Adding new a license or SSO user fails with error: "operation failed for the entity"
search cancel

Adding new a license or SSO user fails with error: "operation failed for the entity"

book

Article ID: 344675

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

To guide you through expanding the size of the VMware Directory (VMDIR) service database to allow for adding of further licenses and other VMDIR related objects.

Symptoms:

  • When adding a new license it fails with error: 
    The "Create new licenses" operation failed for the entity with "Storage error."
  • When adding a new user to the vsphere.local SSO domain, the operation fails with error: 
    The "New user" operation failed for the entity with "A vCenter Single Sign-On service error occurred."
  • In the vSphere Client log file /var/log/vmware/vsphere-client/logs/vsphere_client_virgo.log, you see entries similar to: 
    [<YYYY-MM-DD>T<TIME>] [ERROR] http-bio-9090-exec-3917 <thread_ID> c.v.l.client.cis.management.adapter.LicenseMutationProvider Unable to execute license mutation operation: com.vmware.vim.binding.cis.license.fault.ManagementFault: Failed to add licenses
  • In the license service log file /var/log/vmware/cis-license/license.log, you see entries similar to: 
    <DATE/TIME> pool-2-thread-1 operationID=<operation_ID> ERROR server.core.management.vmomi.SystemManagementServiceMoImpl Failed to add licenses com.vmware.cis.license.embedded.server.core.management.exception.StorageException: Failed to add licenses
Caused by: com.vmware.cis.license.embedded.server.core.management.dao.licstorage.CisLicenseStorageDaoException: com.vmware.cis.license.embedded.server.common.repository.RepositoryException: com.vmware.identity.interop.ldap.UnwillingToPerformLdapException: Server is unwilling to perform
LDAP error [code: 53]




Environment

VMware vCenter Server 6.x

Cause

This issue occurs when the VMware Directory (VMDIR) database reaches its default size limit of 1024 MB.

VMDIR growth is often caused by tombstone accumulation. The VMDIR process does not delete entries that have been removed, they are marked for deletion. These entries marked for deletion are known as tombstones. 

Resolution

To resolve this issue, follow the steps outlined in KB Troubleshooting and addressing accumulation of tombstones in a Platform Services Controller to reclaim space within the VMDIR database. 

Workaround:
To work around this issue, you can increase the size of the VMDIR database by following the steps below:

  1. Connect to the external Platform Services Controller (PSC) or embedded vCenter Server Appliance (VCSA) via SSH.
  2. Run the command below to increase the maximum size of the VMDIR database: 
    /opt/likewise/bin/lwregshell add_value "[HKEY_THIS_MACHINE\Services\vmdir\Parameters]" "MaximumDbSizeMb" REG_DWORD 2048;
  3. Confirm the value has been created using the command below: 
    /opt/likewise/bin/lwregshell list_values "[HKEY_THIS_MACHINE\Services\vmdir\Parameters]" | grep MaximumDbSizeMb;
You should see output similar to: 
+  "MaximumDbSizeMb"                  REG_DWORD       0x00000800 (2048)


  1. Restart the VMDIR service using the command below: 
    service-control --stop vmdird;service-control --start vmdird;
  2. Reattempt adding a new license or user through the Web Client.
Powered by Wolken Software