From the Trenches

Inconsistencies between the IDP hostname and the vRA hostname producing behavior and authentication issues in vRealize Automation 7.x

Questions:

  • Have you been getting certificate trust issues when logging into vRealize Automation 7.x only to find that the certificate is trusted once you are logged in?
  • Have you ever noticed that your login page for vRA 7.x uses a different host name in the URL than the application?
  • Have you been having difficulty logging into the embedded vRealize Orchestrator instance?
  • Have you been trying to use vRealize CodeStream only to find unusual authentication issues?

It could be that you have a simple misconfiguration in your deployment that can be easily corrected. That is the subject of this blog post.

For many deployments, a fully qualified domain name (FQDN) will be selected to access your vRealize Automation (vRA) 7.x application that is different than the actual host name of the box. This alias could be created for a simple installation to make it easier for users to recall the URL or it could be used to access the VIP provided by a load balancer in a more distributed installation.

Depending upon the steps taken during the deployment (e.g., changing the vRA FQDN after the installation), the hostname in the IDP can be different than hostname configured for use with vRA. For example, the following image illustrates the hostname configured for accessing the vRA application in a hands-on lab:

vRealize Hostname

However, after appropriate tinkering, when users attempt to log in, they see the following:

Connection is Untrusted

In order to correct this, take appropriate backups then log in as a user with permission to administer the directory configuration (i.e., a tenant administrator). Select the Administration tab and navigate to Directories Management > Identity Providers. Select an IDP and you will be presented with an interface similar to the following:

ldP Hostname

Take note of the hostname and adjust this to be consistent with the vRA application FQDN found in the administration interface (VAMI) above. It is particularly important to rectify this if you happen to have the short name in the IDP, which can cause a number of problems. The changes take place immediately without restarting any services, though there may be additional steps needed to correct a particular issue. For example, I have had to re-register the vRO authentication after correcting this due to the state it was in after troubleshooting.

For additional reading, please review the following KB articleVMware KB Logging in to embedded vRealize Orchestrator fails (2146063)

Comments

0 comments have been added so far

  1. 体重が頭から離れないようになるのは暑くなってきて薄手の服を着るようになるころです。

    下半身やうでについた皮下脂肪は、厚着のうちは見逃していますが夏が近づいてくるとそうも言っていられません。理想の自分から離れれば元を取り返すのは大変ので、事態が深刻化する前になんとかしたほうがいいですね。体重減を効率よく実現していくためには食事制限することが絶対条件と言えます。太りやすいメニューは控えて偏らず適量に配慮することが痩せたいをやりきれる条件です。ダイエットのために食事量を減らしたとしても、身体が最低限必要とする栄養成分は漏れることが無いよう摂取しておくことです。体が必要としている栄養は確保し、太らない食物を摂取することと太りやすい食物の摂取を制限することはともに肝要と言えるでしょう。沢山の人が毎度の食事でもっとも量的に多い食事は夕食になっているようですが、夕食はあまり炭水化物は摂らないほうがいいです。食事の後に急に血糖値スパイクならないようにするにはごはんやうどんなどから食べるのではなく季節のやさいの料理など、低カロリーの料理から口にしていきましょう。食事量を抑えている間は炭水化物の変わりにたんぱく質の多い食品を使った食事に配慮するとスリム化しやすくなります。取りにくい内臓脂肪を燃やすためには運動抜きには難しいでしょう。ウォーキングなどの運動と合わせて食事のとり方を工夫してカロリー制限を実践してみましょう。減量を成功させるために大事なことは無理をせずに続けていけるようにしたらいいと思います。

Leave a Reply

Your email address will not be published. Required fields are marked *