jump to navigation

VMware vMA authentication methods November 28, 2012

Posted by vbry21 in VCAP5-DCA, VMware Training.
Tags: , ,
add a comment

As part of the preparation for the VCAP5-DCA exam and also as part of teaching the VMware vSphere Optimize and Scale course I’ve been looking at managing an ESXi host and vCenter through VMware’s vMA (vSphere Management Assistant).

The command structure can become quite tedious.

For example to list network cards without using an authentication method would be as follows.

vicfg-nics –server esxi01a.qavdc.com –username root –password P@ssw0rd -l

However the VMA does support vMA Authentication.

The vMA authentication interface enables users and applications to authenticate with the target servers by using vi-fastpass or Active Directory (AD). While adding a server as a target, the administrator can determine whether the target must use vi-fastpass or AD authentication. For vi- fastpass authentication, the credentials that a user has on the vCenter Server system or ESXi host are stored in a local credential store. For AD authentication, the user is authenticated with an AD server.

When you add an ESXi host as a fastpass target server, vi-fastpass creates two users with obfuscated passwords on the target server and stores the password information on vMA:

vi-admin with administrator privileges

vi-user with read-only privileges

The creation of vi-admin and vi-user does not apply for AD authentication targets. When you add a system as an AD target, vMA does not store information about the credentials. To use the AD authentication, the administrator must configure vMA for AD.

Configure vMA for Active Directory authentication so that ESXi hosts and vCenter Server systems added to Active Directory can be added to vMA. Joining the vMA to Active Directory prevents you from having to store the passwords in the vMA credential store. This approach is a more secure way of adding targets to vMA.

Ensure that the DNS server configured for vMA is the same as the DNS server of the domain. You can change the DNS server by using the vMA Console to the Web UI.

Ensure that the domain is accessible from vMA. Ensure that you can ping the ESXi and vCenter Server systems that you want to add to vMA. Ensure also that pinging resolves the IP address to the target servers domain.

To add vMA to a domain:

From the vMA console, run the following command:

sudo domainjoin-cli join <domain_name> <domain_admin_user>

When prompted, provide the Active Directory administrator’s password.

Restart vMA.

For further information read, VMware’s vMA product documentation.

Enabling the vMA root user account November 20, 2012

Posted by vbry21 in VCAP5-DCA.
add a comment

I was asked a question recently relating to the root account in the VMware vSphere Management Assistant Virtual Appliance. The question was why can’t I login as root?

By default the root user account is disabled, but what you may want to do for troubleshooting purposes is to enable the root account (I would only do this in conjunction with VMware Global Support Services).

To enable the root account in vMA:

  1. Log in to vMA as the vi-admin user.
  2. Run this command to open the passwd file:

    sudo vi /etc/passwd

  3. Locate the line that appears similar to:


  4. Modify the line it to:


  5. Log out from vMA and log in again as the vi-admin user.
  6. Run this command and enter the new root password:

    sudo passwd root

  7. You should now be able to log in to vMA using the root account.


VCAP5-DCA revision begins in earnest November 12, 2012

Posted by vbry21 in VCAP5-DCA, VMware blogs, VMware Training.
add a comment

One of the things I’m doing in a few weeks is my VCAP5-DCA exam, yes I’m a VCAP4-DCA, I would have sat it earlier, but unfortunately the nearest testing centre is in Leeds and I live in Newcastle upon Tyne, so I have to fit in the exam when I’m not teaching and when the testing centre is available.

So I’m doing a little bit revision.

I hate command line (I’m sure I’ve mentioned it before). But I do learn and use what I need to know for my job.

The exam blue print states I need to learn command line again as I’d learnt it and forgot it after my last VCAP exam.

I found this fantastic document that can also be printed as a poster, thank you VMware, you’ve just made my revision easier, hooray, and it’s now sitting as a PDF on my iPad in my Good reader app.


RESXTOP May 27, 2012

Posted by vbry21 in RESXTOP.
Tags: ,
add a comment

Managing real-time performance using RESXTOP

I was sitting on the Train The Trainer (TTT) for the new Optimize and Scale course last week and we were looking at performance monitoring tools, in the Install, Configure and Manage Course we look at the performance charts that are built into the vSphere Client.

On the Optimize and Scale course we look at the vMA (vSphere Management Assistant), and for performance we examine results from the RESXTOP utility.

What this utility allows is command-line real-time monitoring and collection of data for the main system resources, these being, CPU, Memory, Networking and Storage.

The beauty of this utility would be for example, to allow us to identify say CPU issues on the host and then via various options identify the problem Virtual Machine.

We can use RESXTOP in one of three modes.

Interactive Mode: All statistics are displayed as they are collected, showing how the system is used in real-time.

Batch Mode: The statistics are collected and output to a saved file for later analysis.

Replay Mode: The data that was collected by the vm-support command is then interpreted and played back as RESXTOP statistics.

In later articles we’ll look at the four main resources and the data we can view and collect.

vSphere PowerCLI reference poster May 25, 2012

Posted by vbry21 in VMware blogs, VMware Training.
Tags: ,
add a comment

Yesterday I stuck a link for the vSphere 5.0 CLI reference poster onto the blog site, today as I’m still sitting on the optimise and scale course, I thought I’d be lazy and just give another link to another useful document that will come in very handy for anyone wanting to sit the vCAP-DCA 5, as according to the blue print for the exam there WILL BE POWERSHELL QUESTIONS.


I’ll be driving back to Newcastle upon Tyne today, so to quote Homer “Woo Hoo”, Homer Simpson not the Greek dude.


vSphere 5.0 CLI reference poster May 24, 2012

Posted by vbry21 in VMware Training.
Tags: ,
add a comment

VMware vSphere 5 Command line

We were sitting on the new Train The Trainer Optimise and Scale course for vSphere 5 and the course is quite heavy on command line, which is useful for scripting and automation and also for the new vCAP-DCA exam, the conversation got round to wouldn’t it be nice if we included a reference card in the back of the books, one of our fellow VCI’s held up a poster called the vSphere 5.0 Reference poster, we had a look on the internet and found the poster in PDF format.

We all agreed this may be quite a good resource for the vCAP-DCA 5 exam.

Follow the link to get the poster.



VMware Certified Advanced Professional Data Center Administrator v5 or vCAP-DCA 5 May 20, 2012

Posted by vbry21 in VMware Training.
Tags: ,
add a comment

The VMware Certified Advanced Professional – Data Center Administrator V5 (VCAP-DCA), it’s coming and so are the courses.

Today I’m heading off on a 300 mile-ish (new word I’ve just made up, it means about 300 miles or so) drive to Wokingham, “why” you may ask? “To sit on the train the trainer course for the new vSphere 5 Optimize and Scale course!”

This new course which is available as general release on 31st July 2012 is one of the recommended courses, along with the Fast Track or ICM course for the vCAP-DCA 5 certification.

So I’ll sit on the course and learn lots and lots of new stuff, which I’ll then hopefully pass onto lots of people sitting on my courses.

The link below will take you to the site with a datasheet listing all of the wonderful things covered on the course.


Now all I’ve got to do is pass the exam J