Lazy Admin Blog

How to reset ESXi 5.x root password using Host Profiles

Posted on November 21, 2015 Updated on November 21, 2015

According to VMware, the only supported way to reset a lost password is to do a fresh install. However, there are ways around it if your host is already connected to vCenter.

If you do NOT know the host password but it’s currently connected to vCenter, you can use Host Profiles to reset the password. This is only possible because the vpxa user on each ESXi host, added when the ESXi host is connected to vCenter Server, has root privileges.

Host Profiles are a feature of Enterprise Plus licensing only.

The is a VMware KB which mentions root password recovery is this one and it clearly states that it’s not supported to reset passwords on ESXi 5.x and ESXi in general as there is no longer the Linux console where you would use the single-user mode for the job:

Reinstalling the ESXi host is the only supported way to reset a password on ESXi. Any other method may lead to a host failure or an unsupported configuration due to the complex nature of the ESXi architecture. ESXi does not have a service console and as such traditional Linux methods of resetting a password, such as single-user mode.

But using host profiles to change the root password on ESXi host is supported and if you got the appropriate licensing then you should be able to change the root password.

Steps:

1. Right click the host, choose All vCenter Actions, Host Profiles, and select Extract Host Profile. Run through the wizard to create the new profile.

2. At the top of the vSphere client, click Home and Host Profiles under the Management section. Right click the newly created profile and choose Edit.

3. Click Next to the Edit Host Profile step and expand Security and Services, then expand Security Settings. Click on Security Configuration. Modify the dropdown list and select the “Configure a fixed administrator password” option. Enter the new password.

4. Complete the wizard which will save all your changes.

5. Back in the Hosts and Clusters view, right click your host and go to All vCenter Actions, Host Profiles, and Attach Host Profile. Select your profile you created and customized and finish the wizard.

6. Put your host in maintenance mode.

7. Right click the host again, All vCenter Actions, Host Profiles, and Remediate. If your host is not in maintenance mode, you’ll get the message “Remediate operation is allowed only for hosts in maintenance mode”

8. Once the Host Profile is applied, the host will reboot and your password will now be updated.

How to Remove Storage Devices from ESXi Hosts

Posted on November 21, 2015 Updated on November 21, 2015

Unmounting a LUN checklist

Before unmounting a LUN, ensure that:

  • If the LUN is being used as a VMFS datastore, all objects (such as virtual machines, snapshots, and templates) stored on the VMFS datastore are unregistered or moved to another datastore.Note: All CD/DVD images located on the VMFS datastore must also be unregistered from the virtual machines.
  • The datastore is not used for vSphere HA heartbeat.
  • The datastore is not part of a datastore cluster.
  • The datastore is not managed by Storage DRS.
  • The datastore is not configured as a diagnostic coredump partition.
  • Storage I/O Control is disabled for the datastore.
  • No third-party scripts or utilities running on the ESXi host can access the LUN that has issue. If the LUN is being used as a datastore, unregister all objects (such as virtual machines and templates) stored on the datastore.
  • If the LUN is being used as an RDM, remove the RDM from the virtual machine. Click Edit Settings, highlight the RDM hard disk, and click Remove. Select Delete from disk if it is not selected, and click OK.Note: This destroys the mapping file, but not the LUN content.
  • Check if the LUN/datastore is used as the persistent scratch location for the host.This PowerCLI script can be used to check the current scratch location:

$vcServer = “vCenter01” $cluster = “CL01” $esxCred = Get-Credential Connect-VIServer $vcServer | Out-Null #Connect to ESX hosts in cluster foreach ($esx in Get-Cluster $cluster | Get-VMHost) { Connect-VIServer $esx -Credential $esxCred | Out-Null Get-VMHostAdvancedConfiguration -Name “ScratchConfig.ConfiguredScratchLocation” }

Note: When using the vSphere Web Client with vSphere 5.1, 5.5 and 6.0, only these checks are performed during the datastore unmount operation:

  • Host should not have any virtual machines residing on this datastore
  • Host should not use the datastore for HA heartbeats

Obtaining the NAA ID of the LUN to be removed

From the vSphere Client, this information is visible in the Properties window of the datastore.

From the ESXi host, run this command:

# esxcli storage vmfs extent list

You see output similar to:

Volume Name VMFS UUID Extent Number Device Name Partition — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — datastore1 4de4cb24–4cff750f-85f5–0019b9f1ecf6 0 naa.6001c230d8abfe000ff76c198ddbc13e 3 Storage2 4c5fbff6-f4069088-af4f-0019b9f1ecf4 0 naa.6001c230d8abfe000ff76c2e7384fc9a 1 Storage4 4c5fc023-ea0d4203–8517–0019b9f1ecf4 0 naa.6001c230d8abfe000ff76c51486715db 1 LUN01 4e414917-a8d75514–6bae-0019b9f1ecf4 0 naa.60a98000572d54724a34655733506751 1

Make a note of the NAA ID of the datastore to use this information later in this procedure.

Note: Alternatively, you can run the esxcli storage filesystem list command, which lists all file systems recognized by the ESXi host.

Unmounting a LUN using the vSphere Client

To unmount a LUN from an ESXi 5.0 host using the vSphere Client:

  1. If the LUN is an RDM, skip to step 2. Otherwise, in the Configuration tab of the ESXi host, click Storage. Right-click the datastore being removed, and click Unmount.A Confirm Datastore Unmount window appears. When the prerequisite criteria have been passed, click OK.Note: To unmount a datastore from multiple hosts in the vSphere Client, click Hosts and Clusters > Datastores and Datastore Clusters view (Ctrl+Shift+D). Perform the unmount task and select the appropriate hosts that should no longer access the datastore to be unmounted.
  2. Click the Devices view (under Configuration > Storage):
  3. Right-click the NAA ID of the LUN (as noted above) and click Detach. A Confirm Device Unmount window is displayed. When the prerequisite criteria are passed, click OK. Under the Operational State of the Device, the LUN is listed as Unmounted.Note: The Detach function must be performed on a per-host basis and does not propagate to other hosts in vCenter Server. If a LUN is presented to an initiator group or storage group on the SAN, the Detach function must be performed on every host in that initiator group before unmapping the LUN from the group on the SAN. Failing to follow this step results in an all-paths-down (APD) state for those hosts in the storage group on which Detach was not performed for the LUN being unmapped.
  4. Confirm if the LUN is successfully detached. The LUN can then be safely unpresented from the SAN. For more information, contact your storage array vendor.
  5. Perform a rescan on all ESXi hosts which had visibility to the LUN. The device is automatically removed from the Storage Adapters.

When the device is detached, it stays in an unmounted state even if the device is re-presented (that is, the detached state is persistent). To bring the device back online, the device must be attached.

If you want the device to permanently decommission from an ESXi host, manually remove the NAA entries from the host configuration:

  1. To list the permanently detached devices, run this command:# esxcli storage core device detached listYou see output similar to:Device UID State — — — — — — — — — — — — — – naa.50060160c46036df50060160c46036df off naa.6006016094602800c8e3e1c5d3c8e011 off
  2. To permanently remove the device configuration information from the system, run this command:# esxcli storage core device detached remove -d NAA_IDFor example:# esxcli storage core device detached remove -d naa.50060160c46036df50060160c46036df

VMware vCenter Release and Build Number History

Posted on November 4, 2015 Updated on November 4, 2015

vCenter Build Numbers Name Version Release Build Installer Version vCenter Server 6.0.0 Update 1 6.0 U1 9/10/2015 3018524 3040890 vCenter Server 6.0.0b 6.0.0b 7/7/2015 2776511 2800571 vCenter Server 6.0 Express Patch 1 6.0.0a 4/16/2015 2656758 2656757 vCenter Server 6.0 6.0 GA 3/12/2015 2494585 2562643 vCenter Server 5.5 Update 3 5.5 U3 9/16/2015 3000241 3000346 vCenter Server 5.5 Update 2e 5.5 U2e 4/16/2015 2646482 2646481 5.5.0.44687 vCenter Server 5.5 Update 2d 5.5 U2d 1/27/2015 2442329 2442328 5.5.0.43769 vCenter Server 5.5 Update 2b 5.5 U2b 10/9/2014 2183111 2183112 5.5.0.43013 vCenter Server 5.5 Update 2 5.5 U2 9/9/2014 2001466 2105955 5.5.0.42389 vCenter Server 5.5 Update 1c 5.5 U1c 7/22/2014 1945274 1945270 5.5.0.42156 vCenter Server 5.5 Update 1b 5.5 U1b 6/12/2014 1891310 1891314 5.5.0.41927 vCenter Server 5.5 Update 1a 5.5 U1a 4/19/2014 1750795 1750787 5.5.0.41222 vCenter Server 5.5c 5.5c 4/19/2014 1750596 1750597 5.5.0.41218 vCenter Server 5.5 Update 1 5.5 U1 3/11/2014 1623101 1623099 5.5.0.40799 vCenter Server 5.5b 5.5b 12/22/2013 1476327 1476387 5.5.0.39885 vCenter Server 5.5a 5.5a 10/31/2013 1378903 1378901 5.5.0.38845 vCenter Server 5.5 5.5 GA 9/22/2013 1312298 1312299 5.5.0.38036 vCenter Server 5.1 Update 3b 5.1 U3b 10/1/2015 3070521 3072311 vCenter Server 5.1 Update 3a 5.1 U3a 4/30/2015 2669725 2670344 vCenter Server 5.1 Update 3 5.1 U3 12/4/2014 2306353 2308386 5.1.0.43263 vCenter Server 5.1 Update 2c 5.1 U2c 10/30/2014 2207772 2212977 5.1.0.43068 vCenter Server 5.1 Update 2a 5.1 U2a 7/7/2014 1882349 1917403 5.1.0.41903 vCenter Server 5.1 Update 2 5.1 U2 1/16/2014 1473063 1474365 5.1.0.39867 vCenter Server 5.1 U1c 5.1 U1c 10/30/2013 1364037 1364079 5.1.0.38659 vCenter Server 5.1 U1b 5.1 U1b 8/1/2013 1235232 1235309 5.1.0.37189 vCenter Server 5.1 U1a 5.1 U1a 5/22/2013 1123961 1123966 5.1.0.36098 vCenter Server 5.1 Update 1 5.1 U1 4/25/2013 1064983 1065152 5.1.0.35539 vCenter Server 5.1b 5.1b 12/20/2012 947673 947939 5.1.0.34460 vCenter Server 5.1a 5.1a 11/19/2012 880146 880471 5.1.0.33762 vCenter Server 5.1 5.1 GA 9/11/2012 799731 799735 5.1.0.32743 vCenter Server 5.0 Update 3e 5.0 U3e 10/1/2015 3073236 3073234 vCenter Server 5.0 Update 3d 5.0 U3d 4/30/2015 2656067 2692807 vCenter Server 5.0 Update 3c 5.0 U3c 11/20/2014 2210222 2215678 5.0.0.43079 vCenter Server 5.0 Update 3a 5.0 U3a 7/1/2014 1917469 1923446 5.0.0.42044 vCenter Server 5.0 Update 3 5.0 U3 10/17/2013 1300600 1343691 5.0.0.37933 vCenter Server 5.0 Update 2 5.0 U2 12/20/2012 913577 923238 5.0.0.34130 vCenter Server 5.0 U1b 5.0 U1b 8/16/2012 804277 804276 5.0.0.32829 vCenter Server 5.0 U1a 5.0 U1a 7/12/2012 755629 757163 5.0.0.31955 vCenter Server 5.0 Update 1 5.0 U1 3/15/2012 623373 639890 5.0.0.29542 vCenter Server 5.0 5.0 GA 8/24/2011 456005 456005 5.0.0.16964 vCenter Server 4.1 U3a 1/31/2013 925676 978694 vCenter Server 4.1 U3 8/30/2012 799345 816786 vCenter Server 4.1 U2 10/27/2011 491557 493063 vCenter Server 4.1 U1 2/10/2011 345043 345042 VUM-KB-1023962 7/19/2010 275390 vCenter Server 4.1 7/13/2010 259021 259021 vCenter Server 4.0 Update 4b 4.0 U4b 2/7/2013 934016 vCenter Server 4.0 U4 11/17/2011 496403 vCenter Server 4.0 U3 5/5/2011 385281 vCenter Server 4.0 U2 6/10/2010 258672 vCenter Server 4.0 U1 11/19/2010 208111 vCenter Server 4.0 Patch 1 2/25/2010 183347 vCenter Server 4.0 5/21/2009 162856 VirtualCenter 2.5.0 U6b 3/8/2012 598800 VirtualCenter 2.5.0 U6a 5/5/2011 341471 VirtualCenter 2.5.0 U6 Localized 1/29/2010 227640 VirtualCenter 2.5.0 U6 English 1/29/2010 227637 VirtualCenter 2.5.0 U5 Localized 7/10/2009 174835 VirtualCenter 2.5.0 U5 English 7/10/2009 174768 VirtualCenter 2.5.0 U4 Localized 2/23/2009 147704 VirtualCenter 2.5.0 U4 German 2/23/2009 147697 VirtualCenter 2.5.0 U4 English 2/23/2009 147633 VirtualCenter 2.5.0 U3 10/3/2008 119598 VirtualCenter 2.5.0 U2 7/25/2008 104215 VirtualCenter 2.5.0 U1 4/10/2008 84767 VirtualCenter 2.5.0 12/10/2007 64192

How to recover the only administrator account for Cisco UCS Manager

Posted on October 29, 2015 Updated on October 29, 2015

Recovering the only administrator account for Cisco UCS Manager:

If we lost/forgot the password of the only administrator account, you cannot retrieve the original password. However you have the option to recover it by changing the password for which you need to to power cycle all fabric interconnects (FI) in a Cisco UCS domain.

You can reset the password for all other local accounts through Cisco UCS Manager. However, you must log in to Cisco UCS Manager with an account that includes aaa or admin privileges. If you do not have access to a admin account then read below:

I am going to tell you in steps how to do that:

Prerequisite 1: Determining the Leadership Role of a Fabric Interconnect

  1. In the Navigation pane, click the Equipment tab.
  2. In the Equipment tab, expand Equipment > Fabric Interconnects.
  3. Click the fabric interconnect for which you want to identify the role.
  4. In the Work pane, click the General tab.
  5. In the General tab, click the down arrows on the High Availability Details bar to expand that area.
  6. View the Leadership field to determine whether the fabric interconnect is the primary or subordinate.

Prerequisite 2: Verifying the Firmware Versions on a Fabric Interconnect

You can use the following procedure to verify the firmware versions on all fabric interconnects in a Cisco UCS domain. You can verify the firmware for a single fabric interconnect through the Installed Firmware tab for that fabric interconnect.

  1. In the Navigation pane, click the Equipment tab.
  2. In the Equipment tab, click the Equipment node.
  3. In the Work pane, click the Firmware Management tab.
  4. In the Installed Firmware tab, verify that the following firmware versions for each fabric interconnect match the version to which you updated the firmware:

Kernel version

System version

Scenario 1: Recovering the Admin Account Password in a Standalone Configuration

This procedure will help you to recover the password that you set for the admin account when you performed an initial system setup on the fabric interconnect. The admin account is the system administrator or superuser account.

Before You Begin:

  1. Physically connect the console port on the fabric interconnect to a computer terminal or console server
  2. Determine the running versions of the following firmware:

The firmware kernel version on the fabric interconnect

The firmware system version

  1. Connect to the console port.
  2. Power cycle the fabric interconnect:

Turn off the power to the fabric interconnect.

Turn on the power to the fabric interconnect.

  1. In the console, press one of the following key combinations as it boots to get the loader prompt:

Ctrl+l

Ctrl+Shift+r

You may need to press the selected key combination multiple times before your screen displays the loader prompt.

  1. Boot the kernel firmware version on the fabric interconnect.

loader >

boot /installables/switch/

kernel_firmware_version

Example:

loader >

boot /installables/switch/ucs-6100-k9-kickstart.4.1.3.N2.1.0.11.gbin

  1. Enter config terminal mode.

Fabric(boot)#

config terminal

  1. Reset the admin password.

Fabric(boot)(config)#

admin-password

password

Choose a strong password that includes at least one capital letter and one number. The password cannot be blank. The new password displays in clear text mode.

  1. Exit config terminal mode and return to the boot prompt.
  2. Boot the system firmware version on the fabric interconnect.

Fabric(boot)#

load /installables/switch/

system_firmware_version

Example:

Fabric(boot)#

load /installables/switch/ucs-6100-k9-system.4.1.3.N2.1.0.211.bin

  1. After the system image loads, log in to Cisco UCS Manager.

Scenario 2: Recovering the Admin Account Password in a Cluster Configuration

This procedure will help you to recover the password that you set for the admin account when you performed an initial system setup on the fabric interconnects. The admin account is the system administrator or superuser account.

Before You Begin

  1. Physically connect a console port on one of the fabric interconnects to a computer terminal or console server.
  2. Obtain the following information:

The firmware kernel version on the fabric interconnect

The firmware system version

Which fabric interconnect has the primary leadership role and which is the subordinate

  1. Connect to the console port.
  2. For the subordinate fabric interconnect.
  3. Turn off the power to the fabric interconnect.
  4. Turn on the power to the fabric interconnect.
  5. In the console, press one of the following key combinations as it boots to get the loader prompt:

Ctrl+l

Ctrl+Shift+r

You may need to press the selected key combination multiple times before your screen displays the loader prompt.

  1. Power cycle the primary fabric interconnect:
  2. Turn off the power to the fabric interconnect.
  3. Turn on the power to the fabric interconnect.
  4. In the console, press one of the following key combinations as it boots to get the loader prompt:

Ctrl+l

Ctrl+Shift+r

You may need to press the selected key combination multiple times before your screen displays the loader prompt.

  1. Boot the kernel firmware version on the primary fabric interconnect.

loader > boot /installables/switch/

kernel_firmware_version

Example:

loader > boot /installables/switch/ucs-6100-k9-kickstart.4.1.3.N2.1.0.11.gbin

  1. Enter config terminal mode.

Fabric(boot)# config terminal

  1. Reset the admin password.

Fabric(boot)(config)# admin-password password

Choose a strong password that includes at least one capital letter and one number. The password cannot be blank. The new password displays in clear text mode.

  1. Exit config terminal mode and return to the boot prompt.
  2. Boot the system firmware version on the primary fabric interconnect.

Fabric(boot)# load /installables/switch/

system_firmware_version

Example:

Fabric(boot)# load /installables/switch/ucs-6100-k9-system.4.1.3.N2.1.0.211.bin

  1. After the system image loads, log in to Cisco UCS Manager.
  2. In the console for the subordinate fabric interconnect, do the following to bring it up:
  3. Boot the kernel firmware version on the subordinate fabric interconnect.

loader > boot /installables/switch/

kernel_firmware_version

  1. Boot the system firmware version on the subordinate fabric interconnect.

Fabric(boot)# load /installables/switch/

system_firmware_version

How to configure a Dell iDRAC card without rebooting

Posted on October 16, 2015 Updated on October 16, 2015

First of all download the Racadm tool from the this link. It is included in Dell OpenManage DRAC Tools. The Dell Remote Access Controller (DRAC) console is management station software designed to provide remote management capabilities for the Dell systems. You can remotely connect to the DRAC hardware and access the DRAC features either by using a web browser or the RACADM Command Line Interface (CLI). RACADM CLI is the command line user interface to the DRAC.

Syntax Usage

The following shows an example of a simple RACADM subcommand, getsysinfo, used with each RACADM utility. See the end of this article for links to documentation containing the full list of RACADM commands.

Remote RACADM

Remote RACADM commands must include the ip address or hostname of the idrac, and the idrac username and password.

racadm -r <ip address or hostname> -u <username> -p <password> <subcommand>

racadm -r 10.1.1.1 -u root -p calvin getsysinfo

NOTE: Remote racadm uses the web server SSL certificate of the iDRAC to authenticate the session. You will receive a warning message if certificates have not been configured or if the certificate is invalid. However, the command will execute normally following the message. If you wish to halt the command on certificate errors, use the -S option in the command. For information on configuring certificates on the iDRAC, see the user’s guide for your iDRAC linked at the end of this article.

Local RACADM

You do not have to specify the ip address, username, or password in Local RACADM commands.

racadm <subcommand> eg. racadm getsysinfo

racadm getniccfg

racadm setniccfg –s 172.17.2.124 255.255.252.0 172.17.0.5

racadm getconfig -g cfgLanNetworking

racadm config -g cfgLanNetworking -o cfgNicIpAddress 172.17.2.124

racadm config -g cfgLanNetworking -o cfgNicNetmask 255.255.252.0

racadm config -g cfgLanNetworking -o cfgNicGateway 172.17.0.7

racadm config -g cfgLanNetworking -o cfgDNSServer1 172.17.0.6

racadm config -g cfgLanNetworking -o cfgDNSServer2 172.17.0.5

racadm config -g cfgLanNetworking -o cfgDNSRacName ServerName-DRAC

racadm config -g cfgLanNetworking -o cfgDNSDomainName corp.company.com

SSH/Telnet/Serial (Firmware) RACADM

You do not have to specify the ip address, username, or password in Firmware RACADM commands.

racadm <subcommand> eg. racadm getsysinfo

racadm <Enter> — takes you to a racadm>> prompt eg. racadm>>getsysinfo

Raising a support case for ProLiant/Blades Series Servers, the step by step approach!

Posted on October 9, 2015 Updated on October 9, 2015

Now a days HP has segregated the support types, the server support comes under Hewlett Packard Enterprise.

Select your product

HP ProLiant BL Server Blades

HP ProLiant CL Servers

HP ProLiant DL Multi Node Servers

HP ProLiant DL Servers

HP ProLiant MicroServer

HP ProLiant ML Servers

HP ProLiant Packaged Cluster Servers

HP ProLiant Scalable Systems

HP ProLiant WS Workstation Blades

HP Server tc Series

if you are not able to find your product, check the below link to manually search the server model/ number in the Hewlett Packard Enterprise Products: eg. ProLiant DL360 Gen9

You will get log of results like below:

Finally if the above of these do not help then you can raise case by clicking the below link. You need to create a HP passport login in case you do not have an account. HP Passport is a single sign in service that lets you use one User ID and password for all HP Passport-enabled websites.

Submit or manage support cases

You may also check existing ticket updates by providing the case ID.

I hope techies find it useful :-)

VMware ESXi Release and Build Number History — A must for confirming your ESXi hosts are up to date!

Posted on October 3, 2015 Updated on December 10, 2015

The following listings are a comprehensive collection of the flagship hypervisor product by VMware. All bold versions are downloadable releases.

vSphere ESXi 6.0

Name Version Release Build ESXi600–201511001 ESXi 6.0 Express Patch 4 2015–11–25 3247720 ESXi600–201510001 ESXi 6.0 Update 1a 2015–10–06 3073146 VMware ESXi 6.0 Update 1 ESXi 6.0 Update 1 2015–09–10 3029758 ESXi600–201507001 ESXi 6.0b 2015–07–07 2809209 ESXi600–201505001 ESXi 6.0 Express Patch 2 2015–05–14 2715440 ESXi600–201504001 ESXi 6.0 Express Patch 1 2015–04–09 2615704 VMware ESXi 6.0 ESXi 6.0 GA 2015–03–12 2494585

vSphere ESXi 5.5

Name Version Release Build ESXi550–201512001 2015–12–08 3248547 ESXi550–201510001 ESXi 5.5 Update 3a 2015–10–06 3116895 VMware ESXi 5.5 Update 3 ESXi 5.5 Update 3 2015–09–16 3029944 ESXi550–201505002 ESXi 5.5 Patch 5 2015–05–08 2718055 ESXi550–201504002 Recalled 2015–04–30 2702864 ESXi550–201504001 ESXi 5.5 Express Patch 7 2015–04–07 2638301 ESXi550–201502001 ESXi 5.5 Express Patch 6 2015–02–05 2456374 ESXi550–201501001 ESXi 5.5 Patch 4 2015–01–27 2403361 ESXi550–201412001 ESXi 5.5 Express Patch 5 2014–12–02 2302651 ESXi550–201410001 ESXi 5.5 Patch 3 2014–10–15 2143827 VMware ESXi 5.5 Update 2 ESXi 5.5 Update 2 2014–09–09 2068190 ESXi550–201407001 ESXi 5.5 Patch 2 2014–07–01 1892794 ESXi550–201406001 ESXi 5.5 Express Patch 4 2014–06–10 1881737 ESXi550–201404020 ESXi 5.5 Express Patch 3 2014–04–19 1746974 ESXi550–201404001 ESXi 5.5 Update 1a 2014–04–19 1746018 VMware ESXi 5.5.1 Driver Rollup 2014–03–11 1636597 VMware ESXi 5.5 Update 1 ESXi 5.5 Update 1 2014–03–11 1623387 ESXi550–201312001 ESXi 5.5 Patch 1 2013–12–22 1474528 vSAN Beta Refresh 2013–11–25 1439689 VMware ESXi 5.5 ESXi 5.5 GA 2013–09–22 1331820

vSphere ESXi 5.1

Name Version Release Build ESXi510–201510001 2015–10–01 3070626 ESXi510–201503001 5.1.0 Patch 7 2015–03–26 2583090 VMware ESXi 5.1 Update 3 5.1.0 U3 2014–12–04 2323236 ESXi510–201410001 5.1.0 Patch 6 2014–10–31 2191751 ESXi510–201407001 5.1.0 Patch 5 2014–07–31 2000251 ESXi510–201406001 5.1.0 Express Patch 5 2014–06–17 1900470 ESXi510–201404001 5.1.0 Patch 4 2014–04–29 1743533 ESXi510–201402001 5.1.0 Express Patch 4 2014–02–27 1612806 VMware ESXi 5.1 Update 2 5.1.0 U2 2014–01–16 1483097 ESXi510–201310001 5.1.0 Patch 3 2013–10–17 1312873 ESXi510–201307001 5.1.0 Patch 2 2013–07–25 1157734 ESXi510–201305001 5.1.0 Express Patch 3 2013–05–22 1117900 VMware ESXi 5.1 Update 1 5.1.0 U1 2013–04–25 1065491 ESXi510–201303001 5.1.0 Express Patch 2 2013–03–07 1021289 ESXi510–201212001 5.1.0 Patch 1 2012–12–20 914609 ESXi510–201210001 5.1.0a 2012–10–24 838463 KB2034796 5.1.0 Hot-Patch 837262 VMware ESXi 5.1 5.1.0 GA 2012–09–11 799733

vSphere ESXi 5.0

Name Version Release Build ESXi500–201510001 2015–10–01 3086167 ESXi500–201502001 5.0.0 Patch 11 2015–02–26 2509828 ESXi500–201412001 5.0.0 Patch 10 2014–12–04 2312428 ESXi500–201408001 5.0.0 Patch 9 2014–08–28 2000308 ESXi500–201407001 5.0.0 Express Patch 6 2014–07–01 1918656 ESXi500–201405001 5.0.0 Patch 8 2014–05–29 1851670 ESXi500–201401001 5.0.0 Patch 7 2014–01–23 1489271 VMware ESXi 5.0 Update 3 5.0.0 U3 2013–10–17 1311175 ESXi500–201308001 5.0.0 Patch 6 2013–08–29 1254542 ESXi500–201305001 5.0.0 Express Patch 5 2013–05–15 1117897 ESXi500–201303001 5.0.0 Patch 5 2013–03–28 1024429 VMware ESXi 5.0 Update 2 5.0.0 U2 2012–12–20 914586 ESXi500–201209001 5.0.0 Patch 4 2012–09–27 821926 ESXi500–201207001 5.0.0 Patch 3 2012–07–12 768111 ESXi500–201206001 5.0.0 Express Patch 4 2012–06–14 721882 ESXi500–201205001 5.0.0 Express Patch 3 2012–05–03 702118 ESXi500–201204001 5.0.0 Express Patch 2 2012–04–12 653509 VMware ESXi 5.0 Update 1 5.0.0 U1 2012–03–15 623860 ESXi500–201112001 5.0.0 Patch 2 2011–12–15 515841 ESXi500–201111001 5.0.0 Express Patch 1 2011–11–03 504890 ESXi500–201109001 5.0.0 Patch 1 2011–09–13 474610 VMware ESXi 5.0 5.0.0 2011–08–24 469512

vSphere ESXi 4.1

Name Version Release Build ESXi410–201404001 4.1.0 Patch 11 2014–04–10 1682698 ESXi410–201312001 4.1.0 Patch 10 2013–12–05 1363503 ESXi410–201307001 4.1.0 Patch 9 2013–07–31 1198252 ESXi410–201304001 4.1.0 Patch 8 2013–04–30 1050704 ESXi410–201301001 4.1.0 Patch 7 2013–01–31 988178 ESXi410–201211001 4.1.0 Patch 6 2012–11–15 874690 VMware ESXi 4.1 Update 3 4.1.0 U3 2012–08–30 800380 ESXi410–201206001 4.1.0 Express Patch 3 2012–06–14 721871 ESXi410–201205001 4.1.0 Express Patch 2 2012–05–03 702113 ESXi410–201204001 4.1.0 Patch 5 2012–04–26 659051 ESXi410–201201001 4.1.0 Patch 4 2012–01–30 582267 VMware ESXi 4.1 Update 2 4.1.0 U2 2011–10–27 502767 ESXi410–201107001 4.1.0 Patch 3 2011–07–28 433742 ESXi410–201104001 4.1.0 Patch 2 2011–04–28 381591 VMware ESXi 4.1 Update 1 4.1.0 U1 2011–02–10 348481 ESXi410–201011001 4.1.0 Express Patch 1 2010–11–29 320137 ESXi410–201010001 4.1.0 Patch 1 2010–11–15 320092 VMware ESXi 4.1 4.1.0 2010–07–13 260247

How to generate VMware ESXi logs and how to Upload via the FTP portal using a third party FTP client for a VMware Support Case

Posted on August 23, 2015 Updated on August 23, 2015

How to generate VMware ESXi logs:

Identify the ESXi host on which the server is hosted, putty to the Host and run the following command. But before you run the command, you need to select a desired datastore to direct the support log bundle to a location using the same command (mentioning the destination path).

For example:

vm-support -s > /vmfs/volumes/datastorexxx/vm-support-Hostname.tgz

Datastorexxx = will be datastore with free space

vm-support-Hostname.tgz = host name

  1. After the log bundle has been collected and downloaded from the datastore by browsing the particular datastore normally using the vSphere client, then upload the logs to the SFTP/FTP site.

How to Upload via the FTP portal using a Filezilla (FTP Client) There are many third-party GUI-based FTP clients that run on multiple platforms. These clients are able to perform the operations in this article using an intuitive GUI interface. Feel free to use the FTP client of your choice, which supports passive mode.

FileZilla is a popular third party FTP client.

To upload files from Windows using FileZilla:

  1. Open the FileZilla client.
  2. Set the transfer mode to binary:
  3. Go to the Transfer menu > Transfer type > Binary
  4. Go to the File menu > Site Manager.
  5. Add the VMware FTP site to My Sites using the Site Manager. The credentials are:
  6. Address = ftpsite.vmware.com Logon Type = normal User = inbound Password = inbound
  7. Click Connect.
  8. Change to the correct destination directory for your Support Request:
  9. If this is the first time you are uploading files to the VMware FTP Server for this case, create a directory in the root of the VMware FTP. To do this, right click the root directory on the remote site in the right pane and choose Create directory.
  10. If this is not the first time you are uploading files for this case, proceed to step 7.
  11. Change to your SR directory using the Remote site field.
  12. For example:
  13. Remote site: /12345678901
  14. Notes:
  15. For security reasons, you do not see any files or directories on the VMware FTP server, including files you have uploaded.
  16. The destination directory should contain numbers only. Do not enter letters or other characters.
  17. Once you connect to the correct destination directory, browse to the location of the log files on your local system using the file browser in the left pane or enter the full path in the Local site field.
  18. Right click the file and select Upload to start the transfer.
  19. Monitor the transfer progress in the Queued files pane.

How to power off a Virtual Machine on an ESXi host via Putty

Posted on July 3, 2015 Updated on July 3, 2015

Sometime a virtual machine may not responsive and cannot be stopped or killed, then this is a workaround to reboot the virtual machine via putty.

The esxcli command can be used locally or remotely to power off a virtual machine running on ESXi 5.x or later.

  1. Open a console session where the esxcli tool is available, either in the ESXi Shell, the vSphere Management Assistant (vMA), or the location where the vSphere Command-Line Interface (vCLI) is installed.
  2. Get a list of running virtual machines, identified by World ID, UUID, Display Name, and path to the.vmx configuration file, using this command:esxcli vm process list
  3. Power off one of the virtual machines from the list using this command:esxcli vm process kill –type=[soft,hard,force]–world-id=WorldNumber
  4. Notes: Three power-off methods are available. Soft is the most graceful, hard performs an immediate shutdown, and force should be used as a last resort. Alternate power off command syntax is: esxcli vm process kill -t [soft,hard,force] -w WorldNumber
  5. Repeat Step 2 and validate that the virtual machine is no longer running.

How to fix a RDP issue without reboot?

Posted on June 15, 2015 Updated on June 16, 2015

The following steps can be used to resolve RDP issues without a restart:

Note: The below condition will be applicable only if the server is available on NetworkJ.

Troubleshooting Steps:

1. Check if the Windows Firewall Setting is Enabled on the server. If yes, have them Disabled.

Note: This is primarily applicable for Virtual Servers (VM machines) and if it is accessible in VM console.

2. The following registry location, which is responsible for Terminal Server to access the via RDP:

HKEY_LOCAL_MACHINE \SYSTEM\CurrentControlSet\Control\Terminal Server

Under the Terminal Server key, the REG_DWORD value named fDenyTSConnection should be 0 because the value data 1 denies connecting to Terminal Services (to access the server via RDP).

Note: Even if the value is 0, change it from 0 to 1 and refresh the registry. Again the change the value back from 1 to 0 and refresh the registry.

HKEY_LOCAL_MACHINE \SYSTEM\CurrentControlSet\Control\Terminal Server

Under the Terminal Server key, the REG_DWORD value named fAllowToGetHelp should be 0 because the value data 1 denies the Remote Assistance on a server (to access the server via RDP).

Note: Even if the value is 0, change it from 0 to 1 and refresh the registry. Again the change the value back from 1 to 0 and refresh the registry.

3. The following registry location is used to enable Remote User Session on a server (Citrix)

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\ICA-Tcp

Under the ICA-Tcp key, the REG_DWORD value named fEnableWinStation should be 1 because the value data 0 denies remote user sessions (to access the server via RDP).

Note: Even if the value is 1, change it from 1 to 0 and refresh the registry. Again the change the value back from 0 to 1 and refresh the registry.

4. The following registry location is used to enable Remote User Session on a server

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp

Under the ICA-Tcp key, the REG_DWORD value named fEnableWinStation should be 1 from 0 because the value data 0 denies remote user sessions (to access the server via RDP).

Note: Even if the value is 1, change it from 1 to 0 and refresh the registry. Again the change the value back from 0 to 1 and refresh the registry.

5. The following registry location, which is responsible for RDP port:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp

Under the RDP-Tcp key, the REG_DWORD value named PortNumber should be 3389 because by default, the Remote Desktop listens on port 3389 via TCP connection (to access the server via RDP).

Note: Open command prompt and type the below command

C:\telnet “SERVERNAME OR IP ADDRESS” 3389

See if it is opened!!

P.S: At times, this may require a restart after making these changes if it still doesn’t work.

6. The following registry location is used to enable/disable logon to a Terminal Server

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

Under the Winlogon key, the REG_DWORD value named WinStationsDisabled should be 0 because the value data 1 denies logon to a Terminal Server via RDP.

Note: Even if the value is 0, change it from 0 to 1 and refresh the registry. Again the change the value back from 1 to 0 and refresh the registry.

What is a Queue Manager? What are the responsibilities of a Queue Manager?

Posted on June 15, 2015 Updated on June 16, 2015

A Queue Manager or a Dispatcher is a resource who primary task is to assign the incident tickets to resources as per their skill set. Their primary role is to meet the SLA targets for an incident ticket. Below are the responsibilities of a Queue Manager:

  • Monitoring the queues and assign the incidents before missing Response time SLA
  • Tickets to be assigned with respective Support Engineer according to required skills sets
  • Follow up with engineer for closing the tickets those are going to be SLA breached
  • Assigned the tickets which are out of scope to Service Desk/Other Teams.
  • Publishing Weekly Change Calendar
  • Daily Report on Incidents/Change/Problem tickets and SLA status
  • Daily Change schedule reminder to respective change assignee
  • Shift Handover to Next Queue Manager
  • Summary report on all Major incidents happen on that day
  • For high number of repeated incidents, you need to relate the incidents with Parent incident and cancel the duplicate incident by marking the parent ticket info.
  • Need to discuss with TL/Shift lead for taking action against bouncing tickets

The below are the knowledge or skills which a Queue Manager should possess in order to deliver their job.

  • SLA Metric
  • Process knowledge (IM/CM/PM/SR)
  • Support Scope
  • Inter team SPOC contact
  • Escalation Matrix & Entire team contacts
  • Incident Categorization
  • Entire team Skill set Matrix
  • Current Shift Roster & Oncall Resource
  • Technology specific SME for Tech assistance
  • Inter Supplier Support Scope & Queue Name
  • Inter Supplier Support SPOC & Contact Details
  • Application Owners Contact & Queue Name
  • Generating the reports from Ticketing Tool

How to install a memory on a Cisco UCS B200 M3

Posted on June 9, 2015 Updated on June 10, 2015

To install a DIMM into the blade server, follow these steps:

Procedure

Step 1: Open both DIMM connector latches.

Step 2: Press the DIMM into its slot evenly on both ends until it clicks into place.

DIMMs are keyed, if a gentle force is not sufficient, make sure the notch on the DIMM is correctly aligned.

Note: Be sure that the notch in the DIMM aligns with the slot. If the notch is misaligned you may damage the DIMM, the slot, or both.

Step 3: Press the DIMM connector latches inward slightly to seat them fully.

Supported DIMMs

The DIMMs supported in this blade server are constantly being updated. A list of currently supported and available drives is in the specification sheets at:

http:/​/​www.cisco.com/​en/​US/​products/​ps10280/​products_​data_​sheets_​list.html

Cisco does not support third-party memory DIMMs, and in some cases their use may irreparably damage the server and require an RMA and down time.

Memory Arrangement

The blade server contains 24 DIMM slots — 12 for each CPU. Each set of 12 DIMM slots is arranged into four channels, where each channel has three DIMMs.

1 Channels A-D for CPU 1 2 Channels E-H for CPU 2

DIMMs and Channels

Each channel is identified by a letter — A, B, C, D for CPU1, and E, F, G, H for CPU 2. Each DIMM slot is numbered 0, 1, or 2. Note that each DIMM slot 0 is blue, each slot 1 is black, and each slot 2 is off-white or beige.

The figure below shows how DIMMs and channels are physically laid out on the blade server. The DIMM slots in the upper and lower right are associated with the second CPU (CPU shown on right in the diagram), while the DIMM slots in the upper and lower left are associated with the first CPU (CPU shown on left).

Courtesy: Cisco

Microsoft is Adding a Native SSH Client and Server to Windows

Posted on June 4, 2015 Updated on June 10, 2015

As Microsoft has shifted towards a more customer-oriented culture, Microsoft engineers are using social networks, tech communities and direct customer feedback as an integral part on how we make decisions about future investments. A popular request the PowerShell team has received is to use Secure Shell protocol and Shell session (aka SSH) to interoperate between Windows and Linux — both Linux connecting to and managing Windows via SSH and, vice versa, Windows connecting to and managing Linux via SSH. Thus, the combination of PowerShell and SSH will deliver a robust and secure solution to automate and to remotely manage Linux and Windows systems.

SSH solutions are available today by a number of vendors and communities, especially in the Linux world. However, there are limited implementations customers can deploy in Windows production environments. After reviewing these alternatives, the PowerShell team realized the best option will be for our team to adopt an industry proven solution while providing tight integration with Windows; a solution that Microsoft will deliver in Windows while working closely with subject matter experts across the planet to build it. Based on these goals, I’m pleased to announce that the PowerShell team will support and contribute to the OpenSSH community — Very excited to work with the OpenSSH community to deliver the PowerShell and Windows SSH solution!

A follow up question the reader might have is When and How will the SSH support be available? The team is in the early planning phase, and there’re not exact days yet. However the PowerShell team will provide details in the near future on availability dates.

Finally, I’d like to share some background on today’s announcement, because this is the 3rd time the PowerShell team has attempted to support SSH. The first attempts were during PowerShell V1 and V2 and were rejected. Given our changes in leadership and culture, we decided to give it another try and this time, because we are able to show the clear and compelling customer value, the company is very supportive. So I want to take a minute and thank all of you in the community who have been clearly and articulately making the case for why and how we should support SSH! Your voices matter and we do listen.

Thank you!

Angel Calvo Group Software Engineering Manager PowerShell Team

Additional Information

For more information on SSH please go to http://www.ietf.org/rfc/rfc4251.txt

For information on OpenSSH go to: http://www.openssh.com/index.html

ESXi 6.0 and vCenter Server 6.0 launched

Posted on May 19, 2015 Updated on May 22, 2015

ESXi 6.0 and vCenter Server 6.0 has been launched on 12th May 2015.

What’s New in the VMware vSphere® 6.0 Platform — Please check http://www.vmware.com/files/pdf/vsphere/VMW-WP-vSPHR-Whats-New-6-0-PLTFRM.pdf

Want to upgrade to ESXi 6.0, check the Vmware compatibility guide. http://www.vmware.com/resources/compatibility/search.php

What is Vblock?

Posted on May 15, 2015 Updated on May 15, 2015

Vblocks are bundled virtual machine, server and storage packages marketed by the Virtual Computing Environment (VCE) Coalition, which comprises VMware, Cisco and EMC. Vblock bundles come as Vblock 0 (300 to 800 VMs), Vblock 1 (800 to 3,000 VMs) and Vblock 2 (3,000 to 6,000-plus VMs) and are made up of Cisco UCS servers, Cisco Nexus and MDS fabric switches; and EMC Clariion or Symmetrix storage arrays.

Vblock Introduction

VCE’s Vblocks come in three configurations — Vblock 0 (for 300 to 800 VMs with EMC Celerra storage), Vblock 1 (for 800 to 3,000 VMs with Celerra or Clariion storage) and Vblock 2 (for 3,000 to 6,000-plus VMs with Symmetrix storage).

Vblocks 0, 1 and 2 each have completely different EMC storage subsystems that can’t talk to each other, are not interchangeable and you can’t scale through them.

For more details related to Vblock architecture, please see http://www.vce.com/asset/documents/infrastructure-platforms.pdf

How to fix if you are unable to upgrade existing VMware Tools in a Windows 2003 virtual machine

Posted on May 15, 2015 Updated on May 15, 2015

As per VMware, the cause of this issue is currently unknown and is under investigation. In order to help identify the cause, report this issue to VMware Support and provide answers to the following questions:

  • What version of the tools are you upgrading from?
  • What version of the tools are you upgrading to?
  • What method is being used to upgrade the tools?

In order to determine the previous versions of the VMware Tools that were installed on your system, open the Microsoft Windows event viewer and search for Event Source of MsiInstaller and Event ID of 1034 for more information on viewing events, see the Filter Displayed Events Tech Net article from Microsoft.

Now, to fix this issue involves modifies the Windows registry. Before making any registry modifications, ensure that you have a current and valid backup of the registry and the virtual machine.

  1. Start the virtual machine and log on as the Administrator.
  2. Take a full backup of the registry prior to editing it. Do not skip this step.
  3. Open the Windows Registry editor. Click Start > Run, type regedit, and press Enter.
  4. Delete these registry keys if they exist:
  • HKEY_CLASSES_ROOT\Installer\Features05014B32081E884E91FB41199E24004
  • HKEY_CLASSES_ROOT\Installer\Products05014B32081E884E91FB41199E24004
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Features05014B32081E884E91FB41199E24004
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products05014B32081E884E91FB41199E24004
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1–5–18\ComponentsB150AC107B12D11A9DD0006794C4E25
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3B410500–1802–488E-9EF1–4B11992E0440}
  • HKEY_LOCAL_MACHINE\SOFTWARE\VMware, Inc.
  1. Some services might need to be removed manually from the registry. Delete these as well if they exist:
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VMTools
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VMUpgradeHelper
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VMware Physical Disk Helper Service
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vmvss
  1. Search the registry for vmware and delete all associated entries.Note: On virtual machines with any other VMware products installed (for example, vCenter Server), you might not want to delete all entries. If you do have another VMware product installed, then you can skip this step if you have already removed the entries in the previous procedures.
  2. Close the registry editor.
  3. Open Windows Explorer.
  4. Delete the %ProgramFiles%\VMware\VMware Tools folder.
  5. Restart the virtual machine.
  6. Install the new version of VMware Tools.

The request failed because the remote server took too long to respond. (The command has timed out as the remote server is taking too long to respond)

Posted on May 12, 2015 Updated on May 12, 2015

You will notice this error “The request failed because the remote server “Vcenter name / ip” took too long to respond. (The command has timed out as the remote server is taking too long to respond), ” while checking the storage view of a VM or DataCenter.

To solve this, Just type your credentials manually in the vsphere client and login as the “Use Windows Session Credentials” doesn’t work always with SSO.

Thereby be sure to follow http://kb.vmware.com/kb/2035510 when adding external domains. After that, add the trusted domains to the default domains and reorder the domains to suit your needs and save it.

How to monitor the Disk Command Aborts on an ESXi host

Posted on May 9, 2015 Updated on May 11, 2015

When storage is severely overloaded, commands are aborted because the storage subsystem is taking too long to respond to the commands. The storage subsystem has not responded within an acceptable amount of time, as defined by the guest operating system. Aborted commands are a sign that the storage hardware is overloaded and unable to handle the requests in line with the host’s expectations.

The number of aborted commands can be monitored by using either vsphere client or esxtop.

  1. from vsphere client, monitor disk commands aborts

this one can be generated from host and clusters->Performance-> Advanced -> Switch to disk -> chart options-> commands aborted-> ok.

  1. from esxtop, monitor ABRTS/s

Open putty, login to the ESXi host, run esxtop, for the disk type u, type f to change the settings and type L to select Error stats. Press W to save it.

Once this is we can see the ABRTS/s field there which tracks the SCSI aborts, Aborts generally occur because the array takes long time to respond to commands.

Now if you are planning to deploy a monitoring tool to monitor this parameter, the threshold for ABRTS/s should be 1. This signifies number of SCSI commands aborted during the collection interval i.e. in 1 second.

DISK ABRTS/s 1 Aborts issued by guest(VM) because storage is not responding. For Windows VMs this happens after 60 seconds by default. Can be caused for instance when paths failed or array is not accepting any IO for whatever reason.

However having said that the in ideal case the output of ABRTS/s should be 0, which may sometime not been observer during peak hours i.e. Backup may be running on the servers hosted on the ESXi host resulting in disk intensive workouts. This ABRTS/s will fluctuate 0 to 0.xx in real case scenario as the storage is always overloaded during these peak hours.

How to install and configure Multipathing I/O on a computer running Windows Server 2008

Posted on May 7, 2015 Updated on May 7, 2015

To install Multipath I/O

  1. Open Server Manager.To open Server Manager, click Start, point to Administrative Tools, and then click Server Manager.
  2. In the Features area, click Add Features.
  3. On the Select Features page of the Add Features Wizard, select Multipath I/O, and then click Next.
  4. On the Confirm Installation Selections page, click Install.
  5. When installation has completed, click Close.

To install Multipath I/O on a computer by using the Server Manager command line, complete the following steps.

To install Multipath I/O by using a command line

  1. Open a Command Prompt window with elevated privileges.Right-click the Command Prompt object on the Start menu, and then click Run as administrator.
  2. Type the following, and press ENTER. ServerManagerCmd.exe -install Multipath-IO
  3. When installation has completed, you can verify that Multipath I/O has installed by entering the following command and reviewing the query results in the command window. Multipath I/O should show in the list of installed packages. ServerManagerCmd.exe -query

To remove Multipath I/O, complete the following steps.

To remove Multipath I/O

  1. Open Server Manager.To open Server Manager, click Start, point to Administrative Tools, and then click Server Manager.
  2. In the Features area, click Remove Features.
  3. On the Select Features page of the Add Features Wizard, select Multipath I/O, and then click Next.
  4. On the Confirm Installation Selections page, click Install.
  5. When installation has completed, click Close.

To remove Multipath I/O by using the Server Manager command line, complete the following steps.

To remove Multipath I/O by using a command line

  1. Open a Command Prompt window with elevated privileges.Right-click the Command Prompt object on the Start menu, and then click Run as administrator.
  2. Type the following, and press ENTER. ServerManagerCmd.exe -remove Multipath-IO
  3. When removal has completed, you can verify that Multipath I/O was removed by entering the following command and reviewing the query results in the command window. Multipath I/O should not be in the list of installed packages. ServerManagerCmd.exe -query
  4. Select the Add support for iSCSI devices check box, and then click Add. When prompted to restart the computer, click Yes.
  5. When the computer restarts, the MPIO Devices tab lists the additional hardware ID “MSFT2005iSCSIBusType_0x9.” When this hardware ID is listed, all iSCSI bus attached devices will be claimed by the Microsoft DSM.

How to fix UCSM login problems with the Java 7 Update 45

Posted on May 5, 2015 Updated on May 10, 2015

This thread was brought to my attention — https://supportforums.cisco.com/thread/2246189

After updating Java to Update 45 — you can no longer login to UCSM (UCS Manager)

You may see one of two errors:

Login Error: java.io.IOException: Invalid Http response

Login Error: java.io.IOException: Server returned HTTP response code: 400 for URL: http://x.x.x.x:443/nuova

Cisco Bug ID: CSCuj84421

This is due to a change introduced in Java

The solution posted is to rollback to Update 25. Rolling back to Update 40 also works.

The Performance Overview tab fails to display with the error: Navigation to the webpage was cancelled (1014454)

Posted on May 5, 2015 Updated on May 22, 2015

There are several possible causes for this issue. Attempt each of the troubleshooting steps below in sequence, without skipping any.

  1. Confirm that the vCenter Web Management Service is running.
  2. To resolve this issue, connect to vCenter locally with a vSphere Client located on the vCenter Server and followStopping, starting, or restarting vCenter services (1003895).
  3. Ensure that the correct DNS settings and IP address are being used:
  4. On the vCenter Server, navigate toC:\Program Files\VMware\Infrastructure\VirtualCenter Server\extensions\com.vmware.vim.stats.report\.
  5. Openxml in a text editor.
  6. Edit the line<url>https://hostname:8443/statsreport/vicr.do</url> to use an IP address instead of an FQDN to rule out issues with DNS.
  7. Restart vCenter Web Management Service and the vCenter Server Service after making any changes to the.xml For moreinformation, see Stopping, starting, or restarting vCenter services (1003895).
  8. Disable any third party web services that may be interfering with the vCenter Web Management Services.
  9. To confirm that a third party web service is the cause:
  10. Stop the vCenter Web Management Service. For more information, seeStopping, starting, or restarting vCenter services (1003895).
  11. Try to connect to port 8443 (the port on which the Web Management Service runs) by executing:
  12. telnet IP8443
  13. If the port responds when the vCenter Web Management Service is stopped, there might be another service that is using the port. In this case, if you want to continue running the conflicting third party service, you may have to change the port that Performance Overview uses. To change the port used by Performance Overview, seeThe Performance Overview tab within vCenter Server reports the HTTP Status 404 error (1016160).
  14. Check if vCenter Server is using custom SSL certificates as a result of a recent upgrade to vCenter Server 4.0 Update 1. For more information, seeVMware vCenter Server plugins fail after adding custom SSL certificates (1017577).

Note: Additionally, you can perform these steps:

  • Disable the proxy settings from the browser.
  • To disable the settings:
  1. LaunchInternet
  2. Navigate toTools > Internet options.
  3. Click theConnections
  4. ClickLAN settings.
  5. Select theUse automatic configuration script
  • If you experience this issue on workstations external to the vCenter Server, try to connect to port 8443 (the port on which the Web Management Service runs) as per Step 3b. If you are unable to connect to the port, disable the Windows Firewall on the vCenter Server system. For more information, see the Microsoft TechNet article I Need to Disable Windows Firewall.

Help and support service not running in Windows 2003

Posted on May 5, 2015 Updated on May 22, 2015

To fix this:

  • Open a Command Prompt
  • Run the following commands
  • %SystemDrive%
  • CD %windir%\PCHealth\HelpCtr\Binaries
  • start /w helpsvc /svchost netsvcs /regserver /install

The service should install and start automatically.

How to Clean up the WinSxS Directory on Windows Server 2008 R2

Posted on May 4, 2015 Updated on May 6, 2015

Prior to this we need to install Disk Cleanup on Windows 2008. Disk Cleanup is not installed by default on Windows Server 2008 R2. It is instead a component installed with the Desktop Experience feature.

To install Disk Cleanup without reboot the server — How to install Disk Cleanup without reboot the server in Window 2008

Now download the appropriate package and install the on the system.

Operating system Update All supported x86-based versions of Windows 7

Download

All supported x64-based versions of Windows 7

Download

All supported x64-based versions of Windows Server 2008 R2

Download

Looking at my Windows 2008 R2 Server with SP1 installed, according to Windows Explorer, the size of my Windows/WinSxS directory is as follows:

The size of the WinSxS directory will vary by server. Some of you will have smaller WinSxS directories, some larger.

Installing the update is just like installing any other update. Just download and double-click on the .msu file:

Now we need to run the disk cleanup wizard. Disk Cleanup option can be found under Start –> All Programs –> Accessories –> System Tools: or go to run and type ‘cleanmgr’ to launch it.

On launch, Disk Cleanup prompts for the drive you want to clean up, default drive will be C: drive

After clicking Ok, a scan is performed:

Several options are provided for cleanup, including a new option for Windows Update Cleanup:

If you didn’t launch Disk Cleanup as Administrator, at this point, you’ll need to take a couple extra steps. You’ll need to click on the Clean up system files button.

The actual cleanup occurs during the next reboot. After the reboot, taking a look at the WinSxS directory, it has shrunk to the following:

How to change default snapshot location in VMware ESXi 5

Posted on May 1, 2015 Updated on May 6, 2015

Defaulty the snapshots which are taken for any virtual machine are stored with their parent in the same directory or storage. Sometimes you may run out of space and you might not be able to take anymore snapshots so in that case you can always use some other location for the storage of snapshots.

These are the required steps to be taken to change the default locations of all the snapshots .

NOTE: Please ensure that the vm you are working on is powered OFF.

Right Click the vm and select Edit Settings Click on Options from the top TAB, select General and open the Configuration parameters

Add a new row with the following details

snapshot.redoNotWithParent

Save this parameter with a value “true” as shown below

Now open the CLI of the host where the vm is located

Go to the vm’s parent directory where all the vm files are stored and open the main .vmx file

As in my case

# cd /vmfs/volumes/53652b45–90f342h4-v3r3-s5dw676h5674/Windows2003 # vi Windows2003.vmx

Now add this line anywhere in the .vmx file with the path location where you want your snapshots to be stored

workingDir = “/vmfs/volumes/54332bf4-gd3bf353-g45b-g2ft353b5545/snapshots”

Save the file and exit

Now you need to reload this vm to make the changes take affect. # vim-cmd vmsvc/getallvms | grep Windows2003 13 Windows2003 [iSCSI-Datastore15] Windows2003/Windows2003 win2003 vmx-07 Here 13 is the vm id which you can find out using the above command # vim-cmd vmsvc/reload 13 Now when you take snapshots the snapshot files and vm swap files will be created in a different location.

How to redirect vm’s swap file

In case you do not want vm swap file to be redirected to another location and you want it to the same parent directory. Add an extra parameter in the Configuration Parameter option shown above sched.swap.dir=”<path_to_vm_directory>” For example /vmfs/volumes/54332bf4-gd3bf353-g45b-g2ft353b5545/vmswap

Save the settings and exit. Now each time you take snapshot the snapshot files and vm swap files will be saved at specified different location.

AD account lockout issues

Posted on April 27, 2015 Updated on May 6, 2015

Let me give some more idea which will help you to troubleshoot similar steps in future. Here are the most probable reasons which can cause account lockout issues. Exchange ActiveSync mobile devices — 90% of account lockout issues are caused by an “unknown” device trying to sync with your Exchange mailbox.

  1. Apple MobileMe — contacts sync — Check and ensure the user hasn’t configured MobileMe to sync his contacts from Outlook. If this is configured with AD credentials, it can be a reason for account lockout
  2. Applications / Web applications/ Tools which sync with Active Directory for authentication — There might be third party applications which are running which may have AD username and password stored within and lot of times the moment the user open applications like Internet explorer / browser, the application or the tools, it will try to authenticate in the background and lock the password.
  3. Vault for credentials in Windows Control Panel or Credential manager — This is the second most obvious reason the user might get locked out. In my case, the user had an intranet SharePoint web portal and the AD credentials where cached in Credential manager. Make sure Windows Credentials area is empty

Stored usernames and passwords — rundll32.exe keymgr.dll, KRShowKeyMgr — This shouldn’t be a problem in most cases. Open a run windows and type rundll32.exe keymgr.dll, KRShowKeyMgr and delete stored passwords if any.

  1. Rename AD Profile on the user machine — This is more like trying to fix the issue without knowing what’s causing it. This is under the assumption that account lockout happens when the user is logged into his client machine. If the account lockout is caused from an application or “something” from that machine, rename the AD profile on the client from “Documents and Settings in XP and Users in Win7″, advise the user to login again and monitor the situation.

Other advanced level tools are LockOutStatus and ADLockouts.

To get a serial number remotely for any server/desktop/laptop

Posted on April 24, 2015 Updated on May 1, 2015

Run this command:

wmic /node:[remote computer name] bios get serialnumber

Or, if you would like to output to a text file:

set myfile = [The full UNC path with filename e.g. \\server\share\filename.txt]

wmic /append:%myfile% /node:[remote computer name] bios get serialnumber

Just open the shell with Admin rights, and type:

Get-WmiObject -ComputerName [remote computer name] -Class Win32_BIOS

or the short version:

gwmi -comp [remote computer name] -cl win32_bios

wmic cpu get name,CurrentClockSpeed,MaxClockSpeed This command will tell you the system motherboard (that happen to be the name) and it’s UUID

wmic bios get name,serialnumber,version This will tells you the name if your BIOS, current version and it’s serial number if there is any.

wmic csproduct Computer system product information from SMBIOS

Installing ADSI edit in Windows Server 2003

Posted on April 24, 2015 Updated on May 9, 2015

The ADSI (Active Directory ServiceInterfaces) editor is a management console that comes along with the Windows Server support tools. Using this you can edit each and every attribute of the objects present in your active directory database. The support tools for the Windows Server OS is present in the OS installation CD. It is located at [CDDRIVE]:\SUPPORT\TOOLS\SUPTOOLS.MSI If you don’t have the OS CD you can download it from Microsoft Download Windows Server 2003 Support Tools After installation got to Start -> Run and type adsiedit.msc to get the ADSI edit console. If you get an error message saying adsiedit.msc is not found you have to register the DLL file required for it manually. To do this go to Start-> Run and type regsvr32 adsiedit.dll.

How to change the thick or thin provisioning of a virtual disk

Posted on April 24, 2015 Updated on April 27, 2015

Caution: Before following these procedures, it is highly recommended that you have a valid backup of the virtual machine and enough space to convert the virtual machine’s disk(s) from thin to thick.

To change the provisioning of a virtual machine base disk from thin to thick from the Datastore Browser:

  1. Power off the virtual machine.
  2. In vSphere Client, right-click the virtual machine in the inventory.
  3. Click Edit Settings to display the Virtual Machine Properties dialog box.
  4. Click the Hardware tab and select the appropriate hard disk in the Hardware list.Note: The Disk Provisioning Type section on the right displays either Thin Provision or Thick Provision. If the disk provision type is Thick, disk provisioning has already taken place. In this case, the disk provisioning is Thin.
  5. Click Cancel to exit out of Virtual Machine Properties dialog box.
  6. Click the Summary tab of the virtual machine.
  7. Under Resources, right-click the datastore where the virtual machine resides and click Browse Datastore.
  8. Double-click the virtual machine folder to display the .vmdk file.
  9. Right-click the .vmdk file, and click Inflate. The Inflate option converts the disk to thick provisioned.
  10. Reload the .vmx file. For more information see Reloading a vmx file without removing the virtual machine from inventory (1026043).

Notes:

  • If the Inflate option is grayed out, this indicates that the virtual machine is not powered off or that it is not thin provisioned.
  • There should be no snapshots and the conversion is performed on the base disk.

To convert a virtual machine base disk from thick to thin provisioning by changing the datastore and using offline virtual machine migration:

Note: This process requires more than one datastore. If only a single datastore exists, you can clone the virtual machine to a destination machine with thin provisioned disks instead of migrating.

  1. Power off the virtual machine.
  2. Right-click the virtual machine, and click Migrate.
  3. Click Change datastore.
  4. Click Next, and select a datastore that is not the same as the current datastore.
  5. From the dropdown, select the Thin Provision virtual disk format.
  6. Click Next, then Finish. You can monitor the progress of the conversion in the Tasks and Events view in vCenter Server.

Follow the below steps to do Storage vMotion from vSphere Webclient for vSphere 5.5:

  1. Right-click the virtual machine and select Migrate.
  2. To locate a virtual machine, select a datacenter, folder, cluster, resource pool, host, or vApp.
  3. Click the Related Objects tab and click Virtual Machines.
  4. Select Change datastore and click Next.
  5. Select “Thin Provision” for the virtual machine’s disks and click Next
  6. Select a virtual machine storage policy from the VM Storage Policy drop-down menu, click Next
  7. Select the datastore location where you want to store the virtual machine files and click Next.
  8. Review the information on the Review Selections page and click Finish.

How to Enable Remote Logins in a Windows server

Posted on April 24, 2015 Updated on April 27, 2015

Locate to the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\

fDenyTSConnections value is set to 1 by default to disable remote desktop; editing the value remotely to 0 will enable remote desktop

How to download Cleanwipe Utility

Posted on April 24, 2015 Updated on April 27, 2015

To download the utility, open the following web page in a browser: https://fileshare.symantec.com Log in with the following information:

Login ID: cleanwipeutility Password: CL3@nw!p3

Once you have downloaded the utility, please follow these instructions.

Note: The .zip file may be password protected. Un-Zip Password: symantec

Keyboard or mouse do not work in a hosted virtual machine

Posted on April 24, 2015 Updated on April 27, 2015

To troubleshoot a misbehaving mouse or keyboard:

  1. Confirm that the virtual machine guest window currently has focus by clicking into the virtual machine’s console window. Keyboard or mouse input is only directed to the virtual machine when it has focus or is in full-screen mode.
  2. If your mouse is slow to respond or if it is working erratically, change the optimization settings. For more information, see Mouse movement is not smooth in a hosted virtual machine (1033416).
  3. If you are using a wireless mouse or keyboard, ensure that you have not connected it to the virtual machine by removing and re-adding the USB Controller from the virtual machine. For more information, see the Workstation Help topic Add a USB Controller to a Virtual Machine.
  4. Restart your host computer.
  5. For Windows hosts, use the Windows System Configuration (msconfig) utility to eliminate software and processes as possible causes. For more information, see Using the Windows System Configuration utility (1004010).
  6. For Linux hosts, start Linux in a mode that disables start daemons (typically run level 2; if your host lacks this, you may need to start in single-user mode). For more information, see Changing Linux run levels (1004015) or your operating system documentation.
  7. Look for non-Microsoft, non-VMware mouse/keyboard drivers or software installed in the virtual machine, and remove them.
  8. Re-install VMware Tools. For details, see Overview of VMware Tools (340).

Syslog Server storage logs size calculation

Posted on April 21, 2015 Updated on April 27, 2015

Syslog Server storage calculation: I want to modify the settings so that my logs size is upped from 2mb to 10mb and we rotate after 40 logs not 20.Here we need to do some planning to see if we have enough free space.

Count hosts: 100 Current size log max: 2 Current rotation count: 20 Total possible MB used: 100x2x20 = 4,000MB (4gb)

Count hosts: 100 Desired size log max: 10 Desired rotation count: 40 Total possible MB used: 100x10x40=40,000MB (40GB)

So the drive where your logs are stored would need 40gbfree in the above example to be able to service future demands. How to modify the VMware Syslog Collector configuration after it is installed:

  1. Make a backup of the file:vCenter Server 5.5 and lower: %PROGRAMDATA%\VMware\VMware Syslog Collector\vmconfig-syslog.xml vCenter Server 6.0: %PROGRAMDATA%\VMware\vCenterServer\cfg\vmsyslogcollector\config.xml
  2. Open the copied file using a text editor.
  3. Under <defaultValues>, change any of the options to the required values.For example, to increase the log file size to 10 MB and to decrease the number of files retained to 20, modify the attributes:<defaultValues>

<port>514</port>

<protocol>TCP,UDP</protocol> <maxSize>10</maxSize> <rotate>20</rotate> <sslPort>1514</sslPort>

</defaultValues>Note: This configuration in vCenter Server overrides the ESXi host configuration file.

  1. Save and close the file.
  2. Stop the VMware Syslog Collector service.
  3. Remove the file: vCenter Server 5.5 and lower: %PROGRAMDATA%\VMware\VMware Syslog Collector\vmconfig-syslog.xml vCenter Server 6.0: %PROGRAMDATA%\VMware\vCenterServer\cfg\vmsyslogcollector\config.xml
  4. Rename the copy of the modified file to:vCenter Server 5.5 and lower: %PROGRAMDATA%\VMware\VMware Syslog Collector\vmconfig-syslog.xml vCenter Server 6.0: %PROGRAMDATA%\VMware\vCenterServer\cfg\vmsyslogcollector\config.xml
  5. Start the VMware Syslog Collector service. It may be required to restart the syslog service on the ESXi host if logs are no longer updating on the Syslog Server. To restart the syslog service, see VMware ESXi 5.x host stops sending syslogs to remote server (2003127).

The maximum supported number of hosts for use with each vSphere Syslog Collector instance is 30, however depending on the load generated by your environment, you may encounter issues below this number.

To work around this issue, you can deploy multiple instances of vSphere Syslog Collector on separate Windows machine which allows you to distribute the load.

How to restart Management agents on ESXi host

Posted on April 21, 2015 Updated on April 27, 2015

Restarting the Management agents on ESXi

To restart the management agents on ESXi:

From the Direct Console User Interface (DCUI):

  1. Connect to the console of your ESXi host.
  2. PressF2 to customize the system.
  3. Log in asroot.
  4. Use theUp/Down arrows to navigate to Restart Management Agents.
  5. Note: In ESXi 4.1 and ESXi 5.0, 5.1, 5.5 and 6.0 this option is available under Troubleshooting Options.
  6. PressEnter.
  7. PressF11 to restart the services.
  8. When the service has been restarted, pressEnter.
  9. PressEsc to log out of the system.

From the Local Console or SSH:

  1. Log in to SSH or Local console as root.
  2. Run these commands:
  3. /etc/init.d/hostd restart /etc/init.d/vpxa restart
  4. Note: In ESXi 4.x, run this command to restart thevpxa agent:
  5. service vmware-vpxa restart
  6. Alternatively:
  • To reset the management network on a specific VMkernel interface, by default vmk0, run the command:
  • esxcli network ip interface set -e false -i vmk0; esxcli network ip interface set -e true -i vmk0
  • Note: Using a semicolon (;) between the two commands ensures the VMkernel interface is disabled and then re-enabled in succession. If the management interface is not running on vmk0, change the above command according to the VMkernel interface used.
  • To restart all management agents on the host, run the command:
  • services.sh restart
  • Caution:
  • Check if LACP is enabled on DVS for version 5.x and above. For more information, see vSphere 5.0 Networking Guide

If LACP is not configured, the services.sh script can be safely executed.

How to get Serial number and System information of ESXi host remotely using putty

Posted on April 21, 2015 Updated on April 27, 2015

Get hardware serial number using this command from putty

esxcfg-info | grep “Serial N”

Type the following command from the command line on the service console and you will get some Vendor details and serial number information.

/usr/sbin/dmidecode |grep -A4 “System Information”

Multipathing policies in ESXi 5.x and ESXi/ESX 4.x

Posted on April 20, 2015 Updated on April 27, 2015

These are referred to as Path Selection Plug-ins (PSP), and are also called Path Selection Policies.

These pathing policies can be used with VMware ESXi 5.x and ESXi/ESX 4.x:

  • Most Recently Used (MRU): Selects the first working path, discovered at system boot time. If this path becomes unavailable, the ESXi/ESX host switches to an alternative path and continues to use the new path while it is available. This is the default policy for Logical Unit Numbers (LUNs) presented from an Active/Passive array. ESXi/ESX does not return to the previous path if, or when, it returns; it remains on the working path until it, for any reason, fails.
  • Note: The preferred flag, while sometimes visible, is not applicable to the MRU pathing policy and can be disregarded.
  • Fixed (Fixed): Uses the designated preferred path flag, if it has been configured. Otherwise, it uses the first working path discovered at system boot time. If the ESXi/ESX host cannot use the preferred path or it becomes unavailable, the ESXi/ESX host selects an alternative available path. The host automatically returns to the previously defined preferred path as soon as it becomes available again. This is the default policy for LUNs presented from an Active/Active storage array.
  • Round Robin (RR): Uses an automatic path selection rotating through all available paths, enabling the distribution of load across the configured paths.
  • For Active/Passive storage arrays, only the paths to the active controller will be used in the Round Robin policy.
  • For Active/Active storage arrays, all paths will be used in the Round Robin policy.
  • Note: For logical Units associated with Microsoft Cluster Service (MSCS) and Microsoft Failover Clustering virtual machines, the Round Robin pathing policy is supported only on ESXi 5.5 and later.
  • Fixed path with Array Preference: The VMW_PSP_FIXED_AP policy was introduced in ESXi/ESX 4.1. It works for both Active/Active and Active/Passive storage arrays that support Asymmetric Logical Unit Access (ALUA). This policy queries the storage array for the preferred path based on the array’s preference. If no preferred path is specified by the user, the storage array selects the preferred path based on specific criteria.
  • Note: The VMW_PSP_FIXED_AP policy has been removed from ESXi 5.0. For ALUA arrays in ESXi 5.0, the MRU Path Selection Policy (PSP) is normally selected but some storage arrays need to use Fixed. To check which PSP is recommended for your storage array, see the Storage/SAN section in the VMware Compatibility Guide or contact your storage vendor.

Notes:

  • These pathing policies apply to VMware’s Native Multipathing (NMP) Path Selection Plug-ins (PSP). Third-party PSPs have their own restrictions.
  • Round Robin is not supported on all storage arrays. Please check with your array documentation or storage vendor to verify that Round Robin is supported and/or recommended for your array and configuration. Switching to a unsupported or undesirable pathing policy can result in connectivity issues to the LUNs (in a worst-case scenario, this can cause an outage).

Warning: VMware does not recommend changing the LUN policy from Fixed to MRU, as the automatic selection of the pathing policy is based on the array that has been detected by the NMP PSP.

Dell ExtPart Partion Utility Tool

Posted on April 20, 2015 Updated on April 27, 2015

The ExtPart utility provides support for online volume expansion of NTFS formatted basic disks.

This is a self extracting file that will install the extpart.exe utility. No reboot is necessary.

File Format:Hard-Drive

File Name:ExtPart.exe

Download Type:HTTP

File Size:36KB

Format DescriptionThis file format consists of an archive of files that may be decompressed to a directory on the hard drive. The installation can then be done from that directory.

RVTools 3.7

Posted on April 14, 2015 Updated on November 10, 2015

RVTools

RVTools is a windows .NET 2.0 application which uses the VI SDK to display information about your virtual machines and ESX hosts. Interacting with VirtualCenter 2.5, ESX Server 3.5, ESX Server 3i, VirtualCenter 4.x, ESX Server 4.x, VirtualCenter 5.0, VirtualCenter Appliance, ESX Server 5.0, VirtualCenter 5.1, ESX Server 5.1, VirtualCenter 5.5, ESX Server 5.5. RVTools is able to list information about VMs, CPU, Memory, Disks, Partitions, Network, Floppy drives, CD drives, Snapshots, VMware tools, Resource pools, Clusters, ESX hosts, HBAs, Nics, Switches, Ports, Distributed Switches, Distributed Ports, Service consoles, VM Kernels, Datastores, Multipath info and health checks. With RVTools you can disconnect the cd-rom or floppy drives from the virtual machines and RVTools is able to update the VMware Tools installed inside each virtual machine to the latest version.

Version 3.7 (March, 2015)

VI SDK reference changed from 5.0 to 5.5 Extended the timeout value from 10 to 20 minutes for really big environments New field VM Folder on vCPU, vMemory, vDisk, vPartition, vNetwork, vFloppy, vCD, vSnapshot and vTools tabpages On vDisk tabpage new Storage IO Allocation Information On vHost tabpage new fields: service tag (serial #) and OEM specific string On vNic tabpage new field: Name of (distributed) virtual switch On vMultipath tabpage added multipath info for path 5, 6, 7 and 8 On vHealth tabpage new health check: Multipath operational state On vHealth tabpage new health check: Virtual machine consolidation needed check On vInfo tabpage new fields: boot options, firmware and Scheduled Hardware Upgrade Info On statusbar last refresh date time stamp On vhealth tabpage: Search datastore errors are now visible as health messages You can now export the csv files separately from the command line interface (just like the xls export) You can now set a auto refresh data interval in the preferences dialog box All datetime columns are now formatted as yyyy/mm/dd hh:mm:ss The export dir / filenames now have a formated datetime stamp yyyy-mm-dd_hh:mm:ss Bug fix: on dvPort tabpage not all networks are displayed Overall improved debug information Download link: http://robware.net/index.php/register

Documentation: http://robware.net/download/RVTools.pdf

Installing Disk Cleanup In Windows 2008 Without Rebooting The Server

Posted on April 11, 2015 Updated on June 9, 2015

The Disk Cleanup executable file cleanmgr.exe and the associated Disk Cleanup button are not present in Windows Server® 2008 or in Windows Server® 2008 R2 by default. This is by design, as the Disk Cleanup button is part of the Desktop Experience feature. In order to have Disk Cleanup button appear on a disk’s Properties dialog, you will need to install the Desktop Experience feature.

So in order to use cleanmgr.exe you’ll need to copy two files that are already present on the server, cleanmgr.exe and cleanmgr.exe.mui. Use the following table to locate the files for your operating system.

Windows Server 2008 R2 64 bit

C:\Windows\winsxs\amd64_microsoft-windows-cleanmgr_31bf3856ad364e35_6.1.7600.16385_none_c9392808773cd7da\cleanmgr.exe

Windows Server 2008 R2 64-bit

C:\Windows\winsxs\amd64_microsoft-windows-cleanmgr.resources_31bf3856ad364e35_6.1.7600.16385_en-us_b9cb6194b257cc63\cleanmgr.exe.mui

Windows Server 2008 64-bit

C:\Windows\winsxs\amd64_microsoft-windows-cleanmgr.resources_31bf3856ad364e35_6.0.6001.18000_en-us_b9f50b71510436f2\cleanmgr.exe.mui

Windows Server 2008 64-bit

C:\Windows\winsxs\amd64_microsoft-windows-cleanmgr_31bf3856ad364e35_6.0.6001.18000_none_c962d1e515e94269\cleanmgr.exe.mui

Windows Server 2008 32-bit

C:\Windows\winsxs\x86_microsoft-windows-cleanmgr.resources_31bf3856ad364e35_6.0.6001.18000_en-us_5dd66fed98a6c5bc\cleanmgr.exe.mui

Windows Server 2008 32-bit

C:\Windows\winsxs\x86_microsoft-windows-cleanmgr_31bf3856ad364e35_6.0.6001.18000_none_6d4436615d8bd133\cleanmgr.exe Once you’ve located the files move them to the following locations:

1. Cleanmgr.exe should go in %systemroot%\System32

2. Cleanmgr.exe.mui should go in %systemroot%\System32\en-US

You can now launch the Disk cleanup tool by running Cleanmgr.exe from the command prompt or by clicking Start and typing Cleanmgr into the Search bar.

Restart the domain controller in Directory Services Restore Mode locally

Posted on April 11, 2015 Updated on May 9, 2015

If you have physical access to a domain controller, you can restart the domain controller in Directory Services Restore Mode locally. Restarting in Directory Services Restore Mode takes the domain controller offline. In this mode, the server is not functioning as a domain controller.

When you start Windows Server 2003 in Directory Services Restore Mode, the local Administrator account is authenticated by the local Security Accounts Manager (SAM) database. Therefore, logging on requires that you use the local administrator password, not an Active Directory domain password. This password is set during Active Directory installation when you provide the password for Directory Services Restore Mode.

Administrative credentials

To perform this procedure, you must provide the Administrator password for Directory Services Restore Mode.

  1. Restart the domain controller.
  2. When the screen for selecting an operating system appears, press F8.
  3. On the Windows Advanced Options menu, select Directory Services Restore Mode.
  4. When you are prompted, log on as the local administrator.

Change the static IP address of a domain controller

Posted on April 11, 2015 Updated on May 9, 2015

Administrative Credentials

To perform this procedure, you must be a member of the Domain Admins group in the domain of the domain controller whose IP address you are changing.

To change the static IP address of a domain controller

On the desktop, right-click My Network Places, and then click Properties.

  1. In theNetwork Connections dialog box, right-click Local Area Connection, and then click Properties.
  2. In theLocal Area Connection Properties dialog box, double-click Internet Protocol (TCP/IP).
  3. In theInternet Protocol (TCP/IP) Properties dialog box, in the IP address box, type the new address.
  4. In theSubnet mask box, type the subnet mask.
  5. In theDefault gateway box, type the default gateway.
  6. In thePreferred DNS server box, type the address of the DNS server that this computer contacts.
  7. In theAlternate DNS server box, type the address of the DNS server that this computer contacts if the preferred server is unavailable.
  8. If this domain controller uses WINS servers, clickAdvanced and then, in the Advanced TCP/IP Settings dialog box, click the WINS
  9. If an address in the list is no longer appropriate, click the address, and then clickEdit.
  10. In theTCP/IP WINS Server dialog box, type the new address, and then click OK.
  11. Repeat steps 11 and 12 for all addresses that need to be changed, and then clickOK twice to close the TCP/IP WINS Server dialog box and the Advanced TCP/IP Settings dialog box.
  12. ClickOK to close the Internet Protocol (TCP/IP) Properties dialog box.

After you change the IP address of a domain controller, you should run the ipconfig /registerdns command to register the host record and dcdiag /fix command to ensure that service records are appropriately registered with DNS. For more information, see Dcdiag Overview and subordinate topics for additional information about the Dcdiag tool (https://lazyadminblog.wordpress.com/2015/04/11/dcdiag-overview/).

Changing the IP settings of a server does not affect the share resources or shared permissions on that server, if the name resolution structure DNS and WINS settings are correctly configured. However, if network drives or passive connections (connections that are made manually from a command prompt or run line) are mapped using the IP address, an update is required. For example, if a client computer has G: drive mapped using the following command net use g: \\192.168.0.199\data and the IP address of the server that hosts the Data shared folder is changed from 192.168.0.199 to 192.168.1.200, the new G: drive mapping command should be changed to net use g: \\192.168.1.200\data. A better solution would be to ensure that DNS name resolution is working properly and to use the server name, as opposed to the IP address, in the command. For example, if the server name is DC1, the command to map a G: drive to the Data share on the server is net use g: \\dc1\data. It changes only if the server name changes; it is not affected if the IP address of the server changes.

Using esxtop to identify storage performance issues for ESX / ESXi (multiple versions) (1008205)

Posted on April 11, 2015 Updated on April 27, 2015

The interactive esxtop utility can be used to provide I/O metrics over various devices attached to a VMware ESX host.

Configuring monitoring using esxtop

To monitor storage performance per HBA:

  1. Start esxtop by typing esxtop at the command line.
  2. Press d to switch to disk view (HBA mode).
  3. To view the entire Device name, press SHIFT + L and enter 36 in Change the name field size.
  4. Press f to modify the fields that are displayed.
  5. Press b, c, d, e, h, and j to toggle the fields and press Enter.
  6. Press s and then 2 to alter the update time to every 2 seconds and press Enter.
  7. See Analyzing esxtop columns for a description of relevant columns. For more information, see Interpreting esxtop Statistics.

Note: These options are available only in VMware ESX 3.5 and later.

To monitor storage performance on a per-LUN basis:

  1. Start esxtop by typing esxtop from the command line.
  2. Press u to switch to disk view (LUN mode).
  3. Press f to modify the fields that are displayed.
  4. Press b, c, f, and h to toggle the fields and press Enter.
  5. Press s and then 2 to alter the update time to every 2 seconds and press Enter.
  6. See Analyzing esxtop columns for a description of relevant columns. For more information, see Interpreting esxtop Statistics.

To increase the width of the device field in esxtop to show the complete naa id:

  1. Start esxtop by typing esxtop at the command line.
  2. Press u to switch to the disk device display.
  3. Press L to change the name field size.Note: Ensure to use uppercase L.
  4. Enter the value 36 to display the complete naa identifier.

To monitor storage performance on a per-virtual machine basis:

  1. Start esxtop by typing esxtop at the command line.
  2. Type v to switch to disk view (virtual machine mode).
  3. Press f to modify the fields that are displayed.
  4. Press b, d, e, h, and j to toggle the fields and press Enter.
  5. Press s and then 2 to alter the update time to every 2 seconds and press Enter.
  6. See Analyzing esxtop columns for a description of relevant columns. For more information, see Interpreting esxtop Statistics.

Analyzing esxtop columns

Refer to this table for relevant columns and descriptions of these values:

Column Description CMDS/s This is the total amount of commands per second and includes IOPS (Input/Output Operations Per Second) and other SCSI commands such as SCSI reservations, locks, vendor string requests, unit attention commands etc. being sent to or coming from the device or virtual machine being monitored.In most cases, CMDS/s = IOPS unless there are a lot of metadata operations (such as SCSI reservations) DAVG/cmd This is the average response time in milliseconds per command being sent to the device. KAVG/cmd This is the amount of time the command spends in the VMkernel. GAVG/cmd This is the response time as it is perceived by the guest operating system. This number is calculated with the formula: DAVG + KAVG = GAVG

These columns are for both reads and writes, whereas xAVG/rd is for reads and xAVG/wr is for writes. The combined value of these columns is the best way to monitor performance, but high read or write response time it may indicate that the read or write cache is disabled on the array. All arrays perform differently, however, DAVG/cmd, KAVG/cmd, and GAVG/cmd should not exceed more than 10 milliseconds (ms) for sustained periods of time.

Note: VMware ESX 3.0.x does not include direct functionality to monitor individual LUNs or virtual machines using esxtop. Inactive LUNs lower the average for DAVG/cmd, KAVG/cmd, and GAVG/cmd. These values are also visible from the vCenter Server performance charts. For more information, see the Performance Charts section in the Basic System Administration Guide.

If you experience high latency times, investigate current performance metrics and running configuration for the switches and the SAN targets. Check for errors or logging that may suggest a delay in operations being sent to, received, and acknowledged. This includes the array’s ability to process I/O from a spindle count aspect, or the array’s ability to handle the load presented to it.

If the response time increases to over 5000 ms (or 5 seconds), VMware ESX will time out the command and abort the operation. These events are logged; abort messages and other SCSI errors can be reviewed in these logs:

  • ESX 3.5 and 4.x — /var/log/vmkernel
  • ESXi 3.5 and 4.x — /var/log/messages
  • ESXi 5.x and later — /var/log/vmkernel.log

The type of storage logging you may see in these files depends on the configuration of the server. You can find the value of these options by navigating to Host > Configuration > Advanced Settings > SCSI > SCSI.Log* or SCSI.Print*.

Connecting to a virtual machine console fails with the error: The VMRC Console has Disconnected. Trying to reconnect (2050470)

Posted on April 11, 2015 Updated on April 27, 2015

Error: The VMRC Console has Disconnected.. Trying to reconnect

If this happens, then the VM will not be reachble on the network and you cannot see black screen on the VM console.

To fix this, kill the vmware-vmrc.exe*32 service from Windows Task Manager and then open the console again.

13.082680 80.270718

How to fix Lost connectivity to the device backing the boot filesystem on an ESXi host?

Posted on November 30, 2015

Error: Lost connectivity to the device naa.60xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx backing the boot filesystem /vmfs/devices/disks/naa.60xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx. As a result, host configuration changes will not be saved to persistent storage.

If we lose connectivity to the NIC that runs the boot LUN (switch reboot, cable disconnect, etc.), we will see the above error. This error is being displayed because connectivity is lost and the iSCSI boot does not support Multi pathing, which means that if connectivity is lost between the Storage Processor (SP) on the VNXe and the NIC on the host, the host can no longer access its boot lun and cannot write logs etc.

There is no impact as whole ESXi OS is loaded into memory so there is no outage for the VMs. Once the connectivity is restored the host can access the storage again. The error was for the fact that the error does not clear automatically.

The simplest solution is to put the host into maintenance mode, reboot it and the problem is solved Or restart the Management Agents on the ESXi host.

Check How to restart Management agents on ESXi host

How to rename the local administrator with Group Policy

Posted on November 21, 2015

To improve security in your Active Directory domain, you should rename the administrator account because this lowers the risk of brute force attacks. Renaming the administrator account and resetting its password on all computers in your AD domain can be easily done via Group Policy.

Open the Active Directory Group Policy Management console, create a new GPO, and link it to your desired OU. Of course, you can also work with an existing GPO.

Linking a GPO to an OU

Right-click the new GPO or an existing GPO and select Edit. This will launch the Group Policy editor. Now, browse to the following Group Policy setting: Computer Configuration > Preferences > Control Panel Settings > Local Users and Groups.

Renaming the administrator account

As you can see in the screenshot above, right-click Local Users and Groups and then navigate toNew > Local User.

On the next screen, you select the user name you would like to use for the administrator account:

Selecting the user name

Select the following:

Action — Select Update.

User name — Select Administrator (built-in).

Rename to — Enter the new user name.

Full name — Enter your desired name.

Description — Add a description (optional).

Password — Set a new password (optional).

Check boxes — Verify that the check boxes comply with your company policies.

The GPO is now configured and can be deployed in your network. The refresh interval for computer settings is 90 minutes. If you want to apply the GPO immediately on a client computer, open a command prompt and type gpupdate /force at the command line.

Alternatively, you can reboot the computer. If you are finding that a computer isn’t applying the policy, simply run gpresult /r at a command line to see whether your new GPO is listed:

Checking if the GPO has been applied

If it’s not listed or if you see a permission error message, go back to Active Directory Users and Computers and check the OU to which you have the policy applied. Also check whether the computer contains that OU. Perhaps the computer is in a different OU and therefore doesn’t pick up the policy.

Also check the GPO settings. In the Security Filtering section, ensure that the GPO is applied to Authenticated Users; in the Links section, verify that the correct OU is linked to the GPO :

GPO security filtering

If the policy is still not applied to some of your computers and you have checked all the above, then your domain controllers might not replicate the GPO properly.

Standard Windows Monitoring Threshold Parameters

Posted on November 21, 2015 Updated on November 21, 2015

Confused with setting up Threshold Parameters on the Tools Server for Performance Monitoring?

Here are the typical parameters and the threshold limit with Warning, High, Alert levels with polling intervals. This will depend upon the SoW signed with the client.

RoD is nothing but Remedy on Demand.

How to generate diagnostic logs for SRM if you cannot login to the SRM via vSphere Client

Posted on October 29, 2015 Updated on October 29, 2015

Browse to the below path on the server where SRM() is intalled:

  • In 32bit Windows — C:\Program Files (32 bit)\VMware\VMware vCenter Site Recovery Manager\bin\
  • In 64bit Windows — C:\Program Files\VMware\VMware vCenter Site Recovery Manager\bin\

SRM 1.0 — C:\Program Files\VMware\VMware Site Recovery Manager\bin\

Double Click the file srm-support.wsf, in a few seconds a compressed log bundle named srm-plugin-support- MM-DD-YYYY-hh-mm.zip will be placed on the Desktop of the current user. You can share this log with VMware support for analysis.

Depending on the issue, VMware support may need Site Recovery Manager logs from the protected site, the recovery site, or both.

Site Recovery Manager log bundles do not specify the role of the site where they were collected, as a single site may have both protected and recovery roles at the same time. To help VMware support quickly distinguish between logs, VMware recommends that you prepend the wordsprotected or recovery to each log bundle name before uploading. For example:

  • protected-srm-support-MM-DD-YYYY-hh-mm.zip
  • recovery-srm-support-MM-DD-YYYY-hh-mm.zip

To upload to VMware, please check How to generate VMware ESXi logs and how to Upload via the FTP portal using a third party FTP client for a VMware Support Case

Storage Replication Adapters (SRAs) write logs in locations specific to the SRA type and vendor. Contact the SRA vendor’s documentation for more information. Common locations include:

  • C:\Program Files\VMware\VMware vCenter Site Recovery Manager\scripts\SAN\<SRA Vendor Name>\log\
  • C:\Program Files\<SRA Vendor Name>\

Note: The logs can also be gathered from the GUI of the vSphere Client if connection to the SRM plug-in is still available. The Gather Logslink from the SRM Site window imports the logs from the preceding location(s).

The SRM configuration files are located in the Site Recovery Manager installation directory:

  • \config\extention.xml
  • \config\vmware-dr.xml

Posted on October 29, 2015 Updated on October 29, 2015

Recovering the only administrator account for Cisco UCS Manager:

If we lost/forgot the password of the only administrator account, you cannot retrieve the original password. However you have the option to recover it by changing the password for which you need to to power cycle all fabric interconnects (FI) in a Cisco UCS domain.

You can reset the password for all other local accounts through Cisco UCS Manager. However, you must log in to Cisco UCS Manager with an account that includes aaa or admin privileges. If you do not have access to a admin account then read below:

I am going to tell you in steps how to do that:

Prerequisite 1: Determining the Leadership Role of a Fabric Interconnect

  1. In the Navigation pane, click the Equipment tab.
  2. In the Equipment tab, expand Equipment > Fabric Interconnects.
  3. Click the fabric interconnect for which you want to identify the role.
  4. In the Work pane, click the General tab.
  5. In the General tab, click the down arrows on the High Availability Details bar to expand that area.
  6. View the Leadership field to determine whether the fabric interconnect is the primary or subordinate.

Prerequisite 2: Verifying the Firmware Versions on a Fabric Interconnect

You can use the following procedure to verify the firmware versions on all fabric interconnects in a Cisco UCS domain. You can verify the firmware for a single fabric interconnect through the Installed Firmware tab for that fabric interconnect.

  1. In the Navigation pane, click the Equipment tab.
  2. In the Equipment tab, click the Equipment node.
  3. In the Work pane, click the Firmware Management tab.
  4. In the Installed Firmware tab, verify that the following firmware versions for each fabric interconnect match the version to which you updated the firmware:

Kernel version

System version

Scenario 1: Recovering the Admin Account Password in a Standalone Configuration

This procedure will help you to recover the password that you set for the admin account when you performed an initial system setup on the fabric interconnect. The admin account is the system administrator or superuser account.

Before You Begin:

  1. Physically connect the console port on the fabric interconnect to a computer terminal or console server
  2. Determine the running versions of the following firmware:

The firmware kernel version on the fabric interconnect

The firmware system version

  1. Connect to the console port.
  2. Power cycle the fabric interconnect:

Turn off the power to the fabric interconnect.

Turn on the power to the fabric interconnect.

  1. In the console, press one of the following key combinations as it boots to get the loader prompt:

Ctrl+l

Ctrl+Shift+r

You may need to press the selected key combination multiple times before your screen displays the loader prompt.

  1. Boot the kernel firmware version on the fabric interconnect.

loader >

boot /installables/switch/

kernel_firmware_version

Example:

loader >

boot /installables/switch/ucs-6100-k9-kickstart.4.1.3.N2.1.0.11.gbin

  1. Enter config terminal mode.

Fabric(boot)#

config terminal

  1. Reset the admin password.

Fabric(boot)(config)#

admin-password

password

Choose a strong password that includes at least one capital letter and one number. The password cannot be blank. The new password displays in clear text mode.

  1. Exit config terminal mode and return to the boot prompt.
  2. Boot the system firmware version on the fabric interconnect.

Fabric(boot)#

load /installables/switch/

system_firmware_version

Example:

Fabric(boot)#

load /installables/switch/ucs-6100-k9-system.4.1.3.N2.1.0.211.bin

  1. After the system image loads, log in to Cisco UCS Manager.

Scenario 2: Recovering the Admin Account Password in a Cluster Configuration

This procedure will help you to recover the password that you set for the admin account when you performed an initial system setup on the fabric interconnects. The admin account is the system administrator or superuser account.

Before You Begin

  1. Physically connect a console port on one of the fabric interconnects to a computer terminal or console server.
  2. Obtain the following information:

The firmware kernel version on the fabric interconnect

The firmware system version

Which fabric interconnect has the primary leadership role and which is the subordinate

  1. Connect to the console port.
  2. For the subordinate fabric interconnect.
  3. Turn off the power to the fabric interconnect.
  4. Turn on the power to the fabric interconnect.
  5. In the console, press one of the following key combinations as it boots to get the loader prompt:

Ctrl+l

Ctrl+Shift+r

You may need to press the selected key combination multiple times before your screen displays the loader prompt.

  1. Power cycle the primary fabric interconnect:
  2. Turn off the power to the fabric interconnect.
  3. Turn on the power to the fabric interconnect.
  4. In the console, press one of the following key combinations as it boots to get the loader prompt:

Ctrl+l

Ctrl+Shift+r

You may need to press the selected key combination multiple times before your screen displays the loader prompt.

  1. Boot the kernel firmware version on the primary fabric interconnect.

loader > boot /installables/switch/

kernel_firmware_version

Example:

loader > boot /installables/switch/ucs-6100-k9-kickstart.4.1.3.N2.1.0.11.gbin

  1. Enter config terminal mode.

Fabric(boot)# config terminal

  1. Reset the admin password.

Fabric(boot)(config)# admin-password password

Choose a strong password that includes at least one capital letter and one number. The password cannot be blank. The new password displays in clear text mode.

  1. Exit config terminal mode and return to the boot prompt.
  2. Boot the system firmware version on the primary fabric interconnect.

Fabric(boot)# load /installables/switch/

system_firmware_version

Example:

Fabric(boot)# load /installables/switch/ucs-6100-k9-system.4.1.3.N2.1.0.211.bin

  1. After the system image loads, log in to Cisco UCS Manager.
  2. In the console for the subordinate fabric interconnect, do the following to bring it up:
  3. Boot the kernel firmware version on the subordinate fabric interconnect.

loader > boot /installables/switch/

kernel_firmware_version

  1. Boot the system firmware version on the subordinate fabric interconnect.

Fabric(boot)# load /installables/switch/

system_firmware_version


Posted on June 15, 2015 Updated on June 16, 2015

The following steps can be used to resolve RDP issues without a restart:

Note: The below condition will be applicable only if the server is available on NetworkJ.

Troubleshooting Steps:

1. Check if the Windows Firewall Setting is Enabled on the server. If yes, have them Disabled.

Note: This is primarily applicable for Virtual Servers (VM machines) and if it is accessible in VM console.

2. The following registry location, which is responsible for Terminal Server to access the via RDP:

HKEY_LOCAL_MACHINE \SYSTEM\CurrentControlSet\Control\Terminal Server

Under the Terminal Server key, the REG_DWORD value named fDenyTSConnection should be 0 because the value data 1 denies connecting to Terminal Services (to access the server via RDP).

Note: Even if the value is 0, change it from 0 to 1 and refresh the registry. Again the change the value back from 1 to 0 and refresh the registry.

HKEY_LOCAL_MACHINE \SYSTEM\CurrentControlSet\Control\Terminal Server

Under the Terminal Server key, the REG_DWORD value named fAllowToGetHelp should be 0 because the value data 1 denies the Remote Assistance on a server (to access the server via RDP).

Note: Even if the value is 0, change it from 0 to 1 and refresh the registry. Again the change the value back from 1 to 0 and refresh the registry.

3. The following registry location is used to enable Remote User Session on a server (Citrix)

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\ICA-Tcp

Under the ICA-Tcp key, the REG_DWORD value named fEnableWinStation should be 1 because the value data 0 denies remote user sessions (to access the server via RDP).

Note: Even if the value is 1, change it from 1 to 0 and refresh the registry. Again the change the value back from 0 to 1 and refresh the registry.

4. The following registry location is used to enable Remote User Session on a server

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp

Under the ICA-Tcp key, the REG_DWORD value named fEnableWinStation should be 1 from 0 because the value data 0 denies remote user sessions (to access the server via RDP).

Note: Even if the value is 1, change it from 1 to 0 and refresh the registry. Again the change the value back from 0 to 1 and refresh the registry.

5. The following registry location, which is responsible for RDP port:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp

Under the RDP-Tcp key, the REG_DWORD value named PortNumber should be 3389 because by default, the Remote Desktop listens on port 3389 via TCP connection (to access the server via RDP).

Note: Open command prompt and type the below command

C:\telnet “SERVERNAME OR IP ADDRESS” 3389

See if it is opened!!

P.S: At times, this may require a restart after making these changes if it still doesn’t work.

6. The following registry location is used to enable/disable logon to a Terminal Server

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

Under the Winlogon key, the REG_DWORD value named WinStationsDisabled should be 0 because the value data 1 denies logon to a Terminal Server via RDP.

Note: Even if the value is 0, change it from 0 to 1 and refresh the registry. Again the change the value back from 1 to 0 and refresh the registry.


Posted on May 17, 2015 Updated on May 22, 2015

  1. What is Active Directory?

Active Directory is the directory service used by Windows 2000. A directory service is a centralized, hierarchical database that contains information about users and resources on a network. In Windows 2000, this database is called the Active Directory data store. The Active Directory data store contains information about various types of network objects, including printers, shared folders, user accounts, groups, and computers. In a Windows 2000 domain, a read/write copy of the Active Directory data store is physically located on each domain controller in the domain.

Three primary purposes of Active Directory are:

  • To provide user logon and authentication services· To enable administrators to organize and manage user accounts groups, and network resources· To enable authorized users to easily locate network resources, regardless of where they are located on the network

A directory service consists of two parts — a centralized, hierarchical database that contains information about users and resources on a network, and a service that manages the database and enables users of computers on the network to access the database. In Windows 2008, the database is called the Active Directory data store, or sometimes just the directory. The Active Directory data store contains information about various types of network objects, including printers, shared folders, user accounts, groups, and computers. Windows 2000 Server computers that have a copy of the Active Directory data store, and that run Active Directory are called domain controllers. In a Windows 2008 domain, a read/write copy of the Active Directory data store is physically located on each domain controller in the domain.

  1. What are the physical components of active directory?

Logical Components of Active Directory

In creating the hierarchical database structure of Active Directory, Microsoft facilitated locating resources such as folders and printers by name rather than by physical location. These logical building blocks include domains, trees, forests, and OUs. The physical location of objects within Active Directory is represented by including all objects in a given location in its own site. Because a domain is the basic unit on which Active Directory is built, the domain is introduced first; followed by trees and forests (in which domains are located); and then OUs, which are containers located within a domain.

Domain:

A domain is a logical grouping of networked computers in which one or more of the computers has one or more shared resources, such as a shared folder or a shared printer, and in which all of the computers share a common central domain directory database that contains user account security information. One distinct advantage of using a domain, particularly on a large network, is that administration of user account security for the entire network can be managed from a centralized location. In a domain, a user has only one user account, which is stored in the domain directory database. This user account enables the user to access shared resources (that the user has permissions to access) located on any computer in the domain

Active Directory domains can hold millions of objects, as opposed to the Windows NT domain structure, which was limited to approximately 40,000 objects. As in previous versions of Active Directory, the Active Directory database file (ntds.dit) defines the domain. Each domain has its own ntds.dit file, which is stored on (and replicated among) all domain controllers by a process called multimaster replication. The domain controllers manage the configuration of domain security and store the directory services database. This arrangement permits central administration of domain account privileges, security, and network resources. Networked devices and users belonging to a domain validate with a domain controller at startup. All computers that refer to a specific set of domain controllers make up the domain. In addition, group accounts such as global groups and domain local groups are defined on a domain-wide basis.

Trees

A tree is a group of domains that shares a contiguous namespace. In other words, a tree consists of a parent domain plus one or more sets of child domains whose name reflects that of a parent. For example, a parent domain named examcram.com can include child domains with names such as products.examcram.com,sales.examcram.com, andmanufacturing.examcram.com. Furthermore, the tree structure can contain grandchild domains such asamerica.sales.examcram.com oreurope.sales.examcram.com, and so on, as shown in Figure 1–2. A domain called que.com would not belong to the same tree. Following the inverted tree concept originated by X.500, the tree is structured with the parent domain at the top and child domains beneath it. All domains in a tree are linked with two-way, transitive trust relationships; in other words, accounts in any one domain can access resources in another domain and vice versa.

Forests

A forest is a grouping or hierarchical arrangement of one or more separate, completely independent domain trees. As such, forests have the following characteristics:

All domains in a forest share a common schema.All domains in a forest share a common global catalog.All domains in a forest are linked by implicit two-way transitive trusts.

Trees in a forest have different naming structures, according to their domains. Domains in a forest operate independently, but the forest enables communication across the entire organization.

Organizational Unit:

An organizational unit (OU) is a container used to organize objects within one domain into logical administrative groups. An OU can contain objects such as user accounts, groups, computers, printers, applications, shared folders, and other OUs from the same domain. OUs are represented by a folder icon with a book inside. The Domain Controllers OU is created by default when Active Directory is installed to hold new Microsoft Windows Server 2003 domain controllers. OUs can be added to other OUs to form a hierarchical structure; this process is known as nesting OUs. Each domain has its own OU structure — the OU structure within a domain is independent of the OU structures of other domains.

There are three reasons for defining an OU:

To delegate administration — In the Windows Server 2003 operating system, you can delegate administration for the contents of an OU (all users, computers, or resource objects in the OU) by granting administrators specific permissions for an OU on the OU’s access control list.

To administer Group Policy

To hide object

Physical Components of Active Directory

There are two physical components of Active Directory:

Domain Controllers

Sites

Domain Controllers

Any server on which you have installed Active Directory is a domain controller. These servers authenticate all users logging on to the domain in which they are located, and they also serve as centers from which you can administer Active Directory in Windows Server 2008. A domain controller stores a complete copy of all objects contained within the domain, plus the schema and configuration information relevant to the forest in which the domain is located. Unlike Windows NT, there are no primary or backup domain controllers. Similar to Windows 2000 and Windows Server 2003, all domain controllers hold a master, editable copy of the Active Directory database.

Every domain must have at least one DC. A domain may have more than one DC; having more than one DC provides the following benefits:

Fault tolerance: If one domain controller goes down, another one is available to authenticate logon requests and locate resources through the directory.

Load balancing: All domain controllers within a site participate equally in domain activities, thus spreading out the load over several servers. This configuration optimizes the speed at which requests are serviced.

Sites

By contrast to the logical grouping of Active Directory into forests, trees, domains, and OUs, Microsoft includes the concept of sites to group together resources within a forest according to their physical location and/or subnet. A site is a set of one or more IP subnets, which are connected by a high-speed, always available local area network (LAN) link. Figure 1–5 shows an example with two sites, one located in Chicago and the other in New York. A site can contain objects from more than one tree or domain within a single forest, and individual trees and domains can encompass more than one site. The use of sites enables you to control the replication of data within the Active Directory database as well as to apply policies to all users and computers or delegate administrative control to these objects within a single physical location. In addition, sites enable users to be authenticated by domain controllers in the same physical location rather than a distant location as often as possible. You should configure a single site for all work locations connected within a high-speed, always available LAN link and designate additional sites for locations separated from each other by a slower wide area network (WAN) link. Using sites permits you to configure Active Directory replication to take advantage of the high-speed connection. It also enables users to connect to a domain controller using a reliable, high-speed connection.

  1. What are the components of Active Directory:

Object:

An object is any specific item that can be cataloged in Active Directory. Examples of objects include users, computers, printers, folders, and files. These items areclassified by a distinct set of characteristics, known asattributes. For example, a user can be characterized by the username, full name, telephone number, emailaddress, and so on. Note that, in general, objects in the same container have the same types of attributes but are characterized by different values of these attributes.The Active Directory schema defines the extent of attributes that can be specified for any object.

Classes

The Active Directory service, in turn, classifies objects into classes. These classes are logical groupings of similar objects, such as users. Each class is a series ofattributes that define the characteristics of the object.

Schemas

The schema is a set of rules that define the classes of objects and their attributes that can be created in Active Directory. It defines what attributes can be held by objects of various types, which of the various classes can exist, and what object class can be a parent of the current object class. For example, the User class can contain user account objects and possess attributes such as password, group membership, home folder, and so on.

When you first install Active Directory on a server, a default schema is created, containing definitions of commonly used objects and properties such as users, computers, and groups. This default schema also contains definitions of objects and properties needed for the functioning of Active Directory.

Global catalog

A global catalog server is a domain controller that has an additional duty — it maintains a global catalog. A global catalog is a master, searchable database that contains information about every object in every domain in a forest. The global catalog contains a complete replica of all objects in Active Directory for its host domain, and contains a partial replica of all objects in Active Directory for every other domain in the forest.

A global catalog server performs two important functions:Provides group membership information during logon and authenticationHelps users locate resources in Active Directory

  1. What are the protocols used by AD?

Because Active Directory is based on standard directory access protocols, such as Lightweight Directory Access Protocol (LDAP) version 3, and the Name Service Provider Interface (NSPI), it can interoperate with other directory services employing these protocols.

LDAP is the directory access protocol used to query and retrieve information from Active Directory. Because it is an industry-standard directory service protocol, programs can be developed using LDAP to share Active Directory information with other directory services that also support LDAP.

The NSPI protocol, which is used by Microsoft Exchange 4.0 and 5.x clients, is supported by Active Directory to provide compatibility with the Exchange directory.

  1. Minimum requirement to install Win 2008 AD?

An NTFS partition with enough free spaceAn Administrator’s username and passwordThe correct operating system versionA NICProperly configured TCP/IP (IP address, subnet mask and — optional — default gateway)A network connection (to a hub or to another computer via a crossover cable)An operational DNS server (which can be installed on the DC itself)A Domain name that you want to use

  1. How do you verify whether the AD installation is proper?

Default containers: These are created automatically when the first domain is created. Open Active Directory Users and Computers, and then verify that the following containers are present: Computers, Users, andForeignSecurityPrincipals.

Default domain controllers organizational unit: Open Active Directory Users and Computers, and then verify this organizational unit.

Default-First-Site-Name

Active Directory database: The Active Directory database is your Ntds.dit file. Verify its existence in the %Systemroot%\Ntds folder.

Global catalog server: The first domain controller becomes a global catalog server, by default. To verify this item:

  1. Click Start, point to Programs, click Administrative Tools, and then click Active Directory Sites and Services.
  2. Double-click Sites to expand it, expand Servers, and then select your domain controller.
  3. Double-click the domain controller to expand the server contents.
  4. Below the server, an NTDS Settings object is displayed. Right-click the object, and then click Properties.
  5. On the General tab, you can observe a global catalog check box, which should be selected, by default.

Root domain: The forest root is created when the first domain controller is installed. Verify your computer network identification in My Computer. The Domain Name System (DNS) suffix of your computer should match the domain name that the domain controller belongs to. Also, ensure that your computer registers the proper computer role. To verify this role, use the net accounts command. The computer role should say “primary” or “backup” depending on whether it is the first domain controller in the domain.

Shared system volume: A Windows 2000 domain controller should have a shared system volume located in the %Systemroot%\Sysvol\Sysvol folder. To verify this item, use the net share command. The Active Directory also creates two standard policies during the installation process: The Default Domain policy and the Default Domain Controllers policy (located in the %Systemroot%\Sysvol\Domain\Policies folder). These policies are displayed as the following globally unique identifiers (GUIDs):

{31B2F340–016D-11D2–945F-00C04FB984F9} representing the Default Domain policy

{6AC1786C-016F-11D2–945F-00C04fB984F9} representing the Default Domain Controllers policy

SRV resource records: You must have a DNS server installed and configured for Active Directory and the associated client software to function correctly. Microsoft recommends that you use Microsoft DNS server, which is supplied with Windows 2000 Server as your DNS server. However, Microsoft DNS server is not required. The DNS server that you use must support the Service Resource Record (SRV RR) Requests for Comments (RFC) 2052, and the dynamic update protocol (RFC 2136). Use the DNS Manager Microsoft Management Console (MMC) snap-in to verify that the appropriate zones and resource records are created for each DNS zone. Active Directory creates its SRV RRs in the following folders:

_Msdcs/Dc/_Sites/Default-first-site-name/_Tcp_Msdcs/Dc/_Tcp

In these locations, an SRV RR is displayed for the following services:

o _kerberoso _ldap

Short for Lightweight Directory Access Protocol, a set of protocols for accessing information directories. LDAP is based on the standards contained within the X.500 standard, but is significantly simpler. And unlike X.500, LDAP supports TCP/IP, which is necessary for any type of Internet access. Because it’s a simpler version of X.500, LDAP is sometimes called X.500-lite.

  1. What is FRS (File replication services)?

The File Replication Service (FRS) replicates specific files using the same multi-master model that Active Directory uses. It is used by the Distributed File System for replication of DFS trees that are designated as domain root replicas. It is also used by Active Directory to synchronize content of the SYSVOL volume automatically across domain controllers. The reason the FRS service replicates contents of the SYSVOL folder is so clients will always get a consistent logon environment when logging on to the domain, no matter which domain controller actually handles the request. When a client submits a logon request, he or she submits that request for authentication to the SYSVOL directory. A subfolder of this directory, called \scripts, is shared on the network as the netlogon share. Any logon scripts contained in the netlogon share are processed at logon time. Therefore, the FRS is responsible for all domain controllers providing the same logon directory structure to clients throughout the domain.

  1. Can you connect Active Directory to other 3rd-party Directory Services? Name a few options.

Yes you can Connect Active Directory to other 3rd -party Directory Services such as dictonaries used by SAP, Domino etc with the help of MIIS ( Microsoft Identity Integration Server )

you can use dirXML or LDAP to connect to other directories (ie. E-directory from Novell).

  1. Where is the AD database held? What other folders are related to AD?

AD Database is saved in %systemroot%/ntds. You can see other files also in this folder. These are the main files controlling the AD structure

ntds.ditedb.logres1.logres2.logedb.chk

When a change is made to the Win2K database, triggering a write operation, Win2K records the transaction in the log file (edb.log). Once written to the log file, the change is then written to the AD database. System performance determines how fast the system writes the data to the AD database from the log file. Any time the system is shut down, all transactions are saved to the database.

During the installation of AD, Windows creates two files: res1.log and res2.log. The initial size of each is 10MB. These files are used to ensure that changes can be written to disk should the system run out of free disk space. The checkpoint file (edb.chk) records transactions committed to the AD database (ntds.dit). During shutdown, a “shutdown” statement is written to the edb.chk file. Then, during a reboot, AD determines that all transactions in the edb.log file have been committed to the AD database. If, for some reason, theedb.chk file doesn’t exist on reboot or the shutdown statement isn’t present, AD will use the edb.log file to update the AD database.

The last file in our list of files to know is the AD database itself, ntds.dit. By default, the file is located in\NTDS, along with the other files we’ve discussed.

  1. What is the SYSVOL folder?

The SYSVOL folder is critical because it contains the domain’s public files. This directory is shared out (as SYSVOL), and any files kept in the SYSVOL folder are replicated to all other domain controllers in the domain using the File Replication Service (FRS) — and yes, that’s important to know on the exam.

The SYSVOL folder also contains the following items:

The NETLOGON share, which is the location where domain logon requests are submitted for processing, and where logon scripts can be stored for client processing at logon time.

Windows Group Policies

FRS folders and files that must be available and synchronized between domain controllers if the FRS is in use. Distributed File System (DFS), for example, uses the FRS to keep shared data consistent between replicas.

You can go to SYSVOL folder by typing : %systemroot%/sysvol on DC.

  1. Name the AD NCs and replication issues for each NC

*Schema NC, *Configuration NC, * Domain NC

Schema NC: This NC is replicated to every other domain controller in the forest. It contains information about the Active Directory schema, which in turn defines the different object classes and attributes within Active Directory.

Configuration NC: Also replicated to every other DC in the forest, this NC contains forest-wide configuration information pertaining to the physical layout of Active Directory, as well as information about display specifiers and forest-wide Active Directory quotas.

Domain NC: This NC is replicated to every other DC within a single Active Directory domain. This is the NC that contains the most commonly-accessed Active Directory data: the actual users, groups, computers, and other objects that reside within a particular Active Directory domain.

  1. What are application partitions? When do I use them?

A1) Application Directory Partition is a partition space in Active Directory which an application can use to store that application specific data. This partition is then replicated only to some specific domain controllers.

The application directory partition can contain any type of data except security principles (users, computers, groups).

A2) These are specific to Windows Server 2003 domains.

An application directory partition is a directory partition that is replicated only to specific domain controllers. A domain controller that participates in the replication of a particular application directory partition hosts a replica of that partition. Only domain controllers running Windows Server 2003 can host a replica of an application directory partition.

  1. How do you create a new application partition?

The DnsCmd command is used to create a new application directory partition. Ex. to create a partition named “NewPartition” on the domain controller DC1.contoso.com, log on to the domain controller and type following command.

DnsCmd DC1/createdirectorypartitionNewPartition.contoso.com

  1. How do you view replication properties for AD partitions and DCs?

By using replication monitor

go to start > run > type replmon

  1. What is the Global Catalog?

The global catalog is the central repository of information about objects in a tree or forest. By default, a global catalog is created automatically on the initial domain controller in the first domain in the forest. A domain controller that holds a copy of the global catalog is called a global catalog server. You can designate any domain controller in the forest as a global catalog server. Active Directory uses multimaster replication to replicate the global catalog information between global catalog servers in other domains. It stores a full replica of all object attributes in the directory for its host domain and a partial replica of all object attributes contained in the directory for every domain in the forest. The partial replica stores attributes most frequently used in search operations (such as a user’s first and last names, logon name, and so on). Attributes are marked or unmarked for replication in the global catalog when they are defined in the Active Directory schema. Object attributes replicated to the global catalog inherit the same permissions as in source domains, ensuring that data in the global catalog is secure.

Another Definition of Global Catalog:

Global Catalog Server

A global catalog server is a domain controller that has an additional duty — it maintains a global catalog. A global catalog is a master, searchable database that contains information about every object in every domain in a forest. The global catalog contains a complete replica of all objects in Active Directory for its host domain, and contains a partial replica of all objects in Active Directory for every other domain in the forest.

A global catalog server performs two important functions:

Provides group membership information during logon and authentication

Helps users locate resources in Active Directory

The Active Directory schema defines objects that can be stored in Active Directory. The schema is a list of definitions that determines the kinds of objects and the types of information about those objects that can be stored in Active Directory. Because the schema definitions themselves are stored as objects, they can be administered in the same manner as the rest of the objects in Active Directory. The schema is defined by two types of objects: schema class objects (also referred to as schema classes) and schema attribute objects (also referred to as schema attributes).

  1. GC and infrastructure master should not be on same server, why?

Unless your domain consists of only one domain controller, the infrastructure master should not be assigned to a domain controller that’s also a Global Catalog server. If the infrastructure master and Global Catalog are stored on the same domain controller, the infrastructure master will not function because it will never find data that is out of date. It therefore won’t ever replicate changes to the other domain controllers in the domain. There are two exceptions:

If all your domain controllers are Global Catalog servers, it won’t matter because all servers will have the latest changes to the Global Catalog.

If you are implementing a single Active Directory domain, no other domains exist in the forest to keep track of, so in effect, the infrastructure master is out of a job

  1. Why not make all DCs in a large forest as GCs?

When all the DC become a GC replication traffic will get increased and we could not keep the Infrastructure master and GC on the same domain ,so atlease one dc should be act without holding the GC role .

  1. Trying to look at the Schema, how can I do that?

Register the schmmgmt.dll with the command regsvr32

  1. What are the Support Tools? Why do I need them?

Support Tools are the tools that are used for performing the complicated tasks easily. These can also be the third party tools. Some of the Support tools include DebugViewer, DependencyViewer, RegistryMonitor, etc.

  1. What is LDP? What is REPLMON? What is ADSIEDIT? What is NETDOM? What is REPADMIN?

LDP — Label Distribution Protocol (LDP) is often used to establish MPLS LSPs when traffic engineering is not required. It establishes LSPs that follow the existing IP routing, and is particularly well suited for establishing a full mesh of LSPs between all of the routers on the network.

Replmon — Replmon displays information about Active Directory Replication.

ADSIEDIT — ADSIEdit is a Microsoft Management Console (MMC) snap-in that acts as a low-level editor for Active Directory. It is a Graphical User Interface (GUI) tool. Network administrators can use it for common administrative tasks such as adding, deleting, and moving objects with a directory service. The attributes for each object can be edited or deleted by using this tool. ADSIEdit uses the ADSI application programming interfaces (APIs) to access Active Directory. The following are the required files for using this tool:ADSIEDIT.DLL ADSIEDIT.MSC

NETDOM — NETDOM is a command-line tool that allows management of Windows domains and trust relationships. It is used for batch management of trusts, joining computers to domains, verifying trusts, and secure channels.

REPADMIN — REPADMIN is a built-in Windows diagnostic command-line utility that works at the Active Directory level. Although specific to Windows, it is also useful for diagnosing some Exchange replication problems, since Exchange Server is Active Directory based. REPADMIN doesn’t actually fix replication problems for you. But, you can use it to help determine the source of a malfunction.

  1. What are the Naming Conventions used in AD?

Within Active Directory, each object has a name. When you create an object in Active Directory, such as a user or a computer, you assign the object a name. This name must be unique within the domain — you can’t assign an object the same name as any other object (regardless of its type) in that domain.

At the same time that you create an object, not only do you assign a name to the object, but Active Directory also assigns identifiers to the object. Active Directory assigns every object a globally unique identifier (GUID), and assigns many objects a security identifier (SID). AGUID is typically a 32-digit hexadecimal number that uniquely identifies an object within Active Directory. ASID is a unique number created by the Windows 2000 Security subsystem that is assigned only to security principal objects (users, groups, and computers) when they are created.Windows 2000 uses SIDs to grant or deny a security principal object access to other objects and network resources.

Active Directory uses a hierarchical naming convention that is based on Lightweight Directory Access Protocol (LDAP) and DNS standards.

Objects in Active Directory can be referenced by using one of three Active Directory name types:

Relative distinguished name (RDN)Distinguished name (DN)User principal name (UPN)

A relative distinguished name (RDN) is the name that is assigned to the object by the administrator when the object is created. For example, when

I create a user named AlanC, the RDN of that user is AlanC. The RDN only identifies an object — it doesn’t identify the object’s location within Active Directory. The RDN is the simplest of the three Active Directory name types, and is sometimes called the common name of the object.

A distinguished name (DN) consists of an object’s RDN, plus the object’s location in Active Directory. The DN supplies the complete path to the object. An object’s DN includes its RDN, the name of the organizational unit(s) that contains the object (if any), and the FQDN of the domain. For example, suppose that I create a user named AlanC in an organizational unit called US in a domain named Exportsinc.com. The DN of this user would be: AlanC@US.Exportsinc.com

A user principal name (UPN) is a shortened version of the DN that is typically used for logon and e-mail purposes. A UPN consists of the RDN plus the FQDN of the domain. Using my previous example, the UPN for the user named AlanC would be: AlanC@Exportsinc.com

Another way you can think of a UPN is as a DN stripped of all organizational unit references.

  1. What are sites? What are they used for?

A site consists of one or more TCP/IP subnets, which are specified by an administrator. Additionally, if a site contains more than one subnet, the subnets should be connected by high-speed, reliable links. Sites do not correspond to domains:You can have two or more sites within a single domain, or you can have multiple domains in a single site.A site is solely a grouping based on IP addresses. Figure 2–7 shows two sites connected by a slow WAN link.

The purpose of sites is to enable servers that regularly copy data to other servers (such as Active Directory replication data) to distinguish between servers in their own site (which are connected by high-speed links) and servers in another site (which are connected by slower-speed WAN links). Replication between domain controllers in the same site is fast, and typically administrators can permit Windows 2000 to automatically perform this task. Replication between a domain controller in one site and domain controllers in other sites is slower (because it takes place over a slow WAN link) and often should be scheduled by the administrator so that use of network bandwidth for replication is minimized during the network’s peak-activity hours.

Sites and Active Directory replication can be configured by using Active Directory Sites and Services.

Uses of site:

Sites are primarily used to control replication traffic. Domain controllers within a site are pretty much free to replicate changes to the Active Directory database whenever changes are made. Domain controllers in different sites compress the replication traffic and operate based on a defined schedule, both of which are intended to cut down on network traffic.

More specifically, sites are used to control the following:

Workstation logon trafficReplication trafficDistributed File System (DFS)

What’s the difference between a site link’s schedule and interval?

Site Link is a physical connection object on which the replication transport mechanism depends on. Basically to speak it is the type of communication mechanism used to transfer the data between different sites. Site Link Schedule is nothing but when the replication process has to be takes place and the interval is nothing but how many times the replication has to be takes place in a give time period i.e Site Link Schedule.

  1. What is replication? How it occurs in AD? What is KCC and ISTG

Each domain controller stores a complete copy of all Active domain controllers in the same domain. Domain controllers in a domain automatically replicate directory information for all objects in the domain to each other. When you perform an action that causes an update to Active Directory, you are actually making the change at one of the domain controllers. That domain controller then replicates the change to all other domain controllers within the domain. You can control replication of traffic between domain controllers in the network by specifying how often replication occurs and the amount of data that each domain controller replicates at one time. Domain controllers immediately replicate certain important updates, such as the disabling of a user account.

Active Directory uses multimaster replication, in which no one domain controller is the master domain controller. Instead, all domain controllers within a domain are peers, and each domain controller contains a copy of the directory database that can be written to. Domain controllers can hold different information for short periods of time until all domain controllers have synchronized changes to Active Directory.

Although Active Directory supports multimaster replication, some changes are impractical to perform in multimaster fashion. One or more domain controllers can be assigned to perform single-master replication (operations not permitted to occur at different places in a network at the same time). Operations master roles are special roles assigned to one or more domain controllers in a domain to perform single-master replication.

Domain controllers detect collisions, which can occur when an attribute is modified on a domain controller before a change to the same attribute on another domain controller is completely propagated. Collisions are detected by comparing each attribute’s property version number, a number specific to an attribute that is initialized upon creation of the attribute. Active Directory resolves the collision by replicating the changed attribute with the higher property version number.

  1. What can you do to promote a server to DC if you’re in a remote location with slow WAN link?

Install from Media In Windows Server 2003 a new feature has been added, and this time it’s one that will actually make our lives easier… You can promote a domain controller using files backed up from a source domain controller!

This feature is called “Install from Media” and it’s available by running DCPROMO with the /adv switch. It’s not a replacement for network replication, we still need network connectivity, but now we can use an old System State copy from another Windows Server 2003, copy it to our future DC, and have the first and basic replication take place from the media, instead of across the network, this saving valuable time and network resources.

What you basically have to do is to back up the systems data of an existing domain controller, restore that backup to your replica candidate, use DCPromo /Adv to tell it to source from local media, rather than a network source.

This also works for global catalogs. If we perform a backup of a global catalog server, then we can create a new global catalog server by performing DCPromo from that restored media.

IFM Limitations

It only works for the same domain, so you cannot back up a domain controller in domain A and create a new domain B using that media.

It’s only useful up to the tombstone lifetime with a default of 60 days. So if you have an old backup, then you cannot create a new domain controller using that, because you’ll run into the problem of reanimating deleted objects.

  1. How can you forcibly remove AD from a server, and what do you do later?

Demoting Windows Server 2003 DCs: DCPROMO (Active Directory Installation Wizard) is a toggle switch, which allows you to either install or remove Active Directory DCs. To forcibly demote a Windows Server 2003 DC, run the following command either at the Start, Run, or at the command prompt:

dcpromo /forceremoval

Note: If you’re running Certificate Services on the DC, you must first remove Certificate Services before continuing. If you specify the /forceremoval switch on a server that doesn’t have Active Directory installed, the switch is ignored and the wizard pretends that you want to install Active Directory on that server.

Once the wizard starts, you will be prompted for the Administrator password that you want to assign to the local administrator in the SAM database. If you have Windows Server 2003 Service Pack 1 installed on the DC, you’ll benefit from a few enhancements. The wizard will automatically run certain checks and will prompt you to take appropriate actions. For example, if the DC is a Global Catalog server or a DNS server, you will be prompted. You will also be prompted to take an action if your DC is hosting any of the operations master roles.

Demoting Windows 2000 DCs: On a Windows 2000 domain controller, forced demotion is supported with Service Pack 2 and later. The rest of the procedure is similar to the procedure I described for Windows Server 2003. Just make sure that while running the wizard, you clear the “This server is the last domain controller in the domain” check box. On Windows 2000 Servers you won’t benefit from the enhancements in Windows Server 2003 SP1, so if the DC you are demoting is a Global Catalog server, you may have to manually promote some other DC to a Global Catalog server.

Cleaning the Metadata on a Surviving DC : Once you’ve successfully demoted the DC, your job is not quite done yet. Now you must clean up the Active Directory metadata. You may be wondering why I need to clean the metadata manually. The metadata for the demoted DC is not deleted from the surviving DCs because you forced the demotion. When you force a demotion, Active Directory basically ignores other DCs and does its own thing. Because the other DCs are not aware that you removed the demoted DC from the domain, the references to the demoted DC need to be removed from the domain.

Although Active Directory has made numerous improvements over the years, one of the biggest criticisms of Active Directory is that it doesn’t clean up the mess very well. This is obvious in most cases but, in other cases, you won’t know it unless you start digging deep into Active Directory database.

To clean up the metadata you use NTDSUTIL. The following procedure describes how to clean up metadata on a Windows Server 2003 SP1. According to Microsoft, the version of NTDSUTIL in SP1 has been enhanced considerably and does a much better job of clean-up, which obviously means that the earlier versions didn’t do a very good job. For Windows 2000 DCs, you might want to check out Microsoft Knowledge Base article 216498, “How to remove data in Active Directory after an unsuccessful domain controller demotion.”

Here’s the step-by-step procedure for cleaning metadata on Windows Server 2003 DCs:

Logon to the DC as a Domain Administrator.At the command prompt, type ntdsutil.Type metadata cleanup.Type connections.Type connect to server servername, where servername is the name of the server you want to connect to.Type quit or q to go one level up. You should be at the Metadata Cleanup prompt.Type select operation target.Type list domains. You will see a list of domains in the forest, each with a different number.Type select domain number, where number is the number associated with the domain of your serverType list sites.Type select site number, where number is the number associated with the site of your server.Type list servers in site.Type select server number, where number is the number associated with the server you want to remove.Type quit to go to Metadata Cleanup prompt.Type remove selected server. You should see a confirmation that the removal completed successfully.Type quit to exit ntdsutil.You might also want to cleanup DNS database by deleting all DNS records related to the server.

In general, you will have better luck using forced promotion on Windows Server 2003, because the naming contexts and other objects don’t get cleaned as quickly on Windows 2000 Global Catalog servers, especially servers running Windows 2000 SP3 or earlier. Due to the nature of forced demotion and the fact that it’s meant to be used only as a last resort, there are additional things that you should know about forced demotion.

Even after you’ve used NTDSUTIL to clean the metadata, you may still need to do additional cleaning manually using ADSIEdit or other such tools

  1. Can I get user passwords from the AD database?

As of my Knowledge there is no way to extract the password from AD Database. By the way there is a tool called cache dump. Using it we can extract the cached passwords from Windows XP machine which is joined to a Domain.

  1. Name some OU design considerations.

Design OU structure based on Active Directory business requirementsNT Resource domains may fold up into OUsCreate nested OUs to hide objectsObjects easily moved between OUsDepartments , Geographic Region, Job Function, Object Type

  1. What is tombstone lifetime attribute?

The number of days before a deleted object is removed from the directory services. This assists in removing objects from replicated servers and preventing restores from reintroducing a deleted object. This value is in the Directory Service object in the configuration NC.

  1. How would you find all users that have not logged on since last month?

If you are using windows 2003 domain environment, then goto Active Directory Users and Computers, select the Saved Queries, right click it and select new query, then using the custom common queries and define query there is one which shows days since last logon

  1. What are the DS* commands?

DSmod — modifyActiveDirectoryattributesDSrm — to delete Active Directory objectsDSmove — to relocate objectsDSadd — createnewaccountsDSquery–tofindobjectsthatmatchyourqueryattributesDSget– listthepropertiesofanobject

What’s the difference between LDIFDE and CSVDE? Usage considerations?

CSVDE is a command that can be used to import and export objects to and from the AD into a CSV-formatted file. A CSV (Comma Separated Value) file is a file easily readable in Excel. I will not go to length into this powerful command, but I will show you some basic samples of how to import a large number of users into your AD. Of course, as with the DSADD command, CSVDE can do more than just import users. Consult your help file for more info. Like CSVDE, LDIFDE is a command that can be used to import and export objects to and from the AD into a LDIF-formatted file. A LDIF (LDAP Data Interchange Format) file is a file easily readable in any text editor; however it is not readable in programs like Excel. The major difference between CSVDE and LDIFDE (besides the file format) is the fact that LDIFDE can be used to edit and delete existing AD objects (not just users), while CSVDE can only import and export objects

What is DFS?

The Distributed File System is used to build a hierarchical view of multiple file servers and shares on the network. Instead of having to think of a specific machine name for each set of files, the user will only have to remember one name; which will be the ‘key’ to a list of shares found on multiple servers on the network. Think of it as the home of all file shares with links that point to one or more servers that actually host those shares.

DFS has the capability of routing a client to the closest available file server by using Active Directory site metrics. It can also be installed on a cluster for even better performance and reliability.

It is important to understand the new concepts that are part of DFS. Below is an definition of each of them.

Dfs root: You can think of this as a share that is visible on the network, and in this share you can have additional files and folders.

Dfs link: A link is another share somewhere on the network that goes under the root. When a user opens this link they will be redirected to a shared folder.

Dfs target (or replica): This can be referred to as either a root or a link. If you have two identical shares, normally stored on different servers, you can group them together as Dfs Targets under the same link.

The image below shows the actual folder structure of what the user sees when using DFS and load balancing.

The actual folder structure of DFS and load balancing

What are the types of replication in DFS?

There are two types of replication:

Automatic — which is only available for Domain DFSManual — which is available for stand alone, DFS and requires all files to be replicated manually.

Which service is responsible for replicating files in SYSVOL folder?

File Replication Service (FRS)


Posted on May 11, 2015

What is LUN masking?

LUN (Logical Unit Number) Masking is an authorization process that makes a LUN available to some hosts and unavailable to other hosts.

LUN Masking is implemented primarily at the HBA (Host Bus Adapater) level. LUN Masking implemented at this level is vulnerable to any attack that compromises the HBA.

Some storage controllers also support LUN Masking.

LUN Masking is important because Windows based servers attempt to write volume labels to all available LUN’s. This can render the LUN’s unusable by other operating systems and can result in data loss.

What is SAN zoning?

SAN zoning is a method of arranging Fibre Channel devices into logical groups over the physical configuration of the fabric.

SAN zoning may be utilized to implement compartmentalization of data for security purposes.

Each device in a SAN may be placed into multiple zones.

What are hard and soft zoning?

Hard zoning is zoning which is implemented in hardware. Soft zoning is zoning which is implemented in software.

Hard zoning physically blocks access to a zone from any device outside of the zone.

Soft zoning uses filtering implemented in fibre channel switches to prevent ports from being seen from outside of their assigned zones. The security vulnerability in soft zoning is that the ports are still accessible if the user in another zone correctly guesses the fibre channel address.

What is port zoning?

Port zoning utilizes physical ports to define security zones. A users access to data is determined by what physical port he or she is connected to.

With port zoning, zone information must be updated every time a user changes switch ports. In addition, port zoning does not allow zones to overlap.

Port zoning is normally implemented using hard zoning, but could also be implemented using soft zoning.

What is WWN zoning?

WWN zoning uses name servers in the switches to either allow or block access to particular World Wide Names (WWNs) in the fabric.

A major advantage of WWN zoning is the ability to recable the fabric without having to redo the zone information.

WWN zoning is susceptible to unauthorized access, as the zone can be bypassed if an attacker is able to spoof the World Wide Name of an authorized HBA.

What is a World Wide Name (WWN)?

A World Wide Name, or WWN, is a 64-bit address used in fibre channel networks to uniquely identify each element in a Fibre Channel network.

Soft Zoning utilizes World Wide Names to assign security permissions.

The use of World Wide Names for security purposes is inherently insecure, because the World Wide Name of a device is a user-configurable parameter.

For example, to change the World Wide Name (WWN) of an Emulex HBA, the users simply needs to run the `elxcfg` command.

What are the classes of attacks against SANs?

  • Snooping: Mallory reads data Alice sent to Bob in private Allows access to data
  • Spoofing: Mallory fools Alice into thinking that he is Bob Allows access to or destruction of data
  • Denial of Service: Mallory crashes or floods Bob or Alice Reduces availability

What are some attacks against FCP?

  • Node Name / Port Name spoofing at Port Login time
  • Source Port ID spoofing on dataless FCP commands
  • Snooping and spoofing on FC-AL
  • Snooping and Spoofing after Fabric reconfiguration
  • Denial of Service attacks can be made in User mode

What is FCAP (Fibre Channel Authentication Protocol)?

FCAP is an optional authentication mechanism employed between any two devices or entities on a Fibre Channel network using certificates or optional keys.

What is FCPAP (Fibre Channel Password Authentication Protocol)?

FCPAP (Fibre Channel Password Authentication Protocol) is an optional password based authentication and key exchange protocol which is utilized in Fibre Channel networks.

FCPAP is used to mutually authenticate Fibre Channel ports to each other. This includes E_Port’s, N_Port’s, and Domain Controllers.

What is SLAP (Switch Link Authentication Protocol)?

SLAP is an authentication method for Fibre Channel switches which utilizes digital certificates to authenticate switch ports.

SLAP was designed to prevent the unauthorized addition of switches into a Fibre Channel network.

What is FC-SP (Fibre Channel — Security Protocol)?

Fibre Channel — Security Protocol (FC-SP) is a security protocol for Fibre Channel Protocol (FCP) and fiber connectivity (Ficon).

FC-SP is a project of Technical Committee T11 of the InterNational Committee for Information Technology Standards (INCITS).

FC-SP is a security framework which includes protocols to enhance Fibre Channel security in several areas, including authentication of Fibre Channel devices, cryptographically secure key exchange, and cryptographically secure communication between Fibre Channel devices.

FC-SP is focused on protecting data in transit throughout the Fibre Channel network. FC-SP does not address the security of data which is stored on the Fibre Channel network.

What is ESP over Fibre Channel?

ESP (Encapsulating Security Payload) is an Internet standard for the authentication and encryption of IP packets.

ESP is defined in RFC 2406: IP Encapsulating Security Payload (ESP).

ESP is widely deployed in IP networks and has been adapted for use in Fibre Channel networks. The IETF iSCSI proposal specifies ESP link authentication and optional encryption.

ESP over Fibre Channel is focused on protecting data in transit throughout the Fibre Channel network. ESP over Fibre Channel does not address the security of data which is stored on the Fibre Channel network.

What is DH-CHAP?

DH-CHAP (Diffie Hellman — Challenge Handshake Authentication Protocol) is a forthcoming Internet Standard for the authentication of devices connecting to a Fibre Channel switch.

DH-CHAP is a secure key-exchange authentication protocol that supports both switch-to-switch and host-to-switch authentication.

DH-CHAP supports MD-5 and SHA-1 algorithm-based authentication.

How are iSCSI, iFCP and FCIP secured over IP networks?

The IETF IP Storage (ips) Working Group is responsible for the definition of standards for the encapsulation and transport of Fibre Channel and SCSI protocols over IP networks.

The IPS Working Group’s charter includes responsibility for data security:

Security including authentication, keyed cryptographic data integrity and confidentiality, sufficient to defend against threats up to and including those that can be expected on a public network. Implementation of basic security functionality will be required, although usage may be optional.

The IPS Working Group has created RFC 3723: Securing Block Storage Protocols over IP.

RFC 3723 defines the use of the existing IPsec and IKE (Internet Key Exchange) protocols to secure block storage protocols over IP.

Ooty — Queen of Hill Stations

Image Posted on May 9, 2015 Updated on May 10, 2015

If you planning a visit to Ooty, you can book online tickets at http://www.ttdconline.com. This is the official website of Tamil Nadu Tourism Corporation.

How to monitor the Disk Command Aborts on an ESXi host

Posted on May 9, 2015 Updated on May 11, 2015

When storage is severely overloaded, commands are aborted because the storage subsystem is taking too long to respond to the commands. The storage subsystem has not responded within an acceptable amount of time, as defined by the guest operating system. Aborted commands are a sign that the storage hardware is overloaded and unable to handle the requests in line with the host’s expectations.

The number of aborted commands can be monitored by using either vsphere client or esxtop.

  1. from vsphere client, monitor disk commands aborts

this one can be generated from host and clusters->Performance-> Advanced -> Switch to disk -> chart options-> commands aborted-> ok.

  1. from esxtop, monitor ABRTS/s

Open putty, login to the ESXi host, run esxtop, for the disk type u, type f to change the settings and type L to select Error stats. Press W to save it.

Once this is we can see the ABRTS/s field there which tracks the SCSI aborts, Aborts generally occur because the array takes long time to respond to commands.

Now if you are planning to deploy a monitoring tool to monitor this parameter, the threshold for ABRTS/s should be 1. This signifies number of SCSI commands aborted during the collection interval i.e. in 1 second.

DISK ABRTS/s 1 Aborts issued by guest(VM) because storage is not responding. For Windows VMs this happens after 60 seconds by default. Can be caused for instance when paths failed or array is not accepting any IO for whatever reason.

However having said that the in ideal case the output of ABRTS/s should be 0, which may sometime not been observer during peak hours i.e. Backup may be running on the servers hosted on the ESXi host resulting in disk intensive workouts. This ABRTS/s will fluctuate 0 to 0.xx in real case scenario as the storage is always overloaded during these peak hours.

How to install NIC Teaming Driver and configure NIC Teaming in a Cisco UCS B200-M3

Posted on May 7, 2015

The Cisco NIC Teaming Driver is contained in the UCS-related Windows Utilities ISO. You can download it from http://www.cisco.com. Depending on your platform, choose either Cisco UCS B-Series Blade Server Software or Cisco UCS C-Series Rack-Mount UCS-Managed Server Software. Once you have installed Windows on the blade you can proceed to install the teaming software.

First let us see how to install the NIC teaming driver on the server.

Step 1 In Windows, open a command prompt with administrator privileges. Step 2 At the command prompt, enter enictool -p “drivers_directory”The Cisco NIC Teaming Driver is installed using the .inf files located in the specified directory.Example:This example installs the teaming driver using the .inf files located in the temp directory:

C:\> enictool -p “c:\temp”

Once the driver is installed, you need to configure the teaming on the desired NICs.

Step 1 In Windows, open a command prompt with administrator privileges. Step 2 To create a team, enter enictool -c “list of connections” -m modeThe mode options are as follows:

  • 1 — Active Backup
  • 2 — Active Backup with failback to active mode
  • 3 — Active Active (transmit load balancing)
  • 4–802.3ad LACP

Example:This example creates a team of two NICs in Active Backup mode:

C:\> enictool -c “Local Area Connection” “Local Area Connection 2” -m 1

Step 3 To delete a team, enter enictool -d “list of connections” Example:This example deletes a team of two NICs:

C:\> enictool -d “Local Area Connection” “Local Area Connection 2”

Step 4 To view additional options and usage information, enter enictool /?Use the displayed command option information to configure load balancing method, load balancing hash method, and other options.

How to install and configure Multipathing I/O on a computer running Windows Server 2008

Posted on May 7, 2015 Updated on May 7, 2015

To install Multipath I/O

  1. Open Server Manager.To open Server Manager, click Start, point to Administrative Tools, and then click Server Manager.
  2. In the Features area, click Add Features.
  3. On the Select Features page of the Add Features Wizard, select Multipath I/O, and then click Next.
  4. On the Confirm Installation Selections page, click Install.
  5. When installation has completed, click Close.

To install Multipath I/O on a computer by using the Server Manager command line, complete the following steps.

To install Multipath I/O by using a command line

  1. Open a Command Prompt window with elevated privileges.Right-click the Command Prompt object on the Start menu, and then click Run as administrator.
  2. Type the following, and press ENTER. ServerManagerCmd.exe -install Multipath-IO
  3. When installation has completed, you can verify that Multipath I/O has installed by entering the following command and reviewing the query results in the command window. Multipath I/O should show in the list of installed packages. ServerManagerCmd.exe -query

To remove Multipath I/O, complete the following steps.

To remove Multipath I/O

  1. Open Server Manager.To open Server Manager, click Start, point to Administrative Tools, and then click Server Manager.
  2. In the Features area, click Remove Features.
  3. On the Select Features page of the Add Features Wizard, select Multipath I/O, and then click Next.
  4. On the Confirm Installation Selections page, click Install.
  5. When installation has completed, click Close.

To remove Multipath I/O by using the Server Manager command line, complete the following steps.

To remove Multipath I/O by using a command line

  1. Open a Command Prompt window with elevated privileges.Right-click the Command Prompt object on the Start menu, and then click Run as administrator.
  2. Type the following, and press ENTER. ServerManagerCmd.exe -remove Multipath-IO
  3. When removal has completed, you can verify that Multipath I/O was removed by entering the following command and reviewing the query results in the command window. Multipath I/O should not be in the list of installed packages. ServerManagerCmd.exe -query
  4. Select the Add support for iSCSI devices check box, and then click Add. When prompted to restart the computer, click Yes.
  5. When the computer restarts, the MPIO Devices tab lists the additional hardware ID “MSFT2005iSCSIBusType_0x9.” When this hardware ID is listed, all iSCSI bus attached devices will be claimed by the Microsoft DSM.

How to fix UCSM login problems with the Java 7 Update 45

Posted on May 5, 2015 Updated on May 10, 2015

This thread was brought to my attention — https://supportforums.cisco.com/thread/2246189

After updating Java to Update 45 — you can no longer login to UCSM (UCS Manager)

You may see one of two errors:

Login Error: java.io.IOException: Invalid Http response

Login Error: java.io.IOException: Server returned HTTP response code: 400 for URL: http://x.x.x.x:443/nuova

Cisco Bug ID: CSCuj84421

This is due to a change introduced in Java

The solution posted is to rollback to Update 25. Rolling back to Update 40 also works.

How to update Offline Windows Servers to the latest Patch Level using WSUS

Posted on May 5, 2015 Updated on May 10, 2015

Update Offline Windows Servers to the latest Patch Level using WSUS

WSUS (Windows Server Update Services) is a method to update windows servers that are offline.

The best way to achieve patch management like this is to set up a WSUS server. What I am going to discuss is the downloading of patches from one machine that is connected to the Internet and copying the patches to an offline machine using a memory stick or DVD. This is a good solution when you have to update the patch level once to a few machines. It is not practical as a long term solution as every time Microsoft releases a patch you would have to manually update the off line servers.

First, download WSUS from http://download.wsusoffline.net/ Extract the file to a directory. Open the directory and run Update Generator.

Tick the box beside the OS you want to download updates for. In the image above Windows 7 / Windows Server 2008 R2 x64 is selected. If you want to select any other options, go ahead and then click, “Start”.

The updates will start to download. As a rough idea of the download time, the updates for Vista x64 was 2.5GB, Windows Server 2008R2 was 800MB.

Next step is to copy the WSUS folder to some sort of removable media, a memory stick, DVD, external hard disk etc. Insert it into the server you want to update.

Open the WSUS folder, open the folder, “client” and run the update executable.

This will update your system to the latest patch level.

Not enough server storage is available to process this command

Posted on May 5, 2015

Here is the offending registry value:

HKEY_LOCAL_MACHINE \SYSTEM \CurrentControlSet \Services \LanmanServer \Parameters IRPStackSize DWORD 0x0000000f (15)

Check for the presence of the value named IRPStackSize. If it doesn’t exist, create it as type DWORD and make sure you have the capitalization absolutely correct (5 upper case, 7 lower case characters), because the system strangely seems to depend on that.

With base set to decimal, enter the value 16 or higher. 15 is the default, so entering 15 should have the same effect as removing that value altogether.

The Performance Overview tab fails to display with the error: Navigation to the webpage was cancelled (1014454)

Posted on May 5, 2015 Updated on May 22, 2015

There are several possible causes for this issue. Attempt each of the troubleshooting steps below in sequence, without skipping any.

  1. Confirm that the vCenter Web Management Service is running.
  2. To resolve this issue, connect to vCenter locally with a vSphere Client located on the vCenter Server and followStopping, starting, or restarting vCenter services (1003895).
  3. Ensure that the correct DNS settings and IP address are being used:
  4. On the vCenter Server, navigate toC:\Program Files\VMware\Infrastructure\VirtualCenter Server\extensions\com.vmware.vim.stats.report\.
  5. Openxml in a text editor.
  6. Edit the line<url>https://hostname:8443/statsreport/vicr.do</url> to use an IP address instead of an FQDN to rule out issues with DNS.
  7. Restart vCenter Web Management Service and the vCenter Server Service after making any changes to the.xml For moreinformation, see Stopping, starting, or restarting vCenter services (1003895).
  8. Disable any third party web services that may be interfering with the vCenter Web Management Services.
  9. To confirm that a third party web service is the cause:
  10. Stop the vCenter Web Management Service. For more information, seeStopping, starting, or restarting vCenter services (1003895).
  11. Try to connect to port 8443 (the port on which the Web Management Service runs) by executing:
  12. telnet IP8443
  13. If the port responds when the vCenter Web Management Service is stopped, there might be another service that is using the port. In this case, if you want to continue running the conflicting third party service, you may have to change the port that Performance Overview uses. To change the port used by Performance Overview, seeThe Performance Overview tab within vCenter Server reports the HTTP Status 404 error (1016160).
  14. Check if vCenter Server is using custom SSL certificates as a result of a recent upgrade to vCenter Server 4.0 Update 1. For more information, seeVMware vCenter Server plugins fail after adding custom SSL certificates (1017577).

Note: Additionally, you can perform these steps:

  • Disable the proxy settings from the browser.
  • To disable the settings:
  1. LaunchInternet
  2. Navigate toTools > Internet options.
  3. Click theConnections
  4. ClickLAN settings.
  5. Select theUse automatic configuration script
  • If you experience this issue on workstations external to the vCenter Server, try to connect to port 8443 (the port on which the Web Management Service runs) as per Step 3b. If you are unable to connect to the port, disable the Windows Firewall on the vCenter Server system. For more information, see the Microsoft TechNet article I Need to Disable Windows Firewall.

What are the countries in LATAM?

Posted on May 5, 2015 Updated on May 7, 2015

Latin America can be subdivided into several sub regions based on geography, politics, demographics and culture. If defined as all of the Americas south of the United States, the basic geographical subregions are North America, Central America, the Caribbean and South America;[20] the latter contains further politico-geographical subdivisions such as the Southern Cone, the Guianas and the Andean states. It may be subdivided on linguistic grounds into Hispanic America, Portuguese America and French America.

Name Area Population Capital Name(s) in official language(s) (km²) Argentina 2,780,400 41,660,417 Buenos Aires Argentina Bolivia 1,098,581 10,461,053 Sucre and La Paz Bolivia Brazil 8,515,767 201,032,714 Brasília Brasil Chile 756,096 17,556,815 Santiago Chile Colombia 1,141,748 47,387,109 Bogotá Colombia Costa Rica 51,100 4,667,096 San José Costa Rica Cuba 109,884 11,061,886 Havana Cuba Dominican Republic 48,442 10,219,630 Santo Domingo República Dominicana Ecuador 283,560 15,439,429 Quito Ecuador El Salvador 21,040 6,108,590 San Salvador El Salvador French Guiana* 83,534 250,109 Cayenne Guyane française Guadeloupe* 1,628 405,739 Basse-Terre Guadeloupe Guatemala 108,889 15,438,384 Guatemala City Guatemala Haiti 27,750 9,996,731 Port-au-Prince Haïti, Ayiti Honduras 112,492 8,555,072 Tegucigalpa Honduras Martinique* 1,128 386,486 Fort-de-France Martinique Mexico 1,972,550 118,395,054 Mexico City Estados Unidos Mexicanos Nicaragua 130,375 5,788,531 Managua Nicaragua Panama 75,517 3,661,868 Panama City Panamá Paraguay 406,752 6,800,284 Asunción Paraguay Peru 1,285,216 30,475,144 Lima Perú Puerto Rico* 9,104 3,615,086 San Juan Puerto Rico Saint Barthélemy* 53.2 36,286 Gustavia Saint-Barthélemy Saint Martin* 25 9,035 Marigot Saint-Martin Uruguay 176,215 3,324,460 Montevideo Uruguay Venezuela 916,445 31,648,930 Caracas Venezuela

Help and support service not running in Windows 2003

Posted on May 5, 2015 Updated on May 22, 2015

To fix this:

  • Open a Command Prompt
  • Run the following commands
  • %SystemDrive%
  • CD %windir%\PCHealth\HelpCtr\Binaries
  • start /w helpsvc /svchost netsvcs /regserver /install

The service should install and start automatically.

How to Uninstall IE 8 on Windows Server 2003

Posted on May 5, 2015 Updated on May 6, 2015

Just go to Run and insert this: %windir%\ie8\spuninst\spuninst.exe

If you do not find SPUNINST folder under C:\Windows\ie8

Please copy the same folder structure from another server and run spuninst.exe.

It would probably as some files that may be required to uninstall, as and when it asks for a file find the file in another pc and copy it on to the PC.

IMP: IEENCODE.DLL.000 file is required. I could not find this file any location. What i did was, i copied the IEENCODE.DLL file to another location and renamed it as IEENCODE.DLL.000 and feed this file when uninstaller asks.

done.. your IE 8 is uninstalled successfully!

Socrates

Posted on May 4, 2015 Updated on May 6, 2015

“Do not do to others what angers you if done to you by others”

How to Clean up the WinSxS Directory on Windows Server 2008 R2

Posted on May 4, 2015 Updated on May 6, 2015

Prior to this we need to install Disk Cleanup on Windows 2008. Disk Cleanup is not installed by default on Windows Server 2008 R2. It is instead a component installed with the Desktop Experience feature.

To install Disk Cleanup without reboot the server — How to install Disk Cleanup without reboot the server in Window 2008

Now download the appropriate package and install the on the system.

Operating system Update All supported x86-based versions of Windows 7

Download

All supported x64-based versions of Windows 7

Download

All supported x64-based versions of Windows Server 2008 R2

Download

Looking at my Windows 2008 R2 Server with SP1 installed, according to Windows Explorer, the size of my Windows/WinSxS directory is as follows:

The size of the WinSxS directory will vary by server. Some of you will have smaller WinSxS directories, some larger.

Installing the update is just like installing any other update. Just download and double-click on the .msu file:

Now we need to run the disk cleanup wizard. Disk Cleanup option can be found under Start –> All Programs –> Accessories –> System Tools: or go to run and type ‘cleanmgr’ to launch it.

On launch, Disk Cleanup prompts for the drive you want to clean up, default drive will be C: drive

After clicking Ok, a scan is performed:

Several options are provided for cleanup, including a new option for Windows Update Cleanup:

If you didn’t launch Disk Cleanup as Administrator, at this point, you’ll need to take a couple extra steps. You’ll need to click on the Clean up system files button.

The actual cleanup occurs during the next reboot. After the reboot, taking a look at the WinSxS directory, it has shrunk to the following:

VMware Interview Questions

Posted on May 1, 2015 Updated on May 7, 2015

  1. ESX vs ESXi
  2. ESXi has no service console which is a modified version of RHEL
  3. ESXi is extremely thin hence results in fast installation + fast boot
  4. ESXi can be purchased as an embedded hypervisor on hardware
  5. ESXi has builtin server health status check
  6. ESXi 4.1 vs ESXi 5.0 — Migration
  7. Local upgrade from CD
  8. VMware update manager (only supports upgrade of ESX/ESXi 4.x to ESXi 5.0)
  9. ESXi 4.1 vs ESXi 5.0 — Features
  10. vSphere Auto deploy
  11. Storage DRS
  12. HA — Primary/secondary concept changed to master/slave
  13. Profile driven storage
  14. VMFS version — 3 → 5
  15. ESXi firewall
  16. VMware hardware version — 7 → 8
  17. VMware tools version — 4.1 → 5
  18. vCPU — 8 → 32
  19. vRAM — 256 → 1 TB
  20. VMs per host — 320 → 512
  21. RAM per host — 1TB → 2TB
  22. USB 3.0 support
  23. vApp
  24. HA 5.0
  25. Uses an agent called FDM — Fault domain manager
  26. HA now talks directly to hostd instead of using vcenter agent vpxa
  27. Master/slave concept
  28. Master
  29. monitors availability of hosts/VMs
  30. manages VM restarts after host failure
  • maintains list of all VMs in each host
  1. restarting failed VMs
  2. exchanging state with vcenter
  3. monitor state of slaves
  4. monitor running VMs and send status to master and performs restart on request from master
  5. monitors master node health
  • if master fails, participates in election
  1. Two different heartbeat mechanisms — Network heartbeat and datastore heartbeat
  2. Network heartbeat
  3. Sends between slave and master per second
  4. When slave is not receiving heartbeat from master, checks whether it is isolated or master is isolated or has failed
  5. To distinct between isolation and failure
  6. Uses ‘Power On’ file in datastore to determine isolation
  • This mechanism is used only when master loses network connectivity with hosts
  1. 2 datastores are chosen for this purpose
  2. PowerOff
  3. Leave Powered On
  4. vMotion
  5. vMotion enables live migration of running virtual machines from one host to another with zero downtime
  6. Prerequisites
  7. Host must be licensed for vMotion
  8. Configure host with at least one vMotion n/w interface (vmkernel port group)
  • Shared storage (this has been compromised in 5.1)
  1. Same VLAN and VLAN label
  2. GigaBit ethernet network required between hosts
  3. Processor compatibility between hosts
  • vMotion does not support migration of applications clustered using Microsoft clustering service
  • No CD ROM attached
  1. No affinity is enabled
  2. vmware tools should be installed
  3. What is DRS? Types of DRS
  4. Distributed Resource Scheduler
  5. It is a feature of a cluster
  6. DRS continuously monitors utilization across the hosts and moves virtual machines to balance the computing capacity
  7. DRS uses vMotion for its functioning
  8. Types of DRS
  9. Fully automated — The VMs are moved across the hosts automatically. No admin intervention required.
  10. Partially automated — The VMs are moved across the hosts automatically during the time of VM bootup. But once up, vCenter will provide DRS recommendations to admin and has to perform it manually.
  • Manual — Admin has to act according to the DRS recommendations
  1. DRS prerequisites
  2. Shared storage
  3. Processor compatibility of hosts in the DRS cluster
  4. vMotion prerequisites
  5. vMotion is not working. What are the possible reasons?
  6. Ensure vMotion is enabled on all ESX/ESXi hosts
  7. Ensure that all vmware pre requisites are met
  8. Verify if the ESXi/ESX host can be reconnected or if reconnecting the ESX/ESXi host resolves the issue
  9. Verify that time is synchronized across environment
  10. Verify that the required disk space is available
  11. What happens if a host is taken to maintenance mode
  12. Hosts are taken to maintenance mode during the course of maintenance
  13. In a single ESX/ESXi setup, all the VMs need to be shutdown before getting into maintenance mode
  14. In a vCenter setup If DRS is enabled, the VMs will be migrated to other hosts automatically.
  15. How will you clone a VM in an ESXi without vCenter
  16. Using vmkftools
  17. Copy the vmdk file and attach to a new VM
  18. Using VMware converter
  19. What is vSAN?
  20. It is a hypervisor-converged storage solution built by aggregating the local storage attached to the ESXi hosts managed by a vCenter.
  21. Recommended iSCSI configuration?
  22. A separate vSwitch, and a separate network other than VMtraffic network for iSCSI traffic. Dedicated physical NICs should be connected to vSwitch configured for iSCSI traffic.
  23. What is iSCSI port binding ?
  24. Port binding is used in iSCSI when multiple VMkernel ports for iSCSI reside in the same broadcast domain and IP subnet, to allow multiple paths to an iSCSI array that broadcasts a single IP address.
  25. iSCSI port binding considerations ?
  26. Array Target iSCSI ports must reside in the same broadcast domain and IP subnet as the VMkernel port.
  27. All VMkernel ports used for iSCSI connectivity must reside in the same broadcast domain and IP subnet.
  28. All VMkernel ports used for iSCSI connectivity must reside in the same vSwitch.
  29. Currently, port binding does not support network routing.
  30. Recommended iSCSI configuration of a 6 NIC infrastructure ? (Answer changes as per the infrastructure requirements)
  31. 2 NICs for VM traffic
  32. 2 NICs for iSCSI traffic
  33. 1 NIC for vMotion
  34. 1 NIC for management network
  35. Post conversion steps in P2V
  36. Adjust the virtual hardware settings as required
  37. Remove non present device drivers
  38. Remove all unnecessary devices such as serial ports, USB controllers, floppy drives etc..
  39. Install VMware tools
  40. Which esxtop metric will you use to confirm latency issue of storage ?
  41. What are standby NICs
  42. These adapters will only become Active if the defined Active adapters have failed.
  43. Path selection policies in ESXi
  44. Most Recently Used (MRU)
  45. Fixed
  46. Round Robin
  47. Which networking features are recommended while using iSCSI traffic
  48. iSCSI port binding
  49. Jumbo Frames
  50. Ports used by vCenter
  51. What is ‘No Access’ role
  52. Users assigned with the ‘No Access’ role for an object, cannot view or change the object in any way
  53. When is a swap file created
  54. When the guest OS is first installed in the VM
  55. The active directory group, where the members will be ESXi administrators by default.
  56. Which is the command used in ESXi to manage and retrieve information from virtual machines ?
  57. Which is the command used in ESXi to view live performance data?
  58. Command line tool used in ESXi to manage virtual disk files?
  59. Port used for vMotion
  60. Log file location of VMware host
  61. Can you map a single physical NIC to multiple virtual switches ?
  62. Can you map a single virtual switch to multiple physical NICs?
  63. Yes. This method is called NIC teaming.
  64. VMKernel portgroup can be used for:
  65. vMotion
  66. Fault Tolerance Logging
  67. Management traffic
  68. Major difference between ESXi 5.1 and ESXi 5.5 free versions
  69. Till ESXi 5.1 free version there was a limit to the maximum physical memory to 32 GB. But from 5.5 onwards this limit has been lifted.
  70. Maximum number of LUNs that can be attached to a host (ESXi 5.0)
  71. Maximum number of vCPUs that can be assigned to a VM (ESXi 5.0)
  72. What is CPU affinity in VMware? Its impact on DRS?
  73. CPU refers to a logical processor on a hyperthreaded system and refers to a core on a non-hyperthreaded system
  74. By setting CPU affinity for each VM, you can restrict the assignment of VMs to a subset of available processors
  75. The main use of setting CPU affinity is when there are display intensive workloads which requires additional threads with vCPUs.
  76. DRS will not work with CPU affinity
  77. VMversion 4 vs VMversion 7
  78. Runs on ESX 3.x
  79. Max supported RAM 64 GB
  80. MS cluster is not supported
  81. 4 NICs/VM
  82. No USB Support
  83. Runs on vSphere 4.x
  84. Max supported RAM 256 GB
  85. MS cluster is supported
  86. 10 NICs/VM
  87. USB support
  88. What happens to the VMs if a standalone host is taken to maintenance mode?
  89. In case of standalone servers , VMware recommends that VMs should be powered off before putting the server in maintenance mode
  90. If we put the standalone host in maintenance mode without powering off the VMs, it will remain in the ‘entering maintenance mode’ state until the VMs are all shutdown
  91. When all the VMs are powered down, the host status changes to ‘under maintenance’
  92. How can you edit a vm template?
  93. The VM templates cannot be modified as such
  94. First , the VM template have to be converted to a virtual machine
  95. After making necessary machines in the virtual machine, convert the virtual machine back to template
  96. VMware hardware version comparison

How to change default snapshot location in VMware ESXi 5

Posted on May 1, 2015 Updated on May 6, 2015

Defaulty the snapshots which are taken for any virtual machine are stored with their parent in the same directory or storage. Sometimes you may run out of space and you might not be able to take anymore snapshots so in that case you can always use some other location for the storage of snapshots.

These are the required steps to be taken to change the default locations of all the snapshots .

NOTE: Please ensure that the vm you are working on is powered OFF.

Right Click the vm and select Edit Settings Click on Options from the top TAB, select General and open the Configuration parameters

Add a new row with the following details

snapshot.redoNotWithParent

Save this parameter with a value “true” as shown below

Now open the CLI of the host where the vm is located

Go to the vm’s parent directory where all the vm files are stored and open the main .vmx file

As in my case

# cd /vmfs/volumes/53652b45–90f342h4-v3r3-s5dw676h5674/Windows2003 # vi Windows2003.vmx

Now add this line anywhere in the .vmx file with the path location where you want your snapshots to be stored

workingDir = “/vmfs/volumes/54332bf4-gd3bf353-g45b-g2ft353b5545/snapshots”

Save the file and exit

Now you need to reload this vm to make the changes take affect. # vim-cmd vmsvc/getallvms | grep Windows2003 13 Windows2003 [iSCSI-Datastore15] Windows2003/Windows2003 win2003 vmx-07 Here 13 is the vm id which you can find out using the above command # vim-cmd vmsvc/reload 13 Now when you take snapshots the snapshot files and vm swap files will be created in a different location.

How to redirect vm’s swap file

In case you do not want vm swap file to be redirected to another location and you want it to the same parent directory. Add an extra parameter in the Configuration Parameter option shown above sched.swap.dir=”<path_to_vm_directory>” For example /vmfs/volumes/54332bf4-gd3bf353-g45b-g2ft353b5545/vmswap

Save the settings and exit. Now each time you take snapshot the snapshot files and vm swap files will be saved at specified different location.

Test Cluster Failures and Failover Policies

Posted on May 1, 2015 Updated on May 10, 2015

Test cluster failures and failover policies

Test group failover policy

To test group failover policy

  1. Open Cluster Administrator.
  2. In the console tree, double-click the Groups folder.
  3. In the details pane, click the group.
  4. On the File menu, click Properties.
  5. On the Failover tab, set the Threshold to 0, and then click OK.
  6. In the Cluster Administrator console tree, click the group.
  7. In the details pane, click a resource.
  8. On the File menu, click Properties.
  9. On the Advanced tab, select the Affect the group check box, if it is not already selected.
  10. On the Advanced tab, set the Threshold to 0, and then click OK.
  11. On the File menu, click Initiate Failure.

Test whether group resources can fail over

To test whether group resources can fail over

  1. Open Cluster Administrator.
  2. In the console tree, double-click the Groups folder.
  3. In the console tree, click a group.
  4. On the File menu, click Move Group.On a multinode cluster server, when using Move Group, select the node to move the group to.
  5. Make sure the Owner column in the details pane reflects a change of owner for all of the group’s dependencies.

Test private network failures

To test private network failures

  1. Open Cluster Administrator.
  2. Verify that there are at least two networks set up for internal cluster communication and determine which network has the highest priority for internal cluster communications.For more information, see “To change network priority for communication between nodes” in Related Topics. When you follow that procedure, Cluster Administrator will only list those networks that support internal cluster communication.
  3. If there are two or more internal networks, continue to step 4, otherwise stop here and do not continue.
  4. On one node, unplug the cable for the highest priority network identified above.
  5. In the console tree, click the cluster node and verify that the state of the node is still Up (that is, actively participating in all cluster operations).

Test node failure

To test node failure

  • Test node failure using one of the following four methods:
  • Stop the Cluster service on the node.This prevents clients from accessing cluster resources through that node. In this event, all resources owned by this node fail over to other nodes in the server cluster.
  • Turn off the power on the node.This tests the ability of the server cluster to fail over all the resources that were owned by the powered down node.
  • On one node, unplug the network cables for all networks enabled for intracluster communications.This test disables all intracluster network interfaces for the node and prevents the node from exchanging heartbeats with the Cluster Network Driver on the other active nodes. In this event, the Cluster service then initiates failover of the resources owned by the node to the other nodes in the server cluster.

Start Cluster Administrator in Microsoft Management Console

To start Cluster Administrator in Microsoft Management Console

  1. Open Computer Management.
  2. In the console tree, double-click to expand Services and Applications.
  3. Right-click Cluster, and then click

Pause a node

To pause a node

  1. Open Cluster Administrator.
  2. In the console tree, click the node.
  3. On the File menu, click Pause Node.

Resume a node

To resume a node

  1. Open Cluster Administrator.
  2. In the console tree, click the node.
  3. On the File menu, click Resume Node.

Stop the Cluster service

To stop the Cluster service

  1. Open Cluster Administrator.
  2. In the console tree, click the node.
  3. On the File menu, click Stop Cluster Service.

Start the Cluster service

To start the Cluster service

  1. Open Cluster Administrator.
  2. In the console tree, click the node.
  3. On the File menu, click Start Cluster Service.

Set the Cluster service to only start manually

To set the Cluster service to only start manually

  1. Open Computer Management.
  2. In the console tree, click Services.Where?
  • Computer Management/Services and Applications/Services
  1. In the details pane, click Cluster Service.
  2. On the Action menu, click Properties.
  3. In Startup type, select Manual, and then click OK.

Notes

  • To perform this procedure, you must be a member of the Administrators group on the local computer, or you must have been delegated the appropriate authority. If the computer is joined to a domain, members of the Domain Admins group might be able to perform this procedure. As a security best practice, consider using Run as to perform this procedure.
  • To open Cluster Administrator, click Start, click Control Panel, double-click Administrative Tools, and then double-click Cluster Administrator.

Confucious

Posted on April 29, 2015 Updated on May 7, 2015

“A superior man is modest in his speech, but exceeds in his actions.”

AD account lockout issues

Posted on April 27, 2015 Updated on May 6, 2015

Let me give some more idea which will help you to troubleshoot similar steps in future. Here are the most probable reasons which can cause account lockout issues. Exchange ActiveSync mobile devices — 90% of account lockout issues are caused by an “unknown” device trying to sync with your Exchange mailbox.

  1. Apple MobileMe — contacts sync — Check and ensure the user hasn’t configured MobileMe to sync his contacts from Outlook. If this is configured with AD credentials, it can be a reason for account lockout
  2. Applications / Web applications/ Tools which sync with Active Directory for authentication — There might be third party applications which are running which may have AD username and password stored within and lot of times the moment the user open applications like Internet explorer / browser, the application or the tools, it will try to authenticate in the background and lock the password.
  3. Vault for credentials in Windows Control Panel or Credential manager — This is the second most obvious reason the user might get locked out. In my case, the user had an intranet SharePoint web portal and the AD credentials where cached in Credential manager. Make sure Windows Credentials area is empty

Stored usernames and passwords — rundll32.exe keymgr.dll, KRShowKeyMgr — This shouldn’t be a problem in most cases. Open a run windows and type rundll32.exe keymgr.dll, KRShowKeyMgr and delete stored passwords if any.

  1. Rename AD Profile on the user machine — This is more like trying to fix the issue without knowing what’s causing it. This is under the assumption that account lockout happens when the user is logged into his client machine. If the account lockout is caused from an application or “something” from that machine, rename the AD profile on the client from “Documents and Settings in XP and Users in Win7″, advise the user to login again and monitor the situation.

Other advanced level tools are LockOutStatus and ADLockouts.

Alan Turing

Posted on April 27, 2015 Updated on May 7, 2015

“Sometimes it is the people no one imagines anything of who do the things no one can imagine.”

Mahatma Gandhi

Posted on April 27, 2015 Updated on May 7, 2015

“Nobody can hurt me without my permission.”

Visvesvaraya

Posted on April 26, 2015 Updated on May 7, 2015

“God’s house must be clean, otherwise, God will just run away.”

Albert Einstein

Posted on April 24, 2015 Updated on May 7, 2015

“Everybody is a genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is stupid.”

Windows Server 2008 R2 stuck in recovery mode after power failure

Posted on April 24, 2015 Updated on May 10, 2015

If you cannot boot into Safe Mode either, I suggest restarting the computer, keeping pressing F8 and choosing the Last Known Good feature.

If the issue persists, please try methods below:

Method 1:

  1. Put the Windows Server 2008 R2 installation disc into the disc drive, and then start the computer.
  2. Press a key when the message indicating “Press any key to boot from CD or DVD …”. appears.
  3. Select a language, a time, a currency, and a keyboard or another input method, and then click Next.
  4. Click Repair your computer.
  5. Click the operating system that you want to repair, and then click Next.
  6. In the System Recovery Options dialog box, click Command Prompt.
  7. Type sfc /scannow, and then press ENTER.

Method 2:

  1. Put the Windows Server 2008 R2 installation disc in the disc drive, and then start the computer.
  2. Press any key when the message indicating “Press any key to boot from CD or DVD …”. appears.
  3. Select a language, time, currency, and a keyboard or another input method. Then click Next.
  4. Click Repair your computer.
  5. Click the operating system that you want to repair, and then click Next.
  6. In the System Recovery Options dialog box, click Command Prompt.
  7. Type Bootrec /RebuildBcd, and then press ENTER.

Method 3:

  1. Put the Windows Server 2008 R2 installation disc into the disc drive, and then start the computer.
  2. Press a key when the message indicating “Press any key to boot from CD or DVD …”. appears.
  3. Select a language, a time, a currency, and a keyboard or another input method, and then click Next.
  4. Click Repair your computer.
  5. Click the operating system that you want to repair, and then click Next.
  6. In the System Recovery Options dialog box, click Command Prompt.
  7. Type BOOTREC /FIXMBR, and then press ENTER.
  8. Type BOOTREC /FIXBOOT, and then press ENTER.
  9. Type Drive:\boot\Bootsect.exe /NT60 All, and then press ENTER.

Note: In this command, Drive is the drive where the Windows Server 2008 R2 installation media is located.

How to use the Replication Monitor to Determine the Operations Master and Global Catalog Roles

Posted on April 24, 2015 Updated on May 10, 2015

Let us see how to use the Active Directory Replication Monitor (ReplMon.exe) tool to determine the servers that hold the operations master roles in a forest as well as the domain controllers and global catalog servers for the forest. The five operations master roles that are defined in Active Directory are:

  • Schema master
  • Domain naming master
  • Relative identifier (RID) master
  • Primary domain controller (PDC) emulator
  • Infrastructure master

There is a very quick method to determine which servers in the forest hold these roles by using Active Directory Replication Monitor.

The Setup program that installs Active Directory Replication Monitor (and other useful support tools) is available on the Windows 2000 Server CD-ROM under the \Support\Tools\Setup.exe folder. When this tool is installed, you can start it if you click Start, point to Programs, click Support Tools, click Tools, and then click Active Directory Replication Monitor.

Determine the Operations Master Role Holders

  1. Start the Active Directory Replication Monitor tool.
  2. Right-click Monitored Servers, and then add one or more servers by using the wizard.
  3. Right-click the servers, and then click Properties.
  4. Click the FSMO Roles tab.
  5. The domain controllers that hold all operations master roles are now displayed under the “Owner” column.
  6. To test the connectivity to each of the operations master role holders, click Query to the right of each role.

Determine Global Catalog Servers

  1. Start the Active Directory Replication Monitor tool.
  2. Right-click Monitored Servers, and then add one or more servers by using the wizard.
  3. Right-click the servers, and then click Show Global Catalog Servers in Enterprise.

How to user DsQuery

Posted on April 24, 2015 Updated on May 10, 2015

To find all the domain controllers in the forest with DN and RDN:

  • DsQuery Server -o rdn -Forest
  • DsQuery Server -Forest

To find all the domain controllers in a domain:

  • DsQuery Server -domain domain_name.com

To list all the domain controllers in a domain that are also Global Catalog Servers:

  • DsQuery Server -domain domain_name.com -isgc

To list the domain controller in the forest that holds the Schema FSMO:

  • DsQuery Server -Forest -hasfsmo schema

Note: Use the “>” to store the output to a text file. The below command will store all the domain controller names in AllDCs.txt.

  • DsQuery Server -Forest > AllDCs.txt

How to export dump from AD

Posted on April 24, 2015 Updated on May 9, 2015

There are 2 commands available for this:

1. Go to Start -> Run ->cmd

Paste the command in the below format:

ldifde

ldifde -f Exportuser.ldf -s ADservername -d “CN=username,CN=Users,DC=xxx,DC=xxx,DC=xxx,DC=com”

csvde

csvde -m -f AccountName_mailboxes.txt -d “cn=ADusername,OU=Group Mailboxes,OU=Groups,DC=xxx,DC=xxx,DC=xxx,DC=com” -r “(&(objectClass=*)(mail=*))” -l objectClass,member,displayName,memberOf,proxyAddresses,legacyExchangeDN,title,telephoneNumber,facsimileTelephoneNumber,mobile,homephone,givenName,company,userPrincipalName,co,c,physicalDeliveryOfficeName,postalCode,sn,st,streetAddress,title,wWWHomePage,description,l,initials,info,sAMAccountName

To get a serial number remotely for any server/desktop/laptop

Posted on April 24, 2015 Updated on May 1, 2015

Run this command:

wmic /node:[remote computer name] bios get serialnumber

Or, if you would like to output to a text file:

set myfile = [The full UNC path with filename e.g. \\server\share\filename.txt]

wmic /append:%myfile% /node:[remote computer name] bios get serialnumber

Just open the shell with Admin rights, and type:

Get-WmiObject -ComputerName [remote computer name] -Class Win32_BIOS

or the short version:

gwmi -comp [remote computer name] -cl win32_bios

wmic cpu get name,CurrentClockSpeed,MaxClockSpeed This command will tell you the system motherboard (that happen to be the name) and it’s UUID

wmic bios get name,serialnumber,version This will tells you the name if your BIOS, current version and it’s serial number if there is any.

wmic csproduct Computer system product information from SMBIOS

Installing ADSI edit in Windows Server 2003

Posted on April 24, 2015 Updated on May 9, 2015

The ADSI (Active Directory ServiceInterfaces) editor is a management console that comes along with the Windows Server support tools. Using this you can edit each and every attribute of the objects present in your active directory database. The support tools for the Windows Server OS is present in the OS installation CD. It is located at [CDDRIVE]:\SUPPORT\TOOLS\SUPTOOLS.MSI If you don’t have the OS CD you can download it from Microsoft Download Windows Server 2003 Support Tools After installation got to Start -> Run and type adsiedit.msc to get the ADSI edit console. If you get an error message saying adsiedit.msc is not found you have to register the DLL file required for it manually. To do this go to Start-> Run and type regsvr32 adsiedit.dll.

How to change the thick or thin provisioning of a virtual disk

Posted on April 24, 2015 Updated on April 27, 2015

Caution: Before following these procedures, it is highly recommended that you have a valid backup of the virtual machine and enough space to convert the virtual machine’s disk(s) from thin to thick.

To change the provisioning of a virtual machine base disk from thin to thick from the Datastore Browser:

  1. Power off the virtual machine.
  2. In vSphere Client, right-click the virtual machine in the inventory.
  3. Click Edit Settings to display the Virtual Machine Properties dialog box.
  4. Click the Hardware tab and select the appropriate hard disk in the Hardware list.Note: The Disk Provisioning Type section on the right displays either Thin Provision or Thick Provision. If the disk provision type is Thick, disk provisioning has already taken place. In this case, the disk provisioning is Thin.
  5. Click Cancel to exit out of Virtual Machine Properties dialog box.
  6. Click the Summary tab of the virtual machine.
  7. Under Resources, right-click the datastore where the virtual machine resides and click Browse Datastore.
  8. Double-click the virtual machine folder to display the .vmdk file.
  9. Right-click the .vmdk file, and click Inflate. The Inflate option converts the disk to thick provisioned.
  10. Reload the .vmx file. For more information see Reloading a vmx file without removing the virtual machine from inventory (1026043).

Notes:

  • If the Inflate option is grayed out, this indicates that the virtual machine is not powered off or that it is not thin provisioned.
  • There should be no snapshots and the conversion is performed on the base disk.

To convert a virtual machine base disk from thick to thin provisioning by changing the datastore and using offline virtual machine migration:

Note: This process requires more than one datastore. If only a single datastore exists, you can clone the virtual machine to a destination machine with thin provisioned disks instead of migrating.

  1. Power off the virtual machine.
  2. Right-click the virtual machine, and click Migrate.
  3. Click Change datastore.
  4. Click Next, and select a datastore that is not the same as the current datastore.
  5. From the dropdown, select the Thin Provision virtual disk format.
  6. Click Next, then Finish. You can monitor the progress of the conversion in the Tasks and Events view in vCenter Server.

Follow the below steps to do Storage vMotion from vSphere Webclient for vSphere 5.5:

  1. Right-click the virtual machine and select Migrate.
  2. To locate a virtual machine, select a datacenter, folder, cluster, resource pool, host, or vApp.
  3. Click the Related Objects tab and click Virtual Machines.
  4. Select Change datastore and click Next.
  5. Select “Thin Provision” for the virtual machine’s disks and click Next
  6. Select a virtual machine storage policy from the VM Storage Policy drop-down menu, click Next
  7. Select the datastore location where you want to store the virtual machine files and click Next.
  8. Review the information on the Review Selections page and click Finish.

How to Enable Remote Logins in a Windows server

Posted on April 24, 2015 Updated on April 27, 2015

Locate to the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\

fDenyTSConnections value is set to 1 by default to disable remote desktop; editing the value remotely to 0 will enable remote desktop

How to download Cleanwipe Utility

Posted on April 24, 2015 Updated on April 27, 2015

To download the utility, open the following web page in a browser: https://fileshare.symantec.com Log in with the following information:

Login ID: cleanwipeutility Password: CL3@nw!p3

Once you have downloaded the utility, please follow these instructions.

Note: The .zip file may be password protected. Un-Zip Password: symantec

DCICN Exam — Cisco Data Center Networking (640–911) details and Study Guide

Posted on April 24, 2015 Updated on May 10, 2015

The 640–911 DCICN “Introducing Cisco Data Center Networking” is one of the exams associated with the CCNA® Data Center certification. This 90-minute 65−75 questions exam tests a candidate’s knowledge of networking concepts for the Data Center environment, based on Nexus-OS. You will learn fundamental information on how a Data Center network works; and how to configure virtualization in the network, addressing schemes, troubleshooting and configuration skills. Candidates can prepare for this exam by taking the course 640–911 DCICN, “Introducing Cisco Data Center Networking”.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

Download Complete List of Topics in PDF format

The Study/Learn tabs for the 640–911 DCICN Exam page.

DCICN Exam Topics

Duration Learn More Media Type Access Now Describe how a network worksHide Titles Preparing for your CCNA Data Center Certifications Studies 00:43:00

Watch Now Internetworking Basics 29 pages

View Now Understanding the TCP/IP Internet Layer 00:25:00

Watch Now Cisco NX-OS Command Line Introduction Series

01:29:42

Subscribe Now Cisco NX-OS Advanced Features Series

01:13:40

Subscribe Now NX-OS and Cisco Nexus Switching: Next-Generation Data Center Architectures

480 pages

Buy Now Configure, verify and troubleshoot a switch with VLANs and interswitch communicationHide Titles Ethernet Technologies 46 pages

View Now Introduction to LAN Protocols 9 pages

View Now Understanding VLANS by Understanding MAC Table Operation 4 pages

View Now Calculating an 802.1d Spanning-Tree Topology 20 pages

View Now Implement an IP addressing scheme and IP Services to meet network requirements in a medium-size Enterprise branch office network IPAddressingGuide 1 page

View Now IP Addressing and Subnetting for New Users 12 pages

View Now Binary Game Varies

Play Now Subnet Game Varies

Play Now Subnet Troubleshooting Game Varies

Play Now IP Routing — Introduction Varies

Watch Now Configure, verify, and troubleshoot basic router operation and routing on Cisco devicesHide Titles Routing Basics 11 pages

View Now IP Routing — Introduction Varies

Watch Now Introducing EIGRP 00:22:00

Watch Now Introducing the OSPF Protocol 00:23:00

Watch Now Nexus 7000 Series Data Sheet 8 pages

View Now Nexus Licensing 44 pages

View Now

Keyboard or mouse do not work in a hosted virtual machine

Posted on April 24, 2015 Updated on April 27, 2015

To troubleshoot a misbehaving mouse or keyboard:

  1. Confirm that the virtual machine guest window currently has focus by clicking into the virtual machine’s console window. Keyboard or mouse input is only directed to the virtual machine when it has focus or is in full-screen mode.
  2. If your mouse is slow to respond or if it is working erratically, change the optimization settings. For more information, see Mouse movement is not smooth in a hosted virtual machine (1033416).
  3. If you are using a wireless mouse or keyboard, ensure that you have not connected it to the virtual machine by removing and re-adding the USB Controller from the virtual machine. For more information, see the Workstation Help topic Add a USB Controller to a Virtual Machine.
  4. Restart your host computer.
  5. For Windows hosts, use the Windows System Configuration (msconfig) utility to eliminate software and processes as possible causes. For more information, see Using the Windows System Configuration utility (1004010).
  6. For Linux hosts, start Linux in a mode that disables start daemons (typically run level 2; if your host lacks this, you may need to start in single-user mode). For more information, see Changing Linux run levels (1004015) or your operating system documentation.
  7. Look for non-Microsoft, non-VMware mouse/keyboard drivers or software installed in the virtual machine, and remove them.
  8. Re-install VMware Tools. For details, see Overview of VMware Tools (340).

What is Processor Queue Length?

Posted on April 21, 2015 Updated on May 10, 2015

A collection of one or more threads that is ready but not able to run on the processor due to another active thread that is currently running is called the processor queue. The clearest symptom of a processor bottleneck is a sustained or recurring queue of more than two threads. Although queues are most likely to develop when the processor is very busy, they can develop when utilization is well below 90 percent. This can happen if requests for processor time arrive randomly and if threads demand irregular amounts of time from the processor.

If queue occur frequently, You need to investigate the processes that are running when threads collect in the queue.

To determine this:

  • Identify the processes that are consuming processor time. Determine whether a single process or multiple processes are active during a bottleneck. Running processes appear in the Instance box when you select the Process\% Processor Time counter. For more information, see “Processes in a Bottleneck” later in this chapter.
  • Scrutinize the processor-intensive processes. Determine how many threads run in the process and watch the patterns of thread activity during a bottleneck.
  • Evaluate the priorities at which the process and its threads run. You might be able to eliminate a bottleneck merely by adjusting the base priority of the process or the current priorities of its threads. However, Microsoft does not recommend this as a long-term solution. Use Task Manager to find the base priority of the process.

Different guidelines apply for queue lengths on multiprocessor systems. For busy systems (those having processor utilization in the 80 to 90 percent range) that use thread scheduling, the queue length should range from one to three threads per processor. For example, on a four-processor system, the expected range of processor queue length on a system with high CPU activity is 4 to 12.

On systems with lower CPU utilization, the processor queue length is typically 0 or 1.

There are other objects that track processor queue length. The Server Work Queues\Queue Length counter reports the number of requests in the queue for the processor on the selected server.

Syslog Server storage logs size calculation

Posted on April 21, 2015 Updated on April 27, 2015

Syslog Server storage calculation: I want to modify the settings so that my logs size is upped from 2mb to 10mb and we rotate after 40 logs not 20.Here we need to do some planning to see if we have enough free space.

Count hosts: 100 Current size log max: 2 Current rotation count: 20 Total possible MB used: 100x2x20 = 4,000MB (4gb)

Count hosts: 100 Desired size log max: 10 Desired rotation count: 40 Total possible MB used: 100x10x40=40,000MB (40GB)

So the drive where your logs are stored would need 40gbfree in the above example to be able to service future demands. How to modify the VMware Syslog Collector configuration after it is installed:

  1. Make a backup of the file:vCenter Server 5.5 and lower: %PROGRAMDATA%\VMware\VMware Syslog Collector\vmconfig-syslog.xml vCenter Server 6.0: %PROGRAMDATA%\VMware\vCenterServer\cfg\vmsyslogcollector\config.xml
  2. Open the copied file using a text editor.
  3. Under <defaultValues>, change any of the options to the required values.For example, to increase the log file size to 10 MB and to decrease the number of files retained to 20, modify the attributes:<defaultValues>

<port>514</port>

<protocol>TCP,UDP</protocol> <maxSize>10</maxSize> <rotate>20</rotate> <sslPort>1514</sslPort>

</defaultValues>Note: This configuration in vCenter Server overrides the ESXi host configuration file.

  1. Save and close the file.
  2. Stop the VMware Syslog Collector service.
  3. Remove the file: vCenter Server 5.5 and lower: %PROGRAMDATA%\VMware\VMware Syslog Collector\vmconfig-syslog.xml vCenter Server 6.0: %PROGRAMDATA%\VMware\vCenterServer\cfg\vmsyslogcollector\config.xml
  4. Rename the copy of the modified file to:vCenter Server 5.5 and lower: %PROGRAMDATA%\VMware\VMware Syslog Collector\vmconfig-syslog.xml vCenter Server 6.0: %PROGRAMDATA%\VMware\vCenterServer\cfg\vmsyslogcollector\config.xml
  5. Start the VMware Syslog Collector service. It may be required to restart the syslog service on the ESXi host if logs are no longer updating on the Syslog Server. To restart the syslog service, see VMware ESXi 5.x host stops sending syslogs to remote server (2003127).

The maximum supported number of hosts for use with each vSphere Syslog Collector instance is 30, however depending on the load generated by your environment, you may encounter issues below this number.

To work around this issue, you can deploy multiple instances of vSphere Syslog Collector on separate Windows machine which allows you to distribute the load.

How to restart Management agents on ESXi host

Posted on April 21, 2015 Updated on April 27, 2015

Restarting the Management agents on ESXi

To restart the management agents on ESXi:

From the Direct Console User Interface (DCUI):

  1. Connect to the console of your ESXi host.
  2. PressF2 to customize the system.
  3. Log in asroot.
  4. Use theUp/Down arrows to navigate to Restart Management Agents.
  5. Note: In ESXi 4.1 and ESXi 5.0, 5.1, 5.5 and 6.0 this option is available under Troubleshooting Options.
  6. PressEnter.
  7. PressF11 to restart the services.
  8. When the service has been restarted, pressEnter.
  9. PressEsc to log out of the system.

From the Local Console or SSH:

  1. Log in to SSH or Local console as root.
  2. Run these commands:
  3. /etc/init.d/hostd restart /etc/init.d/vpxa restart
  4. Note: In ESXi 4.x, run this command to restart thevpxa agent:
  5. service vmware-vpxa restart
  6. Alternatively:
  • To reset the management network on a specific VMkernel interface, by default vmk0, run the command:
  • esxcli network ip interface set -e false -i vmk0; esxcli network ip interface set -e true -i vmk0
  • Note: Using a semicolon (;) between the two commands ensures the VMkernel interface is disabled and then re-enabled in succession. If the management interface is not running on vmk0, change the above command according to the VMkernel interface used.
  • To restart all management agents on the host, run the command:
  • services.sh restart
  • Caution:
  • Check if LACP is enabled on DVS for version 5.x and above. For more information, see vSphere 5.0 Networking Guide

If LACP is not configured, the services.sh script can be safely executed.

How to get Serial number and System information of ESXi host remotely using putty

Posted on April 21, 2015 Updated on April 27, 2015

Get hardware serial number using this command from putty

esxcfg-info | grep “Serial N”

Type the following command from the command line on the service console and you will get some Vendor details and serial number information.

/usr/sbin/dmidecode |grep -A4 “System Information”

Multipathing policies in ESXi 5.x and ESXi/ESX 4.x

Posted on April 20, 2015 Updated on April 27, 2015

These are referred to as Path Selection Plug-ins (PSP), and are also called Path Selection Policies.

These pathing policies can be used with VMware ESXi 5.x and ESXi/ESX 4.x:

  • Most Recently Used (MRU): Selects the first working path, discovered at system boot time. If this path becomes unavailable, the ESXi/ESX host switches to an alternative path and continues to use the new path while it is available. This is the default policy for Logical Unit Numbers (LUNs) presented from an Active/Passive array. ESXi/ESX does not return to the previous path if, or when, it returns; it remains on the working path until it, for any reason, fails.
  • Note: The preferred flag, while sometimes visible, is not applicable to the MRU pathing policy and can be disregarded.
  • Fixed (Fixed): Uses the designated preferred path flag, if it has been configured. Otherwise, it uses the first working path discovered at system boot time. If the ESXi/ESX host cannot use the preferred path or it becomes unavailable, the ESXi/ESX host selects an alternative available path. The host automatically returns to the previously defined preferred path as soon as it becomes available again. This is the default policy for LUNs presented from an Active/Active storage array.
  • Round Robin (RR): Uses an automatic path selection rotating through all available paths, enabling the distribution of load across the configured paths.
  • For Active/Passive storage arrays, only the paths to the active controller will be used in the Round Robin policy.
  • For Active/Active storage arrays, all paths will be used in the Round Robin policy.
  • Note: For logical Units associated with Microsoft Cluster Service (MSCS) and Microsoft Failover Clustering virtual machines, the Round Robin pathing policy is supported only on ESXi 5.5 and later.
  • Fixed path with Array Preference: The VMW_PSP_FIXED_AP policy was introduced in ESXi/ESX 4.1. It works for both Active/Active and Active/Passive storage arrays that support Asymmetric Logical Unit Access (ALUA). This policy queries the storage array for the preferred path based on the array’s preference. If no preferred path is specified by the user, the storage array selects the preferred path based on specific criteria.
  • Note: The VMW_PSP_FIXED_AP policy has been removed from ESXi 5.0. For ALUA arrays in ESXi 5.0, the MRU Path Selection Policy (PSP) is normally selected but some storage arrays need to use Fixed. To check which PSP is recommended for your storage array, see the Storage/SAN section in the VMware Compatibility Guide or contact your storage vendor.

Notes:

  • These pathing policies apply to VMware’s Native Multipathing (NMP) Path Selection Plug-ins (PSP). Third-party PSPs have their own restrictions.
  • Round Robin is not supported on all storage arrays. Please check with your array documentation or storage vendor to verify that Round Robin is supported and/or recommended for your array and configuration. Switching to a unsupported or undesirable pathing policy can result in connectivity issues to the LUNs (in a worst-case scenario, this can cause an outage).

Warning: VMware does not recommend changing the LUN policy from Fixed to MRU, as the automatic selection of the pathing policy is based on the array that has been detected by the NMP PSP.


Posted on April 20, 2015 Updated on May 7, 2015

‘Demystifying Monitoring for UCS Manager & C-Series’ Tech Talk available here: https://communities.cisco.com/docs/DOC-37138

Additional Cisco Monitoring Resources: (Cited within this document)

UCSM and Standalone C-Series Monitoring Overview:

UCS Manager Monitoring Background:

The core of UCS Manager is made up three core elements, which are the Data Management Engine (DME), Application Gateway (AG), and user accessible northbound interface (SNMP, Syslog, XMLAPI and UCS CLI). With UCS Manager there are three main ways of monitoring UCS servers, which are XML API, SNMP, and syslog. Both SNMP and Syslog are interfaces only used for monitoring as they are “read-only” in nature, not allowing an end user to change the configuration. Alternatively, the UCS XML API is a monitoring that is “read-write” in nature, which does allow an end user to both monitor UCS, as well as change the configuration if needed.

Data Management Engine (DME) — The DME is the center of the UCS Manager universe, or the “queen bee” of the entire system. It is the maintainer of the UCS XML database which houses the inventory database of all physical elements (blade / rack mount servers, chassis, IO modules, fabric interconnects, etc.), the logical configuration data for profiles, policies, pools, vNIC / vHBA templates, and the various networking related configuration details (VLANs, VSANs, port channels, network uplinks, server downlinks, etc). It maintains the current health and state of all components of all physical and logical elements in a UCS Domain, and maintains the transition information of all Finite State Machine (FSM) tasks occurring. The inventory, health, and configuration data of managed end points stored in the UCS XML Database are always showing current data, delivered in near real time. As fault conditions are raised and cleared on end points, the DME will create, clear, and remove faults in the UCS XML database as those fault conditions are raised or mitigated. The faults stored in the UCS XML database only are the ones actively occurring, as the DME by default does not store a historical log of all faults that have occurred on a UCS Domain.

Application Gateway (AG) — The AG’s are the software agents, or “worker bees”, that communicate directly with the end points to provide the health and state of the end points to the DME. AG’s manage configuration changes from the current state to the desired state during FSM transitions when changes are made to the UCS XML database. AG managed end points include servers, chassis, IO Modules, fabric extenders, fabric interconnects, and NXOS. The server AG’s actively monitor the server through the IPMI and SEL logs via the Cisco Integrated Management Controller (CIMC) to provide the DME with the health, state, configuration, and potential fault conditions of a device. The IO Module AG and chassis AG communicate with the Chassis Management Controller (CMC) to get information about the health, state, configuration, and fault conditions visible by the CMC. The fabric interconnect / NXOS AG communicates directly with NXOS to get information about the health, state, configuration, statistics, and fault conditions visible by NXOS on the fabric interconnects. All AG’s provide the inventory details to DME about end point during the various discovery processes. The AG’s perform the state changes necessary to configure an end point during FSM triggered transitions, monitors the health and state of the end points, and notifies the DME of any faults or conditions.

Northbound interfaces — The northbound interfaces include SNMP, Syslog, CLI and XML API. The XML API present in the Apache webserver layer used to send login, logout, query, and configuration requests via HTTP or HTTPS. SNMP and Syslog are both consumers of data from the DME. SNMP informs and traps are translated directly from the fault information stored in the UCS XML database. Inversely, SNMP GET requests are sent through the same object translation engine in reverse, where the DME receives a request from the object translation engine and the data is translated from XML data from the DME to a SNMP response. Syslog messages use the same object translation engine as SNMP, where the source of the data (faults, events, audit logs) is translated from XML into a UCS Manager formatted syslog message.

Standalone C-Series Monitoring Background:

Monitoring support for our Standalone C-Series Servers has evolved with each release. The features and capabilities of the current CIMC release, v1.5 supports our M3 Platforms including the C220 M3, C240 M3, C22 M3, C24 M3 and C420 M3 as well as our C260 M2 and C460 M2. While earlier versions of our CIMC supported Syslog and SNMP, the Fault Engine added support for SNMP v3 in CIMC v1.5. We have documented the internals of our monitoring subsystem in the graphic included below.

Fault Engine Overview:

While Cisco Standalone C-Series Servers do not support the DME/AG architecture described above in the UCS Manager section, many of the same concepts can be applied to the monitoring subsystem for Standalone Servers. The Fault Engine has become a central repository and clearinghouse for fault data as it is passed along to monitoring endpoints. The Fault engine acts as a master repository for events within the system which initiates alerts (SNMP Traps, Syslog messages, XML API events, etc.) but can also be queried via SNMP (GETs) or the XML API. This durability of fault information means provides customers a mechanism to not only receive fault data, but also use these interfaces to query system health data.

Within the system, the Fault Engine regularly polls component health status in the form of sensor data using IPMI and the Storage Daemon and these values are compared to threshold reference points. If a sensor value is outside one of the threshold values, an entry is created in the fault engine and notifications are sent as appropriate. As discussed earlier, multiple notification types are supported including SNMP (Traps and Informs), Syslog (Messages) and XML API (Event Subscription) and fault queries are supported through SNMP GET and XML API queries. Cisco has developed a number of integrations for 3rdParty Management solutions that leverage queries of the Fault Engine data to drive notifications in these management tools. The Fault Engine retains faults until they are mitigated or until the IMC is rebooted.

UCS Manager Best Practices:

The recommendation for monitoring a UCS Manager environment would be to monitor all faults of either severity critical or major and that are not of type “FSM”. FSM related faults are transient in nature, as they are triggered when a FSM transition is occurring in UCS Manager. Generally speaking, FSM related faults will resolve themselves automatically as most are triggered after a task fails the first time, but will be successful on a subsequent try. An example of a FSM task failure would be when a FSM task waiting for a server to finish BIOS POST fails during a service profile association. This particular condition can happen when a server with many memory DIMMs takes longer to successfully finish POST than the default timeout of the FSM task. This timeout would raise a FSM fault on this task, but by default would keep retrying up to the defined FSM task retry limit. If a subsequent retry is successful, the FSM task fault raised will be cleared and removed. However, if subsequent retries are unsuccessful and the retry limit is hit, the FSM task will be faulted and another fault will be raised against the affected object. In this example, a configuration failure would be raised against the service profile, as the association process would have failed because the server did not perform a successful BIOS POST.

If you are looking for a list of the most critical faults codes to monitor, refer to the “Syslog Messages to Monitor” section in Chapter 3 of the “Monitoring UCS Manager with Syslog” guide below. The fault codes listed are the same codes for all interfaces (SNMP, syslog, or XML API).

http://www.cisco.com/en/US/docs/unified_computing/ucs/sw/ucsm_syslog/b_Monitoring_Cisco_UCSM_Using_Syslog.pdf

C-Series Standalone Best Practices:

Filtering: As referenced above, the faults for our Standalone C-Series Servers are consistent with faults for UCS Manager. The concept of FSM (Finite State Machine) does not exist with Standalone C-Series, there is no reason to filter out FSM State changes when monitoring these systems. The recommendation is that filters not be applied to Standalone C-Series Servers as all raised faults are relevant to customers who are interested in monitoring/alerting capabilities. At present, there are approximately 85 faults that are included in the Fault Database for our Standalone C-Series Servers with CIMC 1.5(3).

SNMP vs. Platform Event Filters (PEF): As monitoring has evolved in these systems, support has been extended to include a number of notification mechanisms, and Cisco is planning to deprecate Platform Event Filters (PEF) and Platform Event Traps (PET) in a future CIMC release. Platform Event Traps are sent as IPMI v1 traps where filters (PEF) can be applied so only certain subsystem traps are sent to the NMS system. The variable bindings that are consistent across UCS Manager and Standalone C-Series servers do not apply to Platform Event Filters as they have their own nomenclature that is defined and maintained by Intel.

XML API Usage: As a more robust XML API has been implemented in Standalone C-Series Servers, this is the preferred mechanism for capturing faults sent by the system. The XML API supports Event Subscription which provides proactive alerting. The XML API also supports queries which can be used to collect data in the fault table on a regular basis.

Cisco UCS MIB Files:

Cisco MIBs are available at the following download site:

http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml

All Cisco UCS Manager and Standalone C-Series faults are available with SNMP using the cucsFaultTable table and the CISCO-UNIFIED-COMUTING-FAULT-MIB. The table contains one entry for every fault instance. Each entry has variables to indicate the nature of a problem, such as its severity and type. The same object is used to model all Cisco UCS fault types, including equipment problems, FSM failures, configuration or environmental issues, and connectivity issues. The cucsFaultTable table includes all active faults (those that have been raised and need user attention), and all faults that have been cleared but not yet deleted because of the retention interval.

Important OIDs (Object Identifier):

In UCS Manager version 1.3 and later, Cisco UCS Manager sends a cucsFaultActiveNotif event notification whenever a fault is raised. There is one exception to this rule: Cisco UCS Manager does not send event notifications for FSM faults. The trap variables indicate the nature of the problem, including the fault type. Cisco UCS Manager sends a cucsFaultClearNotif event notification whenever a fault has been cleared. A fault is cleared when the underlying issue has been resolved.

In UCS Manager version 1.4 and later, the cucsFaultActiveNotif and cucsFaultClearNotif traps are defined in the CISCO-UNIFIED-COMPUTING-NOTIFS-MIB. All faults can be polled using SNMP GET operations on the cucsFaultTable, which is defined in the CISO-UNIFIED-COMPUTING-FAULT-MIB.

Fault Attributes (Variable Bindings):

MIB Loading Order & Statistics Collection Details:

More details on MIB load ordering and statistics collection including a comprehensive list of Statistics OID and their corresponding Statistics tables are located in the following MIB Reference Guides:

MIB Reference for Cisco UCS Manager:

http://www.cisco.com/en/US/docs/unified_computing/ucs/sw/mib/b-series/b_UCS_MIBRef.pdf

MIB Reference for Cisco UCS Standalone C-Series Servers:

http://www.cisco.com/en/US/docs/unified_computing/ucs/sw/mib/c-series/b_UCS_Standalone_C-Series_MIBRef.pdf

UCS Manager and Standalone C-Series Faults:

In the Cisco UCS, a fault is a mutable object that is managed by the Cisco UCS Manager. Each fault represents a failure in the Cisco UCS instance or an alarm threshold that has been raised. During the lifecycle of a fault, it can change from one state or severity to another.

Each fault includes information about the operational state of the affected object at the time the fault was raised. If the fault is transitional and the failure is resolved, then the object transitions to a functional state. A fault remains in the Cisco UCS Manager until the fault is cleared and deleted according to the settings in the fault collection policy.

You can view all faults in the Cisco UCS instance from either the Cisco UCS Manager CLI or the Cisco UCS Manager GUI. You can also configure the fault collection policy to determine how a Cisco UCS instance collects and retains faults.

Fault Severities for UCS Manager and Standalone C-Series Servers include:

Types of faults for UCS Manager and Standalone C-Series Servers include:

Fault Overview:

The faults in Cisco UCS are stateful, and a fault raised in a Cisco UCS instance transitions through more than one state during its lifecycle. In addition, only one instance of a given fault can exist on each object. If the same fault occurs a second time, the Cisco UCS increases the number of occurrences by one.

A fault has the following lifecycle:

  1. A condition occurs in the system and the Cisco UCS raises a fault in the active state.
  2. If the fault is alleviated within a short period of time known as the flap interval, the fault severity remains at its original active value but the fault enters the soaking state. The soaking state indicates that the condition that raised the fault has cleared, but the system is waiting to see whether the fault condition reoccurs.
  3. If the condition reoccurs during the flap interval, the fault enters the flapping state. Flapping occurs when a fault is raised and cleared several times in rapid succession. If the condition does not reoccur during the flap interval, the fault is cleared.
  4. Once cleared, the fault enters the retention interval. This interval ensures that the fault reaches the attention of an administrator even if the condition that caused the fault has been alleviated, and that the fault is not deleted prematurely. The retention interval retains the cleared fault for the length of time specified in the fault collection policy.
  5. If the condition reoccurs during the retention interval, the fault returns to the active state. If the condition does not reoccur, the fault is deleted.

Using esxtop to identify storage performance issues for ESX / ESXi (multiple versions) (1008205)

Posted on April 11, 2015 Updated on April 27, 2015

The interactive esxtop utility can be used to provide I/O metrics over various devices attached to a VMware ESX host.

Configuring monitoring using esxtop

To monitor storage performance per HBA:

  1. Start esxtop by typing esxtop at the command line.
  2. Press d to switch to disk view (HBA mode).
  3. To view the entire Device name, press SHIFT + L and enter 36 in Change the name field size.
  4. Press f to modify the fields that are displayed.
  5. Press b, c, d, e, h, and j to toggle the fields and press Enter.
  6. Press s and then 2 to alter the update time to every 2 seconds and press Enter.
  7. See Analyzing esxtop columns for a description of relevant columns. For more information, see Interpreting esxtop Statistics.

Note: These options are available only in VMware ESX 3.5 and later.

To monitor storage performance on a per-LUN basis:

  1. Start esxtop by typing esxtop from the command line.
  2. Press u to switch to disk view (LUN mode).
  3. Press f to modify the fields that are displayed.
  4. Press b, c, f, and h to toggle the fields and press Enter.
  5. Press s and then 2 to alter the update time to every 2 seconds and press Enter.
  6. See Analyzing esxtop columns for a description of relevant columns. For more information, see Interpreting esxtop Statistics.

To increase the width of the device field in esxtop to show the complete naa id:

  1. Start esxtop by typing esxtop at the command line.
  2. Press u to switch to the disk device display.
  3. Press L to change the name field size.Note: Ensure to use uppercase L.
  4. Enter the value 36 to display the complete naa identifier.

To monitor storage performance on a per-virtual machine basis:

  1. Start esxtop by typing esxtop at the command line.
  2. Type v to switch to disk view (virtual machine mode).
  3. Press f to modify the fields that are displayed.
  4. Press b, d, e, h, and j to toggle the fields and press Enter.
  5. Press s and then 2 to alter the update time to every 2 seconds and press Enter.
  6. See Analyzing esxtop columns for a description of relevant columns. For more information, see Interpreting esxtop Statistics.

Analyzing esxtop columns

Refer to this table for relevant columns and descriptions of these values:

Column Description CMDS/s This is the total amount of commands per second and includes IOPS (Input/Output Operations Per Second) and other SCSI commands such as SCSI reservations, locks, vendor string requests, unit attention commands etc. being sent to or coming from the device or virtual machine being monitored.In most cases, CMDS/s = IOPS unless there are a lot of metadata operations (such as SCSI reservations) DAVG/cmd This is the average response time in milliseconds per command being sent to the device. KAVG/cmd This is the amount of time the command spends in the VMkernel. GAVG/cmd This is the response time as it is perceived by the guest operating system. This number is calculated with the formula: DAVG + KAVG = GAVG

These columns are for both reads and writes, whereas xAVG/rd is for reads and xAVG/wr is for writes. The combined value of these columns is the best way to monitor performance, but high read or write response time it may indicate that the read or write cache is disabled on the array. All arrays perform differently, however, DAVG/cmd, KAVG/cmd, and GAVG/cmd should not exceed more than 10 milliseconds (ms) for sustained periods of time.

Note: VMware ESX 3.0.x does not include direct functionality to monitor individual LUNs or virtual machines using esxtop. Inactive LUNs lower the average for DAVG/cmd, KAVG/cmd, and GAVG/cmd. These values are also visible from the vCenter Server performance charts. For more information, see the Performance Charts section in the Basic System Administration Guide.

If you experience high latency times, investigate current performance metrics and running configuration for the switches and the SAN targets. Check for errors or logging that may suggest a delay in operations being sent to, received, and acknowledged. This includes the array’s ability to process I/O from a spindle count aspect, or the array’s ability to handle the load presented to it.

If the response time increases to over 5000 ms (or 5 seconds), VMware ESX will time out the command and abort the operation. These events are logged; abort messages and other SCSI errors can be reviewed in these logs:

  • ESX 3.5 and 4.x — /var/log/vmkernel
  • ESXi 3.5 and 4.x — /var/log/messages
  • ESXi 5.x and later — /var/log/vmkernel.log

The type of storage logging you may see in these files depends on the configuration of the server. You can find the value of these options by navigating to Host > Configuration > Advanced Settings > SCSI > SCSI.Log* or SCSI.Print*.


Originally published at lazyadminblog.com.