Background

I inherited a group of Windows Server 2019 servers recently. The setup is...not ideal. They are all part of a workgroup, myworkgroup, but there's no domain involved. Each has their own local administrator account, theadmin. All of the local theadmin accounts have the same password. One server has a shared folder enabled.

The general layout looks something like:

• ServerA
  • File Share: C:\Shared (name: "Shared")
  • Local admin: ServerA\theadmin (same password, e.g. redactedpw1234)
• ServerB
  • Local admin: ServerB\theadmin (same password, e.g. redactedpw1234)
• ServerC
  • Local admin: ServerC\theadmin (same password, e.g. redactedpw1234)
• ServerQA
  • Local admin: ServerQA\theadmin (same password, e.g. redactedpw1234)

The challenge

At some point -- difficult to pinpoint exactly when -- the ServerQA theadmin account is now able to read from \\ServerA\Shared, but is unable to modify or delete files (saw an issue with a scheduled task running as this account, and then verified via Windows explorer while logged in as that account).

ServerB's and ServerC's theadmin account don't seem to have that problem. When signed in on the local theadmin account on those two machines, I can look at \\ServerA\Shared and modify/create/delete files as expected.

So my challenge can be summed up as:

• ✅ ServerB, ServerC, and ServerQA appear to have the same config
• ✅ ServerB can access \\ServerA\Share in windows explorer and create/modify files
• ✅ ServerC can access \\ServerA\Share in windows explorer and create/modify files
• ❌ ServerQA can read \\ServerA\Share in windows explorer but receives a permission error when attempting to create or modify files.

Things I've Tried

• Restarting the ServerQA server
• Get-SmbConnection on all servers.
  • The setup pattern appears to be the same on ServerB, ServerC, and ServerQA - The user is listed as [TheMachine]\theadmin in each case, and the credential is the same. So they're all using their local theadmin credentials.
  • The dialect is 3.1.1 for all machines.
• Get-SmbMultichannelConnection appears to show the same patfor all of them.
  • Interface index [The Ethernet1 index for the server], RSS: True, RDMA: False
• Tried to remove and re-establish the share
  • On ServerQA, net use /delete \\ServerA\Shared
  • On ServerA, Get-SmbSession and then Close-SmbSession to close any sessions for that machine
  • On ServerQA, net use \\ServerA\Shared /user:ServerQA\theadmin redactedpw1234 to re-establish
  • On ServerQA, net use and Get-SmbConnection to confirm that things are set up as expected
• Ran whoami /all on all servers and verified that the local accounts are all in the same local groups.
• Checked the SMBClient and SMBServer event logs on the respective servers. Nothing stands out.
• Checked the registry. All servers have the same values in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters
  • Though I could be missing somewhere else I should be looking?
• Get-SmbClientConfiguration returns the same exact result on all servers
• Installed the NTFSSecurity powershell module and ran Get-NTFSEffectiveAccess -Path \\ServerA\Shared from all servers. All returned the result.
• On ServerA, ran icacls "C:\Shared". This returned ServerA\theadmin as having access, but none of the other machine's specific admin accounts. So I'm assuming this isn't as relevant.
• On ServerA, ran Get-SmbShareAccess -Name "Shared". The ServerA\theadmin user was in the results but none of the other machines' theadmin users are mentioned specifically.
• Ran secedit /export /cfg c:\Windows\temp\secpol.cfg on ServerB and ServerQA and compared results. There are differences under privileges, but as far as I can tell they seem to reflect local SIDs. I'm less familiar with this though.
• On each server, ran gpresult /h and compared the HTML files. As far as I can tell, there are no differences.
• Per a great answer attempt below, I checked the ServerQA server's registry to see if HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\LocalAccountTokenFilterPolicy was set to 1 as it should be. Unfortunately, it already is.

Question

Given all of the above, how can I determine what the difference is between the access from ServerQA vs ServerB or ServerC in this situation? Are there any additional tools I should be considering? Is there a common troubleshooting point I'm missing to determine the difference between servers? I'm at a loss.

Update -- getting closer?

After restarting ServerA (that hosts the file share), and ServerQA (the problematic client), the symptoms seemed to go away for about 10 minutes. I was able to modify files and see the scheduled tasks running as expected and modifying files. Then the symptoms returned without any action on my part, and have remained that way.

I can't seem to find anything about this anywhere.

I'm using Windows 10 (not Insider Preview), and have the latest updates.

Whenever I attempt to remotely connect to any server using RDP, I see the standard window:

However, when I click connect, I expect to be presented with a username and password dialog. Instead, I get that same window -- without the ability to enter a username or password:

It's truly bizarre, and I haven't even been able to find results googling for it.

Any advice would be greatly appreciated!

Update: This dialog also appears when using an alternate RDP program such as RDCMan. When I enter credentials correctly in that program, it works. When I enter incorrect credentials and the credential dialog pops up, it looks as it does in my screenshot.

What I've Tried So Far

Per some great suggestions below, I've tried the following things:

• Checked Credential Manager. I opened the Windows Credential Manager to see if anything was stored there. While there were some "generic credentials" that appeared to be related to MS Office, there were no windows credentials stored:

• Checked to make sure I had the latest updates. I've updated several times since.
• Attempted to use "Show Options" to pre-populate the username. Unfortunately, when prompted for the password portion, the screen was still blank.

My brother is using a hosting provider which is providing his company with a VM with Windows Server 2008 R2.

They unfortunately have to run the whole stack on one server, so my brother at least asked for separate drives for OS, IIS, DB, Logs, etc.

They provided him with 5 logical drives all on the same "physical" disk 0 (e.g. showing to the OS as a physical disk -- one VMDK).

Assuming that there's a reasonable churn across these various logical disks, would adding them as separate "physical" disks (VMDKs I suppose) make sense? It seems like there would still be a performance gain there but I'm unsure how best to go about proving it and haven't found any literature (yet) on the subject.

Background / Goal

The moving parts:

• I have a service account, let's call it MyDomain\svcMyService.
• I have a remote server, let's call it MyDomain\MyServer.
• I have a Jenkins server, let's call it MyDomain\MyJenkins.

In Jenkins, I have a deployment task. It grabs some artifacts and then calls msdeploy to push them to MyServer.

This deployment step fails, and I'd like to figure out why.

The MSDeploy command I'm using

The command is auto-generated by Jenkins and ends up being the following (sensitive data omitted):

 "C:\Program Files\IIS\Microsoft Web Deploy V3\msdeploy.exe" -verb:sync -source:iisApp="E:\Jenkins\jobs\NotARealJobName\workspace" -dest:iisApp="MyWebSite/MyWebApp",ComputerName="https://MyServer:8172/MsDeploy.axd",UserName=MyDomain\svcMyService,Password="NotARealPassword" -allowUntrusted 

The Error

The error message I see from msdeploy output is:

Error Code: ERROR_USER_UNAUTHORIZED More Information: Connected to the remote computer ("MyServer") using the Web Management Service, but could not authorize. Make sure that you are using the correct user name and password, that the site you are connecting to exists, and that the credentials represent a user who has permissions to access the site. Learn more at: http://go.microsoft.com/fwlink/?LinkId=221672#ERROR_USER_UNAUTHORIZED.

Error: The remote server returned an error: (401) Unauthorized.

My Understanding of What I have to Do

This may be an incomplete or incorrect list. Please tell me if this is where the problem could be.

I think I have to:

• Install WebDeploy on IIS (3.6 is the latest in this case).
• Enable the management service in IIS.
• Create an application pool that runs as MyDomain\svcMyService.
• Yeah, the same username that deploys is running it too. Not the best, I know. Out of my hands at the moment.
• Create the directory for my IIS Web application.
• Grant permissions on this directory.
  • Full permissions to svcMyService
  • Full permissions to WDeployAdmin
  • Full permissions to NetworkService (since that's what WMSvc runs as)
• Create the Web Site with the appropriate port
  • The web site should be run under the application pool of the service account
  • The web site should connect to the folder using the svcMyService account.
• Create a web application under the web site.
  • The web site should connect to the folder using the svcMyService account.
  • Add the svcMyService account as a deployment manager at both the site and the application level.
• Ensure that the local WDeployConfigWriter and WDeployAdmin accounts aren't expired and that their passwords cannot be changed.
• Ensure that IIS management delegation is using WDeployConfigWriter and WDeployAdmin accounts and update those credentials for each delegation if you changed the password for those local accounts.

Troubleshooting so far

I'll keep this list updated as I try to troubleshoot.

Check WMSvc IIS Logs -- looks like my user doesn't have the rights to publish

• Sample of the log is below:

#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken 2015-09-14 17:10:06 [Server IP] HEAD /MsDeploy.axd - 8172 - [Jenkins IP] - - 401 2 5 15

I see that all the statuses are 401.2 with a win32 code of 5.

According to this troubleshooting link, "If the user is authenticated, but does not have the rights needed to publish, the log entry will look like" that (401 2 5).

Articles Referenced

• http://www.iis.net/learn/publish/troubleshooting-web-deploy/troubleshooting-common-problems-with-web-deploy
• http://www.iis.net/learn/publish/using-web-deploy/configure-the-web-deployment-handler

Background

I have two types of log files: output from an ETL process, and then output from a downstream processor. We call these "ETL" and "Processor" logs.

The ETL logs are in their own folder under our logging directory, while the processor logs sit on their own in that same directory.

So, I have a folder structure that goes something like this:

/Archive
    /DataLoader_Supplemental
        /DataLoader_ETLForRequestID_1
            /(...40 log files)
        /DataLoader_ETLForRequestID_2
            /(...40 log files)
        DataLoader_Processor_123.log
        DataLoader_Processor_456.log

The log styles for each are the same (as in, I can use the same grok for both).

Goal

I would like to have both of these log types put into the same ElasticSearch index as different types, so that I can query them.

Problem

I was able to make this work when pointing it to only one type of log (*.log in a specific ETL request folder.)

However, I do not seem to be able to make that work with two different types, or make it work to scan all the ETL folders and extract all their logs.

What am I doing wrong?

My current config file

input { 
    file {
      path => '//MyFileServer/DATALOADER-TST/Archive/DataLoader_Supplemental/DataLoader_ETLForRequestID**/*.log'
      type => "etl"
      sincedb_path => "C:/Users/skilleen/Desktop/temp/logstash/target/.sincedb.etl.log"
      start_position => "beginning"
    }

    file {
      path => '//MyFileServer/DATALOADER-TST/Archive/DataLoader_Supplemental/*.log'
      type => "processor"
      sincedb_path => "C:/Users/skilleen/Desktop/temp/logstash/target/.sincedb.processor.log"
      start_position => "beginning"
    }
}
filter {
    grok {
            match => { "message" => "%{DATESTAMP:datestamp} %{ISO8601_TIMEZONE:tzoffset} %{SYSLOG5424SD:loglevel}" }
    }
}

output { 
    elasticsearch {
        protocol => "http"
        host => "localhost:9200"
        index => "dataloaderlogstst"
    } 
}

Results When I use this Config

Logstash appears to be processing something, and I see the sincedb files created; however, the indexes are never created on ElasticSearch.

UPDATE: After some patience, it appears that the ETL logs were imported to ElasticSearch while the processor logs were not.

The ElasticSearch Console output

[2015-08-05 08:43:38,282][INFO ][node                     ] [Isis] version[1.7.1], pid[22120], build[b88f43f/2015-07-29T09:54:16Z]
[2015-08-05 08:43:38,283][INFO ][node                     ] [Isis] initializing ...
[2015-08-05 08:43:38,356][INFO ][plugins                  ] [Isis] loaded [], sites [HQ]
[2015-08-05 08:43:38,428][INFO ][env                      ] [Isis] using [1] data paths, mounts [[OS (C:)]], net usable_space [40.2gb], net total_space [223.2gb], types [NTFS]
[2015-08-05 08:43:41,605][INFO ][node                     ] [Isis] initialized
[2015-08-05 08:43:41,606][INFO ][node                     ] [Isis] starting ...
[2015-08-05 08:43:42,292][INFO ][transport                ] [Isis] bound_address {inet[/0:0:0:0:0:0:0:0:9300]}, publish_address {inet[/172.16.85.21:9300]}
[2015-08-05 08:43:42,568][INFO ][discovery                ] [Isis] elasticsearch/74dbAjLJQj62k6z83LkLog
[2015-08-05 08:43:46,339][INFO ][cluster.service          ] [Isis] new_master [Isis][74dbAjLJQj62k6z83LkLog][DCSKILLEEN][inet[/172.16.85.21:9300]], reason: zen-disco-join (elected_as_master)
[2015-08-05 08:43:46,383][INFO ][gateway                  ] [Isis] recovered [1] indices into cluster_state
[2015-08-05 08:43:46,764][INFO ][http                     ] [Isis] bound_address {inet[/0:0:0:0:0:0:0:0:9200]}, publish_address {inet[/172.16.85.21:9200]}
[2015-08-05 08:43:46,766][INFO ][node                     ] [Isis] started
[2015-08-05 09:10:13,149][INFO ][cluster.metadata         ] [Isis] [dataloaderlogstst] creating index, cause [auto(bulk api)], templates [], shards [5]/[1], mappings [etl]
[2015-08-05 09:10:13,294][INFO ][cluster.metadata         ] [Isis] [dataloaderlogstst] update_mapping [etl] (dynamic)
[2015-08-05 09:10:14,097][INFO ][cluster.metadata         ] [Isis] [dataloaderlogstst] update_mapping [etl] (dynamic)

The LogStash Console output

C:\Users\skilleen\Downloads\logstash-1.5.3\logstash-1.5.3\bin>logstash agent -f
logstash.conf
io/console not supported; tty will not be manipulated
'[DEPRECATED] use `require 'concurrent'` instead of `require 'concurrent_ruby'`
Logstash startup completed

The Stuff

I have the following components to work with:

• two rooms
• two beefy Dell R510s, one in each room
• two EMC VNXe storage devices, one in each room.

The goal

Ensure that if one server room goes down, VMs can continue to come back up & function.

Thinking:

• install Hyper-V on these two boxes
• have one box failover to the other
• abstract the two storage units away into one visible path so that if one goes down, the other can seamlessly fail over
• take advantage of server 2012 to accomplish this

The questions

• Can I use cluster shared volumes (CSVs) to accomplish this?

From my reading, it seems like I should be able to do the following:

• install server 2012 on both boxes
• create cluster shared volume comprised of an iSCSI locations on both EMC units
• create

Apologies for the format; on mobile, will clean t up later.

When trying to unmount a datastore from one of my 4 ESXi hosts, I receive a message that it's in use.

The full error stack I see is:

Call "HostDatastoreSystem.RemoveDatastore" for object "datastoreSystem-57" on vCenter Server "TSD-VCENTER2.jhuapl.edu" failed.

I've tried the following:

• Removing the datastore from the other three ESXi 5.1 hosts (successful)
• Running the following PowerCLI script to list all ISOs (there were some):

Get-VM | Get-CDDrive | FT Parent, IsoPath, HostDevice

• Luckily I didn't need any of them so I did an unmount across the board:

Get-VM | Get-CDDrive | Set-CDDrive -NoMedia -Confirm:$False

• Ran the first script to list all ISOs again (no host devices or IsoPaths mounted now)
• Looked for any hard disks that could possibly be pointing to the vmdatastore:

 Get-VM | Get-HardDisk | Where-Object {$_.Filename -like "*vmdatastore*"}

I was unaware that PowerCLI doesn't include templates in the "Get-VM" command (though in retrospect it makes perfect sense -- d'oh)

On a hunch, I ran the following to see if any templates had CD Drives attached:

Get-Template | Get-CDDrive | FT *

Lo and behold, it found some! So, I ran the following to convert the VMs to templates:

Get-Folder -Name "04. Templates" | Get-Template | Set-Template -ToVM -Confirm:$False

I then ran the following to Set the template drives to empty:

Get-Folder -Name "04. Templates" | Get-VM | Get-CDDrive | Set-CDDrive -NoMedia -Confirm:$False

And double-checked that it worked:

Get-Folder -Name "04. Templates" | Get-VM | Get-CDDrive | FT *

However, still no luck. I receive the same error, that the datastore is in use.

I'm currently migrating some VMs to another of the ESXi hosts to see if a simple shutdown/restart will do the trick.

Anyone have any other ideas as to why this could be happening?

I am trying to use the powershell call operator to essentially run the following command:

"C:\Program Files (x86)\PuTTY\plink.exe" "-v -agent -m C:\Scripts\idrac_powerup_commands.txt root@[servername]"

Current Code

$runputtyscript = @()
$runputtyscript += "-v"
$runputtyscript += "-agent"
$runputtyscript += "-m C:\Scripts\idrac_powerup_commands.txt"

& 'C:\Program Files (x86)\PuTTY\plink.exe' $allArgs root@servername

Problem

This executes, but the script doesn't execute the file with the commands the same that it does if the original string was executed from the command line.. It shows me the admin console (so it has logged in, authenticated with the public key, etc.) but it just hasn't run the script I asked it to run.

Things I've tried

• Moving the filename component of -m to its own argument
• Putting quotes around the filename component of -m

Question

Maybe more succinct way of asking: What is the proper way to use arguments that then have their own arguments (e.g. "-m [filename] -v -a" with the call operator (&) in powershell?

Background

I have the following components:

• A windows server 2008 R2 box
• An administrator account (mine)
• A service account on the domain that is an Administrator of the box
• An installation of Putty (including plink for command line and Pageant as the ssh public key generation)
• A text file for commands to be used during an SSH session
• A powershell script that runs plink which uses Start-Process to invoke plink with command lines that tell it to use Ageant for the PuTTy connection and commands.txt for the command.
• A scheduled task that runs as my user account

The Goal

Eventually, to get the scheduled task to run as a service account, which calls powershell as the service account, which runs the process and carries out the ssh commands.

The Problem

• When I run this script from a powershell command prompt as my user account, it runs.
• When I run this script from a scheduled task as my user account, with the highest permissions, and tell it to save my credentials, it "doesn't run".
• By "doesn't run", it mean it appears to spawn an instance of plink.exe, which is where I think the problem is occurring (something hanging that I can't see on the console).

Questions

• Anybody have an overall-solution that's a little more elegant but uses the same or similar tools?
• Should my powershell script instead invoke cmd.exe so that I can capture the stdout into my log file at least?

The Script

In case it helps:

#Starts the vcenter2 server.
#if the server is already started, it will tell you so.

#Stop an error from occurring when a transcript is already stopped
$ErrorActionPreference="SilentlyContinue"
Stop-Transcript | out-null

#Reset the error level before starting the transcript
$ErrorActionPreference="Continue"
Start-Transcript -path C:\Scripts\logs\StartTheVCenter2Server.log -append

#Run plink and reference the commands file to start up the server
Start-Process "C:\Program Files (x86)\PuTTY\plink.exe" -Argumentlist "-agent -m C:\Scripts\idrac_powerup_commands.txt root@[servernameredacted]" -wait -RedirectStandardOutput "C:\Scripts\logs\plinklog.log"

#Clean-up
Stop-Transcript

Thoughts? I'll likely play around with Invoke-Command to see if I can get it redirect the output into my log at least.

Thanks!

I have a Dell PowerEdge R410 with iDRAC 6 configured and accessible.

I know we'll be losing power at some point this weekend and I have a time that I would like to power on the machine again.

From the iDRAC GUI, can I schedule a boot up time, or would I have to use an combination of ssh script + the racadm commands from another machine to pull that off?

I've been looking around but I can't seem to find anything for it in the iDRAC GUI, which makes me think it may not be possible there.

Another possibility: does the iDRAC MAC respond well to WOL requests? If so, I could maybe have a powershell script run the Start-Computer command to send the WOL magic packets to the iDRAC? Not sure if this is a workable/best method.

Clarifications

• In short, my goal is to bring this server up at a specified date/time.
• The tools that I have at my disposal are:
  • Maybe a linux box in a failover building that could SSH in (not sure I'll have access to it)
  • My Win7 desktop (which may not be up)
  • I am familiar with PowerShell Scripting
  • I am minimally familiar with ssh (I understand it enough for basic tasks but have never had to automate it)
  • The iDRAC controller on the machine, which will presumably be up as soon as power returns.
  • anything available via the R410 BIOS (not sure if there is something like this)
• I know the DRAC doesn't power management -- I'm looking for a way to possibly use it to start up the machine (having a scheduled boot option in an iDRAC seems like it would naturally be a good fit, but I guess not)

Background / Goal

I am attempting to create a scheduled task that will:

• Run at the specified time (once)
• Run a PowerShell script that:
  • Logs all of its output as a transcript
  • Connects to my vCenter server using encrypted, stored credentials
  • Shuts down the Guest OSes of all VMs in a certain folder

Problem

The script executes perfectly from the console but doesn't even begin to execute as a task.

The Code

#Stop an error from occurring when a transcript is already stopped
$ErrorActionPreference="SilentlyContinue"
Stop-Transcript | out-null

#Reset the error level before starting the transcript
$ErrorActionPreference="Continue"
Start-Transcript -path C:\temp\Shutdown_NonProductionVMs.log -append

#Add the VMWare Snap-in
Add-PSSnapin -Name VMWare.VimAutomation.Core

#Get the Credentials
$creds = Get-VICredentialStoreItem -file  C:\temp\pscreds.creds

#Connect to the server using the credentials file
Connect-VIServer -Server $creds.host -User $creds.User -Password $creds.Password

#Get all VMs within the non-production VMs folder and then shut them down
#NOTE the -WhatIf tag, which will stop it from shutting down the VMs until we're sure the script is good.

Get-Folder -Name "03. Non-Production VMs" | Get-VM | Shutdown-VMGuest -WhatIf

#Clean Up
Disconnect-VIServer -Force -Confirm:$false
Remove-PSSnapin -Name VMWare.VimAutomation.Core
Stop-Transcript

What I've Checked/Tried so far and Other Leads

• Again, this script runs perfectly fine in a console when the console is opened as an admin.
• I have set a machinelevel execution policy of "Unrestricted" to see if that would help.
• I am running the task as the same user I created the credentials file with
• I am running the task with highest privileges.
• I am running the task with stored credentials (my user credentials -- the same ones that work from the console).
• I tried commenting out the transcript-related code to see if that did it; no dice.
• The task just continues to run perpetually. I don't get any result and it doesn't terminate.

Any ideas? Thanks in advance for any help you can give!

Background / Goal

• I have a VMWare HA cluster for production Machines with two hosts.
• It is currently set up so that it can account for the failure of up to one host. It does not use DRS.
• I need to remediate both of these servers to apply patches. I would like to do this with zero downtime.

Questions

• Can I vMotion the VMs in the cluster specifically to another host in the cluster and then take down a server?
• What is the best / recommended way to remediate servers in a HA configuration to avoid downtime?

Background / Problem

Just experienced an issue where an ESXi host was upgraded from 5.0 --> 5.1 perfectly fine.

Then, I did a scan and remediated a patch (ESXi510-201210401-BG) Looking into the host on via the kvm switch, this appears to complete successfully.

However, on reboot, the server hangs at the "Initializing Power Management" phase.

I've read from various spots around the internet that this usually clears itself up again upon a cold boot, but given that our servers are in a different building with different access rules, the less I have to physically go there, the better. :)

Question

• Is there anything I can do to avoid an ESXi host hanging at the "initialize power management" phase of boot after remediating the host to apply patches?

I just set up a vSphere / vCenter 5.1 installation.

I added two older hosts (v5.0) to this installation.

I just noticed that while all VMs have been added to the inventory, none of the templates have.

Is there a reason for this? I can't seem to find anything on the Google or VMWare forums.

Background / Setup

I've got a fresh install of vCenter Server 5.1 and associated components.

I've taken all steps (as far as I can tell) to enable FT, and it worked the first time (yanked a power cord and watched a VM keep working -- an awesome feeling, by the way).

The steps I took were:

• Create an HA cluster with two servers
• Add an additional Virtual VMkernel NIC to handle FT traffic on each host
• Ensured that all hosts have access to multiple network storage devices (EMC and netapp).
• On a VM, changed the CPU/MMU Virtualization option to "Use Intel VT-x/AMD-V For Instruction set virtualization and software for MMU virtualization"
• Right-clicked on the VM and selected "turn On fault tolerance". This completed successfully.

Again, this worked.

Problem

Now, however, in the VM menu, after all hosts have come back on-line the option is again to "turn On Fault tolerance" (I thought once on, it would stay on?)

Additionally, if I click to turn fault tolerance on again, I receive the message "The virtual machine is running in a monitor mode that is incompatible for fault tolerance." However, selecting VT-x/AMD-V is what fixed this problem last time before my initial test that worked, and it is still selected in the menu.

Questions

• Is this a bug in the display, and the machine is still fault tolerant?
• Is this something I need to reconfigure each time?
• Once a machine has been configured for fault tolerance, does it remain in that mode perpetually? My guess would be that it should, but this experience makes me question it.

Update: More information (potential lead?)

To make matters more interesting, I just tried the following:

• Set CPU/MMU on the VM back to "Automatic"
• Rebooted the VM
• Set the CPU/MMU back to the intel setting that worked the first time
• Rebooted the VM
• Clicked "Turn Fault Tolerance on"
• ...and received the same error.

Thanks!

Background

I'm on a new VMWare install consisting of:

• 1 vCenter Server (containing inventory service, SSO, vCenter server, and web client server)
• 2 ESX Servers configured in a HA group

Problem

When a I view the summary for any one of my servers, I receive a notice: "This host currently has no management network redundancy".

This is expected in our scenario and we're okay with it.

Attempted Solutions

As I understand from this article and this discussion, the proper way to remove the error message is to ignore it via setting the "das.ignoreRedundantNetWarning" propery to "true".

I took the following steps:

• Logged into vCenter
• Right-clicked on my HA cluster and chose "Edit Settings..."
• Clicked "vSphere HA" section
• Clicked "Advanced Options..."
• Added the "das.ignoreRedundantNetWarning" option with a value of "true".

Question

How do I get this error to go away, and are there any reasons why adding this option may not have worked?

References

• Network redundancy message when configuring VMware High Availability in vCenter Server [VMWare KnowledgeBase]
• How remove a notice " has no management network redundant" [VMWare Community]

I'm working with:

• Two new ESX servers that I'm configuring
• A new Server 2008 R2 machine that I'm using for vCenter.

I took the following steps:

• Installed the Hypervisor on the 2 ESX machines
• Checked their setup/connectivity (appears to be fine; can ping, etc.)
• Installed vCenter Server on the Win2k8R2 box. This included the install of a SQL Express database (we're a small shop)
  • FYI, I changed some of the ports (443 --> 8443, 80 -->8080, etc.)
• Installed vCenter Web Client Server on the Win2k8R2 box

Problems

• my vSphere Client on my Desktop fails to connect. Part of this is that it asks me for a username and password, but I don't recall specifying one when I set up the install.
  • I receive the error "vSphere Client could not connect to [machinename]. An unknown connection error occurred. (The request failed because of a connection failure. (Unable to connect to the remote server))"
  • I have also tried to use local machine admin credentials, including the format machinename\localuseracct.
  • I have also tried using my domain credentials which are an admin for that box.
  • I have also checked and the service is running.
  • I also tried to connect via vSphere client locally installed on the server. It translates "localhost" to the correct name but gives the same error.
• I cannot register the vCenter server from the vCenter Web Client Server. I'm not sure if this is necessary, as they're both on the same machine, but it seems like the logical next step. I also receive a "failed to connect" error in this case as well.
  • FYI, both the vCenter server and the vCenter Web Client Server are installed on the same Win2k8R2 server.

What am I missing here? What is the best way to test in this case?

Background / Problem

• I have two new servers (Dell R720 & Dell R520) that I plan to install ESXi onto.
• During the VMWare Hypervisor installation, I'm told that no network adapters exist.
• Upon checking, I realized that the Broadcom NetXtreme I drivers are required additionally
• I have obtained the Broadcom driver software bundle from VMWare's web site
• I have installed PowerCLI on my desktop in case I will need it.

Question

Most ESXi guides describe doing this on a server that's already been set up once, but I am installing ESXi on these boxes for the first time.

• How do I properly get these network card drivers into the installation process?

• I am under the impression that I may need to configure a custom installation package that includes these drivers (and use PowerCLI to do this) -- if so, how do I best go about doing this?

Question

Is there a decently-priced (free preferred) tool that will allow me to see all changes made to a system (disk, registry, etc.) during the process of an install?

Background

I would like to capture changes made by a software installation so that I can forward them to a security team who will be able to white-list and authorize those actions.

At the current time, if an install makes changes to the user's documents folder or adds a registry key, we don't have a good way of picking that up. And I know there must be a better way.

Thanks in advance for any help you can give!

I'm looking to give our company an overview of the business services that IT offers and their various dependencies.

The purpose of this graph would be to show the dependencies of technology on business applications with the goal of assisting configuration management. For example, if the server hosting 3 of our VMs goes down, which business applications are impacted while we work on a fix? Or, if a change is being made to a network subnet or a reboot of a router is required, who do we need to notify?

These technologies would be shown from top down (roughly from "front end" to "back end") along the lines of the following layers:

Front end:

• Business services (Business e-mail, business calendar, business documents, help desk, software development, etc.)
• External Applications (cloud apps, non-internal apps -- apps we don't manage)
• Internal Applications (internal software packages, intranet apps, etc.)
• Virtual Machines
• Machines (Servers, Desktops, laptops, phones, VM Hosts)
• Network layers / technology (DMZ, IDS, various subnets & VLANs)
• Network equipment (routers, switches, hubs)

I'm open to any thoughts, recommendations, etc. on how various folks have visualized this. Thanks in advance for any help you can give!