I am doing the POC for vCAC 6.0. Question here is when i have already SSO deployed do we really need Identity Appliance? I know we can use SSO instead of IA but after the implementation i was facing System Exception error when i try to create tenants and was not able to login with the domain users
Error message:
2014-05-14 14:08:49,362 [tomcat-http--8] [authentication] ERROR com.vmware.vcac.platform.service.rest.resolver.ApplicationExceptionHandler.handleUnexpectedException:86
0 - General failure.
com.vmware.vcac.platform.service.SSOException: General failure.
at com.vmware.vcac.authentication.service.sso.impl.TenantManagementImpl.createTenant(TenantManagementImpl.java:93)
at com.vmware.vcac.authentication.service.impl.TenantServiceImpl.save(TenantServiceImpl.java:99)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
at org.springframework.aop.framework.adapter.AfterReturningAdviceInterceptor.invoke(AfterReturningAdviceInterceptor.java:51)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:161)
at org.springframework.cache.interceptor.CacheInterceptor$1.invoke(CacheInterceptor.java:58)
at org.springframework.cache.interceptor.CacheAspectSupport.execute(CacheAspectSupport.java:214)
at org.springframework.cache.interceptor.CacheInterceptor.invoke(CacheInterceptor.java:66)
I followed "VMware KB: vCloud Automation Center 6.0.x tenants become inaccessible and identity stores disappear " but no luck. Can anyone tell me do we really need IA eventhough when we have SSO in place?
I assume you are using a supported version of SSO? vSphere SSO 5.5b
I've seen the system exception on the default tenant but have been able to create an additional tenant and identity store OK when the system exception is present on the default.
Yes i am using SSO 5.5b
Here the default tenant looks fine for me. i could able to edit the identity source but when i try to create a new tenant it throws me System exception.
Hey, I think you need vCAC 6.0.1.
6.0 should work with 5.5b, without any issues.
I would recommend upgrading to the latest which is - 5.5 U1 + vCAC 6.0.1.1
I currently have this configuration up and running (upgraded from 6.0 / 5.5b -> 6.0.1 / 5.5b -> 6.0.1.1 / 5.5U1
Hope this helps.
I do agree it should work and it was working fine as well.
This was my setup
vCenter/ESXi - 5.5U1(With Heartbleed patch)
vCAC - 6.0 (with no Identity Appliance)
I have upgraded to the latest release 6.0.1.1 and it worked. Not sure was it problem with the version or just the appliance.
Thanks