Search the VMware Knowledge Base (KB)
View by Article ID

VMware vCenter Single Sign-On fails to install if any domains or domain controller host names in the environment have unsupported characters in the domain name (2041856)

  • 9 Ratings

Symptoms

  • There are one or more domains in the environment with at least one unsupported character in the fully qualified domain name.
  • The vCenter Single Sign-On (SSO) installation process rolls back unexpectedly.
  • Adding an Active Directory as a LDAP Server identity source to vCenter Single Sign-On fails with the error:

    Primary Server URL: the provided parameter is not a valid address pointing to an LDAP server

  • Adding an Active Directory (Integrated Windows Authentication) identity source to vCenter Single Sign-On is successful, but adding users fails with the error:

    Error: Idm client exception: Failed to establish server connection

  • The vCenter Server %tmp%\vminst.log file contains entries similar to:

    VMware Single Sign On-build-878838: 11/08/12 14:11:29 RunSSOCommand:: error code returned is 1 while launching C:\Program Files\VMware\Infrastructure\SSOServer\utils\rsautil.cmd
    VMware Single Sign On-build-878838: 11/08/12 14:11:29 Posting error message 20060
    VMware Single Sign On-build-878838: 11/08/12 14:12:23 MsiProcessMessage returned: 1
    VMware Single Sign On-build-878838: 11/08/12 14:12:23 VMExecuteSSOCommand::done Res: 0
    VMware Single Sign On-build-878838: 11/08/12 14:12:23 End Logging
    VMware Single Sign On-build-878838: 11/08/12 14:12:25 Command to be executed : C:\Program Files\VMware\Infrastructure\jre\\bin\java.exe -classpath ****** com.vmware.vim.lookup.install.PreInstaller ******
    VMware Single Sign On-build-878838: 11/08/12 14:12:25 Found "C:\Program Files\VMware\Infrastructure\jre\\bin\java.exe"
    VMware Single Sign On-build-878838: 11/08/12 14:12:25 Launch as logon user <username>
    VMware Single Sign On-build-878838: 11/08/12 14:12:25 Found "C:\Program Files\VMware\Infrastructure\jre\\bin\java.exe"
    VMware Single Sign On-build-878838: 11/08/12 14:12:27 Process returned 4294967295
    VMware Single Sign On-build-878838: 11/08/12 14:12:27 ERROR: Failed to run the command
    VMware Single Sign On-build-878838: 11/08/12 14:12:27 Posting error message 20010
    VMware Single Sign On-build-878838: 11/08/12 14:14:55 MsiProcessMessage returned: 1
    VMware Single Sign On-build-878838: 11/08/12 14:14:55 failOnError value is : 1
    VMware Single Sign On-build-878838: 11/08/12 14:14:55 VMSSOExecuteJava::done Res: 1603
    VMware Single Sign On-build-878838: 11/08/12 14:14:55 End Logging


  • The %Program Files%\VMware\Infrastructure\SSOServer\logs\LookupServer.log file contains entries similar to:

    [2012-11-08 14:12:27,079 main  ERROR com.vmware.vim.lookup.install.PreInstaller] Cannot perform pre-install script due to error
     com.vmware.vim.sso.admin.exception.InternalError: General failure.
     at com.vmware.vim.sso.admin.client.vmomi.impl.VmomiClientCommand.execute(VmomiClientCommand.java:135)
     at com.vmware.vim.sso.admin.client.vmomi.impl.VmomiClientCommand.
    executeEnsuringNoDomainError(VmomiClientCommand.java:141)
     at com.vmware.vim.sso.admin.client.vmomi.impl.AdminClientImpl.
    createServiceContent(AdminClientImpl.java:237)
     at com.vmware.vim.sso.admin.client.vmomi.impl.AdminClientImpl.
    <init>(AdminClientImpl.java:95)
     at com.vmware.vim.sso.admin.client.vmomi.VmomiClientFactory.
    createAdminClient(VmomiClientFactory.java:55)
     at com.vmware.vim.sso.admin.client.vmomi.VmomiClientFactory.
    createAdminClient(VmomiClientFactory.java:45)
     at com.vmware.vim.lookup.install.SsoAdminServerConnector.
    initializeClient(SsoAdminServerConnector.java:95)
     at com.vmware.vim.lookup.install.SsoAdminServerConnector.
    <init>(SsoAdminServerConnector.java:58)
     at com.vmware.vim.lookup.install.PreInstaller.main(PreInstaller.java:42)
     Caused by: java.lang.IllegalArgumentException: Host name may not be null


  • The %Program Files%VMware\Infrastructure\SSOServer\utils\logs\imstrace.log file contains entries similar to:

    2012-11-08 14:08:40,579, [pool-3-thread-1], (SMTPServiceImpl.java:199), trace.com.rsa.ims.smtp.impl.SMTPServiceImpl, DEBUG, <HOSTNAME.DOMAIN_WITH_UNDERSCORES.COM>,,,,Initializing SMTP service
    2012-11-08 14:08:40,579, [pool-3-thread-1], (SMTPServiceImpl.java:206), trace.com.rsa.ims.smtp.impl.SMTPServiceImpl, DEBUG, <HOSTNAME.DOMAIN_WITH_UNDERSCORES.COM>,,,,Retrieving SMTP configuration
    2012-11-08 14:08:40,579, [pool-3-thread-1], (SMTPServiceImpl.java:765), trace.com.rsa.ims.smtp.impl.SMTPServiceImpl, DEBUG, <HOSTNAME.DOMAIN_WITH_UNDERSCORES.COM>,,,,SMTP host is not set for instance:9c4703e21914780a6257828da74b1954
    2012-11-08 14:08:40,579, [pool-3-thread-1], (SMTPServiceImpl.java:626), trace.com.rsa.ims.smtp.impl.SMTPServiceImpl, INFO, <HOSTNAME.DOMAIN_WITH_UNDERSCORES.COM>,,,,SMTP is not configured for instance 9c4703e21914780a6257828da74b1954
    2012-11-08 14:08:40,579, [pool-3-thread-1], (SMTPServiceImpl.java:627), trace.com.rsa.ims.smtp.impl.SMTPServiceImpl, INFO, <HOSTNAME.DOMAIN_WITH_UNDERSCORES.COM>,,,,Attempting to lookup DNS MX Records for current machine domain.
    2012-11-08 14:08:40,673, [pool-3-thread-1], (SMTPServiceImpl.java:639), trace.com.rsa.ims.smtp.impl.SMTPServiceImpl, ERROR, <HOSTNAME.DOMAIN_WITH_UNDERSCORES.COM>,,,,Error looking up DNS MX Record
    javax.naming.ServiceUnavailableException: DNS server failure [response code 2]; remaining name 'COM'
      at com.sun.jndi.dns.DnsClient.checkResponseCode(DnsClient.java:594)
      at com.sun.jndi.dns.DnsClient.isMatchResponse(DnsClient.java:548)
      at com.sun.jndi.dns.DnsClient.doUdpQuery(DnsClient.java:399

Cause

  • Domain names with unsupported characters are not supported by vCenter Server.

    For example, the underscore (_) character is not supported.

  • As documented in the ESXi and vCenter Server documentation, the host name of the machine must comply with RFC 952 guidelines. RFC 952 guidelines state that underscores are not a valid character. For more information, see the System Prerequisites section of the vSphere Installation and Setup guide and the RFC 952 guidelines.

  • Unsupported characters are also documented by Microsoft for Active Directory. For more information, see Microsoft knowledge Base article 909264. According to the Microsoft article, DNS domain names and DNS host names cannot contain these characters:

    • comma (,)
    • tilde (~)
    • colon (:)
    • exclamation point (!)
    • at sign (@)
    • number sign (#)
    • dollar sign ($)
    • percent (%)
    • caret (^)
    • ampersand (&)
    • apostrophe (')
    • period (.)
    • parentheses (())
    • braces ({})
    • underscore (_)
    • white space (blank)

Resolution

To resolve this issue, change any domain controller host names or domain names to ensure that they do not have unsupported characters in the name prior to installing vCenter Single Sign-On, or before attempting to use those domains as Identity Sources in SSO.

Additional Information

Note: The links in this article were correct as of May 17, 2013. If you find a link is broken, provide feedback and a VMware employee will update the link.

Request a Product Feature

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.

Feedback

  • 9 Ratings

Did this article help you?
This article resolved my issue.
This article did not resolve my issue.
This article helped but additional information was required to resolve my issue.

What can we do to improve this information? (4000 or fewer characters)




Please enter the Captcha code before clicking Submit.
  • 9 Ratings
Actions
KB: