Search the VMware Knowledge Base (KB)
View by Article ID

Cannot import LDAP users into VMware vRealize Operations Manager (2017641)

  • 6 Ratings

Cause

When you log into vCenter Server as a local user, your local user information is inserted into the database, and because this user was added by vCenter Server, it does not appear in the User Account tab. When you subsequently attempt to import LDAP users, the user name already exists in the database and cannot imported.

Resolution

To remove the user from the database:

  1. Log into the analytics virtual machine (secondaryvm) as root.

  2. Change the user to postgres.

    su - postgres

  3. Start psql to manipulate the database table:

    psql alivevm

  4. Check for the user in the useraccount table:

    select userid, username, description, ldaphostid from useraccount where username='user_name';

    For example:

    # select userid, username, description, ldaphostid from useraccount where username='test4vcops';

    userid |  username  |    description     | ldaphostid
    -------+------------+--------------------+------------
        10 | test4vcops | VC user test4vcops |   

    If ldaphostid is empty and the description is VC user username, the user was added by vCenter Server. This user must be deleted from the database.

  5. Use the userid field to identify the user and delete it from the appropriate tables.

    Note: The useraccount table is referenced from other tables, so it is necessary to delete the user from the other tables before deleting the user from the useraccount table. At a minimum, it must be deleted from the useraccount_setting and uistate tables.

    For example:

    delete from uistate where userid=10;
    delete from useraccount_setting where userid=10;
    delete from useraccount where userid=10;

    If there is an error when attempting to delete from the useraccount table, the error indicates which table has references to the user. For example:

    delete from useraccount where userid=9;

    ERROR:  update or delete on table "useraccount" violates foreign key constraint "FK_userAccount_setting_userAccount" on table "useraccount_setting"
    DETAIL:  Key (userid)=(9) is still referenced from table "useraccount_setting".

    If you encounter this error, delete the user from the indicated table before deleting it from the useraccount table. In this example, the user must be removed from the useraccount_setting table first.

  6. The user can now be successfully imported from LDAP.


Attachments

    Request a Product Feature

    To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.

    Feedback

    • 6 Ratings

    Did this article help you?
    This article resolved my issue.
    This article did not resolve my issue.
    This article helped but additional information was required to resolve my issue.

    What can we do to improve this information? (4000 or fewer characters)




    Please enter the Captcha code before clicking Submit.
    • 6 Ratings
    Actions
    KB: