Actually, yesterday should be the day at which I migrate one of the last physical Windows vCenter servers installed in my customer base. Actually… the migration failed twice. And each time I had to rollback, power-on the old physical server, reset the computer account etc.
The update was from VMware vCenter Server 6.0 Update 3d (7462484) on a Windows 2012 R2 server to vCenter Server 6.7 Update 3 (Appliance). The migration failed at 62% with the following message:
Traceback (most recent call last): File "/usr/lib/vmware-content-library/firstboot/content-library-firstboot.py", line 219, in Main vdc_fb.register_cis() File "/usr/lib/vmware-content-library/firstboot/content-library-firstboot.py", line 77, in register_cis self._reg_info.registerAll(self.get_soluser_id(), self.get_soluser_ownerId()) File "/usr/lib/vmware-content-library/install_lib/cis_register.py", line 368, in registerAll self.registerUserAndService(user_name, user_id, service) File "/usr/lib/vmware-content-library/install_lib/cis_register.py", line 395, in registerUserAndService add_vmtx_privileges(self.vdc_cfg_dir) File "/usr/lib/vmware-content-library/install_lib/add_vmtx_privileges_after_fb.py", line 105, in add_vmtx_privileges log("Adding privileges [%s] to role %s" % (' '.join(VMTX_SYNC_PRIVILEGES), cls_admin_role.name)) AttributeError: 'NoneType' object has no attribute 'name'
I found the same error in the content-library-firstboot.py_9150_stderr.log file of the downloaded log bundle.
Okay, that’s a pretty long error message and I had no idea where I should start searching. But it seems related to the Content Library of the vCenter. And it looks like it is related to the privileges.
log("Adding privileges [%s] to role %s" % (' '.join(VMTX_SYNC_PRIVILEGES), cls_admin_role.name))
A forum post led me to the content library administrator role. The author had to deal with a failed migration (6.5 to 6.7), but his conten administrator role was missing. In my case, the role was existent.
Sorry for the german translation. As you can see, the role was existent… Obviously. I tried to add a new role with the name com.vmware.Content.Admin, as mentioned in the forum post, and… a new role appeared.
You might notice the “Beispiel” or “Example”. That’s the difference. Whatever the other role is or what its look like, it is definitely not the original content library administrator role.
And to make a long story short: The migration was successful after this small change.
- Why you should change your KRBTGT password prior disabling RC4 - July 28, 2022
- Use app-only authentication with the Microsoft Graph PowerShell SDK - July 22, 2022
- Getting started with the Microsoft Graph PowerShell SDK - July 21, 2022