Tag Archives: vCenter

How to add AD Authentication in vCenter 6.5

The vCenter Server has an internal user database that allows you to add and manage users with the vSphere Web Client. Users management and Single Sign-On is provided by the Platform Service Controller which is available since vSphere 6.0. In a large environment, you might want to connect your virtualization infrastructure to a centrally manage Active Directory.

This article explains how to add AD authentication in vSphere 6.5 and how to get the "Use Windows session authentication" checkbox to work with the enhanced authentication plugin. This works for both, the vCenter Server 6.5 installed on a Windows Server and the vCenter Server Appliance (vCSA).

Read more »

How to Join the vCSA 6.5 to an Active Directory Domain

In vSphere 6.5 the underlying operating system from the vCenter Server Appliance (vCSA) has been changed to VMwares PhotonOS. With the new OS, you can still join an Active Directory domain to comply with company policies, or if you want to use windows session authentication. Joining an Active Directory domain is included in the infrastructure node configuration which is part of the Platform Services Controller. Please verify standard AD requirements like time synchronization and naming prior to joining a domain.

If you want to log in with the "Windows session authentication" checkbox, you have to add the appliance running the Platform Services Controller (PSC) to the domain. For embedded deployments, join the appliance running both, the vCenter and the PSC to the domain.

Read more »

vSphere 6.5 Component Password Recovery (vCenter, SSO and ESXi)

Everyone knows the situation where you can't log into a system because you have forgotten the password. The following article explains how to reset the password and regain access to VMware vSphere 6.5 core components including vCenter, SSO and ESXi Hosts.

  • Reset vCenter Server Appliance 6.5 root password
  • Reset SSO Administrator Password (vCenter Server Appliance 6.5)
  • Reset ESXi root password with Host Profiles
  • Gain Administrative ESXi access with an Active Directory
  • Reset ESXi root password (Linux Live CD)

Read more »

Resilient vSphere 6.0 PSC deployment without Load Balancer

With vSphere 6.0 VMware has separated their vCenter Server into two components - vCenter Server and Platform Services Controller. They also created a list of topologies they recommend  for deployments. The deployment they recommend for high availability includes an External Load Balancer where vCenter Servers are pointed to. An alternate solution is to have multiple Platform Services Controllers and vCenters pointed directly to them. There is no need to have one PSC for each vCenter. Each PSC can manage up to 4 vCenters, so with 2 PSC you can manage 8 vCenters, with 3 you can manage 10 vCenters, which is the configuration maximum at the moment.

psc-deployment-with-or-without-loadbalancer

Platform Services Controller with or without Loadbalancer?

The solution with a Load Balancer sounds nice, and I'm sure it's operable, but it has some drawbacks:

  • It requires a third-party Load Balancer (Compatible Load Balancers are NSX-v, Citrix NetScaler and F5 Network Big-IP)
  • Configuration is complex
  • Troubleshooting is even complexer
  • Does not scale (1 PSC can handle 4 vCenters, with a Load Balancer (which is used for redundancy) 2 PSC are required to handle 4 vCenters)

Read more »

What's inside VMware vSphere 6.0 Update 2

VMware has just released vSphere 6.0 Update 2. Together with the Updates, the following product updates were released today:

If you want to get notified about new products, subscribe to my vTracker RSS Feed.

Read more »

How to create custom vCenter Alarms from Events

In my last article I've created a custom vCenter alert with a special event trigger. I've received a question about how to figure out the trigger event string to be used for creating alarms.

The vSphere Client shows the following error event:vcenter-event

To create an alarm based on this event, you have to create a new alarm and use the following event trigger: com.vmware.vc.vsan.RogueHostFoundEvent
alarm-trigger-RogueHostFoundEvent

Read more »

VMware vSphere 5.5 Update 3 Released

VMware has just released vSphere 5.5 Update 3. Together with the Updates, the following products were released today:

If you want to get notified about new products, subscribe to my vTracker RSS Feed.

Read more »

VMware vSphere 6.0 Update 1 Released

VMware has just released vSphere 6.0 Update 1. Together with the Updates, the following products were released today:

If you want to get notified about new products, subscribe to my vTracker RSS Feed.

Read more »

vCenter Server 5.0/5.1 Update - CVE-2014-6593 (SKIP-TLS)

vcenter-server-logoVMware has published an update for vCenter Server 5.0 and 5.1 where CVE-2014-6593 (SKIP-TLS) has been fixed.

It was discovered that the SSL/TLS implementation in the JSSE component in OpenJDK failed to properly check whether the ChangeCipherSpec was received during the SSL/TLS connection handshake. A man-in-the-middle attacker could possibly use this flaw to force a connection to be established without encryption being enabled. The update has been already fixed in newer versions of vCenter Server (6.0a, 5.5 Update 2e). More information are available in VMSA-2015-0003. Read more »

How to add AD Authentication in vCenter 6.0 (Platform Service Controller)

Platform Service Controller is a new component in vSphere 6.0. The PSC contains all the services that vCenter needs for its functions including Single Sign-On (SSO). This post describes how to configure AD authentication in vCenter Server 6.0.

The method shown in this post allows you to manage users and groups in your central directory. This works for both, the vCenter Server 6.0 installed on Windows Server and the vCenter Server Appliance (VCSA).vsphere60-login-screen

Read more »