"Unexpected error while upgrading upgrade unit: Command CreateUser failed on host <UUID>" error seen on NSX host upgrade
Article ID: 412111
Updated On:
Products
Issue/Introduction
NSX host upgrade failed with error: "Unexpected error while upgrading upgrade unit: Command CreateUser failed on host <UUID>"
Entries similar to the below are observed in the ESX Host log /var/run/log/nsx-syslog.logNSX 2107023 - [nsx@6876 comp="nsx-esx" subcomp="nsxsfhc" tid="2107087" level="WARNING"] Command python -B -c "from __future__ import print_function; import os; os.chdir('/tmp/'); import create; print(create.createUser('nsxuser','#######################################'))" failed with return-code 1 ( Exception (vmodl.fault.SystemError) { dynamicType = <unset>, dynamicProperty = (vmodl.DynamicProperty) [], msg = 'A general system error occurred: pam_passwdqc: Error parsing parameter "Retry=3": Invalid parameter. *** passwd: Critical error - immediate abort', faultCause = <unset>, faultMessage = (vmodl.LocalizableMessage) [], reason = 'pam_passwdqc: Error parsing parameter "Retry=3": Invalid parameter. *** passwd: Critical error - immediate abort' } occured on updating exception list ).
Environment
VMware NSX
Cause
An incorrect value is present in the Security.PasswordQualityControl field under the Advanced System Settings for the affected host.
The parameter was set as "Retry=3" instead of "retry=3", causing the issue — the uppercase R was used instead of a lowercase r in the value.
Resolution
Steps to verify and correct the values:
- Select the host in the vCenter UI -> Configure -> Advanced System Settings -> Filter the 'Key' field using Security.PasswordQualityControl
- Change the incorrect entry from the Security.PasswordQualityControl field in the Advance System Settings from the vCenter:
In the example error message, the "retry=3" was set as "Retry=3" causing the issue. - Retry upgrading the NSX host
Feedback
