Trond's Working!

UPDATE 15.08.2012: It turns out that the procedure I originally outlined will you end up with a CIM server (which SCVMM uses for comms) that cannot start its ssl port because of un-trusted certificates. I found that the best way to remediate the situation is to uninstall the cimserver (openpegasus) and then reinstall the whole SCVMM package. This can be done like this:

yum remove openpegasus

I’ve updated the steps below so that certificates are generated before the SCVMM integration components (including the openpegasus cim server) to avoid this issue. If you find yourself stuck with CimServer SSL issues, just remember: Uninstall OpenPegasus and try again. You SHOULD end up with a XenServer that responds with the same SSL Certificate on both port 443 and 5989.

Stuff to do to get Xenservers working with SCVMM 2012 (CU1):

0. Make sure your XenServer hosts are running XenServer 6.0.2 or higher.

1. Hostname on the xenserver needs to be a FQDN. To change it, run this command (in the console or in a ssh client like putty.exe)
xe host-list
xe host-param-set name-label=newhostname.domain.com uuid=<uuid from the list above>

example:
xe host-list xe host-param-set name-label=xenserver01.domain.com uuid=da91db28-7a7f-45e1-bffb-d1452d27bc04

2. Register the XenServer(s) in your DNS, so that the Virtual Machine Manager can resolve it and get the ip address of the XenServer’s primary management interface IP. The FQDN you register in DNS must be the same as you gave it in step 1 above

3. Replace the certificate on the xenserver – again in the console or inside a ssh session on the xenserver (replace xenserver01.domain.com with your XenServer’s fqdn):

echo "stopping services" 
/etc/init.d/xapissl stop 
cert="/etc/xensource/xapi-ssl.pem" 
cert_backup="${cert}.`date -u +%Y%m%dT%TZ`" 
mv -f "${cert}" "${cert_backup}" 
/opt/xensource/libexec/generate_ssl_cert "${cert}" xenserver01.domain.com 
echo "starting services" 
/etc/init.d/xapissl start

4. Install the XenServer supplemental pack for VMM on the xenserver host. This is described here: http://blogs.citrix.com/2011/06/16/managing-xenserver-with-system-center-virtual-machine-manager-scvmm-2012/

5. Add the XenServer’s certificate to the “Trusted People” of the VMM servers Computerscertificates list. The easist way to do this is to browse to https://xenserver01, accept the untrusted cert, click it, install to your local trusted people store, and then use the mmc snapin to drag-and-drop it from the current user to the computer store. Reboot the VMM Server to make sure the new certificates are picked up (not required, but does not hurt). If you have multiple VMM servers, you need to perform this step on each VMM server.

6. In SCVMM, add your xenserver in Fabric–>add resources–>Xenserver. If you have a pool, adding one server should be enough- VMM should pick up the rest of your servers in the same pool. (which means that you need to assign a fqdn hostname, regenerate certificate and register dns for ALL hosts in the pool you’re adding). Do not un-check the “use certificates” box, it will only get you into trouble later on.

If you run into certificate trouble, you can use IE to check that everything is as it should. Simply open IE and browse to https://fqdn of the xenserver, for example: https://xenserver01.domain.com. Also, make sure you don’t get any https errors when browsing the cimserver http server, as this is what VMM is actually using for comms:
https://xenserver01.domain.com:5989 (this should give you a simple http error 501 (not implemented) but no certificate errors or warnings.

If you follow this post to the letter, chances are good your xenserver pools will end up in your vmm server without hickups.

One thing to note: On my VMM system I was not able to live migrate xenserver vms between hosts in a pool using the VMM Console, I had to use the Move-VM CmdLet. The following morning, however, everything worked.