Working with setting up a Content Library for an environment that has five linked vCenter 6.7 servers. Two of the clusters are in the DMZ. I know for content library, ports 16666 and 16667 need to be open, and 902 is needed for network file copy. Are any additional ports needed? As it is now, receive "failed to connect to host" when attempting to copy files or sync the content library.
↧
What are the required ports for file copy (and VM Deployment) between internal and external (DMZ) hosts?
↧
Backup VCSA to AWS S3
Has anyone used the appliance backup feature to perform a back-up and save to an Amazon S3 endpoint?
↧
↧
Change IP of VCSA 7 possible?
I know that is 6.x is was only possilbe when using FQDN during stup of VCSA, but not using IP.
Is this possible now in VCSA 7?
↧
VCSA SMTP Alerts not going out via port 587 despite being configured in Advanced Settings
Doesn't seem to be too much on the internet and I have a case open with support # SR 2013496530 so I'm looking for inspiration here
I have set advanced settings for SMTP specify the Office relay FQDN username, password and port 587.
I have also edited the submit.cf and added smartest entry which is still active ie. DS[smtp.office365.com] and restarted sendmail.
When I trigger an alarm I get an error in Events saying that
Alarm 'TEST SMTP ALERT' on
cannot send email to dturner@lxxxxxxxxxx.xxx
I look at the firewall logs and I see it is still trying to connect to Microsoft server on port 25.
I tried adding in the port number to Submit.cf in the SMTP daemon options, restarted sendmail but still went out on port 25 so I have since commented this out and restarted sendmail.
Anyone got any other configuration suggestions please?
↧
vMotion - Hosts not available w/ Change Compute Resource Only
I have two hosts running 6.7.0 (10764712) and a VCSA 6.7.0.20000 VM
When we try to Migrate a VM using the 'Change compute resource only' migration type, the only destination host available is the host that the VM currently resides on. When we select 'Change both compute resource and storage', the second host is available and the migration works.
I came across the thread below with other users experiencing the same issue. There seems to be a few workarounds, but none worked for me. Any suggestions would be greatly appreciated. Thank you!
↧
↧
Fixing sendmail settings
Some months ago, I configured an smtp in the vcenter configuration settings. Now, that I want to modify the mail server, it doesn't work. Right now, I want to know
1) How can I query smtp configurations via shell (bash) commands in vcenter?
2) I see this entry in one of the sendmail config files.
root@10 [ /etc ]# grep -r XXX.edu .
./mail/sendmail.cf:DS[mail.XXX.edu:465]
where XXX is the old mail server. I can not find that XXX in the vcenter web interface. What is that?
↧
vCenter is down
I am unable to access my vCenter. I am able to telnet {telnet vcenter_fqdn 9443} and also there is sufficient space available on the partitions. vCenter service shows down and when tried to start getting below error
#service-control --start --all
Perform start operation. vmon_profile=ALL, svc_names=None, include_coreossvcs=True, include_leafossvcs=True
2020-07-04T18:54:16.732Z Running command: ['/usr/bin/systemctl', 'is-enabled', u'lwsmd']
2020-07-04T18:54:16.735Z Done running command
2020-07-04T18:54:16.739Z Service lwsmd does not seem to be registered with vMon. If this is unexpected please make sure your service config is a valid json. Also check vmon logs for warnings.
2020-07-04T18:54:16.739Z Running command: ['/sbin/service', u'lwsmd', 'status']
2020-07-04T18:54:16.760Z Done running command
Successfully started service lwsmd
2020-07-04T18:54:16.764Z Running command: ['/usr/bin/systemctl', 'is-enabled', u'vmafdd']
2020-07-04T18:54:16.769Z Done running command
2020-07-04T18:54:16.772Z Service vmafdd does not seem to be registered with vMon. If this is unexpected please make sure your service config is a valid json. Also check vmon logs for warnings.
2020-07-04T18:54:16.772Z Running command: ['/sbin/service', u'vmafdd', 'status']
2020-07-04T18:54:16.792Z Done running command
Successfully started service vmafdd
Service-control failed. Error Failed to start vmon services.vmon-cli RC=2, stderr=Failed to start vpxd-svcs services. Error: Service crashed while starting
↧
Authentication problem when sending email (mail.smtp.password is set)
Hello,
I have setup the mail configuration in the vcenter as below:
vCenter->Configure->Settings->General:
Mail server: smtp.gmail.com:465
Mail sender: sender@gmail.com
vCenter->Configure->Advanced settings:
mail.smtp.password: PASS
mail.smtp.port: 25
mail.smtp.username: sender@gmail.com
Then I defined an alert for cpu usage above 50%. Upon triggering the alert, I see the following message in /var/mail/root
From MAILER-DAEMON@10.1.1.2 Sun Jul 5 14:44:41 2020
Return-Path: <MAILER-DAEMON@10.1.1.2>
Received: from localhost (localhost)
by 10.1.1.2 (8.15.2/8.15.2) id 065AEfdh042241;
Sun, 5 Jul 2020 14:44:41 +0430
Date: Sun, 5 Jul 2020 14:44:41 +0430
From: Mail Delivery Subsystem <MAILER-DAEMON@10.1.1.2>
Message-Id: <202007051014.065AEfdh042241@10.1.1.2>
To: postmaster@10.1.1.2
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
boundary="065AEfdh042241.1593944081/10.1.1.2"
Subject: Postmaster notify: see transcript for details
Auto-Submitted: auto-generated (postmaster-notification)
This is a MIME-encapsulated message
--065AEfdh042241.1593944081/10.1.1.2
The original message was received at Sun, 5 Jul 2020 14:44:41 +0430
from localhost
with id 065AEfdg042241
----- The following addresses had permanent fatal errors -----
(reason: 530-5.7.0 Authentication Required. Learn more at)
----- Transcript of session follows -----
... while talking to smtp.gmail.com.:
>>> MAIL From:<> SIZE=2033
<<< 530-5.7.0 Authentication Required. Learn more at
<<< 530 5.7.0 https://support.google.com/mail/?p=WantAuthError a123sm10700081wmd.28 - gsmtp
554 5.0.0 Service unavailable
--065AEfdh042241.1593944081/10.1.1.2
Content-Type: message/delivery-status
Reporting-MTA: dns; 10.1.1.2
Received-From-MTA: DNS; localhost.localdomain
Arrival-Date: Sun, 5 Jul 2020 14:44:41 +0430
Final-Recipient: RFC822; sender@gmail.com
Action: failed
Status: 5.7.0
Diagnostic-Code: SMTP; 530-5.7.0 Authentication Required. Learn more at
Last-Attempt-Date: Sun, 5 Jul 2020 14:44:41 +0430
--065AEfdh042241.1593944081/10.1.1.2
Content-Type: message/rfc822
Return-Path: <MAILER-DAEMON>
Received: from localhost (localhost)
by 10.1.1.2 (8.15.2/8.15.2) id 065AEfdg042241;
Sun, 5 Jul 2020 14:44:41 +0430
Date: Sun, 5 Jul 2020 14:44:41 +0430
From: Mail Delivery Subsystem <MAILER-DAEMON>
Message-Id: <202007051014.065AEfdg042241@10.1.1.2>
To: <sender@gmail.com>
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
boundary="065AEfdg042241.1593944081/10.1.1.2"
Subject: Returned mail: see transcript for details
Auto-Submitted: auto-generated (failure)
This is a MIME-encapsulated message
--065AEfdg042241.1593944081/10.1.1.2
The original message was received at Sun, 5 Jul 2020 14:44:40 +0430
from localhost.localdomain [127.0.0.1]
----- The following addresses had permanent fatal errors -----
(reason: 530-5.7.0 Authentication Required. Learn more at)
----- Transcript of session follows -----
... while talking to smtp.gmail.com.:
>>> MAIL From:<sender@gmail.com> SIZE=1009 AUTH=<>
<<< 530-5.7.0 Authentication Required. Learn more at
<<< 530 5.7.0 https://support.google.com/mail/?p=WantAuthError a123sm10700081wmd.28 - gsmtp
554 5.0.0 Service unavailable
--065AEfdg042241.1593944081/10.1.1.2
Content-Type: message/delivery-status
Reporting-MTA: dns; 10.1.1.2
Received-From-MTA: DNS; localhost.localdomain
Arrival-Date: Sun, 5 Jul 2020 14:44:40 +0430
Final-Recipient: RFC822; receiver@gmail.com
Action: failed
Status: 5.7.0
Diagnostic-Code: SMTP; 530-5.7.0 Authentication Required. Learn more at
Last-Attempt-Date: Sun, 5 Jul 2020 14:44:41 +0430
--065AEfdg042241.1593944081/10.1.1.2
Content-Type: message/rfc822
Return-Path: <sender@gmail.com>
Received: from 10.1.1.2 (localhost.localdomain [127.0.0.1])
by 10.1.1.2 (8.15.2/8.15.2) with ESMTPS id 065AEedh042239
(version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NO)
for <receiver@gmail.com>; Sun, 5 Jul 2020 14:44:40 +0430
Received: (from root@localhost)
by 10.1.1.2 (8.15.2/8.15.2/Submit) id 065AEexC042238;
Sun, 5 Jul 2020 14:44:40 +0430
Date: Sun, 5 Jul 2020 14:44:40 +0430
Message-Id: <202007051014.065AEexC042238@10.1.1.2>
From: sender@gmail.com
Subject: =?utf-8?B?QWxhcm0gdGVzdF9jcHUgb24gSG9zdCA6IDEwLjEuMS4xMDIgaXMgWWVsbG93?=
Content-type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
VGFyZ2V0OiAxMC4xLjEuMTAyIApQcmV2aW91cyBTdGF0dXM6IEdyZWVuIApOZXcgU3RhdHVzOiBZZWxsb3cgCiAKQWxhcm0gRGVmaW5pdGlvbjogCihbWWVsbG93IG1ldHJpYyBJcyBhYm92ZSA1MCVdKSAKIApDdXJyZW50IHZhbHVlcyBmb3IgbWV0cmljL3N0YXRlOiAKIE1ldHJpYyBDUFUgVXNhZ2UgPSA1MiUgCiAKRGVzY3JpcHRpb246IApBbGFybSAndGVzdF9jcHUnIG9uIDEwLjEuMS4xMDIgY2hhbmdlZCBmcm9tIEdyZWVuIHRvIFllbGxvdw==
--065AEfdg042241.1593944081/10.1.1.2--
--065AEfdh042241.1593944081/10.1.1.2--
So, why it fails with authentication error?
↧
Vsphere 6.7 (linux appliance) SSO and GMSA
HI,
I want to know if t's possible to used GMSA (Windows group managed service account) to manage SSO in a vsphere 6.7 (linux appliance).
And if it's possible how to proceed?
Regards
↧
↧
vCenter 7 error - no healthy upstream
Hi All,
I'm working on brand new ESXi 7.0.0 deployment and have run into an issue when deploying vCenter 7.
When browsing to the vCenter UI I receive a "no healthy upstream" error.
I can access vCenter Server Management without issue.
I've done some googling and have been pointed towards certificate issues however my Leaf and Root certs are showing as valid.
All of the services which are set to Automatic start are running without any errors or warnings.
Is there a documented fix for this issue?
↧
"Unable to query vSphere health information" and "Unable to query vSAN health information" after certificate replacement - VCSA 6.7U2
I attempted to replace my machine cert on my VCSA server. After a few attempts I gave up and performed a full certificate reset using the `/usr/lib/vmware-vmca/bin/certificate-manager` tool.
Now I'm seeing the following errors in the UI when looking at any Health or vSAN information. Anyone know how to resolve this? I upgraded to 6.7.0.40000 and that didn't help.
in my /var/log/vmware/vsphere-ui/logs/vsphere_client_virgo.log I see lots of:
Caused by: com.vmware.vsphere.client.vsandp.core.sessionmanager.common.NotAccessibleException: com.vmware.vim.vmomi.client.exception.SslException: com.vmware.vim.vmomi.core.exception.CertificateValidationException: Server certificate chain is not trusted and thumbprint doesn't match
at com.vmware.vsphere.client.vsandp.core.sessionmanager.common.PbmClient.getConnection(PbmClient.java:70)
at com.vmware.vsphere.client.vsan.base.impl.PbmDataProvider.getProfileIds(PbmDataProvider.java:181)
at com.vmware.vsphere.client.vsan.base.impl.PbmDataProvider.getStoragePolicies(PbmDataProvider.java:131)
at com.vmware.vsphere.client.vsan.base.impl.PbmDataProvider.getObjectCompatibleStoragePolicies(PbmDataProvider.java:118)
... 119 common frames omitted
Caused by: com.vmware.vim.vmomi.client.exception.SslException: com.vmware.vim.vmomi.core.exception.CertificateValidationException: Server certificate chain is not trusted and thumbprint doesn't match
at com.vmware.vim.vmomi.client.common.impl.ResponseImpl.setError(ResponseImpl.java:256)
at com.vmware.vim.vmomi.client.http.impl.HttpExchange.run(HttpExchange.java:56)
at com.vmware.vim.vmomi.client.http.impl.HttpProtocolBindingBase.executeRunnable(HttpProtocolBindingBase.java:226)
at com.vmware.vim.vmomi.client.http.impl.HttpProtocolBindingImpl.send(HttpProtocolBindingImpl.java:106)
at com.vmware.vim.vmomi.client.common.impl.MethodInvocationHandlerImpl$CallExecutor.sendCall(MethodInvocationHandlerImpl.java:629)
...
↧
Cross vCenter vMotion between 6.0 and 6.7
I'm working on a migration project and we have one final cluster to migrate. This cluster uses ACI in combination with the Cisco AVS. The AVS is not supported on ESXi 6.7 so I need to come up with a migration plan. But that is easier said than done... My suggested plan is to create a new VMM domain in ACI and point that to the new vCenter Server. This will create a DVS in the new vCenter Server. The next step would be to evacuate a host, disconnect it from the old vCenter Server and connect it to the new vCenter Server. The final step would be a cross vCenter vMotion from the old vCenter to the new vCenter. I could use the Cross vCenter Workload Migration Utility | VMware Flings but for this to work both vCenters must be in Linked Mode. Is it possible to configure this even after both vCenter Servers already have been installed?
The old vCenter is a Windows 6.0 U3i with an external PSC. The new vCenter is a VCSA 6.7 U3c with embedded PSC.
Any idea's how to do this migration?
↧
VC UUID get from Guest OS
Dear Everbody!
It is possible to query VC UUID from Guest OS?
I can get linux guest OS with snmp:
iso.3.6.1.2.1.25.4.2.1.5.84016 = STRING: "--color=auto XXXXXX-fff1-4336-b0eb-5fdfc343f18"
Thanks in advance
↧
↧
Vcenter is disconnected
Hi everyone,
I'm part of school group which is currently working on a vmware infrastructure.
Through the several past steps, we have installed a vmware Vcenter hosted on an ESXI.
The main we encounter is that our vcenter appears sometimes as disconnected on the vsphere client, without any further information ( it's up this morning, but it was down yesterday evening).
Consequently, all of our virtual machines , vlan and network configuration disappear ont the client.
We tried to update it ( from version 6.7 to 7) , to relaunch it multiple times , to reinstall it but without any results.
In our setup, we have a pfsense which have the role of an internet gateway; maybe it has an impact on the configuration, but it has no restricted rules applied
If anyone has some ideas to solve this problem, it will be a great help
Thanks
Paul
↧
"Unexpected error occurred while fetching the updates" in VCSA 7.0
Issue:
"Unexpected error occurred while fetching the updates" in VCSA 7.0
Resolution:
SSH into VCSA 7.0 and run the below command:
rm /etc/applmgmt/appliance/software_update_state.conf
After removing the file, VCSA patched successfully.
↧
config.vpxd.hostPasswordLength
I cant find this parameter or value for this parameter anywhere, I am trying to do the DISA STIG checklist for VCSA 6.7 ( I know the current DISA checklist is for 6.5) However I need to verify at the very least that the value for config.vpxd.hostPasswordLength is 32. Has anyone seen this?
↧
Clone vCenter Server Appliance 6.5
Is it possible to clone a vCenter Server Appliance? We are placing a host at a new site for testing and cloned a few servers just for testing purposes. We would also like to clone the VCSA but it has been causing problems and stops at 96%.
Has anyone done this before?
Thank You
Aaron
↧
↧
VCSA 6.7 SMTP Setup
Hi-
Trying to configure vcenter server to send smtp alerts using the following article, Configure Mail Sender Settings, but getting stuck at step 3 (pasted below)--i do not see a General tab under Configure for the VCenter VM. I'm probably misunderstanding, but any guidance would be a help. It's a VSphere 6.7 Essentials license, if that matters. Thanks.
Procedure
- In the vSphere Client, navigate to the vCenter Server instance.
- Select the Configure tab.
- Under Settings, select General.
- Click Edit.
- Select Mail.
- In Mail server, type the SMTP server information.
The SMTP server is the DNS name or IP address of the SMTP gateway to use for sending email messages.
- In Mail sender, type the sender account information.
The sender account is the email address of the sender.
Note: You must type the full email address, including the domain name.
For example, mail_server@example.com. - Click Save.
↧
vCenter Alert: Certificate will expire soon
I have below alert today. What certificate is it talking about? SSL to connect to vCenter administration URL from any PC?
And how to fix this?
Thank you in advance.
↧
machine(s) keeps crashing
Hi All,
I have a virtual machine that keeps crashing when I move it into a new host (ESXi 5.5.0 build-3343343) I have introduced, its a HP host.
The vmware.log is showing the following at time of crash:
MONITOR PANIC: vcpu-3:EPT misconfiguration: PA 41f7dc000
2016-02-16T15:20:37.745Z| vcpu-0| I120: Core dump with build build-3343343
2016-02-16T15:20:37.745Z| vcpu-2| I120: Exiting vcpu-2
2016-02-16T15:20:37.745Z| vcpu-0| W110: Writing monitor corefile "/vmfs/volumes/565583c7-773959d9-1f5c-001145666214/win-serv-print/vmmcores.gz"
I found a kb relating to updating the BIOS/Firmware but I have the latest firmware installed.
Any Ideas?
Regards,
Jim
↧