• You are unable to register vSphere Replication appliance to vCenter 
• You deleted an old vSphere Replication appliance without unregistering it from vCenter properly leaving behind solution user remnants in vCenter.
• vSphere Replication appliance VAMI page displays the error when you 'Save and Restart' service. 

VAMI Configuration Error:
vSphere Replication Appliance configuration error:Unable to create solution user. Details: Unable to create principal. [ msgId: com.vmware.vr.config.unable_to_create_user; value: null; errorStacktrace : (sso.admin.fault.DuplicateSolutionCertificateFault) { } at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)

This error occurs due to the presence of an existing solution user in vCenter Users and Groups which is not synchronizing with the replication appliance. 

Note: Take snapshots/ Full backups of "ALL PSC/VCs participating in linked mode" in shutdown state before proceeding

1. Click on the Home icon of vSphere Web Client and click on Administration. 

2. Click on Users and Groups under Single Sign-On 


 

NOTE: From the picture above you’ll notice that there’s just about 2 of everything – vSphere Replication & SRM (Solution users); this is because I’m having 2 vCenters (vCenter Server with an embedded Platform Services Controller) in federated / linked mode. If you happen to encounter this configuration, you’ll need to run the following commands to find out the right solution user belonging to the vCenter you are targeting to DELETE. 
 

3. Login to your PSC or vCenter depending on the type of vCenter you have. The following commands must be run on PSC.
 

Type A - vCenter Server with an embedded Platform Services Controller
Type B - vCenter Server with an external Platform Services Controller
 

4. Run the following command – 
/usr/lib/vmidentity/tools/scripts/lstool.py list --url http://localhost/lookupservice/sdk > /tmp/psc_services.txt 
/usr/lib/vmidentity/tools/scripts/lstool.py list --url http://localhost:7080/lookupservice/sdk > /tmp/psc_services.txt 

You may have to use port # 7080 if the psc_services.txt file is empty. 
 

5. Compare the output with the list of solution users found in Users and Groups 
com.vmware.vr-349bd15f-4fce-40df-b799-a6e78081c714,vSphere Replication,11/10/2024 10:31 PM
com.vmware.vr-7af4dbac-38fc-4d81-a4b7-8862adf77b9c,vSphere Replication,11/10/2024 10:31 PM 

root@VCSA67PR [ /tmp ]# less psc_services.txt | grep -i vrms
        Name: vrms-7af4dbac-38fc-4d81-a4b7-8862adf77b9c--5865eced-8bff-4c9a-848a-48ecf7def639
        Service Type: com.vmware.vr.vrms
                URL: https://192.168.0.12:8043/download/com.vmware.vr.vrms_catalog.zip -> vCenter A
                        com.vmware.cis.common.resourcebundle.basename: cis.vcextension.com_vmware_vr_vrms.alarm:cis.vcextension.com_vmware_vr_vrms.auth:cis.vcextension.com_vmware_vr_vrms.event:cis.vcextension.com_vmware_vr_vrms.extension:cis.vcextension.com_vmware_vr_vrms.task:cis.vcextension.com_vmware_vr_vrms.messages:cis.vcextension.com_vmware_vr_vrms.fault:
        Name: vrms-349bd15f-4fce-40df-b799-a6e78081c714--735c27fd-cf67-4844-9d1b-02c1ea06cae0
        Service Type: com.vmware.vr.vrms
                URL: https://192.168.0.13:8043/download/com.vmware.vr.vrms_catalog.zip -> vCenter B
                        com.vmware.cis.common.resourcebundle.basename: cis.vcextension.com_vmware_vr_vrms.alarm:cis.vcextension.com_vmware_vr_vrms.auth:cis.vcextension.com_vmware_vr_vrms.event:cis.vcextension.com_vmware_vr_vrms.extension:cis.vcextension.com_vmware_vr_vrms.task:cis.vcextension.com_vmware_vr_vrms.messages:cis.vcextension.com_vmware_vr_vrms.fault: 

Now, you need to filter out the correct solution user belonging to the vCenter/PSC using the IP address highlighted above. 
 

6. Delete the solution user 
 

7. Now, Save and Restart vSphere replication service