Issue
Unable to discover VCenter.
Sample Vcenter IP - 10.0.0.0.
Errors Observed:
- VMWarevCenterDatacentersProbe I/P Payload contains the below error.
<results error="No credential would validate for https://10.0.0.0/sdk" probe_time="24677" result_code="900000">
<result error="No credential would validate for https://10.0.0.0/sdk">
<output/>
</result> - Test Credential against the Vcenter IP address is failed.
Release
- All
Cause
- The credentials used for discovery do not meet the below requirements.
a. The VMware credentials do not have the read-only role in vCenter.
b. The Username for the Vmware credentials is not entered in the desired format i.e username@domain or domain\username.
2. SDK API is not installed on the Vcenter.
Resolution
- Ensure the SDK API is installed on the Vcenter.
- By default, the VMWare - vCenter Datacenters probe runs on port 443 and the port probes for vCenter run on these ports vmapp6_https: 9443 and vmapp_https: 5480. Ensure these ports are open and Shazzam I/P is similar as below.
<results active="1" alive="1" full_range="<?xml version="1.0" encoding="UTF-8"?><discovery_ranges><meta_coll><ip_list><ip>10.0.0.0</ip></ip_list></meta_coll></discovery_ranges>" probe_time="5539" range="<?xml version="1.0" encoding="UTF-8"?><discovery_ranges><meta_coll><ip_list><ip>10.0.0.0</ip></ip_list></meta_coll></discovery_ranges>" result_code="0" total="1">
<result active="true" alive="true" ip_address="10.0.0.0">
<scanner name="HTTPS" port="5986" portprobe="winrm_ssl" protocol="tcp" result="timed_out" service="winrm_ssl"/>
<scanner name="BannerTCP" port="22" portprobe="ssh" protocol="tcp" result="open" service="ssh">
<banner_text>SSH-2.0-OpenSSH_7.4 </banner_text>
<banner_bytes>
.53.53.48.2d.32.2e.30.2d.4f.70.65.6e.53.53.48.5f.37.2e.34.0a.
</banner_bytes>
</scanner>
<scanner name="BannerTCP" port="5480" portprobe="vmapp" protocol="tcp" result="open" service="vmapp_https"/>
<scanner name="BannerTCP" port="9443" portprobe="vmapp" protocol="tcp" result="open" service="vmapp6_https"/>
<scanner name="SLP" port="427" portprobe="slp" protocol="udp" result="timed_out" service="slp"/>
<scanner name="NBT" port="137" portprobe="wins" protocol="udp" result="unresolved" service="ms-nb-ns"/>
<scanner name="DNS" port="53" portprobe="dns" protocol="udp" result="resolved" service="dns">
<host_names>vcenter.hostxyz.com</host_names>
</scanner>
<scanner name="HTTP" port="80" portprobe="http" protocol="tcp" result="open" service="http">
</scanner>
<scanner name="HTTP" port="443" portprobe="http" protocol="tcp" result="open" service="https"/>
</result> - Validate you are able to login to the Vcenter web client from the mid server host with the Vmware credentials used for discovery.
- If the authentication fails with the correct credentials, enter the username as user@domain instead of domain\user, update the same format in the discovery credentials table on the instance.
- Once the above configurations are in place, re-discover the Vcenter, it should be discovered successfully.