Piszki Lab | EN

My case study in the clouds…

2014/03/23
by Piotr Pisz
0 comments

Horizon View: Windows Server 2008R2 as a workstation.

One of the novelties in Horizon View 5.3 is the ability to use Windows Server 2008R2 as a workstation. This facility was established primarily for the license , the manner of licensing Windows 7 and other desktop systems in virtual environments, it is not optimal from a cost point of view (in the implementation of Horizon View). Therefore, please note that we can only license to use in such a configuration, it is invariably Datacenter. The documentation is written is true that other licenses have not been tested (that may work), but the use of a standard license on a massive scale is not viable completely. Currently, Windows Server 2012R2 is not officially supported, but that is licensed in the same way, it is expected that soon, and this configuration will be available.

Preparation for the operation of this configuration is quite simple, at the beginning we need to configure our Horizon View Connection Server. Start the ADSI Editor (Start Menu -> Administrative Tools -> ADSI Edit). Then connect to the local instance of ADAM server :

srv0

Continue Reading →

2014/03/21
by Piotr Pisz
2 Comments

Network configuration for nested ESXi 5.5 in vSphere 5.5

We are in the process of migrating our lab (physical) from vSphere 5.1U2 to vSphere 5.5. In fact, we end, as always, with the adventures. One of the steps was the migration of our nested ESXi 5.5, the so-called “personal test environments”, to new, fresh, vSphere 5.5. After migration, we found that none of the host can not see the network. After a long investigation, we develop a model that works, and presents it so (I note in advance, any changes should be made ​​of the level of the web client!):

I assume of course that the whole is based on the distribution switch and VLAN. At the beginning, change the network cards in a nested ESXI from E1000 to E100oe (also upgrading hardware version to 10):

host1

Continue Reading →

2014/03/18
by Piotr Pisz
0 comments

How to remove a package from the ThinApp directory in Horizon Workspace.

It is not easy, who does not read the documentation, can be puzzling and puzzling. By deleting the application, in the beginning, of course, we need to remove all the “permission” of users, the next step, click “delete” on the application and physically remove the directory from the repository. And that was the easy path, because we see no application directory:

tinapp2

Continue Reading →

2014/02/25
by Piotr Pisz
0 comments

A few words about Horizon View Direct-Connect

One of the novelties that are available in the new Horizon View 5.3 is available as add on the workstation add-direct-connect. As the name suggests, allows a direct connection to the client view to the virtual machine. The connection can be made ​​using ordinary (defined as “installed” somewhere) client or using Thin client (in kiosk mode).

view0.png

Addition counts suddenly about 300kb (next to nothing), during the installation you have to enter the port on which it will listen (default is proposing 443). Configuration itself is really trivial (but apparently requires editing the Windows registry), unless we issue the machine to the world ( in this interesting video on the subject), it is sufficient to install the additive itself! The connection to the machine is encrypted, of course, the plugin generates a default self-signed certificate, but if we have our own CA, you obviously prepare their own, the whole procedure is the same as for View Connection Server (certificate must have a “friendly” name vdm). Continue Reading →

2014/02/19
by Piotr Pisz
0 comments

Deep Security: Duplicate Unique Identifiers Detected

When planning the implementation of Trend Micro Deep Security, the environment in which it operates vCloud Director, you should pay attention to one of the configuration parameters in vCD, which can not be changed from the web console. By default, the time in which the machine catalog model (template), we generate a new machine in vCD (shadow copy) is not generated new UUID for the BIOS of the machine (all machines have the UUID as a master machine). Activation in the Deep Security virtual machine ends with the following message:

uuid.png

In accordance with what is described in this KB , vCD 1.0 if we use it we need to master the machine vmx file to remove the line uuid.bios (when you start the machine without uuid.bios, a number will be assigned automatically and added to the vmx file). When we vCD 1.5 (and later), we need to perform on the database (Oracle / MSSQL) the following command:

update config set value = ‘0’ where cat=’vcloud’ and name=’backend.cloneBiosUuidOnVmCopy’;

And then restart the vCD ( all its instances, if you have more than one cell). But beware, this change does not interfere with existing equipment, only the newly generated will have a unique UUID. For machinery spaces previously generated the first method. That is why it is so important to change based on the data entered once at the time of installation of the vCloud Director! I will say more, even if you do not plan to implement Deep Security, we introduce the change from the start to work with vCloud Director. Using duplicate UUID is not the best solution :)

 Was this information is helpful? Tell me, please leave a comment!

Source

2014/02/14
by Piotr Pisz
0 comments

SSL Certificates in VMware Log Insight 1.5

Edit 2014.04.15: Finally, I created a script to generate a proper certificate for (almost) any SSL (VMware) service. It works very well with LogInsight! You can find it here. You do not have to perform the steps described below! :)

 

Today I tried to replace the SSL certificate on a freshly installed instance of VMware Log Insight 1.5. Whatever I did, however, would not generate a key pair + certificate (does not matter whether it was openssl or Microsoft CA), always display the message “Invalid certificate format”:

loginsight2

And it is not a separate case, I have three instances of Log Insight, and each behaves in exactly the same way. I searched the Internet, but I found very little and nothing that would solve my problem. After a few lost hours, I decided to solve this problem, as it has already done , picking the console. At the beginning we prepare ourselves in our CA (in my case Microsoft Server 2008R2 CA) parcel (pfx, or PKCS12) containing the CA certificate, RSA key and server certificate. Copy file in to our machine Log Insight. In the virtual machine console create a user in the group “wheel”, log in using putty and execute a series of commands (as root), starting from stop service loginsight.

Continue Reading →