Hi,
We are going to install VCSA 6.7 and before the installation, we got some issue to clear out.
When we install VCSA on Windows PC, the VCSA will be installed as appliance and will be able to use from ESXi.
But what happens to the PC that we used to install VCSA? Can we just remove the PC and use VCSA from ESXi once the installation has completed?
Will there be any problem that we just use Windows PC for VCSA installation purpose only?
I just migrated my Windows vCenter 6.0 to VCSA 6.5. It does not appear that the local built-in administrator account has any privileges to modify certain roles, but most certainly I am unable to delete from disk. Am I missing something?
Trying to restore VCSA from backup.
Actually I am trying to move it from a server that does not have access to my vSAN. I thought I would just install into vSAN and restore from backup. When I try to load the back it says I need to use VCSA 6.7U3d. However, I can only find U3B on myvmware.com.
Bonjour
suite au changement de notre nom de domaine, je n'arrive pas accéder a vSpher center.
il pointe sur l'ancienne adresse de l'ancien domaine.
comment faire pour qu'il pointe sur la nouvelle adresse du nouveau domaine
Merci
Hi all,
We are running vmware 6.5 and pretty much all of the certificates are due to expire over the next few weeks and the person that has set everything up has now left so I cannot ask how this was set up.
So far I have gone through the following on our sandpit environment,
On the PSC server
Use certificate-manager menu option 2 to generate a new cert request.
Run the request through the ca server.
Import the new cert to the PSC server.
From the PSC web gui log into certificate management for the PSC and renew the __MACHINE_CERT, machine and vpshere-webclient certs.
Log out certificate management.
Log certificate management into the vcenter appliance.
Use the GUI to renew __MACHINE_CERT, machine and vsphere-webclient, vpxd and vpxd-extension certs.
I have also updated /etc/applmgmt/appliance/new.cert and the config and restarted lighthttp.
At this point everything looks to be OK most of the websites have the full cert chain if you view the certificates. For some reason the vcenter appliance website cert does not display the chain. If I download the certs from the login page and install them then this fixes the chain. Should I have to do this on every machine that logs in or should the chain be included as it is on the PSC webpage login.
Also on our production system if you log certificate management into a vcenter appliance and view the solution user certs you can see the chains but these are not showing on the sandpit. This leads me to think I have missed loading a chain somewhere but cannot see it missing from anywhere.
This is how the cert appears in the production SPC certificate manager.
And this is how it looks on the sandpit SPC certificate manager.
Can anyone advise what I might of missed out ?
Hi All, I have multiple query on sso and linked mode whereas our infra is having 9+ vcenter server confiugred with vcsa and external psc deployed with 6.5 u3.
9+ vcenter servers are configured with sso and linked mode. recently we have upgraded one psc and vc to 6.7 after that we noticed that linked mode is config is broken for the upgraded vc and few other vc's.
While upgrading the psc may be our engineer added the psc as new sso however why the other vc's linked mode is broken.
I guess the linked mode should work with 6.5 and 6.7 vcenter server if not wrong as am able to see the 6.7 upgraded vc having linked with 6.5 vcenter servers aswell now.
Please suggest.
thanks.
Hi,
We are running vCSA 6.5. Our vcenter has an official hostname but we normally access it using a DNS alias/CNAME. I would like to regenerate the SSL/TLS certificate of the vCSA to include those "subject alternative names".
- Is it possible to configure "subject alternative names" for the vCSA with the vSphere Certificate Manager Utility (/usr/lib/vmware-vmca/bin/certificate-manager) ??
- My only option would be to use VMCA Default Certificates with External SSL Certificates (Hybrid Mode) ??
Thanks in advance! this is my first approach the VMCA.
I have just recently joined our vCenter 6.5 Appliance with Embedded PSC to our domain to get it setup for Smartcard Authentication instead of username and password. Joining the appliance to the Domain went fine with no issues. I then logged into the the URL for the PSC, https://hostname.domain.com/psc/ and logged in with our vCenter SSO admin account. I configured the Single-Sign On Configuration for Smart Card Authentication to Enabled and added the the Trusted CA certificates necessary that our Smart Cards use. Following that I added the Identity Source of our Domain using Active Directory (Integrated Windows Authentication), I attempted LDAP but the Active Directory Server as LDAP kept rejecting. In the PSC and vSphere Web Client I have been able to add Domain Users to to the Single Sign-On Users and Groups, adding them to the local SSO Domain groups. I then went into Access Control > Global Permissions on the Web Client and added the Domain Users that way as well and assigning Roles. I then tried the Use Smart Card to login and I get the HTTP Status 400 Error, any help would be appreciated.
I have setup VCA in HA configuration in a test environment but I am running into the following problem:
The vCenter HA IPs are in a separate subnet with no default gateway as per instructions
but as a result I don't have ssh or :5480 access to the passive and witness nodes unless
I use the active node as a bastion host and risking not having access in an event of a
disaster scenario where the the active node becomes unresponsive etc.
Similarly those nodes don't have access to other internal services like ntp/dns etc which
might cause issues down the road.
What would be the best solution to this ?
Should I add an extra nic to all nodes that rests on a subnet with full access to my internal network ?
Should I add custom routes for services/subnets to all nodes ?
Thanks for all the suggestions in advance
hi ,
I am looking for solution which will collect every login on vCSA and every that they do , like edit vm or execute some script for provisioning.
As the tile suggests, I'm unable to get past the "Select Parts to Backup" section of the native VCSA backup utility. It's stuck on Retrieving Size. It just spins and spins. I've tried different protocols, all with the same result. The HTTPS connection is valid and works, I just can't get it to gather the size.
Any idea how to get past this?
edit: added attachment
Hi all,
there one vCenter Server A with embedded PSC and a SSO-Domain, and there is a second (embedded) linked vCenter Server B which is using the same SSO Domain. Both are running vSphere 6.7 U1 (and later). The problem is, that vCenter A should be replaced because the domain-fqdn (Microsoft) should be changed which is not supported in this constellation - so I decided to deploy a new vCenter A_new and connected Hosts and inventory from vCenter A, which worked as expected. But now, is there a option to repoint vCenter B to the new vCenter A_new?
There are some information about smsso utility repointing a domain, but i am not sure if this works in my constellation.
Does anyone have any experience with this?
thanks
Markus
Bonjour
nous venosn de changer le domaine active directory et donc procédons au répointage de notre vcenter vers le psc dans le nouveau domaine.
on exécutant la commande:
cmsso-util repoint --repoint-psc namepsc --dc-port 443
nous avons une erreur HTT 404
merci de m'aider a résoudre ce problême car actuellement je n'ai plus accès a mes machines virtuelles
Merci
*******************
Hello
we have just changed the active directory domain and therefore are repointing our vcenter to psc in the new domain.
on executing the command:
cmsso-util repoint --repoint-psc namepsc --dc-port 443
we have an HTT 404 error
thank you for helping me to solve this problem because currently I no longer have access to my virtual machines
Thank you
Hi,
Is there any way to encrypt database password on vcdb.properties?
BR
Dear Experts,
I have a vcenter (windows based)
version
*
C:\Program Files\VMware\vCenter Server\vpxd>vpxd.exe -v
VMware VirtualCenter 6.5.0 build-4944578
*
recently there is an power outage that took our vsphere and storage down.
However when trying to start the vcenter again, we found error as:
checking the service using cmd line:
3 service still unable to start..
error as :
step taken so far:
1. follow VMware Knowledge Base (KB 50112996)
2. follow VMware Knowledge Base (KB 50113197)
with no luck.
Please advice if you guys have experienced same issue.
Thank you.
I recently migrated to Virtual Distributed Switches. Ever since then, the 'Recent Tasks' section in the vSphere Client on vCenter displays the following message:
Look up portgroup based on portgroup key - target name X
This message is displayed every few seconds and is causing very high CPU utilization on the vCenter Server Appliance (6.7.0.42000). I searched around and was unable to find anything that would tell me the reason this is happening.
The value for the target name varies depending on the portgroup in question.
I only have 2 ESXi servers in the environment:
One server running 6.7.0 - 13981272
One server running 6.5.0 - 13932383
Thanks in advance!
Error Message:
Hello guys good evening, I was encountered this error on my host machine when accessing the vcenter server with vSphere Client (HTML5) - partial functionality, any solution or recommendation to solve my current issues on my vCenter Server 6.5 thank you guys and GOD BLESS US ALL...
running vcsa u2 trying to converge 2 vcsa's, one in dr, one in prod from external PSC's to embedded. Originally tried GUI but found it's error logging lacking or at least my ability to find the errors lacking so I switched to CLI.
Screenshot's
I have no idea why firstboot is failing?
On vcsa found
less vmafd-firstboot.py_51976_stderr.log
Thanks,
Tom
Hello Experts,
we are trying to deploy a new vcenter server in a new site and we need to configure linked mode by joining an existing SSO domain.
the location of the two site are Lebanon and Iraq, and VPN connection was established between the two sites.
we received the following error during stage 2 deployment and any help is appreciated
to note that we are using vcenter server 6.7U3 in both sites
thank you in advance
Hi
I have a vcenter server installed on a Windows server system. The vcenter server is not starting, it is showing an error message as
vSphere Client could not connect to X.X.X.X
An unknown connection error occurred. (The server could not interpret the client's request. (The remote server returned an error: (503) Server Unavailable.))
Request help at the earliest as this is one of the production vcente server.
Thank you.
Srikanthan