Author Archive

vSphere 5.1 available

September 11th, 2012 No comments

Yup – vSphere 5.1 is now available at

“Customers who have purchased VMware vSphere 5.1 can download their relevant installation package from the product download tab below. Looking to upgrade from vSphere 4 or Infrastructure 3? Visit the VMware vSphere Upgrade Center.

Deploy vSphere 5.1 on the ESXi hypervisor architecture

VMware vSphere 5.1 is available exclusively on the vSphere ESXi hypervisor architecture. ESXi is the latest hypervisor architecture from VMware and, as of the vSphere 4.1 release, VMware’s recommended best practice when deploying VMware vSphere. Users can upgrade to ESXi (from ESX) as part of an upgrade to vSphere 5.1.

For more information visit VMware ESXi and VMware ESX Info Center

Get Your vSphere License Key

Once you have purchased VMware vSphere 5.1, you will receive a licensing confirmation email with your license keys or you can retrieve your license keys from the vSphere License portal.

Other versions of VMware vSphere: 5.0 , 4.1 , 4.0”

Categories: VMWare Tags:

Useful scripts for amending the number of ports per vSwitch

May 1st, 2012 No comments

We have found that on many (most) of our ESX hosts, we run at risk of running our of vbSwitch ports when we run through our maintenance periods and reduce the number of hosts in a cluster.
Below are the scripts that I use to amend these settings:

# Calculating ports in use on each vSwitch: 
$myCol = @() 
ForEach ($VMHost in (get-cluster "prod Core" | Get-VMHost | Sort Name)) 
        ForEach ($VM in ($VMHost | Get-VM)) 
                ForEach ($NIC in (Get-NetworkAdapter -VM $VM)) 
                        $myObj = "" | Select VMHost, VM, NIC, PortGroup, vSwitch 
                        $myObj.VMHost = $VMHost.Name 
                        $myObj.VM = $VM.Name 
                        $myObj.NIC = $NIC.Name 
                        $myObj.PortGroup = Get-VirtualPortGroup -VM $VM -Name $NIC.NetworkName 
                        $myObj.vSwitch = $myObj.PortGroup.VirtualSwitchName 
                        $myCol += $myObj 
$myCol | Group-Object VMHost, vSwitch -NoElement | Sort Name | Select Name, Count 

“To upgrade the port numbers on vSwitch1 on myesxhost.intra to 120 ports , you need:”

# To increase number of ports on a vSwitch 
Get-VMHost "myserver1.intra" | % {Get-VirtualSwitch -VMHost $_ -Name vSwitch0 | where {$_.NumPorts -lt "128"}} | % { Set-VirtualSwitch -VirtualSwitch $_ -NumPorts "128" } 

“Note, the PowerCli says ‘128’ – the reason for this is that VMware reserves 8 ports for overhead on each vswitch.

You’ll also want to vMotion the Vms off each host – you can highlight multiple VMs and drag and drop, or right click, select ‘migrate’ and follow the wizard.
If you want to PowerCli it, you can try the following:”

# For a controlled migration. moving all VMs on myserver1 to myserver2 
get-vmhost myserver1.intra | get-vm | move-vm -destination (get-vmhost myserver2.intra) 

“The above will prompt you on each VM – you can ignore all prompts with :”

# to Ignore prompts 
get-vmhost myserver1.intra | get-vm | move-vm -destination (get-vmhost myserver2.intra) -Confirm:$false 

We previously had a bug that NICs lost the connection state(i.e. – the ‘Connected’ box got unchecked) – the solution was to move the VMs to a host that had available switch ports and then set the Nic’s to connected.”

#To find disconnected NICs in Prod Core cluster:" 
$vms = Get-Cluster "Prod Core" | Get-VM 
Get-NetworkAdapter ($vms | where {$_.powerstate -eq “poweredon”}) | Where { $_.connectionstate.connected -eq “$F” } | select parent, connectionstate 
#To repair change all disconnected NICs in a cluster to connected 
$vms = Get-NetworkAdapter ((Get-Cluster "Prod Core HA" | Get-VM) | where {$_.powerstate -eq “poweredon”}) | Where { $_.connectionstate.connected -eq “$F” } | select parent, connectionstate 
foreach ($a in $vms) 
$vm = get-vm $a.parent 
write-host $a.parent -back green 
if (!(test-connection $ )) 
   $nics = $vm | get-networkadapter | Where {$_.ConnectionState.Connected -eq $false -and $_.ConnectionState.StartConnected -eq $true} 
   if ($nics -ne $null) 
           foreach ( $nic in $nics ) 
                     write-host $vm.Name 
                     write-host $nic 
                        If (test-connection  $vm.Guest.HostName -count 1 -ea 0){write-host "Returning Pings!!"; return}else{write-host "Not Returning Pings"} 
                $nic | Set-NetworkAdapter -Connected $true 
                        If (test-connection  $vm.Guest.HostName -count 3 -ea 0){write-host "Returning Pings!!"}else{write-host "Not Returning Pings"} 
Categories: Powershell, Toolbox, VMWare Tags:

Changing ESX Server root passwords using PowerCli

April 24th, 2012 No comments

It’s that time again where we need to change the passwords on all of of ESX(i) hosts. Of course, when your number of hosts becomes any more than a handful, this can be a rather arduous process.

I had a scratch around some old scripts and found this one :


$serverlist = read-host "Please provide the path to your list of ESX hosts"

# Get old root credential
$oldrootPassword = Read-Host "Enter old root password" -AsSecureString
$oldrootCredential = new-object -typename System.Management.Automation.PSCredential -argumentlist "root",$oldrootPassword

# Get new root credential
$newrootPassword = Read-Host "Enter new root password" -AsSecureString
$newrootCredential = new-object -typename System.Management.Automation.PSCredential -argumentlist "root",$newrootPassword
$newrootPassword2 = Read-Host "Retype new root password" -AsSecureString
$newrootCredential2 = new-object -typename System.Management.Automation.PSCredential -argumentlist "root",$newrootPassword2

# Compare passwords
If ($newrootCredential.GetNetworkCredential().Password -ceq $newrootCredential2.GetNetworkCredential().Password) {

# Create new root account object
$rootaccount = New-Object VMware.Vim.HostPosixAccountSpec
$ = "root"
$rootaccount.password = $newrootCredential.GetNetworkCredential().Password
$rootaccount.shellAccess = "/bin/bash"

# Get list of Host servers from textfile to change root password on
Get-Content $serverlist | %{
Connect-VIServer $_ -User root -Password $oldrootCredential.GetNetworkCredential().Password -ErrorAction SilentlyContinue -ErrorVariable ConnectError | Out-Null
If ($ConnectError -ne $Null) {
Write-Host "ERROR: Failed to connect to ESX server:" $_
Else {
$si = Get-View ServiceInstance
$acctMgr = Get-View -Id $si.content.accountManager
Write-Host "Root password successfully changed on" $_
Disconnect-VIServer -Confirm:$False | Out-Null
Else {
Write-Host "ERROR: New root passwords do not match. Exiting..."

I can’t remember where I got it from, but I am pretty sure it came off the VMware communities.

Of course, if you really wanted to, you get simply gather the list of ESX hosts from your VC and trawl through those using the same code – the only difference would be that you could delete the following

$serverlist = read-host "Please provide the path to your list of ESX hosts"

and replace

# Get list of Host servers from textfile to change root password on
Get-Content $serverlist | %{

with something like

Get-VMHost | %{$}

Happy days – use at own risk of course!

Categories: VMWare Tags:

Configuring VMware High Availability fails

April 24th, 2012 No comments

We had an interesting situation yesterday where we tried to add an ESX4.1 host to a cluster that had its vmkernel and Service Console ports on different VLANs to the existing cluster.

Configuring VMware High Availability fails with the error: Cannot complete the configuration of the HA agent on the host

which says:

This issue occurs if all the hosts in the cluster do not share the same service console or management network configurations. Some hosts may have service consoles using a different name or may have more service consoles than other hosts.
For example, this error may also occur if the VMkernel gateway settings are not the same across all hosts in the cluster. To reconfigure the setting, right-click on the hosts with this error and select Reconfigure for HA.
Address the network configuration differences between the hosts if you are going to use the Shut Down or Power Off isolation responses because these options trigger a VMware HA isolation in the event of Service Console or Management Network failures.
If you are using the Leave VM Powered on isolation response, the option to ignore these messages is available in VMware VirtualCenter 2.5 Update 3.
To configure VirtualCenter to ignore these messages, set the advanced option das.bypassNetCompatCheck to true:
Note: When using the das.bypassNetCompatCheck option, the heartbeat mechanism during configuration used in VirtualCenter 2.5 only pairs symmetric IP addresses within subnets across nodes. For example, in a two node cluster, if host A has vswif0 “Service Console” 10.10.1.x and vswif1 “Service Console 2” 10.10.5.x and host B has vswif0 “Service Console” 10.10.2.x and vswif1 “Service Console 2” 10.10.5.x, the heartbeats only happen on vswif1. Starting in vCenter Server 4.0, they can be paired across subnets if pings are allowed across the subnets. However, VMware recommends having them within subnets.
  1. Right-click the cluster, then click Edit Settings.
  2. Deselect Turn on VMware HA.
  3. Wait for all the hosts in the cluster to unconfigure HA.
  4. Right-click the cluster, and choose Edit Settings.
  5. Select Turn on Vmware HA, then select VMware HA from the left pane.
  6. Select Advanced options.
  7. Add the option das.bypassNetCompatCheck with the value True.
  8. Click OK on the Advanced Options screen, then click OK again to accept the cluster setting changes.
  9. Wait for all the ESX hosts in the cluster to reconfigure for HA.

We made the changes in a test environment, and tested and voila! problem solved.

Now I would not really advocate running  production environment using this, as a router / switch outage could cause false alerts, or even HA to be invoked – but for test environments that are sometimes not as ‘pretty’ as you’d like, It is worth considering using this to still be able to use/test  HA.

Categories: VMWare Tags:

vExpert 2012!

April 21st, 2012 No comments

I am very honored and very pleased to be awarded the VMware vExpert Award for the first time! Especially when I look at this list and notice names like Alaric, Renouf etc!!  -I really though that my chances were slim, as I have been too busy over the second half of this year to keep my usual levels of community interaction and contribution up and running.

Thanks to VMware for continuing this award. Also congratulations to all new vExperts 2012.

The VMware vExpert Award is given to individuals who have significantly contributed to the community of VMware users over the past year. vExperts are book authors, bloggers, VMUG leaders, tool builders, and other IT professionals who share their knowledge and passion with others. These vExperts have gone above and beyond their day jobs to share their technical expertise and communicate the value of VMware and virtualization to their colleagues and community.

Check out the official announcement and have a look at the complete list on :

Categories: VMWare Tags:

Modifying SCCM collections from the command line

February 8th, 2012 No comments

Automating SCCM OSD collection removal and addition.

I  created a little command line app that allows modification of SCCM collections from the command line  SCCMd – it requires various licensed MS components, but these should all be present on your SCCM server.

Usage: ScCmd.exe [/h:<hostname>] [/u:<username>] [/p:<password>] [/i] [/d] [/a:<CollectionName>] [/r:<CollectionName>] [/rd] [/c:<SccmclientName>
] [/m:<MacAddress>] [/f] [/q:<MacAddress or ClientName>]

/h SCCM HostName <required>
/u UserName <Defaults to current user>
/p Password <Only required when specifying user>
/i Import client to SCCM <MacAddress and HostName required> (use -f if Overwrite required)
/d Delete client from SCCM <ClientName or macAddress required>
/a Add Client to Collection <ClientName and CollectionName required>
/r Remove direct rule client from a Collection <Clientname and CollectionName required>
/rd Remove all direct Collection rules <clientName required>
/f Force Overwrite of existing records when importing new clients
/c Sccm Client Name
/m MacAddress
/q Query SCCM for client record – returns client details

I use this to manage the removal from collection (and addition to new collections) by monitoring events on my build jobs.

So by settings up an Eventlog monitor to execute a bacth file like the following:

if “%1″==”” goto :NOARGS

REM Check if server is in one of my deployment collections
c:\Windows\sccmcmd.exe /h:mysccmserver /q:%1 > %temp%\%1.txt
findstr /C:”Windows Server 2008 R2″  %temp%\%1.txt >nul&&(GOTO POSTBUILD)||(GOTO 2K3)

findstr /C:”Windows Server 2003 R2 x64″  %temp%\%1.txt >nul&&(GOTO POSTBUILD)||(GOTO FLUSH)

REM Remove from all collections
c:\Windows\SCCMCmd.exe /h:mysccmserver /rd /c:%1

REM Schedule PostBuild Job by adding the server to the Postbuild collection
c:\Windows\SCCMCmd.exe /h:mysccmserver /rd /c:%1
c:\Windows\SCCMCmd.exe /h:mysccmserver /a:”R2 PostConfig – LIVE – R2.CMD” /c:%1

ECHO “No Arguments”


The Server gets removed from all collections after a successful build, then added to the ‘PostBuild’ collection – which of course launches all of my PostBuild scripts.

This means I am able to manage which collections my server is in at the end of my build process.

Categories: SCCM / SMS Tags:

Authenticating to your proxy when your application does not have the ability – option 2

November 16th, 2011 No comments


I dropped a post on here on using a squid proxy tp get around the issue where your network needs Proxy authentication, but you application does not support it.

I was actually at the time working on gathering some info during web requests – using Fiddler – and figured that as Fiddler was proxying my requests, it may be able to manage my authentication for me and save some pain.

well here is a quick way to do this.

  1. head over to and install the latest version of fiddler
  2. close IE etc – so no web requests are running
  3. Launch fiddler (using the standard configuration)
  4.  Start IE and make an HTTP-request to an external web-site.
  5. At this point, the proxy authorization dialogue pops up
  6. Fill in your credentials
  7. Go back to fiddler and run a search for “Proxy-Authorization”.
  8. click on any of the (recent) found lines in the left hand pane, then click “headers” from the buttons on the right
  9. Look through the text fpor a header value like “Basic  ArBiTaRy64BaSeEnCode==”
  10. Copy the string to your clipboard
  11. To edit your rules go Rules > Customize Rules (Or hit Ctrl-R)
  12. In the section : “OnBeforeRequest” add the following (using the values you captured above):

// Add proxy auth header
    oSession.oRequest[“Proxy-Authorization”] = “Basic ArBiTaRy64BaSeEnCode==”;

13. Restart Fiddler – Enjoy


Categories: Toolbox Tags:

Updated ADDM query using Powershell.

November 7th, 2011 No comments

This has been updated to allow qu9ick access to ADDM views for people who live in their Powershell Shells.

So a quick – “get-addm myserver – launch” opens the URL – I have not found a way to post the credsa to the logon page yet – as I do not want to depends on simulated keypresses.

Function get-Addm ($addmserver="MyAddmServer.mydomain.local", $hostname, [string]$query="SEARCH Host WHERE name MATCHES '(?i)$hostname'", $username, $password, $proxy="myproxy:8080", [switch]$resetpwd, [switch]$launch)
 # Use system reflection to convert string to URL.
 [System.Reflection.Assembly]::LoadWithPartialName("System.Web") | out-null
 $query = [System.Web.HttpUtility]::UrlEncode($query)
 # Check for password / gather password info
 If ($resetpwd)
  {del $env:userprofile\$username.txt}
 If (!$username)
  write-host "No Username specified - using $env:username" -fore Green
  $username = $env:username
 if (test-path $env:userprofile\$username.txt)
  write-host "Stored creds found for $username" -fore Green
  write-host "No Password saved for $username - please specify a valid pwd" -fore Green
  read-host -assecurestring | convertfrom-securestring | out-file $env:userprofile\$username.txt
  $password = get-content $env:userprofile\$username.txt | convertto-securestring
  $credentials = new-object -typename System.Management.Automation.PSCredential -argumentlist $username,$password

 # Decrypt stored creds
 $pw =  $credentials.GetNetworkCredential().password
 # Create Web request
 $proxy = new-object System.Net.WebProxy $proxy
 # $proxy.credentials = $proxycred.GetNetworkCredential()
 $WebClient = New-Object System.Net.WebClient
 $webclient.proxy = $proxy
 $url = "<a href="https://$addmserver/ui/api/CsvApi?query=$query&username=$username&password=$pw">https://$addmserver/ui/api/CsvApi?query=$query&username=$username&password=$pw</a>"
 $Webclient.DownloadFile($url, "$env:temp\tmp.csv")
  #Import captured CSV
 $csv = import-csv "$env:temp\tmp.csv"
 If ($launch){ie "<a href="https://$addmserver/ui/NodeSearch?query=SEARCH%20Host%20WHERE%20name%20MATCHES%20%27%28%3Fi%29$Hostname%27">https://$addmserver/ui/NodeSearch?query=SEARCH%20Host%20WHERE%20name%20MATCHES%20%27%28%3Fi%29$Hostname%27</a>"}
  return $csv

Categories: ADDM Tags:

Flushing hidden devices after a P2V

October 16th, 2011 No comments

After a P2V, several hidden drivers etc are left latent on your VM.

to flush these, do the following:

Open a command prompt on the Windows VM (Start –> Run –> cmd).
set devmgr_show_nonpresent_devices=1
In the device management console (View –> Show Hidden Devices).

Uninstall the devices that are no longer required. Such as old network devices.

Categories: Uncategorized Tags:

ADSI from WinPE

September 21st, 2011 No comments

Johan Arwidmark  over at has an ADSI plugin for Windows PE, (the download link below has x86 and x64 support.)


He has recently replaced his site with – but I am unable to find the link on this site (hence the link to the old site below)

This is very useful for those who want to hit the AD from deployment HTAs etc when creating server builds and so on

He has even created very simple batch files for creating the updated boot wims (though I assume of course that you all have relatively custom wims as is, so may want to pick through the batch file and substitute your own boot wim as a source)

Download link:


Categories: SCCM / SMS, Toolbox Tags: