Change Active Adapters and Load Balancing using ESXi Shell

Anyone ever had a network administrator make your hosts lose connectivity and the only option you have is to use the ESXi shell through an HP ILO port? I have. Here are the changes that were helpful to me at the time.

freakout

esxcli network vswitch standard list — This lists all of the vswitches on the host.
listvswitch

esxcli network vswitch standard uplink add -u vmnic1 -v vSwitch0 — Add an uplink to the vswitch. Just switch “add” to “remove” to get rid of a vmnic from the vswitch.
adduplinktovswitch

esxcli network vswitch standard policy failover get -v vSwitch0 — Get the load balancing policy for the vSwitch.
getvswitchpolicy

esxcli network vswitch standard policy failover set -a vmnic1 -v vSwitch0 — Be careful because when changing the active vmnics on a vswitch it will only add ones that you specify and if there are active ones that you specify it will move them to unused.
Incorrect
setactivevmniconvswitchfail
Correctsetactivevmniconvswitch

esxcli network vswitch standard portgroup policy failover get -p “Management Network” — This shows the policy information for the portgroup “Management Network”
getportgrouppolicy

esxcli network vswitch standard portgroup policy failover set -a vmnic1 -p “Management Network” — Change the active adapter on the Management Network.
setactivevmniconportgroup

esxcli network vswitch standard policy failover set -l iphash -v vSwitch0 — Set the load balancing on the vSwitch0 to iphash. Please be aware that this might change the portgroups to iphash if they are set to get their settings from the vswitch.
setloadbalanceonvswitch

esxcli network vswitch standard portgroup policy failover set -l iphash -p “Management Network” — Sets the load balancing policy on the Management Network portgroup to iphash. This will cause the load balancing policy on the vswitch to no longer apply to the Management Network portgroup.
setloadbalanceonportgroup

PowerCLI shutdown/startup script for remote sites.

In my environment I have 11 Remote Locations that each have one ESXi host.  I had a problem with ILO firmware updates the other day where I had to reboot these remote hosts.  I really didn’t want to use the VIC to click on each of the VMs to shut them down, so using a lot of help from mpreston’s site I came up with a script that will shut down all of my VMs and then when ready, start the VMs again.  My script shuts down “Front End” VMs first, then DB VMs, and then finally DCs.  I have a modified version that allows me to do the same for my Datacenters that I will share later.  You might have to edit the script if your database and or DCs are named differently.

add-pssnapin VMware.VimAutomation.Core
connect-viserver servername #Insert your vcenter server

#Variables
$datacenter = “datacenter”  #Add all datacenters here with a comma and quotations between each example “datacenter1”, “datacenter2”
$filename = “c:\vmshutdown\poweredonvms.csv”  #You must create this file first…it won’t create it for you.

#Get a list of the hosts being rebooted and set them to maintenance mode.  This keeps the VMs from powering on again.
Get-VMHost -location $datacenter | set-vmhost -State Maintenance

#Get a list of powered on VMs
get-vm -location $datacenter | Where-Object {$_.PowerState -eq “PoweredOn”} | Select Name | Export-CSV $filename

#Get a list of VMs that are not Database servers or DCs.  
Write-Host “”
Write-Host “Retrieving a list of powered on VMs…” -ForegroundColor Green
Write-Host “”
$poweredonguests = Get-VM -Location $datacenter | Where-Object {$_.PowerState -eq “PoweredOn”} | where {$_.Name -notlike “*DB*”} | where {$_.Name -notlike “*DC*”}

#Power off servers that are not Database and DCs
foreach ($guest in $poweredonguests)
{
Write-Host “Processing $guest…” -ForegroundColor Green
Write-Host “Checking for VMware Tools Install” -ForegroundColor Green
$guestinfo = get-view -Id $guest.Id
if ($guestinfo.config.Tools.ToolsVersion -eq 0)
{
Write-Host “No VMware tools detected in $guest, these will be powered off” -ForegroundColor Yellow
Stop-VM $guest -Confirm:$false
}
else
{
Write-Host “VMware tools detected. I will attempt to gracefully shutdown $guest”
$vmshutdown = $guest | Shutdown-VMGuest -Confirm:$false
Sleep 5
}
}

#Waiting for these shutdowns to complete
Write-Host “”
Write-Host “Giving VMs 3 minutes for VMs that are not DB or DC to shutdown.”
Write-Host “”
Sleep 180

#Shut down DB Servers at remote sites
Write-Host “”
Write-Host “Shutting Down DB Servers”
Write-Host “”
#get our list of DB servers that are powered on…
$poweredondbs = Get-VM -Location $datacenter | Where-Object {$_.PowerState -eq “PoweredOn”} | where {$_.Name -like “*DB*”} | where {$_.Name -notlike “*DC*”}
foreach ($dbs in $poweredondbs)
{
Write-Host “Processing $dbs…” -ForegroundColor Green
Write-Host “Checking for VMware Tools Install” -ForegroundColor Green
$guestinfo = get-view -Id $dbs.Id
if ($guestinfo.config.Tools.ToolsVersion -eq 0)
{
Write-Host “No VMware tools detected in $dbs, these will be powered off” -ForegroundColor Yellow
Stop-VM $dbs -Confirm:$false
}
else
{
Write-Host “VMware tools detected. I will attempt to gracefully shutdown $dbs”
$vmshutdown = $dbs | Shutdown-VMGuest -Confirm:$false
Sleep 5
}
}

#Waiting for these shutdowns to complete
Write-Host “”
Write-Host “Giving VMs 3 minutes for Database VMs to shutdown.”
Write-Host “”
Sleep 180

#Shut down DCs
Write-Host “”
Write-Host “Shutting Down DCs”
Write-Host “”
#get our list of DB servers that are powered on…
$poweredondcs = Get-VM -Location $datacenter | Where-Object {$_.PowerState -eq “PoweredOn”} | where {$_.Name -like “*DC*”}
foreach ($dcs in $poweredondcs)
{
Write-Host “Processing $dcs…” -ForegroundColor Green
Write-Host “Checking for VMware Tools Install” -ForegroundColor Green
$guestinfo = get-view -Id $dcs.Id
if ($guestinfo.config.Tools.ToolsVersion -eq 0)
{
Write-Host “No VMware tools detected in $dcs, these will be powered off” -ForegroundColor Yellow
Stop-VM $dcs -Confirm:$false
}
else
{
Write-Host “VMware tools detected. I will attempt to gracefully shutdown $dcs”
$vmshutdown = $dcs | Shutdown-VMGuest -Confirm:$false
Sleep 5
}
}

#Waiting for these shutdowns to complete
Write-Host “”
Write-Host “Giving VMs 3 minutes for DCs to shutdown.”
Write-Host “”
Sleep 180

#Time to restart the hosts
get-vmhost -location $datacenter | restart-vmhost -runasync -confirm $false

Now that you have rebooted your hosts, it is time to start all the VMs again.  You are going to use the dame variable that we created above.

#Take hosts out of maintenance mode.  
get-vmhost -location $datacenter | set-vmhost -state connected

#Power On DCs
Write-Host “”
Write-Host “Powering On DCs”
Write-Host “”
#get our list of DCs servers that are powered off…
$poweredoffdcs = Get-VM -Location $datacenter | Where-Object {$_.PowerState -eq “PoweredOff”} | where {$_.Name -like “*DC*”}
foreach ($dcs in $poweredoffdcs)
{
Start-VM $dcs -Confirm:$false
Sleep 5
}

#Power On DB Servers
Write-Host “”
Write-Host “Powering On DBs”
Write-Host “”
#get our list of DB servers that are powered off…
$poweredoffdbs = Get-VM -Location $datacenter | Where-Object {$_.PowerState -eq “PoweredOff”} | where {$_.Name -like “*DB*”}
foreach ($dbs in $poweredoffdbs)
{
Start-VM $dbs -Confirm:$false
Sleep 5
}

#Power On the rest
Write-Host “”
Write-Host “Powering On Remaining VMs”
Write-Host “”
#get our list of VMs that are still powered off…
$poweredoffguest = Get-VM -Location $datacenter | Where-Object {$_.PowerState -eq “PoweredOff”}
foreach ($guest in $poweredoffguest)
{
Start-VM $guest -Confirm:$false
Sleep 5
}

 You remote locations should be back up!

False alerts after upgrading ILO firmware from 1.55 to 1.8

There are two separate alerts that I have experience from these upgrades.  Please note that after the update the ILO cards were rebooted, but our esxi hosts running vsphere 5.1 were not rebooted.

Error1:

Out of 31 hosts that had firmware updated, this error has appeared on 6 so far.  Some of them took a couple days before they presented with the alert.  The alarm triggered is: Host Memory Status.  Under the “Hardware Status” tab the alert shows for the System Board 8 Memory: Uncorrectable ECC.

memoryalarm

uncorrectable

 

Error2:

The second problem that I have encountered is the filling up of the IPMI SEL Log.  I am able to go in an clear the log which gets rid of the alert for a short time, but the log fills up again.  The alert shows as Host IPMI System Event Log Status.  Under the “Hardware Status” tab the “System Event Log” and “IPMI SEL” show as Unknown.  You can click on “Show Event Log” and then “Reset Event Log” and it will clear for a while…but the alert will return.  Notice the future date of 12/31/9998 which I am guessing might be when the world ends.

hostipmistatus

ipmisellog
thefuturelogs

How do I fix these problems?  After calling HP and VMware I was told that I needed to put each host into Maintenance Mode and then run a “Detailed Hardware Diagnostic”.  According to VMware this was the only way to clear the error (especially the memory one).  The solution that ended up working for me was to just reboot the host…:)  The VMware couldn’t believe that worked, but it did.  I know it isn’t a difficult fix, but maybe this might help others that get this alert.

Please let me know if you have encountered similar alerts from upgrading the firmware on your ILO ports.

Failing/Failed Disk And Detailed Information From HPACUCLI

Today I was alerted by vCenter with a yellow, “Host Storage Status” alarm.
diskalert

Clicking the ESXi host in the alert I find from the description that I can check the Hardware Status tab of the host for more details
diskalertdetail

I see that the disk is failing and that RAID is in “Interim Recovery”.  This doesn’t give me much information about the failing disk though.  Maybe in HP ILO I can find more information?  Nope, ILO doesn’t seem to have any information about the disks in the host.  According to the ILO System Information, everything looks just fine.
nodiskilo

I called to open a ticket with HP and while on the phone the support technician mentioned a diagnostic tool called HPACUCLI.  If you installed your host a HP customized ESXi image, then this should be there for you.

SSH into your host then type cd opt\hp\hpacucli\bin.  If you type ls you should see the script called “hpacucli”.  Type ./hpacucli and then press “Enter”.  You should see something about detecting controllers and you should be at a new prompt.
hpacucli1

Type controller all diag file=/tmp/adu1.zip and then press “Enter”.
hpacucli2

Now you will need a program like WinSCP that will get the newly created zip file off the host.  Connect to the host with WinSCP and then navigate to the /tmp folder.  Click on the adu1.zip file and the click “Download”.
tmpadu

Looking into the zip file we see four files; double click on “ADUReport.htm”.  The report should open into your browser and should have a lot of information.  Towards the top of my report I see that the drive has failed and if I scroll down I can actually get some in depth information about the drive.  Things like the model and Serial.
Drivefaileddrivefailed2

Can’t power on VM in Workstation 10 after Windows 8.1 October Rollup KB2995388

This issue has been fixed with the release of VMware Workstation 10.0.4.  VMware recommends that if you made changes to the config.ini that you remove the entry or change the value to “FALSE”.  The Workstation download can be found here.

When powering on a VM in Workstation 10 after rollup KB2995388 I see the following.

workstationerror

VMware is aware of the issue it would seem and there are three workarounds so far.  VMware official blog has this about it.

1.  Uninstall KB2995388 (This is an optional update).
2.  Edit the config.ini found in C:\ProgramData\VMware\VMware Workstation         and add the line:  vmmon.disableHostParameters = “TRUE”
3.  This is untested by me but it is reported that if you open Workstation in                   administrative mode (with admin rights), that it won’t have the problem.

Reboot your computer and your VMs should work again.

I did notice after making the change that the first time I start my VMs I get:
devicenotavailable notrespondingdevice

I chose “No” on both and the VMs now boot without issue.

Extending VMware VMDKs with System Partitions

hard-disk-drive
I have had to deal with extending System Partition VMDKs within our environment, but this can get tricky especially with 2003 Server and below.  Hope this helps…Note that Data drives can be extended without issue on 2012 and below.

2008 and above
1.  Open your VIC and edit the settings of the VM that you would like to modify.
Webeditsettings
2.  Change the system disk to the new size (Usually Hard disk 1).
Disk Change
3.   Log into your VM using the console or RDP.
4.  There are two ways to do the extend.  If it is 2008 R2 and above I usually do option 1.  2008 Standard and below I use option 2.

Option 1:
a.  Open Server Manager.
ServerManager
b.  Click Disk Management.
c.  Usually you will have to do a rescan to see the unallocated space.  Right click Disk Management and click Rescan Disks.
Rescandisks
d.  Right click the drive that you wish to expand (should show unallocated space) and click Extend Volume.
ExtendVolume
e.  Click OK on the Extend Volume Wizard and then again click OK on the Select Disks screen.  Now click Finish to complete the wizard.
f.  You should now see the drive is larger.

Option 2:
a.  Click Start –> Run and then type cmd.  Right click on the command prompt application and choose Run as Administrator.
runadmincmd
b.  Type diskpart.
diskpartsmall
c.  Type list volume.
diskpartlistvolume
d.  Select the system partition by typing select volume #.
diskpartselectvolume
e.  You should see an asterisk by the selected volume.  Type extend.
diskpartextend
f.  The drive should now be extended.  Type exit.

2003 Server and Below
1.   Have a 2008 R2 Helper machine that you will use to expand the drive.
2.  Power down the 2003 Server VM.
3.  Edit the settings and add space to the system partition.
Disk Change
4.  Power on the 2003 Server VM.
5.  Click Start –>All Programs –> Administrative Tools –> Computer Management.
ServerManager03
6.  Click Disk Management.  You should see the unallocated space, but if you do not then right click Disk Management and click Rescan Disks.   Just verify…don’t do anything with the space yet.
Rescandisks
7.  Shutdown the 2003 Server VM.
8.  Edit the 2003 Server VM within the VIC and note the location of the disk on the datastore.  Click remove on the drive that you would like extended by clicking on the X next to the hard disk.  DO NOT CHOOSE DELETE FILES FROM DATASTORE or REMOVE FROM VIRTUAL MACHINE AND DELETE FILES FROM DISK.  This is different wording depending on the Full VIC or the Web VIC.  Click OK.
RemoveDisk
diskremoved
9.  Now find your 2008 R2 helper VM within the VIC and then edit the settings.
10.  Where it says “New Device” choose Existing Hard Disk from the menu.  Click Add.
Addexistingdisk
11.  Using the information that you noted before, find the location of the 2003 Server disk that you removed before, select the disk, click OK.
choosevmdk
12.  Cick OK and this will mount the 2003 Server disk on your 2008 R2 helper VM.
13.  Log into the 2008 R2 helper VM with the console or RDP.
14. Click Start –> Run and then type cmd.  Right click on the command prompt application and choose Run as Administrator.
runadmincmd
15.  Type diskpart.
diskpartsmall
16.  Type list volume.
diskpartlistvolume
17.  Select the system partition by typing select volume #.
diskpartselectvolume
18.  You should see an asterisk by the selected volume.  Type extend.
diskpartextend
19.  The drive should now be extended.  Type exit.
20.  Go back into the VIC and edit the 2008 R2 helper VM.
21.  Click the X next to the Hard disk that you added earlier to this machine.  Again, DO NOT CHOOSE DELETE FILES FROM DATASTORE or REMOVE FROM VIRTUAL MACHINE AND DELETE FILES FROM DISK. 
RemoveDisk
diskremoved

22.  Edit the 2003 Server and then from the “New device” menu click Existing Hard Disk and then click Add.
Addexistingdisk
23.  Find the vmdk that you just extended then click OK.  Click again on the settings screen.
choosevmdk
24.  Power on the 2003 Server and you should see the additional space.  You might get a message indicating that a reboot is needed.  If requested, do the reboot.

Random Issues I Have Run Across
I did have an issue the other day with one our our 2008 Standard Servers.  When I went to extend the drive it gave me a weird error.  The parameter is incorrect.
DiskGrowParameterIncorrect

I give thanks to the Lord every day for the googles.  I found a great post by Jonathan Medd that gave the simple fix for this.  When you are in diskpart, select the volume # that you are extending and then use the command extend filesystem.

SRM Testing…What do I do with my Domain Controllers? Part 2

Now that you have successfully prepared for the script…here it is. This script will power down the previous clone if there is one, delete the old clone, create a new clone, change the network, and then power on the clone.  Please make sure you test this in first in a test environment before deploying to production.

RedNotice

 

########################################################################
# Clone DC VM and set network to Test Bubble (clonedc.ps1)
#
# This script is used to clone a DC and then set the network port group # to the #Test Bubble group.
# The purpose of this script is to have a replica of our primary DC for # use #when testing an SRM failover. This will remove the previous clone # before #creating a new one.
#
# Created By: Matt Jones, 2014
#
# Variables: $newVMName – Name of the new clone made from the original VM
# $sourceVMName – Name of the target DC VM that will be cloned
# $VM — Name of VM that was cloned earlier
# $DestGroup — This is the port group that the network will be changed to.
#
# Usage: ./clonedc.ps1
#
#######################################################

add-pssnapin VMware.VimAutomation.Core
Connect-viserver (Your vCenter Server)

#Clone Script#
$newVMName = “DCClone”
$sourceVMName = “SourceDC”

Get-VM $newVMName | Stop-VM -Confirm:$false
Start-Sleep -s 5
Get-VM -Name $newVMName | Remove-VM -DeletePermanently -Confirm:$false
Start-Sleep -s 10
New-VM -Name $newVMName -VM $sourceVMName -Location Foldernamecreatedearlier -vmhost hostname
Start-Sleep -s 120

#Set Test Network#
$VM = get-vm “DCClone”
$DestGroup = “Test Bubble”
$VM | get-networkadapter | set-networkadapter -NetworkName $DestGroup -confirm:$false
Start-Sleep -s 30
$VM | Start-VM

taskkill /F /IM powershell.exe

#######################################################

Once you have created the clonedc.ps1 script we need to get it set up as a scheduled task on the physical machine. Log in using the script AD account that you created earlier, then go to Control Panel –> System and Security –> Administrative Tools –> Task Scheduler.  Click Create Task.

TaskScheduler

TaskCreate

Under the General Tab Name your new task, change this to Run whether user is logged on or not, and check the box Run with highest privileges.  Click the Triggers tab

TaskGeneral

Click New and then choose the frequency that you would like this to run.  Make sure to check the Stop task if it runs longer than box and then set it for 30 minutes.  This makes sure that the script stops and doesn’t continually run.  Make sure you check the Enabled box or the script won’t run automatically!  Click the Actions Tab.

TaskTrigger

Click New and then from the drop down menu choose Start a program.  In the Program/Script box type C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe and in the Add arguments (optional) box type -psc “C:\Program Files (x86)\VMware\Infrastructure\vSphere PowerCLI\vim.psc1” -noe -c “. \”C:\scripts\clonedc.ps1\””.  Click the Settings Tab.

TaskAction

If you want to allow this to run on demand then check the Allow task to be run on demand box.  Check the Stop the task if it runs longer than box and choose 1 hour from the drop down.  Check the box If the running task does not end when requested, force it to stop.  Click OK.  You will be prompted to enter the credentials for the account running the task and then click OK.

TaskSettings

RunTaskAccount

 

You might have to do a refresh for your new task to appear.  I am guessing this might be a bug.  Manually run your task and monitor the VIC to make sure it is working properly.

Refresh

That should be it.  Now you can run an SRM test fail over and have a DC available.  Make sure that you have removed all of your DCs from SRM if you had them in there.

Yes

SRM Testing…What do I do with my Domain Controllers? Part 1

For the most part I love SRM for providing a relatively simple way to back up and recover our  VMware environment.  The problem that I have with SRM is that when it comes to testing failover, what do you do with your domain controllers?  According to VMware’s documentation found here, you should never use SRM to backup your domain controllers because you should already be using Active Directory replication to handle recovery situations.

When testing in the past I have added the DCs to my test recovery plan.  The problem was that most of the time the cloned DCs (in a test bubble) took forever to come up, and because of this, testing would take way longer than it should.  What is the solution?

The solution I have developed is to use scheduled powercli task that will clone my primary DC on a daily basis, change the network port group to a test bubble, and then power it on.  Doing this gives me a domain controller in my test bubble that should be ready to use whenever I want to test SRM.  I am still deciding whether or not I need to power down the primary DC first before cloning.  For now, I am cloning live.  I have a feeling I will hear from you guys on this one…:)

Preparation:

1.  The first thing I have is an old physical desktop to run my scripts.  You could run your scripts through a VM, however, I will be running my UPS Emergency shutdown script through this machine as well.

2.  I created a service account in AD that has very specific rights within vCenter.  Give this AD account admin rights on the physical machine that you will run your scripts from.

3.  Install PowerCLI on the machine using the AD account you created earlier.  Some good installation instructions can be found here.  Make sure that your set the execution policy to remotesigned.  While you still have PowerCLI open, add the credentials of the AD account to the PowerCLI credential store.  Information on this can be found here.  In our example in PowerCLI you would type New-VICredentialStoreItem -Host <vcenter server name/ip> -User <AD Script Account> -Password <Password for the script account>.  This will store the credentials within the user profile directory and it is encrypted!  This way there is no username and password in clear text going over the wire.  Note that if you try to test the script right now it will not work because there are no rights for the account in vCenter.

4.  I am going to be good and use the Web VIC to configure the permissions, sometimes I feel like this though…FullVIC

Now that I have gotten that out of my system, log into the Web VIC as an administrator and click Administration –> Roles.  Click GreenPlus to create a new role.  Name this role something like “clone” or cloneandchangenetwork”.  Check the following boxes:

Datastore –> Allocate Space
Network –> Assign Network
Network –> Configure
Resource –> Assign Virtual Machine to Resource Pool
Virtual Machine –> Configuration –> Add New Disk
Virtual Machine –> Configuration –> Add or Remove Device
Virtual Machine –> Configuration –> Modify Device Settings
Virtual Machine –> Interaction –> Power On
Virtual Machine –> Interaction –> Power Off
Virtual Machine –> Inventory –> Create from existing
Virtual Machine –> Inventory –> Create New
Virtual Machine –> Inventory –> Register
Virtual Machine –> Inventory –> Remove
Virtual Machine –> Provisioning –> Clone Virtual Machine

Now that our role was created, we need to assign it to the locations that we want this role to have rights.  To keep this simple, but not very secure, you could assign the role to the vCenter Server level.  The rights will propagate down the entire tree across any datacenters that you might set up.  Most people don’t want this because it would allow the cloning of any server, so we are going to assign rights exactly where they need to go.  But first we need to create a new folder where our cloned VM will eventually live.

Folder Rights
Click Home –> VMs and Templates.  Using the arrows, expand the list on the left pane.  Right click Discovered virtual machine –> New Folder and then name your new folder something like DCClone.  Click Manage –> Permissions.  Click GreenPlus and then from the drop down menu select the role that you created earlier and then click Add.  Choose your domain from the Domain drop down and then find the user that we created earlier in the list.  Click OK.  You should now see the AD user and the assigned role.  Now uncheck the Propagate to children box and then Click OK.

Cluster Rights
Click Home –>  Hosts and Clusters.  Then click on the Cluster where the DC resides that you will be cloning.  Click Manage –> Permissions.  Click GreenPlus and then from the drop down menu select the role that you created earlier and then click Add.  Choose your domain from the Domain drop down and then find the user that we created earlier in the list.  Click OK.  You should now see the AD user and the assigned role.  Now uncheck the Propagate to children box and then Click OK.  This keeps the script account from having rights down the tree.
Propigate

DC Rights
Click Home –>  Hosts and Clusters.  Then click on the DC that needs to be cloned.  Click Manage –> Permissions.  Click GreenPlus and then from the drop down menu select the role that you created earlier and then click Add.  Choose your domain from the Domain drop down and then find the user that we created earlier in the list.  Click OK.  You should now see the AD user and the assigned role.  Click OK.

Datastore Rights
Now we need to set the role for the host that will house the cloned VM.  Click Home –> Storage, and then on the left hand side click the datastore that the will be home to the clone.  Click the Manage –> Permissions.  Click GreenPlus and then from the drop down menu select the role that you created earlier and then click Add.  Choose your domain from the Domain drop down and then find the user that we created earlier in the list.  Click OK.  You should now see the AD user and the assigned role.  Click OK.

Host Rights
Now we need to set the role for the host that we are going to clone to.  Click the Home –>  Hosts and Clusters, and then on the left hand pane click the host  that the will be home to the clone.  Click the Manage –> Permissions.  Click GreenPlus and then from the drop down menu select the role that you created earlier and then click Add.  Choose your domain from the Domain drop down and then find the user that we created earlier in the list.  Click OK.  You should now see the AD user and the assigned role.  Now uncheck the Propagate to children box and then Click OK.  This keeps the script account from having rights down the host.
Propigate

Network Rights
Finally, we are going to set the role for the network.  Click Home –> Networking.  On the left pane select the test network that  you have in your environment.  Mine is called Test Bubble.  Click the Manage –> Permissions.  Click GreenPlus and then from the drop down menu select the role that you created earlier and then click Add.  Choose your domain from the Domain drop down and then find the user that we created earlier in the list.  Click OK.  You should now see the AD user and the assigned role.  Click OK.

By the time you are done, your script service account should have rights in vCenter for the Cluster (no propagate), host where the clone will live (no propagate), the Datastore, Network, Folder, and DC that will be cloned.
Rights

WAY TO GO!!  Are you ready for part 2?rejoicing

 

No more free phone with Google Voice and Obi…but there is a solution!

**UPDATE**

Interesting Email from Obihai:

The Google Voice Service is Still Working on My OBi! How come?
At the end of last year, Google Inc. announced that the open and documented XMPP communication protocol would be abandoned in favor of a new, proprietary way to do real-time voice, video and instant messaging communications. The time-line for the migration to this new way was not stated. At about the same time, but separately, Google stated third-party applications should stop supporting XMPP by May 15th 2014. Now that this date has passed, like you, we have observed Google services using XMPP are still connected and working, e.g. you can still place and receive calls using a Gmail account configured on your Obi device. It is important to note, this does not change the previous statements from Obihai that we no longer support direct connections to Google Voice on OBi devices. We strongly recommend all OBi owners using the Google Voice service obtain a new service to ensure continued, uninterrupted calling from the phone connected to the OBi. Fortunately, there are several OBiTALK Approved Service Provider (ASP) choices available to all OBi device owners for Internet VoIP phone services. These services are easy to sign-up for and configure automatically on an OBi device. They also come at a great price – with all fees and taxes included.

**END UPDATE**

This post will deviate from my normal VMware posts, but I think there are many that this might help.

I have been using Google Voice with my Obi 100 for about a year now.  Aside from the E911 service through Anveo.com I pay nothing for my home phone service.  The E911 only cost me something like $12 for the year.  Everything was going fine until the announcement that Google Voice would no longer work with Obi because Google was eliminating XMPP Support.  I don’t have the details of why this won’t work anymore, I just know it wont.  If you want details about XMPP, read about it here.
Obi-vs-GV-1b

The question that Obi users face is, “What do I do now?”.  The good news is that there is a pretty good list of alternative providers, but the bad news is that they are not free.  It would seem like the best time to get into a contract is right now though because many of the providers are offering cheaper plans until 5/14/2014 at which time the XMPP ends.  The plan I am going for is 2 years for $50 which gets me 500 minutes per month along with E911.  This comes to just over $2 a month for phone service!
Pricing

The provider that I decided on is called Vestalink.  I don’t want to port my number out of Google Voice, so after the nifty Vestalink video I will show you how I accomplished this.

**Please use my links for signing up for Vestalink as I can earn a referral; note that I am NOT paid or sponsored by Vestalink**  First go to here and sign up for a free 30 day or 60 minutes of talk time trial.  You don’t have much time though if you are going to get one of the deals before 5/14/2014.Click the Sign Up Free link.

SignUp

Enter the appropriate information for your internet details as well as your login details.   Click Continue.
Signup1

Enter the Zip code closest to where you would like your number.  This pulls up a list of cities nearby.  Click the one you are interested in and then click Continue.  Make sure you note your new phone number…we will need it later
Signup2

Enter your address for E911.  This is important so please make sure the information is correct.  Click Continue.
Signup3

Now to select your device.  I had the Obi, so I clicked on the “Bring your own device / Softphone / Smartphone / Tablet / OBi Adapter – Click Here” link.  To continue you then have to click on Click Here.
Signup4

The last thing to do is to verify the information is all correct.  You must check the consent box and then enter a phone number that they can verify that you really want to sign up.  The phone number cannot be a VOIP number.
Signup5 Signup6

If it didn’t take you into the Vestalink Dashboard, then go to www.vestalink.com and then click Login.  Enter your email and password and then login.
Login

We need to get Vestalink talking to your OBi device.  Click Devices and then Click Softphone/BYOD.  You need the IP address of your OBi and you can get this by following the directions here or by logging into your router and finding the IP from the DHCP list.  My guess is that if you are here setting this up, then you probably should be able to find this information.  Enter the IP address and then click Send Configuration.  You might be asked for the OBi password and which by default is admin/admin.  Your OBi device is magically configured for use with Vestalink.
OBiSetup

Time to forward my Google Voice number to my new Vestalink number.  Go to Google Voice and click the little settings gear at the top right and then click Settings.  On the Settings page under the Phones tab click the Add another phone link at the bottom of the page.  Type a new name…I used OBi and then put the Versalink phone number that your wrote down earlier…right…:)  Click Save.  Google will require that you verify the number by Google Voice calling the number and requiring that you enter a 2 digit code.  After verifying the forwarding number go back to the Vestalink Dashboard.
settinggearNewPhoneVerifyphone

We need to Spoof our Google Voice number when we call out, so instead of using the new Versalink number on the caller ID of who you are calling…it will look like your old Google Voice.  Click on Numbers and then click Spoof Caller ID.  Put your Google Voice number in the “Set to” box and then click the Verify Ownership box.  Versalink will call your Google Voice number now and ask you to enter a code.
SpoofID
VerifyOwner

That is is…when someone calls your Google Voice number it will forward it to your new Vestalink number (and now you have caller ID).  When you make a new call out it will use the new Vestalink number, however the number will be spoofed with your old Google Voice number; so it looks like you are calling with Google Voice but you are not.

Enable Copy and Paste Through the VMware Console

I was setting up a new host the other day and I received a call from one of my admins letting me know that they could not copy/paste within the console; but they can copy/paste in RDP.
nocopypast

This is a simple fix found in KB1026437.  You can make the change on an individual VM, but I think it is best to change it on the host (which applies to all VMs).  I really wish the default would have this enabled.

Open a Putty session…if you don’t have putty then get it here.
putty

1. Log into the ESXi host that you want to change.
2. Type vi /etc/vmware/config
3. Arrow down to the last line and type which stands for “insert”.
4. Add the lines:
         vmx.fullpath = “/bin/vmx”
         isolation.tools.copy.disable=”FALSE”
         isolation.tools.paste.disable=”FALSE”
5. Press the ESC key and then type :wq which stands for “write and quit”.
addlines

The next time each VM is power cycled it will enable the copy/paste functionality.  Keep in mind that if you ever upgrade this host to a new ESXi version that this setting will go back to the default of disabled and you will have to add this line again.