hi
we have upgrade from vCenter Server 5.1.0a (build 880146) to vCenter Server 5.1. U1b and now vcenter service doesnt start
this is the log:
2013-10-21T10:58:40.221+02:00 [02800 info '[SSO]'] [UserDirectorySso] GetUserInfo(Administrators, true)
2013-10-21T10:58:40.221+02:00 [02800 info '[SSO][SsoAdminFacadeImpl]'] [GetDomains]
2013-10-21T10:58:40.252+02:00 [02800 info '[SSO][SsoAdminFacadeImpl]'] [LazyInitAdmin] Initializing
2013-10-21T10:58:40.252+02:00 [02800 info '[SSO][SsoAdminFacadeImpl]'] [InitSsoAdminServices]
2013-10-21T10:58:40.252+02:00 [02800 info '[SSO][SsoAdminFacadeImpl]'] [CreateAdminSsoServiceContent] Try to connect to SSO Admin server.
2013-10-21T10:58:40.330+02:00 [02800 info '[SSO][SsoAdminFacadeImpl]'] [InitSsoAdminServices] successful.
2013-10-21T10:58:40.330+02:00 [02800 info '[SSO][SsoAdminFacadeImpl]'] [LoginToAdmin]
2013-10-21T10:58:40.330+02:00 [02800 info '[SSO][SsoAdminFacadeImpl]'] [CheckTokenValidity]
2013-10-21T10:58:40.330+02:00 [02800 info '[SSO][SsoAdminFacadeImpl]'] [CheckTokenValidity] Refreshing SSO token ...
2013-10-21T10:58:40.330+02:00 [02800 info '[SSO][SsoAdminFacadeImpl]'] [RefreshSsoToken]
2013-10-21T10:58:40.408+02:00 [02800 error '[SSO][SsoAdminFacadeImpl]'] [RefreshSsoToken] AcquireToken exception: Authentication failed: Authentication failed
2013-10-21T10:58:40.408+02:00 [02800 info '[SSO]'] [UserDirectorySso] GetUserInfo NormalizationException: RemoteGetDomainNames RuntimeServiceFault exception: sso.fault.RuntimeServiceFault
2013-10-21T10:58:40.408+02:00 [02800 error '[SSO]'] [UserDirectorySso] NormalizeUserName AuthException: Authorize Exception
2013-10-21T10:58:40.408+02:00 [02800 error '[SSO]'] [UserDirectorySso] GetDefaultPrincipal AuthException: Authorize Exception
2013-10-21T10:58:40.408+02:00 [02800 info '[SSO]'] [UserDirectorySso] GetDefaultPrincipal(, true)
2013-10-21T10:58:40.408+02:00 [02800 info '[SSO]'] [UserDirectorySso] GetUserInfo(, true)
2013-10-21T10:58:40.408+02:00 [02800 info '[SSO][SsoAdminFacadeImpl]'] [GetDomains]
2013-10-21T10:58:40.408+02:00 [02800 info '[SSO][SsoAdminFacadeImpl]'] [LazyInitAdmin] Initializing
2013-10-21T10:58:40.408+02:00 [02800 info '[SSO][SsoAdminFacadeImpl]'] [InitSsoAdminServices]
2013-10-21T10:58:40.408+02:00 [02800 info '[SSO][SsoAdminFacadeImpl]'] [CreateAdminSsoServiceContent] Try to connect to SSO Admin server.
2013-10-21T10:58:40.439+02:00 [02800 info '[SSO][SsoAdminFacadeImpl]'] [InitSsoAdminServices] successful.
2013-10-21T10:58:40.439+02:00 [02800 info '[SSO][SsoAdminFacadeImpl]'] [LoginToAdmin]
2013-10-21T10:58:40.439+02:00 [02800 info '[SSO][SsoAdminFacadeImpl]'] [CheckTokenValidity]
2013-10-21T10:58:40.439+02:00 [02800 info '[SSO][SsoAdminFacadeImpl]'] [CheckTokenValidity] Refreshing SSO token ...
2013-10-21T10:58:40.439+02:00 [02800 info '[SSO][SsoAdminFacadeImpl]'] [RefreshSsoToken]
2013-10-21T10:58:40.502+02:00 [02800 error '[SSO][SsoAdminFacadeImpl]'] [RefreshSsoToken] AcquireToken exception: Authentication failed: Authentication failed
2013-10-21T10:58:40.502+02:00 [02800 info '[SSO]'] [UserDirectorySso] GetUserInfo NormalizationException: RemoteGetDomainNames RuntimeServiceFault exception: sso.fault.RuntimeServiceFault
2013-10-21T10:58:40.502+02:00 [02800 error '[SSO]'] [UserDirectorySso] NormalizeUserName AuthException: Authorize Exception
2013-10-21T10:58:40.502+02:00 [02800 info '[SSO]'] [UserDirectorySso] GetUserInfo(, true)
2013-10-21T10:58:40.502+02:00 [02800 info '[SSO][SsoAdminFacadeImpl]'] [GetDomains]
2013-10-21T10:58:40.502+02:00 [02800 info '[SSO][SsoAdminFacadeImpl]'] [LazyInitAdmin] Initializing
2013-10-21T10:58:40.502+02:00 [02800 info '[SSO][SsoAdminFacadeImpl]'] [InitSsoAdminServices]
2013-10-21T10:58:40.502+02:00 [02800 info '[SSO][SsoAdminFacadeImpl]'] [CreateAdminSsoServiceContent] Try to connect to SSO Admin server.
2013-10-21T10:58:40.533+02:00 [02800 info '[SSO][SsoAdminFacadeImpl]'] [InitSsoAdminServices] successful.
2013-10-21T10:58:40.533+02:00 [02800 info '[SSO][SsoAdminFacadeImpl]'] [LoginToAdmin]
2013-10-21T10:58:40.533+02:00 [02800 info '[SSO][SsoAdminFacadeImpl]'] [CheckTokenValidity]
2013-10-21T10:58:40.533+02:00 [02800 info '[SSO][SsoAdminFacadeImpl]'] [CheckTokenValidity] Refreshing SSO token ...
2013-10-21T10:58:40.533+02:00 [02800 info '[SSO][SsoAdminFacadeImpl]'] [RefreshSsoToken]
2013-10-21T10:58:40.595+02:00 [02800 error '[SSO][SsoAdminFacadeImpl]'] [RefreshSsoToken] AcquireToken exception: Authentication failed: Authentication failed
2013-10-21T10:58:40.595+02:00 [02800 info '[SSO]'] [UserDirectorySso] GetUserInfo NormalizationException: RemoteGetDomainNames RuntimeServiceFault exception: sso.fault.RuntimeServiceFault
2013-10-21T10:58:40.595+02:00 [02800 error 'Default'] Failed to add default permission: user not found
2013-10-21T10:58:40.595+02:00 [02800 error 'Default'] Cannot start authorize - system has no access rules
2013-10-21T10:58:40.595+02:00 [02800 error 'Default'] [Auth] Failed to initialize: <class Vmacore::Authorize::AuthException(Authorize Exception)>
2013-10-21T10:58:40.595+02:00 [02800 error 'authvpxdAuthorize'] Failed to initialize security
2013-10-21T10:58:40.595+02:00 [02800 warning 'VpxProfiler'] ServerApp::Start [TotalTime] took 27456 ms
2013-10-21T10:58:40.595+02:00 [02800 info 'Default'] Shutting down VMware VirtualCenter...
Hi
VMware support resolve my issue:
We saw two issues after the update.
Firstly, there was no solution user for the virtual center when I checked application users with the SSO administration page of the webclient.
We resolve this by repointing the virtual center to the SSO instance as per the following kb;
http://kb.vmware.com/kb/2033620
After this the solution user info in the vpxd.cfg was not correctly updated and required manual intervention.
<solutionUser>
<certificate>C:\ProgramData\VMware\VMware VirtualCenter\SSL\sso.crt</certificate>
<name>vCenterServer_251703</name>
<privateKey>C:\ProgramData\VMware\VMware VirtualCenter\SSL\sso.key</privateKey>
</solutionUser>
Above is the corrected version having replaced "null" with the correct path to the certificate and key files.
This allowed the vcenter service to start successfully.
Is your SSO working fine? Can you recheck your identity sources in the SSO configuration to see if they are working fine?
Regards
Girish
Hi
VMware support resolve my issue:
We saw two issues after the update.
Firstly, there was no solution user for the virtual center when I checked application users with the SSO administration page of the webclient.
We resolve this by repointing the virtual center to the SSO instance as per the following kb;
http://kb.vmware.com/kb/2033620
After this the solution user info in the vpxd.cfg was not correctly updated and required manual intervention.
<solutionUser>
<certificate>C:\ProgramData\VMware\VMware VirtualCenter\SSL\sso.crt</certificate>
<name>vCenterServer_251703</name>
<privateKey>C:\ProgramData\VMware\VMware VirtualCenter\SSL\sso.key</privateKey>
</solutionUser>
Above is the corrected version having replaced "null" with the correct path to the certificate and key files.
This allowed the vcenter service to start successfully.