VMWare ESXi
Installation Steps
- install ESXi onto the hardware (use unetbootin to create the image, don't follow the manual: it's shit)
- install VMWare vSphere client onto your PC
- Connect using the vSphere client
- In the server -> configuration -> Licensed Features (under Software) - Edit (on the right) and enter the license key: JM28P-8UJE1-68Z81-02ARH-81L04 (edgarbv) H401K-82H0M-K8F49-0H9A4-95CM0
- Create a datastore and on that create a directory .locker-HOSTNAME
- Go to Manage -> System -> Advanced settings and find ScratchConfig.ConfiguredScratchLocation edit this to be /vmfs/volumes/UUID/.locker-HOSTNAME
- now find Syslog.global.logdir and set this to the datastorename [platters]/.locker-HOSTNAME/log or via syslog.global.loghost (for remote logging)
Storage
Expanding HDs on a VM
Increase A VMware Disk Size (VMDK) Formatted As Linux LVM without rebooting You can only extend the current disk if you have less than 4 partitions
If it's a root volume you have to reboot with a Debian CD and enter rescue mode. Otherwise you may be able to extend without powering off
check if you can see the extra space
If you have increased the size of the disk
fdisk -l
parted
cfdisk
If not then you can rescan the scsi bus
ls /sys/class/scsi_device/ echo 1 > /sys/class/scsi_device/0\:0\:0\:0/device/rescan
Rescan for each device found.
If you have added a new disk
ls /sys/class/scsi_host/ echo "- - -" > /sys/class/scsi_host/host0/scan
It won't show any output, but running 'fdisk -l' will show the new disk.
extend an existing disk
parted print resizepart 2 <- NB this is the extended partition (enter max size to max size shown on print) resizepart 5 <- NB this is the logical partition on the extended partition (enter max size to max size shown on print) write quit vgscan pvscan pvdisplay
It should now show you that the physical volume has more space, as will vgdisplay
From here
Run this command to extend the physical volume:
vgextend VolGroup00 /dev/sda3
Note: To determine which volume group to extend, use the command vgdisplay.
Run this command to verify how many physical extents are available to the Volume Group:
vgdisplay VolGroup00 | grep "Free"
Run the following command to extend the Logical Volume:
lvextend -L+#G /dev/VolGroup00/LogVol00
or
lvextend --extents +## /dev/debian-vg/root
Where # is the number of Free space in GB available / ## is the amount of extents free as per the previous command. Use the full number output from Step 10 including any decimals.
Note: To determine which logical volume to extend, use the command lvdisplay.
Run the following command to expand the ext3 filesystem, inside of the Logical Volume:
e2fsck -f /dev/debian-vg/root resize2fs /dev/debian-vg/root
Notes:
Use ext2online /dev/VolGroup00/LogVol00 if it is a Red Hat virtual machine. By default, Red Hat and CentOS 7 use the XFS file system you can grow the file system by running the xfs_growfs command.
Run the following command to verify that the / filesystem has the new space available:
df -h /
using esxcli to investigate your disks and adapters
esxcli storage core adapter list
shows the controllers
esxcli storage reference from vmware
examining LUNSs with esxcli storage core
A list of ESXCLI storage commands you can’t live without
old info
By adding a new partition formatting it and then adding it to the VG
Turn off the VM, change the size of the disk in the settings. Start up the vm.
use fdisk /dev/sda to view the free space. If fdisk doesn't work, use parted or cfdisk.
Format the extra space as type 8e (LVM). Use vgextend and then lvextend to increase the size
adding new disks to a vm and booting
When you add a new disk, you may get an OS not installed / can't boot up error. This is because for some reason, esxi adds the new disk as scsi 0:0 (which is the first disk that wants to boot up). So you need to edit the new hard disk to scsi 0:2, the old one to 0:0 and then the new one to 0:1 again.
cloning VMs using the CLI
Cloning a virtual machine disk without delta files or snapshots To clone a virtual machine disk using the ESXi/ESX host terminal:
Log in to the terminal of the ESXi/ESX host.
Navigate to the virtual machine's directory using the cd command. It is located at:
/vmfs/volumes/source_datastore/virtual_machine/
Confirm the destination directory where the clone will be copied to. Create this directory, if required.
For example, if this destination directory does not exist:
/vmfs/volumes/destination_datastore/virtual_machine/
Create the directory using this command:
mkdir /vmfs/volumes/destination_datastore/virtual_machine/
Clone the virtual hard disk using the vmkfstools -i command after shutting down the virtual machine:
# vmkfstools -i /vmfs/volumes/Storage1/examplevm/examplevm.vmdk /vmfs/volumes/Storage2/examplevm_clone.vmdk
You see output similar to:
Destination disk format: VMFS thick Cloning disk '/vmfs/volumes/Storage1 (3)/examplevm/examplevm.vmdk'... Clone: 100% done.
Notes:
Encapsulate objects with quotes where appropriate to ensure spaces and other special characters are interpreted correctly.
By default, the vmkfstools -i command will create a destination thick provisioned disk. If you want the destination disk to be thin provisioned, add -d thin to the end of the preceding command.
For example:
# vmkfstools -i /vmfs/volumes/Storage1/examplevm/examplevm.vmdk /vmfs/volumes/Storage2/examplevm_clone.vmdk -d thin
Cloning a virtual machine disk with delta files or snapshots
To clone a virtual machine disk using the ESXi/ESX host terminal:
Log in to the ESXi/ESX host's terminal.
Navigate to the virtual machine's directory using the cd command. It is located at:
/vmfs/volumes/source_datastore/virtual_machine/
Confirm the destination directory where the clone will be copied to. Create this directory, if required.
For example, if this destination directory does not exist:
/vmfs/volumes/destination_datastore/virtual_machine/
Create the directory using this command:
mkdir /vmfs/volumes/destination_datastore/virtual_machine/
Clone the virtual hard disk from its current snapshot delta point using the vmkfstools -i command.
# vmkfstools -i /vmfs/volumes/Storage1/examplevm/examplevm-000003.vmdk /vmfs/volumes/Storage2/examplevm_clone.vmdk
You see output similar to:
Destination disk format: VMFS thick Cloning disk '/vmfs/volumes/Storage1 (3)/examplevm/examplevm-000003.vmdk'... Clone: 100% done.
Impact/Risks
Downtime during the clone procedure.
Additional Information
Additional steps for virtual machine disks with delta files or snapshots
The original virtual machine files are still intact without modifications. You may opt to either create a new virtual machine and attach the cloned disk file(s), or replace the existing disks attached to the virtual machine with the cloned copies. These steps encompass the latter option.
To replace the original virtual machine disk(s) and delta snapshot file(s) with the cloned copy or copies:
Detach the virtual hard disk from the virtual machine's configuration in the VMware vSphere or Infrastructure Client.
Attach the new (cloned) virtual hard disk, /vmfs/volumes/Storage2/examplevm_clone.vmdk to the virtual machine.
Rename the snapshot database (.vmsd) file for the virtual machine. At this time, it is no longer valid due to manipulation of the virtual machine's disk layout during troubleshooting:
# mv examplevm.vmsd examplevm.vmsd.old
Power on the virtual machine and confirm the guest operating system can boot successfully. Verify data integrity and confirm data is not missing or corrupt.
With the virtual machine still powered-on, you may remove the original disk files to free datastore space. Files in use by the powered-on virtual machine cannot be removed by the VMware ESX server. This can be used as a safeguard.
add new user
Go to local users and groups and right click on the screen to add a new user. The password needs to be 8 characters long.
Then go to permissions and right click on the screen to add a permission. Choose the assigned role and then add the new user (on the left)
auto start vm's
under the configuration tab for the machine, at "Virtual Machine Startup/Shutdown"
Choose Properties. You can configure the startup/shutdown here.
https://communities.vmware.com/thread/520839
Start the VMs automatically after Existing Host from Maintenance Mode, follow the below steps :
- In vCenter Server, right-click the ESX/ESXi host and click Exit Maintenance Mode.
- Open an SSH session to the ESX/ESXi host.
- Run this command:
/sbin/vmware-autostart.sh start
or
Use the Configuration > Virtual Machine Startup/Shutdown option in VirtualCenter
renaming the hostname / domain name
Changing the name of an ESX or ESXi host (1010821)
Or see join or leave AD below
using vsphere client
Select the Host machine, then tab configure. Under software choose VM Startup/shutdown. Press 'edit' top right. Move the desired machines into the boot order using the move up / move down.
starting from a cdrom or iso after OS has been installed
In advanced boot options change the bootup delay to 99999 milliseconds. Then when you start up the VM you can press esc to select a boot device
keyboard shortcuts for console
Ctrl+Shift+Insert Sends Ctrl+Alt+Delete
Ctrl+G Transfers mouse and keyboard input from the local machine to the virtual machine (same as clicking in the window) great for when you don't have a mouse handy
Ctrl+Alt+Enter Full Screen VM
Ctrl+Alt Unlocks mouse/keyboard from VM console window, also exists full screen mode
Ctrl+Shift+X Exit VM Console
installing tools on a VM
The tools allow you to do things like copy paste into the console. In order to install the tools, you mount a CD from the internal datastore. Choose the version for the OS you have. Mount the CD, then copy the contents to /usr/local/src and unzip them. Inside this directory you run the perl scripts. For Linux you will need the kernel headers package
Debian
apt-get install open-vm-tools
Resetting the password for ESXi
There is the Cisco Way and the
NB you will have to use udpkg to install gzip from the cdrom (find the deb and use udpkg -i file.deb). Also you will need nano editor because vi isn't installed with the rescue disk.
After the host was shut down, I booted up with the Linux live CD. I then ran the commands fdisk -l and ls -l /mnt/sda5/ / ls -l /mnt/sda6/ to determine the location of the most recent state.tgz file. Note that if you're using ESXi Embedded then you may only see local.tgz instead of state.tgz and you should then copy and recreate that file.
After determining where the most recent state.tgz file was located, this was copied to /tmp. gzip and tar were then used to extract local.tgz from state.tgz. If you're using ESXi Embedded then you will copy local.tgz to tmp and run gzip and tar on that file. Once local.tar was extracted the cd etc command was run followed by vi shadow
ssentially you'll want to have the root entry as root::13358:0:99999:7::: . Once you have removed the password hash, press ESC and to save the change type in :wq and press Enter. You can run cat shadow to confirm that the change was saved successfully.
Once the shadow file has been updated, you'll use cd .. to go back to /tmp and then run tar -czvf local.tgz etc to create the local.tgz file. If you're using ESXi Embedded then you'll copy this file to the drive where it came from in step 3. Otherwise you'll run tar -czvf state.tgz local.tgz to create state.tgz which should then be copied to the correct location. In the below image you'll notice that I don't always use the -v option with the tar command.
Once the file has been copied back to the /bootbank partition the host can be rebooted back into ESXi. You'll be able to login with the root account with no password and will be greeted with the familiar message to change the root password
Import VirtualBox harddisks
On your VirtualBox host create a clone of the VMs hard disk like that: vboxmanage clonehd in.vdi out.vmdk –format VMDK –variant Fixed,ESX
If your VirtualBox drive is allready a vmdk then in.vmdk
This creates two files. One with the actual data and the other holding a descriptor. If the virtual hard drive is not completely filled, zipping the image will dramatically reduce its size.
On your ESXi host create a new VM without hard drive. Use the advanced mode to do so.
Copy the hard drive image to your ESXi host by using scp (or similar). Place it (both files) into the directory of you newly created VM.
Edit the settings of your new VM and add that hard drive.
That’s all. Using this method your virtual hard drive should now be a SCSI hard drive as expected by ESXi even if it was a SATA drive in VirtualBox before.
From [1]
Import Windows 7 client from VirtualBox
Same as above, but change HD type from SCSI to SATA
Virtualdisk manager
This can be used to expand, shrink, repair, create, etc vmdk files
Download from vmware (vmware-vdiskmanager.exe is part of the The Virtual Disk Development Kit (VDDK)
Some examples of use can be found here
If the inventory tree views are no longer showing items and you can't click on the triangle any more, in 6.5 you can click on your username, go to settings and turn off show only recent objects
Hardware sensors
https://communities.vmware.com/thread/520839
vmkload_mod ipmi_si_drv
vmkload_mod ipmi_devintf
I then get from esxcfg-module -l|grep ipmi
ipmi_msghandler 2 40
ipmi_si_drv 0 48
ipmi_devintf 0 20
Then using the Web Client under Monitor->System sensors I get the sensor info displayed, i.e. CPU temp/Volts, etc.
I have made sure they are all enabled using :-
esxcli system module set -m ipmi_si_drv -e 1
esxcli system module set -m ipmi_devintf -e 1
esxcli system module set -m ipmi_msghandler -e 1
Then using 'esxcli system module list|grep ipmi' I get:-
ipmi true true
ipmi_msghandler true true
ipmi_si_drv true true
ipmi_devintf true true
I have obviously rebooted the host (many times!), but the modules are still not loaded at start-up.
Backup of esxi config
https://www.altaro.com/vmware/esxi-backup-command-line/
ESXi’s vim-cmd allows you to backup and restore the host’s configuration directly from shell. To do this, enable SSH on the host and use putty to log in as root. Once you’re in, run the following two commands in the given order. You are given a URL which you’ll use to download the TGZ bundle from the host using a standard browser. Note that you need the replace the * character in the URL with the IP address of the ESXi host. I am not quite sure why the IP address of the host is not included from the start.
vim-cmd hostsvc/firmware/sync_config vim-cmd hostsvc/firmware/backup_config
Using vim-cmd from the ESXi command line to backup the host's configuration
Just like the PowerCLI method, you must first put the host in maintenance mode before you’re able to restore from a configuration backup file. To do this, we’re still using vim-cmd. You also need to copy the backup file to a folder on the ESXi host using something like WinSCP. The host will then reboot to complete the restore process.
vim-cmd hostsvc/maintenance_mode_enter vim-cmd hostsvc/firmware/restore_config /tmp/configBundle-esx-pn1.vsphere65.local.tgz
https://graspingtech.com/backup-vmware-esxi-6-5-configuration/
Updates
Find the release notes here.
https://docs.vmware.com/en/VMware-vSphere/6.7/rn/vsphere-esxi-vcenter-server-67-release-notes.html
Also, update VCSA to the latest version before you update the hypervisor
Updating VCSA
https://www.settlersoman.com/how-to-update-or-patch-vcenter-6-appliance-vcsa/
make a snapshot of the VCSA from the ESXI host running the server.
Log In to the vCenter Server Appliance Management Interface (on port 5480) as root (or as administrator@ if root doesn't work and you need to change the root password)
If you get a root password expired thing during the pre-update checks, go to Access and turn ssh + bash on. Login with ssh as administrator@ or another local.domain user and then run
shell sudo passwd
change the password.
log in as root - NB perform the updates as root, not as administrator@!
Now the pre update checks should work.
go to the updates and apply them
After the updates have installed and VCSA is rebooted, check to see if it has started properly. It will take quite some time for the shell prompt to disappear and the VCSA frontend to appear - be patient! As in 10 minutes patient! However, if you have a login prompt, log in as root and then
shell service-control --start --all
and then log in at port 5480 again and see if there are more updates
Updating the Hypervisor / ESXI
Make sure you have updated VCSA first!
Using vCenter Update Manager (VUM)
https://www.altaro.com/vmware/how-to-patch-esxi-with-update-manager/
You need VCSA v 6.5+ for the VUM
Step 1 – Highlight the vCenter Server name in Navigator, select the Update Manager tab and click on the Go To Admin View button. Figure 2 - Changing to VUM's Admin view in vSphere Web client
Figure 2 – Changing to VUM’s Admin view in vSphere Web client
–
Step 2 – Once in Admin view, select the ESXi Images tab and click on Import ESXi Image. Doing so, loads another dialog box where you specify the ESXi image (ISO file) you want imported. Click on Browse and navigate to the folder where the image is stored. Select the ISO file and click OK. The file will upload as shown in Fig. 3. The upload progress bar, shows the remaining time and the speed at which the file is being uploaded. Figure 3 - Importing an ESXi ISO image to VUM
Figure 3 – Importing an ESXi ISO image to VUM
–
Step 3 – Once the ISO is uploaded, details about the ESXi image are displayed as per Figure 4. Figure 4 - Product and version details for the ESXi image just imported
Figure 4 – Product and version details for the ESXi image just imported
– Creating a baseline
Step 4 – Next, we create what’s called a Host Baseline. To do this, we simply right-click on the image just imported and select Create baseline as shown in Figure 5. Figure 5 - Creating an ESXi host baseline
Figure 5 – Creating an ESXi host baseline
–
Step 5 – Type in a name for the baseline and press OK. The baseline should now be listed under the Hosts Baselines under Custom as per Fig. 6. Figure 6 - The freshly created baseline as listed under the Hosts Baselines screen
Figure 6 – The freshly created baseline as listed under the Hosts Baselines screen
– Attaching a baseline
Step 6 – We’re almost there. The idea now is to attach the baseline to one or more hosts. We then run a compliance check to determine if the upgrade or update is actually required. To do this, one must change over to Compliance view. Just hit the Go to compliance view button at the top-right corner as shown in Fig. 7. Figure 7 - Changing over to Compliance view
Figure 7 – Changing over to Compliance view
The baseline can in fact be attached to a number of objects including a datacenter, cluster or an individual ESXi host. This is what allows you to patch multiple hosts. It is important to note though that you may inadvertently hit hosts not earmarked for updates so be careful when attaching baseline to higher level objects.
In the example that follows, I’ve attached the baseline to one of three ESXi hosts forming a cluster. Figure 8 - Attaching a baseline to a host
Figure 8 – Attaching a baseline to a host
–
Step 7 – Next, we carry out a scan on the host to verify that the update/upgrade is in fact required. From the same screen, click on Scan for Updates and select Upgrades on the dialog that pops up followed by OK. This will initiate a scan the results of which are displayed under the Compliance Status column after the scan completes. Figure 9 - Scanning a host for compliance
Figure 9 – Scanning a host for compliance
As expected, the host is found to be non-complaint, meaning that the 6.5.0d update is in fact applicable. Figure 10 - A non-compliant result indicates that the host is missing one or more updates
Figure 10 – A non-compliant result indicates that the host is missing one or more updates
How to remediate the host
In this case, remediating is the act of pushing a patch or update to an ESXi host. A host is remediated by clicking on the Remediate button. Alternatively, right-click on the ESXi hostname (or IP address) in Navigator and select Remediate from the Update Manager menu. Figure 11 - Remediating a host from the context menu
Figure 11 – Remediating a host from the context menu
Step 1 – The remediation process starts by selecting the baseline image you want applied. In this case, I’ve selected the one created for the 6.5.0d upgrade. Figure 12 - Remediation Step 1 - Select the baseline applied
Figure 12 – Remediation Step 1 – Select the baseline applied
Step 2 – Next, select the host you wish to remediate. In this case, only one host is listed which is the one highlighted in Navigator. If say, the baseline had been attached to a cluster, then you’d have all the hosts within that cluster listed as target objects. Figure 13 - Remediation Step 2 - Selecting the target to remediate
Figure 13 – Remediation Step 2 – Selecting the target to remediate
Step 3 – Accept the EULA by ticking the box at the bottom. Figure 14 - Remediation Step 3 - Accept the End User License Agreement
Figure 14 – Remediation Step 3 – Accept the End User License Agreement
Step 4 – The next screen, gives you the option to postpone remediation tasks to a later date and time. You can also set the task to ignore warnings in reference to unsupported devices and such. Figure 15 - Remediation Step 4 - Scheduling the remediation task (Optional)
Figure 15 – Remediation Step 4 – Scheduling the remediation task (Optional)
–
Step 5 – In all probability, the ESXi being remediated will be hosting VMs. This screen gives you control over what happens to the VMs currently powered on. You can choose to have them powered off, suspended or leave them in their current state. Like it or not, powered on VMs must be migrated or shut down for the remediation process to complete. Your options are to migrate VMs manually to some other host or simply power them off prior to remediating. Alternatively, set the VMs to power down by selecting the Power Off virtual machines option from the VM Power State drop-down box as shown in Fig. 16. You can also set the task to disconnect removable media from any hosted VMs as this may cause the remediation task to stall. Figure 16 - Remediation Step 5 - Configuring the host remediation options
Figure 16 – Remediation Step 5 – Configuring the host remediation options
–
Step 6 – If the host being remediated is a cluster member, you can control various aspects related to clustering as shown in Fig. 17. Further details on each setting are available here. Figure 17 - Remediation Step 6 - Configuring the cluster remediation options
Figure 17 – Remediation Step 6 – Configuring the cluster remediation options
Step 7 – The Pre-check Remediation tasks runs a series of checks and generates a report of what exactly is carried out on the host. Press Finish to initiate the remediation task. Figure 18 - Remediation Step 7 - Completing the remediation task
Figure 18 – Remediation Step 7 – Completing the remediation task
The remediation task’s progress is displayed in the Recent Tasks window in vSphere Web client. Figure 19 - A remediation task in progress
Figure 19 – A remediation task in progress
The host should enter maintenance mode and later disconnect while the update is being applied. It should then reboot and re-connect automatically, assuming the remediation processes succeeded in updating the host. Figure 20 - A host is disconnected while being updated as can be seen in vSphere client and DCUI
Figure 20 – A host is disconnected while being updated as can be seen in vSphere client and DCUI
Once remediation completes, you can easily verify that the host is running the latest version by inspecting the host details on the Summary screen. Fig. 21 compares the host’s summary pre and post remediation. Figure 21 - Comparing ESXi version details pre and post remediation
Figure 21 – Comparing ESXi version details pre and post remediation
This VMware KB article helps you correlate build and version numbers if needed. As per the partial table below, you can see that in our case, the ESXi host updated from 6.5 GA to 6.5.0d. Figure 22 - Correlating ESXi version and build numbers
Figure 22 – Correlating ESXi version and build numbers
Conclusion
Update Manager is a must have if you want to easily and effectively implement patch management for ESXi. Incidentally, Update Manager is one other reason why you’d want to move over to vCSA 6.5 since VUM is now embedded with this vCenter release.
Make sure you have the correct version iso of the ESXI patch / version you have installed.
Using the CLI
https://esxi-patches.v-front.de/ is where you can find the latest patches and instructions for updating using the CLI
https://tinkertry.com/easy-update-to-latest-esxi
esxcli network firewall ruleset set -e true -r httpClient esxcli software profile update -p ESXi-6.7.0-20190802001-standard -d https://hostupdate.vmware.com/software/VUM/PRODUCTION/main/vmw-depot-index.xml esxcli network firewall ruleset set -e false -r httpClient
don't forget to
tail -f /var/log/vpxa.log
To see if it's ready for a reboot. This process can take hours!
Useful to know
Restart the ESXi host daemon and vCenter Agent services using these commands:
/etc/init.d/hostd restart /etc/init.d/vpxa restart
To restart all management agents on the host, run the command:
services.sh restart &tail -f /var/log/jumpstart-stdout.log
from 6.5 to 6.7
https://tinkertry.com/easy-update-to-esxi-67
It comes down to this though:
- reboot before doing this - preferably power down
- upgrade VMSA (VmWare Server Appliance) if you have it
- dry run
esxcli software profile update -d https://hostupdate.vmware.com/software/VUM/PRODUCTION/main/vmw-depot-index.xml -p ESXi-6.7.0-8169922-standard --dry-run
- the real thing
esxcli software profile update -d https://hostupdate.vmware.com/software/VUM/PRODUCTION/main/vmw-depot-index.xml -p ESXi-6.7.0-8169922-standard
- reboot
Updating the web interface
https://www.ivobeerens.nl/2018/05/01/configure-vm-autostart-in-the-esxi-embedded-host-client/
Note: The web interface is properly called the ESXI Embedded host client. Web client etc is used for the server appliance vCenter. You can tell the difference between the server appliance vCenter web interface and the embedded host client interface because the server appiance one has a black background and the embedded one has a blue background / border. vCenter is not free.
You can tell which version you have by looking at Help (top bar) -> about. It should show you the client and build version
The upgrade of the Host client is easy, no maintenance mode and reboot of the ESXi host is needed. The upgrade can be done by following these steps:
- Download the latest VIB https://labs.vmware.com/flings/esxi-embedded-host-client
- Upload the VIB on a datastore on your ESXi host
- SSH to the ESXi host
- Enter the following command to update the host client
esxcli software vib update -v /vmfs/volumes/datastore/vibname.vib
NOTE the path - it won't work if you cd to /vmfs/volumes/etc and then try to run ./vibname.vib
Also, presumably when you update the hypervisor you will probably also need to re-update the embedded host client.
Vmware Vcenter Server Appliance (VCSA)
When installing, make sure your SSO domain is different from your internal domain name, so use something like yourdomain.local. Most examples online use vshpere.local
Single Sign On (SSO)
change SSO password policy to never expires
Navigate to the Configuration UI.
From the Home menu, select Administration. Under Single Sign On, click Configuration.
Click Policies, select Password Policy, and click Edit.
Set maximum lifetime to 0
reset the SSO password
Log in to vCenter Server Appliance using SSH as the root user.
enter the shell
Run
/usr/lib/vmware-vmdir/bin/vdcadmintool
Press 3 to enter the Reset Account Password option.
a) It will prompt for an “Account UPN”
b) Enter administrator@vsphere.local
c) A new temporary password is generatedss4
You can use this temporary password to login to vCenter server and change the SSO password after login to vCenter server.
After login, Click on Administration>Single Sign On > Users
a) Right click on Administrator and select Modify
b) Change the password
We have successfully reset the vCenter SSO password.
SSO information
To find out your SSO domain, you can ssh in, log in, then:
shell
gets you into bash
cat /etc/vmware/install-defaults/vmdir.domain-name
or
/usr/lib/vmware-vmafd/bin/vmafd-cli get-domain-name --server-name localhost
To get the site name
/usr/lib/vmware-vmafd/bin/vmafd-cli get-site-name --server-name localhost
To find out which AD account is used to connect to Active Directory
cat /etc/vmware/install-defaults/ad.domain.username
SSO can also fail if time is out of sync with the domain controller.
To check
log file location
/storage/log/vmware/sso/vmware-sts-idmd.log
/storage/log/vmware/sso/websso.log
or /var/log/vmware/sso
other bits
resetting root password (for SSH access)
Below is for if you can't access the vCenter Server Appliance at port 5480
To reset the lost forgotten root password in vCenter Server Appliance 6.5: Take a snapshot or backup of the vCenter Server Appliance 6.5 before proceeding. Do not skip this step. Reboot the vCenter Server Appliance 6.5. After the OS starts, press e key to enter the GNU GRUB Edit Menu. Locate the line that begins with the word Linux. Append these entries to the end of the line: rw init=/bin/bash Press F10 to continue booting. Run the mount -o remount,rw / command. In the Command prompt, enter the command passwd and provide a new root password (twice for confirmation): passwd Unmount the filesystem by running this command: umount / Reboot the vCenter Server Appliance 6.5 by running this command: reboot -f Confirm that you can access the vCenter Server Appliance 6.5 using the new root password. Remove the snapshot taken in Step 1 if applicable.
Once you have done that, log in the the VCSA at port 5480 as root and go to Administration to make sure the password doesn't expire again - or that it sends an email when it does expire.
join or leave AD
Join or Leave an Active Directory Domain
If you do this, then make sure that the hostname of the esxi machine is resolvable. You can do this in vsphere by clicking on the machine, tab configure, under networking TCP/IP configuration, then select the Default system stack line. You can see the hostname, domain name and DNS servers. You can edit these using the edit button above the lines, below the TCP/IP Configuration title.
On the esxi host website, you can select Default TCP/IP stack under Networking and click 'edit settings' above the icon / Default TCP/IP Stack icon
Otherwise you may run into ESX/ESXi hosts fail to scan in vCenter Update Manager 4.1.x, 5.x, and 6.0 (2007398)
Check and restart VCSA services
To List all the Services in vCSA appliance
service-control --list-services
To check a status of all services you can enter the following command:
service-control --status
List services and their status
If you see a service which has stopped and you’ll need to restart it, then simply go and enter this command: (example of vpxd service)
service-control --start vpxd
to stop is also simple
service-control --stop vpxd
You can also do stop all services, and then start them all. They’ll stop and start by keeping their dependency. This allows to completely restart all vCenter services without restarting the whole appliance.
Type this:
service-control --stop --all
and then this:
service-control --start –all
The start of all services takes time because they have to initialize and also the dependencies one with another is assured automatically, so be patient. In my own testing, it took me about 5 min until all services have restarted completely.
some tips and tricks NOTE - he is talking about using the web client, ie the flash client in the GUI section
Setting a timezone
If you can't click on the Time part of the VM Appliance manamement
https://communities.vmware.com/thread/570302
SSH console to the VCenter Server cd /opt/vmware/share/vami ./vami_set_timezone_cmd Europe/Amsterdam
Different clients
Starting with VMware vSphere 6.5 there are mainly two different “Web Client”:
the vSphere Web Client (based on Flash and introduced in vSphere 5.0) (blue background top) the new HTML5-based vSphere Client (with the same name of the legacy Windows client, for this reason, we simply call it HTML5 vSphere Client) (black background top)
But there are also other web clients, for most specific use cases:
the Appliance Manager UI (VAMI): used to manage the configuration of the virtual appliance, in case you are using the vCenter Server Appliance (vCSA) for the vCenter Server and/or the Platform Service Controller (PSC) the PSC UI: specific for the management of the PSC components, especially the certificate management and SSO management. This interface is available only on embedded or external PSC nodes. the Host Client: an HTML5 web client for the host management, if you don’t have the vCenter Server running or if you have standalone hosts
Web Client URL Scope
vSphere Web Client https://vCenter_FQDN/vsphere-client Entire infrastructure
vSphere Client https://vCenter_FQDN/ui Entire infrastructure
VAMI https://vCSA_FQDN:5480 vCSA configuration (NOTE, for me this is https://VCSA_IP:5840)
PSC UI https://PSC_FQDN/psc PSC configuration
Host Client https://ESXi_FQDN/ui Single host management
From Is the html5 vsphere client finally mature?