Unable to connect to Inventory Service
Comments
-
jibbajabba Member Posts: 4,317 ■■■■■■■■□□Instead of reinstalling I would maybe just try to add a temporary second vCenter in both locations and check the authentication issues. That should rule out location based issues (or confirm them)My own knowledge base made public: http://open902.com
-
Johnjones Member Posts: 105 ■■□□□□□□□□Network Engineers have confirmed there are no blocks in place on the site-site VPN. I'm debating spinning up another vCenter locally (South) and linking it to North vCenter and see what happens.
Again, the issue I'm having now is everything works fine on the "North" vCenter I can manually enter credentials at logon and I'm in. However, on "South" it will NOT allow me in UNLESS I click the "Use Windows Session Credentials" on the vSphere client. I can't get into the webclient at all unless I use the administrator@vsphere.local account and then I receive the "Unable to connect to South's inventory service". -
Deathmage Banned Posts: 2,496Network Engineers have confirmed there are no blocks in place on the site-site VPN. I'm debating spinning up another vCenter locally (South) and linking it to North vCenter and see what happens.
Again, the issue I'm having now is everything works fine on the "North" vCenter I can manually enter credentials at logon and I'm in. However, on "South" it will NOT allow me in UNLESS I click the "Use Windows Session Credentials" on the vSphere client. I can't get into the webclient at all unless I use the administrator@vsphere.local account and then I receive the "Unable to connect to South's inventory service".
it's sounding more and more like a SSO issue from the webclient and it's not tied into AD thru LDAP. You can only setup LDAP connectivity from SSO thru the vsphere.local account initially.
Also see if you can apply your login setting on the inventory service in servcies.msc as the "log On" tab and see if it allows you to use your settings. If you can and it starts up fine see if that makes a dent in the issue. On the same topic, the inventory service could be stopped or not running at all.
It could also be a permissions issue to that you don't have domain/enterprise admin rights to administer devices on the 'south' network.
also find out the NetBIOS name of your domain and see if you use them to login at the 'south' location so say you NetBIOS name is domain; login with 'domain\[your username]' and enter your password. This falls back onto the topic above if both of the sites are tied into the same AD forest or if there not if that have a trust relationship between both locations that allow for permissions to be shared between sites. -
Johnjones Member Posts: 105 ■■□□□□□□□□VMware technical support is sad. I was sitting at my desk all day waiting for a phone call and they decide to call when I get up to use the restroom. I call back 5 minutes later and the engineer is unavailable.
Anyway still no solution. One difference between the servers is that "North" doesn't have NIC teaming configured. However, "South" does. I found a KB regarding this potentially causing an issue. I did the recommended fix, but that didn't solve anything. At this point, I'm about to give up. -
Deathmage Banned Posts: 2,496VMware technical support is sad. I was sitting at my desk all day waiting for a phone call and they decide to call when I get up to use the restroom. I call back 5 minutes later and the engineer is unavailable.
Anyway still no solution. One difference between the servers is that "North" doesn't have NIC teaming configured. However, "South" does. I found a KB regarding this potentially causing an issue. I did the recommended fix, but that didn't solve anything. At this point, I'm about to give up.
As long as IP hash is used it shouldn't cause a problem to be bonded. -
jibbajabba Member Posts: 4,317 ■■■■■■■■□□As long as IP hash is used it shouldn't cause a problem to be bonded.
Careful with that advise. IP Hash only if the uplinks are configured as Port-/Etherchannels, otherwise you kick yourself out in no time.My own knowledge base made public: http://open902.com -
Essendon Member Posts: 4,546 ■■■■■■■■■■Yeah, gotta be careful with IP hash, isnt true LB either. Use "physical NIC load" policy instead.
-
Johnjones Member Posts: 105 ■■□□□□□□□□Update: I reinstalled "South" last night and it works perfectly. I deployed SSO as Multi-Site. However, I am now having issues with North. It's now giving me the same error "Unable to connect to North inventory service". Anybody have any idea what is going on?
-
Deathmage Banned Posts: 2,496jibbajabba wrote: »Careful with that advise. IP Hash only if the uplinks are configured as Port-/Etherchannels, otherwise you kick yourself out in no time.
I sometimes forget being a networking guy about stating the obvious about presuming that the etherchannel is being used. -
Deathmage Banned Posts: 2,496Can you ping the south server from the north and the north from the south?
it feels more and more like each sites doesn't 'trust' the other, and that can be a half dozen settings in different places.