NSX-Manager Permissions and Groups

Using vSphere-Client 6.7 to synchronize NSX-Manager with Active Directory

Once you’ve deployed NSX-Manager to a vSphere 6.7 cluster, you may have noticed an error  on the dashboard.

“No NSX Managers available. Verify current user has role assigned on NSX Manager.”

Assuming you have configured vCenter connections correctly, there’s a simple explanation for the error (KB2080740).

Usually initial setup of NSX-Manager is done by the default SSO User administrator@vsphere.local. If you log into vCenter using that user, there will be no error on the dashboard. The point is that NSX-Manager has its own permissions and roles which are not coupled to vCenter permissions. That means a user with administrator rights in vCenter does not automatically get administrator rights in NSX-Manager. Without any permissions that user can’t even see NSX-Manager. Continue reading “NSX-Manager Permissions and Groups”

Joining VCSA to Active Directory

Joining Active Directory with vCenter Server Appliance (VCSA) has been simplified with every generation of VCSA.

I will show the workflow how to connect a VCSA 6.7 to an Active Directory source. The process differs a little, depending whether you’re using the HTML5-Client or the Web-Client (Flash).

Requirements

  • VCSA hostname has to be FQDN and may not be an IP address.
  • You need to login with a member of systemconfiguration admins, which administrator@vsphere.local is by default.

Workflow

The workflow is divided into three steps

  • Join VCSA to ADS
  • Reboot
  • Add ADS as identity source

Continue reading “Joining VCSA to Active Directory”

Veeam: Ticket givaways to VMworld Barcelona and AWS re:Invent 2018

Win a ticket to one or two conferences in November

In November there are two major conferences you can’t afford to miss.

  • VMworld EU 2018 in Barcelona (5.-8. Nov 2018)
  • AWS re:Invent in Las Vegas (26.-30. Nov 2018)

These conferences are quite expensive (re:Invent 1799$ and VMworld 1475€).

Wouldn’t it be great to go there for free? It’s possible if you’re lucky and win one of the tickets Veeam gives away.

Join Veeam in Barcelona

Win one of 5 full-conference tickets to VMworld Barcelona 2018.

Just register for the chance to win a free conference pass worth 1475 €.

Three trips to AWS re:Invent 2018

Veeam also gives away three full-conference tickets and three gift cards for hotel accommodations to AWS re:Invent in Las Vegas. Register on the Veeam page and get the chance to win.

VeeamON Virtual Event – save the date

Virtual Online-Conference on Dec. 5th 2018

2018 VeeamON took place in Chicago. Not everybody had the time or funding to go there. But there’s good news. Like in the years before there’ll be a virtual conference that makes it easy to attend. Join VeeamON Virtual 2018 from your desk, couch or garden hammock.

It’s been a pleasure being media partner for the event last year. And so I will join this year’s event too. Stay tuned!

Registration

Grab your virtual seat and save the date on December 5th 2018. Registration is free but priceless.

Exagrid Backup Appliance

Using Exagrid Deduplication Appliances as Veeam Repository

The importance of backup and recovery solutions today is beyond any discussion. Going back 10 years this was a rather neglected topic. But today no-one can afford data loss or services being unavailable. So the importance of backup solutions leveled up with that of production systems. Time windows for RPO and RTO have become smaller and smaller and the effort and cost to achieve that have become higher. If you’re planning a backup strategy, you need to find a good balance between speed, reliability and cost. Low cost NAS boxes are slow and not very reliable. Running an instant recovery from them can turn into a pain. Premium storages are fast and reliable, but also quite expensive. Backup data is in most cases very redundant, which means there’s a high capacity and cost saving potential in deduplication and compression. Continue reading “Exagrid Backup Appliance”

Monitoring HPE Switches with Log Insight

Using Log Insight as Syslog Server for HPE 5000 series Switches

In one of my last posts I’ve shown how to collect and monitor status logs of many different systems wit vRealize Log Insight. In this post I will show how to leverage Log Insight as syslog target for HPE switches.

Basically you can use Log Insight for any system that uses the syslog protocol, but there might be slight differences in the data structure of the transmitted datasets. For example some HPE FlexFabric 5000 series switches sent the year of the timestamp where Log Insight expected to find the hostname. Not very useful, because you want to know WHO sent that dataset.

The following commands on the switch shell will prepare the switch for logging to a remotehost and adjust the dataset to read properly by Log Insight. Finally you tell the switch which VLAN interface should be used to communicate with the loghost. In my simple example it’s VLAN interface 1. You’ll have to adjust values for loghost and interface according to your infrastructure.

system-view
info-center enable
info-center loghost s-vlog.mydomain.local port 514
info-center timestamp loghost no-year-date 
info-center loghost source Vlan-interface 1

 

Backup and Restore of ESXi host configurations with PowerCLI

I’m a big fan of PowerCLI one-liners. 🙂

Before performing updates, upgrades or any other maintenance on ESXi hosts, you should backup your ESXi host configuration. Setting up a new ESXi host as replacement is a no-brainer, but rebuilding a lost configuration can be a PITA and might take hours.

In the old times it was necesary to open a SSH shell connection or to use vSphereCLI to issue backup commands to ESXi hosts. Recently I realized that there is a very handy PowerShell commandlet to backup and restore the configuration. Continue reading “Backup and Restore of ESXi host configurations with PowerCLI”

VCSA and SCP

Using WinSCP with vCenter Server Appliance

Sometimes it’s necesary to exchange files with the vCenter Server Appliance (VCSA). Secure Copy Protocol is the tool of choice to do that job. Besides CLI commands there are handy programs like WinSCP.

While trying to establish a WinSCP connection to VCSA I’ve received communication errors. Whereas SSH connection worked without problems.

The problem is that WinSCP cannot use VCSA’s default shell as communication target. You have to switch default shell first before connecting. To do so, login to VCSA with SSH and activate Bash. Continue reading “VCSA and SCP”