ADFS configuration fails with IDENTITY_PROVIDER_BAD_REQUEST after upgrading only the SDDC Manager to VCF 5.1.x BoM

search cancel

ADFS configuration fails with IDENTITY_PROVIDER_BAD_REQUEST after upgrading only the SDDC Manager to VCF 5.1.x BoM

book

Article ID: 314653

calendar_today

Updated On:

Products

VMware Cloud Foundation

Issue/Introduction

Symptoms:

ADFS configuration fails with IDENTITY_PROVIDER_BAD_REQUEST after upgrading only SDDC Manager to VCF 5.1.x BoM (i.e vCenter Server has not yet been upgraded to the VCF 5.1.x BoM)

Environment

Vmware Cloud Foundation 5.1
VMware Cloud Foundation 5.1.1

Cause

ADFS configuration from SDDC Manager fails in the vCenter with the following error:

{
     "errorCode": "IDENTITY_PROVIDER_BAD_REQUEST",
     "arguments": [],
     "message": "Identity Bad request",
     "causes": [
         {
             "type": "com.vmware.vcf.vapi.vsphere.VcIdentityProviderBadRequestException",
             "message": "Unable to get field \u0027spec\u0027, no field of that name found;"
         }
     ],
     "referenceToken": "8K7FNL"
}

The following stack trace can be seen in the commonsvcs logs:

2023-11-16T07:02:55.872+0000 ERROR [common,6564804fff444f9b,6196] [c.v.e.s.i.r.a.c.v.IdentityProviderController,http-nio-127.0.0.1-7100-exec-12] Unable to add identity provider because
{"error_type":"INVALID_ARGUMENT","messages":[{"args":["spec"],"default_message":"Unable to get field 'spec', no field of that name found","id":"vapi.data.structure.getfield.unknown"}]}
2023-11-16T07:02:55.876+0000 DEBUG [common,6564804fff444f9b,6196] [c.v.e.s.e.h.LocalizableRuntimeExceptionHandler,http-nio-127.0.0.1-7100-exec-12] Processing localizable exception Identity Bad request
2023-11-16T07:02:55.877+0000 ERROR [common,6564804fff444f9b,6196] [c.v.e.s.e.h.LocalizableRuntimeExceptionHandler,http-nio-127.0.0.1-7100-exec-12] [52N2NN] IDENTITY_PROVIDER_BAD_REQUEST Identity Bad request
com.vmware.evo.sddc.identity.rest.api.error.IdentityProviderBadRequestException: Identity Bad request
    at com.vmware.evo.sddc.identity.rest.api.controller.v1.IdentityProviderController.addExternalIdentityProvider(IdentityProviderController.java:307)
    at com.vmware.evo.sddc.identity.rest.api.controller.v1.IdentityProviderController$$FastClassBySpringCGLIB$$f61f6fcb.invoke(<generated)
    .....
Caused by: com.vmware.vcf.vapi.vsphere.VcIdentityProviderBadRequestException: Unable to get field 'spec', no field of that name found;
    at com.vmware.vcf.vapi.vsphere.VcIdentityProviderResponseErrorHandler.handleError(VcIdentityProviderResponseErrorHandler.java:84)
    at org.springframework.web.client.RestTemplate.handleResponse(RestTemplate.java:825)
    at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:783)
    at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:717)
    at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:608)
    at com.vmware.vcf.vapi.vsphere.VapiRestClient.exchange(VapiRestClient.java:147)
    at com.vmware.vcf.vapi.vsphere.VapiRestClient.exchange(VapiRestClient.java:98)
    at com.vmware.vcf.vapi.vsphere.VcIdentityProviderServiceImpl.addIdentityProvider(VcIdentityProviderServiceImpl.java:73)
    at com.vmware.evo.sddc.identity.services.IdentityProviderServiceImpl.addVcIdentityProvider(IdentityProviderServiceImpl.java:1169)
    at com.vmware.evo.sddc.identity.services.IdentityProviderServiceImpl.addExternalIdentityProvider(IdentityProviderServiceImpl.java:1361)
    at com.vmware.evo.sddc.identity.rest.api.controller.v1.IdentityProviderController.addExternalIdentityProvider(IdentityProviderController.java:300)
   ... 124 common frames omitted

Resolution

Upgrade the vCenter Server to a minimum of version 8.0 U2a (VCF 5.1 BoM)

Workaround:

Configure ADFS from vCenter Server UI directly.

Feedback

thumb_up Yes

thumb_down No