My IT Blog

Hyper-V Live Migration Configuration Requirements Before a running virtual machine can be migrated from one host to another there are some mandatory requirements that must first be met: Hyper-V 2008 R2 must be deployed on both hosts. The first version of Hyper-V does not support live migration. Source and destination Hyper-V hosts must be configured as a Failover cluster with shared storage enabled. Source and destination systems must be using shared storage (i.e. via SAN or iSCSI configurations) Source and destination systems must be running processors from the same manufacturer. It is not, for example, possible to migrate a virtual machine from an Intel based host to one containing an AMD CPU. The virtual machine on which the migration is to be performed must be configured as Highly Available and to use Cluster Shared Volumes. The virtual machine's Automatic Start Action setting must be set to do Nothing. All Hyper-V hosts in the Failover cluster must be configured t

Description of problem: Client is attempting to kickstart RHEL5 to a blade system with SAN attached storage. The customer is hitting an issue where anaconda complains with the following message at the beginning of the install: On virt console 1: Warning: /dev/sda is a read-only filesystem and hit OK to continue On virt console 3: parted exception: Warning: Unable to open /dev/sda read-write (Read-only file system). /dev/sda has been opened read-only The customer has to hit OK to accept this and the installation will then complete successfully. There are currently two LUNs presented from the SAN to the host. /dev/sda is indeed read-only and apparently it is a gatekeeper type device that is exported/presented to numerous hosts hence why it's read-only. /dev/sdb is the second LUN device that we want to install to. I've tried using the following entries in the kickstart file: ignoredisk --drives=sda clearpart --all --drives=sdb partition /boot --fstyp

Zoning Many devices and nodes can be attached to a SAN. When data is stored in a single   cloud , or storage entity, it is important to control which hosts have access to specific devices. Zoning controls access from one node to another. Zoning lets you isolate a single server to a group of storage devices or a single storage device, or associate a grouping of multiple servers with one or more storage devices, as might be needed in a server cluster deployment. Zoning is implemented at the hardware level (by using the capabilities of Fibre Channel switches) and can usually be done either on a port basis (hard zoning) or on a   World-Wide Name   (WWN) basis (soft zoning). WWNs are 64-bit identifiers for devices or ports. All devices with multiple ports have WWNs for each port, which provides more detailed management. Because of their length, WWNs are expressed in hexadecimal numbers, similarly to MAC addresses on network adapters. Zoning is configured on a per-target and initiator basis

Windows Server 2008 Terminal Services will present a whole new set of features and functionality that will most likely be of interest to many. As organizations explore these new technologies, it will be important to understand how Windows Server 2008 terminal server licensing differs from Windows Server 2003 and how Microsoft is making the process of terminal server licensing easier to manage. This two-part series will explore the changes in terminal services licensing in Windows Server 2008, including functional changes and management improvements. Some highlights of the changes are as follows: Per User CAL allocation is still not enforced – although it can be tracked in Active Directory. Terminal Server CAL revocation for Per-Device CALs Changes to license server discovery New built-in tools to assist in troubleshooting licensing-related issues Interface changes surrounding management and reporting Installation Process Changes The first noticeable change in the l

It is convenient to mount an ISO file directly instead of burning it to a CD first. This recipe describes the command used to mount an ISO image on a Linux system. As a requirement, you have to be logged as root. To mount the ISO image file.iso to the mount point /mnt/test use this command: mount -o loop file.iso /mnt/test It will work for a CD or DVD ISO image. You can also specify the format of the CD: mount -o loop -t iso9660 file.iso /mnt/test

It happens all the time doesn’t it? You need to unmount a CD or you want to pack away the external drive but when you try to umount it you get the dreaded “device is busy” message. Wouldn’t it be great if Linux actually told you what was keeping the drive busy? # umount /media/disk/ umount: /media/disk: device is busy umount: /media/disk: device is busy First thing you’ll do will probably be to close down all your terminals and xterms but here’s a better way. You can use the fuser command to find out which process was keeping the device busy: # fuser -m /dev/sdc1/ dev/sdc1: 538 # ps auxw | grep 538 johnd 538 0.4 2.7 219212 56792 ? SLl Feb11 11:25 rhythmbox Another handy one is: umount -l /dev/sdc1 This does a lazy umount which immediately detaches the drive from the filesystem, and then cleans up everything afterwards. This is especially handy if it’s a networked file system (NFS etc) and the network has gone down. You can also use: umount -lfr /mnt/sambamo

NFS (Network file system) is both a protocol and file system for accessing and sharing file systems across a computer network using UNIX and Linux. NFS v4 is used in modern Linux distributions. It offers performance improvements, mandates strong security, and introduces a stateful protocol etc. How do I export a directory with NFS? NFS server configuration In order to export or share directory called /data2, you need to edit a file called /etc/exports. The file /etc/exports serves as the access control list for file systems which may be exported to NFS clients.: # vi /etc/exportsAdd config directive as follows:/data2 *(rw,sync) Each line contains an export point and a whitespace-separated list of clients allowed to mount the file system at that point. Each listed client may be immediately followed by a parenthesized, comma-separated list of export options for that client. Where, rw - Allow both read and write requests on /data2 NFS volume sync - Reply to reques

To install a Web server certificate that lacks a pending certificate request: 1. Click Start >  point to Run >  type cmd > click OK. 2. Navigate to the directory where Certutil.exe is stored;  by default, this is %windir%\system32. 3. Type the following command at the command prompt: certutil -addstore my certnew.cer  where certnew.cer is the name of the certificate you received from the certification authority (CA). You should see the following message: CertUtil: -addstore command completed successfully. 4. Navigate to the directory where you stored the certificate you received from the CA. Double click the saved certificate. 5. Click the Details tab and select <All> in the Show drop-down list. 6. In the Field list, select Thumbprint to display its value in the view pane. 7. Select the Thumbprint value in the view pane and then click CTRL+C. 8. Return to the command prompt window and type the following command: certutil -repairstore my "thu

You can control Windows services of a remote computer just using the command line. There are some options around there, but the one I use is psservice. This is a command line utility, part of PsTools, that allows you to control services. (See at the bottom a short description of PsTools). The syntax is very simple: psservice.exe \\HOST -u USERNAME -p PASSWORD COMMAND SERVICENAME HOST - is the hostname or ip address of the host to control (local or remote) USERNAME - a user with permissions to control services of the HOST PASSWORD - the password of the user COMMAND - the action to take with the service. The most commonly used are: query, stop, start, restart SERVICENAME - the name of the service to control For example, to restart IIS service of a remote server: psservice.exe \\192.x.x.x -u user -p ******* restart W3SVC If you receive an error like: Unable to access Service Control Manager on \\192.x.x.x: Access is denied. or Unable to connect to \\192.x.x.x

Self-Signed IIS SSL Certificates using OpenSSL This tutorial assumes that you have a Linux box with OpenSSL installed,and that you want to create a self-signed certificate for IIS5.0 / 6.0 Set up your CA (you only have to do this once) ON THE LINUX BOX… Create a private key openssl genrsa -des3 -out CA.key 1024 (You’ll need to supply a passphrase. DON’T FORGET THIS!!) Set this to read-only for root for security chmod 400 CA.key Create the CA certificate openssl req -new -key CA.key -x509 -days 1095 -out CA.crt (Provide appropriate responses to the prompts…for Common Name, you might want to use something like “OurCompany CA”) Set the certificate to read-only for root for security chmod 400 CA.crt Obtain a CSR ON THE IIS BOX… Open the Internet Manager Select the site for which you want to create a key Right-click and choose Properties Select the “Directory Security” tab Click the “Server Certificate” button Follow the prompts to create a CSR Save yo

The symptom is that if you start Terminal Services Manager (aka. TSM) and double-click on another server of your domain in the list (to get the list of sessions on that TS server), then that server simply disappears from the server list, or just appears with a red "cancel" icon. For me the problem was solved only by starting the "Remote Registry" service (since it was stopped) on the TS server.