Tuesday, 24 January 2012

Configuring Active Directory Authentication on ESX


 

To enable active directory authentication on ESX servers you need to do the following...

1. Ensure that it is currently disabled and config is clear before starting: 
/usr/sbin/esxcfg-auth --disablead

2. Confirm the AD kerberos firewall port is blocked:
/usr/sbin/esxcfg-firewall -q activeDirectorKerberosService activeDirectorKerberos is blocked.

3. Enable Active Directory Authentication:
/usr/sbin/esxcfg-auth --enablead --addomain=abc.com.pk --addc=dc1.abc.com.pk

4. Confirm the AD kerberos firewall port is open:
/usr/sbin/esxcfg-firewall -q activeDirectorKerberosService activeDirectorKerberos is enabled.

5. Add an AD username:
/usr/sbin/useradd myaduser1

6. Now try logging into the ESX server on the console and via SSH.
It should allow you to use your active directory password for each AD user you added.


Checking the users on the ESX server:
getent passwd

root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
news:x:9:13:news:/etc/news:
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
pcap:x:77:77::/var/arpwatch:/sbin/nologin
vimuser:x:12:20:vimuser:/sbin:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
rpm:x:37:37::/var/lib/rpm:/sbin/nologin
vpxuser:x:500:100:VMware VirtualCenter administration account:/home/vpxuser:/bin/false
myaduser1:x:501:501::/home/myaduser1:/bin/bash


Additionally in vSphere client, when the ESX host is selected and the configuration tab is selected. Under the Security Profile the "Active Director Kerberos" ports will show under outgoing connections.

Configuring iSCSI Storage (Basic)


For HA, DRS, vMotion and Storage vMotion to work you need to use shared storage, in this case an iSCSI SAN.
I will show you how to configure ESX to connect to and use iSCSI SAN storage in its most basic way.

See Configuring iSCSI Storage (Advanced with CHAP) if you will be using CHAP authentication.

1. Firstly you need to ensure you have a VMkernel Port.
If you do not have a "VMkernel Port" on a vSwitch on your ESX server you will need to Create a VMkernel Port.
By default the installation of ESX only creates a "Virtual Machine" and "Service Console" port group.

2. Now the storage adaptor needs configuring. This is a software iSCSI adaptor but the method is the same. (Note that using a software ISCSI adaptor adds an extra overhead to the server).

3. In the "Storage Adaptors" section click on the iSCSI adaptor (e.g. iSCSI Software Adaptor) you want to configure, then click "Properties".

4. Click "Configure" in the iSCSI initiator properties dialog.

5. In the status section tick "Enabled" and click Ok.

6. The iSCSI initiator name and alias will be created and the status will show "enabled".

7. When using send targets click on the "Dynamic Discovery" tab.
8. Click "Add". Enter the IP of the iSCSI server and the port for discovery.
9. Click Ok and then Close.

10. You will be asked to rescan the host. Click Yes.

11. You will now see the iSCSI adaptor settings and any LUNs you have configured for this host on your SAN.

Configuring iSCSI Storage (Advanced with CHAP)


For HA, DRS, vMotion and Storage vMotion to work you need to use shared storage, in this case an iSCSI SAN.
I will show you how to configure ESX to connect to and use iSCSI SAN storage with CHAP authentication.

See Configuring iSCSI Storage (Basic) if your not using CHAP.

1. Firstly you need to ensure you have a VMkernel Port.
If you do not have a "VMkernel Port" on a vSwitch on your ESX server you will need to Create a VMkernel Port.

By default the installation of ESX only creates a "Virtual Machine" and "Service Console" port group.

2. Now the storage adaptor needs configuring. This is a software iSCSI adaptor but the method is the same. (Note that using a software ISCSI adaptor adds an extra overhead to the server).

3. In the "Storage Adaptors" section click on the iSCSI adaptor (e.g. iSCSI Software Adaptor) you want to configure, then click "Properties".


4. Click "Configure" in the iSCSI initiator properties dialog.


5. In the status section tick "Enabled" and Click Ok.


6. The iSCSI initiator name and alias will be created and the status will show "enabled". Click Close.

7. Click "CHAP..." to begin configuring the CHAP authentication credentials.


8. Now we can enter CHAP authentication details.
Entering the details here on the iSCSI initiator makes it the default settings for all targets (it can also be entered per target if you have specific settings for each target).
Enter the CHAP username and secret for the target host.
You must created these on your iSCSI SAN storage prior to this (see Changing restricted access to a Volume on an EqualLogic PS as an example).
Click Ok.


9. When using send targets click on the "Dynamic Discovery" tab.
10. Click "Add". Enter the IP of the iSCSI server and the port for discovery.


11. Click Ok and then Close. 


12. You will be asked to rescan the host. Click Yes.


13. You will now see the iSCSI adaptor settings and any LUNs you have configured for this host on your SAN.


Multiple VMkernel NICs

Multiple VMkernel NICs, Round Robin MPIO - DVS and Jumbo Frames


By creating multiple VMKernel NICs it makes it possible to have multiple paths to iSCSI SAN storage and utilize MPIO.
However to do this and implement certain performance tweaks this has to be done partly via the GUI and partly via the service console. Hopefully in the future VMware will implement additions to the GUI to allow this.

While you may have several physical network adaptors connected to a vSwitch (in this case a distributed vSwitch - DVS), the VMkernel ports are required to make different connections/sessions to the iSCSI SAN storage device(s).

In this case it is used to configure MPIO via ESX 4 and a Dell EqualLogic PS SAN array. However the process should be similar if not the same for other vendor iSCSI SAN storage.

1. Set physical switch ports to MTU 9000
For example on Cisco 3750/3560 switches:
3750(config)# system mtu jumbo 9000
3750(config)# exit
3750# reload
 

2. Set DVS to MTU 9000In vCenter go to Home --> Networking.
Create or click on the Distributed Virtual Switch (DVS) that is being used for ISCSI storage.
 


3. Create VMKNICs via GUI (Defaults to MTU 1500)

If you already have created 1 or more VMkernel ports continue...



4. Logon to the ESX service console and list the VMkernel interfaces.
Take note of the IP addresses.

/usr/sbin/esxcfg-vmknic -lInterface  Port Group/DVPort   IP Family IP Address                              Netmask         Broadcast       MAC Address       MTU     TSO MSS   Enabled Type
vmk0       56                 IPv4      10.1.1.50                            255.255.255.0 10.1.1.255    00:50:56:3b:02:8c 1500    65535     true    STATIC
vmk1       57                 IPv4      10.1.1.51                            255.255.255.0 10.1.1.255    00:50:56:37:09:82 1500    65535     true    STATIC
vmk2       58                 IPv4      10.1.1.52                            255.255.255.0 10.1.1.255    00:50:56:3c:6e:72 1500    65535     true    STATIC
vmk3       59                 IPv4      10.1.1.53                            255.255.255.0 10.1.1.255    00:50:56:3d:ef:7d 1500    65535     true    STATIC



5. List the vSwitch details
Take note of the DVPort ID for each VMKernel (vmk#) NIC

/usr/sbin/esxcfg-vswitch -lDVS Name                        Num Ports   Used Ports  Configured Ports  Uplinks
dvSwitch3-ISCSI-Storage 256                    7           256                      vmnic7,vmnic3

  DVPort ID           In Use      Client
  131                 1           vmnic3
  132                 1           vmnic7
  56                   1           vmk0
  57                   1           vmk1
  58                   1           vmk2
  59                   1           vmk3



6. Delete the VMkernel NICs that were created previously.
This is so we can add them back with an MTU of 9000, the GUI does not allow this. We also need a DV Port ID to create it via the service console.

/usr/sbin/esxcfg-vmknic -d -s dvSwitch3-ISCSI-Storage -v 56
/usr/sbin/esxcfg-vmknic -d -s dvSwitch3-ISCSI-Storage -v 57
/usr/sbin/esxcfg-vmknic -d -s dvSwitch3-ISCSI-Storage -v 58
/usr/sbin/esxcfg-vmknic -d -s dvSwitch3-ISCSI-Storage -v 59


 

7. Create VMKNICs with MTU 9000
Using the DV Port ID recorded previously we create the VMkernel port with an MTU of 9000 (for jumbo frames)
/usr/sbin/esxcfg-vmknic -a -i 10.1.1.50 -n 255.255.255.0 -m 9000 -s dvSwitch3-ISCSI-Storage -v 56
/usr/sbin/esxcfg-vmknic -a -i 10.1.1.51 -n 255.255.255.0 -m 9000 -s dvSwitch3-ISCSI-Storage -v 57
/usr/sbin/esxcfg-vmknic -a -i 10.1.1.52 -n 255.255.255.0 -m 9000 -s dvSwitch3-ISCSI-Storage -v 58
/usr/sbin/esxcfg-vmknic -a -i 10.1.1.53 -n 255.255.255.0 -m 9000 -s dvSwitch3-ISCSI-Storage -v 59 



8. Confirm the VMkernel NIC settings:
/usr/sbin/esxcfg-vmknic -l
Interface  Port Group/DVPort   IP Family IP Address                              Netmask         Broadcast       MAC Address       MTU     TSO MSS   Enabled Type
vmk0       56                 IPv4      10.1.1.50                            255.255.255.0 10.1.1.255    00:50:56:7b:02:8c 9000    65535     true    STATIC
vmk1       57                 IPv4      10.1.1.51                            255.255.255.0 10.1.1.255    00:50:56:77:09:82 9000    65535     true    STATIC
vmk2       58                 IPv4      10.1.1.52                            255.255.255.0 10.1.1.255    00:50:56:7c:6e:72 9000    65535     true    STATIC
vmk3       59                 IPv4      10.1.1.53                            255.255.255.0 10.1.1.255    00:50:56:7d:ef:7d 9000    65535     true    STATIC


9. Test that the VMkernel settings with an MTU of 9000 is working correctly:
/usr/sbin/vmkping -s 9000 10.1.1.200PING 10.1.1.200 (10.1.1.200): 9000 data bytes
9008 bytes from 10.1.1.200: icmp_seq=0 ttl=255 time=0.533 ms
9008 bytes from 10.1.1.200: icmp_seq=1 ttl=255 time=0.501 ms
9008 bytes from 10.1.1.200: icmp_seq=2 ttl=255 time=0.518 ms



10. View SCSI adaptors and confirm the adaptor used for ISCSI
/usr/sbin/esxcfg-scsidevs -avmhba0  mpt2sas           link-n/a  sas.5a4badb00ecf3400                    (3:0.0) LSI Logic / Symbios Logic Dell PERC H200 Integrated
vmhba1  lpfc820           link-n/a  fc.20000000c996a8bd:10000000c996a8bd    (4:0.0) Emulex Corporation LPe12000 8Gb Fibre Channel Host Adapter
vmhba2  lpfc820           link-n/a  fc.20000000c99aed0c:10000000c99aed0c    (5:0.0) Emulex Corporation LPe12000 8Gb Fibre Channel Host Adapter
vmhba3  ata_piix          link-n/a  sata.vmhba3                             (0:31.2) Intel Corporation 2 port SATA IDE Controller (ICH9)
vmhba32 ata_piix          link-n/a  sata.vmhba32                            (0:31.2) Intel Corporation 2 port SATA IDE Controller (ICH9)
vmhba33 iscsi_vmk         link-n/a  iqn.1998-01.com.vmware:starscream-2d842e60() Software iSCSI



11. List VMKNICs bound to the ISCSI software adaptor/usr/sbin/esxcli swiscsi nic list -d vmhba33No iSCSI Nics Found


12. Bind VMKNICs to the software ISCSI adaptorAllow more sessions per datastore, and allow MPIO multiplathing.

/usr/sbin/esxcli swiscsi nic add -n vmk0 -d vmhba33
Errors:
Add Nic failed in IMA.

This error will occur when there is more than 1 physical uplink on the switch the VMkernel NIC is connected to.
Changing the vSwitch temporarily so there is only one active adaptor and the rest to unused, will allow the VMK to be bound to the software ISCSI adaptor.
 

/usr/sbin/esxcli swiscsi nic add -n vmk0 -d vmhba33
/usr/sbin/esxcli swiscsi nic add -n vmk1 -d vmhba33
/usr/sbin/esxcli swiscsi nic add -n vmk2 -d vmhba33
/usr/sbin/esxcli swiscsi nic add -n vmk3 -d vmhba33

 


13. Confirm that all VMkernel NICs were sucessfully bounded to the ISCSI adaptor.
/usr/sbin/esxcli swiscsi nic list -d vmhba3
vmk0
    pNic name: vmnic3
    ipv4 address: 10.1.1.50
    ipv4 net mask: 255.255.255.0
    ipv6 addresses:
    mac address: b8:ac:6f:7f:ff:d8
    mtu: 9000
    toe: false
    tso: true
    tcp checksum: false
    vlan: true
    link connected: true
    ethernet speed: 1000
    packets received: 139011
    packets sent: 17613
    NIC driver: bnx2
    driver version: 1.6.9
    firmware version: 5.0.11 NCSI 2.0.5

vmk1
    pNic name: vmnic3
    ipv4 address: 10.1.1.51
    ipv4 net mask: 255.255.255.0
    ipv6 addresses:
    mac address: b8:ac:6f:7f:ff:d8
    mtu: 9000
    toe: false
    tso: true
    tcp checksum: false
    vlan: true
    link connected: true
    ethernet speed: 1000
    packets received: 139011
    packets sent: 17613
    NIC driver: bnx2
    driver version: 1.6.9
    firmware version: 5.0.11 NCSI 2.0.5

vmk2
    pNic name: vmnic3
    ipv4 address: 10.1.1.52
    ipv4 net mask: 255.255.255.0
    ipv6 addresses:
    mac address: b8:ac:6f:7f:ff:d8
    mtu: 9000
    toe: false
    tso: true
    tcp checksum: false
    vlan: true
    link connected: true
    ethernet speed: 1000
    packets received: 139011
    packets sent: 17613
    NIC driver: bnx2
    driver version: 1.6.9
    firmware version: 5.0.11 NCSI 2.0.5

vmk3
    pNic name: vmnic3
    ipv4 address: 10.1.1.53
    ipv4 net mask: 255.255.255.0
    ipv6 addresses:
    mac address: b8:ac:6f:7f:ff:d8
    mtu: 9000
    toe: false
    tso: true
    tcp checksum: false
    vlan: true
    link connected: true
    ethernet speed: 1000
    packets received: 139011
    packets sent: 17613
    NIC driver: bnx2
    driver version: 1.6.9
    firmware version: 5.0.11 NCSI 2.0.5


 
14. Now change back the vSwitch settings so that any unused uplink adaptors active again.
 



15. On the ESX server Click "Rescan..." under the Configuration tab "Storage adaptors" section.


16. On each VMFS volume Click "Properties" and then "Manage Paths"
 


17. You will now see multiple paths to the VMFS datastore (LUN).

18. Change the path selection to "Round Robin (VMware)"
 

Resize a VMs Virtual Disk

How to Resize a VMs Virtual Disk (.VMDK) 

















When you created your virtual machine you of course created the number of disks and their sizes as per the requirements, best practice guidelines or just your best estimation for its use. However, as requirements change and the amount of data in your virtual machine grows, from time to time you need add additional storage. How do you resize the virtual disk (.VMDK)?

Resizing virtual disks is relativley straight forward. However, as with anything before making changes ensure you have a backup (especially when making changes to disks).
Note: You cannot change the disk size if you take a snapshot, plus if there was an issue with the disk the snapshot would be useless anyway.

Another thing to be aware of is you can only INCREASE the size of a virtual disk. You cannot reduce the size of a virtual disk, VMware does not currently allow it as it could risk losing data. If you want to reduce the disk size you could either use VMware converter to copy the VM and resize the disks at the same time or create a new smaller virtual disk and copy the data over to it.


To Increase the size of a virtual disk (.VMDK):
1. Shutdown the virtual machine.
2. Right click on the virtual machine and select "Edit Settings".
3. On the "Hardware" tab, select the virtual disk you would like to resize and in the "Capacity" section enter the required size.


We are not finished yet. If you boot the virtual machine now the OS will not see the new size, it will only see the old size. You need to expand the volume into the new free space. Below are two methods of doing this, and depding on the guest OS and your preference depends which one you will choose.
Method 1 (Windows DISKPART) will of course only work in windows.
Method 2 (GParted) will work for any OS, including Linux and Unix provided as the filesystem type is supported by your chosen partitional utility.



Method 1 (Windows DISKPART):
1.
Click Start --> Run and type "diskmgmt.msc"
2. You will see the free space after your volume.


3.
Use DISKPART to extend the volume into all the free space:
diskpart
list volume
select Volume 0
extend
exit




4.
You will now see the volume has been extended to use all the free space.





Method 2 (GParted):
To resize the partition on the disk use your favourite partition resizing tool. If you dont have one mine is GParted, which there is a live CD for.
Download the GParted Live CD

1. Click on the "Options"  tab and go to "Boot Options".
2. Tick "Force BIOS Setup" (This will boot into the BIOS screen when the VM is powered on - This is so that you can mount and ISO image before the OS boots.)
3. Click Ok to reconfigure the virtual machine.


4. Connect the ISO image or connect the CD drive with your GParted Live CD (This is easier with force BIOS option set in step 5).

5. Boot into GParted and you will see the current partion in the now much larger disk.

6. Right click on the partion and select "Resize/Move".

7. Resize the partion to fill entire remaining space and click "Resize/Move".

8. Click "Apply" to run the resize task. After sometime depending on the size the task will complete.
9. Reboot the computer, remove the CD and boot into the OS.

10. Depending on the OS it may perform a disk check like Windows Server 2003 here.

11. You should now see the disk has been resized.

Consolidated Backup Process

VCB Process


This is the process that VCB takes to backup a VM.

Using your backup software create a backup job for the VM(s) you want to backup. The backup jobs purpose is to backup a location on the VCB server. You will know the location once you determine what type of VCB backup you are going to perform.
See Image‐level virtual machine backups.
See File‐level backups.

When the backup job is launched, the following steps take place:
Step 1
The backup software calls the pre‐backup script.

The pre‐backup script does the following:
1. Runs a pre‐freeze script in the VM. The pre‐freeze script prepares the VM for backup. (this is optional)

2. Quiesces NTFS and FAT file systems inside the VM (only for VMs running 32‐bit versions of Windows XP, Windows 2000, or Windows 2003). This ensures that no file system writes are pending at the time the snapshot is taken, allowing the creation of file‐system consistent backups.

3. Puts the virtual machine into snapshot mode.

4. Unquiesces the NTFS and FAT file systems that were quiesced.

5. Runs a post‐thaw script in the VM. (this is optional)

6. Makes the VM snapshot available to the 3rd party backup software:
See Image‐level VM backups.
See File‐level VM backups.

Step 2
The backup software performs a backup of the VM snapshot.

Step 3
The backup software runs a post‐backup script, which does the following:

1. Unmounts the VM snapshot from the backup proxy.

2. Takes the VM out of snapshot mode. Commits changes made while the VM was in snapshot mode.

Find VMs and information - vcbvmname.exe


Print E-mail
vcbvmname.exe can be used to find out a VMs name, IP address, ID and hostname. It can be found in \Program Files\VMware\VMware Consolidated Backup Framework along with the rest of the VCB commands.

Here is an example of the command:
vcbvmname -h vcserver -u vcbuser -p secretpass -s Any:

Found VM:
moref:vm-6354
name:ExampleVM1
uuid:31458901-2535-c376-1f56-5984ba3685d2
ipaddr:192.168.1.2

Full Virtual Machine Backup




A full virtual machine backup is a backup of all the files that make up the virtual machine. These are:
.vmx Virtual machine configuration
.nvram VM BIOS
.vmdk Virtual disk
.vmsd Dictionary for snapshots and associated disk
.vmss Virtual machine suspend file
-Snapshot#.vmsn Virtual machine configuration of a snapshot
-flat-vmdk Disk that contains the data
-f001.vmdk First extend of preallocated disk split into 2gb files
-s001.vmdk First extend of growable disk split into 2gb files
-delta.vmdk Snapshot differences file


To perform a full backup of a virtual machine (the above files) you need to run this command on the VCB Proxy Server:
vcbMounter -h 192.168.1.123 -u vcbuser -p vcbpass -a name:VM1 -t fullvm -r C:\VCB-Backups\VM1-full

Saturday, 21 January 2012

Get Your Dream IT Job! 77 Questions You Need to be Ready For

Are you still looking for the IT job of your dreams? Don’t give up, it’s out there! I’m lucky enough to have one, and so can you!
Finding an opening for an awesome job is hard enough; once you get the call for an interview, you need to make sure that you’ll make a good impression. So before you walk in for your interview, here are the top 77 questions that you need to be ready for.

Top Interview Questions for IT Pros

First you’ll find interview questions by position type:
  • Entry Level and Help Desk — for those who are starting out in the IT field
  • Network Administrator and System Administrator — for more advanced positions
The last set of questions includes general HR questions, some of which you might be familiar with.
As you’ll notice, there aren’t any answers, but that’s because I want YOU to come up with them. Do some research if you have to and maybe you’ll even learn a thing or two. The most important thing is that you will be fully prepared! You will be ready for anything they’ll throw at you, and you will get the job!
I would also suggest that you practice answering these questions until you feel confident. Make sure your answers reflect your knowledge, skills and personality — in other words, the real you — not what you think the person interviewing you wants to hear.
Now before we get started, I would like to encourage you to add your own interview questions in the comments below so that others can benefit from them. Try to stick to IT related questions, but general HR questions are fine too.

Entry-Level and Help Desk Positions

These questions are mostly for Help Desk positions but I wouldn’t be surprised if an entry-level candidate was asked any one of these questions. If you don’t know the answer, find it, memorize it and then practice explaining it in your own words.
1. What is the difference between a hub and a switch?
2. What is a network?
3. What is Active Directory?
4. What is TCP/IP and what does it stand for?
5. What is a default gateway?
6. What does DHCP stand for?
7. What is an IP Address?
8. What is the significance of the IP address 255.255.255.255?
9. What are the 3 major classes of an IP network?
10. What is a Class D IP address?
11. What is OSPF?
12. A user is complaining of delays when using the network. What would you do?

Network Administrator Positions

Some of these questions may also be included in the previous category for Help Desk Technician positions. In either case, they’re worth preparing for.
13. What is the difference between layer 2 and layer 3 in the OSI model?
14. What is the difference between a hub, switch, and router?
15. What is a VLAN?
16. What is the difference between TCP and UDP?
17. How do you distinguish a DNS problem from a network problem?
18. What are a runt, Giant, and collision?
19. What is a broadcast storm?
20. What is the purpose of VRRP?
21. What is a VPN?
22. What is a default route?
23. How do you set a default route on an IOS Cisco router?
24. What is a metric?
25. What is a MAC address?
26. What is ARP/RARP?
27. Describe a TCP connection sequence.
28. What is MTU?
29. What other TCP setting can you modify besides MTU to shorten packets?

System Administration Position

Here are a few more questions that are a little bit more difficult. System Admins should know all these answers by heart in addition to the Network Administrator questions.
30. What is the difference between layer 2 and layer 3 devices?
31. What is the subnet for a class C network?
32. Have you configured a NIS server/client before? If so, describe what you did.
33. Have your configured a NFS server?
34. What are RAID 1 and RAID 5?
35. What are the required components of Windows Server 2003 for installing Exchange 2003?
36. What must be done to an AD forest before Exchange can be deployed?
37. What Exchange process is responsible for communication with AD?
38. What connector type would you use to connect to the Internet, and what are the two methods of sending mail over that connector?
39. How would you optimize Exchange 2003 memory usage on Windows Server 2003 with more than 1Gb of memory?
40. What are the standard port numbers for SMTP, POP3, IMAP4, RPC, LDAP and Global Catalog?
41. Name the process names for the following: System Attendant, Information Store, SMTP/POP/IMAP/OWA.
42. What is the maximum amount of databases that can be hosted on Exchange 2003 Enterprise?
43. What are the disadvantages of circular logging?
44. >What is Active Directory schema?
45. What are the domain functional levels in Windows Server 2003?
46. What is the default domain functional level in Windows Server 2003?
47. What are the forest functional levels in Windows Server 2003?
48. What is a global catalog server?
49. How can we raise domain functional and forest functional levels in Windows Server 2003?
50. What is the default protocol used in directory services?
51. What is IPv6?
52. What are the physical & logical components of ADS?
53. In which domain functional level, we can rename a domain name?
54. What is multimaster replication?
55. What is a site?
56. Which is the command used to remove active directory from a domain controller?
57. What is the file that’s responsible for keeping all Active Directory databases?

General HR Questions

These general questions can be the toughest ones to get through. They might sound easy, but they require a lot of thought and preparation. I would suggest writing down your answers first, then reading them over a few times so that you’re comfortable in answering them.
Some of these questions are very tricky and can get you in trouble. So if you run into problems finding a good answer, check out these 64 Interview Questions for some help.
58. Tell us a little bit about yourself.
59. What are your greatest strengths?
60. What are your greatest weaknesses?
61. What do you like about your current job or what did you like about your last job?
62. Give us an example of when you handled a stressful situation.
62. Give us an example of one of the toughest problems you had to face, and how did you deal with it?
63. Why do you think you should get this position?
64. Do you think you are the best person for this job? If so, why?
65. Why did you apply for this position?
66. Why did you apply for a position with our company and what do you know about us?
67. Why should we hire you?
68. Tell us about your short and long term goals?
69. Where do you see yourself five years from now?
70. Please explain, what does customer service mean to you?
71. What does being a team player mean to you?
72. Give us an example of how you handled a conflict with another employee?
73. What are your salary expectations?
74. What would you consider your most important accomplishment?
75. How would you define success?
76. At your last review, what improvements did your manager suggest you make?
77. What would your coworkers say about you?
I hope these are helpful! As I mentioned above, feel free to post your own interview questions in the comments below.

Thursday, 5 January 2012

VmWare Networking Configuration

Networking Configuration - vSwitches and Port Groups with 2 Physical NICs

When configuring networking on an ESX/ESXi server it is important that you plan and configure it correctly.
Doing so will ensure you get the best reliability, performance and security within your virtual network.

Depending on your requirements the configuration will vary slightly. For example if network storage such and iSCSI and NFS will be used the setup will need to plan for this.
I will explain the different setups for these needs.
The following setup is the best for a server with 2 physical networks cards. As most servers typically come with 2 onboard NICs this is a common initial configuration in test or small setups.

To ensure the most reliable configuration it is best to use both physical network cards for one vSwitch.
This configuration has sacrificed performance for reliability.

Configuration for a server without network based IP storage:
Physical NIC        Virtual Switch        Port Group(s)
vmnic0                        vSwitch0                      Service Console + vMotion + VM Network
vmnic1                        vSwitch0                      Service Console + vMotion + VM Network

Configuration using network based IP storage:
Physical NIC        Virtual Switch        Port Group(s)
vmnic0                        vSwitch0                      Service Console + vMotion + VM Network + VMkernel (IP Storage)
vmnic1                        vSwitch0                      Service Console + vMotion + VM Network + VMkernel (IP Storage)


Alternativley the opposite could be done. To get the best performance configuration have two vSwitches and a NIC to each as follows.
This configuration has sacrificed reliability for performance.

Configuration for a server without network based IP storage:
Physical NIC        Virtual Switch        Port Group(s)
vmnic0                        vSwitch0                      Service Console + vMotion
vmnic1                        vSwitch1                      VM Network

Configuration using network based IP storage:
Physical NIC        Virtual Switch        Port Group(s)
vmnic0                        vSwitch0                      Service Console + vMotion + VMkernel (IP Storage)
vmnic1                        vSwitch1                      VM Network


Ideally VLANs should be used to seperate these networks.

Ceating a Microsoft Hyper-V Virtual Machine



Guest operating systems supported on Hyper-V are:

Supported Server Operating Systems:
Windows Server 2008 R2 (x64)
Windows Server 2008 (x86 and x64)
Windows Server 2003 R2 (x86 and x64)
Windows Server 2003 (x86 and x64)
Windows Server 2000 (x86)
SUSE Linux Enterprise Server 10 (x86 and x64)
SUSE Linux Enterprise Server 11 (x86 and x64)
Red Hat Enterprise Linux (RHEL) 5.2, 5.3 and 5.4 (x86 and x64)

Supported Client Operating Systems
Windows 7 (x86 and x64)
Windows Vista (x86 and x64)
Windows XP Professional (x86 and x64)



1. Open the Hyper-V Manager.
2. Right click the Hyper-V server and Select New --> Virtual Machine


3. The New Virtual Machine Wizard will open. Click next.


4.  Give the virtual machine a Name and specify a Location for the virtual machine files. Click next.


5. Enter the amount of memory. Click next.


6. Select the virtual network to connect the virtual machine to. It can remain disconnected if required. Click next.


7. Specify the size of the virtual hard disk, the name and the location. Click next.


8. Choose how the operating system will be installed in the virtual machine. Click next.


9. Review the configuration for the virtual machine and click Finish to create it.


10. To start the virtual machine click Start in the actions pane to the right.


11. The state will change to "Running".


12. To open a virtual console to the virtual machine, click Connect in the actions pane.


Installing VMware vCenter Server 4.1


Print E-mail

VMware vCenter Server is "THE" management system for your VMware vSphere virtual infrastructure. It's used to manage your clusters of ESXi servers, configure HA, DRS and vMotion, manage your virtual networks and their interfaces to the physical network.

Its also used to provison storage (maybe even integrated with your SAN) and create virtual machines, including templates and other wonderful things.

For those wanting to find out the new features specifically in vSphere and vCenter server 4.1 please see here.

So whats required for VMware vCenter server you ask...(and you do!)
Well firstly it CAN be either virtual or physical and its supported on either.
The operating system for vCenter 4.x must be 64-bit, this has changed from earlier releases such as vCenter 2.5 which was 32-bit only. Also note that a 64-Bit DSN is now required to access the vCenter database.


Minimum requirements for the vCenter Server are as follows:
Processor: Two 64-bit CPUs Intel or AMD x64 2.0GHz or faster (could be one dual core - the key is two logical processors at a minimum)
Memory: 3GB RAM. RAM requirements may be higher if your database runs on the same machine. (VMware VirtualCenter Management WebServices requires 128Mb to 1.5GB of memory which is allocated at startup)
Disk storage: 2GB (Disk requirements may be higher if your database runs on the same machine)
Networking: 1GB recommended (If physical team NICs for redundancy)
Database: SQL Express for small deployments (5 hosts/50 VMs) or see below for supported databases.

Note: If you will be running SQL Server on the same server as vCenter server (thats either express or standard/enterprise) the requirements for the above will be higher.


Operating System:Windows XP Pro SP2 (SP2 required, 64-bit)
Windows Server 2003 (SP1 required, 64-bit)
Windows Server 2008 (64-bit)
Windows Server 2008 R2

Database:
Microsoft SQL server Database Support:
Microsoft SQL Server 2005 Express (Note: Microsoft SQL Server 2005 Express is intended for use with small deployments of up to 5 hosts and/or 50 virtual machines)
Microsoft SQL Server 2005 Standard edition (SP1, SP2, SP3)
Microsoft SQL Server 2005 Standard edition (SP2, SP3) 64 bit
Microsoft SQL Server 2005 Enterprise edition (SP1, SP2, SP3)
Microsoft SQL Server 2005 Enterprise edition (SP2, SP3) 64 bit
Microsoft SQL Server 2008 Standard Edition
Microsoft SQL Server 2008 Standard Edition 64 bit
Microsoft SQL Server 2008 Enterprise Edition
Microsoft SQL Server 2008 Enterprise Edition 64 bit
 
Oracle Database Support:
    Oracle 10g Standard edition (Release 2 [10.2.0.4])
    Oracle 10g Enterprise edition (Release 2 [10.2.0.4])
    Oracle 10g Enterprise edition (Release 2 [10.2.0.4]) 64 bit
    Oracle 11g Standard edition
    Oracle 11g Enterprise edition
     
IBM DB2 9 Support:
IBM DB2 Express C
IBM DB2 Express Edition 9
IBM DB2 Workgroup Server Edition 9
IBM DB2 Enterprise Server Edition 9

(For detailed OS and Database information please refer to the VMware vSphere Compatibility Matrix)


The following is used in this walkthrough installation of vCenter Server 4.1:
Windows Server 2008 Standard R2 64-Bit
SQL Server 2008 R2 Standard 64-Bit (on a seperate server sql1.vmadmin.local)
VMware vCenter Server 4.1



1. Creating the SQL Server Database
1a. Install a supported version of SQL server on a seperate server or on the vCenter server (skip to step  if using SQL Server Express).

1b.
Create a new SQL Server database:
SQL Server -> Databases -> Right Click -> New Database...

1c. Name the new database "VCDB" and set the required location for the database files (this will server as your vCenter Server database).

1d. Create a SQL Server user named "vpxuser":
SQL Server -> Security -> Logins -> Right Click -> New Login

1e. Enter the login name "vpxuser", enter a password.
Untick "Enforce password policy" and change the default database to "VCDB".

1f. While still in the user login dialog, goto the "User Mapping" section.
Tick the "Map" box next to both the "msdb" and "VCDB" databases.
For both databases set the default schema to "dbo" and set the role membership to "db_owner".
Click Ok.
Note: The role membership of "db_owner" on the "msdb" database can be revoked after installation (It will be required again when upgrading).



2. Creating the Data Source
Note: The DSN must be a 64-bit DSN.

2a. Create a system DSN on the vCenter server:
Go to Start -> Control Panel -> Administrative Tools -> Data Sources (ODBC).
Go to the "System" tab.
Click Add.

2b. Select SQL Native Client and click Finish.

2c. Give the ODBC DSN a name "VCDB" and description.
Select/type in the server name from the drop-down menu.
Configure SQL Server authentication and click Next.
Type your SQL Server login name and password.
Configure the default database as the vCenter database you created "VCDB" and click Next.
Click Finish.

  
2d. Test Data the Source.
Click Ok and Close the ODBC Data Source Administrator.



3. Installing vCenter Server

3a. Insert DVD or unzip "VMware-VIMSetup-all-4.1.0-259021.zip"
If it does not autorun, use "autorun.exe" in the root of the cd or folder.
Click "vCenter Server" to start the installation.

3b. Choose your language.


3c. Read the Introduction page and click Next.


3d. Read the license agreement and agree. Click Next.


3e. Enter the username, company name and license key (if you havent got a license key it will install a full evaluation version for 60 days)
Click Next.

3f. Enter the system DSN that your created for the vCenter server database.
If using SQL Server 2005 Express select so and continue the installation which will install an instance of SQL Server Express to use as the vCenter database.


3g. Enter the username and password for the system DSN SQL Server user.

3h. If your SQL Server database for vCenter server is set to the full recovery model you will get the following warning about transaction log backups.
Click Ok or read the KB article 1001046 if you do not understand what this means, essentially ensure you are making regular transaction log backups otherwise the transaction logs will fill up your database servers disk!

3i. Enter the service acccount information that the vCenter server service will run under.
It can run under the SYSTEM account fine but it is recommended you create a standard active directory user to be used as the service account and add this to the "local administrators group" on the vCenter server.

3j. Change the installation destination as required. 

3k. Choose "Create a standard VMware vCenter Server Instance".

3l. Keep the ports unless your are required to specifically change them form their defaults. 

3m. Select your deployment inventory size to correctly size the JVM memory for vCenter server web services. 

3n. Click install and make a cup of tea! 

3o. The installation will complete and click Finish. 


4. Check and Login to vCenter Server
4a. Check the services for vCenter server have been installed and are started:
Click Start -> Run -> services.msc
Ensure the following services are started and are running under the account your specified (SYSTEM or domain\svc_yourvcenteraccount)
VMware VirtualCenter Management Webservices
VMware VirtualCenter Server
VMwareVCMSDS (Note: Runs under Network Service)


4b. Login to vCenter Server:
Start -> Programs -> VMware -> VMware vSphere Client
Enter the FQDN or IP of your vCenter server, username and password (or use windows session credentials to passthrough).
Click Login.

4c. You will receive a security warning due to the vCenter server using self signed certificates.
Tick "Install this certificate.." and click Ignore.


4d. And there you have it! Your vCenter Server is installed and ready to configure.
See Creating a Datacenter, HA DRS Cluster and Adding a Host for the next steps you need to take...