Cannot remove obsolete solution users from the Lookup Service using the vSphere Web Client
book
Article ID: 343622
calendar_today
Updated On:
Products
VMware vCenter ServerVMware vSphere ESXi
Issue/Introduction
If the Single Sign On service is stopped when you uninstall a solution (for example, vRealize Orchestrator (formerly known as VMware vCenter Orchestrator)), the entries related to the solution are not removed from Single Sign On or the Lookup Service. Specifically, the application user name and the service entry for the solution are not removed. Because the vSphere Web Client does not give enough information to determine which application user belongs to the obsolete or orphaned solution, you must generate a list of all services registered with the Lookup Service at the command line. You can use the list to determine which application user to remove in the vSphere Web Client.
Environment
VMware vSphere Web Client 5.1.x VMware vCenter Server 5.1.x VMware vCenter Server 5.5.x VMware vSphere Web Client 5.5.x
Resolution
Open a Command Prompt as an elevated (Administrator) user.
Generate a list of all services that are registered with the Lookup Service. vSphere 5.1
For Windows-based vCenter Server: SSO install directory\ssolscli\ssolscli listServices Lookup_Service_URL
In the list of services, locate the service entry that contains the address of the system where the solution was installed.
Record the ownerId of the service entry.
In the vSphere Web Client, navigate to Administration > SSO Users and Groups > Application Users and locate the application user with the same name as the ownerId you recorded.
Right-click the user and select Delete Application User.
At the command line, remove the service entry from the Lookup Service.
Create a text file that contains the service ID using this command: ssolscli.cmd listServices https://vCenter_Single_Sign-on_FQDN:7444/lookupservice/sdk> c:\sso_services.txt
In the text file, you see output similar to: vSphere 5.1
Service 1 ----------- serviceId={93135931-7B87-4B11-B6FC-236A8849B728}:2 serviceName=The security token service interface of the SSO server type=urn:sso:sts endpoints={[url=https://FQDN:7444/ims/STSService?wsdl,protocol=wsTrust]} version=1.0 description=The security token service interface of the SSO server ownerId= productId= viSite={93135931-7B87-4B11-B6FC-236A8849B728}
Service 2 ----------- serviceId={93135931-7B87-4B11-B6FC-236A8849B728}:1 serviceName=The administrative interface of the SSO server type=urn:sso:admin endpoints={[url=https://FQDN:7444/sso-adminserver/sdk,protocol=vmomi]} version=1.0 description=The administrative interface of the SSO server ownerId= productId= viSite={93135931-7B87-4B11-B6FC-236A8849B728}
Service 3 ----------- serviceId={93135931-7B87-4B11-B6FC-236A8849B728}:10 serviceName=VMware vSphere Web Client type=urn:com.vmware.vsphere.client endpoints={[url=https://FQDN:9443/vsphere-client,protocol=vmomi]} version=5.1 description=VMware vSphere Web Client Service ownerId=WebClient_2013.05.06_065556 productId= viSite={93135931-7B87-4B11-B6FC-236A8849B728}
vSphere 5.5
Service 1 ----------- serviceId=Site Name:02dde295-422a-403e-b32c-1e40c3f188fd serviceName=vCenterService type=urn:vc endpoints={[url=https://FQDN:443/sdk,protocol=vmomi]} version=5.5 description=vCenter Server [email protected] productId= viSite=Site Name
Service 2 ----------- serviceId=Site Name:811660f9-f110-4ee7-8f9e-dc0dd1d062fe serviceName=VMware Log Browser type=urn:logbrowser:logbrowser endpoints={[url=https://FQDN:12443/vmwb/logbrowser,protocol=unknown],[url=https://WVC08.blarblarblar.local:12443/authentication/authtoken,protocol=unknown]} version=1.0.154491 description=Enables browsing vSphere log files within the VMware Web Client ownerId=WebClient_2014.03.05_125106 productId= viSite=Site Name
Service 3 ----------- serviceId=Site Name:7b8b41f0-00e7-47e9-ad67-4979768ba9f2 serviceName=VMware vSphere Web Client type=urn:com.vmware.vsphere.client endpoints={[url=https://FQDN:9443/vsphere-client,protocol=vmomi]} version=5.5 description=VMware vSphere Web Client Service ownerId=WebClient_2014.03.05_125106 productId= viSite=Site Name
Delete all the entries from this file except serviceId that must be unregistered. For example, for service 3:
From vSphere 5.1, the serviceId is:
{93135931-7B87-4B11-B6FC-236A8849B728}:10
The file should appear similar to:
From vSphere 5.5, the serviceId is:
Site Name:7b8b41f0-00e7-47e9-ad67-4979768ba9f2
The file should appear similar to:
Run the unregisterService command to unregister the entry for the solution.
Note: It may be necessary to Set your JAVA_HOME environmental variable (default jre location below). vSphere 5.1
set JAVA_HOME=c:\program files\vmware\infrastructure\jre
vSphere 5.5
SET JAVA_HOME=C:\Program Files\Common Files\VMware\VMware vCenter Server - Java Components