Installing vCenter Single Sign On fails with the error: Unable to create database users: Password validation failed

search cancel

Installing vCenter Single Sign On fails with the error: Unable to create database users: Password validation failed

book

Article ID: 302139

calendar_today

Updated On:

Products

VMware

Issue/Introduction

Symptoms:

When you attempt to install vCenter Single Sign On (SSO) using an existing database or the bundled SQL Express database, the installation fails.
The vCenter Server 5.1 installer displays the error:

Error 29114. Cannot connect to DB
When you view the installer log in C:\Program Files\VMware\Infrastructure\SSOServer\utils\logs\install.log, you see errors similar to:

2012-09-17 - Hostname.domain.com,,,,Creating database users 2012-09-17 - Hostname.domain.com,,,,Processing SQL file: /rsaIMSLiteMSSQLSetupUsers.sql 2012-09-17 - Hostname.domain.com,,,,ERROR: Unable to create database users: Password validation failed. The password does not meet Windows policy requirements because it is too short. com.rsa.tools.common.action.exception.ExitException: Unable to create database users: Password validation failed. The password does not meet Windows policy requirements because it is too short.

Cause

The passwords for the RSA_USER and RSA_DBA users are automatically generated by the SSO installation script, unless these users are manually created.

This issue occurs when the environment where SSO is being installed has password complexity policies that are more strict than the default password generated by the SSO installer.

Resolution

This issue is resolved in VMware vCenter Server 5.1.0a released on October 25, 2012. For more information see the VMware vCenter Server 5.1.0a Release Notes.

To download vCenter Server 5.1.0a, see the VMware Download Center.

Note: There are two different database methodologies that can be used when installing SSO, either using the bundled version of SQL Express that will install automatically, or using a standalone full version of MS SQL which has already been installed and configured. For more information, see the vSphere Installation and Setup Guide.

To work around this issue if you are not able to upgrade:

Install SSO on a machine that is not in the domain, or does not have specific password policy requirements.
If installing SSO outside the domain is not an option in your environment, use one of these workarounds depending on the database in use:
- To work around this issue when using the bundled SQL Express:
  1. Remove the SSO server from the domain and reboot.
  2. Install SSO using the bundled SQL Express, and verify the vCenter Single Sign On service is running.
  3. Connect to the database (.\VIM_SQLEXP) using SQL Management Studio Express and change the RSA_USER password to comply with the policies in the environment.
  4. Update the SSO configuration:
    1. Open a command prompt and navigate to C:\Program Files\VMware\Infrastructure\SSOServer\utils, and run this command:
      
      ssocli configure-riat -a configure-db --rsa-user-password -m
    2. Update the C:\Program Files\VMware\Infrastructure\SSOServer\webapps\lookupservice\WEB-INF\classes\config.properties file to reflect the new password. Search for this line and edit it:
      
      db.pass=new_password
  5. Restart the SSO service to verify that it starts.
  6. Join the SSO server back to the domain.
  7. Verify the vCenter Single Sign On service is running.
- To work around this issue when using the full version of MS SQL:
  Create the RSA_USER and RSA_DBA users using the provided script, and ensure that you use a password which complies with the installation environment. (The script is named rsaIMSLiteMSSQLSetupUsers.sql, and is included on the vCenter Server 5.1 install media.)
  For more information on RSA user creation, see the vSphere Installation and Setup Guide.

Additional Information

vCenter Single Sign On のインストールがエラー [Unable to create database users: Password validation failed] で失敗する

Feedback

thumb_up Yes

thumb_down No