Category Archives: vCenter Server 4.1

Installing vMA 4.1 in vShpere 4.1

Here is a quick guide to installing and configuring vMA 4.1 into a vSphere 4.1 installation. vMA is a management assistance tool that allows you to more easily manage your hosts or vcenter server. Follow these instructions:

  1. First download the vMA ovf file from here.
  2. Open your vSphere client and connect to your vCenter server. Click on the “File” menu and then click “Deploy OVF template…”.
  3. Click “Browse…” and then locate your downloaded oMA ovf file, click “Next >”.
  4. Click “Next >”, Agree to the EULA, and then click “Next >”.
  5. Give the vMA a name, and then select the Data center it will be deployed to. Click “Next >”.
  6. Select the host or cluster it will run on, and then click “Next >”.
  7. Select the Data store to place the files on, and then click “Next >”.
  8. Select your disk provision format, and then click “Next >”.
  9. Select your network from the drop down list, and then click “Next >”.
  10. Click Finish.

Once the import is finished we can start the wizard to configure the vMA tool. Open your vSphere client, connect to your vCenter server. Follow these steps:

  1. Find your vMA VM, open its console and click start.
  2. The vMA will boot to a prompt asking to use DHCP to assign an IP. Enter “no” and press “Enter”.
  3. It will now prompt for am IP address, enter an IP address and the press “enter”.
  4. It will now prompt for a Subnet mask, enter a mask and then press “enter”.
  5. It will now prompt for a gateway, enter the IP address of your gateway and then press “enter”.
  6. It will now prompt you twice for your primary and secondary DNS, enter the IP addresses and press “enter” after each.
  7. It will prompt you for the vMA’s hostname, enter a FQDN and then press “enter”
  8. Type “yes” to confirm the settings and then press “enter”.
  9. the vMA vm will now reboot, and when it comes back up it will prompt you twice for a password.
  10. The VM will now display a screen telling you how to SSH into the box. For now press “Alt” and F2″ to enter the virtual terminal. Login with “vi-admin” and the password you just created.

Before we continue we should make sure that our Active Directory contains a security group called EXACTLY: “ESX Admins” and contains the accounts that we want to have Administrator access to our ESX/ESXi hosts. During the domain join process this group will automatically be granted the Administrator role on each ESX/ESXi host.

Now we need to join the vMA to the active directory domain. If you’re not already logged into the Virtual Terminal on the vMA vm, then follow setup 10 above and then perform the following:

  1. Enter the command “sudo domainjoin-cli join <your domain fqdn> <your AD domain username>” press “enter”
  2. The vMA will now prompt you for the password for the “vi-admin” account created on the vMA. Enter it and then press “enter”.
  3. The vMA will now prompt you for the password for the Active Directory user account you are trying to use to join it to the domain, enter the password and then press “enter”.
  4. You should now receive an error about the PAM module, and the word “SUCCESS” at the bottom of the screen. You’ve successfully joined to the Active Directory domain.

If we’ve not already joined our ESXi servers to the Active Directory domain now is a good time to do so. This is not a required step, but it will allow us to cut down on the amount of usernames and passwords we’ll need to use to configure our ESXi hosts when using the vMA. Follow these steps:

  1. Open the vSphere client and connect to your vCenter Server.
  2. Navigate to “Inventory” and then “Hosts and Clusters”.
  3. Select the first ESXi host, and then click on the “Configuration” tab.
  4. Click on “Authentication Services” and then click on “Properties…”.
  5. Change the “User Directory Service” from “Local Authentication” to “Active Directory”.
  6. Enter your domain name in the box titled “Domain:” and then click “Join Domain”.
  7. When prompted enter your Active Directory name and password, and then Click “OK”.
  8. Click the “Permissions” tab.
  9. Right Click and select “Add Permission…”.
  10. Change the drop down box to “Administrator” and then click the button titled “Add…”.
  11. Highlight users and/or groups that should be added to the list of local administrators on your ESXi server. Click the button titled “Add”. Click “OK”.
  12. Click “OK” again to add the permission.

The next thing we need to do is configure our vMA with a list of servers to manage, and which authentication type to use to manage them. Follow these steps:

  1. Open the console for your vMA
  2. If you’re not already logged in, log in as “vi-admin”
  3. Enter the following command to add your servers “vifp addserver <host's FQDN> --authpolicy adauth” and then press “enter”
  4. When prompted for a username enter <domain>\<username> of a user who was granted administrator permissions on that ESXi host. Make sure the host is not in standbymode, otherwise you’ll get an error.
  5. repeat this step for each host and the vcenter server.

Now that we’ve got all of our servers in the list we can issue commands to them by appending the following to each command --server <Host's FQDN>  or if you get tired of having to specify the server each time you can set which server to use by issuing the following command: vifptarget -s <host's FQDN>. To clear the currently selected server issue the following command to the vMA: vifptarget -c . Also, if you get tired of having to type your Username and password in each time you can just append the following flag to the end of each command:  --passthroughauth

ESXi 4.1 Embedded (Installed on USB, SD, Flash) Does not allow Integrated Authentication to work. Error: gss_acquire_cred failed

I ran into a problem recently when configuring vMA for ESX/ESXi 4.1. I was able to join it, as well as, the ESXi hosts to the domain, but I was unable to log into the ESXi hosts with my AD credentials with either the vMA or the vSphere client. I double checked that my AD account did have Administrator permissions on the hosts, but still I could not log in. I was given the following error by the vSphere Client, as well as the vMA console:

The interesting thing is this: If i manually specified which account to use, instead of checking the box to use the account I was logged in with. I could connect and perform the actions I wanted to do. If I checked the box, then I got the error: “gss_acruire_cred failed”. The was was true with vMA. If I used the –passthroughauth option the command would fail, but if I allowed vMA to prompt me for a username and password the command would succeed. Only Integrated Authentication between windows and the vmware software was failing.

I did some research, and it turns out that when ESXi is installed on USB Drive, or SD card, or flash memory it does not automatically create Persistent Scratch space. This is the space that’s used to store temporary data among other things. This lack of persistent scratch space was somehow effecting the login process, but only when trying to pass credentials from a windows session and not by typing them in manually.

Here is how you can configure Persistent Scratch space on either local storage or a vmfs volume using the vSphere client:

  1. Connect to vCenter Server or the ESXi host using the vSphere Client.
  2. Select the ESXi host in the inventory.
  3. Click the “Configuration” tab.
  4. Click “Storage”.
  5. Right-click a datastore and select “Browse”.
  6. Create a uniquely-named directory for this ESX host (ex. .locker-<ESXHostname> )
  7. Close the Datastore Browser.
  8. Click “Advanced Settings” under “Software”.
  9. Select the “ScratchConfig” section.
  10. Change the ScratchConfig.ConfiguredScratchLocation configuration option, specifying the full path to the directory. For example: /vmfs/volumes/DatastoreName/.locker-<ESXHostname>
  11. Click “OK”.
  12. Put the ESXi host in maintenance mode and reboot for the configuration change to take effect.

Once the host is rebooted you’ll be able to use vMA with the –passthroughauth flag, or login by checking the box on the vSphere client to use the account you’re already logged in with. To read more about this check out this link to VMware’s KB1033696

Installing the VMware vCLI on a vCenter 4.1 server

This is a quick guide on downloading and installing the vCLI on your vCenter Server. Follow these steps to install the vCLI.

  1. Open a browser and head over to
  2. Select Release 4.1
  3. Click the link to download the installer, when prompted login with your vmware account.
  4. Agree to the EULA, and then download the file.
  5. Run the downloaded .exe file, Click “Next >” on the first screen.
  6. Accept the EULA, and then click “Next >”.
  7. Click “Next >” one more time, and then click “Install”.
  8. Click “Finish”.
  9. You can now access the vCLI by clicking on START > All Programs > VMware > VMware vSphere CLI > Command Prompt.

Adding your ESXi Host to vCenter and finishing its configuration

Now that we’ve got our vCenter server setup and running it’s time to finish up it’s basic configuration and get our ESXi servers added to it.

The first thing we’re going to need to do is create a datacenter. Follow these steps:

  1. Right click on the vCenter server in the upper left part of the screen.
  2. Select “New Datacenter”, assign it a name.
Now we’ll add the Hosts to the newly created Data Center.
  1. Right click on the Datacenter you just created and select “Add Host…”.
  2. Enter the Hosts’s Name, the username (root) and the password configured during the ESXi Host’s orgininal setup process. Click “Next >”.
  3. Click “Yes” when the Security Alert appears.
  4. Click “Next >” to confirm the summary .
  5. Assign a license to the Host, or choose evaluation, and then click “Next >”.
  6. Check “Enable Lockdown Mode” if you want it enabled, Click “Next >”.
  7. Select the location for your VMs, if there are any. Click “Next >”.
  8. Click “Finish”.
Repeat this for each of your Hosts, and when you’ve added them all we can move on to creating a HA / DRS cluster.
  1. Right click on the Datacenter you just created. Select “New Cluster…”.
  2. Give your new cluster a name, and then select if you want to enable HA or DRS or both. For the purposes of this write up, we’ll be enabling both. Click “Next >”.
  3. The first section asks to configure your DRS automation level. I configure this as “Fully automated” and with Priority 1,2,3, & 4 recommendations being performed. Click “Next >”.
  4. The next section asks how to configure Power Management automation. I configure this to be automatic, and leave the DPM Threshold at the default. Click “Next >”.
  5. The next section asks about how to configure HA. I leave these at the default settings. Make changes if you wish and then click “Next >”.
  6. The next section asks about how to handle VMs that stop responding and Hosts that stop responding. I leave these settings at their defaults. Make changes if you wish and then click “Next >”.
  7. The next section asks about monitoring the guest VMs. Enable VM Monitoring if you want, and then set your sensitivity level. Click “Next >”.
  8. The next section asks about EVC, if you are running hosts with different versions of processors, then you should enable this, if all of your hosts are identical, you can leave this disabled. Click “Next >”.
  9. The next section asks about the VM Swap file location. Unless you have a specific reason to do so I would not modify this. I leave it at the default unless I’ve got a raid 0 volume setup somewhere. Click “Next >”.
  10. Click “Finish” to create you cluster.
Now we need to add our hosts to the newly created cluster. Drag your first host into the cluster and when you drop it you’ll be put into the “Add Host Wizard” Follow these steps to add the host to the cluster:
  1. The first section will ask you where you want to place the host’s VMs if there are any, if you’ve configured resource pools you and select one, otherwise leave this at the default setting and click “Next >”.
  2. Click “Finish”.
The last thing we need to do for our hosts is configure their Power Management settings. I’m using Dell servers, so I’m going to configure the Power Managment settings with the IP address, Mac address, and Username/password of the build in iDRAC on each server. Follow these steps:
  1. From the Hosts and Clusters Inventory,Click on the first host, and then click on the “Configuration” tab.
  2. Under the “Software” section click “Power Management”.
  3. Click “Properties…” in the top right corner of the screen.
  4. Enter the Username, Password, IP address, and MAC address of the host’s iDRAC interface. Click “OK”.
  5. If Power Management is configured on your cluster, the cluster can now put this host to sleep and wake it up when it’s needed.
Finally, the last thing we need to do to finish basic configuration is configure email alerts on the vCenter server. Follow these steps:
  1. Go to the “Home” screen in the vCenter client.
  2. Click on “vCenter Server Settings”.
  3. Click “Mail” in the left hand pane.
  4. Enter your SMTP server’s address, and enter a sender account for vCenter server. Click “OK”.
That’s it. We’re done with the basic configuration of vCenter server, our hosts, and our first cluster. We’ll move onto more advanced topics in future posts, such as Resource Pools, Cloning, Creating Templates, and Backing up VMs.

Installing vCenter Server 4.1 on Server 2008 R2, and SQL 2008

Well we’re almost there, it’s now time to install vCenter Server. If you haven’t already done so, create a new VM and install Server 2008 R2 on it. Afterwards complete these steps:

  1. Join to the Active Directory Domain.
  2. Install the .NET Framework 3.5.1 Feature.
  3. Run Windows Updates.
  4. Disable and Stop the “World Wide Web Publishing Service”, This is installed by .NET framework, and it’s unneeded, and will get in the way of our vCenter installation.

First we’ll need to install SQL 2008, and update it. Insert your SQL 2008 Disk and then double click it’s icon to launch. Follow these steps:

  1. From the “Installation” section of the SQL launcher select “New SQL Server stand-alone installation or add Features…” .
  2. Run through the steps until you get the the section for selecting which features you want to install. Select the Following: Instance Features: Database Engine Services, Instance Features: Full-Text Search, Shared Features: Management Tools – Complete, Click “Next”.
  3. On the “Instance Configuration” screen, rename your instance to “vCenter” or some other descriptive name. Click Next.
  4. On the “Server Configuration” screen click the box for “Use the same account for all SQL Server Services” Enter in a domain user account with local admin privileges on this computer. Make Sure both of the services that are running with that user’s context are set to “Automatic”. Click “Next”.
  5. On the “Database Engine Configuration” screen Select the option for “Mixed Mode” and set a password for your SA account. Under the “Specify SQL Server Administrators” section add the service account you want to use for vCenter to this list, as well as, your other admin accounts. Click Next.
  6. Once completed update SQL to the latest service pack level.

Once all of the updates have been installed, reboot the server and log back in as you vCenter service account (domain user with local admin permissions on this box). We’ll now create our Database. Follow these steps:

  1. Open SQL Management Studio, and connect to your vCenter instance using Windows Authentication (you’re logged in as your vCenter service account right?).
  2. Right click on the Server and Instance at the top of the Management Studio,  select “Properties”. Click “Memory” on the left pane. Assign and Maximum Memory in MB. Click “OK”.
  3. Right Click on “Databases”, Click “New Database…”, in the General Section name your database “VCDB”, click “Options”, set your recovery model to “Simple”. Click “OK”.
  4. Right Click on the “Security” folder, Click “New” and then click “Login…”. Create a new SQL Server Authentication user called “vpxuser”, Assign a password and then clear the check box “Enforce Password Policy”. Set the Default Database to “VCDB”.
  5. Click “User Mapping” in the left pane. Check the box labeled “Map” on both the “msdb” and “VCDB” databases. Click the button “…” for each, and select the schema “dbo” for each. Assign the role “db_owner” for each database. Click “OK”.

A few final SQL Configuration steps and then we’ll install vCenter server. First let’s configure Microsoft SQL Server TCP/IP settings for JDBC. Follow these steps:

  1. Start the “SQL Server Configuration Manager”.
  2. Select “SQL Server Network Configuration” then “Protocols for <instance name>.
  3. Enable “TCP/IP”.
  4. Open TCP/IP Properties.
  5. On the “Protocol” tab verify the following settings: Enabled: Yes, Listen All: Yes, Keep Alive: 30000.
  6. On the “IP Addresses” tab, verify the following settings: Active: Yes, TCP Dynamic Ports: 0.
  7. Restart the SQL Services if you made any changes.

Now let’s grant SQL 2008 “Local Launch” permissions in Component Services. Follow these instructions:

  1. Open “Administrative Tools”, Open “Component Services”.
  2. Navigate to ” Console Root > Component Services > Computers > My Computer > DCOM Config > MsDtsServer100.
  3. Right Click on “MsDtsServer100”, select Properties.
  4. Click the “Security” tab, Click “Customize” under the section labeled “Launch and Activation Permissions”. Click Edit.
  5. Click “Add…” Add the account that’s used to run your SQL Services. Check the box labeled “Allow” for “Local Launch”. Click OK on all boxes.

Okay, we’re done with the SQL Configuration, it’s now time to create our ODBC driver. Follow these steps:

  1. Open up Administrative Tools, and then click on “Data Sources (ODBC)”.
  2. Click the “System DSN” tab and then click “Add…”.
  3. Give a name and description to your driver, and then specify your server\instance name in the “Server:” section. Click “Next >”.
  4. Change the Authentication type to “With SQL Server authentication…” and enter the username of “vpxuser” and the password you created for this account. Click “Next >”
  5. Check the box for “Change the default database to:” and then select “VCDB”. Click “Next >”.
  6. Click “Finish”. Click “Test” to verify that the driver is working.

Okay! We’re here, we’re finally going to install vCenter Server. Follow these steps:

  1. This is actually pretty straight forward. Insert your installation media and select to install vCenter Server.
  2. When prompted to select SQL 2005 Express or select a DSN, choose the option to select a DSN, and then choose your DSN from list. Click “Next”.
  3. Enter the username and password for the dsn, which will be “vpxuser” and the password you set for that account in SQL. Click “Next”.
  4. When prompted which account to use to run the VMWare services, change from “SYSTEM” to the account you created for this task, the one that was added to the SQL admins group during the SQL installation. Enter the password and click “Next”.
  5. When the installation finishes, open “Services” and change both “VMware VirtualCenter Management Webservices” and “VMware VirtualCenter Server” to “Automatic (Delayed Start).
  6. Reboot your server.

That’s it. You can now connect to your vCenter server using the vSphere client and any Active Directory “Domain Admin” account.