by lunarg on March 25th 2019, at 13:33
You can reset the root password of any (recent) VMWare appliance, such as the vCenter Server Appliance (VCSA), or Platform Services Controller (PSC) by following the procedure outlined here. Note that you will need to have physical or console access to perform the reset. The reset also requires a restart of the appliance so you'll need to schedule downtime for it.

First of, take a snapshot or backup of the virtual appliance before proceeding. In case the reset should fail, you'll always have a backup to go back to.

Restart the appliance. Right after the BIOS screen, the PhotonOS splash screen will appear for a few seconds.

During this time, press e to enter the GNU GRUB edit menu, allowin  ...
by lunarg on March 25th 2019, at 12:15
You can change the default shell (used when logging on with VMRC or through SSH). By default, this is set to the appliance shell, providing limited functionality. If you rather have BASH as the default shell, you can switch this.

Log on through SSH or VMRC with the root account.

If shell access hasn't been activated yet, run this first:

shell.set --enabled true

If you are running the appliance shell, type shell to launch the BASH shell.

In the BASH shell, at the prompt, type the following to change the default shell to BASH (instead of the appliance shell):

chsh -s /bin/bash root

You'll need to log out for the changes to take effect. The next time you log in, you will log on directly   ...
by lunarg on March 21st 2019, at 12:24
The quickest way to enable auto-logon on Ubuntu 16.04+ and Debian (which are using systemd for management of their services) is by creating an override for the getty service, specifically for tty1 (or another tty if you prefer).

First, determine which tty you wish to have the auto-logon on. These are the terminals linked to the Alt+Fn keys, so tty1 = Alt+F1, tty2 = Alt+F2. The default is always tty1.

Next, create an override by typing:

sudo systemctl edit getty@tty1.service

This will open up a text editor where you can adjust the parameters like so:

[Service]ExecStart=ExecStart=-/sbin/agetty --noissue --autologin myusername %I $TERMType=idle

Replace myusername with the account you wish  ...
by lunarg on March 18th 2019, at 12:45
If you wish to use TLS, or are using TLS authentication in a Office 365 Hybrid environment, and have manually changed or renewed the SSL certificate, you may still get errors about unable to initiate the TLS session (STARTTLS), even though the SSL certificate has been correctly renewed. Just setting the SSL certificate to be used with SMTP is not enough to make TLS work correctly. You also need to (re-)configure the TLS certificate name on your receive connectors.

As stated by the manual:

The TlsCertificateName parameter specifies the X.509 certificate to use with TLS sessions and secure mail. Valid input for this parameter is [I]Issuer[S]Subject. The Issuer value is fou  ...
by lunarg on March 13th 2019, at 13:49

Currently, it is not possible to configure the DNS suffix (search domain) for SSL VPN and IPSEC tunnels through the GUI, but it can be configured using the CLI.


config vpn ssl settings
set dns-suffix


config vpn ipsec phase1-interface
set domain

Changes are effective immediately. After configuring the setting, users will be able to resolve names using single names instead of FQDN.

by lunarg on February 8th 2019, at 10:04

An excellent TechNet-article explained how rules are evaluated in Windows Firewall, specifically in what order and which rules take precedence over others.

by lunarg on February 8th 2019, at 10:02

If for some reason the deployment of the VMWare vConverter agent fails, you can also copy the installer to the machine you wish to P2V and manually install it.

On the machine VMWare vConverter is installed, navigate to the location where it's installed (by default: C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone), and look for the file VMware-Converter-Agent.exe. Copy over this file over to the target machine and run it to install the agent. Accept the defaults, including the TCP-port (unless your setup requires you to change it). Once finished, a service will have been installed and you will be able to connect to it using vConverter.

by lunarg on February 2nd 2019, at 15:44
You can disable password expiration from the command-line when logging on using SSH or by enabling the Bash shell. Note that you will need root privileges (i.e. root account) to make this change.

If shell access is not enabled, you need to enable it first:

Log on to the appliance management portal: https://ip-or-fqdn:5480/.

In the Navigator, click on Access. On the right side (Access Settings), click on the Edit button.

Tick the box next to Enable SSH Login for remote access, or if you rather prefer making the change through the VMRC, check the box Enable BASH Shell. Then click OK. The change is effective immediately.

Log on to the shell using either SSH (using PuTTY or another applicat  ...
« April 2019»
« If the batteries of a TV remote run out, why do we press the buttons so much harder? »