2 Replies Latest reply on Jul 29, 2020 9:07 AM by tdubb123

    vmDirSafeLDAPSBind errors in vmdird-syslog.log file

    tdubb123 Master

      I am seeing lots of errors on one of my 6.7 external psc

       

       

       

      2020-07-28T17:25:22.461152+00:00 err vmdird  t@140390493562624: VmDirSafeLDAPBind to (ldap://xxxpsc.domain.com:389) failed. SRP(9127)

      2020-07-28T17:25:22.463086+00:00 err vmdird  t@140390493562624: VmDirSafeLDAPBind to (ldap://xxxpsc.domain.com:389) failed. SRP(9127)

       

       

      This psc does not even exist any idea why?

        • 1. Re: vmDirSafeLDAPSBind errors in vmdird-syslog.log file
          ashilkrishnan Enthusiast
          VMware Employees

          Hi

           

          If this external PSC was decommissioned or was removed as part of convergence from external to embedded PSC, chances are registrations for external PSC did not get cleared properly

           

          Note: If multiple PSCs are part of this SSO domain/PSC replication, please power off all PSCs and take a snapshot for all the PSCs in powered off state before proceeding further. If PSCs are standalone, then you can take a snapshot of just the respective PSC.

           

          1. Connect any of the existing PSCs and check if the external PSC is listed under showservers, showpartners command VMware Knowledge Base

          2. Procedure to decommission PSC - VMware Knowledge Base

          3. Run this command to check if registration for problematic external PSC is listed:

           

          /usr/lib/vmidentity/tools/scripts/lstool.py list --url https://localhost/lookupservice/sdk --no-check-cert --ep-type com.vmware.cis.cs.identity.sso 2>/dev/null

           

          If listed, use the service ID from the output above and run following command to un-register:  (Replace the ID field below with service ID captured from previous command

           

          /usr/lib/vmidentity/tools/scripts/lstool.py unregister --url http://localhost:7080/lookupservice/sdk --id TMP:608BF497-A198-40C1-9866-545533A488BE --user 'administrator@vsphere.local' --password 'VMware123!' --no-check-cert

           

          Hope that helps

           

          • 2. Re: vmDirSafeLDAPSBind errors in vmdird-syslog.log file
            tdubb123 Master

            Thank you. We used jxplorer to find the stale entry and removed it. Its all working now