vCenter 6.7 fresh vCenter Server Appliance install with an embedded Platform Services Controller on a 6.5 ESXi host.
Stage 1: Deploy appliance - Completed successfully
Stage 2: Configure appliance - Completed sucessfully
When I try to log in as root on the VMware Appliance Management web:5480 page using the IP address of the server, I receive the error. Unable to login, NOT the error Unable to authenticate user. I can successfully log in using the console with root credentials. Used a variety of browsers and validated security settings. Any ideas?
You have sure this is the correct password. Try into the console or SSH.
Please consider marking this answer "correct" or "helpful" if you think your question have been answered correctly.
Fixed the issue by checking the df -h and found that log disk was full, just increase the Hard Disk 5 and run a command to autogrow lvm of vcenter, and right after that issue fixed for me. the solution in this link worked for me.
https://www.bomzan.com/2021/10/12/vmware-vcenter-upgrade-error-no-space-left-on-device/
Thanks
Abdul Basit Khan
Just to isolate, does the root login work via SSH too? Or only via VM console?
Cheers,
Supreet
You have sure this is the correct password. Try into the console or SSH.
Please consider marking this answer "correct" or "helpful" if you think your question have been answered correctly.
Hello,
Able to log into the console and SSH sessions using the root credentials.
Not able to log into the VMware Appliance Management portal, receiving the error: Unable to login.
If I fat finger the password on the portal page, then I receive the error message: Unable to authenticate user.
The security setting on the browser have TLS 1.0, TLS 1.1, and TLS 1.2 turned on.
Did you test other navigators?
as stated in my original post:
Used a variety of browsers and validated security settings.
Here is what I did as a workaround.
In the vSphere Web Client I added an Administrative user.
Then added that user to the SystemConfiguration.BashShellAdministrators group.
I was then able to use that user to log into the vCenter Server Appliance Management portal.
Hi jfvet,
I am having the same trouble. I can login via SSH (and console) with root and my password. It as well used to work in the past to access the VMware Appliance Management (https://x.x.x.x:5480). Now I am getting "! Unable to login". Tried in several browsers as well in private windows. The credentials are correct, 100%.
I do not get this. Why would I use another username (which one anyway?). I am trying to login with "root". That has to work, it is a root user. Why would I change any group assignments to users which are configured in the SSO domain.
I have rebooted the VCA, issue persists.
Does anybody have an idea please on how to fix this?
Thanks,
Robert
I have done some further investigation:
tail -f /opt/vmware/var/log/lighttpd/error.log
When I access the URL https://x.x.x.x:5480, the following logs show up:
2018-09-30 14:31:46: (/build/mts/release/bora-7927448/studio/src/vami/apps/lighttpd/1.4.45/src/mod_proxy.c.1417) proxy - re-enabled: 127.0.0.1 8201
2018-09-30 14:31:48: (/build/mts/release/bora-7927448/studio/src/vami/apps/lighttpd/1.4.45/src/mod_proxy.c.1041) establishing connection failed: Connection refused
2018-09-30 14:31:48: (/build/mts/release/bora-7927448/studio/src/vami/apps/lighttpd/1.4.45/src/mod_proxy.c.1153) proxy-server disabled: 127.0.0.1 8201 13
2018-09-30 14:31:48: (/build/mts/release/bora-7927448/studio/src/vami/apps/lighttpd/1.4.45/src/mod_proxy.c.523) no proxy-handler found for: /rest/appliance/system/version
2018-09-30 14:31:53: (/build/mts/release/bora-7927448/studio/src/vami/apps/lighttpd/1.4.45/src/mod_proxy.c.1417) proxy - re-enabled: 127.0.0.1 8201
I have checked the error.log file, those errors do only show up recently because in the past, I never had issues to log into the webinterface. The "! unable to login" error comes regardless if I use the correct or wrong credentials.
Any idea how to fix this please?
Thanks,
Robert
Is this a brand new vCSA 6.7 deployment?
Thanks for your answer. No, I updated from 6.5. I am running ESXi 6.7 and VCA 6.7 (both with latest patches). The login was working in the past. I never had issues with this, not in 6.5 and not in 6.7. Yesterday, I tried to login and I have seen this error. I have no reason what action could have triggered this new behavior.
It is for sure related to this "no proxy-handler" error message.
When I browse to the URL, I get this:
2018-09-30 15:31:44: (/build/mts/release/bora-7927448/studio/src/vami/apps/lighttpd/1.4.45/src/mod_proxy.c.1041) establishing connection failed: Connection refused
2018-09-30 15:31:44: (/build/mts/release/bora-7927448/studio/src/vami/apps/lighttpd/1.4.45/src/mod_proxy.c.1153) proxy-server disabled: 127.0.0.1 8201 10
2018-09-30 15:31:44: (/build/mts/release/bora-7927448/studio/src/vami/apps/lighttpd/1.4.45/src/mod_proxy.c.523) no proxy-handler found for: /rest/appliance/system/version
2018-09-30 15:31:49: (/build/mts/release/bora-7927448/studio/src/vami/apps/lighttpd/1.4.45/src/mod_proxy.c.1417) proxy - re-enabled: 127.0.0.1 8201
When I enter the root credentials and click login the following logs come up - basically the same as before:
2018-09-30 15:32:50: (/build/mts/release/bora-7927448/studio/src/vami/apps/lighttpd/1.4.45/src/mod_proxy.c.1041) establishing connection failed: Connection refused
2018-09-30 15:32:50: (/build/mts/release/bora-7927448/studio/src/vami/apps/lighttpd/1.4.45/src/mod_proxy.c.1153) proxy-server disabled: 127.0.0.1 8201 9
2018-09-30 15:32:50: (/build/mts/release/bora-7927448/studio/src/vami/apps/lighttpd/1.4.45/src/mod_proxy.c.523) no proxy-handler found for: /rest/com/vmware/cis/session
2018-09-30 15:32:55: (/build/mts/release/bora-7927448/studio/src/vami/apps/lighttpd/1.4.45/src/mod_proxy.c.1417) proxy - re-enabled: 127.0.0.1 8201
Regards,
Robert
Hang on, let's take a step back. Login to the console (not SSH) with your root account. Does it let you in? If so, check the root password expiration with chage -l root. What is the output?
Thanks. I have done this. Password is brand new, it is not expired. It is not a credentials issue. It is a lighttpd/proxy issue.
# chage -l root
Last password change : Sep 30, 2018
Password expires : Sep 30, 2019
Password inactive : never
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : 365
Number of days of warning before password expires : 7
I found another strange thing. In the root directory, there is a file:
# ls -l
total 1141
-rw------- 1 root root 1096973 Sep 30 15:38 abyss.log <- what is this file? Why is this in the root directory anyway?
lrwxrwxrwx 1 root root 7 Mar 7 2018 bin -> usr/bin
drwxr-xr-x 4 root root 1024 Mar 7 2018 boot
drwxr-xr-x 27 root root 4340 Sep 30 11:57 dev
drwxr-xr-x 85 root root 4096 Sep 30 12:02 etc
...
tail -f abyss.log
127.0.0.1:47301 - no_user - [30/Sep/2018:15:39:05 -0200] "POST" 200 2066
127.0.0.1:47301 - no_user - [30/Sep/2018:15:39:06 -0200] "POST" 200 2066
127.0.0.1:47301 - no_user - [30/Sep/2018:15:39:07 -0200] "POST" 200 2066
127.0.0.1:47301 - no_user - [30/Sep/2018:15:39:08 -0200] "POST" 200 2066
127.0.0.1:47301 - no_user - [30/Sep/2018:15:39:09 -0200] "POST" 200 2066
127.0.0.1:47301 - no_user - [30/Sep/2018:15:39:10 -0200] "POST" 200 2066
127.0.0.1:47301 - no_user - [30/Sep/2018:15:39:11 -0200] "POST" 200 2066
127.0.0.1:47301 - no_user - [30/Sep/2018:15:39:12 -0200] "POST" 200 2066
127.0.0.1:47301 - no_user - [30/Sep/2018:15:39:13 -0200] "POST" 200 423
127.0.0.1:47301 - no_user - [30/Sep/2018:15:39:13 -0200] "POST" 200 4915
127.0.0.1:47301 - no_user - [30/Sep/2018:15:39:13 -0200] "POST" 200 2066
127.0.0.1:47301 - no_user - [30/Sep/2018:15:39:14 -0200] "POST" 200 2066
127.0.0.1:47301 - no_user - [30/Sep/2018:15:39:15 -0200] "POST" 200 2066
lsof abyss.log
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
ld-linux. 1764 root 16w REG 8,3 1107846 16168 abyss.log
One log line every second. I tried to find what this file is used for but found no proper information.
Thanks,
Robert
I'm not sure what that log file is for. Since you've changed your root password, reboot your vCSA and try to login to the VAMI again.
Thanks. Have done this. 100 times. Same. There are some lack of resources for the proxy. That's some how related.
Regards,
Robert
Have you opened an SR on this? Do you have support, or is this just a lab?
It is a lab, licensed. Not sure if this allows me to open an SR for this.
Regards,
Robert
You might have already checked this but, is colon character (:) a part of the vCenter password? If yes, we might be encountering a known issue -
vSphere 6.7 Release Notes - Check for 'Cannot log in to vSphere Appliance Management Interface if the colon character (:) is part of vCenter Server root password...'
Cheers,
Supreet
Thanks. No, there is no colon. It is not a password/credentials issue. I can enter whatever credentials and I do get the same error. The https request has issues. It is a problem with the http-server/proxy responsible for this web interface.
I have checked the logs. The logs started the day I patched the appliance with "VMware-vCenter-Server-Appliance-6.7.0.14000-9451876-patch-FP". Hence, there is an obvious dependency to this patch.
You guys have this "abyss.log" in the root directory? It is weird, but guess this particular file has nothing to do with the issue. Only problem is, that it eats up the root partition space.
Best regards,
Robert
Hi Robert,
have you tired to delete the "/var/vmware/applmgmt/session" folder?
-- Ben