• You are trying to register a Compute Manager on NSX Manager with the option Create Service Account enabled.
• The registration fails with the message: Failed to create service account due to errors : null
• In the NSX Manager logs, under /var/log/cm-inventory/cm-inventory.log, insufficient privileges are seen during the pre-deletion (or creation) of the service account, similar to:
  

  2024-01-02T01:02:03.004Z ERROR task-executor-1-5 LcmRestClient 4111 FABRIC [nsx@6876 comp="nsx-manager" errorCode="MP31815" level="ERROR" subcomp="cm-inventory"] Error during POST rest request /rest/vcenter/svc-account-mgmt/service-account?action=delete , retry trial 2 , err com.vmware.nsx.management.lcm.common.exception.LcmRestException: Error in rest call. url= //rest/vcenter/svc-account-mgmt/service-account?action=delete , method= POST , response= FORBIDDEN: {"type":"com.vmware.vapi.std.errors.unauthorized","value":{"error_type":"UNAUTHORIZED","messages":[{"args":[],"default_message":"Insufficient privileges. Contact the Administrator to get the required privileges.","id":"com.vmware.vapi.authorization.permission.denied"}]}} .

• In the NSX Manager logs, under /var/log/cm-inventory/cm-inventory.log, the error from the NSX UI can be seen, similar to:
  

  registration_error {   error_message {     value: "Failed to create service account due to errors : null"   }   timestamp: 1704157323001   error_code: 40209 }

Note: The preceding log excerpts are only examples. Date, time, and environmental variables may vary depending on your environment.

Upon registration of the vCenter with the option Create Service Account enabled, the NSX Manager will attempt to delete any existing service account with the expected name for the vCenter service account used by NSX, then create a fresh account. If the deletion fails because the service account doesn't already exist, then the fresh one is created. However, if the deletion fails due to a permission issue, then the registration is marked as failed.

To resolve this issue, please provide sufficient privileges to the account used for the vCenter registration, referring to the list of prerequisites in the product documentation to Add a Compute Manager.