Pages

September 28, 2012

Managing OS X from Command Line

Below are some useful commands for managing OS X from the command line.

softwareupdateCan be used to apply or check for updates
systemsetupconfiguration tool for certain machine settings in System Preferences
screencaptureScreen Capture application
Say Text to audio program. "say hello"
shutdownshutdown or reboot workstation from command line

Additional Resources listed below:

No comments:
Labels: , , , , , , , ,

September 25, 2012

esxtop Demystified Part 1

      Vmware provides a tool called esxtop to monitor the performance of vSphere esxi hosts. This tool is capable of monitoring all aspects of an esxi host like cpu, memory, disk, network i/o. The problem is when a new vmware administrator runs the program for the first time it looks a bit intimidating. Lets tackle that problem by discussing what some of the information on the screen means.

When you first run the program you will be in the cpu view. This particular view will give you stats on the various processes that are currently running on your system. Along the top of the screen you will see things like uptime, the number of worlds, VM's, vCPUs, and CPU load average.


However if you are interested in other statistics you need to know the commands necessary to get to those screens. Pressing the "h" key will display the help menu. This menu will give you a list of all the available Interactive commands available.


Lets say we want to access network stats. All we would do is press the "n" key on the home screen and it would display each of your portgroups and the statistics related to it. You can try a few of the other switch displays to get a fell for switching between the screens.


Lets go back to the cpu view and discuss a few of the columns.


Below are the definitions for each of the columns on the default esxtop screen.


  • ID -  Unique world ID. A world is an ESXi VMkernel schedulable entity, similar to a process or thread in other operating systems.
  • GID - Resource group world id.  If you press e in esxtop and enter the number of the GID, this GID will expand itself to show all processes in that group.
  • Name - Name of the world or resource pool
  • NWLD - The number of worlds in the group, when this number is greater than one the row can be expanded to get more information on each world.
  • %USED - Percentage of CPU that is used by that world or group
  • %RUN - When this value is near the number of vCPUS X 100%, it means that all vCPUs in the VM are busy. 
  • %SYS - percentage of time spent by system services on behalf of the world.
  • %WAIT - Represents the percentage of time the VM was waiting for some VMKernel activity to complete such as I/O before it can continue.
  • %VMWAIT -
  • %RDY - Percentage of time that the VM is ready to execute commands, but has not yet been scheduled for CPU time due to contention with other VM's
  • %IDLE - percentage of time the vCPU world is in idle loop
  • %OVRLP - percentage of time spent by system services on behalf of other worlds.
  • %CSTP - Percentage of time that the VM is ready to execute commands but that it is waiting for the availability of multiple VPUs as the VM is configured to use multiple vCPUs.
  • %MLMTD - Percentage of time the world was ready to run but deliberately wasn't scheduled because that would violate the explicit CPU limit settings. 
  • %SWPWT - Percentage of time the world is waiting for ESX VMKernel swapping memory. If this is high it means the VM is swapping memory.

This should be a great intro into the basics of using esxtop. Look forward to Part 2 coming soon.
No comments:
Labels: , , ,

September 21, 2012

Multi-Hop Authentication with Powershell




Data Flow:
A -> B -> C

Using the example above....If you try to execute a remote command from computer A against Computer B, if the command requires authentication it will try to communicate with a Domain Controller (Computer C). This authentication attempt will fail because Computer B is not trusted as a delegate to pass credentials by default. To resolve this problem we can enable the Credential Security Service Provider (CredSSP) Authentication.

Steps:
Make sure windows remote administration has already been enabled on computer.
On Computer A, enable this feature as a client:
     - Enable-wsmancredssp -role client -delegatecomputer "*.domain.com"
On Computer B, enable this feature as a server
     - enable-wsmancredssp -role server


Example Code Snippet:
Invoke-Command -authentication credssp -credential "domain\username" -computer "ComputerB" -scriptblock {try
                {import-module lync;
                    Enable-CsUser -Identity <username> -RegistrarPool "lync.domain.com" -SipAddressType EmailAddress  -SipDomain cpex.com}
                    catch{write-host $_.exception}
                }

A command like this(above) will fail without enabling CredSSP. This solution of course requires you to interactively type in the password.
No comments:
Labels: , ,

September 19, 2012

Setting vlan 0 using the ESXi 5 DCUI

Have you ever tried to change the vlan to 0 from the console of ESXi 5.0? Well if you have tried you know that it gives you an error saying the only valid range is 1-4094. If you need to set the vlan to 0 you will need to enable the ESXi shell and hit + to access the login prompt. Once you login follow the following steps:

1. Type esxcfg-vswitch -l to list the current config.


2. Lets say we want to change port group "Management Network" to be on vlan0
3. Type esxcfg-vswitch -v 0 vSwitch0 -p "Management Network" to configure the port group.


4. Thats it! If you type esxcfg-vswitch -l again you should see the VLAN ID changed.


No comments:
Labels: , , , ,

September 14, 2012

Autologon with Active Directory Domain Account

Follow the steps below to configure a Windows 7 that is on a domain to automatically login using a domain account. **Note: This is a HORRIBLE idea, however someone out there may have a need to do this so i am posting the steps that worked for me.

Steps:
  1. Click Start, click Run, type regedit, and then click OK. In Windows Vista/7, simply typeregedit in Start Search and hit Enter. 
  2. Navigate to the following registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon 
  3. Double-click the DefaultUserName entry, type the user name to log on with, and then click OK. If DefaultUserName registry value name is not found, create a new String Value (REG_SZ)with value name as DefaultUserName. 
  4. Double-click the DefaultPassword entry, type the password for the user account under the value data box, and then click OK. If there is no DefaultPassword value, create a new String Value (REG_SZ) with DefaultPassword as the value name. Note that if no DefaultPassword string is specified, Windows automatically changes the value of the AutoAdminLogon registry key from 1 (true) to 0 (false) to turn off theAutoAdminLogon feature. 
  5. In Windows Vista/7, DefaultDomainName has to be specified as well, else Windows will prompt for invalid user name with the user name displayed as .\username. To do so, double click onDefaultDomainName, and specify the domain name of the user account. If it’s local user, specify local host name.If the DefaultDomainName does not exist, create a new String Value (REG_SZ) registry key with value name as DefaultDomainName. 
  6. Double-click the AutoAdminLogon entry, type 1 in the Value Data box, and then click OK. If there is no AutoAdminLogon entry, create a new String Value (REG_SZ) withAutoAdminLogon as the value name. 
  7. If it exists, delete the AutoLogonCount key. 
  8. Quit Registry Editor. 
  9. Restart Computer

No comments:
Labels: , ,

September 10, 2012

PGP WDE Bootguard Password not synchronized with Active Directory Account

PGP Whole Disk Encryption does not support single sign-on functionality on Linux  and Mac OS X workstations. What this means for the user is that when you enroll in PGP the first time it will sync with your current password.  However whenever you change your Active Directory password your PGP bootguard password will not automatically be refreshed. To refresh the boot guard password follow the steps below.



1. Open the terminal
2. Run the following command.

pgpwde --change-passphrase --disk 0 --user username --domain 'domainname' --passphrase 'yourpassphrase' --new-passphrase 'yournewpassphrase' 

Reference:
http://www.symantec.com/business/support/index?page=content&id=TECH194688

No comments:
Labels: , , , , , , ,
Subscribe to: Posts (Atom)