blog.kaniski.eu I just wanna learn!

8Sep/170

10 years of this blog…

Today is the 10th anniversary of my first blog post! Since then, well... a LOT happened! 🙂

(image source)

Let's see what the next 10 years bring!!! 🙂

Cheers!

4Sep/170

Deploying Linux machines by using System Center 2016: Virtual Machine Manager templates

In light of "Microsoft loves Linux" initiative, you can now deploy your Linux virtual machines by using templates in the System Center 2016: Virtual Machine Manager. As I was searching on how to do this (successfully), there were couple of articles that helped, so I’ve decided to do a short list of all the necessary steps (in one place).

Steps to make your Linux VM template deployments work:

  • create a new (Generation 2) virtual machine (as you would normally do)
  • install the Linux operating system in that virtual machine (as you would normally do)
    • HINT: A list of supported Linux distributions and versions on Hyper-V is available here.
  • install the Linux Integration Services (LIS) (as per this post):
    • open the "modules" file
    • add the following to the end of this file:
    • save it (Ctrl+X and Y)
    • install LIS and reboot the machine by using the following commands:
    • check if the services are running by using the command:
  • install the Virtual Machine Manager agent (as per this post):
    • share the folder C:\Program Files\Microsoft System Center 2016\Agents\Linux on your VMM machine
    • copy the VMM agent files to Linux virtual machine
      • as a real Windows admin, I did it through the GUI
    • install the agent:
  • fix the boot for Generation 2 virtual machine (boot information is by default stored in the VM configuration file, not on disk – Ben wrote a great article on this “issue”)
    • Ben’s way (didn’t work for me):
      • change directory to the boot EFI directory
      • copy the ubuntu directory in to a new directory named boot
      • change directory to the newly created boot directory
      • rename the shimx64.efi file
    • TriJetScud’s way in the comments (worked for me with Ubuntu 16.04 Generation 2 VM):
  • shutdown the virtual machine and copy its VHDX to the VMM Library
    • HINT: Don't forget to refresh the VMM Library.
  • go to the VMM Library, right-click the copied VHDX and select the Create VM template option
  • proceed with creating the template as you normally would, to the part Configure Operating System
    • HINT: If you are using Secure boot, don’t forget to select the MicrosoftUEFICertificateAuthority template in hardware settings.
  • there, under Guest OS profile, you select the option to create a new Linux operating system customization settings
  • next you specify your guest OS settings and finish creating the template
  • now you can create a new Linux virtual machine from the template you’ve configured!

Hope it helps!

Cheers!

15Jul/170

Microsoft MVP… times 8!

It’s that time of the year again (although, a bit earlier than previous years).

I’m proud and grateful that I’ve got one more Microsoft Most Valuable Professional (MVP) award in the Cloud and Datacenter Management area!

Microsoft Most Valuable Professional (MVP)

Eight years… it’s a lot (and yes – I’m feelin’ a bit older, few grays here and there, but they say it’s actually “wisdom”, so... it’s fine)! 🙂

I would once again like to thank the nice people at Microsoft and everyone who continuously supports me – my family and friends, my colleagues and the community! And now… it’s time to continue – there is so much to learn, experience & to share! 🙂

Cheers!

Filed under: Other No Comments
2May/174

Citrix NetScaler 12 – CLI upgrade helps

There is a new and shiny NetScaler version available – version 12! Smile

All the news and docs are available here, and you can download the latest bits from here. But, I will not write about them now – there is something else I would like to share.

Unlike with other (minor) upgrades, upgrading to this version… well, there were some “challenges”. If you have used Citrix NetScaler before, it has its nice and simple GUI, through which you can do many things… one of them being a system upgrade.

Upgrade process by using GUI is pretty straight-forward:

  • download the latest firmware from Citrix website (.tgz file)
  • login to the appliance and save current configuration
  • if you are using virtual appliances, you can also do a snapshot or checkpoint (depending on the virtualization platform you are using)
  • go to System System Upgrade and select the firmware file and click Upgrade

image

  • when installation completes, reboot the appliance
  • enjoy your shiny, new NetScaler 12 (upgraded in just 6 steps)! Smile

And now about “the other way”… Smile

As I’ve observed, upgrade option through GUI was not working (for me) in any of the major browsers (Chrome, Firefox, Edge or even Internet Explorer) – upload of firmware finishes and then… nothing really happens. Strange, but… it’s just my luck. No big deal! Smile

What helped in my case:

  • download the latest firmware from Citrix website (.tgz file)
  • use PuTTY to establish SSH connection to your appliance
  • run save config to save all the changes you have made to your existing configuration (but maybe forgot to save it before Smile)
  • if you are using virtual appliances, you can also do a snapshot or checkpoint (depending on the virtualization platform you are using)
  • type in shell (to enter the shell, where we will work with files)
  • create a folder for the new version (I have simply called it 12, as in /var/nsinstall/12/, where I will upload the new firmware)
  • use PSCP (PuTTy Secure Copy Client), also a free command-line utility to copy firmware to the appliance, inside the newly created folder:

image

  • go back to PuTTy and extract the contents of this firmware:

  • once extracted, run the ./installns command, which will actually do the upgrade (something that was never triggered in my GUI upgrade attempts, obviously Smile)
  • when installation completes, reboot the appliance

image

  • enjoy your shiny, new NetScaler 12 (upgraded in just 11 steps)! Smile

image

image

For a longer, better explained… and official version, please check the Citrix docs, available here.

Note that nothing really changes in your usual upgrade routine – those steps are just in case you have trouble with the GUI, as I did (if your GUI works normally, with your browser, use it).

Hope it helps!

Cheers!

24Apr/173

Scheduling a PowerShell script… with arguments

Let’s say that you have a neat PowerShell script, which you want to run on some kind of a schedule (a script which will collect some data and send you an e-mail, every day in the same hour… ‘til the end of time – maybe this one) – how can you do it? Smile

The answer is simple. Yes, there is a tool included with Windows operating system, which can help you… and it’s called… well – Task Scheduler. Smile

And… if you never used the Task Scheduler in Windows, maybe this is the time to start.

It’s a rather simple tool – you click through a simple wizard, select what you need (a program) and when you need it, and you’ve created a scheduled task.

image

OK… so, I can run a program? What about a PowerShell script?

The real question here is “Who/what will run my PowerShell script?”. And then, the answer is simple – the PowerShell engine.

This means that your “program” is powershell.exe. This also means that in your scheduled task you should enter something like this:

image

(note the full path to powershell.exe – C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe)

Now we have a scheduled task which will start PowerShell in designated time, every single day. Usually, this is not enough, and we need to add some arguments to the command running (like the path to the script we want to execute).

image

(argument field in this case contains -Command "& 'C:\Scripts\Get-HyperVReport.ps1'"be really careful about the single/double quotes here!)

Configured like this, our scheduled task will execute the following command:

Two remaining things that we have to check is to have our Get-HyperVReport.ps1 script saved in C:\Scripts and that user, under whom this task is running, has the appropriate permissions to run it. Also, if task should be running unnatended (usually it should), make sure to configure it so.

One other thing that may be useful – with this script, we need to specify some additional parameters (like ClusterName or if it will send us an e-mail when completed). In this case, we can easily add the required parameters to the arguments field, like this:

image

(argument field in this case contains -Command "& 'C:\Scripts\Get-HyperVReport.ps1' -ClusterName MyCluster -SendMail $true -SMTPServer smtp.mail.com -MailFrom hyper-v@mail.com -MailTo some.mail@mail.com")

The whole command is then:

Hope this helps!

Cheers!

P.S. One other other thing (yes, it’s written twice… live with it Smile) that can be useful – you can also use PowerShell to create scheduled task which will run this PowerShell script (instead of using “the lame wizard”). Pssst… take a look at the New-ScheduledTask command. Winking smile

P.P.S. You can also make use of Adam's function, which will make your life easier - https://github.com/adbertram/Random-PowerShell-Work/blob/master/Scheduled%20Tasks/New-ScheduledScript.ps1. Thanks, Adam!

23Apr/170

How PowerShell keeps my photo collection neat

As I love taking photos, sometimes it might be difficult to keep my photo collection “neat”. My camera is set to save every photo in two formats (one for editing, and another one for “long term storage”, as I like to say Smile) – .ARW and .JPG.

When I come home from a “photo trip”, I go through the photos taken and delete the ones I don’t really like. As I need to delete both copies, sometimes it happens that I forgot to delete .JPG or .ARW file of the same photo (which leads to “inconsistencies” in my collection… which is not “neat” Smile).

To overcome this, I’ve come up with a solution – a simple PowerShell script to check if there are any .ARW files which are missing it’s corresponding .JPG file (basically, I’m looking for files sharing the same name, but with different extension):

So, output will be something like this (with right arrow in results meaning that I have .ARW files for which I don’t have the corresponding .JPG file, which further means that I’ve deleted the .JPG file which I didn’t like and now I need to delete .ARW as well):

image

Arrow on the left side means that I have .JPG files for which I don’t have the corresponding .ARW file. No results will mean that I have the files in sync – for each .ARW file, there is a corresponding .JPG file.

Next step will be to tweak the script and probably automate the deletion process. For now, I’m satisfied with PowerShell providing me info about the duplicates and deleting the files manually. Smile

Cheers!

30Mar/170

Updates and Recommendations not working in SCOM 2016

Not so long ago, there was a thread about this issue on TechNet Forums – long story short, in some cases (if you didn’t do a clean installation of System Center 2016 – Operations Manager, for example), the shiny, new feature called Updates and Recommendations didn’t work.

Even better – there was a rather cryptic error saying “An error occurred while displaying the Updates and Recommendations view. This might be because the database query has encountered an error…”.

image

So… it looks that maybe the database query has indeed “encountered an error”.

What can we do to make sure and resolve this?

As the user Chandra Bose suggested, we can look for duplicates in our imported management packs… and maybe we will be smarter then.

PowerShell command we can use:

This will list our imported management packs and their versions, and we can start looking for duplicate(s).

image

In my case, there were some – some of them were the two management packs called Microsoft.SystemCenter.WebApplicationSolutions.Library.Resources.*.

To get a better look on those two, we can use the following command:

And the output looks like this:

image

image

image

This shows that we really have two “duplicate” management packs in our SCOM database, one installed in 2013, and another in 2014 (why? and how? don’t really matter Smile). We need to remove one, obviously.

For that, we can use the following command (by using the Id property from previous command):

And, if there are no more duplicates, our Updates and Recommendations view should work now:

image

Hope this helps.

Cheers!

20Mar/170

Basic SharePoint load balancing

I’ve recently created a simple lab which gave me some answers around load balancing a SharePoint 2016 farm with SSL offloading.

To start, I’ve created a couple of virtual servers (on top of my “supercool home Windows Server 2016 Hyper-V PC” Smile) – a domain controller, a SQL server and two SharePoint servers. I’ve also downloaded a KEMP LoadMaster appliance (there is also a free one here, which would have been just enough for this lab) and prepared my DigiCert wildcard certificate (there is no need for the wildcard option, but this is the one I already have, so I’ve decided to use it).

So… I’ve prepared a domain controller, joined all the other servers to the domain and then installed SQL Server 2016. After that, on SharePoint servers, I’ve ran a preparation wizard and created a new SharePoint farm from the first node… with second node joining to it later. At the end, I’ve done the “Farm configuration” wizard and was all set to do the load balancing part. (And yes – I know that clicking “Next” is lame, but… it works. Smile)

The networking configuration for this lab is pretty simple. I have two VLANs – 111 (backend, where all the servers are residing) and VLAN 101 (frontend, where my LB virtual servers are).

I’ve created a new virtual machine for the load balancer, attached it to the two mentioned networks and also added the virtual disk downloaded from KEMP’s website.

image

After that, I’ve done the initial configuration wizard of LoadMaster which is actually straight-forward (setting the password, IP addresses, and importing a certificate afterwards).

With this done, we can create our virtual service(s) – there is actually a great guide for configuring the SharePoint load balancing virtual servers with KEMP LoadMaster.

I’ve used the following basic (manual) settings for my virtual service:

image
image

HINT: When troubleshooting load balancing – make sure that you have only one node behind the balancer… it makes things so much easier to troubleshoot! Smile

One last thing that wasn’t working with this “Next, Next, Next…” configuration was the Alternate Access Mappings (AAM) part – to be able to access a SharePoint farm over HTTPS and a public name, AAM should “know about it”. There is a great guide about AAM available – make sure you read it.

Default AAM settings for my farm were:

image

After (a lot) of troubleshooting and research, they were changed to this:

image

And… that’s it – it works! Smile

My totally awesome SharePoint 2016 site, located behind a load balancer and published with a trusted certificate (with SSL session terminating on my virtual KEMP load balancer), was alive:

image

To conclude - in all the configuration that was done, setting the AAM right was something that gave me most of the headache (load balancing/redirections not working right, troubleshooting what’s happening, etc.). Pay special attention to it! Once you figure it out, you’re done. Smile

Cheers!

9Feb/174

NetScaler, XenMobile and SSL certificates

So, you’ve finally decided to make yourself "a small Citrix lab" (XenMobile and NetScaler), but you’re having trouble with getting all the certificates in place. Fear not, I’m here to help!

Installing the SSL certificates for NetScaler is relatively simple, but still… some steps are easily forgotten and then… you need to troubleshoot. Smile

Steps to install the SSL certificate for NetScaler (correctly) are:

  1. Install the server certificate (for example, certificate for xms.yourdomain.com). The easiest way is to use .PFX certificate file, and you can install it through Traffic Management – SSL – Certificates – Server Certificates.
  2. Install the issuing and root CA’s certificates (.PEM files are OK) through Traffic Management – SSL – Certificates – CA Certificates.
  3. Create link (right click – Link) between the server certificate and issuing CA’s certificate.
  4. Create link (right click – Link) between the issuing CA’s certificate and root CA’s certificate.
  5. Check the certificate links on issuing CA’s certificate (right click – Certificate links). There should be two – one linking the server certificate, another the root certificate.
  6. Select the imported certificate for NetScaler Gateway usage.
  7. Select the imported certificate for (SSL) virtual servers as well. If you’re using NetScaler appliances in HA mode, force synchronization.
  8. Check if certificates are installed properly (for example, by opening the MAM interface with your browser – https://mam.yourdomain.com/ or https://mam.yourdomain.com:8443/).
  9. Check if certificate chain is in order as well – https://www.digicert.com/help/.

For XenMobile Server, there is some preparation work to do, to get it all right. Basically, you’ll need to combine all the (.PEM) certificate files into one, upload that to XenMobile Server, and restart.

Steps are:

  1. Combine individual (.PEM) certificate files (server, issuing and root CA) into one .PEM file by following instructions on this DigiCert site (you can use Notepad to achieve this). Your final .PEM file should look like this:
  2. -----BEGIN CERTIFICATE-----
    (server_certificate.pem content)
    -----END CERTIFICATE-----

    -----BEGIN CERTIFICATE-----
    (issuing_ca_certificate.pem content)
    -----END CERTIFICATE-----

    -----BEGIN CERTIFICATE-----
    (root_ca_certificate.pem content)
    -----END CERTIFICATE-----

  3. Upload the combined (.PEM) certificate file to XenMobile Server.
  4. Restart all the XenMobile Server nodes (one by one).
  5. Check if nodes picked up the certificate change (for example, by opening the XenMobile Server management interface with your browser – https://{node's_IP_address}:4443).
  6. Check if certificate chain is in order as well – https://www.digicert.com/help/.

And… that’s it!

Oh, yeah – in case you’ve been living under a rock… don’t use the SHA-1 certificates anymore… they are obsolete now (info). Smile

Cheers!