Enterprise Admins.org

I have been using the vCheck v5 for several months and have nothing but good things to say about it. The script has helped me find and resolve several issues in the environments I maintain. There are a few additional checks that I have come up with myself, but I usually run those manually once a month or so and then view the output from a command prompt. I have spent a couple of hours recently retro-fitting the scripts I use into vCheck format and then adding them to the existing script. If you would like to use these checks, please get the full script from here (after leaving a quick thank-you for Al). Here are my additions:

#Stuff added by bwuch:
$ShowThickDisk = $true
$ShowMisnamedVM = $true
$ShowWrongOS = $true
$ShowWrongSyslog = $true
$syslogserver = "Your_syslog_server:514"
$ShowRemoteTSM = $true


if ($ShowThickDisk) {		
	Write-CustomOut "..Checking for thick provisioned virtual disk files"
	$thickdisks = @()
	foreach ($vmguest in ($VM | get-view))
	{
		$name = $vmguest.name
		$vmguest.Config.Hardware.Device | where {$_.GetType().Name -eq "VirtualDisk"} |  %{
		if(!$_.Backing.ThinProvisioned){
			$myObj = "" |
			select Name,Label,File,CapacityGB
			$myObj.Name = $name
			$myObj.Label = $_.DeviceInfo.Label
			$myObj.File = $_.Backing.FileName
			$myObj.CapacityGB = [math]::round(($_.CapacityInKB / 1024 / 1024),2)
			$thickdisks += $myObj
			}
		}	
	}
	If (($thickdisks | Measure-Object).count -gt 0) {
	$myReport += Get-CustomHeader "Thick provisioned virtual disks : $($thickdisks.count)" "Standard virtual disks in this environment are thin provisioned.  Thick provisioned disks represent a possible waste of storage space and should only be used when disk I/O performance is a top concern."
	$myReport += Get-HTMLTable $thickdisks
	$MyReport += Get-CustomHeaderClose
	}
}

#--------------------
if ($ShowMisnamedVM) {
	Write-CustomOut "..Finding mis-named VMs"
	$misnamed = @()
	foreach ($vmguest in ($VM | where { $_.Guest.HostName -ne $NULL -AND $_.Guest.HostName -notmatch $_.Name }))
	{
		$myObj = "" | select VMName,GuestName
		$myObj.VMName = $vmguest.name
		$myObj.GuestName = $vmguest.Guest.HostName
		$misnamed += $myObj
	}
	If (($misnamed | Measure-Object).count -gt 0) {
	$myReport += Get-CustomHeader "Mis-named virtual machines : $($misnamed.count)" "The following guest names do not match the name inside of the guest."
	$myReport += Get-HTMLTable $misnamed
	$MyReport += Get-CustomHeaderClose
	}
}

#--------------------
if ($ShowWrongOS) {
	Write-CustomOut "..Finding guests with wrong OS selected."
	$wrongOS = @()
	foreach ($vmguest in ($VM | get-view | 
	where ({ $_.Guest.GuestFullname -ne $NULL -AND $_.Guest.GuestFullname -ne $_.Summary.Config.GuestFullName})))
	{
		$myObj = "" | select Name,InstalledOS,SelectedOS
		$myObj.Name = $vmguest.name
		$myObj.InstalledOS = $vmguest.Guest.GuestFullName
		$myObj.SelectedOS = $vmguest.Summary.Config.GuestFullName
		$wrongOS += $myObj
	}
	If (($wrongOS | Measure-Object).count -gt 0) {
	$myReport += Get-CustomHeader "Guests with wrong OS $($wrongOS.count)" "The following virtual machines contain operating systems other than the ones selected in the VM configuration."
	$myReport += Get-HTMLTable $wrongOS
	$MyReport += Get-CustomHeaderClose
	}
}

#--------------------
if ($ShowWrongSyslog) {
	Write-CustomOut "..Checking VM Host syslog server"
	$wrongSyslog = @()
	foreach ($vmhost in ($VMH | 
	Where {$_.state -ne "Disconnected"} | Select Name, @{N="SLServer";E={$_ | Get-VMHostSyslogServer}} | 
	Where {$_.SLServer -notmatch $syslogserver}))
	{
		$myObj = "" | select Name,SyslogServer
		$myObj.name = $vmhost.name
		$myObj.SyslogServer = $vmhost.SLServer
		$wrongSyslog += $myObj
	}
	If (($wrongSyslog | Measure-Object).count -gt 0) {
	$myReport += Get-CustomHeader "Hosts with the wrong syslog specified $($wrongSyslog.count)" "The following hosts do not have a proper syslog specified."
	$myReport += Get-HTMLTable $wrongSyslog
	$MyReport += Get-CustomHeaderClose
	}
}

#--------------------
if ($ShowRemoteTSM) {
	Write-CustomOut "..Checking VM Host for remote TSM enabled"
	$startingEAP = $ErrorActionPreference
	$ErrorActionPreference="SilentlyContinue"
	$remoteTSM = @()
	foreach ($vmhost in ($VMH))
	{
		$socket = new-object Net.Sockets.TcpClient
		$socket.connect($vmhost,22)
		if ($socket.Connected) {
			$myObj = "" | select Name,Connected
			$myObj.Name = $vmhost.name
			$myObj.Connected = "TRUE"
			$remoteTSM += $myObj
			$socket.close()
		}	
	}
	$ErrorActionPreference = $startingEAP
	If (($remoteTSM | Measure-Object).count -gt 0) {
	$myReport += Get-CustomHeader "Hosts with remote tech support enabled $($remoteTSM.count)" "The following hosts have SSH/remote tech support mode enabled."
	$myReport += Get-HTMLTable $remoteTSM
	$MyReport += Get-CustomHeaderClose
	}
}		

Several times I have ran into the following issue with an event being logged in the vCenter Server event log every minute:

Active Directory Web Services encountered an error while reading the settings for the specified Active Directory Lightweight Directory Services instance. Active Directory Web Services will retry this operation periodically. In the mean time, this instance will be ignored. Instance name: ADAM_VMwareVCMSDS

I had fixed this on several vCenters that I managed. However the problem returned on one vCenter this weekend after enabling vCenter Linked Mode. I decided to document the solution here so it is easier to find if I run into this problem again.
As described here this is caused by a simple registry setting. Browse to the following key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ADAM_VMwareVCMSDS\Parameters

Delete the existing key (string) for “Port SSL” and replace it with a DWORD named “Port SSL” with a value of 636 (in decimal).

Restart ADAM_VMwareVCMSDS and ADWS services. Problem solved.

When I setup a vCenter server I typically use a DNS alias (CNAME). This allows me to use a server name that follows an enterprise naming convention, such as S898PAP1B.domain.parent.local, but connect to vCenter with an easy to remember name like vcenter.parent.local.

There are various articles that cover the SSL installation and regeneration process.

However, these never really worked well with my alias. When installing Update Manager a dialog box pops up asking you to select either the name or IP address of how the Update Manager server is identified on the network. This name or IP is then used when Update Manager extensions are registered in the vCenter server.

I’ve tried everything I could think of to resolve this issue. I’ve manually edited the D:\Program Files\VMware\Infrastructure\Update Manager\extension.xml file and even updated the vmw-vc-URL attribute of the ADAM distinguishedName CN=com.vmware.vcIntegrity,CN=vCenter_GUID,OU=ComponentSpecs, OU=Health,DC=virtualcenter,DC=vmware,DC=int. None of these changes appeared to work.

Finally, after much searching, I found the following VMware KB article: http://kb.vmware.com/kb/1013222 that does work!

D:
cd "Program Files\VMware\Infrastructure\Update Manager"
vciInstallUtils.exe --vc vcenter.parent.local --port 80 -U  -P  -S extension.xml -C . -L . -O extupdate

Now my vCenter Update Manager is now registered in vCenter using the alias.

I was recently working with a Dell PowerEdge M610 blade server that had a processor problem. During troubleshooting steps, Dell requested a DSET report from my ESXi host. I knew this wouldn’t be a problem as I could use the live boot CD (described here).

After I booted the live CD I was able to run the requested DSET report. However, once I had the report I needed network connectivity to get it out of the live CD environment. The problem is that my network adapters only have 802.1Q VLAN tagged interfaces. To access the network I needed to specify the VLAN ID. This is a very common configuration for ESX/ESXi hosts, but I wasn’t sure how to make it work in the live CD Linux. This wouldn’t be a very complicated configuration for a Linux guy, but as a Windows admin it took me a few minutes to figure out. After some googling, I came up with the following:

vconfig add eth0 55
ifconfig eth0.55 10.55.0.20 netmask 255.255.255.0 broadcast 10.55.0.255 up
route add default gw 10.55.0.1 eth0.55

(Assuming that my interface is eth0, the VLAN ID is 55, the subnet is 10.55.0.0/24, I wish to assign the address 10.55.0.20 and the default gateway is 10.55.0.1)

While using the vMA 4.1 as vi-admin, I noticed that a couple commands I tried to run (for example yum update) would fail because I was not root. When I tried to issue ‘su’ I could not become root either. I found the following article virtuallyGhetto VMware Scripts & Resources with instructions on how to enable the root account.

sudo vi /etc/passwd

When prompted for a password I entered the vi-admin password. As suggested I changed the entry for

root:x:0:0:root:/root:/sbin/nologin

to look like

root:x:0:0:root:/root:/bin/bash

However, after enabling the account I still could not login — using root and the vi-admin password. I then logged back in as vi-admin and entered

sudo passwd root

And defined a password for the root account. I am now able to login as root with my root password.