vCenter Server domain repoint fails with "Source Platform Services Controller details provided are incorrect."
search cancel

vCenter Server domain repoint fails with "Source Platform Services Controller details provided are incorrect."

book

Article ID: 369691

calendar_today

Updated On:

Products

VMware vCenter Server 7.0 VMware vCenter Server 8.0

Issue/Introduction

  • Attempting to repoint a vCenter Server to a new domain fails, stating "Source Platform Services Controller details provided are incorrect. Check the credentials"
  • This error typically occurs when either the source or destination appliances involved in the domain repoint command are configured to use a network proxy. 
  • The failure is associated with a failure to authenticate or connect due to the proxy's interference. 

  • The error is logged in the following files:

    • /var/log/vmware/cloudvm/domain_consolidator.log
      Example error log:

YYYY-MM-DDTHH:MM:SS.337Z INFO domain_consolidator validating saml token
YYYY-MM-DDTHH:MM:SS.338Z ERROR domain_consolidator Failed to validate sso credentials. Error <urlopen error timed out>Source Platform Services Controller details provided are incorrect. Check the credentials
YYYY-MM-DDTHH:MM:SS.339Z INFO domain_consolidator Invalid user input entered.

    • /var/log/vmware/cloudvm/cmsso_util.log
      Example error log:

YYYY-MM-DDTHH:MM:SS.337Z INFO cmsso_util Error in retrieving appliance type of server vcenter.example.com: HTTPSConnectionPool(host='vcenter.example.com', port=443): Max retries exceeded with url: /rest/vcenter/system-config/deployment-type (Caused by ProxyError('Cannot connect to proxy.', OSError('Tunnel connection failed: 504 Gateway Timeout'))).

 

  • These log entries indicate that the vCenter Server is having trouble connecting to the Platform Services Controller (PSC) due to proxy-related issues.
  • The timeout and the proxy error (504 Gateway Timeout) suggest that the server is unable to reach the necessary resources due to the proxy blocking or limiting the connection.

Environment

vCenter Server 7.0.x

vCenter Server 8.0.x

Cause

  1. The root cause of this issue is related to the network proxy that the vCenter Server is configured to use.
  2. The proxy can block or interfere with the necessary communication between the vCenter Server and the Platform Services Controller during the domain repoint operation. This results in connection timeouts or inability to validate the credentials properly, causing the repoint process to fail.
  3. This issue can also occurs due to stale PSC or VC entries in the vCenter server

Resolution

  • To resolve this issue, temporarily remove the proxy configuration from the vCenter Server before attempting the domain repoint.
  • By doing so, the vCenter Server will be able to establish an unimpeded connection to the Platform Services Controller, allowing the repoint operation to complete successfully.

NOTE: Ensure to take a no memory snapshot of the vCenter server if it is standalone or powered off snapshots of all vCenter servers if they are in linked mode before the above process

Additional Information

The issue can be resolved by executing the following command on the affected system.
Case :36632893

cmsso-util domain-repoint -m pre-check --src-emb-admin Administrator --replication-partner-fqdn vcenter.domain.com -replication-partner-admin Administrator --dest-domain-name vsphere.local

Powered by Wolken Software