Configuring Identity and Access Management (SSO) for NSX in VCF Operations results in a failed state
search cancel

Configuring Identity and Access Management (SSO) for NSX in VCF Operations results in a failed state

book

Article ID: 440395

calendar_today

Updated On:

Products

VCF Operations/Automation (formerly VMware Aria Suite)

Issue/Introduction

Unable to configure Identity and Access Management (embedded VCF Single Sign-On) for the NSX component within VMware Cloud Foundation (VCF) Operations.

Environment

VCF Operations 9.x

Cause

The VCF Operations integration contains duplicate NSX adapter instances targeting the identical NSX management plane. Specifically, a legacy or standalone NSX adapter is coexisting with the primary VCF-integrated NSX component.

When the embedded VCF SSO configuration workflow executes, the internal view-bridge service polls the integration registry to resolve the NSX API endpoint. The duplicate entries create routing ambiguity. To prevent transmitting identity trust payloads to an incorrect endpoint, the service halts execution, failing the configuration task.

Resolution

To resolve this issue, the duplicate routing conflict must be eliminated from the VCF Operations integration :

  • Authenticate to the VCF Operations administrative user interface.
  • Navigate to Administration > Integrations
  • Review the configured adapter instances to identify the duplicate NSX endpoints targeting the same NSX Manager IP or FQDN.
  • Delete the legacy or standalone NSX adapter instance. Note: Ensure the authoritative, VCF-integrated NSX adapter is preserved.
  • Re-execute the Identity and Access Management SSO configuration workflow for the NSX component.
Powered by Wolken Software