Endpoint Protection goes into failed state and shows error: "Could not find service definition for the given service definition id"
Article ID: 319035
Updated On:
Products
VMware NSX
Issue/Introduction
Symptoms:
- NSX version is 3.x or 4.x
- When a user unregisters and re-registers Endpoint Protection service with an NSX Manager, the Service Profile for Endpoint Protection goes into failed state and shows error: "Could not find service definition for the given service definition id" on 3.x
- On NSX 4.x, the error seen in the UI is "ServiceDefinition id <service-id> <service-name> not found on MP"
Cause
When an Endpoint Protection service profile is created from the UI, it creates a Policy object known as a service reference for the particular service that is registered to the NSX Manager. If the user later wants to remove the service, the service deployments, endpoint rules and service profile are removed from the UI, and the Endpoint Protection service is unregistered from the NSX manager.
If the user attempts to register the service again with the same NSX manager, the operation succeeds.
However, when creating a new service profile, a stale service reference of the earlier service definition is found. As the earlier service has already been deleted, the operation throws the error: "Could not find service definition for the given service definition id."
If the user attempts to register the service again with the same NSX manager, the operation succeeds.
However, when creating a new service profile, a stale service reference of the earlier service definition is found. As the earlier service has already been deleted, the operation throws the error: "Could not find service definition for the given service definition id."
Resolution
No resolution at this time.
Workaround:
1. First delete Endpoint Protection Rules attached to failed Service Profiles and also delete failed Service Profiles in NSX.
2. Check API GET /policy/api/v1/infra/service-references API.
3. Delete particular service reference pointing to the service using API
DELETE /policy/api/v1/infra/service-references/<id>
4. Switch back and forth in Service Profiles tab.
5. Try to recreate Service Profile.
Workaround:
1. First delete Endpoint Protection Rules attached to failed Service Profiles and also delete failed Service Profiles in NSX.
2. Check API GET /policy/api/v1/infra/service-references API.
3. Delete particular service reference pointing to the service using API
DELETE /policy/api/v1/infra/service-references/<id>
4. Switch back and forth in Service Profiles tab.
5. Try to recreate Service Profile.
Feedback
Yes
No
Powered by
