// This is the script to give summary on the main page.
Think IPM

Saturday, May 13, 2017

PSA: Powershell script to find unpatched machines. (WannaCry)

imageI’m not a programmer but PowerShell is really starting to grow on me lately.  Here is a quick script that will see if your servers are properly patched for the WannaCry ransomware exploit.

It’s not super fast but it should do the job.  I’m sure there are PLENTY of improvements to be made to it.  If you make any, please drop me (and everyone else) a note in the comments with your new improved version.

The script takes a file as input with a list of machine names in it (1 per line) and outputs that same server list with any appropriate hotfixes next to them.  Any names without hotfixes next to them should be investigated.

You can add additional hotfixes as they are released to the list below.

# List of all HotFixes containing the patch
$hotfixes = "KB4012212", "KB4019215", "KB4012217", "KB4012218",  "KB4015551", "KB4015552",  "KB4019216", "KB4012216", "KB4015549", "KB4015550", "KB4013429", "KB4019472", "KB4015217", "KB4015438", "KB4016635", "KB4019264"

$listofvms = Read-Host " Full path to VM txt file - (i.e. C:\Carlo\VMS.TXT)"
$guests =  get-content $listofvms

foreach ($guest in $guests) {

# Search for the HotFixes
$hotfix = Get-HotFix -ComputerName $guest | Where-Object {$hotfixes -contains $_.HotfixID} | Select-Object -property "HotFixID"

write-host -foregroundcolor yellow $guest $hotfix

}

image

As always with scripts on the internet, your mileage may vary and this script comes with no guarantees AT ALL.  Not responsible if it burns your house down, steals your mate or cancels your health insurance.

Click Here to Continue Reading >>

Friday, May 12, 2017

PSA : Patch your Windows Servers (MS17-010)

If you’ve seen the news today, there is a crippling ransom ware spreading across the globe.  I’ve seen reports that say at least 45k attacks hitting more than 74 countries in the past 10 hours.

The ransom ware is called ‘WannaCry’.  It will encrypt your desktop or server’s files and demand that users pay an initial $300 to unlock the files and the sum goes up with each passing hour.

imageThe patch to prevent the exploit can be found here [MS17-010] or just running Windows Update and updating to the latest patches will block the vulnerability.   The patch was released March 14th 2017.

If you have been infected, the patch will not remove the virus so best to be vigilant and process your updates ASAP.

Click Here to Continue Reading >>

Monday, April 24, 2017

Cleaning up Horizon Database Errors

vSphere vCenter is great.  Horizon is great.  Composer is great.  Sometimes though, they go off script and start getting out of sync.  I’m sure everyone who has run a VMware View Horizon farm has run into issues where the view database just doesn’t reflect reality.  The VMs are long deleted but Composer and Horizon still think they are there and you get the never completing status of Deleting in the Horizon administrator console.

image

I remember the not so distant days when this would require firing up ADSI edit and doing some surgical removals of MANY entries in LDAP… 

As of Horizon 6.1, there is a MUCH easier way now.  Check out ViewDBCheck.  Most likely in
‘C:\Program Files\VMware\VMware View\Server\tools\bin’ on our connection server.

image

This handy tool will scour the Horizon DB and look for inconsistencies between the DB, the vCenter inventory and Composer DB.  If it finds any, it will give you a yes/no prompt to clean up and then do it’s thing.  Very Nice!

Although officially released for 6.1 and up, you can also use it for 5.3 by using the Fling found here.

Click Here to Continue Reading >>

Wednesday, April 19, 2017

Pushing the NVIDIA Grid VIB to vSphere using Update Manager for vGPUs.

I’ve been working with a customer getting the NVIDIA Tesla M60 cards working in their environment and compiled some great information for those of you looking into this.

So the official installation guide for the VIB is pretty much this KB article :  https://kb.vmware.com/kb/2033434

This is a pretty manual process.  I found that you can also easily and successfully use Update Manager to push the entire installation of the VIBs to your hosts.  The advantage being scale, consistency and also the ability to see the VIB installation (Baseline) in vCenter.

To start, make sure you are getting the correct enterprise versions of the VIBs and drivers.  (https://nvidia.flexnetoperations.com)

Once you have your offline bundle, you can head over to your Update Manager screen and choose the patch repository and Import Patches.

image

Once you upload the VIB Offline bundle, you should see it in the list of patches. (Note that the kepler one is the consumer version and should NOT be used) If you know how to remove it from the patch repository, drop me a note on twitter or in the comments.

From there, you can add it to a host extension baseline.

image

Now you can easily scan and remediate individual hosts or groups of hosts to install the VIB for Shared vGPUs.

To verify that the VIB was installed correctly, you can putty over to a host and run the command nvidia-smi.  If the VIB is installed correctly and you have you GPU cards in the host, you should see a similar output.

image

Once the VIB is installed, using the HTML vSphere Client, you should be able to add the shared PCI device to the Desktop VM (or image) and see the appropriate profiles.  

image

Note that shared PCI is a feature of VMware’s Enterprise Plus licensing.  Appropriate host licensing or Horizon licensing will be needed to power a machine up with a shared vGPU card.

ScreenClip

After installing the Display Drivers in the Windows VM, be sure to set the licensing to GRID Virtual Workstation.

Bonus: Once you have it all working, test it all out using the new awesome Google Earth!
(Super cool 3D modeling across many of the world’s neighborhoods)

image

Click Here to Continue Reading >>

Thursday, March 9, 2017

Throw-Back Thursday Post –Need to restart Explorer shell Gracefully?

Sometimes you need to restart Explorer to get things straightened out on your desktop.  Maybe the Notification Area is losing it or you want to refresh your Quick Launch.   Whatever the reason, in the past I have always pulled up Task Manager and killed the explorer process.  Simple and effective but maybe too harsh for all particular situations.  Jacques Bensimon let me in on a quick and proper way to shutdown the Explorer Shell gracefully.  Basically check out the image below and know that I CTRL-SHIFT-RIGHT Clicked to get the Exit Explorer option.  Explorer shuts down gracefully and you can restart it using Task Manager/ New Task.  

Explorer Shell Exiting image

*With Windows 8 and above, you need to CTLR-SHIFT-RIGHT-CLICK on an empty area of the Taskbar [second image] instead of the Start Bar.

Nice Tip JB! Way to promote peace. Smile

Click Here to Continue Reading >>

Monday, February 27, 2017

Installing SRM–Time Error when connecting to PCS

While installing SRM at a client, I ran into an issue where I could not connected to the PCS.   The setup returned an error stating the time between the vCenter, Site Recovery Server and PCS was not in sync.

 

Image result for multiple time

 

Since the vCenter and PCS were on an Appliance, I had to do some quick research to see how to verify and correct the time.   In this case, the forums had the answer.

 

Enable SSH in the vCenter 6 appliance console
Enable BASH in the vCenter 6 appliance console
Putty in the vCenter 6 appliance
Enter root/PW

Type 'shell'

Enter the following commands:

ls /usr/share/zoneinfo/US/
*  This will display the list of available time zones, in my case I needed Eastern, replace with your time zone
cd /etc
rm localtime
ln -s /usr/share/zoneinfo/US/Eastern localtime
date

* Verify that you are now displaying the correct date and time.
** Optionally you can set the appliance to use an NTP server by using the following command:

sntp -P no -r time.windows.com

In our case, we used the local domain controller for the time source rather then the time.windows.com but it was just a one time set to sync those times up completely.  Once completed, the SRM installer continued without issue.

Click Here to Continue Reading >>

Tuesday, February 21, 2017

New Versions of our favorite tools.

Just noticed that some of the tools we (at least I!) love and rely on has been updated. (You can find the complete list here.) From the list of updated ones, I wanted to bring attention to some of the ones that I consider truly indispensable and one in particular that gets very little press.image

· AutoRuns
· Process Monitor
· Process Explorer
· SysMon

I think SysMon is probably the least known from the list above, but maybe one of the most useful. For those who are not familiar, this tool installs very easily from the command line, creates a service, a new EventLog, starts itself up and immediately goes to work. One of the many benefits of the tool is that it installs as a boot-level driver, so it can capture information very early on in the boot process all the way through the logon and beyond.

I like to think of it almost like an Application level WireShark type of tool. It will log every access from your system by any application and tell you the name of the app, what it attempted to do and to where it attempted to do it. I have been able to track down everything from rogue add-ins in Office applications communicating to websites, to performance issues due to over-zealous security applications wreaking havoc on a system. [Ping me if you want to know which one].

To install it, you just run the app with three switches, SysMon.exe -i –n –AcceptEULA

clip_image002

Then launch any application (e.g. Excel) and go to the EventLog (Applications and Services Logs/Microsoft/Windows/Sysmon/Operational) to check out what it really does to your system:

clip_image004

There will be multiple entries for every application depending on what it is doing to your system, so go through the log.

Do you have any particular tool that you find indispensable? Let us know in the comments and we might even review it! Winking smile

Aaron Silber 
Follow Aaron on twitter at @amsilber


P.S. - · AutoRuns is my favorite! (me)  – It’s the quickest way to enable/disable things auto running on your system.  Excellent for cleaning out and tweaking system login times.

Click Here to Continue Reading >>

Thursday, February 16, 2017

Time for a new editor.

I’ve used NotePad++ for a long time.  It’s light weight and doesn’t mess with my line feeds or carriage returns.   I thought I had it all. Smile 

Recently someone on the inter-webs recommended a new editor for use with various code languages.  Atom by Github

image

I don’t program full time so this might be old news to everyone reading this but for me, this was a great find and suggestion.   It is completely open source (hosted up on github) so errors, bugs and enhancements are rolled out pretty rapidly due to a highly active community.

The thing I like most about it is the packages you can download for it.  It can pretty much be customized for anything you like. Write yaml? Install a real-time linter into the editor.  Work with Powershell, there are syntax highlights for that as well.  In fact, pretty much every little language/syntax/highlighter I wanted to work with, I found in the community.  AutohotKey, no problem.

I’m not saying this is better than the editor you use, I just liked it so much that I wanted to pass along the great suggestion given to me.  If you are looking to change things up, check it out. Smile

Click Here to Continue Reading >>

Tuesday, February 14, 2017

VMware HA Heartbeat issue.

This is a pretty standard one.  You deploy a small environment that only has a single shared Datastore (like a Nutanix cluster maybe).  Enable HA and all of a sudden all of the hosts are complaining that there is only one Datastore for heartbeating and the required minimum is 2.

image

That’s an easy one to resolve. There’s an advanced setting that allows you to safely ignore this warning and turn your console back to the error free goodness that it once was.

Fire up Google and find this KB article.  (https://kb.vmware.com/kb/2004739) because I can never remember the exact parameter.  Awesome. Fire up the VI Client and go to advanced options.

image

Ummm???  Where the hell is advanced options??  It was always been here.

Not anymore.  To access advanced options, be sure to fire up the WEB CLIENT.  I’m not sure when they made the change but with the 6.0 vSphere Fat Client, advanced options are no longer there.

Once you are in the RIGHT client though, the fix is again pretty easy.

image

If you are still using the Windows Client as a crutch, start using the web client.  eventually, you won’t have a choice. Smile

Click Here to Continue Reading >>

Wednesday, February 1, 2017

Veeam Backup and Data Domains

If you are running Veeam and using a Data Domain as a backup target, there are a few options in the Veeam configuration that might not seem obvious that can really improve your backup times and windows.

When creating your Data Domain repository in Veeam, be sure to decompress the blocks before writing them to data domain.  This tells Veeam to store raw files and allow the Data Domain to leverage it’s hardware and algorithms to achieve the highest compression.

image

Under individual Job options, you should also disable inline data deduplication to allow the Data Domain to do a superior job at deduping the data.

image

Dedupe-friendly compression level and also local target are also advised for Data Domains.

If your Data Domain has a DD Boost license, you can leverage that on the repository to further increase performance and optimization.

For detailed Veeam write up, refer to https://www.veeam.com/kb1956

BTW: Happy New Year! Took the last few months off from the blog but back on the horse although, You might will see a lot more posts on Home Automation. Consider yourself warned!

Click Here to Continue Reading >>