vSphere 5.x Tip To Toe: Multi Hypervisor Management from vCenter
Here we are, in a vast virtual cloud where you might come across an environment that has a mixture of hypervisors, VMware has a solution for managing this mixture via the vCenter Server console. I'm going to show on how to install the plugin, and connect a Hyper-V server to it.
First you can download the packages from here https://my.vmware.com/group/vmware/details?downloadGroup=VCL-VSP510-VC-510A-EN&productId=284&rPId=3109 both the server plugin and client plugin.
So lets start...
On the vCenter Server:
- Install Multi Hypervisor Management Server (the user who will be running the service must have 'run as a service' logon right, which is modified from the local security policy).
- Install Multi Hypervisor Management Client.
On the Hyper-V Server:
- From the features menu Add winRM IIS Extensions.
- Go to run -> cmd > type WinRM quickconfig.
In the following screenshots I've started with the installation phase ending up with adding the Hyper-V node and validating it, nothing much to say more =), its a good feature make sure you bring it up when talking about the resiliency of a VMware infrastructure.
Regards,
(Abdullah)^2
VMware vCenter - Multi-Hypervisor Manager for Windows
Windows 2012 ICT via PowerShell
Well, since Windows 2k12 was released I kind of missed the Windows 2k8 ICT (Initial Configuration Tasks) which was straight forward to do the basic and most important things when setting up a box, especially when I am doing labs or proof of concepts. SO! I decided to write a script that would cover that which the ICT in Win2k8 had covered such computername, firewall status, network configuration etc...
This had proven to be very useful, takes about lest than 3-5 minutes to do all initial configuration tasks on Win2k12, I hope you'd take benefit from it as I did =).
# Windows 2k12 PowerShell ICT by (Abdullah)^2 http://notes.doodzzz.net
# This is for usage only in test environments to save time, you can freely modify it if you want to use in a live environment though.
# Modify this as your own risk and if you need any help please do not hesitate in contacting me.
# Change Computer Name:
# =====================
# Change Computer Name : Rename-Computer -NewName -Force
Write-Host "[ - Change Box Name - ]" -ForegroundColor Black -BackgroundColor Yellow
$ChangeBoxName = Read-Host "Type in the name of your box: "
$OldBoxName = hostname
$NewBoxName = Rename-Computer -NewName $ChangeBoxName -Force
Write-Host "The box" $OldBoxName is now $ChangeBoxName
# Disable Firewall on all profiles:
# =================================
# Disable Firewall: netsh advfirewall set allprofiles state off
# Get-NetFirewallProfile | Set-NetFirewallProfile -Enabled false
# netsh advfirewall show allprofiles state
Write-Host "[ - Disable Firewall - ]" -ForegroundColor Black -BackgroundColor Yellow
$DisableFirewall = Read-Host "Would you like to disable firewall on all profiles (Y/N)? "
if ($DisableFirewall -eq "Y")
{
$FirewallStateOff = Get-NetFirewallProfile | Set-NetFirewallProfile -Enabled false
Write-Host "Your firewall on all profiles is now disabled" -ForegroundColor Yellow -BackgroundColor Black
Get-NetFirewallProfile | fl Name, Enabled
}
else
{
Write-Host "Your firewall state is kept as is" -ForegroundColor Yellow -BackgroundColor Black
Get-NetFirewallProfile | fl Name, Enabled
}
# Set Time Zone (Beirut):
# =======================
# Set Time Zone (Beirut) : tzutil /s "Middle East Standard Time"
Write-Host "[ - Setting Time Zone - ]" -ForegroundColor Black -BackgroundColor Yellow
$Beirut = "Middle East Standard Time"
$TZ = Read-Host "Enter a time zone please (open CMD and type tzutil /l for a listing) or enter nothing for Beirut "
if ($TZ)
{
tzutil /s $TZ
}
else { tzutil /s $Beirut }
$GetTimeZone = tzutil /g
Write-Host "Your time zone is now set to" $GetTimeZone -ForegroundColor Yellow -BackgroundColor Black
# Disable Windows Update Service
# ==============================
# gwmi win32_service|?{$_.name -eq "wuauserv"} | %{$_.changestartmode("Disabled")}
# Stop Windows Update Services: (Get-WmiObject Win32_Service -Filter 'Name="wuauserv"').StopService()
Write-Host "[ - Disabling Windows Updates Service - ]" -ForegroundColor Black -BackgroundColor Yellow
gwmi win32_service|?{$_.name -eq "wuauserv"} | %{$_.changestartmode("Disabled")} | Out-Null
Write-Host "Windows Updates Service is now disabled!" -ForegroundColor Yellow -BackgroundColor Black
# Enable Remote Desktop:
# ======================
# Enable Remote Desktop: set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server' -name "fDenyTSConnections" -Value 0 -erroraction silentlycontinue
# Disable NLA: set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -name "UserAuthentication" -Value 0 -erroraction silentlycontinue
Write-Host "[ - Enabling Remode Desktop with Removal of NLA - ]" -ForegroundColor Black -BackgroundColor Yellow
set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server' -name "fDenyTSConnections" -Value 0 -erroraction silentlycontinue
set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -name "UserAuthentication" -Value 0 -erroraction silentlycontinue
Write-Host "RDP Has been enabled and Network Level Authentication has been disabled!" -ForegroundColor Yellow -BackgroundColor Black
Get-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server' -name "fDenyTSConnections" | fl fDenyTSConnections
Get-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -name "UserAuthentication" | fl UserAuthentication
# Configure ethernet [IP, DNS and Gateway]
# Get Ethernet Interfaces: Get-NetIPAddress | fl InterfaceIndex, InterfaceAlias
# Get Adapter: Get-NetAdapter
# New Ip Address: New-NetIPAddress -InterfaceIndex -IPAddress <address> -PrefixLength "24" -DefaultGateway
# Change Ip Address: Set-NetIPAddress -InterfaceIndex -IPAddress</address><address>-PrefixLength "24"
# Setup DNS Client: Set-DnsClientServerAddress -InterfaceIndex -ServerAddresses
Write-Host "[ - Configuring primary network interface - ]" -ForegroundColor Black -BackgroundColor Yellow
Write-Host "Listing interfaces:"
Get-NetAdapter
$SelectedInterface = Read-Host "Please select the interface you want to configure (InterfaceIndex): "
$SelectedIP = Read-Host "Please type in the IP address: "
$SelectedSubnet = Read-Host "Please choose a subnet (example: 24): "
$SelectedGateway = Read-Host "Please assign a gateway address: "
$SelectedDNS = Read-Host "Please assign a DNS server address (if multiple put a >,< for separation): "
New-NetIPAddress -InterfaceIndex $SelectedInterface -IPAddress $SelectedIP -PrefixLength $SelectedSubnet -DefaultGateway $SelectedGateway | Out-Null
Set-DnsClientServerAddress -InterfaceIndex $SelectedInterface -ServerAddresses $SelectedDNS | Out-Null
Write-Host "The Interface with index" $SelectedInterface "has been configured with the following options: " -ForegroundColor Yellow -BackgroundColor Black
Get-NetAdapter -InterfaceIndex $SelectedInterface
Get-DnsClientServerAddress -InterfaceIndex $SelectedInterface</address>
# Add server to domain:
# =====================
# Add Computer to domain: Add-Computer -DomainName -Credential -PassThru
Write-Host "[ - Join the box AD - ]" -ForegroundColor Black -BackgroundColor Yellow
$SelectedDomain = Read-Host "Please type in your domain name "
$DomainUser = Read-Host "Please type a domain user with delegations to join computers "
$DomainUserPassword = Read-Host -AsSecureString "Put the password of the user which you've used "
$UserAndPassword = New-Object System.Management.Automation.PSCredential($DomainUser,$DomainUserPassword)
Add-Computer -DomainName $SelectedDomain -Credential $UserAndPassword -PassThru
# Restart the box:
#=================
Write-Host "[ - Restarting the box - ]" -ForegroundColor Black -BackgroundColor Yellow
$DoRestart = Read-Host "Would you like to restart thix box now? (Y/N) "
if($DoRestart -eq "Y")
{
Restart-Computer -Confirm
}
else { Write-Host "You need to restart the box manually to fullfil this ICT" -ForegroundColor Yellow -BackgroundColor Black
}
Copy the up above and save them into Something.ps1 run it after your first logon to your Win2k12 system and see the magic =), you can also download the script directly from here if you don't feel like copying and pasting ;-).
(Abdullah)^2
Upgrading Backup Exec 2010 to R3 SP2
Okay, so you use Symantec Backup Exec 2010 and you're facing lots of problems including job rate issues well it seems that its the time you've moved on to R3 SP2 and clean the dust of your backup server.
Okay, there are two ways to do this:
1- In place upgrade:
This is a direct upgrade of the existing installation, and here is how you do it:
- First its always backing up your configuration, so stop the BackupExec SQL instance service, and copy the directories "Data" and "Catalogs" which are located here <root>:\Program Files\Symantec\Backup Exec\.
- Download the ISO image from here https://fileconnect.symantec.com/ you can either burn it, mount it via a virtual drive or extract it.
The installation is straight forward, just next your way out till its done. - When the installation is done, run live update where you'll get SP2 and some hotfixes.
- Finally, the setup doesn't require a reboot but I do recommend to reboot the server in case you're utilizing AOFO (Advanced Open File Options).
- When the server is up, push the new agent to the already published servers (a reboot might be required for those servers) and you're done.
2- A fresh installation setup:
The draw back of this, is that Symantec DOES NOT SUPPORT TAKING A COPY OF THE BACKUP CONFIGURATION FROM 2010 AND THEN APPLYING IT TO AN 2010 R3 INSTALLATION using BE Utility, if you do so the Backup Exec services won't start because of a database schema mismatch.
Even though I tried taking the BEDB.bak and recovering it, then I tried upgrading the schema via BEMIG.exe which is supposed to fix the database and insert the new schema in it along with all its tables and views yet at a certain point it fails because it can't find a certain column.
So eventually you will have to return into a blank database and start all over.
After you've finished the installation and updated your server to SP2:
- Push the new agent to the published servers.
- Print all your jobs to an XPS file and copy them to the new server.
- Configure your devices, Backup-to-Disk folders, tape libraries, etc.
- Configure the default System Log-On Account.
- Now you can have fun and create all your jobs once again and get bored ever after while doing so.
Note: R3 doesn't support Windows 2000 server any more.
Have fun and you can always count on your life being super happy because you're an IT ;-).
Windows Server 2008 Cluster: Troubleshooting or shooting yourself?
On a very quiet afternoon, I got this case which said "Problem with Cluster staying offline!". Usually when I receive a ticket I'm optimistic but when it comes to Windows Cluster services I'm a bit agitated yet nevertheless excited to delve it and resolve the issue. Thankfully Windows Server 2008 Clustering is more stable than the days of the old where we have to keep a keen eye on it for weeks and months before even thinking of it being fit for production.
Anyway, the first obvious thing would be to simulate the incident so I went to the Failover Cluster management snap-in and I tried to bring the Cluster Name online and I got this error "An error occurred while attempting to bring the resource cluster name online" detailed with "The resource failed to come online due to the failure of one or more provider resources."
At first I suspected that the CNO (Cluster Name Object) had been deleted but sadly I found it, I tried changing the IP address bound to the cluster and still I got the same error. One other trial was to check on the NTFS security groups, at first it took a couple of minutes to show me the security tab and then when I tried to add/remove an account I got this error "The program cannot open the required dialog box because it cannot determine whether the computer named cluster is joined to a domain".
Now the up above error made me feel that the cluster service is not capable of accessing its CNO nor being able to control it for that matter, I did a quick research on how to increase the logging level of my cluster and I found a great article over at MSDN Blogs concerning the Cluster Log (http://blogs.msdn.com/b/clustering/archive/2008/09/24/8962934.aspx).
Once I increased the logging level and generated the logs the only error which I could find was this "ERR IP Address <Print Mgmt - IP Address>: Unable to open node parameters key, status 2", sadly I couldn't get much info about this error but ultimately I switched my brain channel to the CNO located in the Active Directory.
I found out that the CNO had been moved to another OU where this OU had a GPO of it's own which caused our CNO to lose all of it's security attributes including ownership, here is a checklist of what I did:
1- I moved the CNO to clean from GPOs OU.
2- I changed the owner ship of the CNO to the CNO itself (with inheritance).
3- I added all my cluster nodes to have full control over the CNO object (full control might not be needed but this won't harm your configuration as well).
4- I did a 'klist purge' on all of my cluster nodes.
6- Waited for about 45 minutes for everything to replicate on my Active Directory Forest and thankfully I was able to put my Cluster Name online and also I tested it both ways around (online-offline / online-offline).
7- Finally you can run a 'cluster res' via cmd and you'll notice that all the resources are online .
Also I couple of good blogs that helped me more understand my issue and what was going on:
http://technet.microsoft.com/en-us/magazine/hh289314.aspx
Upgrade an Exchange 2010 DAG to SP2
In this post I will explaining on how to successfully upgrade your Exchange 2010 DAG members to SP2 knowing that this procedure can be used to perform any later roll-ups or upgrades what so ever.
A couple of points that I'd like to treat seriously before doing any major change in my infrastructure which is "the roll out strategy" in case something catastrophic happens and you need to restore everything to it's past stable state.
If either it's a virtual machine, or a physical server system backups or snapshots should be taken of all the servers that will be affected by this action and here namely we're looking at Active Directory domain controllers and all members of the Exchange 2010 farm.
Now for the good stuff, the update will take place on your passive node (the one which is being seeded) even after we finish this one we'll be making it the active node and then vise versa perform the same operation on the active node when it becomes passive.
1- Check who's controlling the activation: Get-DatabaseAvailabilityGroup -Status | fl PrimaryActiveManager this will not only provide you with the manager of activation but logically it implies that its also the primary node holding the active copy of the database.
2- So now you will have to activate the mailbox copy on the other server, this can be done through the GUI interface or can be done using the cool Exchange 2010 powershell: Move-ActiveMailboxDatabase -Identity YouMailboxDatabase -ActivateOnServer ADAGMember -MountDialOverride None
3- Now that we have our health database residing on another DAG member we need to suspend the current copy of the database on the server which we need to update Suspend-MailboxDatabaseCopy -Identity YourMailboxDatabase\TheServerWhichWeAReCurrentlyUpdating once you perform this command we will need to check on the copy status so that to make sure all is accounted for, type Get-MailboxDatabaseCopyStatus and you will notice that only one server shows as the other is suspended.
4- Now since this scenario suggests a DAG, Microsoft has script to put the DAG member in maintenance mode prior to performing any update or roll-up, while still in the Exchange 2010 powershell change your directory to "C:\Program Files\Microsoft\Exchange Server\V14\Scripts" once there type Start and click tab where you'll be automatically completed with .\StartDagServerMaintenance.ps1 this script required a parameter names -serverName so type it after the script and put in the name of the server that you're currently upgrading.
5- Before we continue you should add to the IIS role the "IIS 6 WMI Compatibility" service.
6- Now we can proceed with upgrading the current DAG member to SP2, remember to close the console and the Exchange 2010 powershell also from my personal experience if there is backup agent running on the server also kill its process as well, the update will take time according to your Exchange 2010 farm.
7- Once the upgrade is successfully done, I recommend that you reboot your server and then we will have to stop this DAG member from being in maintenance mode, as such go to the same directory as before "C:\Program Files\Microsoft\Exchange Server\V14\Scripts" and now type Stop then tab for auto-completion, place the parameter -serverName YourUpgradedNode, this will pull out the database copy from being in suspended mode as well as it will resume the database seeding so that all databases become in sync again.
8- To verify that you're on the build which you've upgraded it, first you'll need to visit this page which will give you an idea on all builds that the Exchange Server's went through till the latest and most current. You can view this through your GUI interface under the 'Server Configuration' subtree when you click on any of the roles, also from the Exchange 2010 powershell you can type : [ADSI]"LDAP://youactivedirectoryfqdn/$(Get-ExchangeServer -Identity YourUpgradedBox | Select-Object -Expand dis*)" | ft SerialNumber and match the result to the page which I've provided you with.
9- Repeat the steps mentioned earlier to all DAG members respectively and you'll be done in no time =).
Abdullah^2
Disclaimer
virtual.(doOdzZZ)
vOpenData
Categories
- Citrix (1)
- XenApp (1)
- HP (5)
- EliteBook (1)
- iLO (2)
- RIBCL (1)
- Thin Client (1)
- Linux (1)
- McAfee (1)
- Microsoft (16)
- Active Directory (4)
- Cluster (1)
- CMD (4)
- Exchange 2010 (1)
- Hyper-V (4)
- MSSQL (1)
- Powershell (3)
- SCCM (1)
- Win 2k12 (3)
- Win 2k8 (8)
- WSUS (1)
- Random (4)
- Symantec (2)
- Backup Exec 2010 (1)
- VMware (21)
- AutoDeploy (1)
- ESX (1)
- ESXi (9)
- Multi Hypervisor Management (1)
- PowerCLI (2)
- SRM (2)
- vCenter (6)
- vCenter Operations Manager (1)
- vCenter Server Appliance (2)
- View (4)
- VSA (3)
- vSphere (9)
- vSphere Client (6)
- vSphere Replication (1)
- vSphere Web Client (3)
- Workstation (5)
Tag Cloud
Recent Posts
- VMware VSA 5.1.1.0 License Expired
- vOpenData
- HP t140 AIO Connection Manager and VMware Horizon View
- Long time no see doOdzZZy :(
- vSphere-Land 2013 top VMware & virtualization blog voting results
- VMware View 5.1.2 Quick Prep KMS Loop
- vSphere 5.x Tip To Toe: VMDK Management
- vSphere 5.x Tip To Toe: Reset ESXi root user password “Lost r00t o_0?”
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| « Apr | ||||||
| 1 | 2 | |||||
| 3 | 4 | 5 | 6 | 7 | 8 | 9 |
| 10 | 11 | 12 | 13 | 14 | 15 | 16 |
| 17 | 18 | 19 | 20 | 21 | 22 | 23 |
| 24 | 25 | 26 | 27 | 28 | 29 | 30 |
Archives
- April 2013 (4)
- March 2013 (1)
- February 2013 (1)
- January 2013 (1)
- December 2012 (3)
- November 2012 (4)
- September 2012 (4)
- August 2012 (2)
- July 2012 (1)
- May 2012 (2)
- April 2012 (3)
- March 2012 (2)
- February 2012 (6)
- January 2012 (1)