I have a strange bug here. When I'm trying to configure View Composer Settings on View Manager I receive error (403) Fodbidden. I have checked Security event log on vCenter server and there are failure audits with the following:
An account failed to log on.
Subject:
Security ID: SYSTEM
Account Name: VCENTER$
Account Domain: mydomain
Logon ID: 0x3e7
Logon Type: 8
Account For Which Logon Failed:
Security ID: NULL SID
Account Name: Administrator
Account Domain:
Failure Information:
Failure Reason: Unknown user name or bad password.
Status: 0xc000006d
Sub Status: 0xc000006a
No matter which credentials I put in View Composer Settings it still attempts to login with Account Name: VCENTER$
My configuration: View 5.0, vCenter 5.0, View Composer 2.7
Failure Reason: Unknown user name or bad password.
You sure you are typing it correctly ? :smileysilly:
Can you try to use the View specific admin account and make sure thats an Admin (not necc. only local admin) on the machine?
Have you tried starting the Composer service with a different account?
On VC box:
Start> Run > services.msc
Look for the Composer service.
Right click and Log on As
Change it to a VC privileged account.
Let us know
I have changed Composer service to run as domain admin account. The Audit Failure in Security event log now looks like this:
An account failed to log on.
Subject:
Security ID: MYDOMAIN\Administrator
Account Name: Administrator
Account Domain: MYDOMAIN
Logon ID: 0x18ce6
Logon Type: 8
Account For Which Logon Failed:
Security ID: NULL SID
Account Name: Administrator
Account Domain:
Failure Information:
Failure Reason: Unknown user name or bad password.
Status: 0xc000006d
Sub Status: 0xc000006a
You should refrain from using Admin accounts in these Log on As services.
Create VM specific service accounts to use on both DBs and the Log on As accounts.
Try to use a Composer DB service account that has rights to both the Composer DB and VC/ View and use that in the Log on As.
If I remember correctly the account you utilize to link vCenter and View must be a local Admin of the vcenter server. is that the case in this situation and if not can you add it as a test?
I have separate domain account for VMware specific services. I'm only using domain admin account for debugging purposes.
mittim12 wrote:
If I remember correctly the account you utilize to link vCenter and View must be a local Admin of the vcenter server. is that the case in this situation and if not can you add it as a test?
Yep, it's local admin on both VC and View.
I would also like to mention, that I have different environment (VC 4.1, View 4.5, Composer 2.5), which is working just fine, with Composer service being run as Local System account.
Both my 4.5 and now my 5.0 implementations worked without a hitch.
In my Composer Settings setup I have my (domain name).com , my View service account and its password.
That's what I was expecting with my Composer installation. Unfortunately I'm stuck here with "(403) Forbidden" error. Unable to proceed with further infrastructure deployment.
Failure Reason: Unknown user name or bad password.
You sure you are typing it correctly ? :smileysilly:
Can you try to use the View specific admin account and make sure thats an Admin (not necc. only local admin) on the machine?
I have finally made it work. I have created new domain account and cofigured logon as for all VC and View services. Just as you suggested above.
Thanks for holding me in right direction guys!
Glad you got it working and thanks for posting the resolution.
Glad its working