vCenter upgrade precheck task fails due to Active Directory settings
search cancel

vCenter upgrade precheck task fails due to Active Directory settings

book

Article ID: 419812

calendar_today

Updated On:

Products

VMware SDDC Manager VMware vCenter Server

Issue/Introduction

vCenter upgrade failed at the VCENTER_UPGRADE_PRECHECK stage.

You can see the following messages:

lcm-debug.log

YYYY-MM-DDTHH:MM:SS.203+0000 DEBUG [vcf_lcm,0000000000000000,0000,upgradeId=####,resourceType=VCENTER,resourceId=####,bundleElementId=####] [c.v.e.s.c.util.RetriableCallable,Upgrade-1] Starting retriable operation 'Execute REST request for status to VC RDU' with 10 retries.
YYYY-MM-DDTHH:MM:SS.203+0000 INFO  [vcf_lcm,0000000000000000,0000,upgradeId=####,resourceType=VCENTER,resourceId=####,bundleElementId=####] [c.v.v.vapi.vsphere.VcVlcmRestClient,Upgrade-1] Service account credentials detected, switching to session based auth 
YYYY-MM-DDTHH:MM:SS.217+0000 DEBUG [vcf_lcm,0000000000000000,0000,upgradeId=####,resourceType=VCENTER,resourceId=####,bundleElementId=####] [c.v.e.s.l.p.i.v.r.o.RduStatus,Upgrade-1] RDU status result: {"description":...
...
YYYY-MM-DDTHH:MM:SS.223+0000 DEBUG [vcf_lcm,0000000000000000,0000,upgradeId=####,resourceType=VCENTER,resourceId=####,bundleElementId=####] [c.v.e.s.l.p.i.v.VCenterRDUUpgrader,Upgrade-1] Polling for RDU subtask : precheck at polling interval 60000
YYYY-MM-DDTHH:MM:SS.223+0000 ERROR [vcf_lcm,0000000000000000,0000,upgradeId=####,resourceType=VCENTER,resourceId=####,bundleElementId=####] [c.v.e.s.l.p.i.v.VCenterRDUUpgrader,Upgrade-1] RDU stage precheck failed
YYYY-MM-DDTHH:MM:SS.224+0000 ERROR [vcf_lcm,0000000000000000,0000,upgradeId=####,resourceType=VCENTER,resourceId=####,bundleElementId=####] [c.v.e.s.l.p.i.vcenter.VCenterCommon,Upgrade-1] vCenter upgrade failed at the VCENTER_UPGRADE_PRECHECK stage.
YYYY-MM-DDTHH:MM:SS.224+0000 INFO  [vcf_lcm,0000000000000000,0000,upgradeId=####,resourceType=VCENTER,resourceId=####,bundleElementId=####] [c.v.e.s.l.p.i.v.VCenterRDUPrimitiveImpl,Upgrade-1] The status of sub-task : PRECHECK is VCENTER_RDU_FAILED

lcm-debug.log:

RDU(Reduced Downtime Upgrade) status result:
{
  "description": {
    "id": "com.vmware.vcenter.deployment.migration_upgrade.desc",
    "defaultMessage": "Migration Upgrade of vCenter Server appliance.",
    "args": [],
    "localized": "Migration Upgrade of vCenter Server appliance."
  },
  "startTime": "YYYY-MM-DDTHH:MM:SS.551Z",
  "endTime": "YYYY-MM-DDTHH:MM:SS.717Z",
  "lastUpdateTime": "YYYY-MM-DDTHH:MM:SS.734Z",
  "notifications": {
    "warnings": [
        ...
    ],
    "errors": [
      {
        "id": "vmidentity.patch.likewise.domain.joined.description",
        "time": "YYYY-MM-DDTHH:MM:SS.217727715Z[UTC]",
        "message": {
          "id": "vmidentity.patch.likewise.domain.joined.description",
          "defaultMessage": "Active Directory domain is joined",
          "localized": "Active Directory domain is joined"
        },
        "resolution": {
          "id": "vmidentity.patch.likewise.domain.joined.resolution",
          "defaultMessage": "Please leave the Active Directory domain before proceeding https://knowledge.broadcom.com/external/article?articleId=373004",
          "localized": "Please leave the Active Directory domain before proceeding https://knowledge.broadcom.com/external/article?articleId=373004"
        }
      },
      {
        "id": "vmidentity.patch.likewise.iwaidentitysource.configured.description",
        "time": "YYYY-MM-DDTHH:MM:SS.21773815Z[UTC]",
        "message": {
          "id": "vmidentity.patch.likewise.iwaidentitysource.configured.description",
          "defaultMessage": "Identity Source type Active Directory (Integrated Windows Authentication) is configured",
          "localized": "Identity Source type Active Directory (Integrated Windows Authentication) is configured"
        },
        "resolution": {
          "id": "vmidentity.patch.likewise.iwaidentitysource.configured.resolution",
          "defaultMessage": "Please remove all Identity Sources with type Active Directory (Integrated Windows Authentication) before proceeding https://knowledge.broadcom.com/external/article?articleId=373005",
          "localized": "Please remove all Identity Sources with type Active Directory (Integrated Windows Authentication) before proceeding https://knowledge.broadcom.com/external/article?articleId=373005"
        }
      },
      {
        "id": "vcenter.deployment.migration_upgrade.services_extended_verification_failed",
        "time": "YYYY-MM-DDTHH:MM:SS.217747022Z[UTC]",
        "message": {
          "id": "vcenter.deployment.migration_upgrade.services_extended_verification_failed",
          "defaultMessage": "Failed to run additional verification for the vCenter services.",
          "localized": "Failed to run additional verification for the vCenter services."
        },
        "resolution": {
          "id": "vcenter.deployment.migration_upgrade.services_extended_verification_failed.resolution",
          "defaultMessage": "Resolve all errors and retry the verification process.",
          "localized": "Resolve all errors and retry the verification process."
        }
      }
    ]
  },

 

 

 

Environment

VMware SDDC Manager 9.x

VMware vCenter

Cause

These issue is caused by joining the Active Directory domain and having the Identity Source type configured as "Active Directory (Integrated Windows Authentication)."

Resolution

To resolve the pre-check errors during the VCF 9.0 upgrade, perform the following two actions on the vCenter:

  1. Leave the Active Directory domain: 

    "Leave the vCenter Server from Active Directory domain before proceeding" pre-check error message during VCF 9.0 upgrade

  2. Remove the Integrated Windows Authentication (IWA) Identity Source:

    "Remove Integrated Windows Authentication (IWA) Identity Source from the vCenter Server" pre-check error message during VCF 9.0 upgrade

Powered by Wolken Software