OPERATIONAL DEFECT DATABASE
...
...
Failed to add Local Administrator user through vCenter Server Appliance shell. For more information about adding Local User Accounts to VCSA, See Create a Local User Account in the vCenter Server Appliance Command> localaccounts.user.add --role admin --username Administrator --passwordEnter password:Reenter password:Error in executing command: 8002 The applmgmt.log contains entries similar to: Note: appmgmt.log can be found in /var/log/vmware/applmgmt/applmgmt.log 2018-12-27T00:42:45.696 [15590]DEBUG:vmware.appliance.localaccounts.impl:Executing operation /usr/sbin/useradd ['Administrator', '-m', '-c', 'Administrator', '-G', 'admin']2018-12-27T00:42:45.723 [15590]DEBUG:vmware.appliance.localaccounts.impl:Operation output = b'', error = b"useradd: user 'Administrator' already exists\n" returncode = 92018-12-27T00:42:45.724 [15590]ERROR:vmware.appliance.localaccounts.impl:User add failed: [Failure instance: Traceback: : pint.Error('com.vmware.applmgmt.err_operation_failed', 'Operation Failed.', **{})or 2020-12-02T15:31:22.470 [10663]ERROR:vmware.appliance.localaccounts.impl:GenericErrorBack: pint.Error('com.vmware.applmgmt.err_add_user_failed', 'Failed to add user.', **{})2020-12-02T15:31:22.480 [10663]CRITICAL:twisted:Unhandled ErrorTraceback (most recent call last): File "/usr/lib/python3.5/site-packages/twisted/internet/_baseprocess.py", line 64, in maybeCallProcessEnded proto.processEnded(Failure(reason)) File "/usr/lib/python3.5/site-packages/twisted/internet/utils.py", line 163, in processEnded self.deferred.callback((out, err, code)) File "/usr/lib/python3.5/site-packages/twisted/internet/defer.py", line 459, in callback self._startRunCallbacks(result) File "/usr/lib/python3.5/site-packages/twisted/internet/defer.py", line 567, in _startRunCallbacks self._runCallbacks()--- <exception caught here> --- File "/usr/lib/python3.5/site-packages/twisted/internet/defer.py", line 653, in _runCallbacks current.result = callback(current.result, *args, **kw) File "/usr/lib/applmgmt/transport/py/vmware/vherd/transport/xmlrpc.py", line 233, in unauthorized_cb failure.trap(authorization.AuthorizationError) File "/usr/lib/python3.5/site-packages/twisted/python/failure.py", line 346, in trap self.raiseException() Note:The preceding log excerpt are only examples. Date, time and environmental variables may vary depending on your environment.
Adding Administrator user may fail because of two reasons: root password is expiredA Local Administrator Account "lsass" is added to nsswitch.conf file.
If the failure is because root password is expired: The applmgmt.log shall include the below: 2020-12-02T15:31:22.480 [10663]CRITICAL:twisted:Unhandled ErrorTraceback (most recent call last): File "/usr/lib/python3.5/site-packages/twisted/internet/_baseprocess.py", line 64, in maybeCallProcessEnded proto.processEnded(Failure(reason)) File "/usr/lib/python3.5/site-packages/twisted/internet/utils.py", line 163, in processEnded self.deferred.callback((out, err, code)) File "/usr/lib/python3.5/site-packages/twisted/internet/defer.py", line 459, in callback self._startRunCallbacks(result) File "/usr/lib/python3.5/site-packages/twisted/internet/defer.py", line 567, in _startRunCallbacks self._runCallbacks()--- <exception caught here> --- File "/usr/lib/python3.5/site-packages/twisted/internet/defer.py", line 653, in _runCallbacks current.result = callback(current.result, *args, **kw) File "/usr/lib/applmgmt/transport/py/vmware/vherd/transport/xmlrpc.py", line 233, in unauthorized_cb failure.trap(authorization.AuthorizationError) File "/usr/lib/python3.5/site-packages/twisted/python/failure.py", line 346, in trap self.raiseException() To verify root password expiry, run the below command: # chage -l root If you got the below output, then the password expired To reset the rood password from Shell , run the below command # passwd Now try the command again, it will work. If the failure is because a Local Administrator Account "lsass" is added to nsswitch.conf file. The applmgmt.log shall include the below: 2018-12-27T00:42:45.696 [15590]DEBUG:vmware.appliance.localaccounts.impl:Executing operation /usr/sbin/useradd ['Administrator', '-m', '-c', 'Administrator', '-G', 'admin']2018-12-27T00:42:45.723 [15590]DEBUG:vmware.appliance.localaccounts.impl:Operation output = b'', error = b"useradd: user 'Administrator' already exists\n" returncode = 92018-12-27T00:42:45.724 [15590]ERROR:vmware.appliance.localaccounts.impl:User add failed: [Failure instance: Traceback: : pint.Error('com.vmware.applmgmt.err_operation_failed', 'Operation Failed.', **{}) To verify that there is Administrator Account "lsass" is already added, run the below commands: 1- # getent passwd | grep "Administrator"You should get the below outputHostname\Administrator:x:1500:1800::/:/bin/sh2-# grep lsass /etc/nsswitch.confYou should get the below outputpasswd: files ato lsassgroup: files lsass Now you need to remove the lsass from the nsswitch.conf file as below:Navigate to the file directory using cd command # cd /etc/ Important: Take a backup from the the nsswitch.conf file before doing any changes.# cp nsswitch.conf nsswitch.con.old Using a Text Editor vi , remove the lsass from the nsswitch.conf file Before:passwd: files ato lsassgroup: files lsassAfter:passwd: files atogroup: files Save and close Now try the command again, it will work.
Click on a version to see all relevant bugs
VMware Integration
Learn more about where this data comes from
Bug Scrub Advisor
Streamline upgrades with automated vendor bug scrubs
BugZero Enterprise
Wish you caught this bug sooner? Get proactive today.
