VMware Directory Service logs are spewed with the error NewConnection failing with error 1

search cancel

VMware Directory Service logs are spewed with the error NewConnection failing with error 1

book

Article ID: 394351

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

VMware Directory Service (vmdir) service reporting log spew with Error: NewConnection failing with error 1
There is no error reported for log in failures on the vCenter Server Appliance (VCSA)
/var/log/vmware/vmdird/vmdird.log:

YYYY-MM-DDTHH:MM:SS:t@140690847692352:ERROR: SSL error (167772454)(Others)(error:0A000126:SSL routines::unexpected eof while reading)
YYYY-MM-DDTHH:MM:SS:t@140690847692352:ERROR: NewConnection failing with error 1
YYYY-MM-DDTHH:MM:SS:t@140690847692352:ERROR: ProcessAConnection: NewConnection [37] failed with error: 1
YYYY-MM-DDTHH:MM:SS:t@140690847692352:ERROR: Failed SSL function (SSL_accept), return value (-1)
YYYY-MM-DDTHH:MM:SS:t@140690847692352:ERROR: SSL error (167772454)(Others)(error:0A000126:SSL routines::unexpected eof while reading)
YYYY-MM-DDTHH:MM:SS:t@140690847692352:ERROR: NewConnection failing with error 1
YYYY-MM-DDTHH:MM:SS:t@140690847692352:ERROR: ProcessAConnection: NewConnection [37] failed with error: 1

Cause

This issue is caused due to an external solution with incorrect ICMP check configured on the LDAP port (636) of VCSA

Resolution

In order to isolate the solution causing the issue, proceed with the below steps

Log in to VCSA via ssh
Enable debug logging for vmdird. Refer to Enabling debug logging for SSO and Authentication services in vCenter Server
Proceed to validate the logs for the server details

grep "New connection" /var/log/vmware/vmdird/vmdird.log

YYYY-MM-DDTHH:MM:SS@139971432277568:DEBUG: [file: lotus/vmdir/server/ldap-head/connection.c][line: 321] New connection (x.x.x.x)
YYYY-MM-DDTHH:MM:SS@139971432277568:DEBUG: [file: lotus/vmdir/server/ldap-head/connection.c][line: 321] New connection (127.0.0.1)

Check the solution configured for the IP address and disable LDAP check/ICMP ping on VCSA

Additional Information

Sample Log Output

tail -f /var/log/vmware/vmdird/vmdird.log

YYYY-MM-DDTHH:MM:SS@139972559087168:DEBUG: [file: lotus/vmdir/common/threading.c][line: 478] [lotus/vmdir/common/threading.c,478]
YYYY-MM-DDTHH:MM:SS@139971432277568:DEBUG: [file: lotus/vmdir/server/ldap-head/connection.c][line: 321] New connection (x.x.x.x)
YYYY-MM-DDTHH:MM:SS@139971432277568:ERROR: Failed SSL function (SSL_accept), return value (-1)
YYYY-MM-DDTHH:MM:SS@139971432277568:ERROR: SSL error (167772454)(Others)(error:0A000126:SSL routines::unexpected eof while reading)
YYYY-MM-DDTHH:MM:SS@139971432277568:DEBUG: [file: lotus/vmdir/server/ldap-head/connection.c][line: 338] [lotus/vmdir/server/ldap-head/connection.c,338]
YYYY-MM-DDTHH:MM:SS@139971432277568:ERROR: NewConnection failing with error 1
YYYY-MM-DDTHH:MM:SS@139971432277568:ERROR: ProcessAConnection: NewConnection [41] failed with error: 1
YYYY-MM-DDTHH:MM:SS@139972559087168:DEBUG: [file: lotus/vmdir/common/threading.c][line: 478] [lotus/vmdir/common/threading.c,478]
YYYY-MM-DDTHH:MM:SS@139971432277568:DEBUG: [file: lotus/vmdir/server/ldap-head/connection.c][line: 321] New connection (127.0.0.1)

Feedback

thumb_up Yes

thumb_down No