vSphere 7.0 and the memory greed

As I was fooling around with esxcli in my lab I decided to upgrade a 6.7u3 host to 7.0u1. Note that it is a simple vSphere host in workstation to which I allocated a mere 4GB of RAM because I only needed the minimum. I connected the ISO > upgraded... [Read More]

Enabling LDAPS on vCenter identity source

Most environments used to use the Integrated Windows Authentication (IWA) as an identity source for vCenter. However with Microsoft tightening the screw on LDAP signing and VMware deprecating IWA in versions 7 and above, many will have to bite the bullet and move to LDAPS. It’s not a big deal... [Read More]

Host randomly not responding but replies to ping

In the series of weird and annoying technical issues that I seem to be blessed with, today I bring you one that falls in the category I despise the most, random disconnects. TL,DR: Random ESXi disconnects after NIC replacement. The fix was to remove and recreate the management vmkernel (also... [Read More]

Change vmnic order on vSphere host

Changing the vmnic order is an unusual thing to do and you may rightfully wonder why one would want to do that. Heterogeneous enironments are fully supported but most vSphere administrators aim to have homogeneous hosts with the exact same config in their clusters to simplify operations and avoid human... [Read More]

2020 LDAP channel binding and LDAP signing requirement for Windows

Find more details in my blog for Altaro. In summer 2019 Microsoft announced an update scheduled for January 2020 that would change the default behavior of domain controllers with regards to the security of LDAP communications. After this change, domain controllers will reject insecure LDAP communications regarding <a... [Read More]

VAMI certificate not updated after certificate change

Super quick post today about certificates.. It seems to be a unbreakable law of the universe that when doing certificate stuff, it is impossible that everything works the first time. After replacing the machine SSL certificate on a VCSA using the certificate-manager utility, you may notice when you log on... [Read More]

vCenter unreachable - VCHA active node isolated

I recently had to deal with a situation were our vCenter server was unreachable. This vCenter runs vCenter HA (VCHA) and each node runs on a different ESXi host in a 3 hosts cluster thanks to an anti-affinity DRS rule. The management IP would not reply to ping. I... [Read More]