When configuring vRealize Log Insight 4.5 to use vRealize Automation 7.3 embedded VMware Identity Manager (per this blog post), I ran into an issue with password complexity.
I specified a tenant name and provided valid tenant administrator credentials to register with vIDM. However, the web interface indicated an error when clicking Test Connection, related either to bad username/password or unknown response. I resolved this by using what I’d characterize as less “special” complex characters in the the local tenant administrator user account password, then running Test Connection again. Success!
Investigating the log files on the vRealize Log Insight system, I found a useful entry in one of the log files:
[2017-07-12 21:40:59.665+0000] ["https-jsse-nio-443-exec-2"/10.30.31.11 INFO]
[com.vmware.loginsight.web.actions.settings.AuthConfigurationActionBean] [Unable to login to VMware Identity Manager]
com.vmware.loginsight.aaa.vidm.exception.LoginException: Request body has invalid content
- bad json format or 'issue token' field is missing. :: Request data is not acceptable.
- Unrecognized character escape '8' (code 56)
at [Source: java.io.PushbackInputStream@8983c9b; line: 1, column: 64]
at [Source: java.io.PushbackInputStream@8983c9b; line: 1, column: 48] (through reference chain:
com.vmware.horizon.service.controller.auth.model.Login["password"]) Received unexpected response
from VMware Identity Manager instance. Domain :
For posterity, the steps to change a vRA 7.3 tenant local user account password are:
- Log in to vRA as the default administrator
- Navigate to Tenants -> Your Tenant Name -> Local Users
- Click the local user account to manage
- Click Edit
- Change the password
So, this is the same issue we’ve seen in a few different places and products. My recommendation is to always use passwords with a high degree of entropy, but in some cases you need to be careful of special characters that can be misinterpreted by some of the product line. Fun times. Hope this helps.