Error while trying to configure External IDP federation (via Azure AD) within ipv6 enabled vCenter
Article ID: 313291
Updated On:
Products
VMware vCenter Server
Issue/Introduction
Symptoms:
When trying to setup Azure Identity Provider in 8.0U2, customer gets:
"Could not create indirect identity provider: Failed to create identity provider with IDP name Azure AD for tenant customer on host ...."
When trying to setup Azure Identity Provider in 8.0U2, customer gets:
"Could not create indirect identity provider: Failed to create identity provider with IDP name Azure AD for tenant customer on host ...."
Environment
VMware vCenter Server 8.0.2
Cause
vCenter ipv6 does not support Azure AD completely.
Resolution
Currently there is no resolution to the issue.
Workaround:
Pre-Requisite:
- Take snapshot/backup of VC.
- In case of ELM, Please power off all nodes and take offline snapshot of all nodes in ELM.
To workaround the issue, please follow the below mentioned steps:
-
ssh to vCenter
-
Go to /storage/containers/vc-ws1a-broker/
-
There will be a folder for that container, for example the folder will be something like: 4b9f28d104b7f326e669df8dce0fdb36cf8ca32c3af1148b3b4f88a0a0a2ce2
-
Edit the config.json file
To the "JAVA_OPTS= ..." at the end of the line add "-Djava.net.preferIPv6Addresses=true".
-
Restart the ws1b.
$ vmon-cli --restart vc-ws1a-broker
Feedback
Yes
No
Powered by
