Manually Remove vCenter Server from SSO

Slide1

I was playing around in our test lab with Linked Mode vCenter Servers last week and ran across an error in the vSphere Web Client after I removed the second vCenter Server. The specific error I got was: Could not connect to one or more vCenter Server Systems: vcenter address:443/sdk

My first guess was that the uninstallation was successful but that SSO had held onto some remnants of the second vCenter so it needed to be manually unregistered with the Lookup Service. Here is what I did to get everything fixed.

Credit Due: Mark Almeida-Cardy at vi-admin.net has a great article about how to resolve this with vCenter 5.1 so I will use his post with updates for vCenter 5.5

VMware has a KB Article 2033238 that lays out the steps for vCenter 5.1 as well.

For Windows: <SSO install directory>\ssolscli\ssolscli listServices <Lookup Service URL>

For vCenter Server Appliance: /usr/lib/vmware-sso/bin/vi_regtool listServices <Lookup Service URL>

  1. In the list of services, locate the service entry that contains the address of the system where the solution was installed.
  2. Record the ownerId of the service entry.
  3. In the vSphere Web Client, navigate to Administration > SSO Users and Groups > Application Users and locate the application user with the same name as the ownerId you recorded.
  4. Right-click the user and select Delete Application User.
  5. At the command line, remove the service entry from the Lookup Service.
    1. Create a text file that contains the service ID.
      The service ID must be the only text in the file.
  6. Unregister the entry for the solution by running the unregisterService command.Note: It be necessary to Set your JAVA_HOME environmental variable (default jre location below).
    set JAVA_HOME=c:\program files\vmware\infrastructure\jre

For Windows: <SSO install directory>\ssolscli\ssolscli unregisterService -d <Lookup Service URL> -u “Lookup Service administrator user” -p “administrator password” -si <serviceId file>

For vCenter Server Appliance: </usr/lib/vmware-sso/bin/vi_regtool unregisterService -d <Lookup Service URL> -u “Lookup Service administrator user” -p “administrator password” -si <serviceId file>

Script I Used: ssolscli.cmd listServices https://VCENTER FQDN:7444/lookupservice/sdk > C:\sso_services.txt

Output txt file looked like this: 

Intializing registration provider…
Getting SSL certificates for https://VCENTER FQDN:7444/lookupservice/sdk
Anonymous execution
Found 15 services.

Service 1
———–
serviceId=Default-First-Site:9a003c74-4229-4d60-b89d-a0814ea00060
serviceName=VMware vCenter Support Assistant, WebClientPluginPackage
type=vsphere-client-serenity
endpoints={[url=https://IP ADDRESS:8443/plugin/package/ph-admin-ui.zip,protocol=http]}
version=1.0.0.1398556
description=
ownerId=support-assistant-localhost.localdom-21cb77ad-266c-4f84-9262-a1c0ddf1726c@vsphere.local
productId=com.vmware.phonehome
viSite=Default-First-Site

etc…..

Next let’s identify the services that we need to unregistered and copy/past the serviceId’s into another txt file (remember the name and location of this file)

Now we can run our unregistered script, mine looked like this: ssolscli unregisterService -d https://VCENTER FQDN:7444/lookupservice/sdk -u “LOOKUP SERVICE USERNAME” -p “PASSWORD” -si <FILE LOCATION>

Here is the result that I got:

C:\Program Files\VMware\Infrastructure\VMware\CIS\vmware-sso>ssolscli unregister
Service -d https://VCENTER FQDN:7444/lookupservice/sdk -u “LOOKUP SERVICE USERNAME” -p “PASSWORD” -si C:\sso_services.txt
Intializing registration provider…
Getting SSL certificates for https://VCENTER FQDN:7444/lookupservice/sdk
Service with id “Default-First-Site:cdda2053-438a-439d-95aa-b47081f94e42” is successfully unregistered
Service with id “Default-First-Site:31d628f8-60e7-4955-a9aa-fd3e3a24bb31” is successfully unregistered
Service with id “Default-First-Site:6e21c57b-da61-460b-b6b2-ef82a3647dad” is successfully unregistered
Return code is: Success 0

Second instance of vCenter has been remove and no error on start up of vSphere Web Client….Happy Admin!

 

Advertisements

One thought on “Manually Remove vCenter Server from SSO

  1. Pingback: PRJ702 Week-5

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s