Archive for the ‘ICT’ Category

Microsoft’s Private Cloud

June 12, 2013

1010186_10151466636803803_2132385697_n

Just attended a conference; Microsoft’s Private Cloud which was an extension in regards to the TechEd 2013 event; the  Microsoft’s Premiere Event for IT Professionals & Enterprise Developers held from 3- 6 June 2013 at LA USA based on the new developments in Microsoft’s Private Cloud. So whats new? Well these are the new developments.

– R2 releases for Windows Server 2012 and System Center 2012 instead of going towards service packs.

– Azure comming to SQL as SQL Azure.

– SQL Server 2014 release.

– Concept of Hybrid Cloud was much emphasized. Utilization of services from a private cloud plus reservations in the Public Cloud as well. But then why would I let my datacenter invest in a 2-tier solution; didn’t understood that.

– Windows Intune now avaliable for Pakistan region.

– Full focus in integrating other virtualization platforms rather than sticking to Microsoft centric approach.

– Windows 8.1 release.

 

 

VMware Stand Alone Converter Issues

May 30, 2013

My woes with the P2V conversions is growing ever since I posted last time! Just an update on couple of things I learned in doing so. First would like to mention an error while specifying source computer to Standalone Converter; it would return the following error.

Unable to complete installation/uninstallation of vCenter Converter agent on ‘X.X.X.X’

As I stated in my last post that I read somehwere in the Standalone Converter help/troublshoot giude to disable files shares in order to access the source hardware information. I disabled my file shares last time for a server which I had to revert then as doing so didn’t solved my problem. But eventually I found out that in Windows Server; ADMIN$ (which points to C:\Windows) cannot be added from Computer Management once deleted. Hence to add that again; do the following steps:

  • Run CMD Prompt as administrator.
  • Run the command > net share ADMIN$ /UNLIMITED

This will enable your ADMIN$ share which will be used by the Standalone Converter to push its agent. Another error I figured out with one of my servers was

The source computer has GPT disk(s). Conversion of live computers with GPT disks is not supported. Conversion of virtual machines with GPT disk is supported only if disk-based cloning is performed.

This was due to the fact that the Standalone Converter is unable to read partitions with GUID tables! Hence it fails the whole process which is just insane on the part of VMware. At least it must give an option to skip that very partition and thus not failing the complete process. To resolve this you will need to disable the partitions. Following these steps:

  • Run CMD Prompt as administrator.
  • Run the command > DISKPART
  • Type > list disk
  • This will give you a list of the partition configured with GPT (indicated by *).01
  • Now goto Server Management > Disk Management and make the specific partition OFFLINE (Do note its capicity).
  • Once the partition is OFFLINE; go to Device Manager > Disk Drives
  • Verify the partition which you just turned OFFLINE by right clicking on the Disk Device > Properties > Volumes > Populate. You can verify it from the Capacity parameter. Click OK.02
  • Now right click on this Disk Device and click DISABLE.

After doing this again run the P2V conversion process; it will work like a charm! Hopefully 🙂 !!!

VMware Standalone Converter 5.1.0: Error: Unable to obtain hardware information for the selected machine.

May 29, 2013

converter

With updating of VMware Infrastructure to 5.1; I also installed the latest Standalone Converter 5.1.0. While doing P2V conversions with Windows Server 2008 R2; I faced a few problems.

With Converter 5.1 Build 1087880: Was constantly getting the error:

Unable to obtain hardware information for the selected machine.

I made sure to follow the checklist given on VMware KB 1016330 but to no avail. Hence reverted all the changes I did according to the given list.

With Converter 5.0 Build 470252 (as used that version previously with success but with vCenter 5.0): Surpassed the initial error but when pointed to my vCenter 5.1; the Converter would stop responding and get crashed.

I then finally resolved the issue by using Converter 5.0.1 Build 875114. Worked like a charm!

I still haven’t figured it out what could be the issue!  But for now the Converter 5.0.1 is working great with vCetner 5.1 Update 1. But I did figured out the following steps bears no fruit;

  • VSS Shadow Copy service on source machine does not need to be on.
  • Third Party antivirus or backup services on source machine need not to be stopped.
  • Simple file sharing on source machine need not to be disabled.

 

LDAPS Identity Source for VMware vCenter Single Sign On 5.1

May 21, 2013

ldap-logo

Once you are done with installation of VMware vCenter 5.1; you will notice that vSphere 5.1 client wont let you login into your vCenter Server. Either you will need to configure a local admin ID on your vCenter Server or if you have an active directory (AD) running in your environment; you will need to link that to your vCenter Server i.e. by configuring an identity source.

During installation of vCenter Single Sign On 5.1; it tries to add the identity source but in my case resulted in error (Error 29155.Identity source discovery error). I then found out its the case with other users as well and also was pointed out in VMware in their KB articles. The workaround for the issue given was to add the identity source manually. Doing so I got the following errors.

[LDAP: error code 8 – 00002028: LdapErr: DSID-0C0901FC, comment: The server requires binds to turn on integrity checking if SSL\TLS are not already active on the connection, data 0, v1db1]

and

simple bind failed:yourdomain:636

These errors are due to the fact that your AD is configured to communicate over LDAPS SSL connection. Hence to register your identity source; you will need the X.509 certificate of your AD domain controller (DC). For that export the certificate of your AD but make sure its the Base-64 X509 Certificate.

Cert 03

Once imported; again add the identity source as demonstrated below.

LDAPS

Once you chose the certificate from Choose Certificate tab; make sure you get the following confirmation. If not there must be something wrong with your certificate.

certsucc

You can click on Test Connection to verify your AD connectivity.

connecsucc

If you are still facing problems in adding the identity source; make sure of he following things:

  • Your vCenter, vSphere, vSphere Web Client, vCenter SSO etc must all be installed in the same default directories.
  • Do add the port 3269 with your FQDN.
  • There must a proper forward and reverse pointer entry on your DNS for your vCenter Server.
  • Enter the complete user name for authentication e.g. user@domain.com
  • If your domain controller is behind a firewall; make sure you have configured a policy to allow vCenter traffic.

SQL Database Creation for vCenter 5.1 and vCenter Single Sign On 5.1

May 17, 2013

vmw_logo_1

I am not a database guy and always have avoided anything related to it. When installing VMware vCenter 5.1 or earlier; you are prompted to create a DB instance. You can carry on by creating a default instance of SQL Express (zero effort required; YES I have always done that). But doing so is not recommended in a production environment as the DB gets populated and there are limited options to purge/protect your logs. Hence installation of separate SQL server is recommended. For a dumb person like me VMware is kind enough to include scripts for the DB creation and permission rights are available in the setup package but I found that customization was required. Hence for all the linked-minded fellows out there; this post might be of some help.

There are basically two DB’s needed to be created. One for the vCenter and other for the vCenter Single Sign On (SSO). VMware has made a major change in vCenter 5.1 for with its mandatory to install the SSO module.

I used Microsoft SQL Server 2008 (Enterprise Edition) to carry on my installation. For the basic requirement; select the following features:

  • Database Engine Services.
  • Client Tools Connectivity.
  • Integration Services.
  • Management Tools Basic/Complete

Once installed. Open the SQL Database Enterprise Manager and create a New Query. Execute the following three scripts one by one. (WordPress wont let me upload .sql or .txt files hence bear with .doc extension 🙂 )

  1. VCENTER_DB_CREATION_SCRIPT
  2. SSO_RSA_DB_CREATION_SCRIPT_1
  3. SSO_RSA_DB_CREATION_SCRIPT_2

Once done with this; make sure to create the ODBC SYSTEM DSN for the vCetner DB (VCDB). Following are the steps to create the SYSTEM DSN.

  1. Go to ODBC DATA SOURCE ADMINISTRATOR from the Control Panel. Click the SYSTEM DSN tab from the top. Click ADD.DSN 01
  2. Double click SQL NATIVE CLIENTDSN 02
  3. Enter the NAME for the data source and the IP of the DB Server. Click NEXTDSN 03
  4. Select the SQL SERVER AUTHENTICATION OPTION and give the user (default: vpxuser) credentials (you provided in VCENTER_DB_CREATION_SCRIPT). Click NEXTDSN 04
  5. Make sure that VCDB database is selected in the CHANGE THE DEFAULT DATABASE TO tab. Click NEXTDSN 05
  6. Leave the default settings and click FINISHDSN 06
  7. You can verify your DB connectivity by clicking TEST DATA SOURCEdsn-07

DSN 08

After doing this; you can now proceed with your vCenter installation. Start the installation by clicking the vCenter Server Simple Install from the vCenter Setup Wizard.

During the SSO installation you will be asked to provide the DB details as illustrated below.  Provide the credentials you created in script SSO_RSA_DB_CREATION_SCRIPT_2.

Single Sign On 01

When the SSO and vCenter inventory setups get completed; the installation for the vCenter Server will begin. During the setup you will be again asked to provide the DB details. Select the radio tab for USE AN EXISTING SUPPORTED DATABASE and select the already created SYSTEM DSN (VCDB).  Make sure to enter the credentials you entered while you creating the SYSTEM DSN.

VCENTER 01

VCENTER 02

Thats all you need to configure the DB’s for your vCenter installation. I am personally done with my installation but now am stuck on a couple of up-gradation issues from 5.0 to 5.1. Hence in my next blog I will be writing on those issues.

Installation of VMware ESXi 5.0

July 6, 2012

When I started working on VMware; that was like almost 6 months ago; I did not even had the slightest clue about virtualization nor did I had an opportunity to do any official VMware courses or take any trainings. But I owe it all to the Internet! And every time I think of that; I feel like paying back. So that why I will be sharing some basic major steps here to get one all acquainted with VMware and Virtualization products.

So the first one in the series is to set-up your own virtual host. And heres how you would be able to do that.  

1. VMware Hypervisor ESXi 5.0 can be installed on a machine that supports Virtual Technology (VT). Before installation make sure VT is enabled in the BIOS settings. Insert what ever media you are using that has the ESXi-5.0.0-469512-standard Installer image. The following screen will appear.
Image2. Select the installer to begin installation.

Image3. Press F11 to accept the user terms.

Image4. Select the proper disk to install the hypervisor. Before installation you need to make sure that a designated volume is left aside for ESXi installation. Typical size of ESXi complete installation takes upto 975 MB. Recommended size for the ESXi partition is 5 GB. Press Enter to continue.

Image5. Select the keyboard layout language.

Image6. Press F11 to confirm the installation.

Image7. Enter a password for the root login (optional). Pressing Enter will start the installation process.
ImageImage8. After successful installation, the user will be prompted for a reboot.

ImageImage

9. After rebooting the user will be prompted with a greeting page.
Image10. In-order to change the default IP setting for the ESXi; press F2 to enter system customization menu and select Configure Management Network. Enter the values for IP address, Subnet, Gateway and DNS. Make sure to save the setting before exiting.

Image11.Your ESXi host is now ready for use. To login into the host you will need to install VMware vSphere on any network PC as ESXi itself don’t not provide any interface to managing the host.

And in my next post I will be telling you about VMware vSphere 5.0. Stay tuned then! For time being CiaOo!!!

Changing Windows Wallpaper from Command Line

July 3, 2012

With the Windows Domain in action and Group Policies in effect; sometimes fulfilling user demands can turn out hectic. Like for instance a high-end-user demanding a policy-configured wallpaper to be changed; and thats what I dealt with recently!

So changing a wallpaper from the command line can be useful for an admin at times. And this is how it can be done; by typing the following command in CMD which will alter the registry; as group policies wont affect the local registry settings of a Windows Machine.

reg add “HKEY_CURRENT_USER\Control Panel\Desktop” /v Wallpaper /t REG_SZ /d  wallpaper_path /f

Just define the wallpaper path there and you are done after executing the following command;

%SystemRoot%\System32\RUNDLL32.EXE 

After that restart the machine which is important every time changes are made to machine’s registry settings and viola you are done!

Just make sure the wallpaper you defined is in BMP format and is the same in height and width as your current desktop settings.

Windows Domain Controller and their Roles

December 10, 2011

I really favour Linux/Unix working environmental but sadly commercialism has engulfed our societies as the likes of Windows platforms while the former one doesn’t matter how much is rated high still lives in the shadows. And now I have to grasp the Windows lingo all along to fit in an organization. So lets learn something about Windows Domain Controller and their roles.

Before going into any details first its important to understand the differences between the following terms.

  • Active Directory: is a directory service that serves as a central location for network administration and security which is responsible for authenticating and authorizing all users and computers within a network of windows domain.
  • Forest: is the top-level container of Active Directory (AD) infrastructure. Can contain one or more domains. These domains are interconnected trough a transitive trust. A forest shares a single schema database.
  • Domain: is one level below AD forest. Can consist of one or more Organizational Units (OU). A domain shares a single administrator group and same set of objects.
  • Domain Controller: A domain can consists one or more domain controllers (DC). A DC holds a directory DB of its perspective domain. The directory DB consists of user, objects, computer objects or more.
  • Organizational Unit: is a container within a domain and is used to organize set of users and computers. It is helpful in implementing set of policies to a group, user or computer within a domain.
  • Windows DC: A server running the version of Windows Server OS and has AD installed on it and is responsible for allowing host access to Windows Domain resources.

Now coming to the roles; there are specialized DC roles that perform specific roles in Active Directory Domain Services (AD DS) environment. The specialized roles are:

  • Global Catalog Servers: A DC designated as a global catalog server stores the objects from all domains in a forest. This is usually the first DC in a forest. Later on other DC can be specified as global catalog servers.
  • Operations Master: This is a DC that is designated to perform specific tasks to ensure consistency and to eliminate the potential for conflicting entries in the AD DB.

AD DS defines five operation master roles called:

  1. Schema Master: Responsible for propagating changes to all DCs within a forest. Changes regarding schemas required throughout forest should be made on DC serving as schema master. There can be only one schema master in a forest at any time.
  2. Domain Naming Master: It is required to keep track of all the domains within an AD forest. The DC with domain naming master is accessed whenever domains are address/removed from a tree or forest. There can be only one domain naming master per forest. It ensures that no two domains have the same name existing in the same tree.
  3. Relative Identifier (RID): Allocates blocks of RIDs to each DC in a domain. When a DC creates a new security principal (user, group etc.) it assigns the object a unique security identifier SID. The SID contains a domain SID which us same for all the security principals created in the domain and a RID which uniquely identifies each security principal created in the domain.
  4. Primary Domain Controller (PDC) Emulator: PDC receives prefential replication of password changes that are performed by other DCs in the domain and is the source for latest password information. It’s also the default time source.
  5. Infrastructure Master: is responsible for updating object references in the domain that point to object in another domain. It updates object references locally and uses replication to being all other replicas of domain up to date. Object reference contains GUID global unique identifier, distinguished name and possible a SID. The distinguished name and SID on object reference are periodically updated to reflect changes made to actual object.

– Schema Master and Domain Naming Master performs operations that must occur on only one DC in the forest.

– PDC, RID, Infrastructure Master perform operations that must occur on only one DC in a domain.

HEC Dissolution to Provincial Level.

April 5, 2011

The Higher Education Commission of Pakistan (HEC) in now dissolved to provincial level. Former chairman of  HEC and the pioneer of lucrative educational policies Dr. Atta Ur Rehman is terming this as a “National Disaster.” In an interview on a private news television channel he mentioned some the most obvious reasons for this dissolution which are:

1. To avoid degree scrutiny by our political leaders as member of the parliament needs to hold a graduate degree. The verification of these degrees was given to the HEC and as a result created a rift between the commission and the political circles.

2. To get illegal access to huge lands owned by different universities around Pakistan.

3. To further practice corruption within the education sector and to nurture respective political ideologies. As after this, it will be the provincial regulatory committees responsible for the provision of scholarships, grants and to oversee state and private universities. As a result, it would be soon that one would be able to find two-room universities in different corners of the country nurturing different political ideologies.

Now as a graduate myself in Pakistan and hoping to pursue my doctorate studies here; What do students like me fear? To start with, HEC now working as cells around Pakistan would lose its centralized transparent structure as we already have seen how incompetent our provincial structure is. Thanks to the 18th amendment of Pakistan constitution; which is dubbed to be the best thing happened to Pakistan since the 1973 constitution but only if we had a reliable strong political structure. Given the present scenario everyone is aware how dire this step is and what consequences we would be visible in few years time.

I also fear the the different grants and scholarships available to the Pakistani students from different governments and organizations around the would would be stopped. Its has been only few hours since the news of HEC dissolution is announced and already we had a statement from the present HEC chairman Dr. Javaid Laghari that the USAID and World Bank has stopped their aid which sums up to about $550 billion that was to be used by HEC for the coming 5 years to carry out different projects. Apart from these future promises, the present structure of the commission in question is also uncertain of its future like the HEC Digital Library and HEC e-learning.

Now the interesting thing would be to see how the nation responds to this. Dr. Atta-Ur-Rehman and Dr. Javed Leghari are already appearing on different news channels to sum up these mentioned facts to the nation. What matters now is would there be someone to carry out any action on this unfolding situation. I hope and I pray that there would be some patriotic Pakistanis among us that would stand up to this matter and do justice with it.


%d bloggers like this: