MICROSOFT ENTRA ID configuration on SDDC manager failed with Error Message: " Failed to create/update embedded identity source. identity bad request"
search cancel

MICROSOFT ENTRA ID configuration on SDDC manager failed with Error Message: " Failed to create/update embedded identity source. identity bad request"

book

Article ID: 405854

calendar_today

Updated On:

Products

VMware SDDC Manager

Issue/Introduction

Symptoms:

  • MICROSOFT ENTRA ID configuration on SDDC manager failed with Error Message: "Failed to create/update embedded identity source. identity bad request".



  • vcf-commonsvcs.log:
    YY-MM-DDTHH:MM:SS.356+0000 ERROR [common,5694d2bc6cd84d02,1417] [c.v.e.s.e.h.LocalizableRuntimeExceptionHandler,http-nio-127.0.0.1-7100-exec-49] [683ITD] IDENTITY_PROVIDER_BAD_REQUEST Identity Bad request
           com.vmware.evo.sddc.identity.rest.api.error.IdentityProviderBadRequestException: Identity Bad request

              at com.vmware.evo.sddc.identity.rest.api.controller.v1.IdentityProviderController.addExternalIdentityProvider(IdentityProviderController.java:296)
              at jdk.internal.reflect.GeneratedMethodAccessor877.invoke(Unknown Source)
              at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
              at java.base/java.lang.reflect.Method.invoke(Method.java:569)
              at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:343)
              at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:196)
              at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163)
              at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:751)
        
             at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
             at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:63)
             at java.base/java.lang.Thread.run(Thread.java:840)
      Caused by: com.vmware.vcf.vapi.vsphere.VcIdentityProviderBadRequestException: Could not create indirect identity provider;
        

Environment

Vmware Cloud Foundation 5.2

Resolution

  1. Take a power off snapshots of all vCenters in linked mode and the SDDC manager.
  2. Configure MICROSOFT ENTRA ID from the management vCenter Server UI directly:
    Configure vCenter Server Identity Provider Federation for Microsoft Entra ID

  3. After a successful configuration, go back to the SDDC manager and remediate the configuration.
Powered by Wolken Software