Scheduled auto-rotation of passwords fails with "Entity not found with provided information" error
search cancel

Scheduled auto-rotation of passwords fails with "Entity not found with provided information" error

book

Article ID: 388426

calendar_today

Updated On:

Products

VMware SDDC Manager

Issue/Introduction

  • All or some of the scheduled auto-rotations of passwords fail:

  • Manual rotation of the passwords may succeed
  • No deployment locks are present
  • SDDC stored passwords for the entities are correct and not expired/locked
  • All accounts are 'Active' and not in a disconnected state in the SDDC UI
 
The /var/log/vmware/vcf/operationsmanager/operationsmanager.log indicates an issue with a specific auto-rotate id, in this example, id 626:
 
2025-01-28T00:00:00.113+0000 ERROR [vcf_om,0000000000000000,0000] [c.v.v.p.r.DiagnosticMessageProcessor,Thread-2140] Prevalidation of password ROTATE has failed, error : Entity not found with provided information.
2025-01-28T00:00:00.116+0000 ERROR [vcf_om,0000000000000000,0000] [c.v.v.p.r.NewPasswordTransactionHandler,Thread-2140] ROTATE operation with id : 626 failed !
 
 
It is also clear from the logs that the cronjob designed to clean up any scheduled password jobs that refer to accounts that have been changed (specifically where the credential id of an account has changed) is failing:
 

/var/log/vmware/vcf/operationsmanager/operationsmanager.log:

2025-01-28T23:04:00.230+0000 ERROR [vcf_om_0.0.0.0.0000] [o.s.s.s.TaskUtils$LoggingErrorHandler,pool-8-thread-1] Unexpected error occurred in scheduled task
java.lang.StackOverflowError: null
at java.base/java.lang.Long.toString(Long.java:1416)
at java.base/java.lang.StringConcatHelper.stringOf(StringConcatHelper.java:453)
at com.vmware.vcf.passwordmanager.persistence.entity.ScheduleCredentialEntity.toString(scheduleCredentialEntity.java:36)
at java.base/java.lang.String.valueOf(String.java:220)
 
 
 

Cause

This issue occurs due to duplicate entries in the passwordmanager.schedule_credentials table that prevents a scheduled cronjob from cleaning up stale credentials from the passwordmanager.schedule_credentials table.

Resolution

Please contact Broadcom VCF Support to assist with this issue

Powered by Wolken Software