Skip to main content

Unable to log into vCenter Appliance via Web

·274 words·2 mins
system-administration tech linux photonos sysadmin systemd technology vcenter vmware
James Pettigrove
Author
James Pettigrove
Cloud Engineer with a focus on Microsoft Azure

With everyone scrambling to patch the latest vulnerability to hit the VMware vCenter product, I came across some strange behaviour from our very own vCenter appliance running 6.7. When attempting to log into the web gui of the appliance, I was repeatedly getting a bad credentials error message.

I went round and round in circles trying to confirm I had the correct credentials, testing against vSphere etc… Eventually I started to suspect the issue was with the appliance itself.

Turned out I was on the right track - a service that powers the web gui was disabled on the appliance.

If you suspect something similar from your appliance, do the following to confirm and resolve:

  1. Log into your appliances IP address, DNS or FQDN via SSH and login as root
  2. Run systemctl status applmgt - This should return a status of DEAD
  3. Run systemctl list-unit-files - Look for our applmgt service. It should be set to Masked.

For reasons unknown, the required service’s unit files (the configuration files of the service) have been symlinked to /dev/null. This is otherwise known as Masking. Masking is the Linux equivalent to disabling a service. This is only done if you want a service to not run under any circumstances (including at boot and manually by a user). We need to remove this symlink and restart the service.

  1. Run systemctl unmask applmgt
  2. Run systemctl list-unit-files - Look for our applmgt service once more. This time, it should be set to Enabled
  3. Run systemctl restart applmgt to kick off the service.

Now retry logging into the vCenter appliance’s web gui. With any luck, you should be back to normal.

Related

Container Camp in review - Part 1
·564 words·3 mins
system-administration tech containers docker k8s kubernetes linux sysadmin technology
For those of you who follow me on other social media platforms, it will be of no surprise that I had the fortunate opportunity to attend Container Camp Australia this year.
Removing rules in IPTables
·272 words·2 mins
system-administration tech iptables linux networking sysadmin technology
So you’ve had a go at entering the wonderful world of iptables, with its chains, rules and of course tables.
Using IPTables to force all DNS queries to a Pi-Hole
·756 words·4 mins
system-administration tech iptables linux networking pihole sysadmin technology
Hopefully by now you have heard the good word about Pi-Hole, set one up in a Docker container and now enjoying a substantially ad-less and speedy internet experience across all your devices.