Hey folks, cannot find much on this error. Basically the process looks like it's completing successfully then hangs at 85% during " Starting Services phase" which then gives a message about services failing to start  due to a timeout and proceeds to roll back.

Here's what I'm doing:

I have a small lab on Vmware Workstation 12 running ESXi 6.5d and vCenter appliance 6.5d, along with Horizon View 7.  I want to replace all of the certs within the appliance using a Certificate generated by my CA server within my lab. I have a single tier PKI setup, that I simply browse to the Certificate Web service to process my .CSR files.

I've spent a few days looking over many articles and videos and I don't appear to be missing any Critical step with the setup of my Certificate Template for vSphere 6.0 VMCA, or the setup of the CA itself, but something is wrong somewhere.

For my CA I'm using Sha384 and 4096 bit key, which is well over the minimum requirements from what I understand within Horizon View 7's Documentation as well as vCenters.

This part I would like a Sanity check on because all I can find regarding the Algorithm/Key Length strength is " Sha1 is not supported and don't use less than 1024 bit".

What I've done so far. vSphere 6.0 Environment with Custom Certificates (External PSC) - YouTube

1. I've installed a Server 2012 R2 Root CA in Enterprise mode with Certificate Web services and have created the template per guidance of this article and this video.

2. I've patched the vCenter to the latest build which is Version D Build #

3. I've duplicated the Subordinate CA Certificate template and have customized it per VMware guidance

4. I'm using VMCA Cert Tool to generate the CSR

5. I am able to successfully generate a certificate based on this CSR

6. I'm able to upload the cert chain and key file provided by the vCenter appliance into the cert-tool during the process for Option # 2 from the main menu

7. the Process executes and looks to be updating and replacing all of the certs using the Certificate i've generated for VMCA

8. the process fails @ 85% when attempting to start the services again

9. I've exhausted most of my troubleshooting and knowledge in this area

However, I'm running into this weird error when attempting to run through the process. As described in this Article.

Replacing a vSphere 6.x Machine SSL certificate with a Custom Certificate Authority Signed Certificate (2112277) | VMwar… 

As soon as I get to 85% starting services, it hangs for several minutes and then errors out and rolls back everything. Upon examining the logs, I can find no clear indication of what is failing outside of services not starting, which does not make sense if the certificate replacement was successful per the logs, why would a failure to start these services cause the entire process to roll back?

The thing that boggles me is that in the /storage/log/vmware/vmcad/certificate-manager.log, I receiving messages that would lead one to believe that the certificates were successfully replaced along the way.

2017-05-26T22:51:09.381Z INFO certificate-manager []

2017-05-26T22:51:09.382Z INFO certificate-manager Create a entry using Key and File generated earlier

2017-05-26T22:51:09.382Z INFO certificate-manager Running command :- ['/usr/lib/vmware-vmafd/bin/vecs-cli', 'entry', 'create', '--store', u'vpxd', '--alias', u'vpxd', '--cert', u'/storage/certmanager/rollback/vpxd_bkp.crt', '--key', u'/storage/certmanager/rollback/vpxd_bkp.priv']

2017-05-26T22:51:09.413Z INFO certificate-manager Command output :-

Entry with alias [vpxd] in store [vpxd] was created successfully

If i do a search for error the only items that show up are

Service-control failed. Error Failed to start vmon services.vmon-cli RC=1, stderr=Failed to start vapi-endpoint, vpxd-svcs services. Error: Operation timed out

there's also mention of this during the rollback, but I don't find it usefull at all...

2017-05-26T22:51:09.871Z ERROR certificate-manager 2017-05-26T22:51:09.833Z   Updating certificate for "com.vmware.vim.eam" extension

2017-05-26T22:51:09.871Z INFO certificate-manager Command executed successfully

2017-05-26T22:51:09.871Z INFO certificate-manager Running command : ['/usr/bin/python', '/usr/lib/vmware-vpx/scripts/updateExtensionCertInVC.py', '-e', 'com.vmware.rbd', '-s', 'vc1.lab.local', '-c', u'/storage/certmanager/rollback/vpxd-extension_bkp.crt', '-k', u'/storage/certmanager/rollback/vpxd-extension_bkp.priv', '-u', 'administrator@vsphere.local', '-p', '*****']

2017-05-26T22:51:10.109Z INFO certificate-manager Command output :-

2017-05-26T22:51:10.071Z   Updating certificate for "com.vmware.rbd" extension

2017-05-26T22:51:10.109Z ERROR certificate-manager 2017-05-26T22:51:10.071Z   Updating certificate for "com.vmware.rbd" extensio

Any thoughts folks? 

Am I running into a self created bug with Sha384? and 4096 bit key length? Could I be missing something during the process of Generating the CSR with the cert.cfg files?

Hi I ran following script and got some general system error:

Exception calling "UpdateHostProfile" with "1" argument(s): "A general system error occurred: Not i

nitialized"

At C:\Temp\alaska\Set-ProfileEx.ps1:69 char:45

+     $Profile.ExtensionData.UpdateHostProfile <<<< ($spec)

    + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException

    + FullyQualifiedErrorId : DotNetMethodException

function Set-ProfileEx{

#$vlanid="310"

#$vswitch="vSwitch0"

#$Profile="Test-HP"

param([PSObject]$Profile="Test-HP")

begin{

    function Copy-Property ($From, $To, $PropertyName ="*")

        {

            foreach ($p in Get-Member -In $From -MemberType Property -Name $propertyName)

            {        trap {

                            Add-Member -In $To -MemberType NoteProperty -Name $p.Name -Value $From.$($p.Name) -Force

                            continue

                            }

            $To.$($P.Name) = $From.$($P.Name)

            Write-Output $P.Name

            }

        }

}

process{

if($Profile.GetType().Name -eq "string"){

$Profile = Get-VMHostProfile -Name $Profile

Write-Output $Profile

}

$spec = New-Object VMware.Vim.HostProfileCompleteConfigSpec

Copy-Property -From $Profile.ExtensionData.Config -To $spec

     $vlanpol = New-Object VMware.Vim.ProfilePolicy

    $vlanpol.Id = "VlanIdPolicy"

    $vlanpol.PolicyOption = New-Object VMware.Vim.PolicyOption

    $vlanpol.PolicyOption.Id = "FixedVlanIdOption"

    $vlanpol.PolicyOption.Parameter += New-Object VMware.Vim.KeyAnyValue

    $vlanpol.PolicyOption.Parameter[0].Key = "vlanId"

    $vlanpol.PolicyOption.Parameter[0].Value = "310"

    $vswitchpol = New-Object VMware.Vim.ProfilePolicy

    $vswitchpol.Id = "VswitchSelectionPolicy"

    $vswitchpol.PolicyOption = New-Object VMware.Vim.PolicyOption

    $vswitchpol.PolicyOption.Id = "FixedVswitchSelectionOption"

    $vswitchpol.PolicyOption.Parameter += New-Object VMware.Vim.KeyAnyValue

    $vswitchpol.PolicyOption.Parameter[0].Key = "vswitchName"

    $vswitchpol.PolicyOption.Parameter[0].Value = "vSwitch0"

$portpol = New-Object VMware.Vim.ProfilePolicy

$portpol.Id = "PortgroupCreatePolicy"

$portpol.PolicyOption = New-Object VMware.Vim.PolicyOption

$portpol.PolicyOption.Id = "CreateAlways"

    $myport = New-Object VMware.Vim.VmPortGroupProfile

    $myport.Name="VMDATA"

    $myport.Enabled=$true

    $myport.Key="key-vim-profile-host-VmPortgroupProfile-VMDATA"

    $myport.NetworkPolicy=New-Object VMware.Vim.NetworkPolicyProfile

    $myport.Vlan=New-Object VMware.Vim.VlanProfile

    $myport.Vswitch=New-Object VMware.Vim.VirtualSwitchSelectionProfile

    $myport.Vlan.Policy=@($vlanpol)

    $myport.Vswitch.Policy=@($vswitchpol)

    $myport.Policy=@($portpol)

    $spec.ApplyProfile.Network.VmPortGroup +=$myport

    Write-Output $spec.ApplyProfile.Network.VmPortGroup

    $Profile.ExtensionData.UpdateHostProfile($spec) 

    Get-VMHostProfile -Name $Profile.Name

    }

}

Set-ProfileEx

Well I was partially correct.  This is just flat out an issue with the newer Linux kernels running specifically on the friggin RECOMMENDED SCSI controller on a windows host

Here is yet another report of EXACTLY what I and others are experiencing repeatedly.  I am re-testing but I believe this Kali bug poster's tests are accurate, that the workaround is simply to NOT use the recommended SCSI virtual adapter, and instead change it to SATA.

0004017: Kali 2017 problem with VMware Workstation - Kali Linux Bug Tracker

Well I was partially correct.  This is just flat out an issue with the newer Linux kernels running specifically on the friggin RECOMMENDED SCSI controller on a windows host

Here is yet another report of EXACTLY what I and others are experiencing repeatedly.  I am re-testing but I believe this Kali bug poster's tests are accurate, that the workaround is simply to NOT use the recommended SCSI virtual adapter, and instead change it to SATA.

0004017: Kali 2017 problem with VMware Workstation - Kali Linux Bug Tracker

Well I was partially correct.  This is just flat out an issue with the newer Linux kernels running specifically on the friggin RECOMMENDED SCSI controller on a windows host

Here is yet another report of EXACTLY what I and others are experiencing repeatedly.  I am re-testing but I believe this Kali bug poster's tests are accurate, that the workaround is simply to NOT use the recommended SCSI virtual adapter, and instead change it to SATA.

0004017: Kali 2017 problem with VMware Workstation - Kali Linux Bug Tracker

Is there some way to, possibly, install firefox and chrome onto a writable and then turn that into a template for future deployment?

Hi Ivan,

Yeah I saw that and installing WinZip 21.5 using command which includes "INSTALLEDP=0" [where I am saying to install WinZip 21.5 with out enterprise data protection].

Note: I am installing WinZip on parent image.

         I am not facing any problem using WinZip on individual VM's, but I am facing this issue if I use WinZip on VDI Desktop.

Please let me know if I am missing something.

Thank you,

Vkmr.

Would the same apply if I were to move the Windows Search Index file there as well?
That way each user would have a persistent index that wouldn't constantly rebuild and pin I/O.

Unfortunately the new driver didn't help. I just lost network connectivity again. Again while watching youtube on my Apple TV going through a virtual Sophos UTM. I was able to collect the logging using the commands earlier in this thread. So if you're interested I can upload them. The vmkernel.log reports this at the moment of loss of network connectivity:

2017-05-27T01:23:14.379Z cpu6:142894)NetLB: 2242: Driver claims supporting 0 TX queues, and 0 queues are accepted.

2017-05-27T01:23:14.379Z cpu6:142894)NetLB: 2246: Driver claims supporting 0 RX queues, and 0 queues are accepted.

2017-05-27T01:23:14.380Z cpu6:142894)NetLB: 2242: Driver claims supporting 0 TX queues, and 0 queues are accepted.

2017-05-27T01:23:14.380Z cpu6:142894)NetLB: 2246: Driver claims supporting 0 RX queues, and 0 queues are accepted.

2017-05-27T01:23:14.380Z cpu6:142894)NetLB: 2242: Driver claims supporting 0 TX queues, and 0 queues are accepted.

2017-05-27T01:23:14.380Z cpu6:142894)NetLB: 2246: Driver claims supporting 0 RX queues, and 0 queues are accepted.

2017-05-27T01:23:14.381Z cpu6:142894)NetLB: 2242: Driver claims supporting 0 TX queues, and 0 queues are accepted.

2017-05-27T01:23:14.381Z cpu6:142894)NetLB: 2246: Driver claims supporting 0 RX queues, and 0 queues are accepted.

2017-05-27T01:23:14.382Z cpu6:142894)WARNING: Tcpip_Vmk: 781: vmk_get_gateway failed with error = 0x2d, status = 0xbad0105

2017-05-27T01:23:14.382Z cpu6:142894)WARNING: Tcpip_Vmk: 781: vmk_get_gateway failed with error = 0x2d, status = 0xbad0105

2017-05-27T01:23:14.383Z cpu6:142894)Tcpip_Vmk: 129: get connection pkt trace failed with error code 195887136

2017-05-27T01:23:14.383Z cpu6:142894)Tcpip_Vmk: 129: get connection pkt trace failed with error code 195887136

2017-05-27T01:23:14.383Z cpu6:142894)Tcpip_Vmk: 96: get connection stats failed with error code 195887136

2017-05-27T01:23:14.383Z cpu6:142894)Tcpip_Vmk: 129: get connection pkt trace failed with error code 195887136

2017-05-27T01:23:14.383Z cpu6:142894)Tcpip_Vmk: 129: get connection pkt trace failed with error code 195887136

2017-05-27T01:23:14.383Z cpu6:142894)Tcpip_Vmk: 96: get connection stats failed with error code 195887136

2017-05-27T01:23:14.383Z cpu6:142894)Tcpip_Vmk: 129: get connection pkt trace failed with error code 195887136

2017-05-27T01:23:14.383Z cpu6:142894)Tcpip_Vmk: 129: get connection pkt trace failed with error code 195887136

2017-05-27T01:23:14.383Z cpu6:142894)Tcpip_Vmk: 96: get connection stats failed with error code 195887136

2017-05-27T01:23:14.383Z cpu6:142894)Tcpip_Vmk: 129: get connection pkt trace failed with error code 195887136

2017-05-27T01:23:14.383Z cpu6:142894)Tcpip_Vmk: 129: get connection pkt trace failed with error code 195887136

2017-05-27T01:23:14.383Z cpu6:142894)Tcpip_Vmk: 96: get connection stats failed with error code 195887136

I have the correct driver installed:

[root@esxi:~] vmkload_mod -s ntg3 | grep Version

Version: 4.1.2.0-1vmw.650.0.0.4598673

I'm running vSphere 6.5 on an HP Proliant DL360p gen8

Franc.

Please take the below example as reference

let say, User1, User2 and User3

user1 had 5 sessions in a week and he spend's 40 hours [8, 8, 8, 8, 8]

user2 had 3 sessions in a week and she spend's 40 hours [8, 8, 24]

user3 had 6 sessions in a week and he spend's 56 hours [16, 8, 8, 8, 12, 4]

Now if I generate report I am seeing as below table [in this report I am getting metrics based on current session, even thou I am saying to sum-up for week].

I am expecting to see report as below:

Thank you,

Vkmr.

But, when USB3 and other devices all use SCSI commands and drivers in Linux, I am not convinced that even if the boot drive is set to SATA (because we do not know exactly what part/code in the SCSI vmware drivers is causing this) I'm leery of trusting using other disks plugged in via USB3 passthru, etc.

VMware really needs to acknowledge this so we have an idea of when it will finally be fixed.  This is an entire line of OS' with the virtualized SCSI disk driver being corrupted.

I am trying to connect with VMware vSphere Client 6.0 and I am getting this error.

I am a college student and I am connecting from home with Juno Pulse VPN. I am using Windows 10

and I have checked the proxy and firewall settings and nothing is blocking the connection. I am new to VMware

and don't know much about it, I am trying to connect to the host at the college. I'm not sure what other information I can give to possibly resolve this. Thanks in advance.

I"d like to storage vmotion vms with move-vm and then if there are any errors, put them in an email and email them to me

get-vm | %{

move-vm -datastore datastore100

}

If one VM fails I don't want to abort the whole script, just catch whatever the error was on that one vm and email it to myself and go to the next one.  Is this possible?

NSX U/DLR appliance tidbits | SOSTech

tl;dr:

Deploy if you need dynamic routing on your DLR

Enable HA and add an IP address on a dedicated logical switch

Pick Universal if you'll eventually have cross-vcenter and will only connect to logical switches (no dPGs)

I have a Wacom Bamboo but don't have that sort of issue with either Fusion on MacBook Pro or Workstation on Windows.

I would suspect it is hardware and/or cabling issue. You don't say how/where you connect the USB cable from the Intuos. I would suggest to try changing the USB port used for the Intuos. I don't know if the USB cable is detachable with Intuos. I have had to replace the USB cable of the Wacom Bamboo once before (this was detachable) when the connection would be intermittently be lost.

Slightly off topic, with AutoCAD and Revit, you might want to consider using something like 3Dconnexion Space Mouse as well.

I have created a VM and loaded an OS on it and want to make it my template to clone. I have copied the .vmx and .vmdk files to a new folder but I would like to change the name of the files. I understand vCLI might be needed. I installed that but don't know where to go from there.

Any ideas or advice appreciated.

Thank you

Hello experts,

We have FreeBSD vm on esx 6.0 (the base OS revision) with vmxnet3 as one of the interfaces on top of a vswitch. Jumbo MTU is not enabled on the vswitch. In our guest driver, we find eop field set indicating buffers active in jumbo ring with qid=8. We are running with 8 vRSS queues. We allocate buffers in jumbo ring even when jumbo MTU is not enabled. Could that be a problem?

Since backend is setting eop field incorrectly, we end up chaining packets incorrectly causing our protocol to go haywire.

Are there any known issues around this area?

We run a user space poll mode driver similar to DPDK.

Regards,

Nirmal

I recently tried upgrading my host from 6.0 to 6.5 and everything seemed to go fine. However, after rebooting at hangs while running rc scripts. When looking at the logs I am receiving an error over and over:

"WARNING: NFS: 221: Got error 2 from mount call"

I also attached a screenshot to show the logs. This seems to be related to NFS but I don't have any storage using NFS so I'm not sure what the issue is.

Any help would be much appreciated.

Thanks,

Tony

I am getting this error since last day while trying to log in Vcentre web client. Since last day morning it was working fine. I have not made any changes yet in any virtual machines. I cant understand how to solve this issue. Please help. The error picture is attached.

Yes I got the same page that you mentioned below. After that when I press f2 also  i tried to press space bar key .After some time the same page turned with black backgroud,without any change .Please help me out with this .Please view the error page again