PowerActions for vSphere Web Client

PowerActions 1.5.0 is now available for vSphere 6.0 Web Client

http://blogs.vmware.com/PowerCLI/2015/06/good-news-poweractions-now-available-vsphere-6-0-web-client.html

“PowerActions integrates the vSphere Web Client and PowerCLI to provide complex automation solutions from within the standard vSphere management client.

PowerActions is deployed as a plugin for the vSphere Web Client and will allow you to execute PowerCLI commands and scripts in a vSphere Web Client integrated Powershell console.”

Download PowerActions 1.5.0 here
https://labs.vmware.com/flings/poweractions-for-vsphere-web-client

 

How to Disable Windows Defender

1) Open Control Panel
2) Open up Windows Defender
3) Click Tools on the top menu
4) Click on Options
5) Find the Administrator section, uncheck the box for “Use this program”
6) Click the Save button.

Now open services.msc

7) Select Windows Defender
8) Right click and select properties
8) Stop the service
9) Change Startup type to Disabled.

VMware vCenter 5 – NFC Server error

Issue

NFC Error

In vSphere 5 we moved an ISO from a local drive to a datastore using the VMware Infrastructure Client. Upon instigating the upload it immediately failed.

Error message :  Failed to log into NFC server.

Possible DNS issue with servers for the host?

Solution:
We found missing DNS entries for the ESXi hosts. The servers specified were referencing DNS IP addresses that had no entries for the ESXi hosts being administered.

Exporting and Importing an OVF file

Exporting a VM or Template to OVF file

1) Select the virtual machine select File > Export > Export OVF Template.
2) Type the Name of the template for the OVF Template
3) Map a drive. Transfer the file

On another vCenter – Deploy an OVF template

1) Open the vSphere Desktop Client.
2) On the top-left, click File
3) Select Deploy OVF Template.
Follow on screen instructions

Create or Remove A Static Route in a Microsoft Windows OS

Route traffic via a specific NIC and IP in most Microsoft Windows operating systems.

Quick guide to create a static route in windows or remove a static route in a windows OS.

List static routes
Administrator command prompt
route print

Create a Static Route
Administrator command prompt
Add example :
route add -p 192.168.10.31 mask 255.255.255.255 192.168.1.1 if 2 metric 5

“if” is the network card number to route through.
metric is calculating the fastest, most reliable, and least expensive routes
-p Persistent
ipconfig /all (Shows the NIC for “if” number.)

Deleting a Static Route
Administrator command prompt
Delete example :
route delete 192.168.10.31

Remote Desktop Server – Customisation and Useful GPO settings

User cannot change an expired user account password in a remote desktop session that connects to a Windows Server 2008 R2-based RD Session Host server in a VDI environment

Hotfix Download Available

https://support.microsoft.com/en-us/kb/2648402

  1. 1. Open the following file: %systemDrive%/windows/web/rdweb/pages/web.config
  2. Set the following value to TRUE: <!– PasswordChangeEnabled: Provides password change page for users. Value must be “true” or “false” –> <add key=”PasswordChangeEnabled” value=”false” />

 

 

Disable IE security in a GPO using reg change

https://4sysops.com/archives/disable-internet-explorer-enhanced-security-configuration-ie-esc-with-group-policy/

 

 

Set Trust sites

http://deployhappiness.com/managing-internet-explorer-trusted-sites-with-group-policy/

 

 

Setup SSO & disable remote app prompt  

http://social.technet.microsoft.com/wiki/contents/articles/2381.how-to-remove-the-access-messages-and-enable-the-single-sign-on-for-remoteapps.aspx

 

 

Deploying RD Session Host Servers or Farms

http://social.technet.microsoft.com/wiki/contents/articles/5466.deploying-rd-session-host-servers-or-farms.aspx

 

How to Remove the Access Messages and Enable the Single Sign On for RemoteApps

http://social.technet.microsoft.com/wiki/contents/articles/2381.how-to-remove-the-access-messages-and-enable-the-single-sign-on-for-remoteapps.aspx

 

 

Deploy Certificates by Using Group Policy

http://www.ervik.as/microsoft/windows-server-2008-r2/3321-how-to-configure-single-sign-on-for-remote-desktop-services

 

 

Enable RDC Client Single Sign-On for Remote Desktop Services

https://technet.microsoft.com/en-us/library/cc742808.aspx

http://blogs.msdn.com/b/rds/archive/2007/04/19/how-to-enable-single-sign-on-for-my-terminal-server-connections.aspx

https://technet.microsoft.com/en-us/library/cc742808.aspx

 

 

How to resolve the issue: “A website wants to start a remote connection. The publisher of this remote connection cannot be identified.”

http://blogs.msdn.com/b/rds/archive/2011/04/05/how-to-resolve-the-issue-a-website-wants-to-start-a-remote-connection-the-publisher-of-this-remote-connection-cannot-be-identified.aspx

 

 

Do you trust the publisher of this RemoteApp Program? prompt even though the Publisher is trusted?

https://social.technet.microsoft.com/Forums/windowsserver/en-US/f47bcba9-67bf-45d0-af3f-fd9b9982ee2a/do-you-trust-the-publisher-of-this-remoteapp-program-prompt-even-though-the-publisher-is-trusted

 

 

Create a Self-Signed Server Certificate in IIS 7

https://technet.microsoft.com/en-us/library/cc753127(v=ws.10).aspx

 

 

IT: How To Create a Self Signed Security (SSL) Certificate and Deploy it to Client Machines

http://www.howtogeek.com/107415/it-how-to-create-a-self-signed-security-ssl-certificate-and-deploy-it-to-client-machines/

 

 

 

 

 

Makecert.exe (Certificate Creation Tool)

https://msdn.microsoft.com/en-us/library/bfsktky3(v=vs.110).aspx

Tested example (sets the start date to 30.6.15 and the end dates is 20yrs+ later.

makecert.exe -r -pe -n “CN=rdscluster.test.world.com” -eku 1.3.6.1.5.5.7.3.1 -b 06/30/2015 -ss my -sr localmachine -sky exchange -sp “Microsoft RSA SChannel Cryptographic Provider” -sy 12 “E:\Media\Cert\rdscluster.test.world.com.cer”

 

 

About Digitally Signing RemoteApp Programs

https://technet.microsoft.com/en-gb/library/cc754499.aspx

 

 

Create RDS Farm – Check list

https://technet.microsoft.com/en-us/library/cc753891.aspx

 

 

Install the RD Connection Broker Role Service

https://technet.microsoft.com/en-us/library/cc732076.aspx

 

 

Add Each RD Session Host Server in the Farm to the Session Broker Computers Local Group

https://technet.microsoft.com/en-us/library/cc753630.aspx

 

 

Configure an RD Session Host Server to Join a Farm in RD Connection Broker

https://technet.microsoft.com/en-us/library/cc771383.aspx

 

 

Configure DNS for RD Connection Broker Load Balancing

https://technet.microsoft.com/en-us/library/cc772506.aspx

 

 

Limit Profile Size

http://www.techrepublic.com/blog/the-enterprise-cloud/limit-profile-size-with-group-policy/

 

Note Files deleted from a network share do not go to the recycle bin. They are deleted permanently

https://social.technet.microsoft.com/Forums/windowsserver/en-US/7119aafa-fe55-470c-ae20-568b80c5dcb4/files-deleting-over-the-network-share-drive-is-not-going-to-the-recycle-bin-it-permanently-delete?forum=winservergen

 

https://social.technet.microsoft.com/Forums/windowsserver/en-US/db181312-bc96-4c3d-b7d6-daa0250b5552/applying-quota-for-user-profile-in-terminal-server

 

Empty recycle bin at log off… GPO log off script –

User Configuration – POLICIES. WINDOWS SETTINGS – SCRIPTS – Logon/Logoff

Add Empty recycle bin batch

http://www.cryer.co.uk/brian/windows/batch_files/how_to_empty_recycle_bin.htm

e:

cd \$RECYCLE.BIN

del /s /q .

 

Types of profiles

http://blogs.msdn.com/b/rds/archive/2009/06/02/user-profiles-on-windows-server-2008-r2-remote-desktop-services.aspx?Redirected=true

 

 

User Configuration – Administrative Templates – System – Logon/Logoff

 

 

SHOW and HIDE ALL DRIVES

      1. A Create one policy for admins with show all drives https://support.microsoft.com/en-us/kb/231289
      2. Create a second policy for all users with hide all drives and a deny apply policy for admins https://support.microsoft.com/en-us/kb/816100
      3. Third policy has all the terminal server config details

 

 

Temporary Profiles Loading

http://social.technet.microsoft.com/wiki/contents/articles/3571.windows-user-profiles-service-event-1511-windows-cannot-find-the-local-profile-and-is-logging-you-on-with-a-temporary-profile.aspx