Error when trying to rotate the svc-nsx-VC-FQDN service account on SDDC Manager -

"NSX is integrated with vLCM feature of vSphere system. Cannot disable two way authentication and service account creation functionality"

VCF 5.1.1

This error and entry appears in the NSX Manager /var/log/nsx-audit.log at the time of the rotation attempt -

Operation status="failure"

"credential_type":"UsernamePasswordLoginCredential"},
"create_service_account":false,
"set_as_oidc_provider":true,
"access_level_for_oidc":"FULL",
"reverse_proxy_https_port":443,
"multi_nsx":false,

The value for create_service_account being set to false is causing the issue observed, it needs to be set to true.

On the NSX Manager UI -  toggle the create_service_account value to true (yes) as follows:

• On the NSX Manager UI go to > System > System Overview > Configuration > Fabric > Compute Managers
• Select vCenter entry
• Select EDIT
• "Edit Compute Manager" appears
• Currently - "Create Service Account" is toggled to "No"
• Please toggle it to "Yes", click SAVE

Rotation of the svc-nsx-VC-FQDN service account on SDDC Manager is now expected to succeed.

Please see related documentation here - 
https://techdocs.broadcom.com/us/en/vmware-cis/nsx/vmware-nsx/4-1/installation-guide/installing-nsx-manager-cluster-on-vsphere/install-nsx-manager-and-available-appliances/add-a-compute-manager-1.html