PowerCLI-Example-Scripts icon indicating copy to clipboard operation
PowerCLI-Example-Scripts copied to clipboard

Published 20 hours ago verified publisher icon vmware

Connect-SsoAdminServer command failed

Open yanlu2 opened this issue 3 years ago • 4 comments
trafficstars

Describe the bug

Connect-SsoAdminServer -Server $server -User $username -Password $passwd Got error,

Connect-SsoAdminServer : One or more errors occurred. At line:1 char:1

  • Connect-SsoAdminServer -Server $server -User $username -Password $pas ...
  •   + CategoryInfo          : NotSpecified: (:) [Write-Error], WriteErrorException
  + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Connect-SsoAdminServer

Reproduction steps

1. Connected to Vcenter server using without issue
Connect-VIServer -Server $server -user $username  -password $passwd
2. try to connect-ssoadminserver failed
Connect-SsoAdminServer -Server $server -User $username -Password $passwd
3.
...

Expected behavior

should connect to ssoadminserver without error

Additional context

I have another system runing successfully verion 5.1.19041.1320 the PowerShell verion I have on issued machine is 5.1.18362.1801

yanlu2 avatar Jan 18 '22 17:01 yanlu2

the script lists members in a group in the vCenter.

yanlu2 avatar Jan 18 '22 17:01 yanlu2

Hello,

Having the same issue here.

PowerShell version: 5.1.19041.906 PowerCLI version 12.5 VMWare.vsphere.ssoadmin version: 1.3.7 VCenter version 7.0.3.00000

It happens with and without using connect-viserver before. Let me know if you need more information.

ldap389 avatar Jan 27 '22 16:01 ldap389

Does this same behavior occur if you use the -SkipCertificateCheck switch on the Connect-SsoAdminServer function?

One hypothesis is that Connect-VIServer is using the InvalidCertificateAction response that you'd see from Get-PowerCLIConfiguration | Select-Object Scope, InvalidCertificateAction whereas the SsoAdmin cmdlet does not look for that value. In @yanlu2 initial additional context, we could go on to assume that the two different systems may have different trusted certificate authorities available, one system that happens to trust the certs applied to vCenter Server and one that does not.

bwuch avatar Jan 28 '22 02:01 bwuch

Your hypothesis is correct. Would it be possible to make the SsoAdmin cmdlet compatible with that InvalidCertificateAction parameter? Or at least display a more comprehensive error message? Thanks very much for your quick answer, it's really appreciated.

ldap389 avatar Jan 28 '22 08:01 ldap389