How to download ISO/Disk Images from Nutanix Image Service.

Hi Folks

Unlike VCenter , there is no straightforward method to download the ISO’s or Disk Images you have uploaded to the Image Service.(In VCenter , you could perform both upload / download files from the datastore).

In Nutanix AHV , you need to run the below commands to achieve the same results.(As per Nutanix , this need to be done , under Nutanix Support only).

#Login to any of the CVM.
# nuclei image.list —-> This will list all the images with the UUID
###### EXAMPLE OUTPUT ######
Name UUID State
MyISO yyyyyyyyyyyyyyyyyyyyyyyyyyyyyy COMPLETE
###### EXAMPLE OUTPUT ######

# nuclei image.get yyyyyyyyyyyyyyyyyyyyyyyyyyyyyy –> Get the Cluster UUID.
###### EXAMPLE OUTPUT ######
current_cluster_reference_list:
– kind: cluster
uuid: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
###### EXAMPLE OUTPUT ######

# ncli multicluster get-cluster-state | grep -C5 <xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> –> This will get the cluster name:
###### EXAMPLE OUTPUT ######
Cluster Id : xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Cluster Name : MYCLUSTER
Is Multicluster : false
Controller VM IP Addre… : [x.x.x.x. …………………………………….]
External or Masqueradi… : y.y.y.y (Cluster IP)
###### EXAMPLE OUTPUT ######

NOTE : The above commands are used , when you are managing multiple cluster via PC , and you need to locate the image and in which cluster the image is stored.

Thereafter , run the below command from your workstation (You must have curl installed , and the command must be run from the bin folder , where the curl is installed)

curl-7.68.0-win64-mingw\bin>curl –user “Prism Username”:Password” –insecure https://y.y.y.y.:9440/api/nutanix/v3/images/ac799
d52-60e3-448f-a0f9-d4de756b0d01/file –output SQL.iso

NOTE: Replace “Prism Username”:Password” with the actual username & password use to access the Prism Cluster with out any quotes.

February 3, 2020 at 3:45 pm Leave a comment

How to install and configure LAPS

Recently , we had to deploy LAPS on one of our client environment. The requirement was to manage the local administrator password of all the domain joined workstations / servers via centrally. I used the below guides to complete the installation .(Kudos to the blog owners)

Source1:

https://scripting.rocks/sysadmin/laps/

Source2:

https://vaishnaav.files.wordpress.com/2019/12/step-by-step-guide-to-deploy-microsoft-laps-1.pdf
(via :prajwaldesai.com).

In addition to the above you may come across the below issues.

  • Unable to configure the Group Policy using the LAPS Administrator Template or missing LAPS Administrator Templates.

    Solution: You need to run the laps installation on the DC and remove all the options and select only ” GPO editor templates”

  • Manual Password reset via Fat Client / Command Line is not working.

    Solution : You need to run the GPupdate after the manual password reset on the computer where you are changing the password.

Good Luck.

December 15, 2019 at 2:29 pm Leave a comment

Nutanix Command Library

I have decided to write this post to record all the Nutanix commands that we rarely use in our routine work , But essentially important for better understanding the environment. All these commands can be run from any CVM , unless I will be specifying it.

How to identify the Acropolis Master in an AHV Cluster.

# links -dump http:0:2030

How to identify the Prism Leader

# curl http://0:2019/prism/leader && echo

How to disable/enable the HA on a VM.(By default all the VM’s are protected with HA .

+ Login to CVM and then type “acli”

# vm.update “VM Name” ha_priority=-1 ( To disable the HA)

# vm.update “VM Name” ha_priority=0 ( To enable the HA)

# vm.get “VM Name” – To confirm the change. But by default , you will not see the field ha_priority parameter unless you disable and then enable it manually.

How to find out the BIOS version on all the hosts.

# in the CVM
for i in hostips; do echo ESX $i ; ssh root@$i ‘smbiosDump | head | grep
Version’ 2>/dev/null ; done


October 15, 2019 at 12:19 pm Leave a comment

How to create a RHEL 7 template in VSphere ESXi 6.7

Unlike for Windows , RHEL based template creation requires additional steps to make it work. During this process , I came across very valuable information from the linuxtechi blog . I am summarizing the steps and some additional steps that I followed during the whole. process. ( But , I am not adding the steps that you need to follow in ESXi to convert a VM in to template)

Source: https://www.linuxtechi.com/create-vm-template-ovirt-environment/

Environment Details:

  • RHEL 7.3
  • ESXi 6.7

+ Create a RHEL 7.3 VM

+ Install the Operating System and all other Packages needed.

+ Yum update it (If you have a valid RHEL subscription).

Thereafter , we need to follow the below steps to generalize the VM by removing any VM specific configuration and you need to do the below:

+ Remove the SSH host keys
# rm -f /etc/ssh/ssh_host_*

+ Remove the hostname and set it as local host(This is optional , because if
you have not provided any hostname during the step , it will retain
localhost as the name.
# hostnamectl set-hostname ‘localhost’

+ Then remove any reference for UUID , HWADDR & MAC
# rm -f /etc/udev/rules.d/*-persistent-*.rules
# sed -i ‘/^HWADDR=/d’ /etc/sysconfig/network-scripts/ifcfg-*
# sed -i ‘/^UUID=/d’ /etc/sysconfig/network-scripts/ifcfg-*
At this point , please make sure that , while deploying the VM’s from this template you need to create an VM customization specification and forcing to enter the IP address details. Otherwise , you will end up all the VM’s having the same hostid.

+ Again this is optional if you have not registered the VM
#rm -f /etc/sysconfig/rhn/systemid

+ Poweroff the VM systematically
# sys-unconfig

NOTE : VM Customization specification is mandatory to avoid the VM’s getting the same hostids. Steps are as below;

+ Login to the VCenter.
+ Open Policies & Profiles.
+ Select VM Customization Specification.
+ Provide the details , based on your environment.
+ In the Network screen , select “Manually Select Custom Settings”.
+ Click on Add.
+ In the IPv4 section , select ” Prompt the user for an IPv4 address when the
specification is used “.

Good Luck .

October 7, 2019 at 12:07 pm Leave a comment

Cannot open mailbox features in ECP

Sometimes you may receive the below error , when you try to access the Mailbox features for a Mailbox via ECP.

In this situation the Exchange server version is 2016 and it happened only on a single mailbox.
After several hours of troubleshooting we came to know that , this could happen if the mailbox is in quarantined state. During this problem user will not be able to access his mailbox neither by Outlook nor any clients)
(You could refer https://www.nucleustechnologies.com/blog/how-to-fix-exchange-mailbox-quarantine-issue/ to have an idea about possible causes for a mailbox to go in to quarantined mode).

To confirm this we ran the below command via the Exchange Powershell

Get-Mailboxstatistics -identity “Test User” | fl Isquarantined

The output was True , now we could confirm his mailbox is in quarantined state.

To disable the quarantine state we ran the below command:

Disable-MailboxQuarantine “Test User”

But , for us unfortunately , the user mailbox goes again to quarantine mode after few minutes. Thus we tried to repair the mailbox using the below command.:

New-MailboxRepairRequest -Mailbox test@test.local -CorruptionType ProvisionedFolder,SearchFolder,AggregateCounts,Folderview

In our situation even the repair was not solving the issue and we had to recreate the mailbox. The reason , I shared the above steps as it could help somebody , without the need for recreating the mailbox.

Good Luck.


September 1, 2019 at 12:07 pm Leave a comment

Choose the right authentication method for your Azure Active Directory hybrid identity solution

Choosing the right authentication method , during the new implementation of Hybrid Cloud Infrastructure or Migrating an existing On-Premise towards Cloud with the intention to have a  Hybrid Solution is really mandatory as it will help to avoid any disruptive situations. It has to be a well informed plan and execution process. The decision should be made only on valid compelling reasons. However, Microsoft have published an article in this regard and it can be accessed via https://aka.ms/auth-options.

I would recommend to refer this article as it could be an handy guide to guide the customers and other stakeholders during a project.

June 24, 2019 at 12:09 pm Leave a comment

How to Track File Deletion on a File Server

Hi Folks

Anybody wants to enable auditing on their file server , for the purpose of tracking and auditing who has deleted any files or folders , I would recommend the below article.

https://blogs.technet.microsoft.com/askds/2009/08/04/tracking-a-remote-file-deletion-back-to-the-source/

It covers detailed steps on how to enable the Group Policy for auditing and enabling Folder level Auditing parameters. However after enabling the required configuration you need to filter out for the event ID’s 4663,4624,5140, and 4660 in the Security Event Log.

These event ID’s will provide the audit trail for the event.

June 18, 2019 at 12:22 pm Leave a comment

Older Posts


Archives

Categories

Follow Hope you like it.. on WordPress.com

Blog Stats

  • 27,803 hits

%d bloggers like this: