2.7 Configuring vCenter Connection Credentials

For each VMware vCenter server that you want to monitor, configure the vCenter credentials in AppManager Security Manager before you run the Knowledge Script.

2.7.1 Configuring Account Permissions

Set the following permissions, at minimum, for the vCenter account that you configure in Security Manager:

  • Read-only, the default permission to run all the Knowledge Scripts.

  • Security Profile and Firewall, to run the Knowledge Scripts.

  • Power On, Power Off, Suspend, and Reset, to run the Knowledge Scripts.

Use a role you define with vCenter Server to grant these permissions to the account. Use an existing role, such as a role with administrative permissions, or create a new role. For more information about roles, see the VMware vCenter documentation.

2.7.2 Adding Connection Credentials

Configuring VMware vCenter credentials provides the agent or the proxy agent with the account information needed to run Knowledge Scripts on the vCenter Server. Add these credentials to AppManager Security Manager.

On the Custom tab in Security Manager, complete the following fields:

Field

Description

Label

VirtualCenter

Sub-label

IP address or computer name of the AppManager agent computer as shown in the Operator Console

Value 1

Web service HTTPS port information as follows:

  • To specify this information for a proxy agent, provide the IP address where you have installed vCenter and then the Web service HTTPS port. Use a colon (:) to separate the IP address and the port. For example, 100.99.110.9:443. You can also type the computer name where you installed vCenter instead of the IP address.

  • To specify this information for an agent installed locally on the vCenter server, type the vCenter Web service HTTPS port number.

Note The port you use for this value might not be the same as the port used by the Web client. If you are using vSphere 5.1 and later, look in the following location to determine which port to use:

  1. In the vSphere Web Client, select vCenter in the left pane.

  2. Under Inventory Lists, select vCenter Servers.

  3. Select the relevant vCenter server.

  4. On the Manage tab, select Settings > Advanced Settings.

  5. In the key named VirtualCenter.VimApiUrl, the port number you should use for this Security Manager entry is located after the colon (:) in the URL.

Value 2

User name for the account that has permissions to access vCenter. You can type the user name with the domain name, such as Domain\User name. The user specified in this field can be a local user or a domain user.

Value 3

Password for the user name identified in the Value 2 field.

Extended application support

Required field. Encrypts the user name and password in Security Manager.

NOTE:

  • Each vCenter job now checks Security Manager credentials with every job iteration, instead of checking on just the first iteration as in past releases of this module. As a result, if you update your vCenter Security Manager settings, you will need to start a new job on the agent monitoring vCenter to make sure your credentials get sent to the agent. Each currently running job will then pick up your updated Security Manager credentials from the agent’s local repository on that job’s next iteration.

  • If you use a fully qualified domain name (FQDN) to identify the agent with the VMware module installed, add the FQDN as the Value 1 field in Security Manager. If the FQDN is long, encryption might not work when that string gets encrypted. To work around this situation, use the IP address for the agent instead of the FQDN.