Wednesday, April 24, 2019

vCenter VCSA Certificate Locations via SSH

HTTPS Strict Transport Security error

If you get the dreaded HTTPS Strict Transport Security error when going to vCenter and you CAN NOT get the certificate in order to install it. Because if you get the error, you don't get the screen that let's you download it. Catch-22.

Where it lives

Here is where it lives:
/etc/vmware/vmware-vmafd

Just putty or Secure CRT (MY ABSOLUTE FAVORITE) into the vCenter appliance, cd to the directory and cat the files. Then copy them, paste them to a notepad++file and save them with a .crt extension.

Import into Certificate Manager

Click start, and type certificate manager, run it.
The ca.crt file you should import and store in local computer in the trusted root certification authorities folder. The Machine-ssl.crt file just use local machine and let it figure it out.

DONE! 

No more red banner, no more HSTS error.

Now I'm leaving that took about 3 hours to figure out.

Thursday, March 7, 2019

Dell R640 Servers

Using these as ESXi Hosts

There are a number of things that you want to do if this is a true enterprise environment. You want to manage them as a group. that can be difficult especially in an offline environment.

Dell has lots of services for internet connected servers, but who really wants their credit card processing server touching the internet.

iDrac 9 info

https://www.dell.com/support/manuals/lt/en/ltbsdt1/poweredge-r940/idrac_3.00.00.00_ug/configuring-services-using-web-interface?guid=guid-7bb3e8b1-89f2-4ef5-94ab-146958142354&lang=en-us


VMware Enhanced Authentication not working

If you have accepted the certificates already, you next need to go to:
https://vmware-plugin:8094
and accept the certificate and all should be well. You may have to reload Firefox, but I didn't have to.

Also, if you are using Enterprise signed certificates, You will want to make sure that Firefox will recognize the Enterprise Certificate chain. If you push out your certs via Group Policy, look at the link below to get it working.




I’ve copied Tom’s Article in below to make sure that post doesn’t go away.

Configuring Firefox to use the Windows Certificate Store

·         2 months ago
·         Updated


VMware Horizon ADAM Database edits

Making changes to the ADAM Database

There are many reasons why you want to make changes to the ADAM Databse. It is the underlying database that holds the info on Pools, VDI Machines, etc. And this Database FREQUENTLY gets corrupted. I'm not sure why, I'm a big VMware Horizon fan, but man does it get messed up easily.

So to get into it there is a standard procedure that I grabbed from VMware's KB2012377 https://kb.vmware.com/s/article/2012377

Windows Server 2008 / 2012

To connect to the View ADAM database:
  1. Log in to one of the View Connection Servers as Domain Administrator.
  2. Click Start > Administrative Tools > ADSI Edit.
  3. In the console window, right-click ADSI Edit and click Connect to.
  4. In the Name field type:

    View ADAM Database
     
  5. Select Select or type a Distinguished Name or Naming Context.
  6. In the field below Select or type a Distinguished Name or Naming Context, type:

    dc=vdi,dc=vmware,dc=int
     
  7. Select Select or type a domain or server.
  8. In the field below Select or type a domain or server, type:

    localhost:389
     
  9. Click OK.
  10. Click View ADAM Database [localhost:389] to expand.
  11. Click DC=vdi,dc=vmware,dc=int to expand.
Note: If you are unable to connect using dc=vdi,dc=vmware,dc=int, try using dc=vdi;dc=vmware;dc=int.
Once in there, you have a number of common tasks that you can do.

Wednesday, February 13, 2019

Server 2019 - .Net 3.5 install failure

When spinning up a 2019 Server you may get a .Net 3.5 Error.

The following feature couldn't be installed:
.NET Framework 3.5 (includes .NET 2.0 and 3.0)


For .NET Framework 3.5, sometimes it will not install with the GUI and a message will be displayed.
Image result for install .net 3.5 on 2019 from powershell or Image result for install .net 3.5 on 2019 from powershell
To install it via PowerShell:

DISM /Online /NoRestart /Enable-Feature /FeatureName:NetFx3ServerFeatures /Source:D:\sources\sxs
DISM /Online /NoRestart /Enable-Feature /FeatureName:NetFx3 /Source:D:\sources\sxs

You may get an error after the first command, but the second command will fix that. D: is your DVD Drive, change that if it’s mounted elsewhere.

Monday, November 12, 2018

vCenter Appliance Emergency Mode

So the server is in Emergency mode, Now what.

The easiest is to run the journalctl command and look for an obvious /dev/sda<number> failure in the log. If you find that, skip to the fix.


The Fix

just use
e2fsck -y /dev/sda<number>

And you should be fine.

Notes on cleaning up images before a template or VDI Master Image

Clean up, because your Mom really IS watching

As always, I put these notes out here for myself because I keep forgetting them and it's the easiest place to get to when I'm working on a task that isn't near my list of notes.

This is almost exclusively powershell. Easiest for most applications, the data is pieline driven so you can just keep feeding data from one command to the next. And they keep coming up with new stuff like the new network command in PS3.

NOTE: If these commands Don't work, then upgrade your machine, I mean really, let's at least TRY to keep our infrastructure current, OK.

Cleaning up the Trash can

Clear-RecycleBin

That's it. Could be simpler but you need an alias for it which takes 10 more lines.

Steps to Clear All Event Logs in Event Viewer in Windows 10


  1. Open Cortana, type Powershell and select Windows Powershell.
  2. Type the following command and press Enter.
  3. wevtutil el | Foreach-Object {wevtutil cl “$_”}
  4. The event logs will be cleared.
I run this as admin and I still get a few that don't clean out, but it gets the bulk of them.