February 7, 2024
VMware Cloud Foundation: Patching Failed
SDDC Manager: Unable To Configure Security Global Config
The Issue?
1. Connect to each NSX Manager via SSH.
- SDDC Manager and VMware Cloud Foundation services.
- VMware Cloud Foundation config drift.
- vRealize Suite Lifecycle Manager, vRealize Suite products, and Workspace ONE Access.
- NSX.
- vCenter Server.
- If you have stretched clusters in your environment, upgrade the vSAN witness host.
- VxRail Manager and ESXi
My VCF Troubleshooting guide has a few other tips for administrators.
Related
The Cause?
3. Run the following commands on each of the NSX-T Managers:
The Fix?
Reference: VMware Cloud Foundation Upgrade Process
Check out these links for all my other VCF articles and my recently published VCF course
This fix is relatively quick and simple:
This is due to the password expiration on the admin account on the NSX Managers. As a result of the expired password, the password saved on SDDC Manager no longer works against the NSX Managers. Due to repeated failed login attempts via API, the NSX Managers lock out the SDDC Manager login attempts – even with the right credentials. This results in the administrator not being able to remediate the account password in SDDC Manager.
2. Login with admin credentials.
Summary
Repeat this process for the root account if required. Once this process is complete, retry password remediation on SDDC Manager again.
There are 6 steps to upgrade a VMware Cloud Foundation (VCF) management domain:
The issue is a result of not maintaining account password validity across SDDC Manager and the various solutions, in this case it was VMware NSX. It would prove beneficial to add password maintenance to your teams BAU task list.
VCF
