Failed to remediate or update a Workspace One Admin password while it shows as disconnected on SDDC Manager Password Management UI.
search cancel

Failed to remediate or update a Workspace One Admin password while it shows as disconnected on SDDC Manager Password Management UI.

book

Article ID: 369553

calendar_today

Updated On:

Products

VMware SDDC Manager

Issue/Introduction

Symptoms:

  • A remediate or update Workspace One Admin password failed with the following error:  Failed to validate vIDM : Workspace_One_FQDN API user : admin credentials.
  •  operationsmanager.log contains errors similar to the excerpt below: 
    2024-05-31T10:17:41.691+0000 DEBUG [vcf_om,6659a3c5af8b0037103f1ff3fba9d9e9,3c02] [c.v.v.p.service.RestModelTranslator,http-nio-127.0.0.1-7300-exec-6] Successfully added causes to error cause list
    2024-05-31T10:17:41.691+0000 INFO  [vcf_om,6659a3c5af8b0037103f1ff3fba9d9e9,3c02] [c.v.v.p.service.RestModelTranslator,http-nio-127.0.0.1-7300-exec-6] Successfully created Workflow for workflowId : de5d68e5-####-####-####-########520
    2024-05-31T10:18:00.000+0000 DEBUG [vcf_om,6659a3d8c61a2e69b9107a9cbd1b7569,0bfe] [c.v.v.c.s.f.i.CertificateOperationsFacadeImpl,pool-6-thread-1] Clean validation result
    2024-05-31T10:18:09.995+0000 INFO  [vcf_om,6659a3e152b425183ec06050573cb75c,b05a] [c.v.v.p.r.PasswordManagerController,http-nio-127.0.0.1-7300-exec-8] Get password update task details 78f7c962-####-####-####-########464
    2024-05-31T10:18:09.996+0000 DEBUG [vcf_om,6659a3e152b425183ec06050573cb75c,b05a] [c.v.v.p.s.PasswordUpdateHistoryService,http-nio-127.0.0.1-7300-exec-8] Fetching the history item for UUID 78f7c962-####-####-####-########464
    2024-05-31T10:18:10.001+0000 DEBUG [vcf_om,6659a3e152b425183ec06050573cb75c,b05a] [c.v.v.p.service.RestModelTranslator,http-nio-127.0.0.1-7300-exec-8] Adding prevalidation task details of Password UPDATE transaction with id : 953 & workflowId : 78f7c962-####-####-####-########464
    2024-05-31T10:18:10.001+0000 INFO  [vcf_om,6659a3e152b425183ec06050573cb75c,b05a] [c.v.v.p.service.RestModelTranslator,http-nio-127.0.0.1-7300-exec-8] Prevalidation task details added successfully for workflowId : 78f7c962-####-####-####-########464
    2024-05-31T10:18:10.002+0000 ERROR [vcf_om,6659a3e152b425183ec06050573cb75c,b05a] [c.v.v.i.b.i.TranslationMessage,http-nio-127.0.0.1-7300-exec-8] Can't find resource for bundle java.util.PropertyResourceBundle, key PASSWORD_MANAGER_VALIDATE_WSA_API_CREDENTIALS_FAILED.remedy

Environment

VMware VCF 5.x

Workspace One 3.3.7

Cause

A Workspace One has two different Admin accounts:

  • One can be used to log in into: https://Workspace_One_FQDN:8443
  • And the second to log in into: https://Workspace_One_FQDN:443

The issue is caused by a mismatched passwords between the Workspace One Admin password used to log in (https://Workspace_One_FQDN:443) and the Workspace One Admin password stored in the SDDC Manager database.

 

 

Resolution

  1. From https://Workspace_One_FQDN:443, reset the admin password to the same as the one on SDDC Manager
  2. Then rotate the Workspace One Admin password from SDDC Manager UI.

Additional Information

This could also be caused if the password is not propagated to external endpoints that use vIDM for authentication, such as vROPS and vRLI.

Admin Account Continuously Locked Due to Incorrect Password Attempts from Integrated Endpoints in VMware Identity Manager (378617)