Please help to download for vCentre 5.5 server
↧
not able to download vCentre 5.5 server
↧
Horizon 7 replication issue with German Windows 2012 R2 versions?
I'm currently setting up Horizon 7 on Windows 2012 R2 server (German version), and everything seems to work perfectly.
However, the Dashboard complaints about the replication status of the two connection servers.
Error Message:
"Replikationsstatus des Verbindungsservers konnte nicht abgerufen werden"
Translation: "Replication status could not be retrieved"
After checking the log files it looks like a translation issue to me, because replication works as expected, i.e. no errors
repadmin.exe /showrepl vmview-cs02:389 /csv
showrepl_COLUMNS,Ziel-DSA-Standort,Ziel-DSA,Namenskontext,Quell-DSA-Standort,Quell-DSA,Transporttyp,Fehleranzahl,Zeit des letzten Fehlers,Zeit des letztes Erfolgs,Status des letzten Fehlers
showrepl_INFO,Default-First-Site-Name,VMVIEW-CS02$VMwareVDMDS,"CN=Configuration,CN={643C369B-XXXX-XXXX-XXXX-D79C34420338}",Default-First-Site-Name,VMVIEW-CS01$VMwareVDMDS,RPC,0,0,2016-05-10 10:50:53,0
showrepl_INFO,Default-First-Site-Name,VMVIEW-CS02$VMwareVDMDS,"CN=Schema,CN=Configuration,CN={643C369B-XXXX-XXXX-XXXX-D79C34420338}",Default-First-Site-Name,VMVIEW-CS01$VMwareVDMDS,RPC,0,0,2016-05-10 10:50:53,0
showrepl_INFO,Default-First-Site-Name,VMVIEW-CS02$VMwareVDMDS,"DC=vdi,DC=vmware,DC=int",Default-First-Site-Name,VMVIEW-CS01$VMwareVDMDS,RPC,0,0,2016-05-10 10:55:55,0
What I found in the debug logfile is:
DEBUG (0C88-0680) <pool-3-thread-1> [ReplicationStatusCollector] Running cmd to fetch replication of VMVIEW-CS02 : repadmin /showrepl VMVIEW-CS02:389 /csv
DEBUG (0C88-0680) <pool-3-thread-1> [ReplicationStatusCollector] Successfully executed cmd: repadmin /showrepl VMVIEW-CS02:389 /csv
DEBUG (0C88-0680) <pool-3-thread-1> [ReplicationStatusCollector] Error while parsing replication status of the server:VMVIEW-CS02,
CSVRecord [comment=null, mapping=null, recordNumber=1, values=[showrepl_COLUMNS, Ziel-DSA-Standort, Ziel-DSA, Namenskontext, Quell-DSA-Standort, Quell-DSA, Transporttyp, Fehleranzahl, Zeit des letzten Fehlers, Zeit des letztes Erfolgs, Status des letzten Fehlers]]
DEBUG (0C88-0680) <pool-3-thread-1> [ReplicationStatusCollector] Running cmd to fetch replication of VMVIEW-CS01 : repadmin /showrepl VMVIEW-CS01:389 /csv
DEBUG (0C88-0680) <pool-3-thread-1> [ReplicationStatusCollector] Successfully executed cmd: repadmin /showrepl VMVIEW-CS01:389 /csv
DEBUG (0C88-0680) <pool-3-thread-1> [ReplicationStatusCollector] Error while parsing replication status of the server:VMVIEW-CS01,
CSVRecord [comment=null, mapping=null, recordNumber=1, values=[showrepl_COLUMNS, Ziel-DSA-Standort, Ziel-DSA, Namenskontext, Quell-DSA-Standort, Quell-DSA, Transporttyp, Fehleranzahl, Zeit des letzten Fehlers, Zeit des letztes Erfolgs, Status des letzten Fehlers]]
Did someone already experience such an issue, and has a solution?
Just asking here in the communities prior to opening a support case!
André
↧
↧
vCenter 6.0 Certification Manager Issue
Hello,
I have vcenter running on a Server 2012 R2 VM and I am trying to use Certificate Manager to replace the vCenter cert with one from my microsoft CA by following this process:
I choose option 1, enter the administrator@vshere.local credentials, but then I get the following:
Performing operation on distributed setup, Please provide valid Infrastructure Server IP.
My PSC is integrated so I'm not quite sure what distributed setup would mean. I've tried entering the IP of my vCenter server but when I complete the steps no files are generated.
Any ideas?
Thanks,
Chris
↧
Linked clone provisioning error...stuck at 40% will not finish. Task Timeout after 90 minutes.
Hello,
I have an issue with my VMware Horizon environment. Im trying to provision more linked clones but the task never completes. I get the provision error View Composer Fault: VC operation exceeded the task timeout limit of 90 mins set by the View Composer..
Im wondering if its a database issue or a connection is being blocked through our McAfee HIPS/AV software.
I have tried provisioning pools on different esxi hosts and get the same result. The error that is listed in my VPXD log is:
error vpxd[20748] [Originator@6876 sub=SoapAdapter.HTTPService] Failed to read request; stream: <io_obj p:0x0000000007abfc48,
h:3464, <TCP '127.0.0.1:8085'>, <TCP '127.0.0.1:55147'>>, error: class Vmacore::SystemException(An existing connection was forcibly closed by the remote host)
My viewcomposer log lists a FATAL error:
| FATAL | CommonLib.VcSubsystem.VcUtil - VC connection exception. Will try to reconnect.
VMware.Sim.CommonLib.Exception.SimVcConnectionException: Error in the application.
at VMware.Sim.CommonLib.VcSubsystem.VcSubsystem25.RetrieveProperties(PropertyFilterSpec[] specs)
at VMware.Sim.CommonLib.VcSubsystem.VcSubsystem25.VcMethod`1.Invoke()
at VMware.Sim.CommonLib.VcSubsystem.VcSubsystem25.VcExceptionHandler`1.Invoke(), Machine Name: VCENTERSRVR, Timestamp: 9/2/2016 12:19:01 PM, App Domain Name: SviWebService.exe, Thread Identity: , Windows Identity: NT AUTHORITY\SYSTEM, OS Version: Microsoft Windows NT 6.2.9200.0, detail information: VC session timed-out during RetrieveProperties call, Configuration ID: c20c757c-37f9-41af-a841-9824bc81ebba
Has anybody encountered this issue? The only thing that was changed was a reinstall of vCenter Server due to an expired evaluation license. After the new installation of vCenter I noticed two things changed that was different than the original installation:
The cluster name and the local name (vcenter.local to vsphere.local)
I am running vCenter and Composer on the same server and using SQL Server on a separate server for the Composer/Events.
Versions:
vCenter 6
View Administrator 7
View Composer 7
Any help would be greatly appreciated. Thank you.
Ryan
↧
vMware vRO client msi
Is it possible to create VMware VRO client MSI? If someone has done before, please share the steps.
↧
↧
RHEL 6.8 64bit kernel update breaks Workstation
Guys,
After updating to RHEL 6.8 64bit (2.6.32-642.el6.x86_64), Workstation is unable to start. We get the "unable to start services" error.
How would you all advise to fix this? The log is attached.
Thanks!
↧
Getting "Recieve timed out" error message when calling openSession Powershell action in VCO Workflow
For some reason, I'm getting the following error off-and-on as I work with VCO. It happens when I call the openSession action in a workflow that is use Powershell in.
Receive timed out (Dynamic Script Module name : openSession#52994)
The error seems to go away after awhile, but it always comes back. I've searched a number of places for the solution and I'm baffled.
I'm pretty confident the error is only within VCO or the plugin because if I remote into the Powershell host from another machine using Powershell, I connect without issues.
My powershell host is setup using WSMan, Kerberos, and SSL with a hard-coded domain account username and password. The domain account is a local admin on the powershell host.
When I remote in from another machine to test, I use:
Enter-PSSession -Computername vcohost.domain.com -Authentication Kerberos -Usessl -Credential (Get-Credential)
Anyone ever run into this?
↧
vRO 7 and Powershell 4
This is a small PS script I am trying to use to add servers to DNS as they are built. When I call the script from my PS server it runs with no errors.
[CmdletBinding()]
Param(
[Parameter(Mandatory=$True,Position=1)]
[string]$nHost,
[Parameter(Mandatory=$True,Position=2)]
[string]$nIP
)
$vcUser = "basspro\svcvra"
$cred = New-Object –TypeName "System.Management.Automation.PSCredential" –ArgumentList $vcUser, (Get-Content ||UNC PATH\password.txt | ConvertTo-SecureString)
$session = new-pssession -computername XXXXXXX -credential $cred
Enter-PSSession -session $session
Invoke-Command -ScriptBlock {dnscmd XXXXXXt /recordadd basspro.net $args[0] A $args[1]} -ArgumentList ($nHost, $nIP) -Session $session
exit-pssession
Remove-PSSession -Session $session
However, when I call the script from vRO I get an error regarding the password being NULL. Below is the error that vRO throws. I have verified that the arguement variables are correct. When I take that variable and paste it into the PS script on the PS server like this: .\ADDDNS.ps1 servername IP
Error in (Dynamic Script Module name : invokeScript#14) PowerShellInvocationError: Errors found while executing script
System.Management.Automation.MethodInvocationException: Exception calling ".ctor" with "2" argument(s): "Cannot process argument because the value of argument "password" is null. Change the value of argument "password" to a non-null value." ---> System.Management.Automation.PSArgumentNullException: Cannot process argument because the value of argument "password" is null. Change the value of argument "password" to a non-null value.
at System.Management.Automation.PSCredential..ctor(String userName, SecureString password)
--- End of inner exception stack trace ---
at System.Management.Automation.DotNetAdapter.AuxiliaryConstructorInvoke(MethodInformation methodInformation, Object[] arguments, Object[] originalArguments)
at System.Management.Automation.DotNetAdapter.ConstructorInvokeDotNet(Type type, ConstructorInfo[] constructors, Object[] arguments)
at Microsoft.PowerShell.Commands.NewObjectCommand.CallConstructor(Type type, ConstructorInfo[] constructors, Object[] args)
ConvertTo-SecureString : Key not valid for use in specified state.
At C:\scripts\BPSDNSAdd.ps1:11 char:156
+ ... password.txt | ConvertTo-SecureString)
+ ~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [ConvertTo-SecureString], C
ryptographicException
+ FullyQualifiedErrorId : ImportSecureString_InvalidArgument_Cryptographic
Error,Microsoft.PowerShell.Commands.ConvertToSecureStringCommand
[2016-08-12 08:35:15.077] [E] Workfow execution stack:
***
item: 'Add to BPS DNS/item0', state: 'failed', business state: 'null', exception: 'PowerShellInvocationError: Errors found while executing script
System.Management.Automation.MethodInvocationException: Exception calling ".ctor" with "2" argument(s): "Cannot process argument because the value of argument "password" is null. Change the value of argument "password" to a non-null value." ---> System.Management.Automation.PSArgumentNullException: Cannot process argument because the value of argument "password" is null. Change the value of argument "password" to a non-null value.
at System.Management.Automation.PSCredential..ctor(String userName, SecureString password)
--- End of inner exception stack trace ---
at System.Management.Automation.DotNetAdapter.AuxiliaryConstructorInvoke(MethodInformation methodInformation, Object[] arguments, Object[] originalArguments)
at System.Management.Automation.DotNetAdapter.ConstructorInvokeDotNet(Type type, ConstructorInfo[] constructors, Object[] arguments)
at Microsoft.PowerShell.Commands.NewObjectCommand.CallConstructor(Type type, ConstructorInfo[] constructors, Object[] args)
ConvertTo-SecureString : Key not valid for use in specified state.
At C:\scripts\BPSDNSAdd.ps1:11 char:156
+ ... password.txt | ConvertTo-SecureString)
+ ~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [ConvertTo-SecureString], C
ryptographicException
+ FullyQualifiedErrorId : ImportSecureString_InvalidArgument_Cryptographic
Error,Microsoft.PowerShell.Commands.ConvertToSecureStringCommand
(Dynamic Script Module name : invokeScript#14)'
workflow: 'Add to BPS DNS' (5a556062-d7d9-44b0-994f-98d223f62cc5)
| 'attribute': name=host type=PowerShell:PowerShellHost value=dunes://service.dunes.ch/CustomSDKObject?id='0bb36d0c-6921-4bf8-8f23-fbcd7a90666c'&dunesName='PowerShell:PowerShellHost'
| 'attribute': name=externalScript type=string value=C:\scripts\BPSDNSAdd.ps1
| 'attribute': name=arguments type=string value=wsdinfsql09 172.24.74.24
| 'input': name=payload type=Properties value=#[#workflow.execution.id#=#string#2c98828a5628092f0156760050672196#+#workflow.execution.endDate#=#Date#20160810144908-0500#+#lifecycleState#=#Properties##[#phase#=#string#POST#+#state#=#string#VMPSMasterWorkflow32.MachineProvisioned#]##+#componentId#=#string#tier1w2k8s#+#blueprintName#=#string#_Software Testing - W2K8 BP#+#componentTypeId#=#string#Infrastructure.CatalogItem.Machine.Virtual.vSphere#+#IaaSTimeoutId#=#number#8286.0#+#requestId#=#string#d5a5b051-fadc-401a-990a-5b348cc41038#+#endpointId#=#string#c39838f0-76b8-45a2-872a-b80b7b511436#+#machine#=#Properties##[#externalReference#=#string#vm-11512#+#owner#=#string#WWSda@basspro.net#+#name#=#string#wsdinfsql09#+#id#=#string#aa853952-1d9e-4646-abc3-c2c2dcf4ff57#+#type#=#number#0.0#+#properties#=#Properties##[#VirtualMachine.Storage.Cluster.Name#=#string#PROD_DATASTORE_CLUSTER_FTW_LOCAL#+#VirtualMachine.Cafe.Blueprint.Id#=#string#W2K8SoftwareTesting#+#VirtualMachine.Disk0.Name#=#string#Hard disk 1#+#__InterfaceType#=#string#vSphere#+#VirtualMachine.Network0.PrimaryDns#=#string#172.24.37.101#+#VirtualMachine.Network0.DnsSuffix#=#string#basspro.net#+#tstpTime#=#string#mstp.1300#+#__VirtualMachine.Allocation.InitialMachineState#=#string#SubmittingRequest#+#VirtualMachine.Cafe.Blueprint.Component.TypeId#=#string#Infrastructure.CatalogItem.Machine.Virtual.vSphere#+#VirtualMachine.Admin.UUID#=#string#501fbb34-e7d0-399e-4595-693ab8cf0f60#+#bps.os#=#string#ws#+#__api.request.id#=#string#d5a5b051-fadc-401a-990a-5b348cc41038#+#Custom.ComponentMachine.NoIndexOnFirst#=#string#false#+#VirtualMachine.Disk0.Size#=#string#50#+#targetVM#=#string##+#bps.srvrfunct#=#string##+#Extensibility.Lifecycle.Properties.VMPSMasterWorkflow32.Requested#=#string#*#+#Custom.ComponentMachine.HostnameScheme#=#string#{bps.os}{bps.env}{bpsApp}{bps.mw}{bps.srvrfunct}{##}#+#__api.request.callback.service.id#=#string#260b0a87-4c85-46d9-ac51-c6e74463ca11#+#Custom.Hostname.OwnerShortNameIdentifier#=#string#USR#+#__DailyCost#=#string#{"type":"moneyTimeRate","cost":{"type":"money","currencyCode":"USD","amount":1.39},"basis":{"type":"timeSpan","unit":4,"amount":1}}#+#Hostname#=#string#wsdinfsql09#+#VirtualMachine.Cafe.Blueprint.Name#=#string#_Software Testing - W2K8 BP#+#Cafe.Shim.VirtualMachine.TotalStorageSize#=#string#50#+#VirtualMachine.Storage.Cluster.Automation.Behavior#=#string#manual#+#__Legacy.Workflow.ImpersonatingUser#=#string##+#__Legacy.Workflow.User#=#string#WWSda@basspro.net#+#__VirtualMachine.ProvisioningWorkflowName#=#string#CloneWorkflow#+#VirtualMachine.Storage.Cluster.Automation.Enabled#=#string#True#+#VirtualMachine.Network0.DnsSearchSuffixes#=#string#basspro.net#+#VirtualMachine.Network0.NetworkProfileName#=#string#vRA Prod#+#VirtualMachine.Network0.SecondaryWins#=#string##+#VirtualMachine.Network0.SubnetMask#=#string#255.255.255.0#+#VirtualMachine.Network0.SecondaryDns#=#string#10.33.80.103#+#tApp#=#string##+#Extensibility.Lifecycle.Properties.VMPSMasterWorkflow32.MachineProvisioned#=#string#*#+#VirtualMachine.Disk0.ExternalID#=#string#6000C290-eb82-8d02-558d-7a42cc09c183#+#VirtualMachine.Disk0.Storage.Cluster.ExternalReferenceId#=#string#group-p3288#+#VirtualMachine.Network0.AddressType#=#string#Static#+#__Cafe.Request.VM.LeaseDays#=#string#1#+#__request_reason#=#string##+#__Cafe.Root.Request.Id#=#string#447b424c-90fc-4d7e-bacd-2dc091d11ea6#+#_number_of_instances#=#string#1#+#Custom.Deployment.NoIndexOnFirst#=#string#true#+#VirtualMachine.Admin.AgentID#=#string#03b21f42-ca0f-801a-2dd5-260aa701c713#+#VirtualMachine.Disk0.IsClone#=#string#true#+#VirtualMachine.Network0.MacAddress#=#string#00:50:56:9f:33:e9#+#__Cafe.Request.VM.ArchiveDays#=#string#45#+#__Cafe.Request.VM.HostnamePrefix#=#string#SRV#+#VirtualMachine.Disk0.DeviceID#=#string#SCSI (0:0)#+#bps.env#=#string#d#+#__Cafe.Request.BlueprintType#=#string#1#+#bps.mw#=#string#sql#+#__Notes#=#string#Tier 1
Windows 2008 R2 Standard#+#tStakeHolder#=#string#IT.Server.Windows#+#tstrtTime#=#string#mstrt.0800#+#VirtualMachine.Memory.Size#=#string#4096#+#bps.dept#=#string#it#+#VirtualMachine.Cafe.Blueprint.Component.Cluster.Index#=#string#0#+#VirtualMachine.CPU.Count#=#string#1#+#__Clone_Type#=#string#CloneWorkflow#+#__clonespec#=#string##+#VirtualMachine.Admin.TotalDiskUsage#=#string#51200#+#VirtualMachine.Disk0.Label#=#string#Hard disk 1#+#Custom.SetCustomHostname.Execute#=#string#true#+#bpsApp#=#string#inf#+#__trace_id#=#string#lzURVjR0#+#vcServer#=#string#srvvcsitftw00.basspro.net#+#__iaas_request_binding_id#=#string#2717c342-69b0-4058-b9c1-d8187a45a538#+#VirtualMachine.Cafe.Blueprint.Component.Id#=#string#tier1w2k8s#+#VirtualMachine.Network0.Address#=#string#172.24.74.24#+#osfamily#=#string#Windows#+#VirtualMachine.Network0.PrimaryWins#=#string##+#VirtualMachine.Disk0.Storage.Cluster.Name#=#string#PROD_DATASTORE_CLUSTER_FTW_LOCAL#+#VirtualMachine.Storage.Cluster.ExternalReferenceId#=#string#group-p3288#+#Custom.Deployment.HostnameScheme#=#string##+#VirtualMachine.Disk0.Storage#=#string#PROD_DATASTORE_CLUSTER_FTW_LOCAL#+#tmDay#=#string#m.Sunday#+#Vrm.ProxyAgent.Uri#=#string#https://itmgma.basspro.net/VMPS2Proxy#+#__reservationPolicyID#=#string#7956ac63-f0e5-4d92-826d-0ba81535c61d#+#tPatchDay#=#string#p.Thursday#+#VirtualMachine.Storage.Name#=#string#PROD_DATASTORE_CLUSTER_FTW_LOCAL#+#__clonefrom#=#string#TMPL_W2K8 Standard#+#tTier#=#string#'Tier 4'#+#VirtualMachine.Network0.Gateway#=#string#172.24.74.1#+#VirtualMachine.Network0.Name#=#string#INT-VRA-PROD_VLAN74#+#VirtualMachine.Disk0.IsFixed#=#string#False#]##]##+#workflow.execution.state#=#string#COMPLETED#+#workflow.execution.startDate#=#Date#20160810144907-0500#]#
| 'output': name=output type=PowerShell:PowerShellRemotePSObject value=null
*** End of execution stack.
↧
Exception thrown by SsoUtil: SSO admin service failure
I'm diagnosing an issue in an Enhanced Linked Mode environment running 6.0 update 1 (2 vCenters, same domain) where I'm getting the following exception when calling UserSessionService.getUserSession():
[ERROR] data-service-pool-2704 70000426 100010 200005 c.vmware.vsphere.client.usersession.impl.UserSessionServiceImpl There was an issue while extracting the list of system domains com.vmware.vise.vim.security.sso.exception.SsoServiceException: SSO admin service failure
at com.vmware.vise.vim.security.sso.SsoUtil.getAdminService(SsoUtil.java:256)
at com.vmware.vsphere.client.usersession.impl.UserSessionServiceImpl.extractSystemDomains(UserSessionServiceImpl.java:179)
at com.vmware.vsphere.client.usersession.impl.UserSessionServiceImpl.getUserSession(UserSessionServiceImpl.java:156)
at sun.reflect.GeneratedMethodAccessor496.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:319)
at org.eclipse.gemini.blueprint.service.importer.support.internal.aop.ServiceInvoker.doInvoke(ServiceInvoker.java:56)
at org.eclipse.gemini.blueprint.service.importer.support.internal.aop.ServiceInvoker.invoke(ServiceInvoker.java:60)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
at org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.eclipse.gemini.blueprint.service.importer.support.LocalBundleContextAdvice.invoke(LocalBundleContextAdvice.java:57)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
at org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
at com.sun.proxy.$Proxy503.getUserSession(Unknown Source)
Does anyone have any pointers on diagnosing this? I could not find much information about this error in the SDK docs. Thank you
- Mike
↧
↧
Copy-Harddisk error
When I copy all the hard disks of VM named "1", it copies all the disk to destination folder named "2" in datastore named "Data", the below command works:-
Get-HardDisk -VM 1 | Copy-HardDisk "[Data] 2/"
BUT
When I try to copy only one particular Disk it errors out as below :-
Get-HardDisk -VM 1 | Copy-HardDisk -HardDisk "[Data] 1/1.vmdk" -DestinationPath "[Data] 2/"
Copy-HardDisk : Cannot bind parameter 'HardDisk'. Cannot convert the "[Data] 1/1.vmdk" value of type "System.String" to type
"VMware.VimAutomation.ViCore.Types.V1.VirtualDevice.HardDisk".
At line:1 char:46
+ Get-HardDisk -VM 1 | Copy-HardDisk -HardDisk "[Data] 1/1.vmdk" -DestinationPath ...
+ ~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Copy-HardDisk], ParameterBindingException
+ FullyQualifiedErrorId : CannotConvertArgumentNoMessage,VMware.VimAutomation.ViCore.Cmdlets.Commands.CopyHardDisk
Any help, thanks
↧
Migration:VMotion:New Host 5.5
Hi all,
I believe this may be unique.
Customer needs to replace existing UCS Server but "NEW" UCS server cannot be brought on the Network at all. Long story, but unfortunately it must use the same network address and physical space as existing UCS Server.
Datastore and storage is local.
What is the best option to migrate to the new host. Would it make since to VMotion to a network space and than once new server is up online, Vmotion back.
Any Best Practices here?
Thanks,
Ron
↧
Change vRealize Automation status message when calling vCO workflow
Hi,
is it possible to change the vRealize Automation Status Details message when a vCO workflow that is called via vRA advanced services ends successfully?
I would like to include some vCO output parameters to vRA instead of just "Status Details = The request was successfully completed" (print screen 01.png)
If defining your error code it gets included in the Status Details when the WF fails (print screen 02.png)
thanks
↧
guest os ipaddress,subnet and gateway information
Hello
I'm trying to pull Guest VMS IP address,Subnet and gateway with the below script..But unfortunately its not working...In datacenter vms run on standard and DVswitch..vms version start from version 7.Can anyone correct me..I need this report on 3000vms
Used script..
==
$vm = Get-VM "Testvm"
$row = "" | Select Name,Host,OS,NicType,VLAN,IP,Gateway,Subnetmask,DNS
$nicInfo = Get-VMGuestNetworkInterface -VM $vm
$row.Name = $vm.Name
$row.Host = $vm.Host.Name
$row.OS = $vm.Guest.OSFullName
$row.NicType = [string]::Join(',',(Get-NetworkAdapter -VM $vm | Select -ExpandProperty Type))
$row.VLAN = [string]::Join(',',(Get-VirtualPortGroup -VM $vm | Select -ExpandProperty VlanId))
$row.IP = [string]::Join(',',$vm.Guest.IPAddress)
$row.Gateway = [string]::Join(',',($nicInfo | Select -ExpandProperty DefaultGateway))
$row.Subnetmask = [string]::Join(',',($nicInfo | Select -ExpandProperty Subnetmask))
$row.DNS = [string]::Join(',',($nicInfo | Select -ExpandProperty Dns))
$row
====
Errors while running on vms connected with standard and DV switch..
=====
WARNING: The 'Host' property of VirtualMachine type is deprecated. Use the
'VMHost' property instead.
Select-Object : Cannot process argument because the value of argument "obj" is
null. Change the value of argument "obj" to a non-null value.
At C:\Program Files\VMware\Infrastructure\vSphere PowerCLI\vmipsubnetgateway1.p
s1:10 char:53
+ $row.Gateway = [string]::Join(',',($nicInfo | Select <<<< -ExpandProperty De
faultGateway))
+ CategoryInfo : InvalidArgument: (:) [Select-Object], PSArgument
NullException
+ FullyQualifiedErrorId : ArgumentNull,Microsoft.PowerShell.Commands.Selec
tObjectCommand
Select-Object : Cannot process argument because the value of argument "obj" is
null. Change the value of argument "obj" to a non-null value.
At C:\Program Files\VMware\Infrastructure\vSphere PowerCLI\vmipsubnetgateway1.p
s1:11 char:56
+ $row.Subnetmask = [string]::Join(',',($nicInfo | Select <<<< -ExpandProperty
Subnetmask))
+ CategoryInfo : InvalidArgument: (:) [Select-Object], PSArgument
NullException
+ FullyQualifiedErrorId : ArgumentNull,Microsoft.PowerShell.Commands.Selec
tObjectCommand
Select-Object : Cannot process argument because the value of argument "obj" is
null. Change the value of argument "obj" to a non-null value.
At C:\Program Files\VMware\Infrastructure\vSphere PowerCLI\vmipsubnetgateway1.p
s1:12 char:49
+ $row.DNS = [string]::Join(',',($nicInfo | Select <<<< -ExpandProperty Dns))
+ CategoryInfo : InvalidArgument: (:) [Select-Object], PSArgument
NullException
+ FullyQualifiedErrorId : ArgumentNull,Microsoft.PowerShell.Commands.Selec
tObjectCommand
Name : testvm
Host : 10.50.XX.XX
OS : Microsoft Windows Server 2008 R2 (64-bit)
NicType : Vmxnet3
VLAN : 58
IP : 10.50.XX.XX,fe80::f5f9:e945:ca03:55f5
Gateway :
Subnetmask :
DNS :
===================================
error while running on DVswitch vms..
===============================
Get-VMGuestNetworkInterface : 22-Jul-14 4:14:17 PM Get-VMGuestNetworkInterfa
ce Execution of the script in guest OS on VM 'testvm' failed: 'Ac
cess is denied.
'
At C:\Program Files\VMware\Infrastructure\vSphere PowerCLI\vmipsubnetgateway1.p
s1:3 char:39
+ $nicInfo = Get-VMGuestNetworkInterface <<<< -VM $vm
+ CategoryInfo : InvalidData: (DCMLXLIVEAMS:VirtualMachineImpl) [
Get-VMGuestNetworkInterface], VimException
+ FullyQualifiedErrorId : Client20_RunScriptInGuestHelper_RunScriptFileInG
uest_ScriptError,VMware.VimAutomation.ViCore.Cmdlets.Commands.GetVmGuestNe
tworkInterface
Get-VMGuestNetworkInterface : 22-Jul-14 4:14:17 PM Get-VMGuestNetworkInterfa
ce Unable to parse script output.
At C:\Program Files\VMware\Infrastructure\vSphere PowerCLI\vmipsubnetgateway1.p
s1:3 char:39
+ $nicInfo = Get-VMGuestNetworkInterface <<<< -VM $vm
+ CategoryInfo : InvalidArgument: (:) [Get-VMGuestNetworkInterfac
e], ViError
+ FullyQualifiedErrorId : Client20_VmHostServiceImpl_GetVmGuestNetworkInte
rface_UnableToParse,VMware.VimAutomation.ViCore.Cmdlets.Commands.GetVmGues
tNetworkInterface
WARNING: The output of the command produced distributed virtual portgroup
objects. This behavior is obsolete and may change in the future. To retrieve
distributed portgroups, use Get-VDPortgroup cmdlet in the VDS component. To
retrieve standard portgroups, use -Standard.
Select-Object : Property "VlanId" cannot be found.
At C:\Program Files\VMware\Infrastructure\vSphere PowerCLI\vmipsubnetgateway1.p
s1:8 char:70
+ $row.VLAN = [string]::Join(',',(Get-VirtualPortGroup -VM $vm | Select <<<< -
ExpandProperty VlanId))
+ CategoryInfo : InvalidArgument: (10.16.12.1-254_V10:PSObject) [
Select-Object], PSArgumentException
+ FullyQualifiedErrorId : ExpandPropertyNotFound,Microsoft.PowerShell.Comm
ands.SelectObjectCommand
Exception calling "Join" with "2" argument(s): "Value cannot be null.
Parameter name: value"
At C:\Program Files\VMware\Infrastructure\vSphere PowerCLI\vmipsubnetgateway1.p
s1:8 char:27
+ $row.VLAN = [string]::Join <<<< (',',(Get-VirtualPortGroup -VM $vm | Select -
ExpandProperty VlanId))
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : DotNetMethodException
Exception calling "Join" with "2" argument(s): "Value cannot be null.
Parameter name: value"
At C:\Program Files\VMware\Infrastructure\vSphere PowerCLI\vmipsubnetgateway1.p
s1:10 char:30
+ $row.Gateway = [string]::Join <<<< (',',($nicInfo | Select -ExpandProperty De
faultGateway))
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : DotNetMethodException
Exception calling "Join" with "2" argument(s): "Value cannot be null.
Parameter name: value"
At C:\Program Files\VMware\Infrastructure\vSphere PowerCLI\vmipsubnetgateway1.p
s1:11 char:33
+ $row.Subnetmask = [string]::Join <<<< (',',($nicInfo | Select -ExpandProperty
Subnetmask))
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : DotNetMethodException
Exception calling "Join" with "2" argument(s): "Value cannot be null.
Parameter name: value"
At C:\Program Files\VMware\Infrastructure\vSphere PowerCLI\vmipsubnetgateway1.p
s1:12 char:26
+ $row.DNS = [string]::Join <<<< (',',($nicInfo | Select -ExpandProperty Dns))
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : DotNetMethodException
Name : Testvm
Host : 10.50.XX.XX
OS : Microsoft Windows Server 2003 (32-bit)
NicType : Vmxnet3
VLAN :
IP : 10.16.XX.XX,10.16.XX.XX
Gateway :
Subnetmask :
DNS :
↧
↧
Generating report dilemma
Hello all,
I am trying to find out whether this is a rights issue or this is way it supposed to work.
In vROPS, I am trying to generate Horizon VDI Desktop Session Statistics report. (HOME -> Content -> Horizon VDI Desktop Session Statistics).
Right now, I am only be able to pick 1 session at a time to generate this report. Is there way to select all sessions listed under (VDI Desktop Session) to generate a report?
Thanks in advance..
Wongo
↧
Resource allocation again
Hi,
I have one cluster with 2 nodes CPU capacity per host is 2*2,94 GHZ. Recource allocation shows 5641 MHZ. Why not 2*2.94*2 ?
Host summary
Thank you
↧
Error : "Mechanism level: KrbException:Cannot locate default realm" during Invoking a Powershell script in vRO7.0 WF
Hello All,
I am trying to invoke a powershell script in my vRO7 workflow. This script will be invoked in external powershell host. The power shell host is already been registered in my vRO7.0.
For this purpose, I am using the inbuilt workflow "Invoke a Powershell script" under the Library invRO7.0 Orchestrator client.
Yesterday the invocation was executed successfully, but while today morning during the execution of the script I received an error (Mechanism level: KrbException:Cannot locate default realm) (Workflow: Invoke a Powershell script/Invoke script(item0)#3).
Line #3 is:
session = host.openSession();
It seems that there is some Kerberos configuration error happened between vRO and Powershell host. Should I need to check the 'krb5.conf' filein the vCO 7.0 server ? or any other configuration needs to be checked ? Strange thing is that, last week it was worked fine !!!
Can you please help me out ?
Thanks,
koushik
↧
Horizon View 6 - Persona Management - Folder Redirection and Roaming & Synchronization
I'm having a quirky issue with the PMView. This is what I see:
- Log as test user with Horizon View client (1st time)
- View Desktop loads Windows, and shows desktop (30-45 seconds)
(During this step, I see the profile and redirected folders are created correctly)
- Log off test user
- Log back in with the same test user (2nd time)
- View Desktop loads Windows, shows the "Welcome" screen, and then a black screen.
(During this step, I see the profile repository get "recreated" (i.e., the folders/files get deleted, and then recreated...))
- After 1-2 minutes later, the desktop shows up
This seems like an odd behavior to me, and it's probably related to how I've created my PMview.
This is what I have:
VMware View Agent Configuration/Persona Management/Desktop UI
Show critical errors to users via tray icon alerts = Enabled
VMware View Agent Configuration/Persona Management/Folder Redirection
Add the administrators group to redirected folders = Enabled
Application Data (Roaming) = Enabled
Redirect to the following location: \\FILESERVER\ViewFRedirection$\%username%\AppDataRoaming
Desktop = Enabled
Redirect to the following location: \\FILESERVER\ViewFRedirection$\%username%\Desktop
Favorites = Enabled
Redirect to the following location: \\FILESERVER\ViewFRedirection$\%username%\Favorites
My Documents = Enabled
Redirect to the following location: \\FILESERVER\ViewFRedirection$\%username%\Documents
VMware View Agent Configuration/Persona Management/Roaming & Synchronization
Files and folders excluded from roaming = Enabled
- Desktop
- Documents
- Favorites
- Recent Items
- Music
- Pictures
- Videos
Manage user persona = Enabled
Profile upload interval (in minutes): 1
Persona repository location = Enabled
Share path: \\FILESERVER\ViewProfiles$
Override Active Directory user profile path if it is configured = Enabled
Roam local settings folders = Enabled
↧
↧
Using PowerShell to Deploy VMware Access Point
By Mark Benson, Senior Architect and Senior Staff Engineer, End-User-Computing CTO Office, VMware
Introduction
Updated May and August 2016 to include Access Point 2.6 details for use as a Web Reverse Proxy for VMware Identity Manager 2.6/2.7.
In September 2015, I posted A Technical Introduction to Access Point for Secure Remote Access article. Access Point is a VMware virtual appliance which is used with VMware Horizon (View) and Horizon Air (DaaS). In that article I mentioned the ability to perform a scripted deployment of an Access Point virtual appliance using VMware OVF Tool in order to perform a repeatable deployment where all settings can be applied in a way that allows Access Point to be production ready on first boot. This procedure is described in the document Deploying and Configuring Access Point.
Whilst it is great to be able to specify all configuration settings in one go at deployment time, the downside of this is that the OVF Tool command line can become very long and complex. It is also easy to introduce errors on the command line as the command syntax for OVF Tool used in this way can be difficult to get right. Also, it is not possible to validate the settings with OVF Tool and it is therefore very easy to make configuration errors such as setting an admin REST API password that doesn't meet the required complexity rules.
Many Windows administrators managing a VMware Horizon environment need a much simpler way to deploy Access Point in a secure, reliable and repeatable way and to have complete control over the settings. For these reasons, we have developed a sample PowerShell script that can be used to deploy Access Point and which overcomes the main difficulties of using OVF Tool directly on the command line. As this PowerShell script is delivered as a sample script, you can also adapt it as required for your specific needs although in most cases you won't need to modify it at all. The script calls the OVF Tool command but validates the settings and automatically constructs the correct command line syntax. The settings are taken from a simple .INI file. This script runs OVF Tool in a fully supported way for Access Point according the procedure in the document Deploying and Configuring Access Point . Note that no password values or private key values are stored within the .INI configuration files.
The PowerShell script sets all configuration settings for OVF Tool at deployment time. This includes setting up the CA issued SSL Server certificate and all other possible settings. After Access Point has been deployed by this script, there is no need to make configuration changes after deployment. Access Point will be ready for production use on first boot.
What are the requirements for deploying Access Point appliances using this script?
- For Access Point itself, a vSphere ESX host with a vCenter Server is needed. Decide on the vSphere datastore to be used and the Network name to be used. A vSphere Network Protocol Profile must be associated with every referenced network name. This Network Protocol Profile specifies network settings such as IPv4 subnet mask, gateway etc. The deployment of Access Point uses these values so make sure the values are correct.
- The PowerShell script runs on a machine running Windows 8.1 (or newer) or Windows Server 2008 R2 (or newer). This can be the vCenter Server itself if it is running on Windows, or can be a separate Windows machine.
- The Windows machine running the script must also have the VMware OVF Tool command installed. Install OVF Tool 4.0.1 or newer. You can download it from here OVF Tool Software and Documentation.
How do I run the script?
- Download a version 2.0.1 Access Point virtual appliance image from VMware onto your Windows machine. This is an OVA file. e.g. euc-access-point-2.0.1.0-3084879_OVF10.ova.
- Download the apdeploy-250-v4.zip file attached below and extract the files into a folder on your Windows machine.
- On your Windows machine, open a PowerShell console and change directory to the location of your script.
- Create a .INI configuration file for your Access Point virtual appliance. In this example, I am going deploy a new Access Point appliance called AP1. I have created a .INI file called ap1.ini which contains all the configuration settings for AP1. You can use the sample .INI files contained within the apdeploy-250-v4.zip file to create your .INI file and then modify the settings to the values you want.
- Make sure script execution is unrestricted for the current user. You can do this by running the command:
set-executionpolicy -scope currentuser unrestricted
You only need to run this once and only if it is currently restricted.
If you get a warning about running this scrip, you can unblock that warning by running the command:
unblock-file -path .\apdeploy.ps1 - Run the command .\apdeploy.ps1 -iniFile ap1.ini as shown in the screenshot below. If you don't specify the -iniFile option, the script will default to ap.ini. You will be prompted to set a root password for the appliance and an optional password for the admin REST API. You will also be prompted for the vCenter password. Deployment takes around a minute depending on your host and storage performance. If you are prompted to add the fingerprint for the target machine, enter yes.
- When the script completes, the Access Point appliance is ready to use. No further configuration steps are required.
.INI File Contents
The apdeploy-250-v4.zip file attached at the bottom of this post contains four example .INI files. ap1-basic.ini is a minimal .INI file which just contains the minimum settings needed. ap2-advanced.ini is a more complex configuration file showing additional settings available. ap3-securid.ini is an example of a configuration including RSA SecurID authentication. ap4-radius.ini is an example of a configuration including RADIUS authentication. You should start with just a basic .INI file to ensure that this deployment method works in your environment. You can then add more advanced settings in your .INI file and repeat the deployment. If you have already deployed the named Access Point appliance, then running the script again will power off the appliance, delete it, and will redeploy it with the current .INI settings. This is a useful capability to use when either upgrading the appliance to a newer version, or just to change any of the settings.
Basic .INI File Example
##############################################
[General]
name=AP1
source=C:\APs\euc-access-point-2.5.0.0-3588605_OVF10.ova
target=vi://administrator@vsphere.local:PASSWORD@192.168.0.21/Datacenter1/host/esx1.myco.int
ds=Local Disk 1
netInternet=VM Network
netManagementNetwork=VM Network
netBackendNetwork=VM Network
[Horizon]
proxyDestinationUrl=https://192.168.0.209
##############################################
The following table describes each configuration setting. These must be arranged in the .INI file under the appropriate Group Name shown in the first column and as shown in the sample .INI files.
Configuring Access Point as a Web Reverse Proxy for VMware Identity Manager
Access Point 2.6 and newer can be used as a Web Reverse Proxy in front of VMware Identity Manager version 2.6 (and newer). Make sure you use a 2.6 (or newer) version of Access Point e.g.
source=C:\APs\euc-access-point-2.6.0.0-3643916_OVF10.ova
For exact up to date information on Access Point compatibility, refer to the VMware Interoperability Support Matrix and select VMware Access Point and VMware Identity Manager.
For this setup, remove the entire [Horizon] section from the .ini file and replace it with a new [WebReverseProxy] section. Use the values shown in the sample ap10-vidm.ini file in apdeploy-260-v7.zip below. This script version didn't change for Access Point 2.7 so it can be used for Access Point 2.6 and 2.7. Set the proxyDestinationUrl to the URL of the Identity Manager server. If that service does not use a trusted CA signed SSL server certificate then you will also need to add the proxyDestinationUrlThumbprints value. Leave all other values in [WebReverseProxy] exactly as shown in the sample ap10-vidm.ini.
The setup requires "split DNS" to be setup where the URL hostname for an external user resolved to the address of Access Point, and the same URL hostname for an internal user resolves to the address of the Identity Manager server.
Configuration Settings
| Group Name | Value | AP Version Required (if applicable) | Example | Description |
|---|---|---|---|---|
| [General] | deploymentOption | deploymentOption=onenic | Access Point can be created with either one, two or three network interface cards (NICs). Either specify onenic, twonic or threenic. The default is onenic. | |
| dns | dns=192.168.0.1 | Optional DNS server address. Default is none. | ||
| ds | ds=Local Disk 1 | Datastore name which the appliance will be deployed to. | ||
| ip0 | ip0=192.168.0.10 | IPv4 address for NIC0 (onenic, twonic or threenic) | ||
| ip1 | ip1=192.168.0.11 | IPv4 address for NIC1 (twonic or threenic) | ||
| ip2 | ip2=192.168.0.12 | IPv4 address for NIC2 (threenic) | ||
| name | name=AP1 | Name of the virtual appliance as shown in vCenter. It must be between 1 and 32 characters long. If name is omitted, the PowerShell script will prompt for it. | ||
| netInternet | netInternet=VM Network | The name of the vSphere Network for the Access Point primary network | ||
| netManagementNetwork | netManagementNetwork=VM Network | The name of the vSphere Network for the Access Point management interface network. | ||
| netBackendNetwork | netBackendNetwork=VM Network | The name of the vSphere Network for the Access Point backend network. | ||
| source | source=C:\Users\admin\My Images\euc-access-point-2.5.0.0-3588605_OVF10.ova | Full path filename of the Access Point .ova virtual machine image. The file can be downloaded from VMware. | ||
| syslogUrl | syslogUrl=syslog://server.example.com:514 | Optional syslog server URL. This allows syslog events to be forward to a syslog management server. | ||
| target | target=vi://administrator@vsphere.local:PASSWORD@ 192.168.0.21/DC1/host/esx1.myco.int
target=vi://administrator@vsphere.local:PASSWORD@ 192.168.0.21/DC1/host/Cluster1/ | Specifies the vCenter Server information and target ESX host. Refer to the OVF Tool documentation for details of the syntax of target.
PASSWORD in upper case is not the actual vCenter password but is a special term used to make OVF Tool prompt the user for the actual vCenter password value. The prompt will appear during execution of the PowerShell script. This avoids the need to store real password values in this .ini file. Note that target must reference a vCenter host or cluste. Deploying direct to a vSphere host is not supported. In this example, 192.168.0.21 is the IP address of the vCenter host and administrator@vsphere.local is the vCenter administrator username.
Note that folder names, host names and cluster names used in the target value are case sensitive.
If you are unsure of the value to use for target, you can omit folder names etc. and OVF Tool will then provide a list of possible values for the next level. This allows you to accurately build up the full target specification one level at a time. | ||
| [Horizon] | authMethods | 2.5+ | authMethods=securid-auth && sp-auth | Default when not specified is for pass-through authentication.
For RSA SecurID authentication specify: authMethods=securid-auth && sp-auth |
| blastExternalUrl | blastExternalUrl=https://ap1.horizon.myco.com:443 | URL used by HTML Access Clients to connect to this Access Point appliance. | ||
| matchWindowsUserName | 2.5+ | matchWindowsUserName=true | Forces subsequent username to be the same username as specified for RADIUS or RSA SecurID authentication. | |
| pcoipExternalUrl | pcoipExtenalUrl=10.20.30.40:4172 | URL used by Horizon Clients to connect using PCoIP to this Access Point appliance. This must include a valid IPv4 address. | ||
| proxyDestinationUrl | proxyDestinationUrl=https://cs1.view.myorg.int | URL representing the Horizon backend server such as an individual View Connection Server or a load balnced alias URL representing a group of View Connection Servers. | ||
| proxyDestinationUrlThumbprints | proxyDestinationUrlThumbprints=sha1:3e ef ed c6 86 75 a6 15 ff c8 96 27 5a 4c ee 8e 16 fd 6e d3 | An optional comma separated list of certificate thumbprints of the certificates on each backend View Connection Server. If the Horizon View environment is using trusted CA signed certificates, this setting can be ignored. For self signed or otherwise untrusted certificates enter the thumbprint values preceded by sha1:. | ||
| tunnelExternalUrl | tunnelExternalUrl=https://ap1.horizon.myco.com:443 | URL used by Horizon Clients to connect the secure tunnel to this Access Point appliance. | ||
| [SSLCert] | pemCerts | pemCerts=C:\Users\admin\My Certs\mycaservercert.pem | Optional SSL Server certificate filename. This should reference a .PEM format file containing the SSL Server certificate to be deployed onto Access Point. The PEM file should contain the SSL Server certifacte and any intermediate and root certificates. If this is omitted, Access Point will generate a self-signed SSL server certificate instead. | |
| pemPrivKey | pemPrivKey=C:\Users\admin\My Certs\mycacertrsakey.pem | Filename of the .PEM file containg the RSA private key for the SSL server certificate referenced in pemCerts above. If pemCerts is specified, then pemPrivKey must also be specified. | ||
| [SecurIDAuth] | externalHostName | 2.5+ | externalHostName=192.168.0.10 | Set this to the IPv4 address of Access Point |
| internalHostName | 2.5+ | internalHostName=192.168.0.10 | Set this to the IPv4 address of Access Point | |
| serverConfigFile | 2.5+ | serverConfigFile=C:\temp\sdconf.rec | Specifies the sdconf.rec file obtained from RSA Authentication Manager Server. | |
| [WebReverseProxy] | authCookie | 2.6+ | authCookie=HZN | Cookie value to track authorized requests. |
| loginRedirectURL | 2.6+ | loginRedirectURL=/SAAS/auth/login?dest=%s | URL to redirect request for user login. | |
| proxyDestinationUrl | 2.6+ | proxyDestinationUrl=https://vidmserver.example.com/ | URL representing the backend Web server. | |
| proxyDestinationUrlThumbprints | 2.6+ | proxyDestinationUrlThumbprints=sha1:3e ef ed c6 86 75 a6 15 ff c8 96 27 5a 4c ee 8e 16 fd 6e d3 | An optional comma separated list of certificate thumbprints of the certificates on each backend Web Server. If the Web servers are using trusted CA signed certificates, this setting can be ignored. For self signed or otherwise untrusted certificates enter the thumbprint values preceded by sha1: | |
| proxyPattern | 2.6+ | Refer to sample ap10-vidm.ini in the zip file apdeploy-260-v7.zip below. | Specifies the regular expression that matches URIs that should be forwarded to the proxyDestinationUrl. | |
| unSecurePattern | 2.6+ | Refer to sample ap10-vidm.ini in the zip file apdeploy-260-v7.zip below. | Specifies the regular expression that matches URIs that should be forwarded to the proxyDestinationUrl that don't require an authenticated session. |
Managing SSL Server Certificate Files
pemCerts and pemPrivKey configuration items in the [SSLCert] section of the .INI file reference the SSL certificates file and the RSA private key file both in PEM format. If you don't specify pemCerts and pemPrivKey, Access Point will instead generate a self-signed SSL server certificate. This self-signed certificate will not be trusted by Horizon Clients and therefore users will receive a warning when connecting via Access Point.
For production environments, it is best to obtain an SSL server certificate for use on each Access Point appliance. If you have the PEM format files for the SSL server certificate (including any intermediate CA certificates and root CA certificate) you can reference the files in the pemCerts and pemPrivKey values as described above.
You may have a certificate file with private key and certificate trust chain all in one PKCS#12 format file with either a .p12 or .pfx file extension. To use this file with Access Point you must first convert the PKCS#12 format file into the two PEM format files. You can do this with openssl by running the following example openssl commands which start with a PKCS#12 file called mycaservercert.pfx.
openssl pkcs12 -in mycaservercert.pfx -nokeys -out mycaservercert.pem
openssl pkcs12 -in mycaservercert.pfx -nodes -nocerts -out mycaservercertkey.pem
openssl rsa -in mycaservercertkey.pem -check -out mycaservercertkeyrsa.pem
Edit mycaservercert.pem and remove any unnecessary certificate entries. It should contain the one SSL server certificate followed by any necessary intermediate CA certificates and root CA certificate.
In the .INI file, add the following lines.
[SSLCert]
pemCerts=mycaservercert.pem
pemPrivKey=mycaservercertkeyrsa.pem
When the script is run, these certificates and private key will be automatically deployed to the new Access Point appliance. The private key PEM file should be deleted from the Windows machine once Access Point has been deployed.
If you find that the deployment of Access Point works when you don't specify the PEM files (i.e. for Access Point to use a self-signed SSL server certificate) but fails when you supply your own certificate as described above, then follow these steps. It could be caused by a missing intermediate or root certificate in your specified PEM file.
- Log into the console of Access Point as user root and enter the root password you chose when you ran the apdeploy.ps1 script.
- Using an editor such as vi, look at the log file /opt/vmware/gateway/logs/admin.log
- If you see entries saying "Unable to build the certification path" and "No issuer certificate for certificate in certification path found" it means that you having missing intermediate or root certificate entries in the PEM file specified for pemCerts.
- To correct this, you must make sure that any required intermediate certificates and/or root certificate are present in the PEM file and then re-run the apdeploy.ps1 script.
Troubleshooting Deployment Problems
1. I get a security warning about running scripts downloaded from the Internet
Verify that the PowerShell script is the script you intend to run, and then from the PowerShell console, run the command:
unblock-file .\apdeploy.ps1
2. I get an error saying "ovftool command not found".
Make sure you have installed the OVF Tool software on your Windows machine and that it is installed in the location expected by the script. OVF Tool Download.
3. I get an error saying "Invalid Network in property netmask1"
The message may state netmask0, netmask1 or netmask2, Check that a value has been set in the .INI file for each of the three networks (netInternet, netManagementNetwork and netBackendNetwork),Also check that a vSphere Network Protocol Profile has been associated with every referenced network name. This specifies network settings such as IPv4 subnet mask, gateway etc. so make sure the associated Network Protocol Profile has correct values for each of the settings.
4. I get a warning message about the operating system identifier being not supported (id: 85)
The full message is: The specified operating system identifier 'SUSE Linux Enterprise Server 12.0 64bit' (id:85) is not supported on the selected host. It will be mapped to the following OS identifier: 'Other Linux (64-bit)'.
This can be ignored. It is mapped to a supported operating system automatically.
5. How do I configure Access Point for RSA SecurID authentication?
Add the following two lines to the [Horizon] section of your .ini file:
authMethods=securid-auth && sp-auth
matchWindowsUserName=true
Add a new section at the bottom of your .ini file containing:
[SecurIDAuth]
serverConfigFile=C:\temp\sdconf.rec
externalHostName=192.168.0.90
internalHostName=192.168.0.90
The IP addresses should both be set to the IP address of Access Point. The sdconf.rec file is obtained from RSA Authentication Manager which should be fully configured according to RSA documentation. Make sure you are using Access Point 2.5 or newer and that RSA Authentication Manager server is accessible on the network from Access Point. Rerun apdeploy Powershell command to redeploy your Access Point configured for RSA SecurID. Refer to VMware Access Point RSA SecurID Authentication Setup Video for a full step-by-step description of this setup.
6. I get an error saying "Locator does not refer to an object"
This means that the target= value (used by vSphere OVF Tool) is not correct for your vCenter environment. Refer to the table above for examples of the target format used to refer to a vCenter host or cluster. If you are not sure of the names to use, you can start with the top level object, e.g. by specifying:
target=vi://administrator@vsphere.local:PASSWORD@192.168.0.21/
This will then show a list of possible names to use at the next level. You can then expand it, one level at a time based on this list.
target=vi://administrator@vsphere.local:PASSWORD@192.168.0.21/Datacenter1/
target=vi://administrator@vsphere.local:PASSWORD@192.168.0.21/Datacenter1/host
target=vi://administrator@vsphere.local:PASSWORD@192.168.0.21/Datacenter1/host/Cluster1/
or
target=vi://administrator@vsphere.local:PASSWORD@192.168.0.21/Datacenter1/host/esxhost1
Note that folder names, host names and cluster names used in the target value are case sensitive.
If you have any questions about this PowerShell script leave a comment below. For any questions on Access Point itself, post a message on the discussion section of the Horizon community forum.
↧
vRO 7.x - Run workflow (WF) only after preceeding WF is completed.
Hi
I would like to run the next workflow only after provisioning VMs in a previous workflow is completed? Is there a built-in feature in vRA or vRO that can do that. Any thoughts? Thanks
Regards
↧
VM have poor graphics performance | Please help
Hello VMware -Community
first, sorry for my bad english and i hope, that you can understand me a Little bit.
At home i have not a separate homeserver, i will use my normal Computer for virtualisation.
My Computer have the following Hardware componetns:
HOST HARDWARE
Intel Core i7 4770k
MSI Z87-G55
GTX980 OC
16GB DDR3
GUEST HARDWARE
3 vcores
3 GB RAM
3D Graphics" is enabled.
After i installed the workstation 12 pro, i created a virtual machine with the operation system "Windows 10".
After the Windows 10 installation i installed the vmware tools on the guest System.
My problem is, that the performance of this virtual guest is no satisfactorily.
For example: When i move a window on my screen, then its running unnormal. (stocking ... no smooth moves).
The hardware of the host and of the guest system are not busy.
Then i checked the same situation with the free product "Oracle VirtualBox".
Here i have a better performance with smooth moves, when i move a window or scroll on a webpage.
I think , that my host computer have enough hardware skill for virtualisation one virtual guest system with windows 10.
I hope, you can help me to Tuning my vm.
Thanks in Advance.
↧