showing posts of March 2019
by lunarg on March 25th 2019, at 13:33
You can reset the root password of any (recent) VMWare appliance, such as the vCenter Server Appliance (VCSA), or Platform Services Controller (PSC) by following the procedure outlined here. Note that you will need to have physical or console access to perform the reset. The reset also requires a restart of the appliance so you'll need to schedule downtime for it.

First of, take a snapshot or backup of the virtual appliance before proceeding. In case the reset should fail, you'll always have a backup to go back to.

Restart the appliance. Right after the BIOS screen, the PhotonOS splash screen will appear for a few seconds.

During this time, press e to enter the GNU GRUB edit menu, allowin  ...
by lunarg on March 25th 2019, at 12:15
You can change the default shell (used when logging on with VMRC or through SSH). By default, this is set to the appliance shell, providing limited functionality. If you rather have BASH as the default shell, you can switch this.

Log on through SSH or VMRC with the root account.

If shell access hasn't been activated yet, run this first:

shell.set --enabled true

If you are running the appliance shell, type shell to launch the BASH shell.

In the BASH shell, at the prompt, type the following to change the default shell to BASH (instead of the appliance shell):

chsh -s /bin/bash root

You'll need to log out for the changes to take effect. The next time you log in, you will log on directly   ...
by lunarg on March 21st 2019, at 12:24
The quickest way to enable auto-logon on Ubuntu 16.04+ and Debian (which are using systemd for management of their services) is by creating an override for the getty service, specifically for tty1 (or another tty if you prefer).

First, determine which tty you wish to have the auto-logon on. These are the terminals linked to the Alt+Fn keys, so tty1 = Alt+F1, tty2 = Alt+F2. The default is always tty1.

Next, create an override by typing:

sudo systemctl edit getty@tty1.service

This will open up a text editor where you can adjust the parameters like so:

[Service]ExecStart=ExecStart=-/sbin/agetty --noissue --autologin myusername %I $TERMType=idle

Replace myusername with the account you wish  ...
by lunarg on March 18th 2019, at 12:45
If you wish to use TLS, or are using TLS authentication in a Office 365 Hybrid environment, and have manually changed or renewed the SSL certificate, you may still get errors about unable to initiate the TLS session (STARTTLS), even though the SSL certificate has been correctly renewed. Just setting the SSL certificate to be used with SMTP is not enough to make TLS work correctly. You also need to (re-)configure the TLS certificate name on your receive connectors.

As stated by the manual:

The TlsCertificateName parameter specifies the X.509 certificate to use with TLS sessions and secure mail. Valid input for this parameter is [I]Issuer[S]Subject. The Issuer value is fou  ...
by lunarg on March 13th 2019, at 13:49

Currently, it is not possible to configure the DNS suffix (search domain) for SSL VPN and IPSEC tunnels through the GUI, but it can be configured using the CLI.


config vpn ssl settings
set dns-suffix


config vpn ipsec phase1-interface
set domain

Changes are effective immediately. After configuring the setting, users will be able to resolve names using single names instead of FQDN.

showing posts of March 2019
« May 2019»
« You only find out who is swimming naked when the tide goes out. »
Warren Buffett