I have used to below commands to recover from a failed PSC deployment. When trying to redeploy after the failed deployment, I encountered the error:
“Failed to run vdcpromo”
Following the below steps on the current PSC resolved the error and I was then able to successfully restart the PSC deployment.
Also, protip to avoid having to keep redeploying the appliance, take a snapshot right after phase 1 completes. Then you can simply restore the snap and access your vm via the web interface to try again.
login as: root VMware vCenter Server Appliance 22.214.171.12400 Type: vCenter Server with an embedded Platform Services Controller Using keyboard-interactive authentication. Password: Last login: Wed Sep 20 15:34:18 2017 from 10.110.0.181 Connected to service * List APIs: "help api list" * List Plugins: "help pi list" * Launch BASH: "shell" Command> shell Shell access is granted to root root@vcenter [ ~ ]# cd /usr/lib/vmware-vmdir/bin root@vcenter [ /usr/lib/vmware-vmdir/bin ]# ./vdcleavefed -h vcenter-psc.redacted.lan -u Administrator password: vdcleavefd offline for server vcenter-psc.redacted.lan vcenter-psc.redacted.lan server cleanup performed. root@vcenter [ /usr/lib/vmware-vmdir/bin ]#
Additional info: I also ran into this when trying to deploy an additional PSC that had a failed installation, but got a completely different error (see below). Going to Administration -> System Configuration in the flash vSphere web client also displays the failed PSC. Login to the live PSC and use the above commands to cleanup, then restart the new PSC deployment. Refreshing the System Configuration page once the vdcleavefed command was ran confirms the cleanup is complete and the failed install is no longer listed.
The error I received when deploying this PSC was:
Could not connect to VMware Directory Service via LDAP. Verify VMware Directory Service is running on the appropriate system and is reachable from this host.
Removing the failed deployment via vdcleavefed did not resolve the issue.
I decided to test LDAP connectivity to the PSC from the failed PSC deployment. I SSH’d into the box and did the following:
root@localhost [ /usr/lib/vmware-vmdir/bin ]# ./vdcadmintool ================== Please select: 0. exit 1. Test LDAP connectivity 2. Force start replication cycle 3. Reset account password 4. Set log level and mask 5. Set vmdir state 6. Get vmdir state 7. Get vmdir log level and mask ================== 1 Please enter LDAP server host: vcenter-psc.redacted.lan Please enter LDAP server port: 389 Please enter LDAP server SSL port: 11712 Please enter LDAP Bind DN: cn=Administrator,cn=Users,dc=vsphere,dc=local Please enter LDAP Bind UPN: Administrator@vsphere.local Please enter LDAP Bind password: ldap://vcenter-psc.redacted.lan:389 (ANONYMOUS) bind succeeded. ++++++++++++++++++++ ldaps://vcenter-psc.redacted.lan:11712 SSL bind failed. (-1)(Can't contact LDAP server) ldap://vcenter-psc.redacted.lan:389 SRP bind succeeded. ++++++++++++++++++++ ldap://vcenter-psc.redacted.lan:389 GSSAPI bind failed. (9100)(Unknown (extension) error)
Edit: Additional semi-related data
Get machine’s guid
root@vcenter-psc [ /usr/lib/vmware-vmdir/bin ]# /usr/lib/vmware-vmafd/bin/vmafd-cli get-machine-id --server-name localhost
Get machine’s pnid (machine/host name?)
root@vcenter-psc [ /usr/lib/vmware-vmdir/bin ]# /usr/lib/vmware-vmafd/bin/vmafd-cli get-pnid --server-name localhost
Get services in the directory
root@vcenter-psc [ ~ ]# /usr/lib/vmware-vmafd/bin/dir-cli service list