patches). The login was working in the past. I never had issues with this, not in 6.5 and not in 6.7. Yesterday, I tried to login and I have seen this error. I have no reason what action could have triggered this new behavior.

It is for sure related to this "no proxy-handler" error message.

When I browse to the URL, I get this:

2018-09-30 15:31:44: (/build/mts/release/bora-7927448/studio/src/vami/apps/lighttpd/1.4.45/src/mod_proxy.c.1041) establishing connection failed: Connection refused

2018-09-30 15:31:44: (/build/mts/release/bora-7927448/studio/src/vami/apps/lighttpd/1.4.45/src/mod_proxy.c.1153) proxy-server disabled: 127.0.0.1 8201 10

2018-09-30 15:31:44: (/build/mts/release/bora-7927448/studio/src/vami/apps/lighttpd/1.4.45/src/mod_proxy.c.523) no proxy-handler found for: /rest/appliance/system/version

2018-09-30 15:31:49: (/build/mts/release/bora-7927448/studio/src/vami/apps/lighttpd/1.4.45/src/mod_proxy.c.1417) proxy - re-enabled: 127.0.0.1 8201

When I enter the root credentials and click login the following logs come up - basically the same as before:

2018-09-30 15:32:50: (/build/mts/release/bora-7927448/studio/src/vami/apps/lighttpd/1.4.45/src/mod_proxy.c.1041) establishing connection failed: Connection refused

2018-09-30 15:32:50: (/build/mts/release/bora-7927448/studio/src/vami/apps/lighttpd/1.4.45/src/mod_proxy.c.1153) proxy-server disabled: 127.0.0.1 8201 9

2018-09-30 15:32:50: (/build/mts/release/bora-7927448/studio/src/vami/apps/lighttpd/1.4.45/src/mod_proxy.c.523) no proxy-handler found for: /rest/com/vmware/cis/session

2018-09-30 15:32:55: (/build/mts/release/bora-7927448/studio/src/vami/apps/lighttpd/1.4.45/src/mod_proxy.c.1417) proxy - re-enabled: 127.0.0.1 8201

Regards,

Robert

Reply
0 Kudos
daphnissov
Immortal
Immortal
Jump to solution

Hang on, let's take a step back. Login to the console (not SSH) with your root account. Does it let you in? If so, check the root password expiration with chage -l root. What is the output?

Reply
0 Kudos
Robert121281
Contributor
Contributor
Jump to solution

Thanks. I have done this. Password is brand new, it is not expired. It is not a credentials issue. It is a lighttpd/proxy issue.

# chage -l root

Last password change                                    : Sep 30, 2018

Password expires                                        : Sep 30, 2019

Password inactive                                       : never

Account expires                                         : never

Minimum number of days between password change          : 0

Maximum number of days between password change          : 365

Number of days of warning before password expires       : 7

I found another strange thing. In the root directory, there is a file:

# ls -l

total 1141

-rw-------   1 root root 1096973 Sep 30 15:38 abyss.log <- what is this file? Why is this in the root directory anyway?

lrwxrwxrwx   1 root root       7 Mar  7  2018 bin -> usr/bin

drwxr-xr-x   4 root root    1024 Mar  7  2018 boot

drwxr-xr-x  27 root root    4340 Sep 30 11:57 dev

drwxr-xr-x  85 root root    4096 Sep 30 12:02 etc

...

tail -f abyss.log

127.0.0.1:47301 - no_user - [30/Sep/2018:15:39:05 -0200] "POST" 200 2066

127.0.0.1:47301 - no_user - [30/Sep/2018:15:39:06 -0200] "POST" 200 2066

127.0.0.1:47301 - no_user - [30/Sep/2018:15:39:07 -0200] "POST" 200 2066

127.0.0.1:47301 - no_user - [30/Sep/2018:15:39:08 -0200] "POST" 200 2066

127.0.0.1:47301 - no_user - [30/Sep/2018:15:39:09 -0200] "POST" 200 2066

127.0.0.1:47301 - no_user - [30/Sep/2018:15:39:10 -0200] "POST" 200 2066

127.0.0.1:47301 - no_user - [30/Sep/2018:15:39:11 -0200] "POST" 200 2066

127.0.0.1:47301 - no_user - [30/Sep/2018:15:39:12 -0200] "POST" 200 2066

127.0.0.1:47301 - no_user - [30/Sep/2018:15:39:13 -0200] "POST" 200 423

127.0.0.1:47301 - no_user - [30/Sep/2018:15:39:13 -0200] "POST" 200 4915

127.0.0.1:47301 - no_user - [30/Sep/2018:15:39:13 -0200] "POST" 200 2066

127.0.0.1:47301 - no_user - [30/Sep/2018:15:39:14 -0200] "POST" 200 2066

127.0.0.1:47301 - no_user - [30/Sep/2018:15:39:15 -0200] "POST" 200 2066

lsof abyss.log

COMMAND    PID USER   FD   TYPE DEVICE SIZE/OFF  NODE NAME

ld-linux. 1764 root   16w   REG    8,3  1107846 16168 abyss.log

One log line every second. I tried to find what this file is used for but found no proper information.

Thanks,

Robert

Reply
0 Kudos
daphnissov
Immortal
Immortal
Jump to solution

I'm not sure what that log file is for. Since you've changed your root password, reboot your vCSA and try to login to the VAMI again.

Reply
0 Kudos
Robert121281
Contributor
Contributor
Jump to solution

Thanks. Have done this. 100 times. Same. There are some lack of resources for the proxy. That's some how related.

Regards,

Robert

Reply
0 Kudos
daphnissov
Immortal
Immortal
Jump to solution

Have you opened an SR on this? Do you have support, or is this just a lab?

Reply
0 Kudos
Robert121281
Contributor
Contributor
Jump to solution

It is a lab, licensed. Not sure if this allows me to open an SR for this.

Regards,

Robert

Reply
0 Kudos
SupreetK
Commander
Commander
Jump to solution

You might have already checked this but, is colon character (:) a part of the vCenter password? If yes, we might be encountering a known issue -

vSphere 6.7 Release Notes - Check for 'Cannot log in to vSphere Appliance Management Interface if the colon character (:) is part of vCenter Server root password...'

Cheers,

Supreet

Robert121281
Contributor
Contributor
Jump to solution

Thanks. No, there is no colon. It is not a password/credentials issue. I can enter whatever credentials and I do get the same error. The https request has issues. It is a problem with the http-server/proxy responsible for this web interface.

I have checked the logs. The logs started the day I patched the appliance with "VMware-vCenter-Server-Appliance-6.7.0.14000-9451876-patch-FP". Hence, there is an obvious dependency to this patch.

You guys have this "abyss.log" in the root directory? It is weird, but guess this particular file has nothing to do with the issue. Only problem is, that it eats up the root partition space.

Best regards,

Robert

Reply
0 Kudos
BenediktFrenzel
VMware Employee
VMware Employee
Jump to solution

Hi Robert,

have you tired to delete the "/var/vmware/applmgmt/session" folder?

-- Ben