vXav.fr

Enabling LDAPS on vCenter identity source

Posted on May 7, 2020

Most environments used to use the Integrated Windows Authentication (IWA) as an identity source for vCenter. However with Microsoft tightening the screw on LDAP signing and VMware deprecating IWA in versions 7 and above, many will have to bite the bullet and move to LDAPS. It’s not a big deal... [Read More]

Host randomly not responding but replies to ping

Posted on April 30, 2020

In the series of weird and annoying technical issues that I seem to be blessed with, today I bring you one that falls in the category I despise the most, random disconnects. TL,DR: Random ESXi disconnects after NIC replacement. The fix was to remove and recreate the management vmkernel (also... [Read More]

Change vmnic order on vSphere host

Posted on April 22, 2020

Changing the vmnic order is an unusual thing to do and you may rightfully wonder why one would want to do that. Heterogeneous enironments are fully supported but most vSphere administrators aim to have homogeneous hosts with the exact same config in their clusters to simplify operations and avoid human... [Read More]

How to sign a certificate with no template information on a Microsoft CA

Posted on February 18, 2020

If you have a basic Microsoft CA for lab or production purpose you cannot sign a certificate without a template. However the certificate manager utility included in vCenter or OpenSSL creates CSR file which is rejected by the Microsoft CA on the ground that it has no template extension. ... [Read More]

2020 LDAP channel binding and LDAP signing requirement for Windows

Posted on January 30, 2020

Find more details in my blog for Altaro. In summer 2019 Microsoft announced an update scheduled for January 2020 that would change the default behavior of domain controllers with regards to the security of LDAP communications. After this change, domain controllers will reject insecure LDAP communications regarding <a... [Read More]

VAMI certificate not updated after certificate change

Posted on January 15, 2020

Super quick post today about certificates.. It seems to be a unbreakable law of the universe that when doing certificate stuff, it is impossible that everything works the first time. After replacing the machine SSL certificate on a VCSA using the certificate-manager utility, you may notice when you log on... [Read More]

VCSA update with IIS repository - Fix "Download failed" error

Posted on October 23, 2019

Recently I needed to patch a vCenter Appliance (VCSA). It’s not something we do often but I have quite a few vCenters. I also have a UMDS server with IIS 7 on it for host patching so I thought why not use it as a repository for VCSA updates instead... [Read More]

vCenter unreachable - VCHA active node isolated

Posted on October 9, 2019

I recently had to deal with a situation were our vCenter server was unreachable. This vCenter runs vCenter HA (VCHA) and each node runs on a different ESXi host in a 3 hosts cluster thanks to an anti-affinity DRS rule. The management IP would not reply to ping. I... [Read More]

Change location of ESXi coredump file

Posted on September 23, 2019

A core dump, also referred to as crash dump or memory dump, contains the content of the memory at a given point in time. It is usually created when the system or program crashes. It is a way of saving evidence that could help troubleshoot the root cause of the... [Read More]

Download my eBook on PowerCLI - Courtesy of Altaro Software

Posted on September 19, 2019

If you read some of my blogs you probably gathered that I am a PowerCLI geek. I love the fact that I can automate many tasks of my admin life and watch my scripts work for me while I have a nice cup of coffee. The icing on the cake... [Read More]