Unable to configure VCF SSO vCenter component for workload domain
search cancel

Unable to configure VCF SSO vCenter component for workload domain

book

Article ID: 413451

calendar_today

Updated On:

Products

VCF Operations

Issue/Introduction

In VCF Operations > Fleet Management > Identity & Access > VCF Instances > domain > Component Configuration, configuring the vCenter component for the new workload domain fails to configure VCF SSO.

Previously removed the workload domain from a different management domain within VCF Operations but vCenter remained.

Workload domain was imported successfully, but configuring for VCF SSO fails with Status of "Failed".  

Error seen in UI: Error occurred while configuring the component for SSO. Check Support Logs under Control Panel for more details.

Environment

VCF 9.0.x

Cause

The previous identity provider is still tied to this vCenter causing it to fail to reconfigure with new SSO identity provider.

Resolution

Remove the previous identity provider from vCenter.

  1. Take a snapshot of the workload domain vCenter server prior to making changes.
  2. Access Workload Domain vCenter Web Client via FQDN: https://vcenterFQDN/ui
  3. Menu > Developer Center > API Explorer
  4. Select Workload Domain vCenter as endpoint.
  5. Select API: vcenter
  6. Scroll to API Categories of identity/providers


  7. Expand "GET /api/vcenter/identity/providers"
  8. Click Execute
  9. In resulting output (scroll down if needed), find the provider ID such as: 
    "provider":  "CUSTOMER",
  10. Now, expand > Delete /api/vcenter/identity/providers/{provider}
  11. In the provider (required) field, enter the value found in step 8 for "provider", in this example, CUSTOMER.
  12. Click Execute.
  13. The provider is now removed.
  14. Return back to VCF Operations and try to configure the identity provider for the vCenter.
Powered by Wolken Software