Come on guys this is a really simple question for anywone on a working VI3 infrastructure, do you have this repeating in your Events log?

User root@127.0.0.1 logged in

User root logged out

User root@127.0.0.1 logged in

User root logged out

User root@127.0.0.1 logged in

User root logged out

Hi,

Try the following, establish an ssh session to one of the Hosts experiencing the issue.

tail -20 /var/log/vmware/hostd.log

Is the host part of a VI Cluster with HA enabled ?

You may see events pertaining to 'ha-eventmgr'

\[2007-03-19 23:17:43.080 'ha-eventmgr' 32766896 info] Event 2015 : User root@127.0.0.1 logged in

\[2007-03-19 23:17:43.080 'TaskManager' 32766896 info] Task Completed : haTask--vim.SessionManager.login-32946

\[2007-03-19 23:17:43.461 'ha-eventmgr' 14060464 info] Event 2016 : User root logged out

So I assume it is some HA process ?

Michael.

Note, I see these messages when HA is not enabled, very strange.

Message was edited by:

MichaelJKnight

The logging does not say what host it is coming from, maybe from all of them for all knows.

All hosts are in a single cluster, HA and DRS features have not been ticked as our enterprise licenses havent come through yet.

"Note, I see these messages when HA is not enabled, very strange." Could these messages only come up when HA is not used then and most peopel dont see them as they have HA enabled?

Hi,

Quick update, I see them when HA is enabled and disabled.

Where are you seeing the messages ?

Try clicking on one of your hosts in VC and nagivate to Tasks and Events tab and select events. Are they appearing here ?

Michael.

Aha your onto something its only on one of my hosts VSHA6.

How can I narrow down to what is creating this event?

Im sure theres nothing installed but just HP systems management homepage for ESX 3.0.1, here's a installed RPM package list for anything out of the ordinary:

e2fsprogs-1.32-15.1

elfutils-libelf-0.94.1-2

ethtool-1.8-3.3

file-3.39-9.EL3.3

glib-1.2.10-11.1

gmp-4.1.2-5

iputils-20020927-11.30.4vmw

laus-libs-0.1-70RHEL3

attr-2.2.0-1

acl-2.2.3-1

libstdc++-3.2.3-53

losetup-2.11y-31.12vmw

mailx-8.1.1-31.EL3

mktemp-1.5-18.2

bzip2-1.0.2-11.EL3.4

crontabs-1.10-5

hotplug-2002_04_01-20.5

mount-2.11y-31.12vmw

net-snmp-libs-5.0.9-2.30E.19

openssl-0.9.7a-33.17

pam_smb-1.1.7-1

pcre-3.9-10.2

perl-DateManip-5.42a-0.rhel3

perl-HTML-Tagset-3.03-28

perl-Parse-Yapp-1.05-30

perl-libwww-perl-5.65-6

perl-XML-Parser-2.31-15

perl-XML-Encoding-1.01-23

popt-1.8.2-24_nonptl

procmail-lockfile-3.22-10vmw

shadow-utils-4.0.3-22.03

newt-0.51.5-1

tcp_wrappers-7.6-34.1

unzip-5.50-34

vmware-hwdata-1.00-6vmw

vmware-release-3-3vmw

words-2-21

zip-2.3-16.1

libxml-1.8.17-9.2

net-snmp-5.0.9-2.30E.19

info-4.5-3

cpio-2.5-4.RHEL3

diffutils-2.8.1-8

gawk-3.1.1-9

ash-0.3.8-16

gzip-1.3.3-12.rhel3

make-3.79.1-17.1

ncurses-5.3-9.4

gpm-1.19.3-27.2

man-1.5k-11.rhel3

nscd-2.3.2-95.37

bind-libs-9.2.4-7_EL3

procps-2.0.17-13.7

readline-4.3-5.2

parted-1.6.3-48vmw

libxml2-python-2.5.10-7

rpm-4.2.3-26vmw

sed-4.0.7-3

kbd-1.08-10.2

pam-0.75-66

libuser-0.51.7-1.EL3.3

passwd-0.68-3.1

samba-client-3.0.9-1.3E.10vmw

sudo-1.6.7p5-1.2

SysVinit-2.85-4.4

mkinitrd-3.5.13-16

time-1.7-23

util-linux-2.11y-31.14vmw

vmware-python-libs-0.99-2

initscripts-7.31.30.EL-13vmw

cyrus-sasl-md5-2.1.15-10

glibc-kernheaders-2.4-8.34.2

glibc-headers-2.3.2-95.37

kernel-source-2.4.21-37.0.2.EL.32039

kernel-vmnix-2.4.21-37.0.2.EL.32039

nss_ldap-207-17

openssh-3.6.1p2-33.30.9vmw

portmap-4.0-56

tcpdump-3.7.2-7.E3.5

VMware-esx-apps-3.0.1-32039

VMware-esx-iscsi-3.0.1-32039

VMware-esx-uwlibs-3.0.1-32039

VMware-esx-vmkernel-3.0.1-32039

VMware-esx-drivers-block-DAC960-2.4.11-32039

VMware-esx-drivers-net-bcm5700-7.3.5-32039

VMware-esx-drivers-net-e100-2.3.40-32039

VMware-esx-drivers-net-pcnet32-1.30c-32039

VMware-esx-drivers-net-tg3-3.43b.1vmw-32039

VMware-esx-drivers-scsi-adp94xx-0.0.5-32039

VMware-esx-drivers-scsi-aic7xxx-6.3.9-32039

VMware-esx-drivers-scsi-lpfcdd-v732-7.3.2.1vmw-32039

VMware-esx-drivers-scsi-megaraid_sas-0.0.2-32039

VMware-esx-drivers-scsi-qla2200-v7.07-7.7.4.1vmw-32039

VMware-esx-drivers-scsi-qla4010-3.24-32039

VMware-esx-drivers-scsi-vmkiscsi-3.4.2-32039

xinetd-2.3.12-6.3E.2

yp-tools-2.8-6

rpm-libs-4.2.3-26vmw

VMware-hostd-esx-3.0.1-32039

yum-2.0.7-3vmw

VMware-esx-lnxcfg-3.0.1-32039

pegasus-2.5-8vmw

VMware-esx-perftools-3.0.1-32039

LGTOaamvm-5.1.2-1

ucd-snmp-cmaX-devel-4.2.5-266

hpsmh-2.1.2-127

hprsm-7.4.0-50.vmware

esxpress-2.3-1.esx

VMware-vpxupdate-esx-2.5.2-24525

glibc-common-2.3.2-95.37

man-pages-1.60-4.2

setup-2.5.27-1

basesystem-8.0-2

tzdata-2005m-1.EL3

beecrypt-3.0.1-0.20030630.1

bzip2-libs-1.0.2-11.EL3.4

compat-db-4.0.14-5.1

cracklib-2.7-22

dosfstools-2.8-10

eject-2.0.13-2

elfutils-0.94.1-2

expat-1.95.5-6

gdbm-1.8.0-20

glib2-2.2.3-2.0

hdparm-5.4-1

krbafs-1.1.1-11

libattr-2.2.0-1

libacl-2.2.3-1

libcap-1.10-15.1

libtermcap-2.0.8-35

lsof-4.63-4.1

mingetty-1.06-2vmw

bash-2.05b-41.4

compat-libstdc++-7.3-2.96.128

groff-1.18.1-27

iproute-2.4.7-11.30E.1

nc-1.10-18

net-tools-1.60-20E.9

pam_passwdqc-1.0.2-1

patch-2.5.4-16

perl-5.8.0-90.4

perl-Filter-1.29-3

perl-HTML-Parser-3.26-17

perl-URI-1.21-7

perl-XML-Grove-0.46alpha-25

perl-libxml-perl-0.07-28

perl-libxml-enno-1.02-29

logrotate-3.6.9-1

setserial-2.17-12

slang-1.4.5-18

tcl-8.3.5-92.4

traceroute-1.4a12-20

vim-minimal-6.3.046-0.30E.4

usbutils-0.11-2

which-2.14-7

cracklib-dicts-2.7-22

zlib-1.1.4-8.1

libxml2-2.5.10-7

rpm-build-4.2.3-26vmw

binutils-2.14.90.0.4-39

cpp-3.2.3-53

findutils-4.1.7-9

grep-2.5.1-24.5

grub-0.93-4.8

krb5-libs-1.2.7-47

modutils-2.4.25-14.EL

gdb-6.3.0.0-1.62

less-378-12

nano-1.2.1-4

openssh-clients-3.6.1p2-33.30.9vmw

pam_krb5-1.77-1

psmisc-21.3-2

ftp-0.17-17

python-2.2.3-6.2

python-optik-1.4.1-2

rpm-python-4.2.3-26vmw

dev-3.3.12.3-1

ntp-4.1.2-4.EL3.1

kudzu-1.1.22.14-4.1.4

openssh-server-3.6.1p2-33.30.9vmw

ppp-2.4.1-14.1

samba-common-3.0.9-1.3E.10vmw

sysklogd-1.4.1-26_EL3

tar-1.13.25-14.RHEL3

telnet-0.17-26.EL3.3

tmpwatch-2.8.4-5

vim-common-6.3.046-0.30E.4

VMware-webCenter-esx-2.0.1-32041

cyrus-sasl-2.1.15-10

dhclient-3.0.1-10_EL3

glibc-devel-2.3.2-95.37

gcc-3.2.3-53

kernel-utils-2.4-8.37.12

openldap-2.0.27-20

openldap-clients-2.0.27-20

pciutils-2.1.10-7

nfs-utils-1.0.6-42EL

vixie-cron-4.1-11.EL3

VMware-esx-docs-3.0.1-32039

VMware-esx-tools-3.0.1-32039

VMware-esx-vmkctl-3.0.1-32039

VMware-esx-drivers-block-cciss-2.4.54-32039

VMware-esx-drivers-net-3c90x-1.0.2-32039

VMware-esx-drivers-net-bnx2-1.3.22-32039

VMware-esx-drivers-net-e1000-7.0.33.2vmw-32039

VMware-esx-drivers-net-s2io-1.7.6-32039

VMware-esx-drivers-scsi-aacraid_esx30-1.1.5.1vmw-32039

VMware-esx-drivers-scsi-aic79xx-6.3.9-32039

VMware-esx-drivers-scsi-ips-7.10.17.1vmw-32039

VMware-esx-drivers-scsi-megaraid2-2.10.7-32039

VMware-esx-drivers-scsi-mptscsi_2xx-2.6.34.1vmw-32039

VMware-esx-drivers-scsi-qla2300-v7.07-7.7.4.1vmw-32039

VMware-esx-drivers-scsi-qla4022-3.24-32039

VMware-esx-vmx-3.0.1-32039

ypbind-1.12-5.21.6

iptables-1.2.8-12.3

VMware-esx-srvrmgmt-3.0.1-32039

VMware-esx-backuptools-3.0.1-32039

VMware-esx-scripts-3.0.1-32039

VMware-esx-3.0.1-32039

VMware-cim-esx-3.0.1-32039

LGTOaama-5.1.2-1

VMware-vpxa-2.0.1-32042

I don’t know why VMware support said this is normal as eventually after hearing no answers I v'motioned everything off the host, removed it from the virtual infrastructure, rebooted it and added it back into the virtual infrastructure.

All these repeating root login's have now disappeared!

Hi,

are you still having this issues?

regards

gernot