Following is the steps I used to solve installing VMware Tools on CentOS
1.In Sphere Client: Guest > Install/update VMware Tools
2. On the VM console in command line, being a server I do not have a GUI installed:
3. mkdir /cdrom, or any other mount point you like
4. mount the vitural cdrom from step 1; mount /dev/cdrom /cdrom
5. cd /tmp
6. tar -xvf /cdrom/VMwareTools (tab to auto-complete)
7. cd vmware (tab to auto-complete)
8. ./vmware-install.pl; accept defaults, you might have to install perl as well
9. umount /cdrom
10. In Vsphere Client: Guest > Install/upVMware Tools > OK
11. To confirm the install; in the client > VM Summary tab and look for OK next to VMWare Tools
VMware iSCSI Configs
To install the Equallogic Multi Pathing Module
SCP the zipped vib to a location accessible by your vHost.
dell-eql-mem-esx5-1.2.0.365964.zip to vHost01
Then SSH to the vHost and run the following command, editing for your location
~ # esxcli software vib install –depot /vmfs/volumes/*****/dell-eql-mem-esx5-1.2.0.365964.zip
You’ll see the result similar to below (from an older version installed)
Installation Result
Message: Operation finished successfully.
Reboot Required: false
VIBs Installed: Dell_bootbank_dell-eql-host-connection-mgr_1.1.1-268843, Dell_bootbank_dell-eql-hostprofile_1.1.0-212190, Dell_bootbank_dell-eql-routed-psp_1.1.1-262227
Once you’re running equallogic storage multi pathing module run
esxcli equallogic param list
————— —– —– — ———————————————
TotalSessions 512 1024 64 Max number of sessions per host.
VolumeSessions 12 12 1 Max number of sessions per volume.
MemberSessions 4 4 1 Max number of sessions per member per volume.
MinAdapterSpeed 1000 10000 10 Minimum adapter speed for iSCSI multipathing.
~ # esxcli equallogic param set -n=VolumeSessions -v=12
~ # esxcli equallogic param set -n=MemberSessions -v=4
run those two esxcli statements on ssh.
your member sessions are probably 2 and the volume sessions are probably 4 or 6
then rescan the paths on ths iscsi software adapter, you should triple the paths
MPM
After updating the mpm config on my vhosts
vhost01-iscsi-network
Disable OTP Sophos UTM 9.2 via Shell
Dang it! I also locked myself out of the webadmin on Sophos UTM 9.2 while trying out their OTP function with Google Authenticator.
Here’s how I fixed this problem:
Login to the Firewall Console Interface as root
at the / type
cc
then auth and press enter,
it will list out:
ad_sso
auto_add_to_facility@
auto_add_users$
block
cache_lifetime$
edir_sso
otp
servers@
Type otp and press enter,
it will list out:
auto_create_token$
default_timestep$
facilities@
require_all_users$
required_users@
status$
Type facilities@ and press enter,
finally listing:
0 webadmin
1 portal
2 ipsec
3 openvpn
Type -0 and press enter, where it will redisplay (in this case)
0 portal
1 ipsec
3 openvpn
Login as admin to your firewall via the webadmin!!!
Soft lockup messages from Linux kernel running in an SMP-enabled virtual machine
Non-Root User Permissions Oracle Linux
I’m working on a system recently migrated to Oracle Linux 6.6 from a very old Solaris system. There is a CIFS mount from a Windows 2012r2 server that existed on the old system. The raw mount point has 777 directory permissions.
[root@localhost ~]# ls -ld /datastore/
drwxrwxrwx 2 root root 4096 Jan 6 09:50 /datastore/
When the mount is active the permissions are:
[root@localhost ~]# ls -ld /datastore/
drwxr-xr-x 1 root root 634564 Jan 6 09:50 /datastore/
Users other than root cannot write to the share or create files. Looking at the old server, the permissions on files and subdirectories within the same share have the setuid bit. This is not present on the new system. The /etc/fstab looks like:
//cifshost/datastore /datastore cifs username=user,password=password,domain=mydomain.local 0 0
You’ll need to change /etc/fstab and add the file_mode=0666,dir_mode=0777 mount options.
//cifshost/share/datastore /datastore cifs user=user,pass=password,file_mode=0666,dir_mode=0777 0 0
And you should be good to go!
Update EqualLogic Disk Firmware
Ok, we all know that updating controller firmware on the EqualLogic Systems is an easy task, basically open the GUI, upload a file, click a few buttons and Bang! updated.
http://www.matavesi.com/wp-content/uploads/2020/06/kit_V9.0.3-R427117_1120407684.tgz
http://www.matavesi.com/wp-content/uploads/2020/06/kit_V8.1.3-R422462_334193118.tgz
So now you’re getting emails from SANHQ complaining about disk firmware. What then?
http://www.matavesi.com/wp-content/uploads/2020/06/kit_V10.0_DriveFw_2480353603.tgz
http://www.matavesi.com/wp-content/uploads/2020/06/kit_V8.0_DriveFw_2285700222.tgz
http://www.matavesi.com/wp-content/uploads/2021/02/kit_V11.0_DriveFw_2875173717.tgz
First, open your favorite FTP software, mine’s WinScrape aka WinSCP.
FTP over to your EQL box’s group IP or management IP.
Upload the .tgz package, I used kit_V8.0_DriveFw_2285700222.tgz
I did not unzip the file, repeat, it does not need any further work.
Then I Putty (ssh) over to the EQL box’s group IP or management IP and perform the following command – update.. yes that’s it. just type “update”. and best part is you can do it hot, no outage necessary!
I’ll just paste in the entire output from my instance.
Welcome to Group Manager
Copyright 2001-2014 Dell Inc.
EQLSAN> update
13:24:23 Updating from kit file “kit_V8.0_DriveFw_2285700222.tgz”
This command will install the update kit file that was
copied to the array.
If you choose to proceed, you will be shown the current firmware version
and the version to which you will update. You will then be given the
choice to proceed again.
Do you want to proceed (y/n) [y]: y
13:24:39 Verifying kit integrity.
Starting Disk Firmware update… V8.0
…Initializing support libraries…
Identifying drives that qualify for firmware upgrades… Please wait.
22 drive(s) in this array qualify for a firmware upgrade.
The process will now update the 22 drives that qualify for a firmware upgrade.
If you proceed, please do not power off or restart the array, or remove
any drives until the update process completes.
Do you want to continue at this time (Y/N)? y
SKIPPING DriveID 0 No firmware is available for Model: HUS723030ALS640
SKIPPING DriveID 1 No firmware is available for Model: HUS723030ALS640
SKIPPING DriveID 2 No firmware is available for Model: HUS723030ALS640
Checking health status of Array
UPGRADING DriveID 3 firmware from RN08 to RE12 using ./fwbin/RE12.lod
Drive firmware successfully updated : on drive 3
SKIPPING DriveID 4 No firmware is available for Model: HUS723030ALS640
SKIPPING DriveID 5 No firmware is available for Model: HUS723030ALS640
SKIPPING DriveID 6 No firmware is available for Model: HUS723030ALS640
Checking health status of Array
UPGRADING DriveID 7 firmware from RN08 to RE12 using ./fwbin/RE12.lod
Drive firmware successfully updated : on drive 7
SKIPPING DriveID 8 No firmware is available for Model: HUS723030ALS640
SKIPPING DriveID 9 No firmware is available for Model: HUS723030ALS640
Checking health status of Array
UPGRADING DriveID 10 firmware from RE0C to RE12 using ./fwbin/RE12.lod
Drive firmware successfully updated : on drive 10
SKIPPING DriveID 11 No firmware is available for Model: HUS723030ALS640
SKIPPING DriveID 12 No firmware is available for Model: HUS723030ALS640
SKIPPING DriveID 13 No firmware is available for Model: HUS723030ALS640
Checking health status of Array
UPGRADING DriveID 14 firmware from RE0C to RE12 using ./fwbin/RE12.lod
Drive firmware successfully updated : on drive 14
SKIPPING DriveID 15 No firmware is available for Model: HUS723030ALS640
SKIPPING DriveID 16 No firmware is available for Model: HUS723030ALS640
SKIPPING DriveID 17 No firmware is available for Model: HUS723030ALS640
Checking health status of Array
UPGRADING DriveID 18 firmware from RE0C to RE12 using ./fwbin/RE12.lod
Drive firmware successfully updated : on drive 18
SKIPPING DriveID 19 No firmware is available for Model: HUS723030ALS640
SKIPPING DriveID 20 No firmware is available for Model: HUS723030ALS640
SKIPPING DriveID 21 No firmware is available for Model: HUS723030ALS640
Checking health status of Array
UPGRADING DriveID 22 firmware from RE0C to RE12 using ./fwbin/RE12.lod
Drive firmware successfully updated : on drive 22
SKIPPING DriveID 23 No firmware is available for Model: HUS723030ALS640
Checking health status of Array
UPGRADING DriveID 24 firmware from RE0C to RE12 using ./fwbin/RE12.lod
Drive firmware successfully updated : on drive 24
SKIPPING DriveID 25 No firmware is available for Model: HUS723030ALS640
Checking health status of Array
UPGRADING DriveID 26 firmware from RN08 to RE12 using ./fwbin/RE12.lod
Drive firmware successfully updated : on drive 26
Checking health status of Array
UPGRADING DriveID 27 firmware from RN08 to RE12 using ./fwbin/RE12.lod
Drive firmware successfully updated : on drive 27
Checking health status of Array
UPGRADING DriveID 28 firmware from RE0C to RE12 using ./fwbin/RE12.lod
Drive firmware successfully updated : on drive 28
SKIPPING DriveID 29 No firmware is available for Model: HUS723030ALS640
Checking health status of Array
UPGRADING DriveID 30 firmware from RE0C to RE12 using ./fwbin/RE12.lod
Drive firmware successfully updated : on drive 30
Checking health status of Array
UPGRADING DriveID 31 firmware from RN08 to RE12 using ./fwbin/RE12.lod
Drive firmware successfully updated : on drive 31
Checking health status of Array
UPGRADING DriveID 32 firmware from RE0C to RE12 using ./fwbin/RE12.lod
Drive firmware successfully updated : on drive 32
SKIPPING DriveID 33 No firmware is available for Model: HUS723030ALS640
Checking health status of Array
UPGRADING DriveID 34 firmware from RN08 to RE12 using ./fwbin/RE12.lod
Drive firmware successfully updated : on drive 34
Checking health status of Array
UPGRADING DriveID 35 firmware from RN08 to RE12 using ./fwbin/RE12.lod
Drive firmware successfully updated : on drive 35
Checking health status of Array
UPGRADING DriveID 36 firmware from RE0C to RE12 using ./fwbin/RE12.lod
Drive firmware successfully updated : on drive 36
SKIPPING DriveID 37 No firmware is available for Model: HUS723030ALS640
Checking health status of Array
UPGRADING DriveID 38 firmware from RN08 to RE12 using ./fwbin/RE12.lod
Drive firmware successfully updated : on drive 38
Checking health status of Array
UPGRADING DriveID 39 firmware from RN08 to RE12 using ./fwbin/RE12.lod
Drive firmware successfully updated : on drive 39
Checking health status of Array
UPGRADING DriveID 40 firmware from RE0C to RE12 using ./fwbin/RE12.lod
Drive firmware successfully updated : on drive 40
SKIPPING DriveID 41 No firmware is available for Model: HUS723030ALS640
Checking health status of Array
UPGRADING DriveID 42 firmware from RN08 to RE12 using ./fwbin/RE12.lod
Drive firmware successfully updated : on drive 42
SKIPPING DriveID 43 No firmware is available for Model: HUS723030ALS640
Checking health status of Array
UPGRADING DriveID 44 firmware from RE0C to RE12 using ./fwbin/RE12.lod
Drive firmware successfully updated : on drive 44
SKIPPING DriveID 45 No firmware is available for Model: HUS723030ALS640
Checking health status of Array
UPGRADING DriveID 46 firmware from RN08 to RE12 using ./fwbin/RE12.lod
Drive firmware successfully updated : on drive 46
SKIPPING DriveID 47 No firmware is available for Model: HUS723030ALS640
Logging post run disk information
Entering cleanup phase… Please Wait…
The update was successful.
Would you like to email the results to Dell (Y/N)? n
Done cleanup … quitting with an exit status of 0
EQLSAN>
Vmware Tools on CentOS 6.x or 7 x64
Problem:
Running Vsphere 5.x and installed the VMWare tools on a CentOS 6.x x64 system. After an OS update that requires reboot vmware-tools does not automatically startup.
As of version 8.6.11.20852 (build-1015158) the vmware tools install script vmware-install.pl does not create a start script in /etc/init.d since it now uses upstart.
Additional information: When you installed vmware-tools you did not Enable automatic building and installation of kernel modules at boot.
Resolution:
1.) You can re-run /usr/bin/vmware-config-tools.pl after each OS update that modifies the kernel.2.) You can run /usr/bin/vmware-config-tools.pl and ENABLE the automatic building and installation of kernel modules at boot (Note: you will need to remember to enable this option with subsequent vmware-tools upgrades)
3.) You can create your own init script from the services.sh script located in the /etc/vmware-tools directory.
From command line:
[root@host]# cp /etc/vmware-tools/services.sh /etc/init.d/vmware-tools
[root@host]# vim /etc/init.d/vmware-tools
Paste the following just below the line ##VMWARE_INIT_INFO## and save:
# chkconfig: 235 03 99
[root@host]# chkconfig –add vmware-tools (two dashes)
[root@host]# chkconfig vmware-tools on
Verify that it works:
[root@host]# service vmware-tools restart
Manage Windows 8 Wireless Network Profiles
I was having a heck of a time with my little tablet connecting to some wireless connections using the same SSID. Here’s how I fixed it…
If you need to change a wireless connection profile, you can usually do it by following these steps:
- Swipe in from the right edge of the screen, tap Settings, and then tap Change PC settings. (If you’re using a mouse, point to the upper-right corner of the screen, move the mouse pointer down, click Settings, and then click Change PC settings.)
- Tap or click Network, tap or click Connections, and then tap or click the connection you want to change.
- On the page that appears, make the changes you want.
Some tasks, such as deleting a profile, must be done at the command prompt. To do these tasks, open Command Prompt, and then type the appropriate command from the following table.
- Open Command Prompt by swiping in from the right edge of the screen, tapping Search (or if you’re using a mouse, pointing to the upper-right corner of the screen, moving the mouse pointer down, and then clicking Search), entering Command Prompt in the search box, and then tapping or clicking Command Prompt.
|
TASK
|
INSTRUCTIONS
|
|---|---|
|
Delete a profile |
At the command prompt, type: netsh wlan delete profile name=”ProfileName” |
|
Show all wireless profiles on the PC |
At the command prompt, type: netsh wlan show profiles |
|
Show a security key |
At the command prompt, type: netsh wlan show profile name=“ProfileName” key=clear |
|
Move a network up in the priority list |
Connecting to a new network and choosing Connect automatically will place it at the top of the list. |
|
Stop automatically connecting to a network within range |
Tap or click the network in the network list, and then click Disconnect. |
|
Stop automatically connecting to a network that’s out of range |
At the command prompt, type: netsh wlan set profileparameter name=”ProfileName” connectionmode=manual |
How Windows determines connection priority
Windows usually connects to networks in this order:
1. Ethernet
2. Wi‑Fi
3. Mobile broadband
When you connect to a new Wi‑Fi network, it’s added to the list, and Windows will connect to that network while it’s in range. If you connect to another Wi‑Fi network while in range of the first network, Windows will prefer the second network over the first one.
Mobile broadband networks are treated differently. If you manually connect to a mobile broadband network when there is a Wi‑Fi network in range, the mobile broadband network is preferred just for that session. The next time you’re in range of both networks, the Wi‑Fi network is preferred. This is because mobile broadband networks typically are metered.
If you want to force your PC to prefer a mobile broadband network over Wi‑Fi, tap or click the Wi‑Fi network in the list of networks, and then click Disconnect. Windows won’t automatically connect to that Wi‑Fi network.
Re-register Windows client/server in WSUS
To re-register Windows client/server in WSUS review the following instructions:
1. Run “gpupdate /force” command on the Windows client/server that have a registration issue in WSUS.
2. Run “wuauclt /detectnow ” command on the Windows client/server that have a registration issue in WSUS.
Tip: You can use the Event Viewer to review the re-registration
3. In rare cases, you may need to run: “wuauclt.exe /resetauthorization /detectnow” command on the Windows client/server that have a registration issue in WSUS.
Unix and Active Directory Integration
Step by step,
yum install nscd samba samba-common samba-client samba-winbind
yum upgrade
vi /etc/hosts
192.168.1.30 dc.domain.com pdc01
Run authconfig-tui
Authentication Configuration – check Cache Information, Use Winbind, Use MD5 Passwords, Use Shadow Passwords, Use Winbind Authentication
Winbind Settings – check ads, type the short name of the domain, example.com needs to be just example in this field, enter FQDN of domain controllers, ADS realm is FQDN of primary DC, check /bin/bash
Click on Join Domain
Enter credentials for a domain administrator and make sure the server successfully joined the domain
vi /usr/local/bin/bash-wrapper
#!/bin/sh
# This script restricts shell access to privileged users. The “template shell”
# option in the ‘/etc/samba/smb.conf’ file should be set to call this wrapper.
# Get group memberships for this user.
BFN_ID=$(/usr/bin/id)
# Grant shell access to users that are in the local wheel group.
if /bin/echo “$BFN_ID” | /bin/grep -P ‘[=,][0-9]{1,8}(wheel)’ > /dev/null
then
exec /bin/bash –login “$@”
fi
# Grant shell access to users that are in the domain administrators group.
if /bin/echo “$BFN_ID” | /bin/grep -P ‘[=,][0-9]{1,8}(domain admins)’ > /dev/null
then
exec /bin/bash –login “$@”
fi
# Else print a notice and just exit.
echo “Shell access to this computer is disabled.”
# eof
vi /usr/local/bin/ad-phase2.sh
# ad-phase2.sh – Phase 2
# Description: This script automates the process of joining a linux box
# to an AD domain. The process is divided in two parts.
#
# Please edit the relevant parts of the script below prior running it
# This block doesn’t need to be edited
#sed -i ‘s%protocols: files%protocols: files winbind%g’ /etc/nsswitch.conf
#sed -i ‘s%rpc: files%rpc: files winbind%g’ /etc/nsswitch.conf
#sed -i ‘s%netgroup: files%netgroup: files winbind%g’ /etc/nsswitch.conf
#sed -i ‘s%automount: files%automount: files winbind%g’ /etc/nsswitch.conf
# The following line allows users to logon without the ugly EXAMPLEuser syntax
sed -i ‘s%winbind use default domain = false%winbind use default domain = true%g’ /etc/samba/smb.conf
# More parameters to make life easier with UID and GID correspondances
sed -i ‘s% template shell = /bin/bash% template shell = /usr/local/bin/bash-wrapper%g’ /etc/samba/smb.conf
sed -i ‘/ winbind offline logon = false/a winbind enum users = true’ /etc/samba/smb.conf
sed -i ‘/winbind enum users = true/a winbind enum groups = true’ /etc/samba/smb.conf
sed -i ‘/winbind enum groups = true/a winbind cache time = 5’ /etc/samba/smb.conf
sed -i ‘/winbind cache time = 5/a winbind nested groups = true’ /etc/samba/smb.conf
# This line will allow for home folders to be created in /home/DOMAIN/username upon first login
echo “session optional pam_mkhomedir.so skel=/etc/skel/ umask=0022” >> /etc/pam.d/system-auth
# The following line will allow all the users within the Domain Admins group to sudo on the server
echo “%domain admins ALL=(ALL) ALL” >> /etc/sudoers
# Replace “base OU=Users,DC=example,DC=com” with the container of the users you want to allow on the box
sed -i ‘s%base dc=*******,dc=com%base OU=Users,DC=*******************,DC=com%g’ /etc/openldap/ldap.conf
chmod +x /usr/local/bin/ad-phase2.sh
chmod +x /usr/local/bin/bash-wrapper
service winbind restart
service nscd restart
Reboot for good measure.