VMware Walk Through

So VMware alway releases a lot of ground breaking new technology and at times it can be hard to catch up especially if you would like to try out the features. Most times your lab at home/work doesn't quite meet the requirements. There are Hands on Labs from VMware but most times you just want a quick walk through of how to set something up to give you a feel of process.

Well VMware has release a new website at http://www.vmwarewalkthroughs.com/. The idea behind this is so that you can have a basic walkthrough of how to set up some of the new products such as VSAN, NSX, Hadoop Clustering, vCloud Suite. Pop along and have a look.

http://www.vmwarewalkthroughs.com/

Web Beacons in Outlook Web App

Web beacons frequently come in the form of images that are downloaded onto a user's computer when the user opens a junk e-mail message. After the images are downloaded, a Web beacon notification is sent to the sender of the junk e-mail message that informs the sender that the recipient e-mail address is valid. After this, the user will probably receive junk e-mail more frequently because the junk e-mail sender has verified that the user's e-mail address is valid. Web beacons can also contain harmful code and can be used to circumvent e-mail filters to deliver an e-mail message from someone who is sending unsolicited commercial e-mail.

In Outlook Web App, an incoming e-mail message that contains content that can be used as a Web beacon prompts Outlook Web App to display a warning message to the user to inform the user that the content has been blocked. This occurs regardless of whether the message actually contains a Web beacon. If a user knows that a message is legitimate, they can enable the blocked content. If a user does not recognize the sender of the message, they can open the message without unblocking the content, and then delete the message without triggering beacons. If your organization does not want to use this feature, you can disable the blocking option.

The settings for filtering Web beacons are stored in Active Directory. You can configure how potential Web beacon content is filtered by using the Set-OwaVirtualDirectory cmdlet.

The following list describes the parameters in the FilterWebBeacons property for Web beacon filtering in OWA:

• UserFilterChoice - By using this parameter (selected by default), you can let users decide whether they want to enable or continue to disable the blocked Web beacon content. OWA blocks all potential Web beacon content in an e-mail message and displays the following message in the information bar when a user receives an e-mail message that contains potential Web beacon content: "To help protect your privacy, Outlook Web App has blocked some images, sounds, or forms that can communicate your information to other Web sites. If you are sure that this message is from a trusted sender and you want to re-enable the blocked features, Click Here." To view the blocked content, the user can click the Click Here option;
• ForceFilter - By using this parameter, you can block all potential Web beacon content. OWA blocks all potential Web beacon content in an e-mail message and displays the following message in the information bar when a user receives an e-mail message that contains potential Web beacon content: "To help protect your privacy, Outlook Web App has blocked some images, sounds, or forms that can communicate your information to other Web sites." Users cannot override the ForceFilter parameter to view the blocked Web beacon content;
• DisableFilter - By using this parameter setting, you allow all potential Web beacon content in OWA.

Safe and Blocked Senders list in OWA 2013 and Office 365

It is very straightforward for end user to configure their Safe Senders and Blocked Senders list in OWA both for Exchange 2013 and in Exchange Online.

On the main page of OWA, select the gear icon at the top right of the page and select Options:

From the left hand pane of the Options panel, select block or allow:

In this page, users can add the desired sender(s) or domain(s) to the Safe Senders or Blocked Senders list by typing the e-mail address or domain name and selecting the add icon. Once all of the entries are added, scroll down to the bottom of the page and select save.

Exchange Legacy API Scanner for Mail-Enabled Apps

Microsoft Exchange Server has a long history of creating APIs that administrators can use to extend and integrate applications with Exchange. Some Exchange programming technologies that are available in versions of Exchange earlier than Exchange 2010 are now obsolete and have been replaced with other technologies. However, it is not always clear which API is used in an application to communicate with Exchange. Under certain circumstances, it might not even be clear which application in a company network interact with Exchange, which makes a transition to Exchange 2010/2013 difficult.

The Exchange Legacy API Scanner project aims to help administrators identify applications which interact with Exchange using API which are deemphasized or obsolete in Exchange 2010.

Currently, the scanner finds these types of dependencies:

• Organization wide: Exchange store Event sinks on public and private folders as well as globally registered event sinks;
• Server wide: Event bindings on a locally installed SMTP Server (i.e. ISMTP_OnArrival) and DLL dependencies for ExOleDB, CDO, CDOEx and MAPI.

Last Logon Information in Exchange 2013

If we want to check when a user last logged on to their mailbox in Exchange 2007 and 2010 we have to use the Exchange Management Shell [EMS] and the following cmdlet:

Get-MailboxStatistics <<User>> | Select LastLoggedOnUserAccount, LastLogonTime

Note that the LastLoggedOnUserAccount property indicates the account last used to log on to the mailbox. This could be a user with FullAccess permissions to the mailbox, a delegate or even someone simply checking the user’s Calendar!

With Exchange 2013 part of this information is now available through the Exchange Administration Centre as well. If you:

• Navigate to Recipients and then Mailboxes;
• Double-click on the user you want to check this information for;
• Select the Mailbox Usage tab and in there you will see the Last Logon date and time.

 However, to check who actually logged on, we still need to use the EMS...

Outlook and OWA Versions and Features

 Ever wondered what the different features available on each of these clients are?

•          Outlook 2003, 2007, 2010
•          Outlook Web App 2010, 2010 SP1
•          Outlook Web Access 2007, 2007 SP1

The following Wiki will tell you exactly that: Outlook and Outlook Web Access Versions and Features.

Access vSphere Web client blank page in Chrome

Today I came across in my LAB where when I tried to access my vSphere Web Client in chrome and I just get a blank web page with no error message. At first I thought my vCenter Web client service was having issues and did a couple of restart.

I then decided to use firefox and internet explorer to make sure it was not a browser problem and it appeared to work in the other browsers.

Next I decided to clear all the cache in Chrome and it still didn't work at all !!!. Last resort for me was to try and reset the browser settings to their original defaults which worked. So to reset the browser settings to default you need to:

Open chrome > Open Settings > Show Advanced Settings > Reset browser Settings > Reset
Close Chrome and open again and if you was using self-signed certificates click "Proceed anyway"

Just a word of warning of reset browser settings where you will lose all your settings. There is an article on VMware website but it is for issues with accessing the help function within the web client

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1037183

I will try this fix if I get the same issues again during my LAB

Virtual hardware features available for each version of vSphere

There is a great KB (KB 2051652) article which can be used as a quick reference for finding out what virtual hardware is available for each virtual hardware version. It is documented from Version 4.x up to the latest 5.5. 

http://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&docType=kc&externalId=2051652&sliceId=1&docTypeID=DT_KB_1_1&dialogID=46428918&stateId=0%200%2046448013

Archive Mailbox Stats

Although Personal Archives in Exchange 2010/2013 are often in cheaper and larger storage than “normal” mailboxes, we still need to keep an eye on them to check how archives are growing and how (if!) users are using it.
Here’s a simple script to get some statistics regarding all the archive mailboxes in your environment:

$mbcombCollection = @()

$archiveMbxs = Get-Mailbox -Archive -ResultSize Unlimited | Select Identity, ArchiveWarningQuota, ArchiveQuota

ForEach ($mbx in $archiveMbxs)

{

       $mbxStats = Get-MailboxStatistics $mbx.Identity -Archive | Select DisplayName, StorageLimitStatus, TotalItemSize, TotalDeletedItemSize, ItemCount, DeletedItemCount, Database

       $mbcomb = "" | Select "Display Name", StorageLimitStatus, "TotalItemSize (MB)", "TotalDeletedItemSize (MB)", ItemCount, DeletedItemCount, Database, "ArchiveWarningQuota (GB)", "ArchiveQuota (GB)"

       $mbcomb."Display Name" = $mbxStats.DisplayName

       $mbcomb.StorageLimitStatus = $mbxStats.StorageLimitStatus

       $mbcomb."TotalItemSize (MB)" = [math]::round($mbxStats.TotalItemSize.Value.ToMB(), 2)

       $mbcomb."TotalDeletedItemSize (MB)" = [math]::round($mbxStats.TotalDeletedItemSize.Value.ToMB(), 2)

       $mbcomb.ItemCount = $mbxStats.ItemCount

       $mbcomb.DeletedItemCount = $mbxStats.DeletedItemCount

       $mbcomb.Database = $mbxStats.Database

       $mbcomb."ArchiveWarningQuota (GB)" = $mbx.ArchiveWarningQuota.Value.ToGB()

       $mbcomb."ArchiveQuota (GB)" = $mbx.ArchiveWarningQuota.Value.ToGB()

       $mbcombCollection += $mbcomb

}

#$mbcombCollection

$mbcombCollection | Export-Csv D:\Scripts\Reports\"ArchiveStats_$(Get-Date -f 'yyyyMMdd').csv" -NoType

Exchange 2013 Jetstress

A new version of Jetstress, the Microsoft tool that simulates Exchange disk I/O load on a server, has reached a new version, this time compatible with Exchange 2013 RTM and Cumulative Update 1 version.

Jetstress simulates Exchange database and log file loads produced by a specific number of users in order to verify the performance and stability of a disk subsystem before putting Exchange server into a production environment. Note that you should also use Performance Monitor, Event Viewer and ESEUTIL in conjunction with Jetstress to verify that the disk subsystem meets or exceeds the performance criteria established.

This latest version, 15.0.658.4, released last March, can be downloaded from here.

Manage Exchange Management Shell Access

Remote Shell in Microsoft Exchange Server 2010/2013 enables you to manage your server running Exchange from a remote computer, either on your network or from the Internet. You can enable or disable a user’s ability to connect to an Exchange server using remote Shell.

 

To enable remote Shell for a user, set the RemotePowerShellEnabled parameter to $True using the Set-User cmdlet:

Set-User -RemotePowerShellEnabled $True

 

To disable remote Shell for a user, set the RemotePowerShellEnabled parameter to $False using the same Set-User cmdlet:

Set-User -RemotePowerShellEnabled $False

Smallest ESXi Server ? for now

I was reading an article from website hackingaway.org where they have built a server class ESXi host which is small enough to carry "2" on the plane as your hand luggage. That is very impressive and although the maximum RAM is 16GB I think that is enough considering SSD is being used as well.
Pop along to the website and see how it was built  http://hackingaway.org/small-esxi/

Network Ports used in vSphere Products

Want to know what ports and protocols are being used by vSphere to communicate?
Check out the diagram produced by VMware on the mapping of all the ports and protocols that are being used by :

• ESXi 5.x & vCenter 5.x
• Update Manager
• vCloud Director 5.x
• vCenter Orchestrator

Can be pretty handy to use especially if you have firewalls in place between these components

 

http://kb.vmware.com/kb/2054806

 

 

 

Recipient Status Junk E-Mail

If you have users complaining some e-mails go straight to their Junk E-Mail folder, it is worth having a look at their Outlook configuration once you establish the e-mails are valid and there is no reason for them to be considered Spam.

 

If you check the Message Tracking Logs and see the following RecipientStatus:

RunspaceId              : 82ae90ad-cebf-4595-82ea-a78820cdd6cd
Timestamp               : 12/06/2012 17:07:45
ClientIp                :
ClientHostname          : HUB1
ServerIp                :
ServerHostname          : MBX1
SourceContext           : 08CF16C1275CCA32;2012-06-12T16:06:49.380Z;3
ConnectorId             :
Source                  : STOREDRIVER
EventId                 : DELIVER
InternalMessageId       : 13137
MessageId               : <CAN_JmwcSM+=9goLHua4rdmw4GfKth4bL1dJqkNfH-6M4W_+NEg@mail.gmail.com>
Recipients              : {[email protected] }
RecipientStatus         : {Junk E-Mail}
TotalBytes              : 3869
RecipientCount          : 1
RelatedRecipientAddress :
Reference               :
MessageSubject          : Sample E-mail
Sender                  : [email protected]
ReturnPath              : [email protected]
MessageInfo             : 2012-06-12T16:07:26.365Z;SRV=HUB1.letsexchange.com:TOTAL=19|QD=16|SDDR=1|SDDS=2|SDD=2
MessageLatency          : 00:00:19.4070000
MessageLatencyType      : EndToEnd
EventData               : {[MailboxDatabaseName, mdb27], [DatabaseHealth, 64]}

 

This might be due to the Spam options in Outlook itself. To check this, go to the user’s Outlook (or give yourself FullAccess to the mailbox), then go to Tools -> Options and click on Junk E-Mail... on the Preferences tab. Now check the Blocked Senders tab and make sure the sender is not listed there.

Exchange 2013 Crimson Channel Event Logs

Windows 2012 has two categories of event logs: Windows logs which includes the usual Application, Security and System event logs, and Applications and Services. Applications and Services logs are a new category of event logs that are used to store events from a single application or component, such as Exchange. This new category of event logs is referred to as an application's crimson channel.

Exchange 2013 makes use of this and logs events to crimson channels in the Applications and Services logs area. To view these channels:

• Open Event Viewer;
• In the console tree, navigate to Applications and Services Logs -> Microsoft -> Exchange;
• Under Exchange, select the crimson channel HighAvailability or MailboxDatabaseFailureItems.

The HighAvailability channel contains events related to startup and shutdown of the Microsoft Exchange Replication service and other components that run within it, such as Active Manager or VSS writer for example. The HighAvailability channel is also used by Active Manager to log events related to Active Manager role monitoring and database action events, such as a database mount operation and log truncation, and to record events related to the DAG's underlying cluster.

The MailboxDatabaseFailureItems channel is used to log events associated with any failures that affect a replicated mailbox database.

VMUG (Virtual Machine User Group) London Tuesday 21st May 2013

Not to confuse yourself with VMUG (VMware User Group) this is a "Virtual Machine User Group" where they are independent from vendors. They basically talk about all kinds of virtualisation and cloud product which is good as you would be able to get a mixed group of people sharing their experience with different vendors.

The next event in London is on Tuesday 21st May 2013. Presentation for the day are:

Microsoft - Labs in the Cloud

VMware - Automation

York University - VDI Case Study

eG Innovations - VDI Performance

OGD - Virtualise AD

Verizon - The Next Gen Cloud

 

Go here for the full detail of the day event http://vmug.org.uk/index.php/london210513

 

The event is held at Double Tree by Hilton @ 7 Pepys Street, London, EC3N 4AF

 

Veeam Management Pack for VMWare - Version 6

Last week Veeam announced the availability of the latest version of their Operations Manager extensions for VMWare. Veeam Management Pack for VMWare Version 6 builds on the previous versions of the product , formerly known as nWorks, and includes a number of new features that will extend the capabilities of System Center further. 

Some of these new features include:-

Capacity planning reports

• Veeam MP offers four new capacity planning reports, built directly in Microsoft System Center:
• Host Failure Modeling
• Performance Forecast for Datastores
• Performance Forecast for vSphere Clusters
• Virtual Machine Capacity Prediction

Storage Monitoring Heatmaps

• New heatmaps for datastore space and datastore performance usage provide an instant visual representation that uses color and graphics to show how rapidly your infrastructure is growing. You can see at a glance which VMs are the biggest, which are the fastest growing and drill down to find out why.

System Center 2012 Dashboards

• Real-time performance views of critical vSphere systems are presented in new dashboard views—such as ‘Top 10 hosts for CPU’ per-cluster and ‘Top 10 VMs for Disk I/O’ per datastore—that leverage System Center 2012 Operations Manager widgets.

New model for Storage and Network

• Separate topology views of distributed storage, network and compute environments allow you to quickly browse relationships and dependencies among your critical applications, services and supporting virtual and physical infrastructures. You can link from the topology view directly to real-time dashboards and monitor key metrics, such as latency, provisioning and utilization.

Performance Analysis and Correlation Monitors

• Monitors accept input from multiple performance metrics and gather correlated data from other vSphere objects to help you solve problems faster. Dynamic correlated data is provided right in the alert description.

And support for Windows Server 2012

To find out more visit Veeam's website, http://www.veeam.com/vmware-microsoft-esx-monitoring.html

VMware Horizon View 4.0

VMware has now released Horizon View 4.0. There is a website on "why choose VMware Horizon" which has tons of information and videos to help you understand Horizon View and why use it

http://www.whychooseview.com

PST Capture 2.0

Back in 2012, Microsoft released the PST Capture Tool that allows administrators to scan the network for Outlook PST files and import them into primary or archive mailboxes of an on-premise Exchange deployment or Exchange Online. For more details on this tool, please check the Microsoft PST Capture Tool article on MSExchange.org.

In February 2013, Microsoft released the second version of this tool. This new version includes several improvements:

• Support for Microsoft Exchange Server 2013;
• The code have been updated to use Outlook Anywhere (RPC over HTTP);
• Fixed Exchange Online import failure issue when PST Capture is not installed on an Exchange server;
• Removed the limit of 1,000 users when performing an import to Exchange Online;
• General performance improvements.

You can find PST Capture 2.0 here and its documentation here.

The Team Expands

Hi All, my name is James Henderson. I have just joined the team here at myVMX and will be contributing alongside Kin Yung and Nuno Mota in providing articles, reviews, tips and tricks for a variety of different subjects. 

Some of the areas I work around include: System Center Suite (with a particular focus on Operations Manager (SCOM), Apple iOS, Mobile Device Management, Certificate Services and a variety of others. 

I hope my posts are of interest and I can't wait to get started.

Veeam Backup and Replication Cloud Enabled Edition

Veeam has just recently released backup and replication cloud edition. This allows you to use public cloud storage to store your backup as Veeam has written the required API to connect to these providers. Currently it supports the following 15 cloud storage providers listed below and I believe it will grow as the up take of the product happens:

Amazon S3
Amazon Glacier
Azure
Openstack
Rackspace
Google
HP Cloud
Clodo
Haylix
Scality
Dunkel
Tiscali
HostEurope
DreamObjects
GreenQloud
Seeweb
Connectria
Walrus
Mezeo


Veeam is a great backup product and I have been using it in my test lab to help me backup my lab machines. There are some questions which should be thought through before using a cloud storage provider for backup;

• Does your data have to be held within a country? region?  due to sensitivity? or restricts? As you may not know how these providers distribute or store your data you need to understand this in case it is breaking some laws for the data you have

• Most providers charge you very low cost to store the data but when you recover the data they charge you to transfer out. So check how often you need to restore and how much data you normally recover to give you a rough idea how much it could cost you over a period of time

• Do these provider offer alternative way to retrieve the data? ie sending you the drive?. Reason is that if you lost 5 virtual machines and you needed to retrieve 300GB data across the wire how long would that take? could you do it within your SLA you have with your customers/users?. If your primary data centre failed would you be retrieve the data somewhere else?. You don't want to be thinking about these issues when a disaster strikes

•  Are there support numbers you can call and speak to someone? or is it just via email?

• Can you just retrieve the data yourself or do you need to log a call first?, some providers archive to tape so a support ticket it required to be log so that they can load the tape for you, this means the SLA times will change as well for you and customer

• Does you current internet pipe have the capacity to take the backup transfer load as well?, do you need to upgrade? you don't want your backup and recovery disrupting your main business

• How secure is your data held at their data centre?, do system administrators at the provider have access to your data without your knowledge? are you in control of your data?

• Have the investment you made for your current backup infrastructure paid for itself now? was a lot of capital investment made for it and to change to the new cloud backup would mean you would need to write off the investment?

• What happens if the company goes bankrupt or shuts down?, can you still get your data?

These are some of my thoughts that you should consider before moving your backup to the cloud. I agree it could save you money i.e. no capital spend (some companies like that) but do check that the cost is not hidden in something else like needing to upgrade your internet pipe or the cost of retrieving data. Also it sounds good that you can move from provider to provider but in reality would you do it? given the amount of data you would need to move and more management overhead required to look after these providers. By all means test it with Veeam before you commit to changing your whole backup strategy to using cloud storage as this is a big jump in my opinion.

Here is the link to the new product from Veeam :
http://www.veeam.com/cloud-backup-vmware-hyper-v.html?ad=btn

YouTube Channel vmware technical publications

For people who would prefer to listen and watch there is a youtube channel for vmware technical publications

http://www.youtube.com/user/VMwareTechPubs

Released: Exchange Server 2010 SP3

Finally the much anticipated SP3 for Exchange 2010 has just been released! It brings the features and capabilities:

• Support for installing and deploying Exchange 2010 on Windows Server 2012;
• Support for Internet Explorer 10 to connect to Exchange 2010;
• Fixes;
• Coexistence with Exchange 2013.

Important: Exchange 2010 SP3 allows Exchange 2010 servers to coexist with Exchange 2013 CU1, which is scheduled to be released in February 27th.

 

Please also note that this Service Pack requires schema updates.

 

DOWNLOAD it here.

vsphere 5 netapp NFS disconnect bug

I have just read on two blog post by Cormac Hogan and Vaughn Stewart where there seems to be an issue with vSphere 5.x connected to Netapp using NFS. On occasions where there is high load (I/O) the datastores would disconnect or disappear for a period of time and then reappear. There is some work around available which are
1) Reduce the max queue depth down to 64
2) If you have license to use storage I/O control then this would help prevent the issue
3) Upgrade ONTAP to either 7.3.7 P2, 8.0.5 or 8.1.3

We are not currently experiencing these issues but we will be implementing option 1 in case it happens suddenly. In the long run we are planning the upgrade of ONTAP so that we can fix the issues.

Here are the blog posts from Cormac Hogan, Vaughn Stewart and VMware KB article

http://cormachogan.com/2013/02/08/heads-up-netapp-nfs-disconnects/
http://virtualstorageguy.com/2013/02/08/heads-up-avoiding-vmware-vsphere-esxi-5-nfs-disconnect-issues/
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2016122

Disk timeout value for guest OS on Netapp NFS storage

There is a setting which should be applied to all VM guest OS if you are using Netapp NFS storage as your datastore for your VMs. This setting increases the disk timeout value to 60 or 190. The setting is to prevent VM’s from blue screen, restart or lose connectivity if a netapp cluster fail over does occur. Although failovers usually take less than a minute this is a precaution so that the VMs stay up and delay the write to disk for up to 190 seconds. You can get the settings by installing VSC which will give you the ISO to mount onto the vm to apply the change.

Here is the reg value for Windows OS as that is what we primarily use:
HKLM\SYSTEM\CurrentControlSet\Services\Disk\TimeoutValue to DWord 190

Vmware Fling Inventory Snapshot

Recently we have been rebuilding our vCenter to become a virtual machine. Rebuilding vCenter is easy but to take over all the roles, permissions and VM folders it could be a real pain. I found this little app on vmware flings called “inventorysnapshot”.

This application will capture all details including roles, permissions and VM folders. It will then create a powershell script which you then run against the new vCenter. The script would populate all the folders, add the host from the old vCenter to the new vCenter. Move all the VM’s to the correct folder and assign all the permissions!!! How cool is that.

Be aware though, use it when you are doing a complete migration as it removes the host from the old vCenter and add to the new one so notify people before you do the move ^_^. Turn off DRS and HA from the old cluster as well in case

The software can be obtained from here: 

http://labs.vmware.com/flings/inventorysnapshot

Exchange 2010 dropping network packets( vmxnet3)

At my work place we have our Exchange 2010 running completely on VMware. We use SCOM as our main monitoring tool so we purchased Veeam nWorks to pass on all the metrics to SCOM and generate alerts where needed.

Over the pass few weeks we started to receive alerts regarding dropped packets from an host. At first we thought we had over subscribed the bandwidth but after looking at performance charts within vCenter for the host. We noticed that we had been having drop packets for a while but was unaware of the issues as it never hit the threshold for SCOM to send an alert for us. After seeing this we quickly checked across all our host in case we had an underlying issue waiting to happen and found out is was only happening on host which was hosting exchange. Further investigation we discovered it was coming from just our mailbox servers.

There was an article released from VMware regarding this problem. The issue is due to the fact we are using vmxnet3 network cards and when Exchange has a burst of traffic the network card buffers can't take it. The workaround or fix is to increase buffer on the network card. The process is described in the KB article:

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2039495

New Exchange License Cmdlets

We all know the old script to count the Client Access Licenses [CALs] in Exchange 2010 was never 100% accurate... With Exchange 2013, two new cmdlets were introduced: Get-ExchangeServerAccessLicense and Get-ExchangeServerAccessLicenseUser.

Get-ExchangeServerAccessLicense

This cmdlet returns a list of licenses in use in an Exchange 2013 organization, with the legal name of the license as defined in the Microsoft Product List.

If, for example, you want to check all the licenses in your organization, simply run the following cmdlet:

Get-ExchangeServerAccessLicense

The possible license names are:

• Exchange 15 Standard CAL
• Exchange 15 Enterprise CAL
• Exchange 15 Server Standard Edition
• Exchange 15 Enterprise Edition

Get-ExchangeServerAccessLicenseUser

This cmdlet, on the other hand, returns a list of unique users (their fully qualified domain name [FQDN] or primary SMTP address) representing an estimate of the licenses required when it is run.

To check how many users need a Standard CAL, for example, you run the following cmdlet:

Get-ExchangeServerAccessLicenseUser -LicenseName “Exchange Server 15 Standard CAL”

ESXi losing logs after reboot

We recently upgraded from ESX 4.1 (FAT) to ESXi 5 and we were used to having the logs stored on the local disk so that we can do diagnostics when things go wrong. As ESXi can run stateless the logging is stored in memory during runtime by default and if the host was to freeze or you issued a reboot then all the logs would disappear.

VMware gives you options to either create a syslog server to have the host sending information to it, or like me our servers have plenty of local disk space so why not use them to store the logs like before.

Here are the steps to quickly setup using vCentre client:

•  Log on to vcenter and locate your host or use the vCentre client to connect directly to the host.
•  Create a new directory on your local datastore e.g. “logs” 

• Go to “advanced settings”

•  Select “ScratchConfig” and change “ScratchConfig.ConfiguredScratchLocation” to your new path. e.g. "/vmfs/volumes/vhyp002/logs", Click “OK"

• If you go back and view the setting again you will see that the path would have changed to disk UUID instead of the name “vhyp002”

• A quick check on CLI you can you can see the name “vhyp002” has the UUID of “50a6xx” which matches the above

• Give the host a reboot and now when you browse to the local disk folder you will see the logs are writing there

Here is an VMware article which towards the end tells you how to create the persistent scratch area using PowerCLI, vCLI, Tech support mode, vSphere web client ESXi 5.1, kickstart script during build and GUI method I have described above.

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1033696

Office 365 User Group London event 24th January 2013

Most people will now be thinking should we start using cloud services? One of the most obvious service to move would be email. Why email you may ask, well it is probably the most established services out on the internet.

Want to know what benefits it brings to your users and if it is worth moving? Then come along to the Office 365 UK user group in London on the 24th January from 6:30pm - 9pm. Nuno will be doing a presentation on his experience and view of Microsoft's offering of Office 365. See you there


http://o365.co.uk/event/office-365-uk-user-group-london-24th-jan-2013/

London VMUG 24th January 2013

The first VMUG for 2013 in London is on the Thursday 24th January 2013 and is a whole day event. Looking at the agenda it appears to be based around end user computing (EUC). A few interesting ones would be "VMware HA deep dive" and "vCD 5.1 and VXLAN". Hope to see some of you there.

Here is the agenda

• Nutanix Presentation - Alan Campbell and Rob Tribe, Nutanix
• Your Journey to the Post-PC Era - Brian Gammage, VMware
• EUC Panel with VDI Gurus - Brian Gammage, VMware
• Deploying vCD 5.1 and VXLAN - Dan Senior
• VMware HA Deep Dive - Eric Sloof
• Zerto Presentation – How One Company Averted Disaster from the VMworld 2012 - Joshua Stenhouse, Zerto
• 10Zig Presentation – Thin Client Technology at Its Peak - James Broughton, 10Zig
• Big Data for the Uninitiated - Stu Radnidge
• Update – What’s Here and What’s Coming Soon - Spencer Pitts, VMware EUC
• VMware Certification Update - Gregg Robertson
• vCAC - Kim Raynard, VMware
• Networking and Lunch
• Onward Drinks at Pavilion End

Go here to register for the event http://www.vmug.com/e/in/eid=695

550 5.7.1 Unable to relay

Due to a change in our Call Logging system (the application the Help Desk uses to log IT service calls for users), we had to allow it to send e-mails as coming from the Help Desk mailbox to external users.

 

So, I created a new receive connector just for the servers hosting that application and allowed for anonymous users to use it as the application doesn’t support authenticated SMTP...

 

 

This grants permissions to the anonymous account but it still doesn’t give the application relay permissions. If you try to relay using this receive connector, you will get the following SMTP error message:

550 5.7.1 Unable to relay

The ACL that controls relay is the ms-Exch-SMTP-Accept-Any-Recipient. To add this ACL to this receive connector, we have to use Exchange Management Shell:

Get-ReceiveConnector "Infra" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "ms-Exch-SMTP-Accept-Any-Recipient"

Please, don’t forget to keep relay as restricted as possible, as your domain might get black-listed!

 

RVTools - GUI App displaying VM details

I was shown RVTools by a colleague of mine which is a Windows GUI tool to display information about your VMs and ESX host. It is a very lightweight app and provides most of the important information you normally like to know like snapshots, powerstate and CD -ROM connection states. Although you can use powershell to get this information it can sometimes be a pain to get it working !!. So if you need something quick and easy to use then this is the tool.

http://www.robware.net/

SPF Records

To configure Sender ID filtering in Exchange, you must first understand the Sender Policy Framework (SPF) records.

 

SPF records allows software to identify messages that are or are not authorized to use the domain name in the SMTP HELO and MAIL FROM commands, based on information published in a sender policy of the domain owner. Forged return paths are common in e-mail spam. SPF is defined in RFC 4408.

 

SPF records work with sender ID filtering to stop malicious e-mails. The SPF record is a piece of information on the DNS servers that is required by sender ID filtering to determine whether the e-mail message was sent by an authorized server for the specified domain. In simple terms, an SPF record is a listing of authorized SMTP servers for a particular domain or set of domains in the DNS database.

 

Publishing an SPF record in the public DNS allows the recipient SMTP servers to perform a reverse MAIL Exchanger (MX) lookup by cross-referencing the IP addresses of the authorized SMTP servers against that organization’s DNS entry for their domain.

SPF records can be in different formats. Here are a few examples:

 

myvmx.com IN TXT “v=spf1 mx –all”
This indicates that all servers identified by an MX record for the myvmx.com domain are allowed to send e-mails for that domain.

 

v=spf1 mx ip4:192.168.10.10 –all
This SPF record indicates that server 192.168.10.10 identified by an MX record is allowed to send e-mails from my domain.

 

MAIL IN TXT “v=spf1 a –all”
This one indicates that server MAIL is allowed to send e-mails for my domain.

 

myvmx.com IN TXT “v=spf1 ip4:192.168.10.10 –all
This SPF record indicates that a server with the IP address 192.168.10.10 is allowed to send e-mails for the myvmx.com domain.

 

v=spf1 mx mx:mail1.myvmx.com mx:mail2.myvmx.com mx:mail3.myvmx.com –all
Where:
v=spf1 designates that this is an SPF record and it is version 1.
mx mx:mail1.myvmx.com mx:mail2.myvmx.com mx:mail3.myvmx.com means that mail1, mail2 and mail3 are authorized to send and receive e-mails for myvmx.com domain
-all designates that no one besides the IP addresses in myvmx.com’s MX records are authorized to send e-mails.

 

Creating an SPF Record
To create SPF records, you can use Microsoft’s four-step wizard. If you want to use the advanced features of SPF format, you may need to manually edit the SPF record created by this wizard (in this example, myvmx.com).

 

1. The wizard is found online at: http://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/;

 

2. At Identify Your Domain, enter the domain name for which you want to create a new SPF record and click Start;

 

3. At Display Published DNS Records, you’ll see that the wizard checked the DNS for information about myvmx.com, including existing SPF, MX and A records;

 

4. If an SPF record was found, you can verify its contents and use the remaining steps of the wizard to modify the record. If no SPF record was found, you can use information from the domain’s MX and A records to create a new SPF record. Click Next;

 

5. At Create SPF Record, the wizard prompts you to choose proper options to create SPF records. This step is divided into different sections. Your choices are:

 

Domain Not Used for Sending E-Mail
Check this option if this domain is not used for sending outbound e-mail.

 

Inbound Mail Servers Send Outbound Mail
If your inbound mail servers are also used to send outbound mail, you should add this option to your new SPF record.

 

Outbound Mail Server Addresses
If all the IP addresses listed in A records for your domain in DNS are outbound mail servers, you should include this option in your new SPF record.

 

Reverse DNS Lookup
Check this box if all the reverse DNS records (PTR records) for your domain resolve to outbound e-mail servers.

 

Outsourced Domains
Choose this option if domain’s outbound e-mail is routed through another domain.

 

Direct Mailing Status
If your domain only sends mail directly to its intended recipients (it does not send mail to mailing lists), you should add this attribute to the SPF record.

 

Policy Testing Status
If you wish to publish the SPF record in a “testing” mode where it can be read by others servers but its policies will not be implemented, select this option.

 

Default
Does your domain send e-mail from any IP addresses that are not identified in the above sections? Choose appropriate settings for your environment.

 

Scope
What e-mail identities can this SPF record used to validate. Choose appropriate settings for your environment.

 

6. Click Next;

 

7. At Generate SPF Record, the wizard will provide you with the generated SPF records.

 

For more information please go to:
- SPF Record Syntax: http://www.openspf.org/SPF_Record_Syntax
- WikiPedia: http://en.wikipedia.org/wiki/Sender_Policy_Framework