After running the script from  LDAP Error Code 49 : Reset Machine Account Password of vCenter Server Appliance using Shell Script to reset the machine account password of a vCenter, vmdird fails to start

/var/log/vmware/vmdird/vmdird.log has the following entry when trying to start the service:

VmDirInternalEntryAttributeReplace failed error DN: cn=<VC_FQDN>,cn=Domain Controllers,dc=vsphere,dc=local Error code: 9703

vCenter 8.0 U3

SSO domain inconsistencies due to improper snapshot reverts cause the SSO domain to become unstable

Eventually these inconsistencies build up and can cause possible corruption, stopping the vmdird service

Use the fixpsc script from VMDir State is Read Only with vmdir inconsistencies KB to resolve the vmdird service unable to start

1. Ensure offline snapshots are taken of all VCs in the SSO domain in accordance with KB VMware vCenter in Enhanced Linked Mode pre-changes snapshot (online or offline) best practice
2. Use the fixpsc rebuild option targeting a healthy VC in the same SSO domain
3. Rebuild the service registrations of the issue vCenter using the lsdoctor rebuild option from KB Using the 'lsdoctor' Tool
4. Restart all services on the vCenter:

service-control --stop --all && service-control --start --all

As the vmdird service is unable to start, the fixpsc data functions are unable to extract the service registrations to register after fixpsc rebuild has completed.

Thus, the rebuild option will eventually error out not being able to start all services. This is why step 3 above is required to rebuild the service registrations from scratch using the lsdoctor tool to get the VC fully up and running