I’ve recently been getting my hands dirty with vShield Manager 5.2. The biggest problem I’ve found with vShield Manager is the wholesale lack of documentation on how the product works and how best to configure it for multiple different environment types. There is general installation and configuration documentation but usually once you go outside of the scope of these there’s a distinct lack of information and it takes a degree in Google Search Dynamics to help find an answer to a problem.

Despite my bitching I did manage to find a solution to a problem for vShield Manager the other day. I’ve been working on bringing a test Flexpod environment up to date. As with a lot of test environments the applications were deployed but never configured. vShield Manager was no different in this case. The error I saw within vShield Manager when I checked the Summary on the ESXi host was: Not applicable to ESX version below 4.1 Patch 3. My immediate question is how can this be possible, I’m running version 5.1 Express Patch 5 and the environment has never had version 4 installed? It turns out this issue is due to the web interface and the steps to resolve the issue can be found here.

My remediation steps for the issue involved:
  • Checking the permissions on AD for the service account. It was using the administrator account.
  • Created a service account called svc-vsm-<vmname> and gave it domain admin access.
  • I then delegated permissions from vCenter datacenter for it.
Once the above was completed I did the following:
  1. Logged in to the vShield Manager virtual machine using your admin credentials:
    username: admin
    default password: default
  2. To enable root privilege, I ran this command:
    enable <enter>
  3. Entered the admin password again.
  4. Ran this command to configure the terminal:
    config t <enter> (config <space> t)
  5. Ran this command to disable the Web services:
    no web-manager <enter>
  6. Waited for a second or two and then enabled the Web service using this command:
    web-manager <enter>
  7. Ran this command twice to exit the system:
    exit <enter> and then exit <enter> again to log out fully.
  8. Reloaded the client to see the changes and hey presto vShield Endpoint showed up as installed for that ESXi host

2 thoughts on “vShield Manager – Unable to view installation status of Endpoint

  1. Pingback: Trend Deep Security Manager 9 – Install and Configure (again!) « Scamaill Beag

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.