Recently created a brand-new Vcenter 6.7 and have a strange issue with Veeam and the Vcenter firewall. When I tried to add Vcenter to Veeam it kept failing. I discovered I had to add an allow rule to the new 6.7 Firewall in the Appliance Management console. Things worked great for a few weeks until this morning when my backups failed. I went into the properties section of Veeam and re-ran the credential check and it failed again. So back to the Vcenter Firewall. Rule was still in place to allow. Deleted the rule and re-added it, re-ran the credential check in Veeam and it is working fine again. The only thing I did was remove the rule and re-add it. Anyone else come across this?
↧
Vcenter Firewall and Veeam
↧
Error occurred while fetching machine certificates: This method requires authentication.
I upgraded from vCenter Server Appliance 6.7 to 7.0 (specifically 7.0.0a build 16189094) and when I go to Administration > Certificate Management in the vSphere client, I get the following error:
Is anyone else seeing this issue? Does anyone know of a fix?
Thanks
↧
↧
Problem resolving AD users when adding new permissions.
Hi all,
I am seeing a strange issue that I feel is easy to solve but I don´t recall how to do it.
vCenter 7.0 latest build
I have added the vCenter to an AD domain
Then I added the Identity Source as IWA
Now when I try to add a permission and I select the domain name (in the dropdown box), when I type in the name of an AD user group, it does not resolve.
I have tried with various group names and user accounts and they do not resolve either.
Has anyone seen this behavior before and can tell me how to resolve it (maybe not using IWA)?
I already tried removing the identity source and leaving the domain then redoing it again but same result.
Regards
↧
Error message after update to VCSA 7.0: Service vAPI Endpoint
Hello vmware community,
after updating to VCSA 7.0 i have gotten an error message in the service vAPI Endpoint.
Here it is:
I've found this solution, but only for 6.x:
Connect to the vCenter Server Appliance with an SSH session and root credentials.
shell.set --enabled true
Type shell and press Enter.
cd /etc/vmware-content-library/config/
cp ts-config.properties ts-config.properties.orig
cp ts-config.properties.rpmnew ts-config.properties.rpmnew.orig
mv ts-config.properties.rpmnew ts-config.properties
service-control --stop vmware-content-library;service-control --start vmware-content-library
service-control --stop vmware-vapi-endpoint
service-control --start vmware-vapi-endpoint
If this solution is right...
Has anyone tested it with Version 7.0?
Regards
Udo
↧
vCENTER 7.0.0d-Patch
Dear All,
After upgrading my vCenter from 7.0.0.10600 to 7.0.0.10700, The old version still showing in the vSphere web interface as attached. Please note that the correct version showing in the appliance management.
I removed all the browser cookies and tried another one with the same problem.
Is it miss typing or something else ?
Thanks in advance!
↧
↧
Upgrade 6.0.0 to 3
HI,
I would like to upgrade the VC applicance from 6.0.0 to 3.
I am new man for do upgrade procedure. Can you give guide how to upgrad the VC? From Vmware Lib. It sounds a new intallation.
I am afraid of the all system linked to old VC aill be affected.
Please give help for this issue.
Bgds
Lliu Wei
↧
Changing the domain and IP address subnet in vcenter
Hi Team,
Planning to change the vcenter6.7 vsca domain and ip details to different subnets
So after changing the details . vcenter will have connectivty with the connected hosts earlier or it will go to non responding state..
Note: we have firewall openings to new vcenter ip to esxi (bi dierctional).
Example : Vcenter is in abc.test.com ip : 10.0.0.20 changed to xyz.test.com and ip to 172.16.201.20.
Please suggest the wayforward. or shall i go with fresh vcsa installtion in new domain and adding the hosts to this vcenter by disconnecting from the old vcenter
↧
i have error "vCenter Server health is GREEN vc.health.error.dbjob3"
recently i began vcenter backup.
but vcenter 5480 management show me
"Invalid vCenter Server Status: All required services are not up! Stopped services: 'vmware-postgres-archiver'."
so i clicked the service tab
vmware-postgres-achiver service stopped
and vmware vcenter service show me "Healthy with warnings - vCenter Server health is GREEN vc.health.error.dbjob3"
i attached vpxd.log.
Looking at the log, I don't know which part is the problem.
↧
VCSA 6.5u2 after replacing expired STS certificate and SSL certificate, the service still can not start
hello all
VCSA 6.5u2 after replacing expired STS certificate and SSL certificate, the service still can not start
I tried to do as KB76719 and VMware Knowledge Base , service stll can not start
service-control --status --all
Running:
applmgmt lwsmd vmafdd vmcad vmdird vmdnsd vmonapi vmware-cis-license vmware-eam vmware-psc-client vmware-rhttpproxy vmware-statsmonitor vmware-sts-idmd vmware-stsd vmware-vmon vmware-vpostgres vsphere-client vsphere-ui
Stopped:
pschealth vmcam vmware-cm vmware-content-library vmware-imagebuilder vmware-mbcs vmware-netdumper vmware-perfcharts vmware-rbd-watchdog vmware-sca vmware-sps vmware-updatemgr vmware-vapi-endpoint vmware-vcha vmware-vpxd vmware-vpxd-svcs vmware-vsan-health vmware-vsm
2020-09-04T04:03:19.229Z Done running command
Service-control failed. Error Failed to start vmon services.vmon-cli RC=1, stderr=Failed to start sca, cm, vpxd-svcs, vapi-endpoint services. Error: Operation timed out
in vpxd-svc.log
2020-09-04T04:10:24.123Z [Thread-10 WARN com.vmware.cis.server.util.impl.InitPoolTask opId=] Init pool encountered exception: com.vmware.cis.server.util.exception.AuthenticationException at attempt 19
plz help me
↧
↧
restore VCSA from backup in a mixed SSO environment (6.7 + 7.0)
hi,
it looks like it is not possible to restore a VCSA through the built-in backup/restore functionality in a mixed SSO environment.
SSO domain consists of 6 * vcsa of which 2 are upgraded to 7.0.
one of the vcsa 6.7 crashed and the restore of it from the backup crashes late in the process when trying to join the existing SSO domain.
↧
vCenter 6.0u3h - client integration plugin installation failed
Hello,
after upgrade of vCenter from 6.0u3d to 6.0u3h (Windows 2012 R2 server), the old client integration plugin no longer works. So I downloaded a new installation file from the web client authentication page, but the installation fails with error:
There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor.
The installer is now divided into two components, run in a sequence: an actual client integration plugin installer (which seems to be installed successfully) and VMware Plug-in Service installer (producing the error). I found a similar problem description regarding an older version of the client ( VMware Client Integration Plugin 6.0 install failed - solution ), but the workarounds mentioned there did'n help in my case.
Without the integration plugin I am not able to transfer files from and to NFS shares, so it's quite urgent.
Thanks in advance,
David
↧
Can I deploy vCenter HA network over VXLAN?
Hi All, hope you are doing fine in this difficult times.
Just a Silly question, i'm reviewing vCenter HA and it requires a portgroup for Active/Passive/Witness heartbeating.
Do you think this can be accomplished with a VXLAN logical switch? I have googled a little bit and found noone that has done it this way.
Warm regrds
↧
vCenter 7.0.0.10400 patch to 7.0.0.10700. Packages in appliance are up to date with update payload, Nothing to stage
Trying to patch vCenter 7.0.0.10400 to 7.0.0.10700. Mount VMware-vCenter-Server-Appliance-7.0.0.10700-16749653-patch-FP.iso via VMRC (Local Client) & when I run Command> software-packages stage --iso I get:
Using username "root".
Pre-authentication banner message from server:
|
| VMware vCenter Server 7.0.0.10400
|
| Type: vCenter Server with an embedded Platform Services Controller
|
End of banner message from server
Last login: Sun Sep 6 16:43:11 2020 from 192.168.0.53
Connected to service
* List APIs: "help api list"
* List Plugins: "help pi list"
* Launch BASH: "shell"
Command> software-packages stage --iso
[2020-09-06T16:57:29.250] : ISO mounted successfully
[2020-09-06T16:57:33.250] : Not running on a VMC Gateway appliance.
[2020-09-06T16:57:33.250] : Not running on a VMC Gateway appliance.
[2020-09-06T16:57:33.250] : Target VCSA version = 7.0.0.10700
[2020-09-06T16:57:33.250] : Not running on a VMC Gateway appliance.
[2020-09-06T16:57:33.250] : No manifest whitelist present, it is not leaf service upgrade.
[2020-09-06T16:57:33.250] : Not running on a VMC Gateway appliance.
[2020-09-06T16:57:33.250] : Not running on a VMC Gateway appliance.
[2020-09-06T16:57:33.250] : Not running on a VMC Gateway appliance.
[2020-09-06T16:57:33.250] : Not running on a VMC Gateway appliance.
[2020-09-06T16:57:33.250] : Checking if HLM is enabled
[2020-09-06T16:57:33.250] : Product configuration file does not exists.
[2020-09-06T16:57:33.250] : Filtering components as not all are allowed to run. Whitelist []
Blacklist []
[2020-09-06T16:57:34.250] : Not running on a VMC Gateway appliance.
[2020-09-06T16:57:34.250] : Not running on a VMC Gateway appliance.
[2020-09-06T16:57:34.250] : About to perform WCP checks
[2020-09-06T16:57:34.250] : Performing WCP checks
[2020-09-06T16:57:34.250] : Adding WCP path to Python path
[2020-09-06T16:57:34.250] : Found Kubernetes versions {'1.18', '1.16', '1.17'} in /storage/core/software-packages/scripts/patches/payload/components-script/wcp/wcp_versions.yaml
[2020-09-06T16:57:34.250] : Found Kubernetes versions {'1.18', '1.16', '1.17'} in /etc/vmware/wcp/wcp_versions.yaml
[2020-09-06T16:57:34.250] : Incoming patch does not introduce new k8s versions, at-risks cluster check skipped.
[2020-09-06T16:57:34.250] : Done performing WCP checks
[2020-09-06T16:57:34.250] : WCP checks finished
[2020-09-06 16:57:34,736] : Running requirements script.....
[2020-09-06T16:57:38.250] : Checking if HLM is enabled
[2020-09-06T16:57:39.250] : ISO unmounted successfully
[2020-09-06T16:57:39.250] : Packages in appliance are up to date with update payload, Nothing to stage
↧
↧
VCSA 6.0 -> 6.5 CLI Upgrade Fails at 58% with Vmware VirtualCenter failed firstboot.
We have a 6.0 vCenter Server Appliance with two external PSC [all 6.0.0.30800 build 9448190 / 6.0 Update 3h] we are attempting to upgrade to 6.5 U2e build 11347054.
We've been completely unsuccessful trying to use the GUI updater, as for some unknown reason the GUI upgrader will not connect to the vCenter/PSC during the initial connection in Stage 1.
However, with the CLI upgrader using a .JSON file, we've upgraded the PSCs (two external PSCs) without issue.
The vCenter Server Appliance, however, fails to upgrade with an error at 58%:
Progress: 58% Starting VMware vCenter Server...
Error:
Problem Id: install.vpxd.action.failed
Component key: vpxd
Detail:
Vmware VirtualCenter failed firstboot.
An error occurred while invoking external command : 'Command: ['/usr/sbin/vpxd', '-L'] Strerr: '
Resolution: Please search for these symptoms in the VMware Knowledge Base.....
...
vCSACliInstallLogger - DEBUG - Running command on vm [new vCenter name]: /bin/bash --login -c 'ls `install-parameter upgrade.import.directory` /system-data/revert_networking.py'
vCSACliInstallLogger - DEBUG - Running command on vm [new vCenter name]: /bin/bash --login -c '/opt/vmware/bin/python `install-parameter upgrade.import.directory` /system-data/revert_networking.py'
vCSACliInstallLogger - ERROR - Fail to revert the target vm IP address: Failed to run and wait for command in guest with error 'Command '[u'/opt/vmware/bin/python', u'`install-parameter upgrade.import.directory`/system-data/revert_networking.py']' exited with non-zero status 1'
We were able to find a KB with the 'Command: ['/usr/sbin/vpxd', '-L'] Strerr: ' issue listed, and it seems to refer to duplicate vDS and vDPG names. However we were not able to find any dupes.
(KB 2147547 for the vDS / vDPG issue: VMware Knowledge Base and a related one showing how to connect to postgres VMware Knowledge Base KB 2147285.)
There is only one additional issue seen in the vcsa-installer.log. We see a message "Failed normalizing ip: [FQDN of the vCenter being upgraded"
Does anyone have any ideas on this one?
↧
vCenter 6.7 appliance SSO domain same as hostname | issue when repointing to new SSO domain
Hi there,
I am seeking some help from the community for a specific case I am experiencing now.
My Current vCenter is a 6.7 appliance last version but historically it has been deployed with the SSO domain same as hostname fqdn.
It works pretty well so far but I know this is not supported by VMware and documentation warns about this case. Unfortunately I am not the one who deployed this vCenter....
Now I need to change the SSO domain to vsphere.local and link a remote vcenter to this one. Indeed there is no way I keep the current SSO domain as the configuration is not following the best practices.
So I used the command to repoint vcenter to a new sso domain and the repointing fails, after some troubleshoot, it appears that the URLs in the SSO configuration uses the new SSO domain as endpoint..... and not the hostname of the vcenter.
Doing the same thing with a vcenter that have a SSO domain different from hostname from the begining works perfectly.
Any one when through this specific case ?
Thank you !!!!!
↧
Reinitialize Likewise registry database (vCenter Server Appliance 6.7 U3)
Hello All,
Due to corrupted Likewise registry we are not able to join vCenter Server Appliance (vCSA) to the domain. I am looking for solution in order to reinitialize Likewise registry database like after vCSA new installation.
I found the following files in /var/lib/likewise/db/
active.db
registry.db
It looks like the same and both are in SQLite format.
Additionally there is registry file in:
/etc/likewise/db/registry.db
Currently we are unable to delete obsolete domain settings using typical approach
/opt/likewise/bin/domainjoin-cli leave domain
or more sophisticated
/opt/likewise/bin/lwregshell and delete_tree command
lwregshell (error = 4294967295 - -1)
Unknown error
Regards,
↧
vcenter user delete
I want to delete user on vcenter but I cant. I cant see delete and delete is gray out. am I doing a wrong operation?
↧
↧
vCenter build lower than ESXi after latest patches...
Hi all,
Recently upgraded vCenter (appliance) to the latest being offered in the VAMI auto update (6.7.0.45000 - Released 20th August 2020).
Once complete I then started updating all my hosts with the latest Critical and Non-Critical patches from my update manager.
Completed the first cluster (2 hosts) and was surprised to see that the ESXi build number had incremented above the vCenter build number?
vSphere
Version: 6.7.0
Build: 16709110
ESXi
Version: 6.7.0
Build: 16713306
I've always been under the impression that the vCenter build number should always be kept above the ESXi build number...
Do I hold off completing my other three clusters (15 hosts) until a later release of vCenter appliance is released?
Any way of avoiding this in the future? (there was no way of knowing what build the host patches would push it to)
Thanks,
Robin.
↧
LDAPS on VCENTER 6.7u3 (VCSA)
Hi
I am stuck on adding Open LDAP authentication on my vcenter.
vCenter was freshly installed as 6.7, and have been kept updated.
1. Added certificates to the trusted certificate store in vcenter.
2. Going thru add Open LDAP in vcenter, hit ADD, and just getting an error message:
"Check the network settings and make sure you have network access to the identity source."
Did some debugging, and checked with tcpdump, and I observed that vcenter didn't even try to do DNS lookup, or tried to contact my server.
Did some browser debugging, and got a more explaining error message when debugging the https messages:
"A vCenter Single Sign-On service error occurred"
If I do LDAP instead of LDAPS, it is working perfect. But, my LDAP server don't allow plain text LDAP (security policy).
Right now, I am not able to add LDAP identity source to my vCenter.
Hope someone have experienced similar, and got it solved.
Thanks
Jone
↧
You cannot visit vcenter.testall.local right now because the website sent scrambled credentials that Google Chrome cannot process
Dear Friends ,
On vmware work station I had install vcenter 6.7 on windows 2012 r2. Then I install root certificate on my desktop browser for vcenter 6.7 .
FQDN: vcenter.testall.local
After couple of weeks later I removed vcenter and installed again with same ip and FQDN name (vcenter.testall.local) . Installation was successful . But now when I am trying to connect vcenter by using google chrome browser from my desktop . I am getting following error. I guess root certificate is creating issue . Not able to understand what need to be done now ?
"Your connection is not private
Attackers might be trying to steal your information from vcenter.testall.local (for example, passwords, messages, or credit cards). Learn more
NET::ERR_CERT_INVALID
Help improve Chrome security by sending URLs of some pages you visit, limited system information, and some page content to Google. Privacy policy
vcenter.testall.local normally uses encryption to protect your information. When Google Chrome tried to connect to vcenter.testall.local this time, the website sent back unusual and incorrect credentials. This may happen when an attacker is trying to pretend to be vcenter.testall.local, or a Wi-Fi sign-in screen has interrupted the connection. Your information is still secure because Google Chrome stopped the connection before any data was exchanged.
You cannot visit vcenter.testall.local right now because the website sent scrambled credentials that Google Chrome cannot process. Network errors and attacks are usually temporary, so this page will probably work later."
↧