Constey's Blog

Beim Installieren eines neuen View Composers bin ich auf den folgenden Fehler gestoßen. Ich dachte zuerst an ein Zertifikatsproblem, da in den Logs zuvor SSL sehr oft erwähnt wurde. Bei genauerem hinsehen fällt aber ein „Access Denied“ auf, welches mich dann auf den richtigen Weg brachte.
Hat der Benutzer, welcher für die vCenter Anbindung verwendet wird, die passenden „lokalen“ Rechte auf dem Server ?
In meinem Setup habe ich den View Composer auf dem vCenter Server installiert und verwende Domänen-Benutzer. Ich hatten dem Benutzer volle Administrationsrechte im vCenter gegeben, jedoch keine lokalen Rechte (in Windows).

Lösung:

Also dem Benutzer der auch für den vCenter Zugriff verwendet wird lokale Administrationsrechte gegeben.
Anschließend den View Composer Dienst neustarten und über den View Administrator erneut probieren.
[EXPAND VDM DebugLog]
2016-07-12T15:52:34.598+02:00 DEBUG (0B40-0FA4) <Thread-43> [TrackerObject] Sync complete: DomainHealth:SERVERNAME|DOMAIN to version: 11
2016-07-12T15:52:34.600+02:00 DEBUG (0B40-0FA4) <Thread-43> [TrackerManager] Sending message: (TrackerMessage SYNC {}: {nn=SERVERNAME, u=[{„type“:“SET“,“item“:{„name“:“ATTR_DOMAIN_NAME“,“type“:“STRING“,“stringValue“:“DOMAIN“}},{„type“:“SET“,“item“:{„name“:“ATTR_DOMAIN_DNS“,“type“:“STRING“,…
2016-07-12T15:52:34.794+02:00 DEBUG (0B40-0E4C) <Thread-51> [TrackerObject] Sync complete: certificatessohealth:SERVERNAME to version: 11
2016-07-12T15:52:34.795+02:00 DEBUG (0B40-0E4C) <Thread-51> [TrackerManager] Sending message: (TrackerMessage SYNC {}: {nn=SERVERNAME, u=[{„type“:“SET“,“item“:{„name“:“name“,“type“:“STRING“,“stringValue“:“SERVERNAME“}},{„type“:“SET“,“item“:{„name“:“enrollserverconnection“,“type“:“NVPLIST“,“nvpList…
2016-07-12T15:52:34.795+02:00 DEBUG (0B40-0ED4) <EnhancedSecurityManager$EnhancedSecurityTask-1468330894772> [EnhancedSecurityManager$EnhancedSecurityTask] Current mode: ENHANCED current level: ENHANCED
2016-07-12T15:52:45.905+02:00 DEBUG (0B40-128C) <ajp-nio-8009-exec-4> [CertMatchingTrustManager] Created new CertMatchingTrustManager com.vmware.vdi.ssl.CertMatchingTrustManager@23e07a96 with ThumbprintManager com.vmware.vdi.desktopcontroller.LdapThumbprintManager@4320146b
2016-07-12T15:52:45.906+02:00 DEBUG (0B40-128C) <ajp-nio-8009-exec-4> [HardenedSSLSocketFactory] Creating new HardenedSSLSocketFactory, caller=com.vmware.vdi.ssl.HardenedSSLSocketFactory.<init>(SourceFile:67)
2016-07-12T15:52:45.907+02:00 DEBUG (0B40-128C) <ajp-nio-8009-exec-4> [HardenedSSLSocketFactory] SSL provider: SunJSSE version 1.8
2016-07-12T15:52:45.907+02:00 DEBUG (0B40-128C) <ajp-nio-8009-exec-4> [HardenedSSLSocketFactory] SSL protocol: TLSv1.2
2016-07-12T15:52:45.908+02:00 DEBUG (0B40-128C) <ajp-nio-8009-exec-4> [HardenedSSLSocketFactory] SSL secure protocols (2): [TLSv1.2, TLSv1.1]
2016-07-12T15:52:45.908+02:00 DEBUG (0B40-128C) <ajp-nio-8009-exec-4> [HardenedSSLSocketFactory] SSL cipher suites (6): [TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA]
2016-07-12T15:52:45.953+02:00 DEBUG (0B40-0938) <MessageFrameWorkDispatch> [MessageFrameWork] ValidateCertificateChain ok=1, msecs=0
2016-07-12T15:52:46.046+02:00 DEBUG (0B40-0938) <MessageFrameWorkDispatch> [MessageFrameWork] ValidateCertificateChain ok=1, msecs=0
2016-07-12T15:52:46.806+02:00 DEBUG (0B40-0938) <MessageFrameWorkDispatch> [MessageFrameWork] ValidateCertificateChain ok=1, msecs=0
2016-07-12T15:52:46.834+02:00 DEBUG (0B40-128C) <ajp-nio-8009-exec-4> [ViewFlexFactory] com.vmware.vdi.admin.ui.bean.VCServerBean.validateCertificate 37242 ms
2016-07-12T15:52:46.852+02:00 DEBUG (0D30-1344) <AJP-42> [SimpleAJPService] (ajp:admin:Request16) Response 200 OK
2016-07-12T15:52:53.873+02:00 DEBUG (0D30-1068) <Thread-27> [SimpleAJPService] (ajp:admin:Request17) Request from /10.0.101.55: POST /admin/amfproxy/amfsecure
2016-07-12T15:52:53.875+02:00 DEBUG (0D30-1068) <Thread-27> [SimpleAJPService] (ajp:admin:Request17) Gateway headers sent to the broker:
2016-07-12T15:52:53.875+02:00 DEBUG (0D30-1068) <Thread-27> [SimpleAJPService] (ajp:admin:Request17) gateway-type = [SG-cohosted]
2016-07-12T15:52:53.876+02:00 DEBUG (0D30-1068) <Thread-27> [SimpleAJPService] (ajp:admin:Request17) gateway-location = [Internal]
2016-07-12T15:52:54.585+02:00 DEBUG (0B40-0FB4) <CBHealthUpdate> [TrackerObject] Sync complete: BrokerHealth:SERVERNAME to version: 17
2016-07-12T15:52:54.587+02:00 DEBUG (0B40-0FB4) <CBHealthUpdate> [TrackerManager] Sending message: (TrackerMessage SYNC {}: {nn=SERVERNAME, u=[{„type“:“SET“,“item“:{„name“:“HEALTH_LAST_UPDATE_TIME“,“type“:“LONG“,“longValue“:1468331574585}},{„type“:“SET“,“item“:{„name“:“ATTR_BROKER_VERSION“,“type“:“ST…
2016-07-12T15:52:54.603+02:00 DEBUG (0B40-0938) <MessageFrameWorkDispatch> [MessageFrameWork] ValidateCertificateChain ok=1, msecs=0
2016-07-12T15:52:55.079+02:00 ERROR (0B40-1284) <ajp-nio-8009-exec-2> [VCServerBean] Internal View Composer error. Contact your administrator.
2016-07-12T15:52:55.083+02:00 DEBUG (0B40-1284) <ajp-nio-8009-exec-2> [ViewFlexFactory] Internal View Composer error. Contact your administrator. com.vmware.vdi.admin.ui.common.ViewFlexFactory$ViewProxy.invoke(SourceFile:125)
com.vmware.vdi.admin.ui.common.FlexRemoteException: Internal View Composer error. Contact your administrator.
at com.vmware.vdi.admin.ui.common.FlexFaultHandler.systemError(SourceFile:70)
at com.vmware.vdi.admin.ui.bean.VCServerBean.validateViewComposerCertificate(SourceFile:1758)
at com.vmware.vdi.admin.ui.bean.VCServerBean.validateViewComposerCertificate(SourceFile:1710)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at com.vmware.vdi.admin.ui.common.ViewFlexFactory$ViewProxy.invoke(SourceFile:113)
at com.sun.proxy.$Proxy60.validateViewComposerCertificate(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at flex.messaging.services.remoting.adapters.JavaAdapter.invoke(JavaAdapter.java:386)
at flex.messaging.services.RemotingService.serviceMessage(RemotingService.java:178)
at flex.messaging.MessageBroker.routeMessageToService(MessageBroker.java:1468)
at flex.messaging.endpoints.AbstractEndpoint.serviceMessage(AbstractEndpoint.java:1044)
at flex.messaging.endpoints.amf.MessageBrokerFilter.invoke(MessageBrokerFilter.java:101)
at flex.messaging.endpoints.amf.LegacyFilter.invoke(LegacyFilter.java:154)
at flex.messaging.endpoints.amf.SessionFilter.invoke(SessionFilter.java:42)
at flex.messaging.endpoints.amf.BatchProcessFilter.invoke(BatchProcessFilter.java:63)
at flex.messaging.endpoints.amf.SerializationFilter.invoke(SerializationFilter.java:190)
at flex.messaging.endpoints.BaseHTTPEndpoint.service(BaseHTTPEndpoint.java:328)
at flex.messaging.MessageBrokerServlet.service(MessageBrokerServlet.java:373)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:292)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:720)
at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:466)
at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:391)
at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:318)
at com.vmware.vdi.admin.ui.servlet.AMFProxyServlet.a(SourceFile:90)
at com.vmware.vdi.admin.ui.servlet.AMFProxyServlet.doPost(SourceFile:57)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:648)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:292)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
at org.apache.catalina.filters.FailedRequestFilter.doFilter(FailedRequestFilter.java:97)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
at com.vmware.vdi.support.ViewAdminFilter.doFilter(SourceFile:103)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
at com.vmware.vdi.admin.be.filters.CertificateAuthFilter.doFilter(SourceFile:140)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
at com.vmware.vdi.admin.be.filters.DisableUrlSessionFilter.doFilter(SourceFile:73)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:522)
at org.apache.coyote.ajp.AbstractAjpProcessor.process(AbstractAjpProcessor.java:868)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:672)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1502)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1458)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)
Caused by: Access is denied.
at org.apache.axis.message.SOAPFaultBuilder.createFault(SOAPFaultBuilder.java:222)
at org.apache.axis.message.SOAPFaultBuilder.endElement(SOAPFaultBuilder.java:129)
at org.apache.axis.encoding.DeserializationContext.endElement(DeserializationContext.java:1087)
at org.apache.xerces.parsers.AbstractSAXParser.endElement(Unknown Source)
at org.apache.xerces.impl.XMLNSDocumentScannerImpl.scanEndElement(Unknown Source)
at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl$FragmentContentDispatcher.dispatch(Unknown Source)
at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanDocument(Unknown Source)
at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
at org.apache.xerces.parsers.XMLParser.parse(Unknown Source)
at org.apache.xerces.parsers.AbstractSAXParser.parse(Unknown Source)
at org.apache.xerces.jaxp.SAXParserImpl$JAXPSAXParser.parse(Unknown Source)
at org.apache.xerces.jaxp.SAXParserImpl.parse(Unknown Source)
at org.apache.axis.encoding.DeserializationContext.parse(DeserializationContext.java:227)
at org.apache.axis.SOAPPart.getAsSOAPEnvelope(SOAPPart.java:696)
at org.apache.axis.Message.getSOAPEnvelope(Message.java:435)
at org.apache.axis.handlers.soap.MustUnderstandChecker.invoke(MustUnderstandChecker.java:62)
at org.apache.axis.client.AxisClient.invoke(AxisClient.java:206)
at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
at org.apache.axis.client.Call.invoke(Call.java:2767)
at org.apache.axis.client.Call.invoke(Call.java:2443)
at org.apache.axis.client.Call.invoke(Call.java:2366)
at org.apache.axis.client.Call.invoke(Call.java:1812)
at com.vmware.SviService.Admin.v3_5.Binding.SslBasicAuthEndpointStub.getVersion(SslBasicAuthEndpointStub.java:2015)
at com.vmware.vdi.svisupport.SVIConnection.testConnection(SourceFile:147)
at com.vmware.vdi.admin.be.VCManager.validateSVICert(SourceFile:1235)
at com.vmware.vdi.admin.ui.bean.VCServerBean.validateViewComposerCertificate(SourceFile:1740)
… 61 more
2016-07-12T15:52:55.083+02:00 DEBUG (0B40-1284) <ajp-nio-8009-exec-2> [ViewFlexFactory] com.vmware.vdi.admin.ui.bean.VCServerBean.validateViewComposerCertificate 1201 ms
2016-07-12T15:52:55.153+02:00 DEBUG (0D30-1300) <AJP-25> [SimpleAJPService] (ajp:admin:Request17) Response 200 OK
2016-07-12T15:53:30.182+02:00 DEBUG (0D30-0E80) <MsgWorker#5> [bm] Item on queue „Inbound JMS Worker“ for 55 us, queue length = 0, available workers = 9 of 10
2016-07-12T15:53:30.182+02:00 DEBUG (0D30-0E80) <MsgWorker#5> [r] (-) RequestGetStatus: serverType = ice, server = null, localHostname = SERVERNAME
2016-07-12T15:53:30.183+02:00 DEBUG (0D30-0E80) <MsgWorker#5> [cc] (-) Queuing request ABSGC29-b
2016-07-12T15:53:30.183+02:00 DEBUG (0D30-1008) <ABSGC29> [cc] Handling request ABSGC29-b, on queue for 33uS
2016-07-12T15:53:30.186+02:00 DEBUG (0D30-1008) <ABSGC29> [cc] Queuing receipt ABSGC-11
2016-07-12T15:53:30.186+02:00 DEBUG (0D30-1180) <ABSGC29:C> [cm] Handling message ABSGC-11, on queue for 28uS
2016-07-12T15:53:30.186+02:00 DEBUG (0D30-0E80) <MsgWorker#5> [cs] (-) Queuing request PSGC28-10
2016-07-12T15:53:30.186+02:00 DEBUG (0D30-100C) <PSGC28> [cs] Handling request PSGC28-10, on queue for 26uS
2016-07-12T15:53:30.186+02:00 DEBUG (0D30-100C) <PSGC28> [cs] Sending GETCOUNTERS request PSGC28-10
[/EXPAND]