• ESXi 6.0 SSL certificate replacement and management

    Note: As a prerequisite, the ESXi 6.0 server must have been a fresh install, and not an upgrade from a previous version.   ESXi CA certificates   If you are replacing your ESXi certificates with CA certificates, the best method is to make your VMCA a subordinate CA and allow it to sign certificates for the ESXi host. Please see directions here for making your VMCA a subordinate CA. I had received the error “Start Time Error” shown below. To resolve this I added the ESXi host to the domain, and added the VMCA certificate as a Trusted Publisher certificate […]

    Read more »
  • Unable to login to an External vCenter Appliance 6.0 with windows session credentials

    Anyone who is using the non-embedded version of the PSC appliance might notice that using Windows Session Credentials does not work when logging into vCenter with the C# client. The problem here is that even if the PSC is joined to the domain, the appliance VM housing the Web Client and vCenter is not. See here if you still need to join the PSC to a domain. Note: If you encounter this with an embedded PSC, try this VMware KB article   You will see error messages such as:   Windows Session credentials cannot be used to log into this […]

    Read more »
  • Interacting with the vPostgres Database in vSphere 6.0

    vPostgres in vCenter 6.0   Unlike earlier versions, vCenter 6.0 introduces a new default database for Windows installations, vPostgres. Some who have used the vCenter Appliance might recognize it, as it was adopted there in vCenter 5.0 Update 1 and above. vPostgres is an adapted version of PostgreSQL which very closely mimics its open source origins. For those used to SQL Management Studio, the interaction with this new database will be a bit different, but not difficult once you know the proper steps.   Connecting to a Windows vPostgres Database To start, we’ll go over how to use the built-in […]

    Read more »
  • Joining the vCenter Server Appliance (VCSA) 6.0 to an Active Directory Domain

    Joining the vCenter Server Appliance to an Active Directory Domain in vSphere 6 is much different from in previous versions. Previously, you would use the Virtual Appliance Management Interface (VAMI) by navigating to the FQDN of the server over port 5480. In vSphere 6.0, you need to perform the steps through the vSphere Web Client. Once you know the new process, the task is relatively easy and quick.   Note: You can only join a PSC or VCSA with an embedded PSC to an AD domain.   Step 1. Navigate to the vSphere Client Web Client https://FQDN/vsphere-client   Step 2. […]

    Read more »
  • Single Sign On or Platform Services Controller (PSC) fails to install or upgrade with Error code 1603

      vCenter Single Sign-On Setup Wizard ended prematurely because of an error   Ah, the famous 1603 error code when installing or upgrading the PSC or SSO server. Unfortunately, this is not a clear cut error code, nor is there one way to fix the issue. In fact this error code is so generic you typically need to review other log files to understand what may be happening. That being said, I wanted to compile a one stop shop for troubleshooting this error code, what errors the logs show and any resolutions I have found.   The typical error messages […]

    Read more »
  • vCenter Server Displays blank or no inventory after upgrading to vCenter Server 6.0

      vCenter Server Blank Inventory   After reinstalling vCenter Server 6.0 using the same FQDN or IP on the same machine, the vSphere Web Client’s inventory is blank. To resolve this issue, you will need to follow the steps below.   Step 1. Navigate to the Managed Object Browser using a web browser: https://FQDN/cm/mob   Step 2. Select Search

    Read more »
  • vSphere Web Client Displays Error #1009 in vCenter Server 5.1, 5.5 and 6.0

      Error 1009 in vSphere Web Client   An error that frequently comes up in the vSphere Web Client is Error 1009. This issue occurs in vCenter Server 5.1, 5.5, and 6.0 when navigating through inventory. Typically when this error message pops up you have to refresh your entire session. This issue is almost always caused by cached objects with bad references. These cached objects are stored in the SerenityDB folder under the users name, if by chance any of the cached objects are deleted, but the cache still exists, you get bad Object ID references which will crash the […]

    Read more »
  • Repointing vCenter Server 6.0 to a new External Platform Services Controller (PSC)

      Let’s say something happens to your existing external Platform Services Controller (PSC) and it becomes unrecoverable, if this is the case you can always spin up a new PSC and repoint your vCenter Server to the new external PSC! It’s actually very simple to accomplish this task. All you will need to do is run the following commands after installing the new PSC.   vCenter Server Appliance   1. Log into the vCenter Server appliance as root 2. Run the following command: /usr/lib/vmware-vmafd/bin/vmafd-cli set-dc-name –server-name localhost -dc-name <FQDN_of_new_PSC> 3. Recycle all services in the vCenter appliance by running the […]

    Read more »
  • Listing Services registered with Single Sign-On (SSO) in vSphere 6

      Listing SSO Services   Listing services in Single Sign-On is much different in vSphere 6 than it was in vSphere 5.5 or 5.1. Previously, you would run the ssolscli.cmd but now, you will need to run a Python script called lstool.py. The command to list all of the services registered with SSO 6 is below, you will need to open a cmd prompt and run this from the Platform Services Controller (PSC).   “C:\Program Files\VMware\vCenter Server\python\python.exe” “C:\Program Files\VMware\vCenter Server\VMware Identity Services\lstool\scripts\lstool.py” list –url http://localhost:7080/lookupservice/sdk     Once that is complete you should see output similar to the following:   […]

    Read more »
  • Unable to SCP into Platform Services Controller (PSC) or vCenter Server Appliance 6.0

      SCP into PSC or VCSA   I just wanted to provide everyone with a quick problem and resolution I found when I was attempting to upload files via SCP to my PSC or VCSA. Every time I attempted to connect through SSH, or WinSCP I would receive the following error messages.   Unknown command: `scp’ or Host is not communicating for more than 15 seconds. If the problem repeats, try turning off ‘Optimize connection buffer size’.   This occurs because the login bash for root is /bin/appliancesh. To resolve this, you will need to change the login shell for root to /bin/bash using the […]

    Read more »

Back to Top