Process to view the List of Services Registered with Single Sign-On
Article ID: 322196
Updated On:
Products
VMware vCenter Server
Issue/Introduction
This article provides steps to view the list of services registered with Lookup Service in vCenter Single Sign-On (SSO). Lookup Service provides a central location for services to publish their functionalities as service endpoints. vCenter Services and external solutions can query Lookup Service to list the services and its endpoints for specific functionality. Sample service registration is available in Related Information of this KB.
Environment
VMware vCenter Server Appliance 5.5.x
VMware vCenter Server 6.0.x
VMware vCenter Server Appliance 6.5.x
VMware vCenter Server 7.0.x
VMware vCenter Server 5.1.x
VMware vCenter Server Appliance 6.7.x
VMware vCenter Server Appliance 6.0.x
VMware vCenter Server 5.5.x
VMware vCenter Server 6.0.x
VMware vCenter Server Appliance 6.5.x
VMware vCenter Server 7.0.x
VMware vCenter Server 5.1.x
VMware vCenter Server Appliance 6.7.x
VMware vCenter Server Appliance 6.0.x
VMware vCenter Server 5.5.x
Resolution
List of Services Registered with vCenter Single Sign-On (SSO):
To obtain a list of services that are currently registered to SSO follow the steps below:In
vSphere 7.x
Appliance:
Open an SSH session to the vCenter Server Appliance 7.0 with embedded Platform Services Controller and run:
/usr/lib/vmware-lookupsvc/tools/lstool.py list --url http://localhost:7090/lookupservice/sdk
vSphere 6.x
Appliance:Open an SSH session to the Platform Services Controller Appliance 6.x or vCenter Server Appliance with embedded Platform Services Controller and run:
python /usr/lib/vmidentity/tools/scripts/lstool.py list --url http://localhost:7080/lookupservice/sdk
Note:
- Lstool.py script is only available on PSC or Embedded vCenter, this script will not work on Management Node (vCenter Server with an External Platform Services Controller)
- Lstool.py script is located on path /usr/lib/vmware-lookupsvc/tools/ on VMC releases
Windows:
- Log into the Windows Platform Services Controller 6.x or vCenter Server with embedded Platform Services Controller
- Open a command prompt window
- Run the below command to list the services registered with the Platform Services Controller and save the output to c:\psc_services.txt
"%VMWARE_PYTHON_BIN%" "%VMWARE_CIS_HOME%\VMware Identity Services\lstool\scripts\lstool.py" list --url http://localhost:7080/lookupservice/sdk > c:\psc_services.txt
- Open the c:\psc_services.txt output in Notepad:
notepad c:\psc_services.txt
vSphere 5.5
Appliance:Open an SSH session to the vCenter Server Appliance 5.5 and run:
/usr/lib/vmware-sso/bin/vi_regtool listServices http://vCenter_Single_Sign-On_FQDN:7444/lookupservice/sdk
Windows:
- Log into the Windows server where the vSphere Single-Sign On service is installed.
- Open a command prompt windows to the C:\Program Files\VMware\Infrastructure\VMware\CIS\vmware-sso\ directory
- Set the Java Home by running:
set JAVA_HOME="C:\Program Files\Common Files\VMware\VMware vCenter Server - Java Components\bin"
- Run the command to list the services registered with Single Sign-On and save the output to c:\sso_services.txt
ssolscli.cmd listServices https://vCenter_Single_Sign-On_FQDN:7444/lookupservice/sdk > c:\sso_services.txt
- Open the c:\sso_services.txt output in Notepad:
notepad c:\sso_services.txt
vSphere 5.1
Appliance:Open an SSH session to the vCenter Server Appliance 5.1 and run:
/usr/lib/vmware-sso/bin/vi_regtool listServices http://vCenter_Single_Sign-On_FQDN:7444/lookupservice/sdk
Windows:
- Log into the Windows server where the vSphere Single-Sign On service is installed.
- Open a command prompt window to the C:\Program Files\VMware\Infrastructure\SSOServer\ssolscli directory
- Set the Java Home by running:
SET JAVA_HOME=C:\Program Files\VMware\Infrastructure\jre
- Run the command to list the services registered with Single Sign-On and save the output to c:\sso_services.txt
ssolscli.cmd listServices https://vCenter_Single_Sign-On_FQDN:7444/lookupservice/sdk > c:\sso_services.txt
- Open the c:\sso_services.txt output in Notepad:
notepad c:\sso_services.txt
Additional Information
Following is an example of Service Registration (from 6.x or 7.x):
Name: cs.keyvalue.servicenameresource
Description: cs.keyvalue.servicedescriptionresource
Service Product: com.vmware.cis
Service Type: cs.keyvalue
Service ID: 24803f6a-0865-4267-ab0a-fc47a74f5cf1_kv
Site ID: default-site
Node ID: c0d1ea69-49d4-45aa-b6cd-6a54588d8d13
Owner ID: vpxd-extension-9060afc0-d5d6-46c3-86a4-dcf83d8c1f76@vsphere.local
Version: 1.0
Endpoints:
Type: com.vmware.cis.kv.client
Protocol: http
URL: https://vCenterServer_FQDN_or_PNID:443/invsvc
SSL trust: MIIEoDCCpROaVQHMbwECFmFlubr/f3R7qau3UU.......................s7XJJkS1ZW/q4lfpqSzZDfH8kT2yxonbQm9aJr0IWNY/R/J8KZa1a0jslE/wLfdDkNl
Opening a command or shell prompt
How to file a Support Request in Customer Connect
Cannot remove obsolete solution users from the Lookup Service using the vSphere Web Client
"ERROR certificate-manager 'lstool get' failed: 1" during Certificate Replacement on vCenter Server 6.x
"ERROR certificate-manager 'lstool get-site-id' failed: 1", Certificate Replacement with Custom Certificate Fails on vCenter Server 6.x
vCenter Server or Platform Services Controller certificate validation error messages for external solutions in environments with a External Platform Services Controller
Name: cs.keyvalue.servicenameresource
Description: cs.keyvalue.servicedescriptionresource
Service Product: com.vmware.cis
Service Type: cs.keyvalue
Service ID: 24803f6a-0865-4267-ab0a-fc47a74f5cf1_kv
Site ID: default-site
Node ID: c0d1ea69-49d4-45aa-b6cd-6a54588d8d13
Owner ID: vpxd-extension-9060afc0-d5d6-46c3-86a4-dcf83d8c1f76@vsphere.local
Version: 1.0
Endpoints:
Type: com.vmware.cis.kv.client
Protocol: http
URL: https://vCenterServer_FQDN_or_PNID:443/invsvc
SSL trust: MIIEoDCCpROaVQHMbwECFmFlubr/f3R7qau3UU.......................s7XJJkS1ZW/q4lfpqSzZDfH8kT2yxonbQm9aJr0IWNY/R/J8KZa1a0jslE/wLfdDkNl
- Service Type and Service Product - These are string values to uniquely identify the Type of Service, Example: vCenter Server Service or Inventory Service
- Site ID - This shows the Site Name where Services are registered for a particular vCenter Server
- Node ID - This is the unique identifier of each vCenter Server deployment, this ID can be obtained by executing command "/usr/lib/vmware-vmafd/bin/vmafd-cli get-ldu --server-name localhost"
- Owner ID - Solution user associated with the Service
- Endpoints - Each Service will have one or more endpoints with a specified functionality ( Example - one endpoint for SDK queries, another one for Health etc..)
- Type: String value in Endpoint Type is used to uniquely identify the Type of endpoints which can be filtered by other Services
- Protocol - Type of Protocol used to communicate with the Endpoint URL
- URL - Services connects to the URL specified in Endpoint URL for communicating each other, each Endpoint URL has a specific functionality
- SSL Trust - Base 64 encoded Certificate which is configured for the Service, when two services communicate each other using the endpoints, it uses value of SSL Trust to confirm the authenticity of the connection
Opening a command or shell prompt
How to file a Support Request in Customer Connect
Cannot remove obsolete solution users from the Lookup Service using the vSphere Web Client
"ERROR certificate-manager 'lstool get' failed: 1" during Certificate Replacement on vCenter Server 6.x
"ERROR certificate-manager 'lstool get-site-id' failed: 1", Certificate Replacement with Custom Certificate Fails on vCenter Server 6.x
vCenter Server or Platform Services Controller certificate validation error messages for external solutions in environments with a External Platform Services Controller
Feedback
Yes
No
Powered by
