Home > Blogs > VMware Consulting Blog > Category Archives: How-to

Category Archives: How-to

VMware Horizon 7: Instant Clone Pools Delete VMs on Restart

by Joe Graziano

One of the observed features of Instant clone pools is that when a VM is logged off it deletes the VM so that any changes are gone. This makes troubleshooting tricky and you cannot set the do not delete at refresh like you can with Full VM and Linked Clones.

What is a View admin to do? Thanks to the folks at VMware GSS we have an option, with a caveat.

You can go into the Adam Database through ADSIEDIT and change a setting so that the VM’s do not delete, allowing you to logoff and reboot them while retaining the VM’s settings.

The caveat* is that when you change this setting you cannot edit the provisioning details or other attributes of this pool. You will have to change it back to ‘deleteonuse’ in the ADAM ADSIEDIT before you can make changes.

Continue reading

Troubleshooting VMs Connectivity with vRealize Network Insight

Julienne_Phamby Julienne Pham

Things can be difficult when you don’t know where a network issue may be.

In today’s datacentre, the rapid need to deploy business applications in minutes is necessary to keep the business ahead of the game. It is even more crucial to keep security and rapid networking configuration in control. So, how can a network administrator get to the bottom of a network issue in a matter of seconds in this new cloud era?

Network Virtualization brings operational and management flexibility and simplicity, but adds a complexity to troubleshooting and pinpointing the root cause of a network issue.

The traditional way would be to check the network activity from vCenter on the ESX level on the physical nic card, and check the packet going on as you run the test. It is also necessary to check the physical network activities and compare with the virtual network traffic and deduce where the bottleneck is.

If now you need to cross check between VCs and multiple sites, how long will it take to figure out the configuration issue? The required information can be gathered on one search on vRealize Network Insight.

Continue reading

Control-Alt-Delete in the World of VDI

by Mike Erb

When I was still working as an Escalation Engineer for VMware® Global Support, there was a time-honored tradition among the Broomfield center’s EUC support group: If you left your computer unlocked and walked out of eyesight, you’d always come back to a surprise.  The HR folks would probably be unhappy at such an unauthorized use, but a quick flip of the screen with Ctrl-Alt-Up and a dash back to your desk, leaving their display inverted and the surrounding engineers glancing over for the inevitable reaction, was worth the risk.

Continue reading

VMware Horizon 7 – Associate Instant Clone Virtual Machines

Matt_freyby Matt Frey

Being a field consultant affords me the opportunity to get in the nitty gritty with many of our customers. One of my favorite aspects of this role is helping customers address their business’s needs in a hands-on fashion. During one of my recent engagements, a customer asked, “How do I identify which parent VMs belong to which Instant Clone Desktops?” Since I’m sure that question will be asked by many others, I thought I would take some time to show how that process is carried out.
Horizon 7 - Associate IC VMs

 I hope that this article helps in shining light on the relationship between the various Instant Clone components. If your team needs additional resources I recommend you check out our Horizon Certification courses as well as the many Hands On Labs.

=======

Matt Frey is a Consultant in the End User Computing branch of Professional Services with over 15 years’ experience in the IT industry. He currently holds a VCP6-DTM and VCAP6-DTM and specializes in bringing enhanced value to customers by leveraging VMware’s strong EUC portfolio.

VMware User Environment Manager and ADMX Settings

JeffSmallby Jeffrey Davidson

In this blog entry, I will walk through how to configure ADMX settings within the VMware® User Environment Manager™ Management Console. Additionally, I will discuss how User Environment Manager ADMX settings work together with existing Group Policy configurations.

In this example, I will be setting Google Chrome as the default browser using the ADMX settings.

Continue reading

Supporting Always On Availability Groups (SQL Server) with App Volumes

Ma_Mark2By Mark Ma

With the recent release of App Volumes 2.12, we officially support Microsoft SQL Server Always On Availability Groups.

SQL Always On Availability Groups is a great way to provide high availability and disaster recovery because live copies of your databases reside on secondary servers. By integrating SQL Always On with App Volumes, we ensure the most popular application layering product can be enjoyed by users in any situation.

Continue reading

vRO Architecture Considerations When Digitally Signing Packages

Spas KaloferovBy Spas Kaloferov

In this blog post we will take a look at how digitally signing packages in VMware vRealize® Orchestrator™ (vRO) may affect the way you deploy vRO in your environment.

In some use cases, digitally signing workflow packages may affect your vRO architecture and deployment. Let’s consider a few examples.

Use Case 1 (Single Digital Signature Issuer)

Let’s say you have vRO ServerA and vRO ServerB in your environment. You’ve performed the steps outlined in How to Change the Package Signing Certificate of a vRO Appliance (SKKB1029) to change the PSC on vRO ServerA , export the keystore, and import it on vRO ServerB. This will allow the following:

  • vRO ServerA can digitally sign workflow packages, and vRO ServerB can read packages digitally signed by vRO ServerA.
  • vRO ServerB can digitally sign workflow packages, and vRO ServerA can read packages digitally signed by vRO ServerB.

Now what happens when you add vRO ServerC?

Continue reading

Securing Your PowerShell Execution and Password in VMware vRealize Orchestrator

Spas Kaloferovby Spas Kaloferov

In this blog post we will look at how to secure your end-to-end PowerShell Execution from VMware vRealize® Orchestrator™ (vRO)—including how not to show passwords when using the Credential Security Support Provider (CredSSP) protocol in a double-hop authentication scenario.

Let’s look at a few common use cases regarding the configuration of vRO, the PowerShell host, the Windows Remote Management (WinRM) protocol, and the PowerShell script/command, and how we can best secure all of them.

Web Services (WS)-Management encrypts all traffic by default, and this is controlled by the AllowUnencrypted client and server WinRM configuration parameter—even if you only work with HTTP (the default configuration) and not with HTTPS. Prior to Windows Server 2003 R2, WinRM in an HTTP session was not encrypted.

Continue reading

How to Configure vRealize Orchestrator to Use SSL to Connect to a SQL Server Database

Spas Kaloferovby Spas Kaloferov

Microsoft® SQL Server® can use Secure Sockets Layer (SSL) to encrypt data that is transmitted across a network between an instance of SQL Server and a client application.

SSL can be used for server validation when a client connection requests encryption. If the instance of SQL Server is running on a computer that has been assigned a certificate from a public certification authority, identity of the computer and the instance of SQL Server is vouched for by the chain of certificates that lead to the trusted root authority. Such server validation requires that the computer on which the client application is running be configured to trust the root authority of the certificate that is used by the server.

For the purposes of this article, the client application that will be configured with an encrypted connection to the database is VMware® vRealize® Orchestrator™. I will show you how to configure vRealize Orchestrator Appliance™ to use an SSL connection when communicating with a Microsoft SQL Server database.

Continue reading

How to Add a Linux Machine as PowerShell Host in vRO

By Spas Kaloferov

Introduction

In this article we will look into the alpha version of Microsoft Windows PowerShell v6 for both Linux and Microsoft Windows. We will show how to execute PowerShell commands between Linux , Windows, and VMware vRealize Orchestrator (vRO):

  • Linux to Windows
  • Windows to Linux
  • Linux to Linux
  • vRO to Linux

We will also show how to add a Linux PowerShell (PSHost) in vRO.

Currently, the alpha version of PowerShell v6 does not support the PSCredential object, so we cannot use the Invoke-Command command to programmatically pass credentials and execute commands from vRO, through a Linux PSHost, to other Linux machines, or Windows machines. Conversely, we cannot execute from vRO –> through a Windows PSHost –> to Linux Machines.

To see how we used the Invoke-Command method to do this, see my blog Using CredSSP with the vCO PowerShell Plugin (SKKB1002).

In addition to not supporting the PSCredential object, the alpha version doesn’t support WinRM. WinRM is Microsoft’s implementation of the WS-Management protocol, a standard Simple Object Access Protocol (SOAP)-based, firewall-friendly protocol that enables hardware and operating systems from different vendors to interoperate. Therefore, when adding a Linux machine as a PowerShell host in vRO, we will be using SSH instead of WinRM as the protocol of choice.

The PowerShell v6 RTM version is expected to support WinRM, so we will be able to add the Linux PSHost with WinRM, and not SSH.

So, let’s get started.

Continue reading