Piszki Lab | EN

My case study in the clouds…

2014/02/10
by Piotr Pisz
0 comments

Random disconnections for PCoIP session.

In our laboratory, we have a pretty good environment, except unfortunately the network. It just happened that the network is administered by someone else and to Lab get garbage. Old routers, switches etc even older. etc.. At the moment in which our entire department went on thin terminals , we began to feel the wild fluctuations that ultimately brought to the widespread, quite accidentally, unfasten the PCoIP session. Diagnosis of the problem is very difficult, it often happened that the one terminal run for hours without a problem, and the outlet next door, could not work, restart every minute session. The session logs often appeared the message: No PCoIP date received in the past 3 seconds (to peer connection might be lost). And in the course of intensive work and a virtual machine!

At this point I really want to commend the author of the PVoIP Log Viewer , brilliant tool, literally drags to light all the parameters of our PCoIP session.

pcoip1

Continue Reading →

2014/02/04
by Piotr Pisz
0 comments

VMware Lab Part 1, the preparation of a nested ESXi 5.5

In the “zero” bit theorized , this time the same practical exercises. Preparation of nested (Nested ESXi) hosts, or fully virtual, it is difficult and about the network is a lot of guides. Of course, we will prepare our hosts in the vSphere environment if you want to perform this operation in VMware Workstation, here is an interesting video showing the whole process (but do not stop reading this article I let a wink.) At the beginning we need to verify whether our physical ESXi virtual hosts support. Specifically, the installed processors support Intel VT technology and EPT or AMD-V and RVI. You can check this by hand, by going to the page https://ADRES_ESXI/mob/?moid=ha-host&doPath=capability . Log into the local root user and look for the line nestedHVSupported:

esxi1

If instead true we will have a false, it means so much, that in our nested ESXi will be able to run 32-bit systems only. Continue Reading →

2014/02/02
by Piotr Pisz
0 comments

SSL Certificates in Horizon Workspace 1.5.1

About the river, who started from version 1.0 (Beta) knows, the bad news is that nothing has changed, it is still a hassle.

Attempting to load the correct pair of certificate / key in the “configurator-va” (Failed to initialize the Java keystore handling):

ssl_error.png

Fortunately, in the old days, when we tested the beta of Horizon Workspace, got some unofficial pdf documents describing how to deal with various problems. Among other things, there was a description of how to automatically generate and distribute certificates to all machines va, included in the vApp Horizon! Now we have version 1.5.1 of Horizon Workspace and magical script is still there and still works without a problem!

To perform the entire operation, we will need the certificate and private key of our CA. If this is Microsoft Active Directory Certificate Services, we will have (if restrictions permit) to export your primary cert/key and convert it into text format. Then, log in as root to the machine configurator-va (I suggest you immediately add a normal user (group wheel), and login via putty, it will be much easier). Continue Reading →

2014/02/01
by Piotr Pisz
5 Comments

Trend Micro Deep Security

For a long time I carried out with the intention to describe this product, in the end there was an appropriate occasion, scored exchange Trend Micro Deep Security 9.0 Support Track, I passed the exam and as of today I am the Trend Micro Certified Security Master :)

tmds.png

Deep Security use of version 8.0 which was installed on the vSphere 5.0, currently we have 9.0 sp1 on vSphere 5.1. In January, comes version 9.5 which will be fully compatible with vSphere 5.5. Currently, our license covers all the modules, but we know that version 9.5 will be extended for another, including those that allow you to scan in terms of security web portals (such as holders of the portal, we are going to test all the new products). Deep Security provides complete protection of the environment in a virtual (and physical), including protection of virtual machines in the “no agent-based.” DSM installation itself is simple . Configuration is intuitive , take a look at it with the ” Best Practice “. Continue Reading →

2014/01/31
by Piotr Pisz
0 comments

Access to the Organization in vCloud Director by Horizon Workspace Web Application

This procedure work in Horizon Workspace 1.8! Uśmiech

One of the very cool features Horizon Workspace , is the possibility of deposition of applications such as the “web”. These are generally nested redirection to external sites, using the opportunity to combine authentication mechanism through the use of SAML / SSO. SAML (Security Assertion Markup Language) is a transport protocol which mediates the authentication of users (and transmission of information about user permissions between systems). So, more human language, a user logs in only to Horizon Workspace (AD domain where the station is installed on the client, this is done automatically), then “click” in application “vCloud” and is transferred automatically logged into your Organization (with appropriate permissions). Benefit from the use of SSO is known, is always less than the number of windows login / password to overcome. Benefit second, the exposure to the world of a single portal (eg for remote workers or those with BYOD internally) with a set of properly prepared “redirects” (and the rest of ThinApp’uff).

Preparation of such a WebApp is very simple , in a first step we charge an XML file containing the appropriate Identity Provider metadata. After logging into the Horizon Workspace as an administrator, all the necessary links are in the Settings -> SAML Certificate (or direct address https://horizon_server/SAAS/API/1.0/GET/metadata/idp.xml ):

ho1.png

Continue Reading →