Last week I noticed that the Single Sign-On (SSO) for the vSphere Client (Flex and HTML5) no longer works in my Firefox. Normally, the VMware Enhanced Authentication Plugin toolbar disappears at the bottom and you can enable the “Using Windows Session Authentication” option, but the checkbox remains unchecked. Reinstalling the VMware Enhanced Authentication plugin, updating the vCenter Server and reinstalling the plugin does not work.
Then I open a ticket at Vmware Support. Hours and some technology later, we had no idea what was going on. But, we find out that the local web server at https://vmware-plugin:8094/ (used by the SSO) displays the following error message in Firefox:
It looks like a problem with the Enhanced Authentication Plugin certificate. This is provided by the plugin. It creates a local web server to communicate with the web page. The VMware support team then created the certificate manually, but the error still occurred – even with IE and Edge.
Then I tried it with a fresh portable Firefox and it worked. In my installed Firefox I removed certificate exceptions for the normal host from the vCenter and vmware-plugin. I also – and most importantly – remove the certificate from the vCenter host and the vmware plugin from the certification authorities in Firefox. Reload the page and it’s working again.
Restore Configuration on a blank machine
- Install Host
- Install the new host with the same ESXi Version and Build
- Follow the installation assistent
- Reboot machine
- Create a ISO with your backuped configBundle.tgz
- Burn ISO or Load ISO as Virtual Drive in your LOM
- ESXi Shell
- From the Direct Console User Interface, press F2 and Login to access the System Customization menu.
- Click Troubleshooting Options.
- Select Enable ESXi Shell and press Return to Enabled.
- Press Alt+F1 to open the ESXi Shell
- Mount CD-ROM
- Restore config
- Copy config from mounted CD-ROM Drive to tmp
cp /vmfs/volumes/<CDROM ISO9660 NAME>/CONFIGBU.TGZ /tmp/configBundle.tgz
- Run to enter maintenance mode
- Run to restore config
vim-cmd hostsvc/firmware/restore_config /tmp/configBundle.tgz
After upgrading to vSphere 6.7, a PowerCLI script aborts with this error message:
The vCenter Server is unable to decrypt passwords stored in the customization specification.
To resolve the issue, retype the password in the VMcustomization specifications (under Policies and Profiles). Edit the customization specifications and retype the password under the following two preference points:
– Administrator password
– Workgroup or domain
- Enable BASH as default shell:
chsh -s "/bin/bash" root
- Disable BASH as default shell:
chsh -s /bin/appliancesh
If your vCenter 6.5 Enhanced Authentication Plugin not working, you just need to navigate to https://vmware-plugin:8094 and add a certificate exception.
~ # esxcli software vib list | grep Mel
net-mst 184.108.40.206-1OEM.5220.127.116.112560 Mellanox VMwareCertified [...]
~ # esxcli software vib remove -n net-mst
Message: The update completed successfully, but the system needs to be rebooted for the changes to be effective.
Reboot Required: true
VIBs Removed: Mellanox_bootbank_net-mst_18.104.22.168-1OEM.522.214.171.1242560
Connect to VirtualCenter Server and enter credentials
Connect-VIServer -Server <Server>
Save the credentials to the credential store file (By default the credential store file is stored – encrypted – under the user profile directory)
New-VICredentialStoreItem -Host <Server> -User "<Username>" -Password "<Password>"