Unable to Upgrade vCenter from 8.0U3g to 9.0.2 Error: "WCP service installation failed : Traceback"
search cancel

Unable to Upgrade vCenter from 8.0U3g to 9.0.2 Error: "WCP service installation failed : Traceback"

book

Article ID: 437519

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

Unable to upgrade vCenter to 9.0.2. 

  • Error: 
    WCP service installation failed : Traceback (most recent call last): File "/usr/lib/vmware-
    wcp/firstboot/wcp-firstboot.py", line 64, in proxy return func(*args, ** kwargs) ^AAAAAAAAAAAAAAAAAA
    File "/usr/lib/vmware-wcp/firstboot/wcp-firstboot.py", line 82, in configure
    wcpconfigure.setup_wcp_service_account() File "/usr/lib/vmware-wcp/py-modules/wcpconfigure.py",
    line 890, in setup wcp service account handle wcp_solution_user_deletion() File "/usr/lib/vmware-
    wcp/py-modules/wcpconfigure.py", line 916, in handle_wcp_solution_user_deletion
    Authz().remove permissions(domain name=domain_name, principal_name=soluser_id) File
    "/usr/lib/vmware-wcp/py-modules/roles_groups_users_utils.py", line 105, in remove_permissions
    self.authz client.remove_access(acl mapping.document, domain_name, principal_name, is_group) File
    /usr/lib/vmware/site-packages/cis/cisreglib.py", line 804, in remove_access
    self. authz service.RemoveAccess(doc uri, [principal]) File "/usr/lib/vmware/site-
    packages/pyVmomi/VmomiSupport.py", line 601. in <lambda> self.f((self.args + (obj,) + args),
    "kwargs) File 7/usr/lib/vmware/site-packages/pyVmomi/VmomiSupport.py", line 376, in
    InvokeMethod return self. stub.InvokeMethod(self, info, args)
    File V/usr/lib/vmware/site-
    packages/pyVmomi/SoapAdapter.pyT. line 1719, in InvokeMethod raise obj
    pyVmomi. VmomiSupport vmodi fault SecurityErron (vmodl.fault.SecurityError) { dynamicType =
    <unset>, dynamicProperty = (vmodl.DynamicProperty) [], msg =1, faultCause = <unset>, faultMessage
    =(vmodl.LocalizableMessage) [ )
    This is an unrecoverable erron, please retry install. If you encounter this error again, please search for
    these symptoms in the VMware Knowledge Base for any known issues and possible resolutions. If
    none can be found, collect a support bundle and open a support request.

  • /var/log/firstboot/wcp-firstboot.py_17652_stdout.log
    [YYYY-MM-DDTHH:MM:SS]  Running command: ['/usr/bin/systemctl', 'mask', 'vmware-wcp.service']
    [YYYY-MM-DDTHH:MM:SS]  Done running command
    [YYYY-MM-DDTHH:MM:SS]  Getting value for install-parameter: upgrade.import.directory
    [YYYY-MM-DDTHH:MM:SS]  Running command: ['/usr/lib/vmware-vmafd/bin/vmafd-cli', 'get-machine-id', '--server-name', 'localhost']
    [YYYY-MM-DDTHH:MM:SS]  Done running command
    [YYYY-MM-DDTHH:MM:SS]  Running command: ['/usr/lib/vmware-vmafd/bin/dir-cli', 'service', 'list', '--login', 'VC_FQDN']
    [YYYY-MM-DDTHH:MM:SS]  Done running command
    [YYYY-MM-DDTHH:MM:SS]INFO wcp-firstboot SSO user "wcp" already exists
    [YYYY-MM-DDTHH:MM:SS]INFO wcp-firstboot Removing the wcp solution user
    [YYYY-MM-DDTHH:MM:SS]  Running command: ['/usr/lib/vmware-vmafd/bin/vmafd-cli', 'get-machine-id', '--server-name', 'localhost']
    [YYYY-MM-DDTHH:MM:SS]  Done running command
    [YYYY-MM-DDTHH:MM:SS] INFO wcp-firstboot Removing the permission set for vsphere.local\wcp-3f81de93-43ed-49Xa-##d7-be75ce4bbe8c on rn:vmomi:ClusterComputeResource:domain-cXX32#2:0a8203d2-5X#21-40da-a2cX-b222X3#a0eb7
    [YYYY-MM-DDTHH:MM:SS] ERROR wcp-firstboot Failed to remove permissions set for the wcp solution user. Err: (vmodl.fault.SecurityError) {
       dynamicType = <unset>,
       dynamicProperty = (vmodl.DynamicProperty) [],
       msg = '',
       faultCause = <unset>,
       faultMessage = (vmodl.LocalizableMessage) []

  • /var/log/vmware/vpxd-svcs/vpxd-svcs.log
    [YYYY-MM-DDTHH:MM:SS] [authz-service-3 [] WARN  com.vmware.cis.core.authz.accesscontrol.impl.CheckPrivilegesRouterRiseImpl  opId=0742e090-feX#-4697-bb41-4e533a0371e1] User VSPHERE.LOCAL\machine-3f81de93-43ed-49Xa-##d7-be75ce4bbe8c does not have privileges [System.Anonymous, Authorization.ModifyPermissions, System.Read, Namespaces.ListAccess, InventoryService.Tagging.ObjectAttachable, System.View] on object urn%3Avmomi%3AClusterComputeResource%3Adomain-c31XX2%3A0a8203d2-5821-40da-a2c3-b222e37a0eb7

 

 

Environment

VCF 9.0.x

Cause

Role for the Administrator group has restricted permission 

Resolution

  1. Log in to the vSphere Client as a local administrator ([email protected]).

  2. Navigate to Administration > Access Control > Global Permissions.

  3. Locate the entry for the vsphere.local\Administrators group.

  4. Edit the Role: Change the assigned role back to the default Admin (or Administrator) role.

  5. Propagate: Ensure the "Propagate to children" checkbox is selected.

  6. Retry Upgrade: Relaunch the vCenter Server upgrade/convergence process.

Powered by Wolken Software