Error registering NSX manager to VCSA

[dwchan69]

I am trying to automate the process to register the newly deploy NSX Manager (6.4.8) to Center after it is deployed. I am using the latest PowerNSX as far as I can tell. I manage to deploy the NSX Manager without issue. Afterward, I connect to the NSX Manager also without issue

Connect-NSXServer -Server $NSX_Mgr_Hostname -Username admin -Password $NSX_Mgr_UI_Pass -DisableVIAutoConnect -WarningAction SilentlyContinue

Next, I use the Set-NsxManager to set my VCSA as the lookup service, also without issue, even though I would normally do this on step 2

Set-NsxManager -SsoServer $VCSAHostname -SsoUserName $ssoUsername -SsoPassword $VCSASSOPassword -AcceptAnyThumbprint

Next, I register it with Center using the Set-NsxManager again with the following syntax

Set-NsxManager -vCenterServer $VCSAHostname -vCenterUserName $ssoUsername -vCenterPassword $VCSASSOPassword -AcceptAnyThumbprint

However, no matter what I try, and I thought it worked in the past, it is given me the following error

Invoke-NsxRestMethod : The NSX API response received indicates a failure. 400 : Bad Request : Response Body: {"errorCode":226,"details":"15:99:A2:78: DC:DC:7A:5D:D6:42:CD:C8:3A:97:DA:4E:92:1F:06:12:14:FD:32:4B:A9:4E:AF:10:44:6A:20:EC","rootCauseString":null,"moduleName":null,"errorData":null} At C:\Users\cdominic\Documents\WindowsPowerShell\Modules\PowerNSX\PowerNSX.psm1:3519 char:13

• throw $ErrorString
• CategoryInfo : OperationStopped: (Invoke-NsxRestM...rrorData":null}:String) [], RuntimeException
• FullyQualifiedErrorId : Invoke-NsxRestMethod : The NSX API response received indicates a failure. 400 : Bad Request : Response Body: {"errorCo de":226,"details":"15:99:A2:78:DC:DC:7A:5D:D6:42:CD:C8:3A:97:DA:4E:92:1F:06:12:14:FD:32:4B:A9:4E:AF:10:44:6A:20:EC","rootCauseString":null,"modu leName":null,"errorData":null}

When I try this manually, a pop-up window is showing me the thumbprint as the error, when I accept it, it go through manually without issue. Given I set the switch -AcceptAnyThumbprint, not sure if that is even an issue. In short, what am I missing as there are very limited information with PowerNSX, and less so with the error I am getting. Any feedback would be appreciated

[alagoutte]

Hi,

do you have try to manually specific Thumbprint ?

What release of PowerShell do you are using ?

From psm1 file, there is a hack to try to get thumbprint

            try {
                $null = Invoke-NsxWebRequest -Method "put" -body $xmlRoot.outerXml -uri $uri -Connection $Connection
            }
            catch {
                #it sucks that at the moment I can't parse the response body as xml :(  I really need to fix this.
                $thumbprintMatch = '[<"]details[>"]:*"*(([A-F0-9]{2}:)+[A-F0-9]{2})'
                if (($AcceptAnyThumbprint) -and ($_ -match $thumbprintMatch))  {
                    #API responded with a thumbprint
                    write-warning "Using thumbprint presented by the vCenter server: $($Matches[1])"
                    $xmlRoot.certificateThumbprint = $matches[1]
                    $null = Invoke-NsxWebRequest -Method "put" -body $xmlRoot.outerXml -uri $uri -Connection $Connection
                }
                else {
                    #rethrow
                    throw "An error occured configuring the specified vCenter server.  $_"
                }
            }

May be there is a bug...

[dwchan69]

I will give the code a try, I am using PS 5.1 I think. I did try to copy and paste the thumbprint manually with no luck early but will give you code a try to ensure format is correct

[dwchan69]

What would be the proper $uri and $connection to use? I assume $connection would be just a VCSA connection like this?

$connection = Connect-VIServer $VCSAIPAddress -User "administrator@$VCSASSODomainName" -Password $VCSASSOPassword -WarningAction SilentlyContinue

But no clue with the $uri

[alagoutte]

Hi,

$Connection is the connection to NSX-T Manager (using Connect-NSXServer...)

for $uri it is $uri = "/api/2.0/services/vcconfig" for vcenter or $uri = "/api/2.0/services/ssoconfig" for SSO

[dwchan69]

tried this, with error

$Connection = Connect-NSXServer -Server $NSX_Mgr_Hostname -Username admin -Password $NSX_Mgr_UI_Pass -DisableVIAutoConnect -WarningAction SilentlyContinue

$uri = "/api/2.0/services/vcconfig"

try { $null = Invoke-NsxWebRequest -Method "put" -body $xmlRoot.outerXml -uri $uri -Connection $Connection } catch {

it sucks that at the moment I can't parse the response body as xml :( I really need to fix this.

            $thumbprintMatch = '[<"]details[>"]:*"*(([A-F0-9]{2}:)+[A-F0-9]{2})'
            if (($AcceptAnyThumbprint) -and ($_ -match $thumbprintMatch))  {
                #API responded with a thumbprint
                write-warning "Using thumbprint presented by the vCenter server: $($Matches[1])"
                $xmlRoot.certificateThumbprint = $matches[1]
                $null = Invoke-NsxWebRequest -Method "put" -body $xmlRoot.outerXml -uri $uri -Connection $Connection
            }
            else {
                #rethrow
                throw "An error occured configuring the specified vCenter server.  $_"
            }
        }

An error occured configuring the specified vCenter server. Invoke-NsxWebRequest : The NSX API response received indicates a failure. 400 : Bad Request : Response Body: <!doctype html>

HTTP Status 400 – Bad Request

---

Type Status Report

Description The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing).

---

At line:19 char:21

• ... throw "An error occured configuring the specified vCenter ...

• 
  + CategoryInfo          : OperationStopped: (An error occure...></body></html>:String) [], RuntimeException
  + FullyQualifiedErrorId : An error occured configuring the specified vCenter server.  Invoke-NsxWebRequest : The NSX API response received indic 
  ates a failure. 400 : Bad Request : Response Body: <!doctype html><html lang="en"><head><title>HTTP Status 400 – Bad Request</title><style type=  
  "text/css">h1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} h2 {font-family:Tahoma,Arial,sans-serif   
  ;color:white;background-color:#525D76;font-size:16px;} h3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14    
  px;} body {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} b {font-family:Tahoma,Arial,sans-serif;color:white;backgroun    
  d-color:#525D76;} p {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;} a {color:black;} a.name {color:black;} .l    
  ine {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 400 – Bad Request</h1><hr class="line" /><p><b>Type</    
  b> Status Report</p><p><b>Description</b> The server cannot or will not process the request due to something that is perceived to be a client er    
  ror (e.g., malformed request syntax, invalid request message framing, or deceptive request routing).</p><hr class="line" /></body></html>

[dwchan69]

I am using this on NSX-V 6.4.5, also try 6.4.9

[alagoutte]

I am using this on NSX-V 6.4.5, also try 6.4.9

sorry, no idea