Error "com.vmware.vapi.std.errors.already_exists" in vCenter Server 7.0
book
Article ID: 336298
calendar_today
Updated On:
Products
VMware vCenter Server
Issue/Introduction
Symptoms: Error com.vmware.vapi.std.errors.already_exists is reported when calling the Create method of com.vmware.vcenter.trusted_infrastructure.trust_authority_clusters.ConsumerPrincipals on a Trust Authority cluster with a newly moved in host.
Environment
VMware vCenter Server 7.0.x
Cause
When you remove an ESXi host from a Trusted Cluster or Trust Authority cluster, the host continues to retain its vSphere Trust Authority configuration. If you try to use the same host in any Trust Authority it first must be decommissioned by following a specific procedure. This is a necessary step the user must perform in order to remove the existing vSphere Trust Authority configuration if they desire to continue using the host. Failing to perform the decommission procedure results in a security risk and undefined behavior if the user decides to use the host in other Trusted Infrastructure clusters. Decommissioning a host removes its vSphere Trust Authority configuration.
Resolution
Prerequisites
You must be a Trust Authority Administrator.
Do not perform any other operations on the ESXi host when running the script
Steps:
Remove the ESXi host from the Trust Authority or Trusted cluster.
Remove the ESXi from the vCenter inventory.
Use SSH or another remote console connection to start a session on the ESXi host.
Log in as the root user.
Extract the script from the attached file (available under Attachment) trusted-infra-decommission-esx.zip.
Copy the script trusted-infra-decommission-esx.sh to the ESXi host.
Run the trusted-infra-decommission-esx.sh bash script. It could be needed to grant execution rights first.
Once the decommission process has finished, a reboot is required. The script will ask at the end whether you want to perform it now. Type "Y" for yes or "N" for no and press Enter.
When the reboot is complete. Re-add the ESXi host to the vCenter inventory.
Call again the Create method of com.vmware.vcenter.trusted_infrastructure.trust_authority_clusters.ConsumerPrincipals on the Trust Authority cluster.