VMware, ESX | CLI Cheatsheet

Quick guide / cheatsheet with various ESXCLI commands specifically for ESX 7.0+

Enter maintenance mode:

esxcli system maintenanceMode set --enable true

Exit maintenance mode:

esxcli system maintenanceMode set --enable false

Restart management agents “ESXi host daemon” and “vCenter Agent” services:

/etc/init.d/hostd restart
/etc/init.d/vpxa restart

Restart management agents “All”:

services.sh restart

Reboot Host:

esxcli system shutdown reboot --reason Upgrades

Reference: 

Restarting the Management agents in ESXi (1003490) (vmware.com)

APC UPS | Management Card

Rebooting APC/UPS management card

  • Method 1: Using Web interface under “Administration->General->Reset/Reboot->Reboot Management”
  • Method 2: Using Putty (SSH) Session using “reboot” command.
  • Method 3: Physically pressing the “reset” button on the management card

Raspberry Pi Zero 2 W | Headless Setup | WIFI Config

Quick steps (Cutdown version) to getting WiFi configured on Raspberry Pi Zero W (A little more involved than using Raspberry Pi 2/3/4 with physical ethernet cables)

    • Flash the MicroSD card with your flavour of OS.
    • Add file called “SSH” no extension
    • Add file called “wpa_supplicant.conf” and modify the info

ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1
country=GB

network={
ssid=”your_network_name”
psk=”your_wifi_password”
}

    • Insert MicroSD into Raspberry Pi Zero & Boot
    • The IP address can be found from DHCP table OR using an app to scan the network such as “Network Analyser

Continue reading

VMware “TPM 2.0 device detected” | Dell PowerEdge

When deploying new ESX (v7.0.2 Ud) on new Dell PowerEdge (R350) server the following message appears after the installation of ESX and adding to vCenter


It appears that you can’t deploy out the box with a TPM tweak in the BIOS to allow clearing this error.
I placed the iDRAC console into “BIOS boot mode” (to save faffing about pressing “F8,F2,F5” keys, whichever one it is) before rebooting.

System BIOS -> System Security | Enable “Intel(R) TXT”

System BIOS -> System Security -> TPM Advanced Settings | Enabled “SHA256”

After a reboot of the host, the error can be cleared back in vCenter

Note: The server is not currently using “Secure Boot”

VMware ESX 7.0.2 | 503 Service Unavailable

Issue with unresponsive ESX host (Running v7.0.2) in vCenter (Shows disconnected), all VMs are still running on the host and can access ESX UI directly (IP/DNS).

Trying to resolve I complete the following:

  • iDRAC to ESX direct console
    • Enable SSH (This provides a backup to access with CLI)

SSH to ESX console and restart management agents

/etc/init.d/hostd restart
/etc/init.d/vpxa restart

After restarting the management agents the ESX GUI becomes inaccessible with the following error: 

503 Service Unavailable (Failed to connect to endpoint: [N7Vmacore4Http16LocalServiceSpecE:0x000000eb77f04cd0] _serverNamespace = / action = Allow _port = 8309)

After some searching on the internet I find this vmware KB: 2144962 which looks promising however… there is no/ui local 8308 redirect allow” in the endpoint.conf file so this doesn’t apply. I also compare the contents of “endpoints.conf” files with another ESX host and they are identical.

cat /etc/vmware/rhttpproxy/endpoints.conf

Double check that all services are running on the ESX host:

/etc/init.d/hostd status
/etc/init.d/vpxa status
/etc/init.d/rhttpproxy status

Both hostd & vpxa status is “stopped” after starting this again and waiting the GUI finally displays (After a few minutes….)

/etc/init.d/hostd start
/etc/init.d/vpxa start

Investigating further with the use of “esxtop” it indicates that the CPU & memory is heavily over commited which is what possibly prevented the “restart” services command from working correctly. The host is currently used at a branch office with only 3 low resource required VMs running. I’ve also seen this same behavior on other high performance ESX hosts which I believe is either related to the build “VMware ESXi, 7.0.2, 17867351” or potentialy the “Dell EMC iDRAC service module v4.2.0.0

After finding a patching window to reboot the host and apply a later build “VMware ESXi, 7.0.2, 18538813” I have yet to experience the same issues.

Note: I’ve also had the same issue whereby I was unable to SSH or GUI into the ESX. In this scenario I ended up having to reboot the host from the iDRAC. Fortunately this was at smaller site locations and RDP to the VMs was still available so they could be cleanly powered down through Windows before a hard reset of ESX.

APC UPS | Unable to login to APC Management

Error when trying to connect to the APC UPS management GUI (This is probably only applicable on the older models and firmware versions, but lets face it there’s a shed load of these older units gathering dust at the bottom of the rack somewhere, they get missed unless they start bleeping!)

“Someone is currently logged into the APC Management Web Server. Please try again later”

Continue reading

Windows | Increase System Partition Size Remotely PS

After increasing a virtual machine VMDK size you need to also resize this partition in Windows.

This can be completed remotely using PowerShell. There are various methods to run this but I prefer to use “Server Management” and admin the machines from here. you can run “PowerShell” on a remote session to run the script below.

This process will increase the C:\ partition to use all space that has been allocated by VMware. (Replace -DriveLetter with the required drive)

There are various methods (this is just one of them) 


Update-HostStorageCache
$size = Get-PartitionSupportedSize -DriveLetter C
Write-Output $size
Resize-Partition -DriveLetter C -Size $size.SizeMax -Verbose
Write-Output "Drive Extension Complete!"

Exit-PSSession

Windows | 3 Methods to “Unauthorised” DHCP server

There’s a couple of ways to “unauthorised” a DHCP server in Active Directory. Sometimes AD can get in a twist and says “the DHCP can’t be authorised” as it’s already been authorised. This could be potentially related to replication time but the steps below will help you check.

Via the DHCP MMC GUI -> Right click -> “Manage Authorised Servers”

Via CLI

Show authorised list (basically what you see in the GUI)

Netsh DHCP show server

Remove entry: (Netsh DHCP delete server ServerFQDN ServerIP address)

Netsh DHCP delete server 2003-dc1.contoso.com 10.1.192.92

Via ASDIedit MMC

Adding DNS Alias | Replacing File Server

When replacing a file server with new server and new name you probably want to keep the old name and add a redirect. Originally, I thought this was a simple “change the DNS IP” and job done but there’s a little bit more to it than just that!

1) Locate OLDSERVER entry in DNS and delete it.

2) If the OLDSERVER server AD object still exists, you need to delete it. Failing to remove the old computer object will result in this error:

Unable to add NEWSERVER.
as an alternate name for the computer.
The error is: Cannot create a file when that file already exists.
The command failed to complete successfully.

3) Run this command to add the server alias:

netdom computername NEWSERVER /add:OLDSERVER

Note: if you have subdomains in use (sub.domain.com) then you need to specifically define this overwise the object will add “oldserver.domain.com” rather than “oldserver.sub.domain.com”

4) Register the machine in DNS

IPConfig /RegisterDNS

5) Run this command to check the aliases are shown on the machine

netdom computername NEWSERVER /enum

6) Final check to show what SPF entries have been created:

setspn -l NEWSERVER

Ref: https://support.microsoft.com/en-gb/help/3181029/smb-file-server-share-access-is-unsuccessful-through-dns-cname-alias

Netdom: https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc835082(v=ws.10)

Original Post: https://blogs.technet.microsoft.com/askpfeplat/2017/06/19/using-computer-name-aliases-in-place-of-dns-cname-records/

Windows | DHCP PowerShell Options (Cheatsheet)

Managing DHCP on DHCP server:

Add-WindowsFeature -Name DHCP –IncludeManagementTools

Managing DHCP on remote host:

Add-WindowsFeature RSAT-DHCP

Powershell DHCP Module:

Import-Module DhcpServer

Get all DHCP servers in AD

Get-DhcpServerInDC

Get DHCP scope configuration

Get-DhcpServerv4Scope –ComputerName <DHCPServerName>

Get DHCP reservations on scope:

Get-DhcpServerv4Reservation -ComputerName <DHCPServerName> -ScopeId <ScopeID>

Import/Export DHCP Scopes

netsh dhcp server export C:\temp\DHCP.txt all
netsh dhcp server import C:\temp\DHCP.txt all

Note: The temp folder needs to be created

Check DHCP Replication Failover Status

Get-DhcpServerv4Failover -ComputerName <DHCPServerName>

Reference:
https://technet.microsoft.com/en-us/library/jj590708(v=wps.630).aspx

Windows | Remote Management “Could not start Virtual Disk Service (VDS)”

To avoid this error when you remotely managing another servers virtual disks (From “Server Management” you need to follow some steps

Disk Management could not start Virtual Disk Service (VDS) on SERVER-NAME. This can happen if the remote computer does not support VDS, or if a connection cannot be established because it was blocked by Windows Firewall.

For additional information about diagnosing and correcting this problem, see Troubleshooting Disk Management in Disk Management Help.

Step1: 

Check Virtual Disk Service is started on BOTH the local and remote system

Powershell:

Start-Service -Name "vds"

CMD:

net start vds

Step2: 

Add firewall exceptions on BOTH the local and remote system. VOILA! WORKING WITHOUT ANY ERRORS 🙂

netsh advfirewall firewall set rule group="Remote Volume Management" new enable=yes

Step3: 

Use “Server Manager” to connect remotely and access the disk management properties on the remote machine.

no images were found

Windows | System “Recovery Partition” After Upgrade

After a Windows 10 or Windows Server (2016/2019) upgrade a new system “recovery partition” gets created at the tailend of the C:\ this isn’t usually a problem for physical machines but for VM it can cause some issues if you wish to “extend” the VDMK/Partition size.

You can quickly remove the partition using “diskpart” and continue your extend. From what I’ve seen this shouldn’t cause any major issues. To be honest we rarely use any of the Windows features for restores as snapshot and backup usually fix them.

diskpart
list disk 
select disk X
list partition 
select partition X
delete partition override

Before:

After:

VMware vMotion Connectivity

I always forget the syntax for checking vMotion connectivity between hosts…

Simply put we need to ping specifically from the vMotion network to confirm any vMotion issues.

Display network interfaces (will give you the name)

esxcli network ip interface list |grep -E 'vmk|Netstack'

Check connectivity from vMotion network

ping -I vmk2 -S vmotion IPADDRESSHERE

Windows Dedup | Cheat Sheet

Get dedup status:

Get-DedupStatus

Get dedup status formatted & additional info:

Get-DedupStatus | fl

Get dedup status for specified volumes:

Get-DedupStatus -Volume "D:","F:"

Show Dedup Metadata (How deduplication is being used) on the server:

Get-Dedupmetadata

Show Dedup Metadata for specified volumes:

Get-Dedupmetadata D:

Enable Dedup Job:

Start-DedupJob D: -Type Optimization -Full

Disable Dedup Job:

Start-DedupJob -Type Unoptimization -Volume <Desired-Volume>

Ref: https://docs.microsoft.com/en-us/windows-server/storage/data-deduplication/whats-new