Clone Datastores from one ESXi host to Another

As we I progress with our server refresh and I continue to build our global virtualised infrastructure, I am constantly trying to make things easier for my less experienced colleagues and so that there will be consistency in what we do. One of the most tedious tasks must be NFS datastore creation. While we could script this out and create each datastore individually, I figured I would try find a way clone the datastore configuration from one host to another. This way you simply execute the script and let it run along, giving you time for other cool stuff.

This little script will save you hours, especially if you have hundreds of datastores and hosts.

Script 1: This is for host to host clone only

$Source_Host = Read-Host "Enter The Source Host"
$Destination_Host = Read-Host "Enter the Destination Host"
$Source_Root_Password = Read-Host "Enter Root Password for Source Host"
$Destination_Root_Password = Read-Host "Enter Root Password for Destination Host"
Connect-VIServer -Server $Source_Host -User root -Password $Source_Root_Password
Connect-VIServer -Server $Destination_Host -User root -Password $Destination_Root_Password
foreach (
			$datastore in (Get-VMhost $Source_Host | Get-Datastore | where {$_.Type -eq "nfs" -and $_.Accessible -eq "true"})
		)
		{
			New-Datastore -VMhost $Destination_Host -Nfs -Name $datastore.Name -Path $datastore.RemotePath -NfsHost $datastore.RemoteHost
		}
Disconnect-Viserver * -Confirm:$false

Script 2: This for host to Cluster wide .

$Source_Host = Read-Host "Enter The Source Host"
$Destination_vCenter = Read-Host "Enter the vCenter you want to connect to"
$Cluster = Read-Host "Enter the name of the Cluster to connect to"
$Source_Root_Password = Read-Host "Enter Root Password for Source Host"
Connect-VIServer -server $Source_Host -user root -password $Source_Root_Password 
Connect-VIServer -server $Destination_vCenter
foreach (
			$datastore in (Get-VMhost $Source_Host | Get-Datastore | where {$_.Type -eq "nfs" -and $_.Accessible -eq "true"})
		)
		{ 
			Get-Cluster "$Cluster" | Get-VMhost | New-Datastore -Nfs -Name $datastore.Name -Path $datastore.RemotePath -NfsHost $datastore.RemoteHost
		}
Disconnect-Viserver * -Confirm:$false

Copy the above text in to a text document and save it as a ps1 (powershell) file and run it using PowerCLI.

Finding Groups that have disabled users in them

This is just a quick powershell script to find all users who are a member of a certain group (of certain groups).
We were running out of licenses for one of the products we use internally. This product is tied to group memberships. Instead of clicking on each indivual group or disabled user (approximate 40 groups or 560 disabled users), I figured I would draft up a quick powershell to do the work for me.

Write-Host "Importing the ActiveDirectory Module" -foregroundcolor green
Import-Module ActiveDirectory | out-null 
Write-Host "Filtering AD Groups" -foregroundcolor green

#This will filter your groups. Change *changeme* to the group(s) you want filter. Keep the * if you want to wildcard it 
$Groups = (Get-AdGroup -filter * | Where {$_.name -like "*changeme*"} | select Name -expandproperty Name)
Write-Host "Preparing the CSV Template" -foregroundcolor green

#This will create the template for you to export to CSV 
$csv = @() 
$Record = [ordered]@{ 
"Group Name" = "" 
"Name" = "" 
"Username" = "" 
"Enabled" = ""
} 
Write-Host "The Magic is happening. Getting all Disabled Members" -foregroundcolor green

#The Magic
Foreach ($Group in $Groups) 
{ 
 $ArrayOfMembers = Get-ADGroupMember -Identity $Group -Recursive | %{Get-ADUser -Identity $_.distinguishedName -Properties Enabled | ?{$_.Enabled -eq $false}} | Select Name,SamAccountname,Enabled
 foreach ($Member in $Arrayofmembers) 
 {
 $Record."Group Name" = $Group
 $Record."Name" = $Member.Name
 $Record."UserName" = $Member.SamAccountname
 $Record."Enabled" = $Member.Enabled
 $objRecord = New-Object PSObject -property $Record
 $csv += $objrecord
 } 
}

#The Export
Write-Host "Exporting to CSV" -foregroundcolor green
$csv | export-csv "C:\temp\ADSecurityGroups.csv" -NoTypeInformation | out-null
Write-Host "Complete" -foregroundcolor green

Continue reading Finding Groups that have disabled users in them

Install and configure SQL AlwaysON AG with Listener on Azure

This is going to be a multi-part post, based on a very recent deployment.

I had to urgently build an AlwaysOn Availability Group and Listener in Azure on SQL Server 2014. The only issue was,  I have limited Azure and SQL knowledge. I can maintain and install, and create a few scripts here and there. But not enough to be called a DBA or Cloud Boff. However, I decided this would be an awesome thing to learn how to do. So, during the course of man flu, about 40 hours of crunch time, I can now install, configure and maintain a SQL AlwaysON AG with Listener on Azure.

So, lets get cracking.

Prerequisites:

  • 1x Domain Controller
  • 1x Service account for the SQL Server Service and for the SQL Server Agent Service
  • 1x Delegated permissions on AD for the cluster to create computer objects.
  • 1x Load balancer (on Azure)
  • 2x Windows Servers installed with a minimum of SQL 2012 installed
  • Shared location on each node (this will be used for adding DBs to the using a “Full” model)

Some of these pre-requisites are listed in this post – so don’t worry if you don’t know how to do certain things.

Continue reading Install and configure SQL AlwaysON AG with Listener on Azure

Step by Step Moving FSMO roles in Server 2012 R2

I needed to move our FSMO roles to a centralised server today, the main cause for this was firewall ruling (cannot add rules mid-week) and an urgent requirement for Domain controllers in our Azure Production environment.

We were unable to dcpromo our Azure server and after 2 days of troubleshooting, wiresharking and several work-a-rounds – we decided to move the FSMO roles yet again. Now, I know for a fact that continuously moving the FSMO roles is NOT HEALTHY for a domain environment, I was totally against it, but I bit the bullet and did as I was told.

They are now in their new home, On-Premise Site A,  and will not be moved again. However, due to Microsoft best practice, we will split the Schema master and Domain Naming Master off to DC2 once all firewall rules are in place.
Continue reading Step by Step Moving FSMO roles in Server 2012 R2

Scripted configurations of SNMP v2

Today I went through the process of scripting the configuration of SNMP configurations for multiple OS/devices. The reason for this is that there has never been a formality or standardisation of this and sometimes we tend to forget this and or that. So, in case you would also like to script it, here is what we use.

The defaults:

sysLocation:
For this, you could either use “3rd floor, of some office” or, if you are a global company, with  monitoring system that makes use of the GoogleMaps API (e.g. Observium) and would like to show various location globally – use a google API name – e.g. London, UK or Cape Town, South Africa etc.

sysContact:
This could be a name or an email address or telephone number

Community:
Something that is configured on your server and on your device/workstation/server that allows communications. There is also a permission set that will get applied to this.

target:
This is the place you are sending information to

port:
This is by default, 161/UDP, unless you change it.

Continue reading Scripted configurations of SNMP v2

Creating Superseded Applications in SCCM 2012 R2


Today I was investigating upgrading an application we use for email signature management called Symprex. I want to upgrade it using SCCM and realised that internally we didn’t have any “How-To” documentation on deploying an application from start to finish, so what better way to add a post to my blog and some internal documentation.

sccm-2012-r2-logo

So, what is supersedence exactly?

Microsoft TechNet gives us a pretty good explanation:

“Application management in Microsoft System Centre 2012 Configuration Manager allows you to upgrade or replace existing applications by using a supersedence relationship. When you supersede an application, you can specify a new deployment type to replace the deployment type of the superseded application and also configure whether to upgrade or uninstall the superseded application before the superseding application is installed.
When you supersede an application, this applies to all future deployments and Application Catalog requests. This will not affect the existing installations of the application.”

Taken directly from Technet

Continue reading Creating Superseded Applications in SCCM 2012 R2

Importing IPs into IPPlan

Importing IPs in to IPlan saves tons of time if you have lots of IPs to add.

I am deploying many ESXi systems at the moment, and each vmk port has got a different IP and or the connected devices have IPs etc. I looked across the internet but couldn’t really find a process or guide. After struggling for a few days, I managed to finally import the addresses.

Be sure to edit and save this in Notepad. This needs to be done in ASCII format.

The columns are imported in the following order: IP address, user, location, description, hostname, telephone number and mac address.

Continue reading Importing IPs into IPPlan

Creating vSwitch Names for new vSwitches on ESXi Hosts using Host Web Client

A little while back, I wrote on Changing your vSwitch Names on ESXi Host.  I found another way to do this, but unfortunately, this method ONLY works for NEW vSwitches.

Once the vSwitch has been created, you cannot change the name to something else. If you made a mistake and need to change it, you would need to either:

a. Removing the vSwitch and recreating it
b. Doing the Changing your vSwitch Names on ESXi Host option.

login
Login to the ESXi Host directly – https://ip-or-hostname/ui/ (note the trailing “/” after ui)

Continue reading Creating vSwitch Names for new vSwitches on ESXi Hosts using Host Web Client

How to Monitor DHCP Addresses with IPSentry

Recently, I had taken part in a maintenance weekend at the office, post maintenance, Our IPSentry dashboard, (we use IPSentry for some of our monitoring), reported a couple errors, which was fixed.

Come Monday morning, a colleague of mine noticed that certain systems were down, which he brought up. I did some further investigation and noticed one of our DHCP pools were running out of leases. I wanted to see if IPSentry could monitor DHCP addresses, and as it turns out, it can.

It took me a while to figure this out, but now I know it, I’ll add it here for the world to share.

As mentioned before, in order to monitor DHCP leases, you would need to make use of the SNMP Addin for IPSentry.

So here are the prerequisites:

Continue reading How to Monitor DHCP Addresses with IPSentry

Using Lansweeper to find computers that do not have a specific windows update installed

So, today I was asked “How do I use product “X”” to to pull a report to list all systems that do not have a specific hotfix installed.

I will not be listing product “X” as

  1. It cannot do what was asked
  2. I don’t want to bad mouth the software, as what it’s actual purpose is, it does the job damn well.

So, below is a report (You can implement this via the “Report Builder” in Lansweeper).

Continue reading Using Lansweeper to find computers that do not have a specific windows update installed