Månedlige arkiver: januar 2020

Broken connection between vRSLCM and vRops

vRSLCM “Trigger Inventory Sync” failed

Not long ago the connection between vRealize Lifecycle Manager and vRealize Operations Manager “failed” or to be more specific when I trigger an inventory sync of vRops from vRSLCM. It failed with the error LCMVROPSYSTEM25000

If you have the same issue, here a workaround.

First access your vRops master node https://IPaddressOFvrops/casa/node/config
Login with the same credentials used by vRSLCM (admin user) You should get an error message like this:

{“error_message_key”:”general.failure”,”error_arguments”:[“1″,”Note: Forwarding request to ‘systemctl is-enabled’.\n”],”error_message”:””}

Log into your vRops nodes with root user and run the following command

systemctl list-unit-files

sshd.service status

You should se that sshd.service is listed as disabled. Then run the following command

systemctl enable sshd.service

Do this on all vRops nodes, then go back to vRSLCM and try trigger inventory sync. You should now see that the request goes through.

vRSLCM “Trigger Inventory Sync” success

Limitations when using Workspace One Access for “free” with vRSLCM?

Workspace One Access or vIDM “Content Catalog” vRealize shortcuts with SSO login

When you install vRealize Suite Lifecycle manager It comes with the Workspace One Access (VMware Identity Manager) And in this appliance you get a lot of options and no limitations in any way. So it is up to you to avoid using any features that you are not allowed to use. If you do then you might be in breach of the EULA.

So I went on a google search for answers to this question and boy I can tell you that it is not straight forward. I have also tried to get VMware to give me a statement or point me to the correct documentation where they say what I can and can’t do.

Why is this an issue?

As I said you are not limited in any way and you could use all its functionality. But if you do you would then be in breach og the EULA according to an VMware Product Manager. So a problem arises, you could easily be in a breach without knowingly doing so.

After some investigation I was pointed to the VMware Product Guide where the following is stated.

Official documentation

Workspace ONE Access feature. A license to use VMware NSX Data Center (any edition) or NSX Cloud (any edition) includes an entitlement to use the Workspace ONE Access feature, but only for the following functionalities:

  • directory integration functionality of Workspace ONE Access to authenticate users in a user directory such as Microsoft Active Directory or LDAP
  • conditional access policy
  • single-sign-on integration functionality with third party Identity providers to allow third party identityproviders’ users to single-sign-on into NSX
  • two-factor authentication solution through integration with third party systems. VMware Verify,VMware’s multi-factor authentication solution, received as part of Workspace ONE Access, may not beused as part of NSX, and
  • single-sign-on functionality to access VMware products that support single-sign-on capabilities.

A license to use VMware vRealize Log Insight includes an entitlement to use the Workspace ONE Access feature, but only for the following functionalities:

  • directory integration functionality of Workspace ONE Access Standard to authenticate users in a user directory such as Microsoft Active Directory or LDAP
  • conditional access policy
  • single-sign-on integration functionality with third party Identity providers to allow third party Identityproviders’ users to single-sign-on into vRealize Log Insight
  • two-factor authentication solution through integration with third party systems. VMware Verify,VMware’s multi-factor authentication solution, received as part of the Workspace ONE Access feature,may not be used as part of vRealize Log Insight, and
  • single-sign-on functionality to access VMware products that support single-sign-on capabilities.

So is this now solved?

The quick answer is NO, when you look at the text I would interpret it to only apply if I have NSX and or Log insight license. Not for vRA, vRops, vRNI, vRB and vRSLCM. I would also argue that there is a problem with the wording. If you look at point 4 and 5 and the inclusion of , and at the end, does it imply that point 5 is also not allowed?

And what about when they first saybut only for the following functionalities and then inside a point they say may not be used What may not be used?

That I may not use single sign on with anything else than NSX and vRLI?
single-sign-on functionality to access VMware products that support single-sign-on capabilities

I honestly don’t know that to get out of this other than it doesn’t apply to this use case and that it is a shoehorn attempt to make a text fit something it is not meant to fit.

Other Clues?

When you look at the VMware download page for Identity Manger 3.3.1 it clearly stated what it can be used for. But it doesn’t go into details.
Download VMware Identity Manager 3.3.1 (for vRA, vRops, vRLI, vRB, vRNI, NSX only)

If any of you have any insight on this please give me an update.

To be continued…..

VMware løsninger som ikke lenger er supportet i 2020?

2019 er over og et nytt år er på trappene. Hva som vil skje i 2020 og hvilke nyheter som kommer er vanskelig å spå, men noen ting er i hvert fall sikkert. Som blant annet hvilke VMware produkter som går ut i 2020 og ikke lenger vil være supportert under “General Support”

VMware produkter som går ut i 2020

End of General Support

App Volumes 2.14, 2.15vCloud Director for Service Providers 9.1, 9.5
AppDefense Plugin 2.1, 2.2, 2.3 for Platinum EditionvCloud Usage Meter 4.1
Cloud Provider Pod 1.0. 1.5VMware Enterprise PKS 1.6
Essentials PKS 1.13.4vRealize Automation 7.4, 7.5
ESXi 6.0vRealize Business for Cloud 7.5
Fusion 11vRealize Configuration Manager 5.8.4, 5.8.5
Identity Manager 3.3vRealize Log Insight 4.7, 4.8
Integrated OpenStack 5.0, 5.1vRealize Network Insight 4.0, 4.1, 4.2
NSX for vSphere 6.3vRealize Operations for Horizon 6.6
NSX-T DataCenter 2.4vRealize Operations Manager 6.6.1, 6.7
Pulse IoT Center 1.0vRealize Orchestrator 7.4, 7.5
SDDC Manager 2.3, 3.7vRealize Suite Lifecycle Manager 1.3. 2.0, 2.1
Site Recovery Manager 6.0, 6.1vSAN 6.0, 6.1 and 6.2
Smart Assurance 9.5vSphere Data Protection 6.0, 6.1
Smart Experience 3.1vSphere Integrated Containers 1.5
User Environment Manager 9.3, 9.4, 9.5, 9.6vSphere Replicator 6.0, 6.1
vCenter Application Discovery Manager 7.1Workspace ONE UEM Console 9.5, 9.6, 9.7, 1810, 1811, 1902, 1903
vCenter Server 6.0Workspace ONE UEM Console 1904, 1905 (SaaS Only)
vCenter Update Manager 6.0Workstation 15 P ro and Workstation 15 Player
vCloud Availability for Cloud-to-Cloud DR 1.x

VMware produkter som gikk ut i 2019

End of General Support

AirWatch Console 9.2, 9.3 vCloud Director Extender 1.0, 1.1
App Volumes 2.13vCloud Director for Service Providers 8.20, 9.0
AppDefense Plugin 2.0 for Platinum Edition Fusion 10vCloud Usage Meter 3.6.1
Horizon 6 for Linux 6.1.1vRealize Automation 7.3, 7.4, 7.5
Horizon DaaS On Prem Platform 7.0 vRealize Business for Cloud 7.3, 7.4
Horizon FLEX Policy Server 1.xvRealize Code Stream 2.4
Horizon View 6.xvRealize Configuration Manager 5.8, 5.8.3
Identity Manager 3.0, 3.1, 3.2vRealize Hyperic 5.8.4 – 5.8.6 
Integrated OpenStack 4.0, 4.1vRealize Log Insight 4.6
Mirage 5.9vRealize Network Insight 3.7, 3.8, 3.9
NSX-T 2.0, 2,1vRealize Operations for Horizon 6.5
NSX-T Data Center 2.2vRealize Operations for Published Applications 6.5
Photon Platform 1.xvRealize Operations Manager 6.6, 6.7
SDDC Manager 3.0vRealize Orchestrator 7.3
ThinApp 4.7.3vRealize Suite Lifecycle Manager 1.0, 1.1, 1.2
User Environment Manager 9.2vSphere Integrated Containers 1.4 
vCenter Chargeback Manager 2.7.x Workspace ONE UEM Console 9.4
vCenter Converter Standalone 6.2Workstation 14 Pro and Workstation 14 Player 
vCloud Availability for vCloud Director 2.0 

Hva betyr de forskjellige support typene?

Se listen hentet fra VMWare over hva de forskjellige fasene inneholder

FeaturesGeneral Support PhaseTechnical Guidance PhaseEnd of Support Life Phase End of Availability
Maintenance updates and upgradesX
New security patchesX
New bug fixesX
New hardware supportX
Server, Client and Guest OS updatesX
File a Support RequestPhone and WebWeb only
Existing security patchesXX
Existing bug fixesXX
Workarounds for low-severity issue (severity 2, 3, and 4)XX
Self-help web-based supportXX
Access to Knowledge BaseXXX

Om du ønsker å fordype deg finnes detaljert info hos VMware hvor denne listen er hentet fra.
Data I denne artikkelen er basert på info hentet fra VMware Lifecycle Product Matrix