vpxd-svcs Service fails to start with Error InsufficientRightsLdapException: Insufficient accessLDAP error [code: 50]
search cancel

vpxd-svcs Service fails to start with Error InsufficientRightsLdapException: Insufficient accessLDAP error [code: 50]

book

Article ID: 319956

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

Symptoms:

  • vpxd-svcs service will fail to start.
  • Below log snippets will be found under /var/log/vmware/vpxd-svcs/vpxd-svcs.log

  [main INFO StartUp.ErrorLog] Caught the Exception.com.vmware.identity.interop.ldap.InsufficientRightsLdapException: Insufficient accessLDAP error [code: 50]
        at com.vmware.identity.interop.ldap.LdapErrorChecker$29.RaiseLdapError(LdapErrorChecker.java:426)
        at com.vmware.identity.interop.ldap.LdapErrorChecker.CheckError(LdapErrorChecker.java:1090)
        at com.vmware.identity.interop.ldap.OpenLdapClientLibrary.CheckError(OpenLdapClientLibrary.java:1226)
        at com.vmware.identity.interop.ldap.OpenLdapClientLibrary.ldap_add_s(OpenLdapClientLibrary.java:766)
        at com.vmware.identity.interop.ldap.LdapConnection$1.call(LdapConnection.java:206)
        at com.vmware.identity.interop.ldap.LdapConnection$1.call(LdapConnection.java:203)
        at com.vmware.identity.interop.ldap.LdapConnection.execute(LdapConnection.java:715)
        at com.vmware.identity.interop.ldap.LdapConnection.addObject(LdapConnection.java:202)
        at com.vmware.identity.interop.ldap.LdapConnection.addObject(LdapConnection.java:162)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at com.vmware.cis.lotus.LdapConnectionFactory$2.invoke(LdapConnectionFactory.java:292)
        at com.sun.proxy.$Proxy7.addObject(Unknown Source)
        at com.vmware.cis.lotus.LdapUtils.addBranchPointEntry(LdapUtils.java:171)
        at com.vmware.cis.core.authz.accesscontrol.impl.LotusInitializer.initLdapImpl(LotusInitializer.java:50)
        at com.vmware.cis.core.authz.accesscontrol.impl.LotusInitializer.<init>(LotusInitializer.java:30)
        at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
        at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
        at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
        at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
        at org.springframework.beans.BeanUtils.instantiateClass(BeanUtils.java:142)
        .
        .
         at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:197)
        at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:742)
        at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:867)
        at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:543)
        at org.springframework.context.support.ClassPathXmlApplicationContext.<init>(ClassPathXmlApplicationContext.java:139)
        at org.springframework.context.support.ClassPathXmlApplicationContext.<init>(ClassPathXmlApplicationContext.java:93)
        at com.vmware.vim.dataservices.DataService.getService(DataService.java:150)
        at com.vmware.vim.dataservices.VpxdSvcsMain$Main_Vmon.start(VpxdSvcsMain.java:47)
        at com.vmware.vim.dataservices.VpxdSvcsMain.main(VpxdSvcsMain.java:34)

Environment

VMware vCenter Server 6.7.x

Cause

This issue occurs when the Hostname of one of the PSC is missing under DCClient in the affected vCenter.

Note: This issue usually occurs if the External PSC is behind a Load Balancer.

Resolution

  • Take offline Snapshots of all the vCenter and External PSCs.
  • Connect to the External PSC using JXplorer.
  • Go to Builtin and expand it => DCClient and See which Computer is not a member 
  • Select table editor => Right-click => select add another value with DN value of vCenter and add the vCenter FQDN.
  • And then restart all the services on all the PSC and vCenters accordingly using below command.
    service-control --stop --all && service-control --start --all


Note: Select a PSC node that Read and write privileges in order to perform above steps. 

Powered by Wolken Software