The intersection of dance music culture and technology...
FacebookRSS

DreamensioN .NET

Ok – I’m just putting this one out there incase someone else finds it useful.

For 2 weeks now, I’ve been trying to work out why I couldn’t add my XenServer host to SCVMM 2012.   In the end it turned out to be 3 problems all adding up, but the last peice of the puzzle didn’t fall into place until just now.

I’ve just spent the last 12hrs trying to figure out this last peice, and it turns out – there is a KB that Microsoft released, which kills communications with Unix/Linux servers.

When adding XenServer in SCVMM 2012, I would get errors like this:

 Error (12703) VMM cannot establish a trust relationship for the SSL/TLS secure channel for Xenserver-01.domain.local server.

Recommended Action Install the certificate to the trusted people root store of the VMM management server and then try the operation again.

Or errors like this…

 Error (2916) VMM is unable to complete the request. The connection to the agent Xenserver-01.dreamstudios.local was lost. Unknown error (0x8033810f)

Recommended Action Ensure that the WS-Management service and the agent are installed and running and that a firewall is not blocking HTTPS traffic.

This problem can also be caused by WMI service crash. Ensure that KB 982293 (http://support.microsoft.com/kb/982293) is installed on the machine if it is running Windows Server 2008 R2.

If the error persists, reboot Xenserver-01.domain.local and then try the operation again.



After a long night of searching, and reading up on a whole bunch of XenServer stuff…which I might add – I never want to do again….  I found this blog post.


 


http://outlookcloudy.blogspot.com.au/2012/02/xenserver-hosts-in-vmm2012-stop.html#!/2012/02/xenserver-hosts-in-vmm2012-stop.html


 


KB2585542 (which is a Security Update for Windows Server 2008 R2)…..


 


 This security update resolves a publicly disclosed vulnerability in SSL 3.0 and TLS 1.0. This vulnerability affects the protocol itself and is not specific to the Windows operating system. The vulnerability could allow information disclosure if an attacker intercepts encrypted web traffic served from an affected system. TLS 1.1, TLS 1.2, and all cipher suites that do not use CBC mode are not affected.


 


….this nukes communication to Linux boxes – therefore, you cannot communicate with XenServer (or in my case, you cannot add XenServers to the VMM host resource pool).  Just like in the blog post by Daniel Mar, uninstalling the KB2585542 resolved my issue.

								

    
    	
			

				
        

          

            
            
          

        

      
			

	


	
			

			2 thoughts on “Error (2916) VMM is unable to complete the request / VMM cannot establish a trust relationship for the SSL/TLS secure channel


		
		
    
				
  1. 
		
    Pingback: XenServer Management on Steroids with SCVMM 2012 Part 1 « Sinisa SOKOLOVIC
    
	
    2. 
	
  2. 
		
    Pingback: Homepage
    
	
    3. 
		


		
	
	
									

				
Leave a comment 

									

																			
Your email address will not be published. Required fields are marked *
							
 






CAPTCHA Image
    
    
  





 *CAPTCHA

												
						
You may use these HTML tags and attributes:  <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>