"Invalid credentials provided or extension not valid for compute manager", Compute Manager is Not Registered and Down
search cancel

"Invalid credentials provided or extension not valid for compute manager", Compute Manager is Not Registered and Down

book

Article ID: 413178

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

  • On System -> Fabric -> Compute Manager

    Registration Status is Not Registered
    Connection Status is Down

  • Clicking on Down presents an error "Invalid credentials provided or extension not valid for compute manager"



  • On vCenter /var/log/vmware/vpxd/vpxd.log

    <DATE>T20:55:34.614Z ERROR http-nio-127.0.0.1-7443-exec-1 VcServiceAccountManagerImpl 3055624 SYSTEM [nsx@4413 comp="nsx-manager" errorCode="MP40223" level="ERROR" reqId="<id>" subcomp="fabric" username="MPINV"] Service account nsxt_<id> password change failed in cm 8f8a1###-####-####-####-#####025faf4

    <DATE>T20:55:34.614Z  WARN http-nio-127.0.0.1-7443-exec-1 CmInventoryService 3055624 FABRIC [nsx@4413 comp="nsx-manager" level="WARNING" reqId="<id>" subcomp="cm-inventory" username="MPINV"] Error occured while changing password of service account

    com.vmware.nsx.management.lcm.common.exception.LcmRestException: org.springframework.web.client.HttpClientErrorException$Forbidden: 403 Forbidden: "{"type":"com.vmware.vapi.std.errors.unauthorized","value":{"error_type":"UNAUTHORIZED","messages":[{"args":["Invalid Credential, VMware directory error[9234]"],"default_message":"User is not authorized for (Invalid Credential, VMware directory 

Environment

  • VCF 9.0

Cause

NSX creates a service account in vCenter which it uses to authenticate. The password for this account is internal and not exposed to users.

The password has a 90 day expiry by default and it is renewed automatically by NSX.

If an event arises where NSX cannot update the service account password, the password will expire and Compute Manager connection will go down.

Note:  Using anything other than valid admin vCenter credentials in the resolve workflow will result in failure to change the service account password.

Resolution

From the Error screen, select the error and click Resolve

This present a credentials pop-up.

Enter a vCenter admin credentials and click Resolve.



This will renew the internal service account password and allow the Compute Manager connection to come back up.

Note:  If you encounter any issues during this process, reboot the vCenter appliance and retry the steps above.

Powered by Wolken Software