VMware Identity Manager ACS Health shows red X and an error
search cancel

VMware Identity Manager ACS Health shows red X and an error

book

Article ID: 315175

calendar_today

Updated On:

Products

VMware Aria Suite

Issue/Introduction

Some sections of the UI may not function without ACS functioning

The ACS Health section of System Diagnostics shows an error:

"Error when connecting to the application"

 

Due to the ACH Health issue, the Inventory Sync for vIDM in Aria Suite Lifecycle will also fail, displaying the following error. Additionally, Aria Automation may display a "Bad Gateway" error on the webpage.

Error Code: LCMVIDM71059
Failed to promote default configuration user as an admin.Retry after providing necessary details.
Failed to promote local user to tenant admin on vIDM host xxxxx.xxxx.xxxxx.com. Exception message: vIDM GET Association Ruleset failed with status code : 404. API Response : <!DOCTYPE html> <html> <head> <title>Identity Manager</title> <link rel="shortcut icon" href="/img/favicon.ico" type="image/x-icon"> <link rel="stylesheet" type="text/css" href="/error/css/base.css"/> </head> <body class="horizon one-col"> <div class="admin-header"> <div class="admin-header-inner"> <div class="admin-header-org">Identity Manager</div> </div> </div> <div class="content clearfix"> <div class="content-inner"> <div class="error-message clearfix"> <div class="float-l ico-16 ico-error"></div> <div class="text" id="errorMessage"> </div> </div> </div> </div> <div class="footer clear"> <div class="footer-inner"> <div class="footer-text" id="footerText"> </div> </div> </div> <script type="text/javascript" src="/error/error.js"></script> <script type="text/javascript"> window.onload = function(){ initLocalization("404"); }; </script> </body> </html>

Environment

VMware Identity Manager 3.3.x

Cause

There may be a lock here in the Postgres saas DB:

select * from ACS_DatabaseChangeLogLock;

(true and lock information shown)

Resolution

Stop Horizon, the main vIDM service:

systemctl stop horizon-workspace

 

Log in to the PSQL DB and remove the lock:

cat /usr/local/horizon/conf/db.pwd    (Note the password for the DB)

/opt/vmware/vpostgres/current/bin/psql -U horizon saas

update ACS_DatabaseChangeLogLock SET LOCKED=false, LOCKGRANTED=null, LOCKEDBY=null where ID=1;

\q

And restart the Horizon service:

systemctl start horizon-workspace

 

 

Additional Information

Impact/Risks:

horizon-workspace service stop/start will cause a brief downtime of vIDM, including user logins.

 

Powered by Wolken Software