Error "Cannot authenticate using the provided session parameters" when viewing Orchestrator Extension in vCenter Web Client or Unable to Register Orchestrator as a vCenter Server extension
Article ID: 375139
Updated On:
Products
VMware Aria Suite
Issue/Introduction
- vSphere vCenter web client's orchestrator extension fails to load orchestrator information despite having valid permissions.
- Prompts error
Cannot authenticate using the provided session parameters. - No workflows available on vCenter element actions.
- When trying to re-register the vcoin extension from orchestrator using vra cli command options, error noticed that the endpoint is already registered as an extension with a key:
Environment
Aria Automation 8.x
Aria Orchestrator 8.x
VMware vCenter Server 7.x
VMware vCenter Server 8.x
Cause
The Key stored in the Aria Orchestrator cache store for the endpoint when registered as an extension is either stale or corrupted.
Resolution
- Ensure connectivity between orchestrator and vCenter endpoint is healthy and the respective certificates and credentials used are valid. You may also run the
update a vCenter endpointlibrary workflow to validate connectivity from Orchestrator.
If the vCenter endpoint is marked unusable in Orchestrator UI, Refer KB-343875.
Additionally, Refer Configure the Connection to a vCenter Instance - Re-establish the connection for the vCenter Server extension by unregistering and re-registering the extension:
- Take non-memory of snapshots of vCenter server and Aria Automation/ Orchestrator appliance. Ensure vCenter server has been added as an endpoint in Orchestrator and is healthy in the Orchestrator inventory.
- Log in to the Orchestrator web console and run the Library workflow to
Un-Register vCenter Orchestrator as a vCenter Server extensionif the endpoint has been registered as an extension. - Once un-registered, the vCenter web client should no longer show the orchestrator extension / plugin endpoint. If it is still seen, go ahead and to the vSphere web client > Administrator > client plugins and select the Orchestrator vcoin plugin and remove it.
- Once un-registered, go ahead and re-register the vCenter extension using the workflow from orchestrator to
Register vCenter Orchestrator as a vCenter Server extension
Refer Configure the vRealize Orchestrator Plug-in for the vSphere Web Client - Post successful execution of the workflow, the orchestrator extension should now be healthy.
- If we still see the error, then
- Login to the Orchestrator appliance via SSH with root credentials
- We can validate the active extensions registered on the orchestrator via command line:
vracli vro vcoin list - In the below example, we see 3 records actively listed as vCenter extensions
- Identify the records which may correspond to the endpoint under consideration (You may notice multiple records, if the registration was attempted from command line with different usernames - causing staleness due to multiple records)
- Clear out record(s) corresponding to the vCenter endpoint under consideration using the command:
vracli vcoin unregister --force --insecure -u <username> -vcu https://<vcenter endpoint extension>/sdk
You would be prompted for the password for the username used above
- Once successfully un-registered and all stale entries have been cleared out, if any, validate the vsphere web client that the Orchestrator extension is no longer visible.
- Register the vcenter server as an extension using the below command:
vracli vro vcoin register --insecure -u <username> vcu https://<vcenter endpoint extension>/sdk
You would be prompted for the password for the username used above
For more details, refer Configuring the VMware Aria Automation Orchestrator Plug-in for vSphere Web Client
Note: if required you can attempt to disable and re-enable the vcoin options on orchestrator but would require to redeploy the pods post enabling or disabling the utility.
Feedback
Yes
No
Powered by
