Thursday 23 July 2015

How to install NeoRouter Server on RHEL 7

Firstly download the server RPM package:

wget http://download.neorouter.com/Downloads/NRFree/Update_2.3.1.4360/Linux/CentOS/nrserver-2.3.1.4360-free-centos-x86_64.rpm

We will then install the package:

sudo rpm -i nrserver-*

We will need to configure the firewall (which replaces iptables in RHEL 7) as follows:

yum install firewalld

service firewalld start

systemctl enable firewalld

firewall-cmd --zone=public --add-port=32976/tcp --permanent

finally restart the iptables service with:

firewall-cmd --reload

We can check the NeoRouter configuration with the following command:

nrserver -showsettings

I do not want IPv6 enabled, so we can create a config file for NeoRouter:

cd /usr/local/ZebraNetworkSystems/NeoRouter/
vi Feature.ini

Copy and paste the Feature.ini config from:

http://www.neorouter.com/wiki/index.php/NeoRouterWiki:ConfigurationFiles

and ensure you change the 'HostIPType=0' to 'HostIPType=1'

Then restart the service with:

service nrserver restart

Setup virtual network info (required):

nrserver -setdomain myPrivateNetwork myDomainPassword

and setup user / passwords:

nrserver -adduser admin password myComl3xP@44W0rd!

Now we can connect to our NeoRouter server e.g.

<public-ip-address>:32976

How to disable IPv6 on Redhat / RHEL 7

Simply add the following lines to the sysctl.conf file e.g.:
vi /etc/sysctl.conf
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.eth0.disable_ipv6 = 1
(where eth0 is your NIC)

and finally to make the changes permanent run:
sysctl -p

Tuesday 14 July 2015

How to completly remove a product key from Windows Server 2003

In order to wipe a product key from Windows Server 2003 we must perform the following steps:

1. Load up the registry editor and modify the following keys (inserting random data / deleting data in the "DigitalProductID" (or simply delete the value altogether!) -

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\DigitalProductId
HKLM\SOFTWARE\Microsoft\Internet Explorer\Registration\DigitalProductId

this will obscurate your product key (confirm by checking with something like ProduKey) - although it will appear on next reboot if you do not follow the next steps.

2. We should now delete a file called wpa.dlb (and wpa.bak if it is present) located in:

3. Finally we should delete another registry key - although because WPA protects this key we must use the "Offline Windows Password & Registry Editor" - available from https://pogostick.net/~pnh/ntpasswd/

Boot up the CD image and select the correct partition and ensure you get into the registry editor. Once in from memory you do something like:

hive
hive 0
cd WPA
rdel Key-XXXXXXXXXXXXXXXXXXXXXXX
q

save your changes and restart into the OS again - upon logging in you should now be presented with a dialog stating that you can't login without activating windows.

We are looking for the following key(s):

HKLM\SYSTEM\WPA\Key-XXXXXXXXXXXXXXXXXXXXXXX

Monday 13 July 2015

Check the RAID rebuild status with hpacucli from ESXI on HP Servers

* Note: HP does provide a customized version of ESXI - which already contains the relevent libraries required to perform the check - if you already have them installed please refer to the 'hpacucli' command at the bottom of this post.

Firstly download the HP ESXi Utilities Offline Bundle for VMware vSphere 6.0 from:

http://h20564.www2.hp.com/hpsc/swd/public/detail?swItemId=MTX_0838c22ed1c345968031a22ba0

Turn off all VM's on the server and put the server into maintainence mode.

* Ensure SSH is enabled (and running) on the ESXI host *

Upload the ESXI Utilities bundle via SFTP and SSH into ESXI and run the following command:

esxcli software vib install -d /path/to/buindle/esxi-offline-bundle.zip

Now you should reboot the ESXI host.

Again SSH into the ESXI host and we can now check the controller status with:

esxcli hpssacli cmd -q "controller all show status"

and the disk statuses with:

esxcli hpssacli cmd -q "ctrl slot=0 pd all show status"

and to verify the RAID rebuild status we use:

esxcli hpssacli cmd -q "ctrl slot=0 ld 2 show"

From the output we can should look for the "Status: Transforming, XX.XX%" to identify how the progress of the RAID rebuild is doing.

vSphere: Invalid network in property vami.netmask0 Error

This error typically occurs if you have changed the port group assignment for a vApp via the VSphere client or web management interface. Doing so is not recomended and should typically be performed within the vApp's management interface.

Anyhow for those of you (including myself) who thought it would be a good idea to do otherwise please refer to the below:

Go to your Datacenter >> IP Pools >> Select the appropriate IP pool and ensure that the correct network is assosiated with it by going to Properties >> Assosiations >> Select the relevent network(s).

We also need to ensure the vApp itself is using the correct network - so from the vSphere traditional client we right-hand click on the vApp >> Edit Settings >> Options tab >> select 'Advanced' under the vApp Options node and hit the 'Properties' button in the Properties section.

From here ensure all entries in the "Networking Properties" are pointing to the appropriate port group and then attempt to start the VM again.

vCenter Error: failed to open /var/log/vmware/journalxx.log

This error can occur when the file system has run out of available space - to verify this please refer to the below:

Enable SSH: Host and Clusters >> Host >> Configuration >> Security Profile >> Services >> Properties >> Start SSH.

Login via putty and check the filesystem usage with df:

df -h

If all partitions look OK in terms of disk usage proceed by checking the ramdisk uage with:

vdf -h

I found that the "root" ramdisk had utilized 99% of it's free space and hence was causing errors when attempting to perform operations such as creating or migrating VM's to the ESXI host.

We can identify which files / folders are consuming all of the space with:

du -sh /*

Because my problem consisted with the root ramdisk I ran:

du -sh /var/log/*

And identified it was the hpHelper.log file:

/var/log/hpHelper.log

The log file was reporting the following error

Simply blanking the file e.g.

/dev/null > /var/log/hpHelper.log

Thursday 9 July 2015

Setting up vSphere Replication with vSphere 6.0

You should firstly think about your overall vision of what you wish to achieve and ensure that your current licensing is compatible with what you wish to achieve. For example if you wish to perform multi-site replication - both containing an instance of vCenter with the commonly used vSphere Essentials Plus kit you should be aware that you are unable to add additional vCenter licenses to your Essentails Plus Kit (at time of writing) and you would require to either upgrade to the "VMware vSphere with Operations Management Standard Acceleration Kit" or purchase an additional vSphere Essentials kit and have separate SSO domains. If in doubt contact a VMware specialist as it can be a bit of a mine field.

In this scenerio I will be setting up single site replication i.e. perform replication between different ESXI hosts / datastores in a single *logical* site. VMware replication has several options availabe at present:

- Local site replication: Replication between ESXI hosts / datastores within a single site. In this instance you only require a single instance of vCenter and a single instance of a VR Instance.

- Multisite replication: Replication between two differnt sites - reffered to as the "primary" and "secondary" site. In this scenerio you require an instance of vCenter on both sites, as well as a VR Appliance on each site to perform the replication.

- Cloud Replication: This option performs replication between an on-premis host and VMware's vCloud.

*** Before proceeding: You must have SSO configured on your vCenter in order to use vSphere Replication ***

Once the vCenter has been setup you will need to download the VR Appliance (VMware-vSphere_Replication-6.0.0.1-2718739.zip) and install the VMware Client integration plugin for the web client:

http://vsphereclient.vmware.com/vsphereclient/VMware-ClientIntegrationPlugin-6.0.0.exe

* I couldn't get this to work with Firefox and ended up having to use IE *

Unzip VMware-vSphere_Replication-6.0.0.1-2718739.zip

Proceed by logging into the vCenter and right-hand clicking on a datacenter and selecting "Deploy OVF Template" and selecting "vSphere_Replication_OVF10.ovf" from the extracted archive. Assign the relevent IP, hostname, misc settings and finally power on the VAppliance.

Once the vAppliance has booted you should see a login screen on the console telling you to go to the management web page e.g.:

"To manage this VM browse to: https://x.x.x.x/:5480"

Head to this page, logging in with the credentials you supplied during the OVF deployment.

Proceed by going to the "Configuration" caption and entering in the SSO details and also ensure that the vCenter and the VR appliance can resolve each oithers FQDN! Finally click on the "Save and restart service" button.

Now logout and login again to the vSphere Web Client and you should now see a new option under the Navigator entitled "vSphere Replication" where you can check the status of the replication service.

To setup replication simply right-hand click on a VM and select "All vSphere Replication Actions" >> "Configure Replication" and follow on the on-screen wizard.

Setting up inter-vlan routing for the Cisco SG200/300 switches

Firstly login into the web-based configuration console and go to:

Security >> TCP/UDP Services >> Ensure "Telnet" (or "SSH" if you prefer) is ticked, apply and save the configuration.

You should now be able to telnet to your switch (using the same IP address as the web based console and username / password when prompted.

The next step is to turn on "router" (layer 3) mode by going into exec mode on your switch and entering the following:

* warning: the following command will erase your startup configuration! - Be sure to take a backup! *

* warning: also remember to unplug any ports that have DHCP reception - as the router's management interface will pickup this upon reboot! *

set system mode router

Upon the switch rebooting we shall have to login to the web portal again - bearing in mind that the management IP address will be reset to 192.168.1.254 again.

We should proceed by then enabling "Telnet" again (as above) and connecting via telnet.

We should proceed by creating our VLANS e.g.:

vlan 100
name Marketing
exit

vlan 101
name Sales
exit

We then want to define which ports will be assosiated with our VLANS:

int vlan 100
ip address 192.168.1.1 255.255.255.0

int vlan 101
ip address 192.168.2.1 255.255.255.0

Wednesday 1 July 2015

Checking the integrity of Windows 7 / 8 system files with the sfc command

Firstly we should get a command prompt loaded up during boot of the OS - this can be done is one of two ways:

- Boot into Windows Recovery mode (by holding down the shift button while pressing the restart button) and clicking on the "Troubleshoot" splash button and then "Advanced Options" and finally the "Command Prompt" button.

- Boot a Windows 7 / 8 OS installation disk (or recovery disk) - once the Windows Installation splash screen appears (i.e. the language selection section) hold down shift and press F10 to bring up command prompt.

We should then run diskpart in interactive mode as follows:

diskpart
list volume

And make a note of your boot drive and OS installation drive letter. We should now exit diskpart and run the sfc command as follows:

sfc /scannow /offbootdir=C:\ /offwindir=D:\WINDOWS

If everything goes well sfc should return something like the following:

"Windows Resource Protection did not find any integrity violation"

Finally we can restart the computer with:

shutdown /r now

** If can also run the following command to ensure repair any corrupted data in the Windows Component store e.g.

Dism /Online /Cleanup-Image