VMware Cloud Foundation: Patching Failed – LAB2PROD

VMware Cloud Foundation: Patching Failed

SDDC Manager: Unable To Configure Security Global Config

The Issue?

VCF

1. SDDC Manager and VMware Cloud Foundation services.
2. VMware Cloud Foundation config drift.
3. vRealize Suite Lifecycle Manager, vRealize Suite products, and Workspace ONE Access.
4. NSX.
5. vCenter Server.
6. If you have stretched clusters in your environment, upgrade the vSAN witness host.
7. VxRail Manager and ESXi

There are 6 steps to upgrade a VMware Cloud Foundation (VCF) management domain:

Repeat this process for the root account if required. Once this process is complete, retry password remediation on SDDC Manager again.

The Cause?

3. Run the following commands on each of the NSX-T Managers:

The Fix?

My VCF Troubleshooting guide has a few other tips for administrators.

Related

The issue highlighted in this post occurs as part of step 1, specifically, when upgrading SDDC Manager.

This is due to the password expiration on the admin account on the NSX Managers. As a result of the expired password, the password saved on SDDC Manager no longer works against the NSX Managers. Due to repeated failed login attempts via API, the NSX Managers lock out the SDDC Manager login attempts – even with the right credentials. This results in the administrator not being able to remediate the account password in SDDC Manager.

2. Login with admin credentials.

Summary

The issue is a result of not maintaining account password validity across SDDC Manager and the various solutions, in this case it was VMware NSX. It would prove beneficial to add password maintenance to your teams BAU task list.

Check out these links for all my other VCF articles and my recently published VCF course

This fix is relatively quick and simple:

Reference: VMware Cloud Foundation Upgrade Process