Unable to access Aria Orchestrator UI after certificate replacement.
search cancel

Unable to access Aria Orchestrator UI after certificate replacement.

book

Article ID: 387439

calendar_today

Updated On:

Products

VCF Operations/Automation (formerly VMware Aria Suite)

Issue/Introduction

Launching Orchestrator from Aria Automation does not complete with a spinning circle icon continuously.

Orchestrator launches work when using the Orchestrator fqdn directly. 


The error below is visible in /services-logs/prelude/vco-app/file-logs/vco-server-app.log

 

"Logins are restricted to the default for this Orchestrator organization"

Environment

VMware Aria Orchestrator 8.x

Cause

The issue can be caused by a misconfiguration of the authentication provider. 

Resolution

Ensure there is a snapshot of the Orchestrator Appliance before applying the below steps.

  1. SSH to the VRO node
  2. Execute: vracli vro get-auth [Verify it returns CSP auth configuration settings, which should NOT be present in this setup]
  3. Execute:  vracli vro reset-auth [This will clear the settings returned by the command in Step 2.]
  4. Execute:  /opt/scripts/deploy.sh to redeploy the pods.
  5. Verify that the command vracli vro get-auth does not return any output
  6. Execute: kubectl describe deployment -n prelude vco-app and verify that the install rpms container has the AUTH_PROVIDER env variable set to "basic"
  7. Login to VRO Control Center and unregister/register the proper authentication provider [Reference article : Change the authentication provider]
  8. Redeploy pods: /opt/scripts/deploy.sh
  9. Verify that the user is redirected to login page and logs in successfully when accessing external Orchestrator

For Aria Automation/Orchestrator versions 8.18.1 and above , please change the authentication provider as per the document here as Control center is unavailable.

Powered by Wolken Software