VMware Horizon Community
Cameron2007
Hot Shot
Hot Shot
Jump to solution

Problem Entitling User to VM

I am trying tom setup a POC test cell environment using VDM etc. I have installed a VDM server and can browse through the web interface to the admin page. I have added a desktop from my VC instance however can't entilitle a user. When I try to add one the spin box only contains Entire Directory but when I try to add a user it returns nothing. I am getting the following error message.

Problem setting up HTTP connection: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake.

Is this something that needs to be configured on the AD server, firewall or have I missed something on VDM setup?

Reply
0 Kudos
1 Solution

Accepted Solutions
TomHowarth
Leadership
Leadership
Jump to solution

Check your DNS settings for the Domain, verify that your AD's can be contacted from the VDM servers, it the connection Broker, VirtualCenter server, and desktops are not in the same domain make sure that the relevant trusts are setup

If you found this or any other answer useful please consider the use of the Helpful or correct buttons to award points

Tom Howarth

VMware Communities User Moderator

Tom Howarth VCP / VCAP / vExpert
VMware Communities User Moderator
Blog: http://www.planetvm.net
Contributing author on VMware vSphere and Virtual Infrastructure Security: Securing ESX and the Virtual Environment
Contributing author on VCP VMware Certified Professional on VSphere 4 Study Guide: Exam VCP-410

View solution in original post

Reply
0 Kudos
11 Replies
Troy_Clavell
Immortal
Immortal
Jump to solution

nothing needs to be configured in AD if you setup VDM in a domain. So when you go to entitle a user, in the field From this domain: You don't see anything in the drop down list?

Can you try just putting the last name or username of the person you are trying to entitle?

Reply
0 Kudos
Cameron2007
Hot Shot
Hot Shot
Jump to solution

Hi Troy,

This is the first time I have used VDM (so might be missing something easy) however :

I have tried to add the username, description to these and returns:

No items match the current search. Check your search parameters and try again.

The VDM server is currently added to the domain. From ADSI edit on the VDM server I can connect to AD (port 389) and see the groups etc I want so don't understand why the entiltlement returns no values?

Any ideas?

Reply
0 Kudos
Troy_Clavell
Immortal
Immortal
Jump to solution

what do you see when you click on the drop down in the entitlement window "From this domain:

Do you see your domain name?

You may try restaring the VDM server as well.... I'm not saying it will fix the issue, but.....

Cameron2007
Hot Shot
Hot Shot
Jump to solution

I have restarted the VDM service and re-installed the vdmagent on the desktop I want to connect to but can't see all my domains. It only has the tab for Entire Directory and when I try to add Users or Groups nothing returned. ???

Reply
0 Kudos
Troy_Clavell
Immortal
Immortal
Jump to solution

Can you post two screen shots? One of your configuration page and the second of the drop down list in your entitelement window "from this domain"

Also, the users radial button is checked when trying to entitle a user correct?

Reply
0 Kudos
Cameron2007
Hot Shot
Hot Shot
Jump to solution

I have attached a screenshot of the setup. I think there must be something else with firewalls, connection to AD. When I try to add a domain user to the built in groups the domain is not showing as present so I think there must be an underlying connection issue.

Reply
0 Kudos
Troy_Clavell
Immortal
Immortal
Jump to solution

the only thing I can see that may or may not be problem, but you might consider adding your VCMS in as a FQDN even though you have added an individual desktop successfully. No glaring errors in the "Events" either? Maybe try disabling "tunneling" by changing the "Direct Connect to virtual desktop" option to yes?????

I wish I had better answers, but you may try installing VDM again.

I'll keep looking to see if there is anything that may be missing.... weird

Cameron2007
Hot Shot
Hot Shot
Jump to solution

I have tried that already with tunnelling both off and on. The funny thing was the desktop I was trying to connect to was joined to the domain however I tried to add a global group to a local group inside the vm and could not see the object type or location for this. I removed from the domain then re-added and could then add this. Just wanted to check that connection. However it's still not alllowing me to entitle this. Time to reinstall everything again I think, but it is weird.

Reply
0 Kudos
TomHowarth
Leadership
Leadership
Jump to solution

Check your DNS settings for the Domain, verify that your AD's can be contacted from the VDM servers, it the connection Broker, VirtualCenter server, and desktops are not in the same domain make sure that the relevant trusts are setup

If you found this or any other answer useful please consider the use of the Helpful or correct buttons to award points

Tom Howarth

VMware Communities User Moderator

Tom Howarth VCP / VCAP / vExpert
VMware Communities User Moderator
Blog: http://www.planetvm.net
Contributing author on VMware vSphere and Virtual Infrastructure Security: Securing ESX and the Virtual Environment
Contributing author on VCP VMware Certified Professional on VSphere 4 Study Guide: Exam VCP-410
Reply
0 Kudos
Cameron2007
Hot Shot
Hot Shot
Jump to solution

Hi Tom,

I had already tried to ping by DNS name from the VDM server and the desktop I am trying to connect to, all of these entries appear in DNS for the components required and all ping tests are succesfully resolving. When I login to the ADM admin page I validate with my AD credentials so that looks OK too. I have now readded all the DNS entries and re-checked the DNS servers, rebooted everything and now get the domain settings in the spin box. So it works

Thanks for your help

Reply
0 Kudos
TomHowarth
Leadership
Leadership
Jump to solution

Excelent news, Happy VDMing :smileygrin:

If you found this or any other answer useful please consider the use of the Helpful or correct buttons to award points

Tom Howarth

VMware Communities User Moderator

Tom Howarth VCP / VCAP / vExpert
VMware Communities User Moderator
Blog: http://www.planetvm.net
Contributing author on VMware vSphere and Virtual Infrastructure Security: Securing ESX and the Virtual Environment
Contributing author on VCP VMware Certified Professional on VSphere 4 Study Guide: Exam VCP-410
Reply
0 Kudos