vXav.fr

vSphere 7.0 and the memory greed

Posted on November 18, 2020

As I was fooling around with esxcli in my lab I decided to upgrade a 6.7u3 host to 7.0u1. Note that it is a simple vSphere host in workstation to which I allocated a mere 4GB of RAM because I only needed the minimum. I connected the ISO > upgraded... [Read More]

VMworld 2020 announcements

Discover the major announcements of VMworld 2020

Posted on October 1, 2020

This year’s VMworld is like no other before due to the current situation. Everything is accessible on the virtual platform provided you registered for the event. I wasn’t a big fan of the interface, I found it a bit confusing to navigate with all the timezones. However you get to... [Read More]

Enabling LDAPS on vCenter identity source

Posted on May 7, 2020

Most environments used to use the Integrated Windows Authentication (IWA) as an identity source for vCenter. However with Microsoft tightening the screw on LDAP signing and VMware deprecating IWA in versions 7 and above, many will have to bite the bullet and move to LDAPS. It’s not a big deal... [Read More]

Host randomly not responding but replies to ping

Posted on April 30, 2020

In the series of weird and annoying technical issues that I seem to be blessed with, today I bring you one that falls in the category I despise the most, random disconnects. TL,DR: Random ESXi disconnects after NIC replacement. The fix was to remove and recreate the management vmkernel (also... [Read More]

Change vmnic order on vSphere host

Posted on April 22, 2020

Changing the vmnic order is an unusual thing to do and you may rightfully wonder why one would want to do that. Heterogeneous enironments are fully supported but most vSphere administrators aim to have homogeneous hosts with the exact same config in their clusters to simplify operations and avoid human... [Read More]

How to sign a certificate with no template information on a Microsoft CA

Posted on February 18, 2020

If you have a basic Microsoft CA for lab or production purpose you cannot sign a certificate without a template. However the certificate manager utility included in vCenter or OpenSSL creates CSR file which is rejected by the Microsoft CA on the ground that it has no template extension. ... [Read More]

2020 LDAP channel binding and LDAP signing requirement for Windows

Posted on January 30, 2020

Find more details in my blog for Altaro. In summer 2019 Microsoft announced an update scheduled for January 2020 that would change the default behavior of domain controllers with regards to the security of LDAP communications. After this change, domain controllers will reject insecure LDAP communications regarding <a... [Read More]

VAMI certificate not updated after certificate change

Posted on January 15, 2020

Super quick post today about certificates.. It seems to be a unbreakable law of the universe that when doing certificate stuff, it is impossible that everything works the first time. After replacing the machine SSL certificate on a VCSA using the certificate-manager utility, you may notice when you log on... [Read More]

VCSA update with IIS repository - Fix "Download failed" error

Posted on October 23, 2019

Recently I needed to patch a vCenter Appliance (VCSA). It’s not something we do often but I have quite a few vCenters. I also have a UMDS server with IIS 7 on it for host patching so I thought why not use it as a repository for VCSA updates instead... [Read More]

vCenter unreachable - VCHA active node isolated

Posted on October 9, 2019

I recently had to deal with a situation were our vCenter server was unreachable. This vCenter runs vCenter HA (VCHA) and each node runs on a different ESXi host in a 3 hosts cluster thanks to an anti-affinity DRS rule. The management IP would not reply to ping. I... [Read More]