vCenter UI is down and vmware-sts service fails to start lib.exceptions.LdapException: LDAP exception error code 49 (invalidCredentials)
search cancel

vCenter UI is down and vmware-sts service fails to start lib.exceptions.LdapException: LDAP exception error code 49 (invalidCredentials)

book

Article ID: 416636

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

The /var/log/vmware/vmdir/vmafdvmdirclient.log shows the following error: 
YYY-MM-DDTHH:MM:SS.###:t@140183236245248:INFO: Act (<vCenterfqdn>@<ssodomain>) password refreshed
YYY-MM-DDTHH:MM:SS.###:t@140183227852544:ERROR: VmDirSafeLDAPBindEx to (ldap://<vCenterfqdn:389) failed. SRP(9234)

Cause

This issue occurs when the machine account password stored in the VMDIRD database does not match the password used by the services to authenticate with the VMware Directory Service.

Resolution

  1. Create a backup and an offline snapshot of vCenter (and any other vCenter connected to this vCenter in ELM).
  2. Follow the steps in LDAP Error Code 49 : Reset Machine Account Password of vCenter Server Appliance using Shell Script to reset the machine account password.
  3. Run #service-control --start --all to verify sts and remaining services start successfully. 
Powered by Wolken Software