RecentlyI had to change DNS server in a VMware vSphere vCenter Appliance (VCSA). Normally this works without further issues. This time it was different. vCenter services did not start after changing DNS servers. I describe in this short post what went wrong and how I could fixed it.
I am aware of two ways to change DNS server in VCSA. First is by using the vCenter Server Appliance Management Interface (VAMI) on port 5480. In this web console you can edit network settings to update DNS servers.
can be used. You will see running, stopped and pending services. Most of the services were still stopped many minutes after the reboot. After investigating some logs, I found out there seemed to be a problem by connecting to ports addressed by hostname localhost. Like in file vmon-syslog.log:
After this process everything is fine and working, but I don't have an idea how to fix this problem permament. I don't want to do this workaround after every restart. My vCenter version is 6.0.0U3f and my idea was to upgrade to version 6.5.0 (but actually not possible). Any idea, how to fix this problem without migrating to 6.5.0?
we have a little strange behaviour on our platform, which might be an configuration issue but we dont know. The behaviour is as follows: We recently integrated a new ESXi Host into our existing vSphere 6.5 VCSA Cluster. Whenever we power on a virtual machine it is being started on exactly this new ESXi-Host. Of course when recently intergrated ressources where free, but now the RAM is 99% and vSphere still decides to power-on a new virtual machine on that host, but there are others with less overall CPU, RAM usage.
Maybe someone has an idea where our configuration fault is, we currently did a manual load-balance by migrating virtual machines and turned DRS Automation to Manual, so virtual machines keep where they where last booted.
In my lab, there Version:6.0.0.20000 running on Linux built by another person who left. Recently the / and /storage/log are 100% full. I have cleared the older logs to reclaim disk space. Reboot from vcsa console but multiple services cannot come up.
ence to bean 'authFilter' while setting bean property 'filter'; nested exception is rg.springframework.beans.factory.BeanCreationException: Error creating bean with name 'authFilter' defined in class path resource [server/config/server-config.xml]: Cannot resolve reference to bean 'authChecker' while setting bean property 'authChecker'; nested exception is rg.springframework.beans.factory.BeanCreationException: Error creating bean with name 'authChecker' defined in class path resource [server/config/security-config.xml]: Cannot resolve reference to bean 'userSessionManager' while setting bean property 'user
SessionManager'; nested exception is rg.springframework.beans.factory.BeanCreationException: Error creating bean with name 'userSessionManager' defined in class path resource [server/config/security-config.xml]: Cannot resolve reference to bean 'authorizationManager' while setting bean property 'authorizat
class path resource [server/config/security-config.xml]: Cannot resolve reference to bean 'authProvider' while setting bean property 'dataProvider'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'authProvider' defined in class path resource [server/config/security-config.xml]: Cannot resolve reference to bean 'memCache' while setting bean property 'parentChainCache'; nested exception is org.springf
If the only resolution is to rebuid a new VCSA, how do I get all the managed hosts information from this existing VCSA. Without access to the web client, I do not have the complete list of managed ESXi hosts.
I trying to retire an ESX 5.5 machine, so need to copy off the VMs. When starting the VMware Converter wizard, I enter the source ESX server IP address, username and password. On the next screen, I select the VM, and click next. I then get the error "Unable to obtain the lock on virtual disks".
Copying all other VMs on the ESX 5.5 works fine using exactly the same process, same source disk to destination, at the same time. When other VM's finished copying and were removed, this still didn't work. These VMs were all cloned from a master VM, which was also copied across.
I can manually copy of the files with no issues, so may have to live with an inflated thin provision disk (or fix it manually), but would be nice to know what this is and why it's only this single machine. Google and here are not any real help that I can see.
I have recently upgraded to Workstation 14. In the past I used workstation 12 in conjunction with cisco webex to allow 3rd party vendors to perform programming using a VM. They were able to manipulate all items inside the VM when I shared my screen and gave them mouse and keyboard control. In version 14, I give mouse control to someone in the webex but they cannot interact with anything inside the VM. They can interact with items on the host OS with no problems. Does anyone know if this is some type of bug or if there is some new type of security feature that is not allowing this. My host OS is windows 10 pro and the guest VM is windows 7 pro.
I am running two vCenters, both 6.7, with each having their own embessed PSC in linked mode. I have two standalone VRAs in each vCenter. After registering one of the appliances, I go to create a new site pair. One of my vCenters already shows up in the "First Site" list. I enter the info for the second vCenter, accept the cert, but nothing shows up in "Select the vCenter server you want to pair". I've entered the PSC info for both vCenters to no avail.
Does anyone know if this is a supported configuration? I am starting to think that linked mode just doesn't work in this sort of setup. The reason I have two vCenters is for redundancy purposes so I can failover easily if my main vCenter were to go down. I'm thinking that I might just have to have two separate vCenters managed on their own instead of linked.
Hi guys, We have vCenter 6.5 and trying to see if there is a simple way to tell all critical alarms, or all alarms, to send an email? It looks like normally you have to go through all the alarm definitions and edit each one with an email action? I do not even see a way to do this in bulk, but let me know if I am missing something. I have 231 alarm definitions, so guessing this needs to go through PowerCLI unless I am missing something simple. Thanks,
I would like to minimize the effort for anyone that needs to access vCenter. I wish to support IE and Edge (Windows 7 and 10) and require as little as is humanly possible steps to get a stock IE / Edge browser to run HTML5 or Flex client.
So far only Chrome works. I for one do not like using secondary browsers and that's not going to change. Besides my own special use case, others just want to open their default browser and access vCenter. our default browser is IE and now Edge. So it remains to be seen how we can get this working.
My apologies if this has been covered, but didn't get any results when searching for ADFS or OAuth. I recently upgraded to vCenter 7 and after a lot of troubleshooting, I was able to get the Identity Provider to integrate with my ADFS server. My issue is that the domain for my users UPN does not match the domain of my user. As an example, my domain is 'abc.local', but my user has the UPN '
us...@xyz.com'. When I try to login I have to provide a bogus username of 'us...@abc.local' because the vCenter login page doesn't recognize my '
us...@xyz.com' address. After that, I receive the error message: "Unable to login because you do not have permission on any vCenter Server systems connected to this client".
I have verified Single Sign On works correctly with a user of a UPN that matches the domain (e.g. us...@abc.local). I have tried changing my claim to output the UPN and Name ID as SAM-Acco...@abc.local without success. I have also tried using a completely different field with the attribute 'us...@abc.local' without success. I thought maybe some type of transform my be necessary, but my experience with ADFS is limited and my experience with OAuth is non-existent. Has anybody else run across this issue or is this a known limitation with vCenter?
I am trying to backup the vCenter Server Management appliance. I am backing up to a NAS drive, which doesn't need any credentials to connect to. I have set up the protocal as the following SMB://*NAS_IP_ADDRESS*/OtherBackups/vCenterServerBackup but for some reason it keeps failing with the error "Failed to mount the remote storage."
I've been attempting to test out the SCP option in the new File-based VCSA backup feature in 6.5 (specifically, I'm testing against 6.5.0e which is the latest as of today). My backup target is currently a Windows box running Bitvise SSH Server using a dedicated local account that is limited to file transfers only (no shell) and a virtual root directory. The user config looks like this if anyone wants to try and reproduce locally.
I have verified that SCP file transfers to and from my VCSA to this SSH server using the account I configured work just fine. That is, I can SSH to vCenter, drop to the shell, and "scp filename backup@myserver:/" or "scp backup@myserver:/filename ./" and everything transfers successfully.
When I check the logs on the SSH server, I see that the session was denied because it was attempting to execute a command, "Command execute request rejected." This is exactly what I wanted it to do when I set the "No shell access" option. But why is VCSA trying to open a shell when it's supposed to be using SCP?
That definitely verifies that it was trying to open a shell. But why? Just to validate credentials in the wizard? Why not just SCP a zero byte file or something? Again, I've already verified that plain old scp works just fine with the current configuration and the GUI and Docs all refer to this option specifically as "SCP" and not "SSH".
3a8082e126