IT


NFR key for Veeam Availability Suite 9.5

Veeam® is happy to provide a free NFR license (1 year, 2 sockets) to all VMware vExperts, MVPs, VTEC members, Certified Engineers and Trainers*. This license allows for non-production use of Veeam Availabilty Suite™ 9,5 in your home lab, without any feature limitations. The license works for both VMware and Hyper-V environments.

Veeam Availability Suite 9.5 is a combination of Veeam Backup & Replication™ and Veeam ONE™, and is your key to achieving Availability for the Always-On Enterprise™.

By using Veeam Availability Suite 9.5, you’ll get everything you need to reliably protect and manage your VMware vSphere and Microsoft Hyper-V environments:

  • High-Speed Recovery
  • Data Loss Avoidance
  • Verified Recoverability
  • Leveraged Data
  • Complete Visibility
Fill in the form here get your FREE NFR key NOW!
*Only for vExpert, VCP, VCAP, VCI, VCDX, VMUG Leader, VTEC, VMCE, MVP, MCSE, MCSA, MCT, Cisco Champion, PernixPro Member and others.

Top tip: Linux security & auditing tool Lynis

For my work I often deploy Linux VM’s. I use Lynis for checking my system for security isssues en baseline(s).  Lynis is a security auditing tool for UNIX derivatives like Linux, macOS, BSD, Solaris, AIX, and others. It performs an in-depth security scan. Extensive reports in HTML and TXT are delivered. The company behind Linus (CISOfy) delivers great support and has a community of people working together.

Screenshot of Lynis:

lynis-screenshot

Installation is very simple (if you know your way round Linux)

Ensure that cURL, NSS, openssl, and CA certificates are up-to-date.

Create /etc/yum.repos.d/cisofy-lynis.repo

Next step is installing Lynis with yum.

First time it might ask to import the GPG key. This ensures you only updates are received from Cisofy.

Now you start using Lynis. First time users are advised to use the Get Started guide.

You see something like this (DONE/FOUND/YES/NO etc). You can open the logfiles afterwards in /var/log. Personally I prefer to pipe the output to a file also. (lynis audit system >> output_file)

lynis-check

Download Lynis here.

It is also possible to add extra checks (plugins) and/or change the default one. I created my own baseline which I can use every time.

Good luck with scanning your system! (and securing afterwards :-))

 


How to slipstream the latest updates and more in Windows ISO

For testing purposes I had to deploy several Windows 2012 R2 Servers with the latest updates included. I also would like the VMware tools included for example. In this blogpost I describe the steps I’ve taken to build my own Windows 2012 R2 ISO. It also works for other Windows versions.

I use WSUSoffline (latest version here) for downloading the latest Windows updates and NTlite for slipstreaming the drivers and creating the ISO. Finally I use Vmware Workstation to test the ISO (and for the VMware tools drivers). Make sure to download WSUSoffline and unpack it to any hard drive with enough free space for you to download the updates.

wsusoffline1

Select the x64 Server 2012 R2 (in my case) updates and hit Start!

wsusoffline2

The tool started downloading the update files.

Ok…fast forward…. make sure you have a Windows 2012 R2 ISO. Extract this to a directory with enough free space for you to work with… Now open NTlite.

Add your Windows 2012 R2 folder to the installation:

ntlite1

You notice something like this:

ntlite2

Ok, dubbel click the blue button. (This contains the files you’ve just unpacked) Notice that it can take some time for everything to load..

ntlite3

Ok.. (sorry for the Dutch translation :-)) But go to “Opwaarderingen” or “updates”. Here we are able to specify which extra updates must be added to the installation.

ntlite4

Choose the “in map en sub mappen” (folders and sub folders) to specify the directory WSUSoffline just completed downloading the updates to! That’s the client folder:

ntlite5

Ok now the updates are checked and added to the left pane!

But we want to include some drivers (see my previous post) and VMware tools too! No problem. Go to device drivers and specify the folder containing the drivers.

Now we have included all the necessary drivers we are ready to build the ISO!

ntlite6

Select the option to create the ISO (specify a location and name) and click start and of you go!


Powershell: Easily export your Windows Drivers

I was looking for a simple solution for me to export (and import later) my Windows driver. I already knew that Windows 2016 had a Powershell command for that but didn’t knew that it also worked for Windows Server 2012R2 and Windows 10!

Use the following command : Export-WindowsDriver -Destination “C:\Drivers\$((Get-WmiObject -Class win32_computersystem).Model)” -Online

export_drivers

Notice the exported drivers:

export_drivers2

Now you can easily import those drivers in (for example) SCCM or MDT.

 


Setting up Aerohive WiFi test environment Part 1 2

In this blogpost I describe I’ve taken to setyp my Aerohive WiFi whitebox environment. In my case I used the following products :

  • HP 1910 POE Switch (ofcourse you can choose another POE Switch)
  • 2x AP130 Aerohive Accesspoints incl. licenses
  • and 2 cigars while building. 🙂

IMG_20161215_090129435

First I powerd up the HP 1910 POE (power over ethernet) switch. When the fans are making less noise the Switch is bootend. First plugin an ethernetkabel to your core switch or ISP modem. I used Angry IP Scanner to locate the switch on my subnet.

Angry IP Scanner

In my case I found 192.168.0.20 the DHCP IP address taken by the switch. Now let’s login to the webinterface. Use your favourite browser and go to the IP address you found.

HP Switch menu

By Default use Admin as username with no password and the specified Captcha. When logged on change the password ofcourse and go through the wizard to change your IP Address and device name etc. Download the latest firmware for the HP1910 switch here.

Ok. now we have our Switch in working order. Check! Now we are going to configure the WiFi devices. First we must create a working Hive Manager account (Cloud). Go here to create your account. Log in when you are able to.

HiveManager1

Congrats! We are going places!

HiveManager2

Now we are going to create a location. A location is the specification where your Office and devices are present. There are 2 options. When you have floorplan of your building/office then you can easily import that file. But it’s also possible to draw your own plan. It’s based on google maps. So you can specify the address and then draw on top of the building.

HiveManager3

I choose the Create a New Network Plan option. It’s pretty straightforward.

After creating your location (and floorplan, just specify the locations of your floor) you see something like this:

HiveManager4

Now it’s time to add our devices. In my case I choose for 2 AP 130 devices. I want to test roaming for example. Go to the monitor/devices/add device option, see below.

HiveManager5

Specify your serial number and go to the next-next-next steps while creating a network policy.

HiveManager6

Voila! You added your device and created your first Network Policy.

Now connect your AP130 device. Watch the red light turn white. When you see that your AP is registred correctly! Now let’s check in the Hive Manager.

HiveManager7

You can see that the AP is green and that means everything is correct!

Wrap up

What we have just did is to quickly configure the POE Switch (in my case HP1910), created an Hive Manager Cloud account and configured our first Network Policy with one device.

Let’s connect to the Accesspoint using the credentials you’ve just specified. And check if the connection is working.

HiveManager8

In my case everything is working. My mobile phone has a working connection!

 

 

 

 

 

 


How to fix “A specified logon session does not exist. It may already have been terminated” 2

 

After changing my internal subnet I ran into an issue connecting to my NAS devices. Ofcourses I changed the IP addresses but on some devices I couldn’t reach them any longer.

 

image

After some “googling”I found that many more people have runned into this problem. Some of them found their solution in changing the Local Security Settings, Network access: Do not allow storage of passwords and credentials for network authentication. I had to change this to Disabled. (Using this option previous or old passwords are not used any longer, but I didn’t change the password so it had to be something else)

image

My solution was:

– Launch the “Credential Manager” in Windows 10 (search for it in the start menu)
– Open “Windows Credentials”
– Click “Add a Windows credential”

 

image

– Launch the “Credential Manager” in Windows 10 (search for it in the start menu)
– Open “Windows Credentials”
– Click “Add a Windows credential”
Internet or Network Address: \\servername (replace with the Netbios-name of your cloudstation, or use IP)
User name: servername\username (replace with netbios-name and the username you are connecting with)
Password: Self-explanitory
Delete old settings with the same IP address.


Review: Altaro VM Backup

I’m using Altaro VM Backup for my Hyper-V whitebox environment for a couple of years now.
Recently I tested the latest version. Hereby my experiences.

Their latest version of VM Backup changed in comparison to previous versions.
I noticed several new features/improvements and a slightly improved UI.

altaro8

(Some of) Altaro VM Backup features:
– Built for virtual environments (both Hyper-V and VMware)
– Back up live VMs (Zero downtime by leveraging Microsoft VSS)
– Offsite Backup Replication
– File and Exchange item level restore
– Back up live VMs with no downtime
– Microsoft VSS Integration
– Support for Cluster Shared Volumes & vCenter
– Restore to different Hyper-V host or clones
– Central management console, management of multiple hosts
– Compression & Encryption
– Auto-upload Error Reports & Remote Support integration (Live Chat embedded)
– Offsite Backup Replication
– Altaro Offsite server (I shall update this post very soon with more information about this feature)

Altaro VM Backup 6.5 has been released adding the Change Block Tracking (CBT) feature for Hyper-V that gives the backups a speed boost of up to 33 times on incremental backups. Upgrading to the latest version is simple, go to the update download page in the user interface to download the update file. (Changed Block Tracking is conceptually similar to snapshot-technology. It determines if any blocks have changed since the last snapshot and tags the blocks that have been changed, to copy out only the blocks that have changed the last backup)

Altaro can be installed on a physical host or in a virtual machine. There is no Linux version (or OVF) available. (It would be nice to have that option although!) Configuring the program is very easy. In just a few steps you’re ready to go!

First configure the VMware or Hyper-V server (or vCenter), specify the IP settings and login creds and go to the following steps. Specify a back-up location, either a normal backup location (physical drive or network path) or a offsite location (either a physical drive, drive rotation or swap schema, network path of Altaro Offsite Server with WAN Acceleration). Configure the schedule, retention policy, the notifications and advanced settings (VSS, master encryption) You are all done configuring!

Now we are ready to back-up your virtual machines! Just 2 options, choose to take a backup or take a offsite copy.
Restoring the virtual machine is easy, you can use the default restore option or the granular option. With the granular restore you can specify specific files or folders to restore. It’s even possible to open an exchange edb file to restore specific exchange items (mail, calender items etc).

altaro6

 

A nice option is, that it’s very easy to test your backups using the sandbox feature. Using this feature you can test your backup&restore in just a few steps. It does a complete restore in a virtual (sandbox) environment. So nothing happens with your running VMs. Using this method you can test the complete backup/restore procedure.

When you need support, there are several options:

altaro7

You can use email and phone support, but a nice feature is the Live Chat support option. All the necessary information can easily be given to Altaro support so that they can help you. A very nice and unique feature!

If you are love security Altaro VM Backup give you the option to use an encryption key in your backups.
So in case of stolen your backups or any other scenario nobody can restore it if doesn’t has the encryption key.

Altaro built in al the reporting tools you need. In one overview you see your backup and restore results and actions.

Altaro comes with per-socket licensing and is as mentioned available in three editions:
– Unlimited Edition (all functionality for an unl. number of VMs and supports clusters, 585 dollar)
– Standard Edition (most functionality with protection of up to five VMs, 395 dollar)
– Free edition (protects up to two VMs)