Set password of an sso user to never expire

Posted on May 4, 2018

In vCenter, users created on the vSphere SSO domain (vphere.local by default) all share the same password policy defined in Single Sign-On > Configuration > Policies > Password Policy with a default password expiration after 90 days. For “interactive” users it’s probably a good thing to keep them on their... [Read More]

How to silence VSAN health checks

Posted on April 25, 2018

The VSAN health checks are great in vCenter to quickly notice when something wrong is going on. However there may be some of the health checks that you don’t want to come up as warning. As an example, lots of vCenter implementations don’t have access to internet by design and... [Read More]

Certificate replacement in vCenter HA configuration

Posted on April 11, 2018

Recently I had to change the default certificates of a newly installed vCenter. Nothing unusal with that, if not for the fact that I didn’t think about vCenter HA that I configured before getting the certs. If only I had read that little piece of advice from VMware… ... [Read More]

Passive node down in vCenter HA 6.5

Posted on April 2, 2018

This issue is fixed in vCenter 6.5 update 1. I recently logged on a VCSA 6.5 that had been installed a while back with vCenter High Availability (VCHA) and noticed that the passive node was down. After a few checks, the VM is running, I can... [Read More]

vCenter 6.5 hybrid certificates with Microsoft Standalone CA

Posted on March 12, 2018

The hybrid mode is currently VMware’s recommended deployment model for certificates as it procures a good level of security while not being too cumbersome to implement. In this model only the Machine SSL certificate is signed by the CA and replaced on the vCenter server. The solution user and ESXi... [Read More]

Install the latest PowerCLI on offline systems

Posted on March 3, 2018

If you keep your PowerCLI up to date you may have noticed that since version 6.5.1 you can’t download the installer on the VMware website anymore. This being because VMware moved the distribution of PowerCLI to Powershell Gallery using the cmdlets Install-Module, <code class="language-plaintext... [Read More]

All your VMs in RDCManager in 20 seconds

Posted on February 18, 2018

[ EDIT 2021/08/18 ] RDCMan suffered security flaws up until version 2.7 and Microsoft recommended against using it. RDC Manager 2.8 has been released in July 2021 and is now safe to use. Note that it is now part of the Sysinternals suite. Do not use... [Read More]

Meltdown & Spectre - Check if your ESXi servers are patched

Posted on January 6, 2018

[Update 20/03/2018] VMware now recommends to apply the patch for Hypervisor-Assisted Guest Mitigation. According to them the performance impact is less than 2%. I haven’t patched yet and I will wait for the feedback of early adopters. The start of the year has been so ridiculous with patches... [Read More]

Metro cluster partial DCI failure

Posted on December 8, 2017

In this article I would like to cover a failure scenario that I recently dealt with and that I suspect is maybe not that common for several reasons. The environment is made of 2 sites in a metro cluster sharing a virtualised storage over a multiplexed fiber. Half of the... [Read More]

Easily run PowerCLI commands as jobs

Posted on August 8, 2017

Overview Start-PowerCLIJobs.ps1 Running commands as jobs is pretty mainstream in Powershell. A simple “Start-Job” or “Invoke-Command -AsJob” will do the trick. However, when PowerCLI is involved it is not as straightforward. If you try to run a command that requires to be connected to a vCenter you will... [Read More]