VMware NSX

 View Only
Expand all | Collapse all

NSX-T Delete VIDM Configuration

shank89

shank89Dec 05, 2020 07:48 PM

  • 1.  NSX-T Delete VIDM Configuration

    Posted Nov 30, 2020 01:57 AM

    Hi, going through the NSX-T commands I don't see anything that clear the VIDM configuration.

    After upgrading from 2.5 to 3.0 I decided to use LDAP instead of VIDM for authentication so I could get rid of VIDM and save some compute resources.

    After disabling VIDM I see the configuration remains behind, I'd like to clear that, thanks.



  • 2.  RE: NSX-T Delete VIDM Configuration

    Posted Dec 01, 2020 07:36 PM

    Hi, 

    So when navigating to nsx manager is it still redirecting you to vidm?



  • 3.  RE: NSX-T Delete VIDM Configuration

    Posted Dec 02, 2020 03:29 PM

    No, I've disabled VIDM but the info stays. Wondering if that can be reset/cleared out as I deleted the VIDM VM.

    NSX.png



  • 4.  RE: NSX-T Delete VIDM Configuration

    Posted Dec 04, 2020 12:22 PM

    Hi,

    Sure there are a couple of ways to do this, powercli and straight curl / api come to mind straight away.

    If you use the code below it should wipe out your settings and revert it back to default.

     

     

    curl --location --request PUT 'https://nsxmgr.shank.com/api/v1/node/aaa/providers/vidm' \
    --header 'Authorization: Basic yourTokenHere' \
    --header 'Content-Type: application/json' \
    --header 'Cookie: JSESSIONID=D0EA6890719430A99D8044E85AEF1E10; JSESSIONID=6239026691FE848867AE2BC4830CB397' \
    --data-raw '{
        "client_id": "",
        "host_name": "",
        "lb_enable": false,
        "node_host_name": "",
        "thumbprint": "",
        "vidm_enable": false
    }'

     



  • 5.  RE: NSX-T Delete VIDM Configuration

    Broadcom Employee
    Posted Dec 05, 2020 05:11 PM
    • Delete the imported users
    • Disable VIDM
    • Delete all VIDM enteries 

    Above steps will clean up VIDM configuration .  

     



  • 6.  RE: NSX-T Delete VIDM Configuration

    Posted Dec 05, 2020 07:48 PM


  • 7.  RE: NSX-T Delete VIDM Configuration

    Posted Dec 05, 2020 08:56 PM

    I don't think the ui will allow having nothing entered,  which is why the user is having issues.  The moment you try to delete the entry after disabling it you get a red asterisk. 

    At least from previous testing, I generally use API now as it's guaranteed to work.



  • 8.  RE: NSX-T Delete VIDM Configuration

    Broadcom Employee
    Posted Dec 06, 2020 07:40 AM

    What version of NSX and  VIDM is it ? I was able to delete the entries from GUI itself. Only when services are enabled those fields are mandatory . I have tested with NSX-T 3.1& VIDM 3.3.2.0 



  • 9.  RE: NSX-T Delete VIDM Configuration

    Posted Dec 06, 2020 07:52 AM

    Interesting.. NSX-T 3.1 and video 3.3.2 as well, from memory!

     

    I imagine the OP is having the same issue as demonstrated, if so the api should definitely work.

    There may be another underlying cause for us not being able to do it via the gui, if it is a known bug or not may have to be investigate:)



  • 10.  RE: NSX-T Delete VIDM Configuration

    Posted Dec 10, 2020 04:28 AM

    I tried the curl command but the configuration seems to just repopulate after a minute or so, it's a 3 node cluster with a VIP. I tried running the command on each node and the VIP with no luck.



  • 11.  RE: NSX-T Delete VIDM Configuration

    Posted Dec 10, 2020 04:29 AM

    I'm using VIDM 3.3.2 and NSX 3.0.2, maybe time to upgrade to 3.1?



  • 12.  RE: NSX-T Delete VIDM Configuration

    Posted Dec 10, 2020 04:43 AM

    That's very weird, haven't seen that behaviour! Based on what you said tried it on the primary manager as well.



  • 13.  RE: NSX-T Delete VIDM Configuration

    Posted Dec 10, 2020 05:29 AM

    Yes I tried it on the master node, the other 2 nodes and the cluster IP.



  • 14.  RE: NSX-T Delete VIDM Configuration

    Posted Dec 10, 2020 05:38 AM

    I'll test again shortly and report back.



  • 15.  RE: NSX-T Delete VIDM Configuration

    Posted Dec 11, 2020 06:23 AM

    Any luck duplicating what I’m seeing?



  • 16.  RE: NSX-T Delete VIDM Configuration

    Posted Dec 11, 2020 06:49 AM

    Yup, same behaviour in 3.1 on a 3 node cluster.  Just trying to work it out and also see if it is a bug.



  • 17.  RE: NSX-T Delete VIDM Configuration

    Posted Dec 12, 2020 02:23 AM

    Ok, so this is more than likely a bug, I am raising a PR for it :).



  • 18.  RE: NSX-T Delete VIDM Configuration

    Posted Dec 13, 2020 04:54 PM

    Thanks for testing, little cosmetic bug for all those OCD folks that can’t stand seeing something that no longer exists lol



  • 19.  RE: NSX-T Delete VIDM Configuration

    Posted Dec 13, 2020 07:35 PM

    Yup, that's me lol. 



  • 20.  RE: NSX-T Delete VIDM Configuration

    Posted Dec 05, 2020 09:03 PM

    For example, I have just readded vidm in my lab;

    shank89_0-1607201818476.png

    Check users, there is one.

    shank89_1-1607201867745.png

    Delete the user;

    shank89_2-1607201901477.png

    Disable VIDM;

    shank89_3-1607201962868.png

    Now go back in to delete the entries as you suggested;

    shank89_4-1607202008543.png

    Not allowed.

     

    However, jump back into lets say postman and run the command I sent earlier;

    shank89_5-1607202112979.png

    shank89_6-1607202144128.png

     

    All cleared up :).

     

     

     



  • 21.  RE: NSX-T Delete VIDM Configuration

    Posted May 15, 2023 04:21 PM

    Hi Shashank,

     

    I tried the APi method to clear the vidm info. But it didnt work. Any idea or any other option we have to clear the details.

    I am using 3.2.3 NSX T version.

     

    Thanks

    Bikash



  • 22.  RE: NSX-T Delete VIDM Configuration

    Posted May 16, 2022 04:09 AM

    Old Thread, but adding my2cts if anyone looks for a solution.


    -Clear the Cluster VIP using the API - https://nsxmgr/api/v1/cluster/api-virtual-ip?action=clear_virtual_ip

    -Configure the Cluster VIP via UI.

    -Now will see the VIDM is disabled/deleted.