Pictured here is the entrance, five years ago, to the Customer Appreciation Event on the last night of Cisco Live US 2013. This was my first CiscoLive and first tech conference at all. I was exhausted from all I’d learned and excited by all the new people I’d met. The conference was in Orlando, FL that year and the CAE was held in a portion of Universal Studios theme park. This all comes full circle because this year

• I will once again be attending CiscoLive 2018
• It will once again be held in Orlando, FL
• And the Customer Appreciation Event will be held at THE ENTIRE UNIVERSAL STUDIOS FLORIDA PARK!

Customer Appreciation Event Info

You read that right, for one night only, Cisco customers, employees and other conference attendees will have the whole park to themselves with food, drink, and all that jazz included.While the party itself is from 7:30 to 11:30, attendees will also have non-exclusive access to the Islands of Adventure side of the park starting at 6 so you can get there early, hang out in Diagon Alley and then hop the Hogwarts Express over to the party when the time comes. Can anybody say Geek Overload? Once the party starts all of the attractions will be available to you, rides like Transformers:3D, Harry Potter and the Escape from Gringotts, and Race Through New York Starring Jimmy Fallon just to name a few.

There will also be a “festival style” music line-up to be announced later. Considering Cisco’s recent track record of musical acts (Aerosmith,  Maroon 5, Elle King, Bruno Mars) it’s a good guess that those will be great as well.

Keynote Speakers

There are other announcements out now as well. Included in these are the guest keynote speakers. This year it appears Cisco is going all in on the future looking vibe by having Dr. Michio Kaku, and Amy Webb as the Thursday speakers. Dr. Kaku is a renowned theoretical physicist and futurist while Ms. Webb is also a futurist and founder of the Future Today Institute. While I don’t know much about them at the moment I look forward to what they have to say.

Sessions, Labs and Seminars

Finally it looks like the Session catalog has quietly gone live today as well. Here you can begin looking for ideas of sessions you think you will find helpful, but I will tell you it is always my suggestion to pick these for now by the instructors you may really want to be able to interact with. All of these sessions will be available online after the conference so that frees you up to network (socially, not with wires) while you are there.

What you can’t access after the fact is the Labs and Seminars Cisco puts on the weekend prior to the conference itself. These come in 4 or 8 hour flavors and as someone who has attended a couple myself I will tell you they are a very fast way to deep dive into a topic. The catalog of these has been made available as well so you may want to check them out.

One note for those of you that like me that are heavy users of ad blocking in your browser. I noticed that uBlock Origin was keeping the actual list from appearing, you will need to turn it off to see the session catalogs.

Conclusion

As somebody with a small child and thus has spent a good deal of time in the Orlando area 😉 I’ll have some more to share soon in that regard. If you are heading to the show feel free to reach or say hi there! These events are much better when you allow yourself to get out an meet others.

Here in the US Thanksgiving Day traditionally falls on the fourth Thursday of November. While it is one of my favorite holidays today is a day of thankfulness for me as I’ve been honored to be named a Veeam Vanguard for 2018. I’ve been fortunate enough to have been a part of the group since its inception and it is one of my highest honors. Thanks as always to Rick, Kirsten, Dmitry, Andrew, Niels, Anthony, Michael, Melissa and Danny for keeping the Vanguards the best of its kind around.

To those who have also been renewed into the program please accept a heartfelt congratulations as you’ve earned it through your involvement and I look forward to trolling right along with you for another year.

While the e-mails have just been sent so there aren’t any statistics yet I see quite a few new members who are quite deserving popping up on twitter. Some I know already and other I look forward to getting to know. One of the really nice thing about the Vannies is we are a small group so everybody pretty much gets to know everybody. If you are looking for success in this group please don’t be shy, come be social and share the knowledge you have.

Are you just learning about the program or didn’t make the cut this year? If you are active with Veeam join the conversation in the forums, on Twitter, on Reddit, any of the various Slack communities, or your own blog and it will come. It doesn’t matter where you join, it just matters that you do.

Finally to dear, sweet Vanny Vanguard. We all miss you, please come home. 😉

If you haven’t noticed the new content on this site has got a little scarce for the past few months. To be very honest my life seems to have been a bit crazy, both professionally and personally, and writing, unfortunately, has been back-burnered. On my drive home yesterday I was listening to Paul Woodward‘s excellent ExploreVM podcast episode with Melissa Palmer where she was speaking about the process of writing her excellent book “IT Architect Series: The Journey“. This served to remind me that I really should get back to writing as I’ve got a few topics I really need to blog about.

So as these things often happen in my head this led me this morning to think about why I blog in the first place. There are a number of reasons I do this and I thought for those that are passionate about any topic but in this case about technology maybe a little bit of the why would be the thing to get you started yourself.

1. So I can remember how I did something. Way back in the olden days (2004ish?) when my blog was called tastyyellowsnow.com this was the main reason I created the blog. I was 3 jobs into my career and all of my notes for how to do anything were saved in Outlook notes that I move from a work account to PST to work account to PST to work account. I was tired of doing it that way so I thought I’d try putting it out there. That hawtness ran on some asp based package with an Access database on the backend (I still have it!), and while some of the content was absolutely horrible the reason behind it is still my primary driver, to make sure if I figured out how to do something a certain way I could remember how to do it when I invariably had to do it again. Looking through some of those titles some like “Changing the Music On Hold Volume in Cisco CallManager” and “Recovering from a Bad Domain Controller Demotion” are still actually relevant. It’s nice to know where to find those things.

2. So that others can learn how I did something. I joked on twitter the other day that in preparing a Career Day talk for my daughter’s Kindergarten class that I should title it “SysAdmin: I Google things for those who will not”. If you are new to IT or aspire to work as an *Admin  I cannot express how much of my “how in the world do you know that” is simply being good at feeding errors into google and processing the results. There may be 20 posts on how to do a single task but one of them will make more sense to me than others. Because of that, I try to feed many things back into the collective Google, especially the things that I wasn’t able to find much on or that I had to piece together through multiple KB articles and blog posts. In doing so I really do hope that I help others get their job done without having somebody send them the sticker to the right.

3. Writing something down in a manner you expect others to understand can often provide clarity. There’s an old adage that says “the best way to learn something is to teach it.” While yes, it is cliché, speaking as a former adjunct college professor and current internal staff trainer when needed, it is absolutely true. When I am learning something new or I have just finished working through a complex issue I find that documenting it, either here or internally helps to solidify what the core issue was, what components led to the issue, how the problem was solved and finally how it can be prevented in the future.

Conclusion

Those are the reasons why you see new things here from time to time.  I do want to mention one thing you did not see above and that was to gain access to influencer programs. I’ve been very fortunate to be included in the vExpert and Veeam Vanguard communities and while many will say the way to get there is through blogging I disagree. I think the best way to achieve those accolades and keep them is the develop your own version of commitment to the Tech Community.  If you find that giving things back to the community at large is something you find value in then you will find a way to do it, blogging, tweeting, podcasting, or any other way. If that’s a goal of yours and blogging or writing isn’t your thing, there is any number of ways to meet that goal as long as you focus on why you are in the community to start with.

As life has its ups and downs so does the regularity of content here. What are your reasons for blogging? If you have thought about it and haven’t done it yet, why not? Let’s continue the discussion on Twitter by reaching out @k00laidIT and help the distributed mind grow.

Hi all, just a quicky to get everybody off the ground out there that are looking to use both PowerShell and PowerCLI from things that don’t run Windows. Today VMware released version 10 of PowerCLI with support for installation on both Linux and MacOS. This was made possible by the also recently released Powershell Core 6.0 which allows PowerShell to be installed on *nix variants. While the ability to run it on a Mac really doesn’t do anything for me I do like to use my iPad with a keyboard case as a quick and easy jump box and its frustrated me for a while that I needed to do an RDP session and then run a Powershell session from within that. With these releases I’m now an SSH session away from the vast majority of my scripting needs with normal sized text and everything.

In this post I’ll cover getting both Powershell Core and PowerCLI installed on a CentOS VM. To be honest, installing both on any other variant is pretty trivial but the basic framework of the difference can be found in Microsoft Docs.

Step 1: Installing Powershell Core 6.0

First, you need to add the Powershell Core repository to your yum configuration. You may need to amend the “/7/” below if you are running a RHEL 6 variant like CentOS 6.

Once you have your repo added simply install from yum

Congrats! You now have PowerShell on Linux. To run it simply run pwsh from the command line and do your thing. If you are like me and use unsigned scripts a good deal you may want to lower your Execution Policy on launch. You can do so by adding the parameter.

Step 2: Installing VMware PowerCLI

Yes, this is the hard part… Just kidding! It’s just like on Windows, enter the simple one-liner to install all available modules.

If you want to check and see what you’ve installed afterward (as shown in the image)

If you are like me and starting to burn this through in your lab you are going to have to tell it to ignore certificate warnings to be able to connect to your vCenter. This is simple as well just use this and you’ll be off and running.

Step 3: Profit!

Really, that’s it. Now to be honest I still am going to need to jump to something Windows-based to do the normal ActiveDirectory, DNS or any other native  Windows type module but that’s pretty easy through Enter-PSSession.

Finally, if you have got through all of the above and just want to cut and paste here’s everything in one spot to get you installed.

Hi all, I’m writing this to document a fix to an interesting challenge that has pretty much been my life for the last 24 hours or so. Through a comedy of errors and other things happening, we had a situation where the upstream CA from our VMware Certificate Authority (and other things) became very unavailable and the certificate authorizing it to manage certificates expired. Over the course of the last couple of days I’ve had to reissue certificates for just about everything including my Nimble Storage array and as far as vSphere goes we’ve had to revert all the certificate infrastructure to essentially the same as the out of the box self-signed guys and then reconfigure the VMCA as a subordinate again under the Root CA.

Even after all that I continued to have an issue where my Production VVOLs storage was inaccessible to the hosts. That’s not to say they weren’t working, amazingly and as a testament to the design of how VVOLs works my VMs on it ran throughout the process, but I was very limited in terms of the management of those VMs. Snapshots didn’t work, backups didn’t work, for a time even host migrations didn’t work until we reverted to the self-signed certs.

Thanks for a great deal of support and help from both VMware support and Nimble Storage Support we were finally able to come up with a runbook in dealing with a VVOL situation where major certificate changes occurred on the vSphere side. There is an assumption to this process that by the time you’ve got here all of your certificates both throughout vSphere as well as with the Nimble arrays are good and valid.

1. Unregister the VASA provider and Web Client integration from the Nimble array. This can be done either through the GUI in Administration>VMware Integration by editing your vCenter, unchecking the boxes for the Web Client and VASA Provider and hitting save. This can also be done via the CLI using the command
   
   Shell

   vcenter --unregister <vcenter_name> --extension vasa vcenter --unregister <vcenter_name> --extension web

   1 2	vcenter --unregister <vcenter_name> --extension vasa vcenter --unregister <vcenter_name> --extension web

2. Register the integrations back in. Again, from the GUI simply just check the boxes back and hit save. If successful you should see a couple of little green bars briefly appear at the top of the screen saying the process was successful. From the CLI the commands are pretty similar
   
   Shell

   vcenter --register <vcenter_name> --extension vasa vcenter --register <vcenter_name> --extension web

   1 2	vcenter --register <vcenter_name> --extension vasa vcenter --register <vcenter_name> --extension web

3. Verify that your VASA provider is available in vCenter and online. This is just to make sure that the integration was successful. In either the Web Client or the HTML5 client go to vCenter> Configure> Storage Provider and look for the entry that matches the name of your array group and in the URL has the IP address of your array’s management interface. This should show as online. As you have been messing with certificates its probably worth looking at the Certificate Info tab as well while you are here to verify that the certificate is what you expect.
4. Refresh the CA Certificates on each your hosts. Next, we need to ensure that all of the CA certificates are available on the hosts to ensure they can verify the certificates presented to them by the storage array. To do this you can either right-click each host > Certificates > Refresh CA Certificates or if you navigate to the configuration tab of each host, go to Certificate there is a button there as well. While in the window it is worth looking at the Status of each host’s certificate and ensure that it is Good.
   
5. Restart the vvold service on each host. This final step was evidently the hardest one to nail down and find in the documentation. The simplest method may be to simply reboot each of your hosts as long as you can put them into maintenance mode and evacuate them first. The quicker way and the way that will let you keep things running is to enter a shell session on each of your hosts and simply run the following command:
   
   Shell

   /etc/init.d/vvold restart

   1	/etc/init.d/vvold restart

   Once done you should see a response like the feature image on this post and a short while later your VVOLs array will again become available for each host as you work on them.

That’s about it. I really cannot thank the engineers at VMware (Sujish) and Nimble (Peter) enough for their assistance in getting me back to good. Also I’d like to thank Pete Flecha for jumping in at the end, helping me and reminding me to blog this.

If nothing else I hope this serves as a reminder to you (as well as myself) that certificates should be well tended to, please watch them carefully. 😉

I don’t know about the rest of you but printing has long been the bane of my existence as an IT professional. Frankly, I hate it and believe the world should be 100% paperless by this point. That said, throughout my career, my users have done a wonderful job of showing me that I am truly in the minority on this matter so I have to do my part in making sure they are available.

As any Windows SysAdmin knows installing the actual print driver and setting up a TCP/IP port aren’t even half the battle. From there you got to get them shared and have the users actually connect to them so that they can use them. It’d be awesome if they would all just sit down say “I have no printers, let me go to Active Directory and find some” but I’ve yet to have more than a handful of users who see this as a solution; they just want the damned things there and ready to rock and roll.

In the past, I’ve always managed this with a series of old VBS scripts, which still works but requires tweaks from time to time. It’s possible to do this kind of stuff with Powershell these days as well as long as your user has the Active Directory module imported (Hint: they probably don’t). There are also any number of other 3rd party and really expensive Microsoft systems (Hi SCCM!) that will do this as well. But luckily we’ve had a little thing called Group Policy Preferences around for a while now too and it will do everything we need to make this really manageable, with a nice pretty GUI that you can even teach the Help Desk Intern how to manage.

1. Setup the Print Server(s)- This is the same old, same old. Pick a server or set of servers and setup all your printers and share them. This gives you centralized queue management and all the goodies we know and love.
2. Create Security Groups- Unless you work in a 10 person office most people won’t necessarily need every printer. I like to create Security groups, 1 per printer, and then assign everybody who needs that printer to the security group. I typically also like to set up these groups with a prefix, usually “prnt” so that they are all grouped together but that’s just me. Set these up now and we’ll use them in a minute.
3. Create a new GPO- Truthfully this a personal preference, but I typically like to create a separate GPO for each major task I want to achieve aside from baseline things I through in a domain default policy.
4. Navigate to Users>Preferences>Control Panel Settings>Printers- Cool, it’s a blank screen! Let’s fill this sucker up with some printing goodness. Start by right-clicking the screen and choosing New>Shared Printer.
5. Once here you will the default action is Update. While there is an option for Create we want to leave the setting at the default because this will allow you more flexibility in the future while still letting you accomplish your goal now.
6. Go ahead and fill in the share path with the full UNC path to the shared printer leaving everything else blank then click on the “Common” tab.
7. This is where the magic happens so everybody only gets what they need. Check the box for “Item-level targeting” at the bottom and then click the now available button
8. In the now open Targeting Editor window click the “New Item” button and choose “Security Group.” Note: I like to do this task with Security Groups but as you can see there are lots of options to choose from. You may want to do the assignment based on Active Directory Sites if you have a rotating band of workers for example. Do what fits your organization.
9. Hit the browse “…” button and go find your group you want to have this printer added for then hit OK all the way back out to the GPO screen.

That’s it! you can essentially rinse and repeat these instructions for as many printers and print servers as you need to support. There really isn’t even any server magic to the printing, for all GP Preferences cares these can all be printers shared off individual workstations. I wouldn’t do that, but you know… My one real gripe with this is there doesn’t seem to be a way to script your way out of the process yet. I was able to bulk install the printers and create the ports on the print server but doing this work out of the GUI essentially means exporting the preferences list to an XML file, editing it and then importing it back in. Eww.

P.S. ProTip: Use Delete All For Print Server Migrations

So the idea spark for this post was a need to recreate all the logical printers in response to an office reorganization. The old names made no sense so we just blew them away and created new. One thing I did find out is that since Windows Server 2012 you can create a Printer Preference with type Delete and choose “Delete all shared connections.” Coupled with the Common options of “Apply once and do not reapply” this can be a very effective way to manage a print server migration, reorganization, or any other number of goals I can think of. If you do choose to do this be sure to 1) make sure any version of this you were using to do the “old printers” is gone before you set this to run and 2) you mess with the order of the Printer Preferences so it is number 1 in the order. In addition, when I was looking to use it I created it and then immediately right-click > Disabled the preference until I was really ready for it to go.

Just a quick post with a script I’ve just written. Living in WV we from time to time have to let staff know that the offices will be closed for various reasons, from heavy snow to chemical companies dumping large quantities of chemicals into the area’s water supply. For this reason, we maintain a basic emergency staff notification process that requires an authorized person to send an e-mail to a certain address and that will carpet bomb staff who chose to opt-in to receive text messages and e-mails to their personal (as opposed to business) e-mail addresses. This is all powered by using creating hidden mail contacts on our Exchange server for the personal address as well as the e-mail address that corresponds to the users’ mobile provider. These addresses are all then dynamically added to a distribution list that is restricted by who can send to it.

To be honest the system is mostly automatic with the exception of needing to makes sure new contacts get put in and old contacts get taken out. Taking them out by GUI is pretty simple, just right click delete but it seems to be lots of steps to add them in. So in the script below I’ve automated the process of interrogating the Admin entering them and then using that information to automatically create the contacts and then hide them from the Global Address List.

Now in order to make this work you need to either have an Exchange Shell window open or be remotely connected. As I am getting to where I have a nice, neat PowerShell profile on my laptop I like to stay in it so I remote in. I’ve automated that process in this Open-Exchange.ps1 script.

Now if you’d like to save yourself the need to cut and paste these locally you can find these scripts and few others I’ve been writing on my GitHub repo.

I am lucky enough to be a father to a wonderful 5-year-old daughter, fresh into her Kindergarten year of school. Recently she came home with the dramatic cry of a 5-year-old, upset that her class has a Leader of the Month award and she didn’t win it. Once the sobbing subsided she got around to asking me how to be a leader, one of those basics of life type questions that all parents know and yet always get thrown by. How do I boil down the essence of leadership to something she not only can understand but can apply herself?

Thanks to the reoccurring themes of Special Agent Oso I got the idea to try to condense leadership to 3 simple steps. Simplistic I know, but the more I thought about it the more I realized that not only would it get her on the right track but that, to be honest, there are a great number of adults in leadership positions that experience differing levels of success with them. So thanks to my daughter and our good friend Oso I present Jim’s 3 simple steps to being a good leader.

Step 1! Have A Good Attitude

Seriously, there are so many studies/articles on the effect that a leader’s public attitude has on the productivity and efficiency of their team. If those linked articles aren’t enough for you Google it, there are a lot more. I know we all have our days when it all falls apart and have experienced these myself, but when those days stretch into weeks or months that team you are leading or even being a part of is going to start to fall apart as well. Some days it is going to require you to put a good face on what you are internally feeling, but coming in with a bounce in your step and not being negative is a great first step.

One of the realizations that I’ve had recently is that with any position there comes a time when you have to decide to either have some internal reconciliation with the job you have and make peace with the issues you have with it or decide to make the jump to something new. I’m not saying you should try to make the things you dislike better, you absolutely should, but staying in something you actively dislike and have lost the willpower to try to fix not only hurts you it hurts those around you.

Step 2! Listen

So for a 5-year-old trying to get them to listen to anything that isn’t on Netflix or YouTube is a challenge. Guess what? The same is true for me and you and those around you in the workplace from time to time. As framed to her, listening means making sure you pay attention not only to your teachers when they talk (and you absolutely must do this) but also to those around you that may be having issues. The teacher is talking about how to make the perfect “R” but your neighbor is having a problem? If she’s got it down this is a great opportunity to help!

As this applies to us how many of us go into meetings or conversations with our co-workers with a preset agenda or outcome of it already in our mind? Worse still is when we try to find the implied meaning of what is unsaid in a conversation. We as workers and leaders do better when we open our minds and actually listen to the words that are being spoken, then ask for clarification as needed. I know I have to work hard to quit relying on my own biases or trying to guess what the speaker means simply because we don’t want to ask “Ok, I didn’t get that, can you expand on this?”

Step 3! Apply What You’ve Learned

As we complete our journey through leadership we need have to apply what we’ve learned in the first two steps. We’ve spent the last 20 minutes learning how to make that perfect “R” and now we have to practice in class. My 2.0 may have this down, but she see’s her neighbor is trying to get help from the teacher. With a great attitude and an understanding of what’s expected this is her time to shine and help out her classmate!

At work this is important too. We have a great attitude now and we really want to be a helper, getting things done, and we’ve listened to those around us and learned not only about the needs and processes of our organizations but also the needs of our co-workers and staff. With all this ammo we are now in a position to truly make a difference because regardless of who you are helping when the knowledge gets distributed the potential for greater outcomes goes up. For those of us in traditional IT or other “support departments” this is where the true value lies. If we can’t learn, interpret and apply technology to the organization and staff’s needs then we aren’t supporting anyone.

Conclusion

So there you have it. Yes I know it’s simple, yes I know there are other factors (ego, time management, etc) that go into it as well but as in all things, you have to master the basics first. How many of you that have made it to this point were shaking your head and considering interactions with others as you read them? How many read these and had a “doh” thought about something you yourself have done? I know I did in thinking about it and there’s nothing wrong with that as long as you learn from it.

I had/have the honor today of presenting a couple vBrownBag sessions while here at VMworld. The first of these was about my journey from living in an area with little to know Tech Community resources available to becoming a part of the bigger global community and why that’s a good thing. As I feel this has really changed my career and enabled me to grow my skills as an IT professional in ways I never thought possible this is a subject I’m pretty passionate about.

So does that paragraph sound familiar to you? If so please consider watching the presentation below (it’s only 10 minutes) and start your own journey. If you need help along the way reach out to me on twitter @k00laidIT.

I write this while traveling to sunny and amazingly hot Las Vegas for the 2017 edition of VMworld US. I hope to provide feedback and news throughout the conference, highlighting not only the excellent content and programs but also the best the virtualization community has to offer.

Today will be a travel day as well as a day to meet up with friends, new and old. Tomorrow, the Sunday before the conference, is when the real fun begins with things like Opening Acts for me, TAM and partner content for others as well as a number of social events.

What We Know So Far

Yesterday was the day that Vmware went on a killing spree, announcing the depreciation of Windows based vCenter, the flash based vSphere web client and the vmkLinux APIs and its associated driver ecosystem. All of these enter the depreciated state with the next major version of vSphere and then will be gone for ever and ever in the revision after that. Each of these are significant steps towards the evolution of vSphere as we know it, and when coupled with the advances in PowerCLI in version 6.5 the management of our in house infrastructure has been changed for the better.

These announcements came rapid fire on the Friday before Vmworld with the death of the Windows based vCenter coming first. As we have had versions of varying success of the vCenter Server Appliances (VCSA) for over 5 years now it’s been a long time coming. I myself migrated two years ago and while it was good then with the latest 6.5 version, with its PhotonOS base, excellent migration wizard and in appliance vCenter Update Manager support it has show it is definitely the way forward.

The flash client was the next announcement to come and again, we are looking at an depreciation that needs to happen and is most definitely going to be a good thing but does come with some apprehension. With most things that have been depreciated by Vmware we’ve had at least 1 feature rich version of the replacement out and stable before they announced the predecessor’s demise. This isn’t the case with the flash based web client. While the latest builds are getting very, very good there are still major things that either are quirky or simply aren’t there yet. The good news to this is we have been given almost immediately assurances by everyone involved with the product management that we the vSphere admins will never be left without a GUI management ability for any given task we have today and I for one believe them. The last components of what is known as the HTML5 client in my opinion simply can’t come enough, I’m tired of having to hop through multiple GUIs and browsers to be able to perform basic tasks in my daily work life.

Finally the day was finished with the announced depreciation of the non-native Linux drivers. To be honest I didn’t know that these were even still a thing as every Linux VM I’ve rolled for the past many years have been able to work with the native drivers. I’m sure there are those that at this point may still need additional time but the as the removal is still a couple of versions off this should be something can be mitigated now that the end is known.

Conclusion

With all of these preconference announcements related to Vmware’s flagship product is this going to be the year where Vmworld is chocked full of improvements to vSphere. This will be my 3rd one in 4 years and each year I’ve felt their focus was elsewhere. While vSAN, NSX, and the like are definitely where the company’s seeing growth all of these things rely on vSphere as an underlay. I for one would be happy to see a little love shown here.

With that happy thought I’m going to shut it down and land. For those coming to Vmworld this weekend safe travels and for those at home look for more info as its known here on koolaid.info.