The LDAP connection status is is 'Failed' state after upgrade to 4.2.2.1. LDAP functionality does not appear to be impacted.

search cancel

The LDAP connection status is is 'Failed' state after upgrade to 4.2.2.1. LDAP functionality does not appear to be impacted.

book

Article ID: 411961

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

A customer might report the LDAP service will not start after upgrading to 4.2.x. This is really the LDAP probe that is failing and the LDAP service is still fully functional.

After upgrading, the NSX Manager UI will report a “Failed to fetch System details.” This results in a failure during search indexing operations, which restricts access to Policy-related objects in the NSX UI.

Observed error in logs:

2025-07-08T16:05:46.298Z ERROR UfoIndexer-BatchExecutor-search_policy-0 UfoGenericConverter 5981 - [nsx@6876 comp="nsx-manager" errorCode="MP60511" level="ERROR" subcomp="manager"] [Indexing: DataProvider] Could not convert UFO object to Dto UfoObject{operationType=CREATE, descriptor=IndexingTypeDescriptor{tableName='ServiceEntry', streamTag=POLICY}, identifier=string_id: "/infra/services/UDP\t_#####-#####/service-entries/UDP\t_#####-#####"}

Environment

NSX 4.2.0 and beyond

Cause

Starting in NSX 4.2.0, a change was introduced to disallow certain characters in Policy paths. These include:
\t(tab)
\n (Newline (LF))
(Carriage Return (CR))
\0 (Null (ASCII 0))
Unicode characters:\u2028,\u2029 respectively Unicode Line Separator and Unicode Paragraph Separator
If any existing policy object contains these characters (e.g., in the ID or path), it may cause issues with the search indexing mechanism post-upgrade.
Any upgrade from a version prior to 4.2.0 to 4.2.0 or later may be affected by this issue

Resolution

This is a known issue when upgrading from NSX 3.2.2.x to 4.2.x and the resolution steps are outlined in article:

"Failed to fetch System details" error 513002 when searching in NSX Manager UI

Feedback

thumb_up Yes

thumb_down No