VMware Cloud Community
gopinathsabapat
Contributor
Contributor
‎05-14-2014 08:03 AM

vCAC 6.0 Identity Appliance

I am doing the POC for vCAC 6.0. Question here is when i have already SSO deployed do we really need Identity Appliance? I know we can use SSO instead of IA but after the implementation i was facing System Exception error when i try to create tenants and was not able to login with the domain users

Error message:

2014-05-14 14:08:49,362 [tomcat-http--8] [authentication] ERROR com.vmware.vcac.platform.service.rest.resolver.ApplicationExceptionHandler.handleUnexpectedException:86

0 - General failure.

com.vmware.vcac.platform.service.SSOException: General failure.

        at com.vmware.vcac.authentication.service.sso.impl.TenantManagementImpl.createTenant(TenantManagementImpl.java:93)

        at com.vmware.vcac.authentication.service.impl.TenantServiceImpl.save(TenantServiceImpl.java:99)

        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

        at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)

        at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)

        at java.lang.reflect.Method.invoke(Unknown Source)

        at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317)

        at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)

        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)

        at org.springframework.aop.framework.adapter.AfterReturningAdviceInterceptor.invoke(AfterReturningAdviceInterceptor.java:51)

        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:161)

        at org.springframework.cache.interceptor.CacheInterceptor$1.invoke(CacheInterceptor.java:58)

        at org.springframework.cache.interceptor.CacheAspectSupport.execute(CacheAspectSupport.java:214)

        at org.springframework.cache.interceptor.CacheInterceptor.invoke(CacheInterceptor.java:66)

I followed "VMware KB: vCloud Automation Center 6.0.x tenants become inaccessible and identity stores disappear " but no luck. Can anyone tell me do we really need IA eventhough when we have SSO in place?

0 Kudos
5 Replies
SkyCoop
VMware Employee
VMware Employee
‎05-14-2014 01:32 PM

I assume you are using a supported version of SSO?  vSphere SSO 5.5b

I've seen the system exception on the default tenant but have been able to create an additional tenant and identity store OK when the system exception is present on the default.

0 Kudos
gopinathsabapat
Contributor
Contributor
‎05-15-2014 12:47 AM

Yes i am using SSO 5.5b

Here the default tenant looks fine for me. i could able to edit the identity source but when i try to create a new tenant it throws me System exception.

0 Kudos
Craig_G2
Hot Shot
Hot Shot
‎05-15-2014 05:23 AM

Hey, I think you need vCAC 6.0.1.

admin
Immortal
Immortal
‎05-16-2014 11:21 AM

6.0 should work with 5.5b, without any issues.

I would recommend upgrading to the latest which is - 5.5 U1 + vCAC 6.0.1.1

I currently have this configuration up and running (upgraded from 6.0 / 5.5b -> 6.0.1 / 5.5b -> 6.0.1.1 / 5.5U1

Hope this helps.

0 Kudos
gopinathsabapat
Contributor
Contributor
‎05-19-2014 07:13 AM

I do agree it should work and it was working fine as well.

This was my setup

vCenter/ESXi - 5.5U1(With Heartbleed patch)

vCAC - 6.0 (with no Identity Appliance)

I have upgraded to the latest release 6.0.1.1 and it worked. Not sure was it problem with the version or just the appliance.

Thanks

0 Kudos