• Applying licenses within the SDDC Manager UI fails.
• The SDDC UI displays an error during the validation phase:

  Generate Acquire Resources Lock Data
  Message: Invalid parameter: {0}

  UPDATE_LICENSES operation validation failed due to: Failed to run guardrail validations of type UPDATE_LICENSES on resource [UUID]

• Reviewing the /var/log/vmware/vcf/operationsmanager/operationsmanager.log reveals guardrail validation failures, NullPointerException errors, and 403 Unauthorized connection failures to attached components (e.g., NSX-T Managers):

  ERROR [vcf_om,...] [c.v.v.l.s.a.GenerateUpdateLicenseAcquireResourcesLockDataAction,...] VCF_ERRORS_GENERIC_INPUT_PARAM_ERROR
  java.lang.NullPointerException: licensingSpec can not be null
          at java.base/java.util.Objects.requireNonNull(Objects.java:336)
  ...
  ERROR [vcf_om,...] [c.v.vcf.assessment.sdk.LambdaService,...] Lambda task f4ea###5-a###-###e-9##e-f6d#####993 failed due to {"errorCode":"ASSESSMENT_CANNOT_ADD_CONNECTION","arguments"message":"Cannot connect to <NSX_FQDN>","cause":[{"type":"com.vmware.vapi.std.errors.Unauthorized","message":"Unauthorized (com.vmware.vapi.std.errors.unauthorized) => {\n    messages = [],\n    data = struct => {error_message=The credentials were incorrect or the account specified has been locked., error_code=403, module_name=common-services},\n    errorType = UNAUTHORIZED\n}"}]
  ...
  ERROR [vcf_om,...] [c.v.e.s.o.model.error.ErrorFactory,...] [EVCPNC] DAYN_GUARDRAILS_VALIDATION_FAILED UPDATE_LICENSES operation validation failed due to: Failed to run guardrail validations of type UPDATE_LICENSES on resource d9###9-a##3-####-##d-4f7a#####479

   

• Additionally, running the VCF Diagnostic Tool (VDT) Using the VCF Diagnostic Tool for vSphere (VDT) highlights an issue with the /etc/hosts file format:

    [FAIL]    Check if /etc/hosts file exists and is properly formatted
                          # Begin /etc/hosts (network card version)
                          # End /etc/hosts (network card version)
                          # VAMI_EDIT_BEGIN
                          # Generated by Studio VAMI service. Do not modify manually.
                          #127.0.0.1  <VCF FQDN> <shortname> localhost
                          #::1 <VCF FQDN> <shortname> localhost ipv6-localhost ipv6-loopback
                          # VAMI_EDIT_END
                      Documentation:    https://knowledge.broadcom.com/external/article/409862
                      Notes:     Please convert /etc/hosts to multi-line format.

VMware SDDC Manager 9.x

The issue is caused by an improperly formatted /etc/hosts file on the SDDC Manager appliance.

Specifically, localhost and host entries are combined into a single line instead of being configured in the required multi-line format. This improper formatting disrupts local name resolution on the appliance.

To resolve the issue, correct the /etc/hosts file formatting on the SDDC Manager appliance. Converting the /etc/hosts file to the standard multi-line format restores proper local DNS resolution and allows the pre-validation guardrails to execute successfully.Follow the below steps:

1. Log in to the SDDC Manager appliance via SSH and su to the root user.
2. View the contents of the file using cat /etc/hosts

   Example of Incorrect Formatting (Single-Line):
   The following format is invalid and will cause service failures:

   127.0.0.1  sddc-manager.example.com sddc-manager localhost
   ::1 s sddc-manager.example.com  sddc-manager localhost ipv6-localhost ipv6-loopback

3. Create a backup of the current hosts file:

   cp -p /etc/hosts /etc/hosts.backup

4. Edit the file using vi /etc/hosts. Ensure the loopback address (127.0.0.1) is on its own line, followed by the management IP address and the FQDN of the SDDC Manager.

   Example of Correct Formatting (Multi-Line):

   127.0.0.1   localhost
   ::1         localhost ipv6-localhost ipv6-loopback
   192.168.1.10 sddc-manager.example.com sddc-manager

   (reference Broadcom KB 409862 for exact formatting requirements).
5. Run the VCF Diagnostic Tool (VDT) again to ensure the /etc/hosts check now passes successfully.
6. Return to the SDDC Manager UI and retry applying the licenses.The pre-validation guardrails should now execute successfully.