Troubleshooting Account disconnects in the SDDC manager password management.
Article ID: 412269
Updated On:
Products
Issue/Introduction
In VMware Cloud Foundation (VCF), SDDC Manager may display one or more accounts (such as service accounts, VC, ESXi, NSX etc. accounts) in a disconnected state.
This may cause operation failures or precheck errors on the SDDC manager.
Environment
VMware Cloud Foundation (VCF) 4.x
VMware Cloud Foundation (VCF) 5.x
Cause
Accounts can appear disconnected in SDDC Manager due to several reasons, including:
-
Expired or locked out or rotated credentials outside of SDDC manager.
-
Network connectivity(SSH) or DNS resolution issues preventing SDDC Manager from validating the account.
-
Inconsistent synchronization between SDDC Manager and vCenter/NSX/other components.
-
Expired certificates for the components.
- The component is in an ERROR state in the DB.
Resolution
Validate the password stored in the SDDC is correct and run remediation using the same:
- Use the SDDC Manager Appliance to Look Up Account Credentials
- Remediate Passwords using the credentials from the step 1.
Based on the error observed from the remediation task you can follow the below steps:
"javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target" |
This indicates a certificate issue, validate the certificate is not expired in the SDDC manager and the CA certificate is added to SDDC trusted store, for more details refer, How to add/delete Custom CA Certificates to SDDC Manager and Common Services trust stores |
"Failed to execute command, error : SSH: Failed to establish SSH session" |
Validate the server reachable via SSH from the SDDC manager if yes, Refer KB 396540 |
Once you have fixed the issue causing disconnect run a remediation
Additional Information
Note:
For exact error messaged refer /var/log/vmware/vcf/operationsmanager/operationsmanager.log on the SDDC manager.
Feedback
