Enabling LDAPS on vCenter identity source

Most environments used to use the Integrated Windows Authentication (IWA) as an identity source for vCenter. However with Microsoft tightening the screw on LDAP signing and VMware deprecating IWA in versions 7 and above, many will have to bite the bullet and move to LDAPS. It’s not a big deal... [Read More]

Host randomly not responding but replies to ping

In the series of weird and annoying technical issues that I seem to be blessed with, today I bring you one that falls in the category I despise the most, random disconnects. TL,DR: Random ESXi disconnects after NIC replacement. The fix was to remove and recreate the management vmkernel (also... [Read More]

Change vmnic order on vSphere host

Changing the vmnic order is an unusual thing to do and you may rightfully wonder why one would want to do that. Heterogeneous enironments are fully supported but most vSphere administrators aim to have homogeneous hosts with the exact same config in their clusters to simplify operations and avoid human... [Read More]

2020 LDAP channel binding and LDAP signing requirement for Windows

Find more details in my blog for Altaro. In summer 2019 Microsoft announced an update scheduled for January 2020 that would change the default behavior of domain controllers with regards to the security of LDAP communications. After this change, domain controllers will reject insecure LDAP communications regarding <a... [Read More]

VAMI certificate not updated after certificate change

Super quick post today about certificates.. It seems to be a unbreakable law of the universe that when doing certificate stuff, it is impossible that everything works the first time. After replacing the machine SSL certificate on a VCSA using the certificate-manager utility, you may notice when you log on... [Read More]

vCenter unreachable - VCHA active node isolated

I recently had to deal with a situation were our vCenter server was unreachable. This vCenter runs vCenter HA (VCHA) and each node runs on a different ESXi host in a 3 hosts cluster thanks to an anti-affinity DRS rule. The management IP would not reply to ping. I... [Read More]

Change location of ESXi coredump file

A core dump, also referred to as crash dump or memory dump, contains the content of the memory at a given point in time. It is usually created when the system or program crashes. It is a way of saving evidence that could help troubleshoot the root cause of the... [Read More]