Updating the vCenter Server Appliance via ISO and CLI
by lunarg on October 26th 2018, at 13:29

You can easily update your vCenter Server Appliance (VCSA) offline by downloading a product patch ISO and via the CLI.

Download the latest patch from VMware Patch Download Center. Select VC from the Search by Product drop-down menu, then select the correct version (i.e. 6.0 or 6.5). Download the patch ISO and attach it to the VCSA.

Log in to the shell (using SSH or VMRC) and initiate the update:

  1. Stage the ISO updates:
    software-packages stage --iso --acceptEulas
  2. Optionally, you can view the list of packages to be updated:
    software-packages list --staged
  3. To install the updates, run:
    software-packages install --staged

After the update has finished, you will have to reboot the VCSA.

 
Barracuda NG Firewall: exclude Apple Appstore from AV scanning
by lunarg on October 22nd 2018, at 10:35
Barracuda NG Firewall has a comprehensive anti-malware and anti-virus scanning engine. Unfortunately, this clashes with the Apple Appstore: downloading apps and updates get blocked by the AV scanning engine. In order to resolve this, the URLs from Apple need to be excluded.

Using NGAdmin, log on to the firewall (or Control Center), navigate to the Virus-Scanner service of the firewall, and open the Virus Scanner Settings configuration node.

Click on Content Scanning and under the HTTP Multimedia Streaming section, add a new Scan Exception.

Enter a name for the exclusion, then enter these values:

Allowed MIME-Types: add the value *

Domain: *.apple.*

Setting the allowed MIME-type to * is  ...
 
VMWare: mark all optical drives as client
by lunarg on September 27th 2018, at 11:38
It is best practice not to have an ISO mounted on a VM if it is not necessary. This is especially the case with VDI: if you forget to set the optical drive back to client, each of your desktops will have the ISO mounted as well, which can create a hassle with dependencies on the datastore where the ISO is located.

With PowerCLI, you can quickly resolve the matter with this one-liner:

Get-VM | Get-CDDrive | Where {$_.ISOPath -ne $null} | Set-CDDrive -NoMedia -Confirm:$false

For VDI, note that this will not work for replicas and master images containing snapshots, as the dependency remains intact if a snapshot exists where the ISO was still mounted. In that case, it is better to clone the m  ...
 
Add/remove network routes in macOS
by lunarg on September 27th 2018, at 10:35

Similar as on FreeBSD and Linux, you can add/remove static network routes through the command line with the route command. The syntax somewhat differs from Linux, though.

To add a route (e.g. subnet 192.168.3.0/24 to gateway 192.168.1.254):

sudo route -n add -net 192.168.3.0/24 192.168.1.254

To remove a route:

sudo route -n delete -net 192.168.3.0/24

To show the current route table, you can use netstat:

netstat -nr
 
macOS: reset folder view for all folders
by lunarg on September 27th 2018, at 10:15
Folder view preferences are stored separately in a hidden file called .DS_Store in each folder. If you want to reset the folder view options to the default settings, you can use Terminal to do a search for those files and remove them.

To remove them in your home folder, you can run this:

find ~ -name ".DS_Store" -delete

Note that you can also do this on network shares. Just adjust the search path accordingly.

Suppose you have a share mapped to smb://server/data, then you would type:

find /Volumes/data -name "*.DS_Store" -delete

Caution
Be very careful with this command. It will not ask for confirmation!Making a typo (like forgetting to add the -name parameter) could result in permanent  ...
 
Backup switch configuration to TFTP (CLI reference)
by lunarg on August 24th 2018, at 15:14
In case of disaster, it is usually a very good idea to periodically back up the configuration of your network switches. This article lists syntax for backing up configuration to a TFTP server for different vendors.

In the syntax examples below, the IP for the TFTP is 1.2.3.4, and we're writing to the file switch.cfg.

Note that this article is definitely not complete. If you have additions to this article, please post them in the comments.

The syntax for Dell and Cisco switches is mostly the same. For N-series and PowerConnect, a summary is displayed which needs to be confirmed, which is not the case for Cisco and Dell S-series.

For Cisco Small Business (SF- and SG-series), the CLI ne  ...
 
Enable Telnet/SSH on Cisco 300/500 switches
by lunarg on August 21st 2018, at 14:44

Cisco's SF/SG 300/500 series managed switches have CLI access via Telnet and SSH but this is turned off by default, leaving only the web interface to manage the switch. You can enable Telnet and/or SSH via the web interface, enabling management via CLI.

  1. Log on to the web interface, then navigate to Security → TCP/UDP Services.
  2. Check the Enable boxes for Telnet Service and/or SSH Service. You can check both if you wish to enable both protocols. Click Apply, which will immediately start the selected services:
  3. Don't forget to save the configuration change to flash. Otherwise, the change will be lost after a reboot:
 
Configure tftpd-hpa to allow upload of new files
by lunarg on August 21st 2018, at 14:16
When installing tftpd-hpa, as a security measure, the service does not allow uploading new files. It does allow overwriting existing files, provided that the permissions are set correctly (as expected). The idea behind this is to secure TFTP a bit by only allowing uploads if the file already exists (and is writable). But this can be very tedious in some cases, where a lot of files have to be uploaded, and it is not possible to guess the names to create them in advance.

It is possible to configure tftpd-hpa to allow the creation of new files by adding the -c or --create parameter when starting the daemon.

For Ubuntu and Debian, this means editing the file /etc/default/tftpd-hpa, and adding   ...
 
 
 
« November 2018»
SunMonTueWedThuFriSat
    123
45678910
11121314151617
18192021222324
252627282930
 
Links
 
Quote
« Have you tried turning it off and on again? »
The IT Crowd