Shulou(Shulou.com)06/02 Report--

I. description of the problem:

The following error occurs after the customer reinstalls the Vcenter (the Hostname is the same as before):

1. The computer directory shows that the vCenter server cannot be reached

2.VM power supply status unknown

3. The following error occurred in testing connection:

Attempting to connect to the VCenter server failed due to a certificate error.

Check that the appropriate certificates are installed on the VCenter server and on the same machine as all instances of the Host service.

4. Unable to add and delete virtual machines in the existing computer directory

Second, solve the goal:

1. No need to create a new Connection to repair the existing connection

two。 All VM power supplies are manageable

3. Existing computer directories (including MCS) can add machines normally

3. Workaround:

Create a new connection based on the new vcenter address and delete the machines in the existing site. The existing way is to add the new vcenter address to the existing site for management. For more information, please see the official Citrix documentation:

Xenserver:

Http://support.citrix.com/article/CTX139041

Vmware:

Https://support.citrix.com/article/CTX216898

IV. Fundamental solution

* Note: this solution is not officially supported by citrix, so use it cautiously!

Problem 1: repair the existing connection and repair the power status of the existing virtual machine

1. Delete the original vcenter certificate in the certificate authority of each DDC

Load the certificate through MMC and browse to the path: certificate > trusted root certificate authority > trusted person

2. There are two ways to install a new vCenter certificate (including the root certificate) in each DDC:

Method 1:

a. Copy the vCenter Server certificate to all DDC

Certificate path:

VCenter server for Windows:

C:\ ProgramData\ VMware\ vCenterServer\ cfg\ vmware-vpx\ ssl\ rui.crt

VCSA:

/ etc/vmware-vpx/ssl/rui.crt

b. Import certificate, MMC- > Add/Remove Snap-in- > Certificates- > Add- > Computer account- > Local computer- > Trusted People- > Certificates- > Import above Certificates

Method 2:

Browsers access vCenter Server at addresses such as https://server1.domain1.com.

The vCenter certificate is displayed in this path: Accept the security warnings- > Click on the address bar

Click "Install certificate", select "Local Machine", and click continue

Click "Place all certificates" in the Certificate Authority, and click "Browse"

1) if you are using Windows Server 2008 R2:

a. Select Show physical stores checkbox

b. Expand Trusted People

c. Select Local Computer

d. Click Next, then click Finish

2) if you are using Windows Server 2012 or Windows Server 2012 R2, then:

a. Select Trusted People, and then click OK.

b. Click Next, then click Finish directly.

* * Note: after the certificate is imported, be sure to verify that https access no longer reports a certificate error. If there are any errors, consider adding the site to the list of local trusted sites.

3. Update the fingerprint of the new certificate in the Citrix Virtual Desktop database

a. View the fingerprint by viewing the certificate details and dropping to the Thumbprint option (please copy the fingerprint information to the TXT to remove spaces and replace the letters with uppercase):

B. replace the new certificate fingerprint in the Citrix Virtual Desktop database

Method 1: update the database table directly

Update [XDSiteDB]. [HostingUnitServiceSchema]. [HypervisorConnectionSSLThumbprint]

Set SSLThumbprint = '59548212930111B0E279FDC729D7AF4FDE65C25F'

Where Id = 2

* * Note: Hypervisor ConnectionUid can run Powershell Get-BrokerHypervisorConnection on DDC to view relevant information

Method 2: update via DDC Powershell

A) $cred = Get-Credential

B) Set-Item-LiteralPath ""-username $cred.username-Securepassword $cred.password-SslThumbprint ""-hypervisorAddress

* * Note: the fingerprint of the certificate must be capitalized!

4. In Citrix Studio, edit the existing hosting connection and update the connection address (if the address changes)

After the above four steps are completed, the power state of the virtual machine is restored and the existing connection is repaired.

Problem 2: unable to add machines to the existing computer directory

Although we can solve the connection problem in the existing environment after completing the above steps, the user cannot add a new computer to the new computer directory. The root cause of the problem is that after replacing vcenter, the network / storage/resouregoup id information managed by vcenter will change, and the original computer directory will still be associated with the id under the old vcenter.

The solution is to replace the associated network / storage / resource group ID in the XD database with the existing correct ID.

How to view the network / storage / resource group ID under the current new vcenter? There are two ways:

1. Create a new managed host based on the original managed host and use the same storage and network, so that you can view the corresponding ID in DB

two。 View via vcenter server mob (recommended)

The browser accesses the vcenter server address and selects to browse the management object

The path is: Browse objects managed by vShpere- > Content- > rootFolder (Datacenters)-> ChileEntity (Real Datacenter Name, you can see storage ID and network ID normally in this directory)-> HostFolder- > ChildEntity (you can see the cluster name or host at this time)-> Click to enter, and the page is ManagedObjectReference:ComputeResource (you can see storage ID and network ID on this page, and the corresponding ID can be found by dropping resourcePool).

Network ID:

The user prompts the following error when adding a computer:

Terminating Error:

An unknown error occurred while creating the virtual machines.

Stack Trace:

At Citrix.Console.PowerShellSdk.ProvisioningSchemeService.BackgroundTasks.ProvisioningSchemeTask.CheckForTerminatingError (SdkProvisioningSchemeAction sdkProvisioningSchemeAction)

At Citrix.Console.PowerShellSdk.ProvisioningSchemeService.BackgroundTasks.ProvisioningSchemeTask.WaitForProvisioningSchemeActionCompletion (Guid taskId, Action `1 actionResultsObtained)

At Citrix.Console.PowerShellSdk.ProvisioningSchemeService.BackgroundTasks.MachineProvisioningTask.RunTask ()

At Citrix.Console.PowerShellSdk.BackgroundTaskService.BackgroundTask.Task.Run ()

DesktopStudio_ErrorId: ProvisioningTaskError

ErrorCategory: NotSpecified

ErrorID: NetworkNotPermitted

TaskErrorInformation: A NIC device is tied to a disallowed network.

InternalErrorMessage: A NIC device is tied to a disallowed network.

Machine Failures:

: Failed to create the virtual machine;.

Inner Error:

A NIC device is tied to a disallowed network.

ErrorID: System.InvalidOperationException

TaskErrorInformation: System.InvalidOperationException: A NIC device is tied to a disallowed network.

At Citrix.MachineCreation.NewProvVMSupport.NewProvVMLogic.DoValidation (NewVirtualMachineWorkflow context)

Changes to the network involve three tables in the data, as follows:

[HostingUnitServiceSchema]. [HostingUnit]

[HostingUnitServiceSchema]. [HostingUnitNetwork]

[DesktopUpdateManagerSchema]. [ProvisioningSchemeNetworkMap]

[HostingUnitServiceSchema]. [HostingUnit] mainly defines the corresponding RootID/RootPath/NetworkPath/NetworkID in the current hosting host. If you just replace the vcenter (datacenter, cluster is unchanged), you only need to change the networkID. If you change the above path, you also need to replace the RootID and Rootpath corresponding to the problematic Hostingunits.

Update [CitrixXDSiteDB]. [HostingUnitServiceSchema]. [HostingUnit]

Set RootPath = 'xxxxx', RootID =' new rootid', NetworkID = 'NewNetworkID'

Where hostingUnitName = 'vcenter'

[HostingUnitServiceSchema]. [HostingUnitNetwork] defines the name and id for each network in the managed host (it is possible that multiple networks are configured in the user's hosting, but only one network is selected for each computer directory)

Statement:

Update [HostingUnitServiceSchema]. [HostingUnitNetwork]

Set NetworkID= 'Newnetwork id'

Where networkpath='networkpath'

[DesktopUpdateManagerSchema]. [ProvisioningSchemeNetworkMap] defines the network path and ID used in the scheme corresponding to each computer directory.

Statement:

Update [DesktopUpdateManagerSchema]. [ProvisioningSchemeNetworkMap]

Set NetworkId = 'New networkID'

Where ProvsioningSchemeUid='xxxxx-xxxxxx-xxxxxxxxxxxxxx'

* * Note: how to view the ProvsionningScheme corresponding to the computer directory

Run Powershell: Get-BrokerCatalog on DDC

2. Storage ID

After modifying the network ID associated with the above three tables, the user still prompts you to report an error when you add the machine again:

From the error reported above, we can clearly see that the corresponding storage cannot be found during the creation of the machine. The storage "datastore-1164" here has been changed to a new id under the new vCenter management, and we need to replace it in the database.

[HostingUnitServiceSchema]. [HostingUnitStorageLocation] this table records the path and storage ID corresponding to each storage in managed storage

Statement:

Update [CitrixXDSiteDB]. [HostingUnitServiceSchema]. [HostingUnitStorageLocation]

Set StorageId = 'datastore-15'

Where StorageId = 'datastore-1164'

3. ResouceGroup ID

After updating the storage ID, the user adds the new virtual machine again:

Machine Failures:

Domain\ RDVDI21 $: Could not locate the master disk image; / VDI-ITUser-Template.vm/ITUserVDA.snapshot/set IE proxy.snapshot to create the virtual machine; Domain\ RDVDI21 $

Inner Error:

Attempt to lookup property [parent] failed as the object [resgroup-1162] does not exist

ErrorID: PluginUtilities.Exceptions.ItemNotFoundException

TaskErrorInformation: PluginUtilities.Exceptions.ItemNotFoundException: Attempt to lookup property [parent] failed as the object [resgroup-1162] does not exist-> PluginUtilities.Exceptions.ItemNotFoundException: Attempt to lookup property [parent] failed as the object [resgroup-1162] does not exist-> PluginUtilities.Exceptions.WrappedPluginException: object has been deleted or not fully created

We can see that the corresponding resouregroup-1162 has changed. We need to update the corresponding values in the database.

[DesktopUpdateManagerSchema]. [ProvisioningSchemeVMImageLocation] this table records the information of the Basedisk in each storage in the computer directory. If the ResourceGroup information changes, it needs to be changed here.

Statement:

Update [DBName] [DesktopUpdateManagerSchema]. [ProvisioningSchemeVMImageLocation]

Set DiskId= replace (DiskId,'resgroup-35002_old','resgroup-3xxxx_new')

Where ProvsioningSchemeID = XXX

You also need to change the StorageID in this table

Update [DBName]. [DesktopUpdateManagerSchema]. [ProvisioningSchemeVMImageLocation]

Set StorageId = 'datastore-15'

Where StorageId = 'datastore-1164'

Go back to DDC to add computers for the problematic computer directory again, and you can add them again at this time!

* * Note: make sure to back up the database first for all database operations

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.