Adding exception users list using host profile to ESXi host, fails with: Cannot apply the host configuration.
search cancel

Adding exception users list using host profile to ESXi host, fails with: Cannot apply the host configuration.

book

Article ID: 391802

calendar_today

Updated On: 05-13-2025

Products

VMware vSphere ESXi

Issue/Introduction

Adding exception users list using host profile to ESXi host, fails with: Cannot apply the host configuration.

hostd.log: - hostd complains about user not found.

2025-03-24T07:22:05.920Z In(166) Hostd[1049634]: [Originator@6876 sub=Vimsvc.TaskManager opID=m886brhd-27623-auto-lbn-h5:70002848-e9-01-de-78fb-7929 sid=52212be5 user=vpxuser] Task Created : haTask-ha-host-vim.host.HostAccessManager.updateLockdownExceptions-251532
2025-03-24T07:22:05.921Z Wa(164) Hostd[1049629]: [Originator@6876 sub=UserDirectory opID=m886brhd-27623-auto-lbn-h5:70002848-e9-01-de-78fb-7929 sid=52212be5 user=vpxuser] User lookup failed for 'gs.global/abc'
2025-03-24T07:22:05.921Z Er(163) Hostd[1049629]: [Originator@6876 sub=Vimsvc.AuthorizationManager opID=m886brhd-27623-auto-lbn-h5:70002848-e9-01-de-78fb-7929 sid=52212be5 user=vpxuser] User not found: N7Vmacore9Authorize25AuthUserNotFoundExceptionE(User administrator@vsphere.local)
2025-03-24T07:22:05.923Z Er(163) Hostd[1049596]: --> [context]zKq7AVICAgAAAL9+cgEMaG9zdGQAAEjKR2xpYnZtYWNvcmUuc28AAVNQ4mhvc3RkAAEJV+QAy4E2AVo65IJ4RlkBbGlidmltLXR5cGVzLnNvAAG1lWIAHtssAOD/LAA7UFIDUngAbGlicHRocmVhZC5zby4wAAQ/Ug9saWJjLnNvLjYA[/context]
2025-03-24T07:22:05.924Z In(166) Hostd[1049629]: [Originator@6876 sub=AdapterServer opID=m886brhd-27623-auto-lbn-h5:70002848-e9-01-de-78fb-7929 sid=52212be5 user=vpxuser] AdapterServer caught exception; <<52212be5-2c19-a401-fab5-2a8bb54642cc, <TCP '127.0.0.1 : 8307'>, <TCP '127.0.0.1 : 31772'>>, ha-host-access-manager, vim.host.HostAccessManager.updateLockdownExceptions, <vim.version.v8_0_3_0, internal, 8.0.3.0>, [N11HostdCommon18VmomiAdapterServer19ActivationResponderE:0x0000004dd7a07ba8]>, N3Vim5Fault12UserNotFound9ExceptionE(Fault cause: vim.fault.UserNotFound
2025-03-24T07:22:05.925Z In(166) Hostd[1049596]: --> )
2025-03-24T07:22:05.925Z In(166) Hostd[1049596]: --> [context]zKq7AVICAgAAAL9+cgEMaG9zdGQAAOPJR2xpYnZtYWNvcmUuc28AASR5XWhvc3RkAAFehOEBPuxUATI75IJ4RlkBbGlidmltLXR5cGVzLnNvAAG1lWIAHtssAOD/LAA7UFIDUngAbGlicHRocmVhZC5zby4wAAQ/Ug9saWJjLnNvLjYA[/context]
2025-03-24T07:22:05.925Z In(166) Hostd[1049629]: [Originator@6876 sub=Vimsvc.TaskManager opID=m886brhd-27623-auto-lbn-h5:70002848-e9-01-de-78fb-7929 sid=52212be5 user=vpxuser] Task Completed : haTask-ha-host-vim.host.HostAccessManager.updateLockdownExceptions-251532 Status error
2025-03-24T07:22:05.925Z In(166) Hostd[1049629]: [Originator@6876 sub=Solo.Vmomi opID=m886brhd-27623-auto-lbn-h5:70002848-e9-01-de-78fb-7929 sid=52212be5 user=vpxuser] Activation finished; <<52212be5-2c19-a401-fab5-2a8bb54642cc, <TCP '127.0.0.1 : 8307'>, <TCP '127.0.0.1 : 31772'>>, ha-host-access-manager, vim.host.HostAccessManager.updateLockdownExceptions, <vim.version.v8_0_3_0, internal, 8.0.3.0>, [N11HostdCommon18VmomiAdapterServer19ActivationResponderE:0x0000004dd7a07ba8]>
2025-03-24T07:22:05.925Z Db(167) Hostd[1049629]: [Originator@6876 sub=Solo.Vmomi opID=m886brhd-27623-auto-lbn-h5:70002848-e9-01-de-78fb-7929 sid=52212be5 user=vpxuser] Arg users:
2025-03-24T07:22:05.925Z Db(167) Hostd[1049596]: --> (string) [
2025-03-24T07:22:05.925Z Db(167) Hostd[1049596]: -->    "da-user",
2025-03-24T07:22:05.925Z Db(167) Hostd[1049596]: -->    "nsx-user",
2025-03-24T07:22:05.925Z Db(167) Hostd[1049596]: -->    "mux_user",
2025-03-24T07:22:05.925Z Db(167) Hostd[1049596]: -->    "root",
2025-03-24T07:22:05.925Z Db(167) Hostd[1049596]: -->    "gs.global/abc"
2025-03-24T07:22:05.925Z Db(167) Hostd[1049596]: --> ]

Environment

vSphere 7.x

vSphere 8.x

Cause

ESXi is not added to domain to pull up the users from Active Directory.

Resolution

  1. Add the ESXi host to domain following the steps outlined in the following KB article:
    Configuring the ESXi host with Active Directory authentication
  2. Once the host is added to domain, you should be able to add the host profile.