Update ESXi via the command line

First you need to download whatever patch it is that you want to install. Then evacuate and put in maintenance mode.

Then you need to download and install VMware CLI and then use a normal command prompt to issue this comma

esxcli -s [IP of ESXi server] -u root -p [password] software vib install -

d /vmfs/volumes/[Volume GUID thingy]/update-from-esxi5.0-5.0_upda

te03.zip

You are presented with a splurge of text and told to reboot and when you do, your patch is installed.

Exchange Virtual Directories

These can be a pain in the arse and not easy to understand (for me anyway) so I am going to write down what I have learned this morning.

An CAS server still on its defaults will not allow http traffic to OWA, nor will it redirect traffic without the "/owa" switch. To make this easier for users this is what you do:

1. Put in a http redirect on the default web page. This would be to your desired site, so for example https://mail.domain.com/owa.

2. Now in the child virtual directories remove the redirection (it is inherited):

Aspnet_client
Autodiscover
ECP
EWS
ActiveSync
OAB
OWA
RPC
RPCWithCert

(I'm not sure what the last two are for)

3. Remove SSL from the default web site.

4. Add SSL to the child virtual directories (same list as above except aspnet)

5. iisreset.

At my company it appears that the process has been been performed slightly differently. SSL is still on for the default web site and turned off on many of the child virtual directories. In "Error redirection" the 403 error is redirected to mail.domain.com/owa. I think this is a bit of a cack handed way to do it but it works.

Exchange AutoDiscover

Exchange 2007 and Exchange 2010 (in conjunction with Office 2007 onwards) use Autodiscover to automatically fill in the users account details the first time he or she logs in. It also takes care of "availability", out-of-office, offline address book and a few other things. In Exchange 2003 these things either were not done or they were achieved with public folders.

The client first queries active directory for the CAS server's autodiscover URL. It finds this by means of a "service connection point", which is located in the following location:

CN=[Server Name],CN=Autodiscover,CN=Protocols,CN=[Server Name],CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=[Exchange Organisation Name],CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=[Domain],DC=com

In order to edit this object you can use the set-ClientAccessServer -identity [CAS Server] -AutoDiscoverServiceInternalURI "[URL]" (it is stored under ServiceBindingInformation).


According to this guy (http://blogs.technet.com/b/rmilne/archive/2013/04/02/busting-the-set-autodiscovervirtualdirectory-myth.aspx) setting the "AutodiscoverVirtualDirectory" internal and external URLs does NOTHING.



Outlook Autodiscover Logging:


%temp%\Olkdisc.log

You can also hold control and right click the Outlook icon in the taskbar and it will give you Autodiscover tools.

Ontap Vif miscellany

A few things about networking on a FAS2050.

The FAS2050 has two ports per controller: e0a and e0b. There is a management port (with a wrench symbol) but I can find no trace of this from the software side of things.

From controller 1 I deleted all the vifs so that I would have to learn to recreate them via SSH. On the switch each port that the Netapp is plugged into is configured as follows:

interface FastEthernet0/2
 switchport trunk allowed vlan 100,302,303
 switchport mode trunk
 spanning-tree portfast

I decided that I ought to aggregate the two ports so I ran this command:

vif create multi dennis e0a e0b

The multi could have also been "single" or "lacp". Multi and LACP are forms of aggregation whereas single is an active / passive arrangement. I could have also added a "-b" switch to specify the type of balancing (IP, port, MAC or round robin - I think IP is default).

I then created the VLANs to correspond with the switch port settings:

vlan create dennis 100 302 303

I then decided I didn't need VLAN 302 and 303 for this test:

vlan delete dennis 302 303

Finally, I had to assign an IP address to the new interface. Hence:

ifconfig dennis-100 10.10.10.54 netmask 255.255.0.0

BSOD Special Edition

Client PCs at my company mysteriously reboot every now and again. I decided to try and decipher a dump file.

Before I begin, credit to this guy:

http://weblogs.asp.net/owscott/archive/2012/07/18/reading-a-memory-dmp-or-other-dmp-file.aspx

And in fact, I can't really improve in what he says so I will simply reproduce what he says:

1. Install the debugger
2. Browse to the installation directory in a cmd
3. Type kd –z [path to dump file]
4. Type .logopen [path to log file.txt]
5. Type .sympath srv*c:\symbols*http://msdl.microsoft.com/download/symbols
6. Type .reload;!analyze -v;r;kv;lmnt;.logclose;q

The contents of the dump file will be written to the log and the console window. Read it and solve the problem. Or don't, because in this case the dump files pointed to the graphics card but that turned out to be only a factor and not the entire problem..

Cisco Miscellany

interface FastEthernet2/0/1
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 100
 switchport mode trunk
 switchport voice vlan 2
 srr-queue bandwidth share 10 10 60 20
 srr-queue bandwidth shape 10 0 0 0
 mls qos trust cos
 auto qos voip trust
 spanning-tree portfast trunk

What does this mean?

Interface (port) running at 100MBs of identity Switch 2 / Stack 0 ?? / Port 1 has the following characteristics:

It is a trunk and its encapsulation is 802.1Q. Its native to VLAN 100 but will accept traffic from other VLANS too. It is configured to handle traffic from VLAN 2 (i.e. VOIP devices) differently that other traffic. This is shown with the bandwidth shaping and bandwidth sharing.

Each interface has 4 queues (this is known as egress queuing). You can specify what share of the bandwidth by issuing it a ratio of the total bandwidth. So srr-queue bandwidth share 10 10 60 20 would assign 60% of the bandwidth to queue 3.

The shaping command works differently as it denotes a percentage. Queue 1 in the output above will only be able to use 10% of the bandwidth.

The lines containing QoS relate to prioritising the VOIP traffic. The COS identifier (a value originating from the header of frames) is used to identify VOIP traffic which is then given priority over data frames.


It looks as though the VOIP traffic uses queue 1 because it is shaped and allows for "smoother" traffic flow.

Useful links:

https://supportforums.cisco.com/thread/165677

SQL House Keeping

I made the mistake of creating my SQL server virtual disks (database and log disks, both comprised of RAID 1 arrays) so that they encompassed the entire datastore. I didn't think this would be much of a problem but if you use snapshots in any way, shape or form then you will run into problems because the snapshots must (I think) go on the same datastore. We use vSphere Data Protection and so when it was doing a backup the SQL server floundered due to lack of disk space.

So apparently you can't shrink a virtual disk, or at least I don't know how to.

I had to move all the databases and logs onto a third disk and then remove and reconfigure the log and database disks and then move all the data back onto the newly resized disks. Here is how:

For each user database run this query for each database, index and log:

ALTER DATABASE SUSDB MODIFY FILE ( NAME = SUSDB , FILENAME = 'H:\Data\SUSDB.mdf' );
ALTER DATABASE SUSDB MODIFY FILE ( NAME = SUSDB_log , FILENAME = 'H:\Logs\SUSDB_log.ldf' );

The "name" field maps to the logical name of the file. The "Filename" should map to where you want to move the file.

After running this query, stop the SQL Server service and then manually move the files. Restart the service (and the agent if necessary) and check that the DB starts and then the files are where they should be. This command also helps to verify this:

SELECT name, physical_name AS CurrentLocation, state_desc
FROM sys.master_files
WHERE database_id = DB_ID(N'SUSDB');

IMPORTANT: It appears that the destination folder must have the following user account present in its ACL with full rights:

SQLServerMSSQLUser$fwsql$MSSQLSERVER

The Master DB is slightly different. You must edit the start up parameters in the Configuration Manager to the new locations. Config Manager > Services > MSSQLServer Properties > Advanced > Startup Parameters.

Within the parameters "-d" is the Master DB, "-e" is the error log and "-l" is the log.

Once you have changed these values, stop the service and move the files and then restart the service. Make sure the folder that you move it to has that unwieldy SQL account in its ACL.

The Model and the MSDB DBs are moved in the same way as the user databases.




Resources:

http://msdn.microsoft.com/en-us/library/ms345408.aspx

Talks of a "Startup Parameters" tab but there doesn't appear to be one.