New accounts cannot log in to vRealize Automation

In my current position I manage a vRealize Automation environment which is also connected to a vRealize Orchestrator server.

The vRO server is using vRA as the Identity Provider.

For some reason new accounts were not able to log in to the vRO client.

So the first thing we checked was the synchronization with Active Directory in the vRA. Everything looked fine (green checkmark).

But the problem was not in the synchronization in the tenant I was working in. It was in the default tenant.

This synchronization was running every week but stopped working. The reason had to do with the Safeguards.

Sync Safeguards limits the number of changes that can be made to the User and Groups when the directory syncs.

Synchronization fails if the changes are more than the percentage that is set.

After manually starting the sync and overwriting the safeguard the new users were added and were able to log in.

vMotion fails at 72%

This week I had a strange issue with vMotion. I tried to put a host in maintenance mode and it failed. There were some VM’s that didn’t want to be moved to another host. The error I saw was this:

Hmm. Why was this happening to only a couple of VMs? A quick look at the setting revealed something I didn’t see before. All of the VMs that were stuck had a serial port configuration that was pointing to a server.

So the first thing I tried was disconnecting the port and testing a vMotion. Bam! It worked!

But why did it fail with a connected port? I tried the vSPC URI. Nothing!! The network team confirmed that there was no record for this server and after re-adding it to DNS I could connect to the URI. And when I connected the port and tried a second vMotion it was working again.