Smarts ESM: How to Import Bulk Credentials using the clientConnect.conf file
search cancel

Smarts ESM: How to Import Bulk Credentials using the clientConnect.conf file

book

Article ID: 331993

calendar_today

Updated On:

Products

VMware Smart Assurance

Issue/Introduction

Symptoms:


Due to Security enhancements to the SAS product suite importing credentials into EMC Server Manager (ESM) via plain text file is no longer supported in 9.2.1. and newer versions of ESM.  This KB article provides the method of importing credentials into ESM that are encrypted

Customers wanting to use a file to use the Bulk Import of Credentials will find that the instructions on Pages 209 and 210 of the following document is not supported in 9.2.1 or newer versions of Server manager.  These instructions are no longer available  in the 9.3 and 9.4 Server Manager User and Configuration Guides.

https://support.emc.com/docu46058_Smarts-Server-Manager-9.2-User-and-Configuration-Guide.pdf?language=en_US

Using the instructions from this document will result in the following error message when trying to test or apply the credentials.

New credential for Host:vcenter.vmware.com, Type Virtual Center could not be applied.
?? ERROR: Could not add password to Singleton_JVM_Intervace:VMwareSDKInterface
No credential was added or modified on server



Entering credentials in the GUI will work without issue because the password will be encrypted before being added to ESM.

Environment

VMware Smart Assurance - SMARTS

Cause

Due to the Security Changes required for all Products in SAS, the use of plain text passwords was deprecated in SAS versions 9.2.1.x and newer.

Resolution

The solution for customers to be able to add the credentials and import these in bulk is to use the clientConnect.conf file in the following steps.

1.  run sm_edit on the local clientConnect.conf file for the ESM installation.  If the local file does not exist use the sm_edit command on the base clientConnect.conf file

2.  Enter the ESM vCenter, WMI or credentials above any *:* entries in the clientConnect.conf file 

Use the following format:
<type>:<host>:<userID>:<E-1.0><password>:<port>



3.  Save the file.  

The user password should now show in the clientConnect.conf file encrypted and not in plain text.

4.  Restart the Server Manager you should see two messages in the server log like these during initialization
                esm-process-bulk-cred-file@7148: Activated
               esm-process-bulk-cred-file@7148: starting Bulk credential

Additional Information

By default ESM credentials are loadable from clientConnect.conf during server startup

Attachments

Error message.JPG get_app
Sample from clientConnect.JPG get_app