All,
Learning vSphere from scratch, to do some dev against the vSphere Server.
Just trying to get the samples to build and run. They build without any errors or warnings on VS2013 (upgraded to .Net4) and the simpleclient can connect to ESXi server with the -ssodisable option, but when I run any of them that try to get a token from the SSO, the code exceptions out with an error
Acquiring Bearer token
System.Web.Services.Protocols.SoapException: Unsupported nested context '{http://schemas.xmlsoap.org/ws/2004/08/addressing}Address'
at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response,
Stream responseStream, Boolean asyncCall)
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
at STSService.Issue(RequestSecurityTokenType RequestSecurityToken)
at AcquireBearerTokenByUserCredentialSample.AcquireBearerTokenByUserCredential.GetToken(String[] args) in c:\Users\<snip>\Documents\SDK\vSphereSDK\ssoclient\dotnet\cs\samples\AcquireBearerTokenByUserCredentialSample\AcquireBearerTokenByUserCredential.cs:line 151
Has anyone come across this error before?
Searching for this error gets me no results at all! I'm not sure what it even relates to, is it an XML error (its well formed I've checked), a VMWare error or a web service error, from TomCat? Something to do with the certificates perhaps? No concept of a 'context' in XML, unless its referring to a namespace?
I've created two set ups of vSphere 5.5. One on the corporate VM system and one on my departments XenServer, both suffer the same problem. Been concentrating on my XenServer install due to corporate firewall issues on the corporate VM system. Both systems have separate vSphere Servers, with the rest of the servers (SSO, Web Client etc) grouped together on one machine, both are connected to the corporate domain. I've enabled HTTP on the vSphere server so I can see the message transfers more easily and both HTTPS and HTTP get the same error. There are two ESXi servers. One is 5.1 and the other is 5.5. There are PTR records in the DNS and a reverse look up works just fine, so I believer there is a reverse look up zone.
I do have some exceptions in my SSO log, not sure they are related. I think there is a KB to sort this problem, include the SSO log. There are a lot of logs, not sure which ones are relevant to the problem.
2014-10-08 18:06:58,132 ERROR [ServerUtils] Exception 'com.vmware.identity.idm.InvalidPrincipalException: Group [VCOAdministrators] could not be found for tenant [vsphere.local]'
com.vmware.identity.idm.InvalidPrincipalException: Group [VCOAdministrators] could not be found for tenant [vsphere.local]
at com.vmware.identity.idm.server.IdentityManager.findGroup(IdentityManager.java:3178)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at sun.rmi.server.UnicastServerRef.dispatch(Unknown Source)
at sun.rmi.transport.Transport$1.run(Unknown Source)
at sun.rmi.transport.Transport$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.rmi.transport.Transport.serviceCall(Unknown Source)
at sun.rmi.transport.tcp.TCPTransport.handleMessages(Unknown Source)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(Unknown Source)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
I've attached the whole log.