November 7, 2009

How to use vSphere 4 Host Profiles without an Enterprise Plus License

I was recently involved in a vSphere upgrade from VI 3 Enterprise to vSphere 4 Enterprise. The client really wanted to upgrade their licenses to Enterprise Plus but didn’t have the money to do so.

One of the biggest reasons they wanted Enterprise Plus was so they could utilize Host Profiles for the post install configuration of their ESX hosts.

I figured out a way to leverage the Evaluation license to use the Host Profiles feature for post install configuration.

Here are the steps:

  • On the reference host temporarily set the license to Evaluation
  • Create a host profile from this reference host
  • Set the reference host back to using an Enterprise license
  • As new hosts are added to vCenter add them with an Evaluation license
  • Attach the host profile
  • Apply the host profile
  • Detach the host profile
  • Set the license to Enterprise

This doesn’t allow you to utilize the compliance check feature of Host Profiles to keep the host configuration compliant with the profile but it is still very useful for post install configuration of new hosts.

 

November 4, 2009

Synchronizing BlackBerry, Outlook and GMail without a BES Server

My wife recently purchased a BlackBerry Storm and wanted a way to keep her Outlook contacts and calendar in sync with her BlackBerry and Gmail. I did some research and found that it isn’t as easy as I originally thought would be.

A quick Google search pointed my to a free Google application called Google Sync that claims to sync BlackBerry contacts and calendar with Gmail.

This sounded exactly like what I was looking for so I went ahead and installed Google Sync on the BlackBerry and performed a sync. After the sync I had a big mess on my hands, there were duplicates, triplicates and quadruplicates of all of the contacts. I did some research and found that a lot people were having this same issue. Back to square 1.

After we spend a few hours cleaning up the mess I did some more research and found a better solution.

After searching the web and looking at a few different products I came up with a solution using two products;  gSyncit – http://www.daveswebsite.com/software/gsync/ and Handheld Contact – http://outlook.handheldcontact.com/support.php#contact-form

gSyncit synchronizes Outlook Contacts and Calendar with Gmail Contacts and Calendar.

Hendheld Contact synchronizes Outlook Contacts and Calendar with BlackBerry Contacts and Calendar.

gSyncit allows one way or two way synchronization and you can have multiple Outlook profiles syncing with multiple Gmail accounts.

gSyncit has a one time $15 dollar license fee and works with Outlook XP – Outlook 2007 and Windows XP – Windows 7 (32 and 64 bit editions).

Setup and configuration of gSyncit was very simple and didn’t require a reboot.

Handheld Contact is a service that has an annual fee of around $60 dollars. There is client that is installed in Outlook and on the BlackBerry.

The combination of these two products works great. I can add, edit a contact or calendar event in Outlook, Gmail or BlackBerry and it will sync over the air with the other applications.

October 4, 2009

Automating ESX 4 Installs with the Ultimate Deployment Appliance

In preparation for a vSphere 4 upgrade project I was researching the best way to automate the ESX 4 builds. Even though this is an upgrade project from vCenter 2.5 and ESX 3.5 we have found it best to rebuild the hosts instead of upgrading them. The upgrades take longer and are not as clean as fresh installs.

With ESX 3.x for our larger clients we had used a third part tool called VPloyment from Repton. It seams that Repton is no longer around I was unable to find any information on VPloyment support for ESX 4.

Since VPloyment was not an option my first thought was to script the install using a kickstart script so did some research and found out that the install options set during a manual install of ESX 4 are in a kickstart script that is saved to /root/ks.cfg. I considered putting a kickstart script on a floppy disk image or USB key and then mounting the ESX ISO with the Dell DRAC to perform the automated install. I decided against this route because it wasn’t very efficient and I would have to have a different script for every server.

The other goal I wanted to achieve was to provide a better way around preventing the installer from wiping all the VMFS LUNs that the host is connected. For manual installs we pule the fiber cables or removing the LUNs from the host before the rebuild. With this automated approach I wanted to find a more efficient option.

Enter Mike Laverick and the Ultimate Deployment Appliance (UDA). I had heard about UDA a couple years ago but never took the time to try it out because we started using VPloyment and 90% of the ESX installs I do are less than 5 hosts.

I downloaded UDA 2 from http://www.ultimatedeployment.org/uda20beta.html and using Mike Laverick’s excellent guide http://www.rtfm-ed.co.uk/?page_id=366 I tested it out using VMware Workstation for the UDA and my test ESX 4 host.

Within 30 minutes I had configured UDA and performed an automated install of ESX 4.

One of the coolest features of UDA 2 are the subtemplates that let you create your own variables for things like hostnames and IP addresses. These allow you to have one kickstart script file for any number of hosts.

Here is a short video of an install of ESX 4 in a VMware Workstation VM.

http://goview.com/?id=1e5f67a7-4b84-4b56-962a-f4eec218c412

September 18, 2009

How to copy profiles in Windows 2008 R2 and Windows 7

In Windows 2008 R2 and Windows 7, Microsoft has disabled the Copy To.. button on the User Profiles screen.

This process has been used for years to create a custom default user profiles and now they go and break that with no real workaround.

They want people to move to Windows 2008 and Windows 7 but they keep doing things like this that keep companies away from deploying it.

They say they did this because there are issues with copying user profiles and instead want you to use the methods in the KB – http://support.microsoft.com/default.aspx?scid=kb;EN-US;959753

I have had a lot of questions on this of late so I decided to do some research to figure out a workaround. Thankfully someone else has already did the work and has come up with a good workaround.

http://joeelway.spaces.live.com/blog/cns!2095EAC3772C41DB!2708.entry

September 7, 2009

Terminal Server/XenApp vs VDI

There is a lot of hype these days around VDI and it seems like every week there is some new VDI related product or company being announced. With all of these options available how is company ever to decide on which VDI solution to go with?

In my opinion you should first decide on whether or not you want to go with Terminal Services/XenApp or VDI. Both technologies offer the same advantages and feature sets but Terminal Services/XenApp has a much cheaper per user cost and is a proven solution that has been around for 12 years. VDI is cool, hip and is in all of the industry news but it is very young and still evolving.

In my opinion VDI is for special use cases and for applications that will not run in Terminal Services.

Brian Madden did a great session on this at VMworld Europe 2009.

Any company currently looking at VDI should watch this session and first decide if Terminal Services would work for them. If so you can save a lot of money in infrastructure costs by using Terminal Services/XenApp.

http://www.brianmadden.com/blogs/videos/archive/2009/03/23/terminal-services-versus-vdi-brian-s-presentation-from-vmworld-europe-2009.aspx

September 1, 2009

VMworld 2009 Updates

For anyone interested I am posting updates from VMworld 2009 on Twitter. You can access my Twitter account here.

http://twitter.com/jeremywaldrop

August 22, 2009

How to install EMC Navisphere Host Agent on Citrix XenServer 5

If you are integrating Citrix XenServer with EMC Clariion storage the Navisphere Host Agent (naviagent) can be installed in the Linux management OS (domain 0) so that the host registers with Navisphere.

  1. Download the Navisphere Host Agent 6.28 from here (requires Powerlink login) - http://tinyurl.com/n5cbu2
  2. Unzip and copy the RPM to the /tmp folder of the XenServer host. I use a tool from Bitvise called Tunnelier to do this – http://dl.bitvise.com/Tunnelier-Inst.exe
  3. From the SSH shell go to the /tmp folder and give give yourself execute permissions to the rpm with this command “chmod 755 *.rpm”
  4. Type this command to install “rpm -i naviagent-6.28.20.1.40-1.noarch.rpm”
  5. Open the firewall ports using these commands

iptables -D RH-Firewall-1-INPUT -j REJECT –reject-with icmp-host-prohibited
iptables -A RH-Firewall-1-INPUT -m state –state NEW -p tcp –dport 6389 -j ACCEPT –src SPA-IP-ADDRESS
iptables -A RH-Firewall-1-INPUT -m state –state NEW -p udp –dport 6389 -j ACCEPT –src SPA-IP-ADDRESS
iptables -A RH-Firewall-1-INPUT -m state –state NEW -p tcp –dport 6389 -j ACCEPT –src SPB-IP-ADDRESS
iptables -A RH-Firewall-1-INPUT -m state –state NEW -p udp –dport 6389 -j ACCEPT –src SPB-IP-ADDRESS
iptables -A RH-Firewall-1-INPUT -m state –state NEW -p tcp –dport 6390 -j ACCEPT –src SPA-IP-ADDRESS
iptables -A RH-Firewall-1-INPUT -m state –state NEW -p tcp –dport 6390 -j ACCEPT –src SPB-IP-ADDRESS
iptables -A RH-Firewall-1-INPUT -m state –state NEW -p tcp –dport 6391 -j ACCEPT –src SPA-IP-ADDRESS
iptables -A RH-Firewall-1-INPUT -m state –state NEW -p tcp –dport 6391 -j ACCEPT –src SPB-IP-ADDRESS
iptables -A RH-Firewall-1-INPUT -m state –state NEW -p tcp –dport 6392 -j ACCEPT –src SPA-IP-ADDRESS
iptables -A RH-Firewall-1-INPUT -m state –state NEW -p tcp –dport 6392 -j ACCEPT –src SPB-IP-ADDRESS
iptables -A RH-Firewall-1-INPUT -j REJECT –reject-with icmp-host-prohibited
iptables-save >/etc/sysconfig/iptables

Reboot the host and then check Navisphere to see if the host registered.

August 5, 2009

VMware VMotion EVC Reference for Intel and Dell PowerEdge Servers

I was doing some research for a client today on Intel CPU compatibility for VMware VMotion EVC between Dell servers with 7300 series CPUs and 7400 series CPUs and came across this great PowerPoint and VMware KB.

Intel and Dell VMotion Compatibility with VMware EVC

Enhanced VMotion Compatibility (EVC) processor support

August 4, 2009

VMware Fault Tolerance Requirements and Limitations

Here are a good list of links on the new VMware FT requirements and limitations. FT is the new HA feature in vSphere 4 that offers VM level continuous availability.

CPU compatibility with FT

VMware Fault Tolerance Requirements and Limitations

Processors and guest operating systems that support VMware Fault Tolerance

Understanding VMware Fault Tolerance

vSphere 4 Availability Guide

vSphere Pre-requisites Checklist

July 23, 2009

CIFS Shares and EMC Celerra Replicator Switchover

I recently setup Celerra Repliator v2 between an old NS to a new NS to migrate CIFS shares and VDM configuration. The replication worked great and replicated 3 TB of data in about 30 hours. Once replication was complete I switched over the files system and VDM replication sessions in Celerra Manager. The switcheover went great and I was able to access the CIFS server and shares on the new NS.

When I used Celerra Manager to view the CIFS shares and CIFS server on the new NS there was nothing listed on the shares tab or CIFS servers tab. I new the shares and server was there because I could use Computer Managment MMC to connect to the CIFS server name and vew the shares.

The only I found to get the CIFS shares and server to show up in Celerra Manager was to reboot the control stations.

Anyone else know of a way to update the control station without having to reboot it?

June 25, 2009

Citrix Provisioning Server 5.1 and XenDesktop Setup Wizard

With the new version of Provisioning Server Citrix changed the management console ports from 8000 and 8001 to 54321 and 54322. The reason for this change is so that PVS can be installed on the XenDesktop Desktop Delivery Controller without port conflicts.

The port change breaks the the XenDesktop Setup Wizard because by default the setup wizard tries to communicate with PVS on ports 8000 and 8001.

To fix this you must edit the SetupToolApplication.exe.config file that is located in the “C:\Program Files\Citrix\XenDesktop Setup Wizard” folder and change the two ports from 8000 to 54321 and from 8001 to 54322.

The Provisioning Server 5.1 release notes states that you only have to change the 8000 port but in my experience I had to change both.

http://support.citrix.com/article/CTX121336

June 23, 2009

New Citrix XenDesktop Virtual Desktop Agent

Citrix just released an updated build of the XenDesktop VDA.

I was experiencing slow login times at one of my clients with the previous 3.1 build and this updated build fixed the issue.

http://support.citrix.com/article/CTX121590

June 1, 2009

Citrix XenConvert

Citrix XenConvert is a tool to migrate (P2V) physical (or virtual) Windows systems to XenServer.

XenConvert is similar to VMware Converter but without some of the advanced features and functions differently.

XenConvert is installed and executed on the source system and only one local disk can be converted at a time.

You must have 115% free space to convert a disk, the free space doesn’t have to be on the same local disk but cannot be a mapped network drive. XenConvert creates a local VHD file, mounts it as a new drive and then copies the contents of the local drive you are converting to the new VHD file.

If during the XenConvert wizard you chose to migrate to XenServer it then takes the VHD and creates an XVA (XenServer Virtual Applicance) and then moves it up to the XenServer and creates the new VM.

The process takes at least twice as long as it does with VMware Converter. Most of this time is spent copying the local disk to the local VHD file.

XenConvert does not have a feature that lets you resize the destination VHD, if your local disk is 72 GB then the virtual disk will be 72 GB.

Some other features of XenConvert include the ability to convert an offline VMDK to either a VHD or OVF and Microsoft VMs to OVF.

http://community.citrix.com/blogs/citrite/simoncr/2009/04/16/XenConvert+v2+Tech+Preview+-+OVF+and+VMDK+Support+for+XenServer

May 14, 2009

New Exchange 2007 Tools from U-BTech

I was showing a client the “Exchange Tasks 2007″ tool from U-BTech website yesterday and noticed some new free tools for Exchange 2007 and Windows 2008.

  • Certificate Manager for Exchange 2007 -Exchange 2007 enables SSL within IIS by default. Using PowerShell commands, certificate creation and management is quite confusing and often results with incorrect results due to the nature of the syntax. U-BTech Solutions is providing Certificate Manager for Exchange Server 2007 freely, to ease the process with a simple, easy to use GUI.http://www.u-btech.com/products/certificate-manager-for-exchange-2007.html
  • SimplyPSO – Windows Server 2008 introduces a new feature to create separate password policies for different users or groups within the same Active Directory domain. In all previous versions of the Windows Server family of products, password policy has been configured on the domain level alone. The new feature is called fine grained password policy objects and is available when the domain functionality level is set to: Windows Server 2008 native. Unfortunately, there is no simple user interface to configure Password Settings Objects in the Windows Server 2008 environment and in order to configure PSOs, we need to dive deep into the ADSI editing tool. SimplyPSO is a graphical and useful tool that can be invoked directly from the Active Directory Users and Computers snap-in. http://www.u-btech.com/products/simplypso.htm
  • ESIEMail Protector – ESIEMail Protector (pronounced EASY Mail Protector) is a product dedicated to one goal: “Securing your email communications”. By using ESIEMail Protector you can use Encryption, Digital Signature and IRM Permissions (Information Rights Management) to secure your messaging environment, hence the name. http://www.u-btech.com/products/esiemail-protector.html

May 1, 2009

VMware Site Recovery Manager Service Account

You are probably wondering what I am talking about because the VMware Site Recovery Manager Service in the Windows Services manager runs as “Local System”.

VMware SRM Service

The service account I am talking about is the one that is used by the SRM service to pair the sites together and to connect to vCenter. This is the account used for Credential Based Authentication.

I stumbled upon this after the VMware Site Recovery Manager service wouldn’t start. I looked in the log file located in the C:\Documents and Settings\All Users\Application Data\VMware\VMware Site Recovery Manager\Logs” directory. I opened the latest vmware-dr-x.log file and found this.

Failed to login to VC:

Unexpected MethodFault (vim.fault.InvalidLogin) {

dynamicType = <unset>,

msg =
“Login failed due to a bad username or password.”

As soon as I saw that in the log file I new what had happened. The admin that had installed SRM had changed his password.

I looked in the “Site Recovery Manager Administration Guide” and found a command line tool called srm-config.exe on page 86. On page 86 there is a section called “Reinitializing credential-based authentication after a user ID or password change“.

I created a new local administrator on both SRM servers named SRMAdmin, gave the account vCenter Administrator permissions and SRM Administrator permissions.

I then ran this command to change the account in SRM.

C:\Program Files\VMware\VMware Site Recovery Manager\bin>srm-config.exe -cmd updateuser -cfg ..\config\vmware-dr.xml -u SRMAdmin

capture1


After I ran this on both SRM servers I was able to start the service.

I then had to reconfigure the connection between the two SRM servers.

There isn’t really any recomendation in the admin guide about a dedicated account for SRM. The only reference to the fact that it even uses an account is on page 34 when it is talking about using Credential Based Authentication and on page 86 in the srm-config.exe section.

VMware should add this to their guide.

April 24, 2009

Citrix preps Feature Pack 1 for XenDesktop 3

The below is from Brian Madden’s blog.

Citrix will be releasing Feature Pack 1 for XenDesktop 3 at Citrix Synergy in two weeks.

Here is a list of new features.

http://www.brianmadden.com/blogs/brianmadden/archive/2009/04/20/citrix-preps-feature-pack-1-for-xendesktop-3-catapulting-its-ica-features-past-ica-in-xenapp-behold-the-powers-of-competition.aspx

April 22, 2009

Advanced Access Control and the Citrix Secure Access Client

When using the Citrix Advanced Access Control (AAC) software with the Citrix Access Gateway the Secure Access Client must be installed with some additional command line arguments. The Secure Access Client must be downloaded and insalled with these command line arguments.

CitrixSAClient.exe -Q -D https://cag.company.com -i

After installing there will be a shortcut on the desktop that will take the user to the CAG login page. After login the user will be prompted to install the net6helper.dll add-on in Internet Explorer.

After this add-on is installed the user will then be connected to the VPN.

http://support.citrix.com/article/CTX114917

http://support.citrix.com/article/CTX108757

April 21, 2009

How to automatically upgrade VMware Tools

The following how-to is from this VMware KB  —  http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1010048

Before you begin

Before you perform the steps in this article, ensure that you have applied these prerequisite patches:

Note: Ensure to choose the patch for the product you are running.

The steps in this article require these components:

Note: VMware recommends that you install NET 2.0 SP1 to avoid slow operations.

Setting all virtual machines to automatically upgrade VMware Tools

To use VI Toolkit and PowerShell to set all virtual machines to automatically upgrade VMware Tools:
  1. Start VI Toolkit from Start > Programs > VMware > VMware VI Toolkit > VMware VI Toolkit.
  2. Connect to the VirtualCenter Server with the command:

    connect-viserver -server <VirtualCenter Server IP address> -user <VirtualCenter User> -password <VirtualCenter password>

  3. Copy the following command into the Windows VI Toolkit window:

    Foreach ($v in (get-vm)) {
    $vm = $v | Get-View
    $vmConfigSpec = New-Object VMware.Vim.VirtualMachineConfigSpec
    $vmConfigSpec.Tools = New-Object VMware.Vim.ToolsConfigInfo
    $vmConfigSpec.Tools.ToolsUpgradePolicy = “UpgradeAtPowerCycle”
    $vm.ReconfigVM($vmConfigSpec)
    }

    The VI Toolkit window does not display any output until the command has completed for each virtual machine. When the command is done running, a reconfigure task displays in VirtualCenter for every virtual machine.

Note: To disable this setting, follow steps 1 and 2, then copy this command into the VI Toolkit window:

Foreach ($v in (get-vm)) {
$vm = $v | Get-View
$vmConfigSpec = New-Object VMware.Vim.VirtualMachineConfigSpec
$vmConfigSpec.Tools = New-Object VMware.Vim.ToolsConfigInfo
$vmConfigSpec.Tools.ToolsUpgradePolicy = “manual”
$vm.ReconfigVM($vmConfigSpec)
}

April 20, 2009

Citrix XenApp 5 Hotfix Rollup Pack 4

Citrix has released a new hotfix rollup pack for XenApp 5/Presentation Server 4.5 for Windows 2003.

Before you install this latest rollup pack make sure you read through this article http://support.citrix.com/article/CTX119069

One of the most important prerequisites is to update your Citrix Licensing server to 11.6 https://www.citrix.com/English/ss/downloads/details.asp?downloadId=1688507&productId=186%20target=

If you have not yet installed hotfix rollup pack 3 then you first need to install the Microsoft Visual C++ 2005 SP1 Redistributable Package from here http://www.microsoft.com/downloads/details.aspx?familyid=200B2FD9-AE1A-4A14-984D-389C36F85647

March 11, 2009

Citrix Application Streaming Troubleshooting

Here are some useful resources for troubleshooting Citrix Application Streaming.

Troubleshooting Application Streaming Issueshttp://support.citrix.com/article/CTX113304

Application Streaming FAQs for Administratorshttp://support.citrix.com/article/ctx118181

RadeRunSwitches – Application Streaminghttp://community.citrix.com/blogs/citrite/josephno/2008/03/28/RadeRunSwitches+-+Application+Streaming

Citrix Application Streaming Guide for XenApp 5.0http://support.citrix.com/servlet/KbServlet/download/17820-102-18856/Application-Streaming-Guide.pdf

How to Find the .Rad File that is Used to Launch a Streamed Applicationhttp://support.citrix.com/article/CTX114673

XenApp Plug-in for Streamed Apps – Version 1.3http://www.citrix.com/English/ss/downloads/details.asp?downloadId=1686680&productId=186&c1=sot2755

Application Streaming Utilitieshttp://support.citrix.com/article/ctx115137

How to Enable the Streaming Client Debug Consolehttp://support.citrix.com/article/ctx112472

Application Streaming Licensing Explainedhttp://support.citrix.com/article/ctx112636