Sunday, May 27, 2012

Learning of the day : DRS and resource pool

Issue: One of our newly created test datacenter was having trouble in creating resource pool..The option was simply greyed out!!!.
Solution: DRS was  disabled in the cluster.once that was enabled, resource pool creation option was no longer grayed out...

Different types of cloud computing

“Cloud computing” is basically the latest incarnation of grid computing, utility computing, virtualization and clustering. It differs in that it provides the ability to connect to software and data living on the Internet (the cloud) instead of on a hard drive or local network.


1. SaaS 

This type of cloud computing delivers a single application through the browser to thousands of customers using a multitenant architecture. On the customer side, it means no up-front investment in servers or software licensing; on the provider side, with just one app to maintain, costs are low compared to conventional hosting

2. Utility computing 
Amazon.com, Sun, IBM, and others offer storage and virtual servers that IT can access on demand. Early enterprise adopters mainly use utility computing for supplemental, non-mission-critical

3. Web services in the cloud 
Closely related to SaaS, Web service providers offer APIs that enable developers to exploit functionality over the Internet,rather than delivering full-blown applications.

4. Platform as a service 
Another SaaS variation, this form of cloud computing delivers development environments as a service. You build your own applications that run on the provider’s infrastructure and are delivered to your users via the Internet from the provider’s servers.

5. MSP (managed service providers) 
One of the oldest forms of cloud computing, a managed service is basically an application exposed to IT rather than to end-users, such as a virus scanning service for e-mail or an application monitoring service

6. Service commerce platforms 
A hybrid of SaaS and MSP, this cloud computing service offers a service hub that users interact with.

Technorati verification

7YFK9XREEQPU

How to change DNS server in a remote machine

Download regfind.exe from here .Extract the zip file .Browse to the extracted location from command prompt and run the utility using the following syntax

regfind  -m \\computer1 -p HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\parameters "Old DNS IP" -r "New DNS IP"

Where Cumputer1 can be the name or Ip of the remote machine whos DNs is to be changed

Once the command completes successfully, the old dns IP in the server will be replaced by the new one

Active Directory User Account Information Tool

Troubleshooting issues relating to user accounts can usually be a time consuming effort.Determining the "freshness" of the user's credentials and password history is key to understanding if there could be a potential issue with their Active Directory account.  This document provides information on the AcctInfo Tool that has been developed to assist investigation of such issues.


AcctInfo Tool

This tool provides a subtle addition to any user's AD account profile by an additional tab in their account properties labelled Additional Account Info v2.  It can be installed on a domain controller, or on the desktop of the person doing the investigation. Below is a screen shot of the additional information this tool provides:


The three most important pieces of information provided, as shown above, are the Password Last Set and Password Expires fields and the Most Recent Logon button which polls all the DC's in the domain for the selected user and aggregates the polled results to determine when that user last successfully logged onto the Active Directory infrastructure.


Download acctinfo2.dll from here and save it to the C:\Windows folder


From the Windows Start menu click Start, Run... type in CMD and click OK.
At the DOS prompt, type in the following command: regsvr32 acctinfo2.dll and press Return

Note:This process will need to be carried out by a person with local administrator rights to the machine

List of AD replication ports


AD Replication Ports


RPC endpoint mapper
135/tcp, 135/udp
Network basic input/output system (NetBIOS) name service
137/tcp, 137/udp
NetBIOS datagram service
138/udp
NetBIOS session service
139/tcp
RPC static port for AD replication
1111/TCP
RPC static port for FRS
2347/TCP
Server message block (SMB) over IP (Microsoft-DS)
445/tcp, 445/udp
Lightweight Directory Access Protocol (LDAP)
389/tcp
LDAP ping
389/udp
LDAP over SSL
636/tcp
Global catalog LDAP
3268/tcp
Global catalog LDAP over SSL
3269/tcp
Kerberos
88/tcp, 88/udp
Domain Name Service (DNS)
53/tcp, 53/udp
MOM
TCP/UDP 1270
NTP
123/udp
Remote Desktop
3389/tcp

Sunday, May 20, 2012

How to : Track deletion of windows folders using security policy

1) Enable auditing via policy

Click Start->Run->secpol.msc
Under Local Policies \ Audit policy, enable "Audit object access" for 'success' events (means that the access was 'successful' - failures would indicate permission problems to do so

2) Enable auditing on the 'object'.  

Right-click a folder/file and choose properties
From the security tab, click Advanced
From the Auditing tab, click Add Now, if you want to find 'who' - it's best to 'add' the Everyone group
For the audit access, choose Delete, again under Successful (for a successful deletion)

3) Check the events
  Open event viewer  (Start->Run->Eventvwr)
  Look for/filter on the event ID 560

Saturday, May 12, 2012

How to apply time zone change in AD to User machines


Time zone changes need to be made in the AD server first. After that do the following steps



1. On the AD server, click Start, click Run, type regedit, and then click OK. 

2. Expand the following registry subkey:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones

3. Click the tiem zone that was changed, and then click Export Registry File on the Registry menu.

4. In the Save in box, click Desktop, type timezones in the File name box, and then click Save. 

5. Expand the following registry subkey:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\TimeZoneInformation

6. Click TimeZoneInformation, and then click Export Registry File on the Registry menu.

7. In the Save in box, click Desktop, type tzinfo in the File name box, and then click Save. 

8. Quit Registry Editor.

9. Copy the Timezones.reg and Tzinfo.reg files that you created in step 4 and in step 7.

10. Put the files that you copied on to the computer whose time zone settings you want to update with the new daylight-saving time dates. This computer is known as the destination computer. 

11. On the destination computer, double-click the Timezones.reg file. 

12. Click Yes when you are prompted to add information to the registry. 

13. Click OK when you receive the message that the information was successfully entered in the registry. 

14. On the destination computer, double-click the Tzinfo.reg file. 

15. Click Yes when you are prompted to add information to the registry. 

16. Click OK when you receive the message that the information was successfully entered in the registry. 

17. Restart the computer.

Configure NIC teaming for V Switch


Two or more NIC cards are required to use NIC teaming in  ESX server.



Step 1 : Create a new vSwitch and give it a network label like "VM Network” . Add the required NICs to the switch. Procedure on how to add nic to a virtual switch is described below



Select the vSwitch from the Configuration -> networking . Select Network adapters and click on add


In the Add Adapter Wizard select the nic card which needs to be added to the switch and click on next. If the nic card is already attached to another virtual switch, it will be removed from it and added to the new one.. Go to next screen


In the failover order, we can configure the active and standby adapters if required. Click next and finish the configuration

Step 2: Configure teaming

Configuring teaming in Esx server will implement load balancing for outbound traffic only. For implementing the same for inbound traffic the required configurations need to be done on the physical switch to which the NICs are actually connected
Switch configuration steps

Suppose two nics vnic0 and vnic1 are added to a virtual switch vswitch0. vnic0 and vnic1 are physical adapters connected to switch ports gi0/23 and gi0/24

1) Create a port channel in the switch for the ports.

Commands used for the same in Cisco Catalyst IOS-based physical switches are given below:

s3(config)#int port-channel1
s3(config-if)#description NIC team for ESX server
s3(config-if)#int gi0/23
s3(config-if)#channel-group 1 mode on
s3(config-if)#int gi0/24
s3(config-if)#channel-group 1 mode on


This creates port-channel1  and assigns GigabitEthernet0/23 and GigabitEthernet0/24 into team

2) Ensure that the load balancing mechanism that is used by both the switch and ESX Server matches. To find out the switch’s current load balancing mechanism, use this command in enable mode:

show etherchannel load-balance

This will report the current load balancing algorithm in use by the switch. We can either use IP- based load balancing or MAC-based load balancing . IP-based option gives  better utilization across the members of the NIC team than some of the other options

3) Set the switch load-balancing algorithm using one of the following commands in global configuration mode:

port-channel load-balance src-dst-ip (to enable IP-based load balancing)
port-channel load-balance src-mac (to enable MAC-based load balancing)

Esx configuration for teaming

The load balancing mechanism in physical switch and ESX server should match for teaming to be functional.


Open the corresponding virtual switch properties. Select the Vswitch and then click edit

Select the NIC teaming tab. Choose the appropriate load balancing mechanism from the drop down menu 

If IP based  load balancing is configured in switch , select the option “Route based on IP hash”

If MAC address based load balancing is configured in switch, select the aoption “Route based on MAC hash”








Configure rest of the options as shown below.Click ok

How to find BIOS version of Linux servers


Connect to  server using Putty and login using root credentials

Give  the following command

Dmidecode |more

Scroll down to BIOS information (use space bar to scroll down) and copy the version info

Friday, May 11, 2012

How to enable SSH root login in Vmware Esx


Login as root from the server console
Edit the file /etc/ssh/sshd_conf
Edit the PermitRootLogin option and set it as yes 
Restart the SSH service
              # service sshd restart

How to prevent Internal IP address leaking through HTTP headers


Open command prompt on the server where the web site is hosted.Change to the folder where the adsutil.vbs tool is located




C:\Inetpub>cd AdminScripts  

C:\Inetpub\AdminScripts>cscript adsutil.vbs set w3svc/1/UseHostName true 
where 1 is the site identifier



To find the site identifier:

click on the Web Sites major heading in the left hand side of the IIS admin tool and view the "Identifier" on the right hand side for whichever site you need.





Web site reference: 

http://support.microsoft.com/kb/834141

http://weblogs.asp.net/owscott/archive/2005/07/29/421058.aspx

Active directory : Check replication using REPLMON


Active Directory Replication Monitor(Replmon.exe) is a GUI tool that is exclusively intended for monitoring and managing all kinds of replication in AD-based domains (Windows 2000 and Windows .NET domains). With this tool, you can monitor and register all replication events, force replication, start generating replication topology, view Global Catalog and bridgehead servers, and view trusts and replication metadata for an Active Directory object. Login to AD and do the following steps to start a replication check using replmon

Go to start ->run . Type in replmon and click ok
Click on edit->Add Monitored server

Select “ Add the server explicitly by name” and click next

Add AD server name and click finish

Go to file>save monitored list as and save the list as a .ini file say test.ini

While doing the replication check next time, this list can be opened directly from
file->open script ->test.ini (steps 2,3 and 4 can be skipped)

Once the server is added several directory partitions will be displayed

Expand each of the directory partitions to view the AD replication status

If any of the AD servers is having replication issue, it will be marked in red

Click on the AD server having replication issue and the replication details will be displayed on the right pane

To update the replication status, right click on the server and select ” update status(Only for this server)”
 

Getting started with Vmware Power CLI scripting

This week I got acquainted with Power cli scripting.Its is fun once we get started with it, and it is easy too..


 Power cli is a wonderful tool that you can use to create scripts for vsphere management. You can get started with it by installing power cli tool.Another easier method is to install power gui. For this you will need to install vi client and power cli as prereq .Once power gui is installed you need to enable the vim plugin from the file menu

You will need the help of both vmware power-cli command line reference as well as the windows powershell reference.


http://www.vmware.com/support/developer/windowstoolkit/wintk40u1/html/index.html

http://ss64.com/ps/




 Start with the basics . First run few commands on the power cli and understand how they works. Then you can put them together in a script with extension .ps1 . 

For eg try some basic commands like:

Get-VC : Connect to virtual center

eg: Get-VC vcenter.mydomain.com

Get-Resourcepool : get details of resource pool of any location say host,cluster,datacenter

eg: Get-Resourcepool -Location clustername

If you want to store the value in a variable for further use in your script, you can do it as follows

$pools = Get-Resourcepool -Location mycluster

Here all the name of the resource pools in the cluster is stored in the variable $pools. Interesting thing to note is that if there are multiple values, it automatically gets stored as an array.


More posts coming up on power cli scripts :)

Welcome!!!

Welcome to my technology blog, where I am planning to keep a record of my trysts with technology..