VMware

VMware vRealize Suite Lifecycle Manager 8.8.0 Locker Bug

VMware vRealize Suite Lifecycle Manager 8.8.0: An Odd Behavior in the Password Locker

In one of my recent articles, I discussed an issue in VMware vRealize Suite Lifecycle Manager 8.8.0 that affects the Password Locker feature. Specifically, when attempting to complete regular account password changes, my colleague and I noticed that the Password Locker was only returning 10 passwords and stating there were only 10 passwords in the system, even though we knew that more password entries existed in the Locker.

After investigating the issue further, we found that the behavior was not limited to the Password Locker but also affected the Certificate Locker. Additionally, we discovered that the issue is not due to a lack of pagination but rather a change in the API or database code that returns the incorrect number of total objects.

In this article, I will delve deeper into the issue and explore the implications of this behavior. I will also discuss the potential causes and possible solutions for the problem.

Issue Description

—————-

The issue is as follows: when attempting to access the Password Locker or Certificate Locker in VMware vRealize Suite Lifecycle Manager 8.8.0, the UI only displays 10 entries, even if there are more than 10 entries in the system. The UI also states that there are only 10 passwords or certificates in the system, respectively.

However, when using the REST API, we can see that the API returns a total count of all objects in the system. For example, when issuing a request to /lcm/locker/api/passwords/search?from=0&size=10&aliasQuery=, the response includes a total property that lists the number of returned passwords. In my case, the instance has a total of 19 password entries in the Locker.

Implications of the Issue

————————-

The issue has several implications for users of VMware vRealize Suite Lifecycle Manager 8.8.0:

1. **Inconvenience**: The issue can be quite inconvenient, especially if you need to manage a large number of passwords or certificates in the system. You may need to perform multiple requests to the UI or API to access all the entries in the Locker.

2. **Lack of pagination**: The UI does not provide proper pagination, making it difficult to navigate through the list of entries. Without proper pagination, users may struggle to find specific entries in the system.

3. **Incorrect total count**: The UI displays an incorrect total count of passwords or certificates in the system, which can lead to confusion and mismanagement.

Causes of the Issue

——————-

After investigating the issue, I believe that the cause is a change in the API or database code that returns the incorrect number of total objects. Specifically, the internal and public API paths exhibit the same behavior of not returning the total count of objects in the Certificate Locker.

Possible Solutions for the Issue

——————————-

There are several possible solutions for the issue:

1. **Upgrade to a later version**: VMware has confirmed that this issue will be addressed in an upcoming release. Therefore, users may want to consider upgrading to a later version of VMware vRealize Suite Lifecycle Manager to avoid the issue altogether.

2. **Use the REST API**: If you need to manage a large number of passwords or certificates in the system, you may want to consider using the REST API instead of the UI. The API returns a total count of all objects in the system and provides proper pagination.

3. **Modify the UI**: VMware could modify the UI to display the correct total count of passwords or certificates in the system. Additionally, the UI could provide proper pagination to make it easier for users to navigate through the list of entries.

Conclusion

———-

In this article, I discussed an issue in VMware vRealize Suite Lifecycle Manager 8.8.0 that affects the Password Locker and Certificate Locker features. Specifically, the UI only displays 10 entries and states there are only 10 passwords or certificates in the system, even though there may be more than 10 entries in the system. The issue is caused by a change in the API or database code that returns the incorrect number of total objects.

I hope this article has provided valuable insights into the issue and potential solutions for it. If you have any questions or comments, please feel free to reach out to me.