Launching soon: The world's first vendor agnostic bug scrubLearn more & join waitlist
OPERATIONAL DEFECT DATABASE
...
...
Failed to add Local Administrator user through vCenter Server Appliance shell. For more information about adding Local User Accounts to VCSA, See Create a Local User Account in the vCenter Server Appliance Command> localaccounts.user.add --role admin --username Administrator --passwordEnter password:Reenter password:Error in executing command: 8002 The applmgmt.log contains entries similar to: Note: appmgmt.log can be found in /var/log/vmware/applmgmt/applmgmt.log 2018-12-27T00:42:45.696 [15590]DEBUG:vmware.appliance.localaccounts.impl:Executing operation /usr/sbin/useradd ['Administrator', '-m', '-c', 'Administrator', '-G', 'admin']2018-12-27T00:42:45.723 [15590]DEBUG:vmware.appliance.localaccounts.impl:Operation output = b'', error = b"useradd: user 'Administrator' already exists\n" returncode = 92018-12-27T00:42:45.724 [15590]ERROR:vmware.appliance.localaccounts.impl:User add failed: [Failure instance: Traceback: : pint.Error('com.vmware.applmgmt.err_operation_failed', 'Operation Failed.', **{})or 2020-12-02T15:31:22.470 [10663]ERROR:vmware.appliance.localaccounts.impl:GenericErrorBack: pint.Error('com.vmware.applmgmt.err_add_user_failed', 'Failed to add user.', **{})2020-12-02T15:31:22.480 [10663]CRITICAL:twisted:Unhandled ErrorTraceback (most recent call last): File "/usr/lib/python3.5/site-packages/twisted/internet/_baseprocess.py", line 64, in maybeCallProcessEnded proto.processEnded(Failure(reason)) File "/usr/lib/python3.5/site-packages/twisted/internet/utils.py", line 163, in processEnded self.deferred.callback((out, err, code)) File "/usr/lib/python3.5/site-packages/twisted/internet/defer.py", line 459, in callback self._startRunCallbacks(result) File "/usr/lib/python3.5/site-packages/twisted/internet/defer.py", line 567, in _startRunCallbacks self._runCallbacks()--- <exception caught here> --- File "/usr/lib/python3.5/site-packages/twisted/internet/defer.py", line 653, in _runCallbacks current.result = callback(current.result, *args, **kw) File "/usr/lib/applmgmt/transport/py/vmware/vherd/transport/xmlrpc.py", line 233, in unauthorized_cb failure.trap(authorization.AuthorizationError) File "/usr/lib/python3.5/site-packages/twisted/python/failure.py", line 346, in trap self.raiseException() Note:The preceding log excerpt are only examples. Date, time and environmental variables may vary depending on your environment.
Adding Administrator user may fail because of two reasons: root password is expiredA Local Administrator Account "lsass" is added to nsswitch.conf file.
If the failure is because root password is expired: The applmgmt.log shall include the below: 2020-12-02T15:31:22.480 [10663]CRITICAL:twisted:Unhandled ErrorTraceback (most recent call last): File "/usr/lib/python3.5/site-packages/twisted/internet/_baseprocess.py", line 64, in maybeCallProcessEnded proto.processEnded(Failure(reason)) File "/usr/lib/python3.5/site-packages/twisted/internet/utils.py", line 163, in processEnded self.deferred.callback((out, err, code)) File "/usr/lib/python3.5/site-packages/twisted/internet/defer.py", line 459, in callback self._startRunCallbacks(result) File "/usr/lib/python3.5/site-packages/twisted/internet/defer.py", line 567, in _startRunCallbacks self._runCallbacks()--- <exception caught here> --- File "/usr/lib/python3.5/site-packages/twisted/internet/defer.py", line 653, in _runCallbacks current.result = callback(current.result, *args, **kw) File "/usr/lib/applmgmt/transport/py/vmware/vherd/transport/xmlrpc.py", line 233, in unauthorized_cb failure.trap(authorization.AuthorizationError) File "/usr/lib/python3.5/site-packages/twisted/python/failure.py", line 346, in trap self.raiseException() To verify root password expiry, run the below command: # chage -l root If you got the below output, then the password expired To reset the rood password from Shell , run the below command # passwd Now try the command again, it will work. If the failure is because a Local Administrator Account "lsass" is added to nsswitch.conf file. The applmgmt.log shall include the below: 2018-12-27T00:42:45.696 [15590]DEBUG:vmware.appliance.localaccounts.impl:Executing operation /usr/sbin/useradd ['Administrator', '-m', '-c', 'Administrator', '-G', 'admin']2018-12-27T00:42:45.723 [15590]DEBUG:vmware.appliance.localaccounts.impl:Operation output = b'', error = b"useradd: user 'Administrator' already exists\n" returncode = 92018-12-27T00:42:45.724 [15590]ERROR:vmware.appliance.localaccounts.impl:User add failed: [Failure instance: Traceback: : pint.Error('com.vmware.applmgmt.err_operation_failed', 'Operation Failed.', **{}) To verify that there is Administrator Account "lsass" is already added, run the below commands: 1- # getent passwd | grep "Administrator"You should get the below outputHostname\Administrator:x:1500:1800::/:/bin/sh2-# grep lsass /etc/nsswitch.confYou should get the below outputpasswd: files ato lsassgroup: files lsass Now you need to remove the lsass from the nsswitch.conf file as below:Navigate to the file directory using cd command # cd /etc/ Important: Take a backup from the the nsswitch.conf file before doing any changes.# cp nsswitch.conf nsswitch.con.old Using a Text Editor vi , remove the lsass from the nsswitch.conf file Before:passwd: files ato lsassgroup: files lsassAfter:passwd: files atogroup: files Save and close Now try the command again, it will work.