I believe we are having a problem with fast path authentication.
I can set the host and set the target and run commands successfully against the target without authentication prompts. Once I close the putty log back in and try to run the same commands I then get prompted for credentials again. I believe this is preventing pcns from issuing my shutdown command to my host.
22.214.171.124 vma with vapp disabled - actually disabled it to get past ip pool error it is now enabled somehow and no longer gives me the ip pool error.
pcns 3.0 and now 3.0.1 both fail - followed this guide: http://nam-en.apc.com/ci/fattach/get/1000123/
not using AD authentication using root password to host.
Host is 5.0 esxi licensed standard but connected to a vCenter Server.
Does anyone know one how to read the logs to see exactly why my shutdown command failed? Also does anyone know of a way to get FP working properly? As I believe it is not functioning properly. This is my first experience with vMA so if I'm mistaken please just let me know.
I also have a support request open with vmware and apc and so far no one is able to solve this mystery issue.
>>I can set the host and set the target and run commands successfully against the target without authentication prompts. Once I close the putty log back in and try to run the same commands I then get prompted for credentials again.
That's the expected behavior, only after you initialize vi-fastpass are you able to then run commands w/credential prompt. It does not persist after you logout.
If you're having issues with PCNS and trying to get it to work, I would recommend you work with PCNS vendor as it's their software that's being used, which it looks like you've filed a ticket with them already which is the right approach.
As far as I understand logging in and out of vSphere should not reset the fastpass target from the vifptaget command. As far as I have researched with my colleagues here as well I have gotten the same response. I'll go and double check myself with the product manager regarding this just to be positive.
I think he meant vMA not vSphere.
I guess I don't understand what is the point of fastpath and the vma holding credentials if it can't use them because I have to be available to reenter authentication all the time. To me a management vm is something where you can set it up to perform management task maybe based upon results from a command you run every so often or something. If I have to be available though to run these commands what really is the point of the vm itself? Why wouldn't just using ssh into the host when I needed to do something just work.
I would never be able to automate a task with this if required if FP doesn't actually authenticate. I guess I'm confused by what you are saying. It just doesn't sound right compared to what I have read. Nor is it what vmware or APC has confirmed yet either with me. Not that the vmware tech was totally up on the understanding of the vMA.
Does anyone else have any details to help with why this is not working? I'm sure it is that the shutdown can't be run against the host because fp is not working. But how is it that tons of users are successfully using this method and it does not require reauthentication?
Let me try to explain how vi-fastpass actually works.
vi-fastpass is mainly to provide a way to easily interact with the remote CLI without having to re-enter your credentials each time you run a command to provide a better user experience simliar to that of running commands on the classic ESX Service Console. As you know, any vCLI command you run, you will need to specify the server which can be a vCenter or ESX(i) host, username and password. vi-fastpass allows you to add a host to the vi-fastpass DB (using vifp) and when you initialize the target (vifttarget), you can run any of the vCLI or vSphere SDK for Perl scripts without having to re-authenicate. This workflow is targetted only for interactive sessions using vifptarget command each time you wish to initialize a specific target. It's not meant to be used directly by an agent or service account as you were expecting.
Now having said that, vi-fastpass does have Java and Perl library which is listed in the documentation (http://pubs.vmware.com/vsphere-50/index.jsp?topic=/com.vmware.vma.doc_50/vima_ref.5.2.html) where you can programmatically create your own tool/agent or 3rd party could leverage the library to build their own tools/agents to use the vi-fastpass functionality such as a monitoring or UPS agent.
So I would check with PCNS and see how they've implemented their UPS agent with vMA's vi-fastpass and what configuration they're expecting you to have as they should be able to help troubleshoot your issue. vifptarget utility is designed for interactive sessions only