If this is supported or not I have no idea! But I made some minor changes to the Skyline Collector appliance.
While trying to setup AD integration with Skyline I ran into a weird problem. While everything seemed okay, Skyline kept throwing this error:
A group name contains illegal characters.
A user name contains illegal characters.
Well that narrows it down, right? All you need to do now is search for “a group” or “a user” and find the illegal character. Needless to say the error is of no use. Let’s SSH into Skyline and look at some log files. But wait root login is disabled. Let’s enable it first:
To enable SSH access, perform the following steps:
- Open the Skyline Collector console via the vSphere Client/Web Client
- Login as root and the root password defined during deployment
- Run ‘vi /etc/ssh/sshd_config’
- Enter ‘i’ to modify the file in VI editor
- Locate the line that contains ‘PermitRootLogin no’ and change the value to ‘PermitRootLogin yes’
- Save the changes by hitting ESC + typing ‘:wq!’
- Restart the sshd service by running ‘service sshd restart’
Now SSH into Skyline and tail /var/log/skyline/collector.log.
2022-01-21 12:55:09,494 WARN [qtp1997224928-35] c.v.s.c.a.CredentialManager [CredentialManager.java:133]  AD validation failed. com.vmware.skyline.collector.api.exception.AdDomainValidationException: A group name contains illegal characters. at com.vmware.skyline.collector.api.model.AdDomainCreateRequest.validate(AdDomainCreateRequest.java:77) at com.vmware.skyline.collector.auth.CredentialManager.setAllowedAdDomain(CredentialManager.java:127) at com.vmware.skyline.collector.api.external.services.ExternalApiServices.setAdDomain(ExternalApiServices.java:924) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.base/java.lang.reflect.Method.invoke(Unknown Source)
That’s not of much help. I couldn’t find anything online. I know that AD integrations with Linux can always be a pain. I remembered that one time I had to enter the domain name in capital letters. Why not try that, as searching online wasn’t helping me much. Guess what happened when I wrote the domain name in capital letters… it worked! Don’t ask me why, I’m done trying to figure that out.
And while I was logged on to Skyline, why not setup syslog? I have vRLI so there should be no real reason for me to SSH into a VM, right?
Setting up vRLI is super easy!
First what you want to do is give the Skyline VM a proper name. No need to edit files, simple use hostnamectl, like this:
hostnamectl set-hostname <new_hostname>
ea: hostnamectl set-hostname skyline-kablog
Check if the new hostname is applied:
Download the vRLI agent and install it in one go:
curl -k -o /tmp/liagent.rpm https://<vRLI FQDN>/api/v1/agent/packages/types/rpm; rpm -Uvh /tmp/liagent.rpm
ea: curl -k -o /tmp/liagent.rpm https://vrli-kablog.nl/api/v1/agent/packages/types/rpm; rpm -Uvh /tmp/liagent.rpm
Make sure the agent runs after reboots:
systemctl enable liagentd
Edit the liagent config file to match your environment.
In the [server] section, modify the following parameters and save the file.
[server] hostname=<vrealize_log_insight_fqdn> proto=cfapi port=9000 ssl=no
Restart the agent:
systemctl restart liagentd
Now head over to your vRLI instance and add the agent to the “Photon OS – Appliance Agent Group” agent group. This will reconfigure the agent accordingly.
If you don’t have that group in vRLI follow the below link to create it. Be sure to select the newly set hostname of the Skyline VM in step 7.
So the next time you ran into a wierd integration problem try yelling the DOMAIN NAME!
I hope this helps!