VMware Cloud Community
cosmos77
Enthusiast
Enthusiast
‎12-06-2013 05:24 AM

configuring SSO authentification fail with error : https://vcenter:7444/ims/STSService


Hello,

My VCenter was rename and change his IP adresse.

I had yet a problem with the SSO authentification for STSService.

I have this one :

https://172.16.1.17:7444/ims/STSService

I would like this one :

https://172.16.4.30:7444/ims/STSService

How I could change this parameter ?

Who would have a solution to  proposed  me ?

Thanks

Preview file
12 KB
Preview file
4 KB
0 Kudos
5 Replies
julienvarela
Commander
Commander
‎12-06-2013 05:30 AM

Hi,

Just for your information configure a vcenter using IP address is not a good idea. Always use a FQDN.

You can check this post Changing the IP of vCenter 5.1 | Virtual Potholes  or this KB : VMware KB:    Update vCenter Single Sign-On settings after you change the host name or port of the d...

or VMware KB: Re-pointing and re-registering VMware vCenter Server 5.1 / 5.5 and components

Hope It helps,

Regards,

Julien.

Regards, J.Varela http://vthink.fr
0 Kudos
cosmos77
Enthusiast
Enthusiast
‎12-09-2013 07:59 AM

Hi Julien,

Thanks for your first post but I don't find the solution to fix my problem.

I resume my problem one more time  for better explanation :


During token validation procedure, vmWare SSO service retuned it's IP as 172.16.1.17 instead of the current vCenter IP


Under Administration/Access/Users And groups I can see that (applications Users.png) --> Here is exactly this old IP address which raises me problem (especially for the web Client)

Under Administration/Sign-On et Discovery/Configuration I can see that (SSO-STS & SSO-Identité.png)

Did you ahve another idea ?

Cordially

PS: The best solution would not rather be to delete the SSO source of identity , then restart Vcenter and to reinstall my source of identity of Active directory,

what did you think ?

Preview file
39 KB
Preview file
33 KB
Preview file
31 KB
0 Kudos
lenzker
Enthusiast
Enthusiast
‎12-09-2013 10:28 AM

I haven"t validated it yet, but have you search through your registry for the old Ip address? Some parameter are stored in the windows registry. Just make sure to have a backup of it.

Anyway I would recommend a reinstallation after an ip-address change.

VCP,VCAP-DCA,VCI -> https://twitter.com/lenzker -> http://vxpertise.net
0 Kudos
julienvarela
Commander
Commander
‎12-09-2013 10:40 AM

Hi,

Yes i think you should check this KB for your issue : http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=203315...

And i haven't got this issue from my site and i need to create  a lab for this.

Before make any change, create a snapshot of your VM.

Regards,

Julien.

Regards, J.Varela http://vthink.fr
0 Kudos
cosmos77
Enthusiast
Enthusiast
‎12-10-2013 05:41 AM

Hi,

I verified at the level of the register Windows, I found nothing on that side.

Thank you anyway for the suggestion

Hi Julien,

I have to try delete my AD identity, restart my VCenter and add again, doesn't fix my problem.

The problem is clearly to change/ replace  this Access/user and groups /applications users/ with the right IP adresse

I read your your KB 2033152 but only saw  on 2 ii. iii. explan my problem but not explain how to fix him, how can i do to

replace this application users with the right IP adress

Cordially

I found finally the variable to edit on my Vcenter Webclient (Cf.VcenterAdvancedSettings) but I can't modify, nothing appears;

maybe it's possible to modify by a commandline ?

Preview file
36 KB
Preview file
33 KB
Preview file
38 KB
0 Kudos