Hi!

I try to migrate everything from a 6.7 appliance to a 7.0.

I deployed the new appliance, and follow the migration procedure what i did before with the 6.x appliance when i migrated from windows.

What is working back then its not working now.

No matter what i do the upgrade pre check failed due to SSL certificate mismatch.

However i triple check everything, the certs are all valid. The machine SSL thumbprint match the SSL trust cert. The lookup service cert also match with the machine SSL. All SSL is match and valid. And still i got this error all the time (attached).

I really out of ideias here. Can somebody help me out what the hell is wrong? I attached the logs too.

Hi,

So I have added a 2nd vCenter into our primary vCenter for embedded linked mode. I was under the impression that the Identity Sources would be able to be seen by the newest vCenter that has added into the linked mode. Is that true? Because I when I try and give permissions to this 2nd vCenter I get a message that the user or group does not exist? Yet, I can add it fine on the original vCenter.

Thanks.

Tried to configure vCenter Server 7.0 Identity Provider Federation using Okta as an external identity provider as outlined here:  https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.authentication.doc/GUID-C5E998B2-1148-46DC-990E-A5DB71F93351.html. Currently, vCenter Server supports only Active Directory Federation Services (AD FS) as an external identity provider. I was able to get it to work using Okta for individual users, but not the groups. Getting an error that user doesn't have any permissions. If someone figures out how to pass ad group membership info from Okta to VCenter 7.0, please let me know.

AS the titlte states after installing update 6.7U3 on both VCA and external PSC I get error 404 when accessing https://FQDN on both the VCA and external PSC.   The appliance Management page works though, https://FQDN:5480 is fine on both and the summary from the management page shows everyting green.  I have tried the sam by IP with the same results.

Note, we updated 4 vcenters with external PSC and 2 are fine, 2 are as above.

I can ping all devices via FQDN and IP.

Both devices have been rebooted, PSC first off and first on.

All services seem be be stopped

root@ [ ~ ]# service-control --status

Stopped:

applmgmt lwsmd vmafdd vmcam vmonapi vmware-analytics vmware-certificatemanagement vmware-cm vmware-content-library vmware-eam vmware-imagebuilder vmware-mbcs vmware-netdumper vmware-perfcharts vmware-pod vmware-postgres-archiver vmware-rbd-watchdog vmware-rhttpproxy vmware-sca vmware-sps vmware-statsmonitor vmware-topologysvc vmware-updatemgr vmware-vapi-endpoint vmware-vcha vmware-vmon vmware-vpostgres vmware-vpxd vmware-vpxd-svcs vmware-vsan-health vmware-vsm vsan-dps vsphere-client vsphere-ui

root@ [ ~ ]# service-control --start all

Operation not cancellable. Please wait for it to finish...

Service-control failed. Error: {

    "resolution": {

        "id": "install.ciscommon.cmlookup.resolution",

        "translatable": "Please refer to component manager documentation to troubleshoot.",

        "localized": "Please refer to component manager documentation to troubleshoot."

    },

    "problemId": null,

    "detail": [

        {

            "id": "install.ciscommon.service.notfound",

            "translatable": "Unable to locate service '%(0)s'",

            "localized": "Unable to locate service 'all'",

            "args": [

                "all"

            ]

        }

    ],

    "componentKey": null

}

root@ [ ~ ]#

root@ [ ~ ]# service-control --start vmware-vpxd

Operation not cancellable. Please wait for it to finish...

Performing start operation on service vpxd...

Service vmware-vmon startup type is not automatic. Skip

2020-04-16T11:03:41.443Z  Service vMon is not running. Failed to get startType of service vpxd

Error executing start on service vpxd. Details Error: startType of svc: vpxd rc : 11 stdout:  stderr: Connect error. ErrCode: 111

Service-control failed. Error: Error: startType of svc: vpxd rc : 11 stdout:  stderr: Connect error. Er111

root@ [ ~ ]# df -h

Filesystem                                Size  Used Avail Use% Mounted on

devtmpfs                                  7.9G     0  7.9G   0% /dev

tmpfs                                     7.9G     0  7.9G   0% /dev/shm

tmpfs                                     7.9G  660K  7.9G   1% /run

tmpfs                                     7.9G     0  7.9G   0% /sys/fs/cgroup

/dev/sda3                                  11G  5.8G  4.3G  58% /

tmpfs                                     7.9G     0  7.9G   0% /tmp

/dev/sda1                                 120M   34M   78M  31% /boot

/dev/mapper/imagebuilder_vg-imagebuilder  9.8G   23M  9.2G   1% /storage/imagebuilder

/dev/mapper/autodeploy_vg-autodeploy      9.8G   23M  9.2G   1% /storage/autodeploy

/dev/mapper/netdump_vg-netdump            985M  1.3M  916M   1% /storage/netdump

/dev/mapper/updatemgr_vg-updatemgr         99G  2.0G   92G   3% /storage/updatemgr

/dev/mapper/archive_vg-archive             50G   23G   25G  49% /storage/archive

/dev/mapper/dblog_vg-dblog                 15G  2.4G   12G  17% /storage/dblog

/dev/mapper/core_vg-core                   50G   52M   47G   1% /storage/core

/dev/mapper/seat_vg-seat                  542G  1.7G  513G   1% /storage/seat

/dev/mapper/log_vg-log                    9.8G  2.3G  7.0G  25% /storage/log

/dev/mapper/db_vg-db                      9.8G  1.5G  7.8G  17% /storage/db

Hello

I wanted to check if in VMware vcenter 6.7 enhanced linked mode it is necessary to license all vCenters of each site I connect? or I only need one license in the main one and it replicates the license to the other vCenters?

VMware documentation is not very clear about this or I am very confused.

Enhanced Linked Mode provides the following features for both vCenter Server on Windows and vCenter Server Appliance systems:

• You can log in to all linked vCenter Server systems simultaneously with a single user name and password.
• You can view and search the inventories of all linked vCenter Server systems within the vSphere Web Client.
• Roles, permission, licenses, tags, and policies are replicated across linked vCenter Server systems.

I understand by this that you are replicating the licenses, I am not sure if it will be so, please help me.

Thank you very much in advance.

Greetings.

A general system error occurred: SSL Exception: Operation was canceled

VMware-converyter 6.2连接5.5vc报错

2020-04-17T10:51:15.727+08:00 verbose converter-gui[02656] [Originator@6876 sub=HttpConnectionPool-000002] [RemoveConnection] Connection removed; cnx: <io_obj p:0x05aad9d4, h:-1, <pipe '\\.\pipe\vmware-converter-server-soap'>, <pipe '\\.\pipe\vmware-converter-server-soap'>>; pooled: 0

2020-04-17T10:51:15.743+08:00 error converter-gui[02656] [Originator@6876 sub=Default] SSL Async Handshake Timeout : Read timeout after approximately 25000ms. Closing stream <SSL(<io_obj p:0x05eff8d0, h:2204, <TCP '10.26.146.218:63801'>, <TCP '10.26.146.191:443'>>)>

2020-04-17T10:51:15.743+08:00 error converter-gui[00660] [Originator@6876 sub=HttpConnectionPool-000000] [ConnectComplete] Connect failed to <cs p:02e6c0e8, TCP:10.26.146.191:443>; cnx: (null), error: class Vmacore::Ssl::SSLHandshakeTimeoutException(SSL Exception: Operation was canceled)

2020-04-17T10:51:15.744+08:00 error converter-gui[03732] [Originator@6876 sub=wizardController] GetVimConnection has error while trying to connect (3), Error: SSL Exception: Operation was canceled

Hello

has anyone already updated VCSA to 6.7 U3f to fix the VMSA-2020-0006 problem (ACL Mode legacy)?

I did it yesterday on one appliance but still the log outputt says: ACL Mode: legacy

There is no hint given in the articles around the problem what it should say instead.

any idea?

VMSA-2020-0006.1

VMware Knowledge Base

thx, Stefan

Good morning experts,

Have you found any problem in updating the latest VCSA 6.7 (U3F) from a 6.7 U3b

On the other hand I ask for several recommendations, as a rollback, which would be the best process? A snapshot directly from an ESXi? clone? snap wtich VM up or down?

The downtime, tells me 3 hours in the precheck....this is real? it's a long time...

Sorry for the questions... I'm a rookie

Regards,

Hello

I'm trying to convert a virtual Linux server  2.6.32-5-amd64 under Proxmox in to a virtual one into a VCenter 6.5 with VMware vCenter Standalone 6.2.

it keeps failing at 98% with a status :

FAILED: An error occurred during the conversion: 'InitrdNativePatcher failed to generate initrd image: /usr/lib/vmware-converter/initrdGenUbuntu.sh failed with return code: 2, and message: * /mnt/p2v-src-root/dev has 3 files /dev/mapper/groupe_de_volumes_1-root: No such file or directory stat: cannot stat `/dev/mapper/groupe_de_volumes_1-root': No such file or directory /usr/sbin/mkinitramfs: 1: arithmetic expression: expecting EOF: "0x % 256" * user script returning code 2 * unmounting /mnt/p2v-src-root/dev /mnt/p2v-src-root/proc and /mnt/p2v-src-root/sys ERROR:
failed running mkinitrd /boot/initrd.img-2.6.32-5-amd64 2.6.32-5-amd64 with chroot /mnt/p2v-src-root '

Source machine has a logical volume, so i try to switch "To basic" in the destination layout.

Any suggestions ?

Hi,

I want to migrate VMs from vCenter 5.5.0 U1b to vCenter 6.5 U1b using Converter Standalone 6.2.

When Converter tries to connect the source vCenter (5.5) I receive this error:

"A general system error occurred: SSL Exception: error:14077102:SSL routines:SSL23_GET_SERVER_HELLO:unsupported protocol"

The error seems to be related to the certificate.

Could you help me?

Thanks

Andrea

Hey Guys,

I recently upgrade my environment from 6.7 u1b to 6.7 u3f.

The first thing I noticed after the upgrade was the version numbers were different in the appliance management console and the vsphere web client.

The appliance management stated version 6.7.0.43000 build 15976714

The vSphere web client stated version 6.7.0.42000 build 15976728

According to https://www.virten.net/vmware/vcenter-release-and-build-number-history/

Would this be of any concern?

Also we have an Horizon View connection server, when trying to connect using the alias via the Horizon Client it is considerably slower than normal. Would this have anything to do with the upgrade?

Appreciate any help

Moin,

ich habe ein kleines Problem wo ich nicht weiterkomme.

Ich möchte bei einer virtuellen Maschine die Festplatte von 100 auf 200 GB erweitern.

Der Datenspeicher hat noch genug Kapazität.

Das System hat einen Cluster mit 3 Esxi-Hosts.

Wenn ich die FP mit dem Reiter VERGRÖßERN anklicke erhalte ich vom System das die vmdx gesperrt ist.

Hat jemand eine Idee wie mann dieses Problem beheben kann?

Danke im Voraus

André

Are we affected by Vcenter vulnerability? Need confirmation for the below link..? we are running VCenter 6.5 standard.

https://securityaffairs.co/wordpress/101805/security/vmware-vcenter-server-issue-details.html

Hoping for some guidance / help.  Right now have used the command line to setup a second TCP/IP stack, hoping to have a second mgmt connection.  I have successfully:

1. created the TCP/IP stack

2. created vmk nic

3. made the associations in web ui,

4. able to view the above vmk, TCP/IP stack.

     i. NONE of the static setting in custom stack are editable, from what I have been able to learn, is I need to 'enable' or setup vmkernel port?  (HOW, I don't know.)

I can 'edit' the stack in the gui.  I have successfully set the management setting for the vmk nic, but the last thing ... that I think I need to do is set up the custom TCP/IP stack, but I can't.  I'd be ok with doing it vi esxcli command but I can't find anything on how.  HELP if you can pls

Cheers!!

Hi,

We are seeing vSphere Distributed Switch teaming matched status alarm after enabling VLAN and MTU / Teaming and failover Health Check.

VMware Knowledge Base states that the alarm is a result of misconfiguration.

We have 3 Port Groups on this DS and all 3 are set to route based on the originating virtual port.

On the physical side the ports are not either channeled. Each port is a Trunk port with VLANs used by the port groups assigned.

What could be triggering the alarm?

Edit: VMware Knowledge Base describes our issue, however the KB was written for vCenter 5.1 and should be fixed in 5.5. We are on 6.7

Thanks

Hi guys,

Last week, when I try to login to VCSA, it seem something wrong and I can't login. So I try to reboot the VCSA.

When it boot up,the website only show the text below:

503 Service Unavailable (Failed to connect to endpoint: [N7Vmacore4Http20NamedPipeServiceSpecE:0x00007f285000c480] _serverNamespace = / action = Allow _pipeName =/var/run/vmware/vpxd-webserver-pipe)

And there is a lot of service can not be started.

root@dr-vcsa [ ~ ]# service-control --status

StartPending:

vmware-perfcharts

Stopped:

pschealth vmcam vmware-content-library vmware-eam vmware-imagebuilder vmware-mbcs vmware-netdumper vmware-rbd-watchdog vmware-sps vmware-statsmonitor vmware-updatemgr vmware-vapi-endpoint vmware-vcha vmware-vpxd vmware-vpxd-svcs vmware-vsan-health vmware-vsm vsan-dps

Running:

applmgmt lwsmd vmafdd vmcad vmdird vmdnsd vmonapi vmware-analytics vmware-certificatemanagement vmware-cis-license vmware-cm vmware-pod vmware-postgres-archiver vmware-rhttpproxy vmware-sca vmware-sts-idmd vmware-stsd vmware-topologysvc vmware-vmon vmware-vpostgres vsphere-client vsphere-ui

What should I do?

Hi,

Within Esxi 6.3 I'm trying to make a separate network between 2 virtuals (both on the same host). Unfortunately I'm unable to connect the machines.

I've created a new vSwitch with a new port.Both machines (FreeBSD & win10) are on that network. Both machines have a static ip address.

Hopefully someone can point me in the right direction of what I'm doing wrong here

Any help will be greatly appreciated.

Strange here is that both machines are booted but only the 1 seems to be active (that is the pfSense/FreeBSD machine).

FreeBSD machine

W10 machine

So I've gotten a trial version of esxi 6.7 and running inside a virtual machine in workstation and it's up and running fine on the ip 192.168.0.241.

I've ran the setup for vCenter and it's done the stage 1 without an issue but stage 2 is failing with "Could not connect to VMware Directory Service via LDAP. Verify VMware Directory Service is running on the appropriate system and is reachable from this host."

From reading it seemed like a DNS issue, so I added vcenter.vsphere.local as 192.168.0.240 and esxi1.vsphere.local as 192.168.0.241 which didn't make any difference, I added the PTR records just in case and still failed. Doing a dig for both DNS records worked fine from the console on the vCenter machine so it doesn't appear to be that from what I can tell.

The relevant firstboot logs seems to be:

2018-12-06T21:23:51.783Z  Running command: ['/usr/lib/vmware-vmafd/bin/vdcpromo', '-u', 'Administrator', '-s', 'default-site', '-h', 'vcenter.vsphere.local', '-d', 'vsphere.local']

2018-12-06T21:26:23.088Z  password:

2018-12-06T21:26:23.090Z  Initializing Directory server instance ...

Vdcpromo failed. Error[9127]

Could not connect to VMware Directory Service via LDAP.

Verify VMware Directory Service is running on the appropriate system and is reachable from this host.

2018-12-06T21:26:23.091Z  <class 'cis.baseCISException.BaseInstallException'>

2018-12-06T21:26:23.096Z  Exception: Traceback (most recent call last):

  File "/usr/lib/vmware-vmafd/firstboot/vmafd-firstboot.py", line 177, in main

    controller.firstboot()

  File "/usr/lib/vmware-vmafd/firstboot/vmafd-firstboot.py", line 53, in firstboot

    self.init()

  File "/usr/lib/vmware-vmafd/firstboot/vmafd-firstboot.py", line 59, in init

    service.init()

  File "/usr/lib/vmware-vmafd/firstboot/identityinstall/vmdirInstall.py", line 404, in init

    self.setup_domain()

  File "/usr/lib/vmware-vmafd/firstboot/identityinstall/vmdirInstall.py", line 259, in setup_domain

    problemId = problem)

cis.baseCISException.BaseInstallException: {

    "problemId": "install.vmafd.vmdir_vdcpromo_error_23",

    "detail": [

        {

            "id": "install.vmafd.vmdir_vdcpromo_error_23",

            "translatable": "Could not connect to VMware Directory Service via LDAP. Verify VMware Directory Service is running on the appropriate system and is reachable from this host.",

            "localized": "Could not connect to VMware Directory Service via LDAP. Verify VMware Directory Service is running on the appropriate system and is reachable from this host."

        }

    ],

    "resolution": {

        "id": "install.vmafd.vmdir_vdcpromo_error_23.resolution",

        "translatable": "Please search of these symptoms in the VMware Knowledge Base for any known issues and possible workarounds. If none can be found, please collect a support bundle and open a support request.",

        "localized": "Please search of these symptoms in the VMware Knowledge Base for any known issues and possible workarounds. If none can be found, please collect a support bundle and open a support request."

    },

    "componentKey": "vmafd"

}

2018-12-06T21:26:23.091Z  VMAFD Boot failed

I honestly have no idea where to go from here since I've never installed this myself so any help would be fab. I've attached all the logs if it's of any help

Hello,

I have a Linux VM running on vSphere 5.5. About a year ago, I expanded the disk to 2TB, from 1TB. The problem is, I am now running out of backup space. The VM is actually only using about 300GB on disk, but Backup Exec isn't 'smart' enough to 'see' that, and a full backup takes up a full 2TB - must be a lot of whitespace. I have found a few articles online about using the VMware Converter (Shrink a VMDK using VMware Converter). I downloaded it, created a new VM as the destination, but when I get to the step where you select, "Select volumes to copy," I don't have it - see attached screenshot.

Bottom line is I need this disk to be 500GB thick - what is the best way to do this?

Hi,

I'm trying to use VMware workstation with convert physical machine and I'd like to know if there is someway I can use the proxy mode as I don't want to use the file share mode as I've got port restrictions.

Does anyone know how to do that for proxy mode?

Regards,

Dave.