VMware Player vs. Virtual Network Editor

Those of us that work with VMware Workstation and use multiple networks (physical NICs or VLANs) on the host computer, are used to work with the Virtual Network Editor. This tool assigns network connections on the physical host to virtual networks. A VM can then be assigned to a virtual network adapter that is linked to a specific adapter on the physical host.

It may seem that this tool is missing if one has only the VMware Player at hand. But it comes with the installation package - it just needs to be extracted.

Follow these steps to extract the Virtual Network Editor: (in the example below D:\Downloads\ is the download location)

1. Download the VMware Player installation package (needs a registration with VMware)
2. Open a command line and change to D:\Downloads\
3. Run the following command: [VMware Player installation package] /e ./Extract (this will extract the contents to a subfolder "Extract")
4. Open the subfolder Extract and look into the network.cab file
5. Extract the files inside the .cab file into the VMware Player installation folder
6. Run vmnetcfg.exe if you need the Virtual Network Editor

Accessing IE from vbScript

It used to be simple to use Internet Explorer as output for vbScripts. Here is a sample script that opened a custom HTML page and then writes something into a <div id="Status">...</div> stanza.

Dim objIE
Set objIE = WScript.CreateObject ("InternetExplorer.Application")
objIE.Width = 700
objIE.Height = 250
objIE.Toolbar = false
objIE.statusbar = false
objIE.Navigate "D:\Test\Output.html"
objIE.Visible = true
objIE.document.all.Status.InnerHTML = "<font color='#0063FF'><b>Done... waiting 5 secs...</b></font>"
WScript.Sleep (5000)
objIE.Quit

Now with Windows 7 and IE 9 many of those scripts do no longer run but throw errors. Common errors are for example: "The object invoked has disconnected from its client." (80010108) or "Unspecified error" (80004005)

It seems that the original Internet Explorer object gets lost because the web page is loaded into a child process of IE. So any reference to it from a vbScript fails.

A few changes to the above script can work around that issue. It may not be the most elegant but it is working so far.

Dim objIE
Set objIE = WScript.CreateObject ("InternetExplorer.Application")
Set objShellApp = CreateObject("Shell.Application")
objIE.Width = 700
objIE.Height = 250
objIE.Toolbar = false
objIE.statusbar = false
objIE.Navigate "D:\Test\Output.html"
objIE.Visible = true
Set objIE = Nothing
For Each objWindow In objShellApp.Windows
If LCase(objWindow.LocationName) = LCase("Output.html") Then
Set objIE = objWindow
End If
Next
objIE.document.all.Status.InnerHTML = "<font color='#0063FF'><b>Done... waiting 5 secs...</b></font>"
WScript.Sleep (5000)
objIE.Quit

Basically we are looping through all windows and connect (hopefully ;-) ) to the one that has our HTML file open.

Find duplicate MAC addresses #2

In the previous post about finding duplicate MAC addresses in a vSphere cluster we basically used a PowerCLI one-liner (http://adminthoughtcollection.blogspot.com/2011/05/find-duplicate-mac-addresses.html). That was straight forward but you had to dig through a long list of output and basically had to do the search & find manually.

Today's script makes use of a PowerShell hash table. It's output contains only the duplicate MAC addresses and the conflicting VMs.

Basically all MAC addresses get written into the hash table. But before writing them into it a lookup is performed. If the current MAC address has been written to the hash table before it must obviously be a duplicate.

# Get all VMs and their MAC addresses
$VMdata = Get-VM | Get-NetworkAdapter | select MacAddress,Parent

# Initialize the lookup hash table
$VMlookup = @{}

# Loop through all VMs one-by-one
ForEach ($SingleVM in $VMdata)
{
    # If the MAC address is already in the lookup hash table it is a duplicate
    if ($VMlookup.ContainsKey($SingleVM.MacAddress))
    {
        $VMOneNet = (Get-VM $($VMlookup.$($SingleVM.MacAddress)) | Get-NetworkAdapter | Where {$_.MacAddress -eq $SingleVM.MacAddress}).NetworkName
$VMTwoNet = (Get-VM $SingleVM.Parent | Get-NetworkAdapter | Where {$_.MacAddress -eq $SingleVM.MacAddress}).NetworkName        
        Write-Host "$($SingleVM.MacAddress)" -NoNewLine -ForegroundColor Green
        Write-Host " is a duplicate in:"
        Write-Host " * $($VMlookup.$($SingleVM.MacAddress)) [$VMOneNet]" -ForegroundColor Yellow
        Write-Host "and in:"
        Write-Host " * $($SingleVM.Parent) [$VMTwoNet]" -ForegroundColor Yellow
Write-Host
    }
    # Otherwise it is (still) a unique MAC
    else
    {
        $VMlookup.Add($SingleVM.MacAddress, $SingleVM.Parent)
    }
}


Update 2011-08-15: script now also displays the network of the NIC with the conflicting MAC address

How to Configure Automatic Updates for a Standalone Server

If you want to configure Windows Update on a Server that is not member of a Domain you have two options to do that:

• Using Group Policy Object Editor and editing the Local Group Policy object
• Editing the registry directly by using the registry editor (Regedit.exe)

Using Group Policy Object Editor

Open Group Policy Editor (Local Computer Policy)

Computer Configuration\Administrative Templates\Windows Components\Windows Updates

Set "Configure Automatic Updates" to "Enabled"

Set "Configure automatic updating" to the value you like (Values 2-5)

Set "Scheduled install day:" to the value you like (Values 0-7)

Set "Scheduled install day:" to the time you like

Set "Specify intranet Microsoft updates service location" to "Enabled"

Set "Set the intranet updates service for detecting updates" to your WSUS Server:portnumber

Set "Set the intranet statistic server" to your WSUS Server:portnumber

Set "Automatic Updates detection frequency" to "Enabled"

Set "Check for updates at the following" type interval in hours

Using the Registry Editor

The registry entries for the Automatic Update configuration options are located in the following subkey:

HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate\AU

For further information look at: Microsoft Technet

Run command line as NT Authority\System

Another thing that just came up today. I needed a truly elevated command prompt. And by that I mean I needed cmd.exe to run as NT Authority\System.

In the good old days we would just schedule cmd.exe with the good old AT command. (AT 9:08 /interactive "c:\windows\System32\cmd.exe") But what does a current Windows Server 2008 R2 system say to it?

Warning: Due to security enhancements, this task will run at the time
expected but not interactively.
Use schtasks.exe utility if interactive task is required ('schtasks /?'
for details).
Added a new job with job ID = 1
hmm admin is not happy. Starting an interactive cmd.exe using Server Manager's Task Scheduler did also not work.

What helped? psexec from the Sysinternals suite did the job!
Here is the command:
psexec.exe -i -s -d cmd /accepteula
(-i for interactive, -s for NT Authority\System, -d for do not wait for termination of the new cmd.exe, and /accepteula for 'I am in a command line and I do not want to switch to the mouse to click Accept')
In the newly opened command prompt I was really NT Authority\System:

C:\>whoami
nt authority\system
Admin was happy again ;-)

Simple VM inventory using PowerCLI

I needed a script that did a simple inventory of production VMs in a vSphere cluster. The output includes the VM name, its IP addresses (only if VMware Tools are installed), its network names, all .vmdk's and the notes field.

Here is the script:

# We go through all VMs that have a 'Production'-notes entry
$AllPrdVMs = Get-VM | Where {$_.Notes -like "Prod*"} | Sort Name
Foreach ($SingleVM in $AllPrdVMs)
{
$VMName    = $SingleVM.Name
# The following two lines enforce the use of an array.
$VMNetwork = @($SingleVM | Get-NetworkAdapter)
$VMHDDs    = @($SingleVM | Get-HardDisk)
# The following line only works if VMware Tools are installed
$VMIP      = $SingleVM.Guest.IPAddress
$VMNote    = $SingleVM.Notes
Write-Host ($VMName) -ForegroundColor Red -NoNewLine
Write-Host (" " + $VMIP) -ForegroundColor Yellow
# Here we loop through the arrays - even if there is only one member
For ($Count = 1; $Count -le $VMNetwork.Length; $Count++)
{
Write-Host $VMNetwork[$Count - 1].NetworkName
}
For ($Count = 1; $Count -le $VMHDDs.Length; $Count++)
{
Write-Host $VMHDDs[$Count - 1].Filename -ForegroundColor Blue
}
Write-Host ($VMNote)
Write-Host
}


PS: First post with syntax-highlighting ;-)

Remote Session Disconnected

Your remote session may be disconnected with the message: "The remote session was disconnected because the terminal server client access license stored on this computer has been modified"
At this point you should remove the saved terminal server licenses from the client registry. Delete the following key from the registry:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSLicensing

The key will be created the next time you log on to the Terminal Server.
Additional information can be found: http://support.microsoft.com/kb/315262

Sessions for Microsoft TechEd 2011 North America are online

Many different sessions are online and downloadable. Security, management, background information etc.
Here is the link to the site:
http://channel9.msdn.com/Events/TechEd/NorthAmerica/2011

Terminal Server Temp Profile

Sometimes users complain because they makes changes in their Windows Terminal Server Session and the settings are lost after they logged out.

The problem is that the User Profile is not saved on a Windows Terminal Server.

You can solve this problem by deleting an entry in the registry:

"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList"

Under this hive you can find a folder for every user. Find the folder with a .bak at the end and delete it.

Failed HP VCA installation

Just had it today. An HP Version Control Agent (version 6.3.0.870, x64) failed to install. Basically the cp013991.exe crashed under Windows Server 2008 R2. But no real error message.

What helped? Ran the cp013991.exe and selected Extract...
Then in an elevated command prompt I ran the vcagent.msi
Finally got an error message: A previous version was still installed. :-) (A previous update from the HP Version Control Repository had failed, leaving the older version of VCA in an undefined state.)

So I uninstalled the previous version manually and could re-install the current version.

Check for expired passwords

How can I check if an Active Directory password is already expired? It is useful for one own password but also to check if password expiration is the reason why a certain user cannot login.

I found this PowerShell script in one of my PowerShell profiles (PS: I did not create it. I think i got it from here http://blogs.msdn.com/b/adpowershell/archive/2010/02/26/find-out-when-your-password-expires.aspx).

Here is the script:

new-alias -name Get-PWExp -value "Get-XADUserPasswordExpirationDate"


function Get-XADUserPasswordExpirationDate() {
Param ([Parameter(Mandatory=$true,  Position=0,  ValueFromPipeline=$true, HelpMessage="Identity of the Account")]
[Object] $accountIdentity)
PROCESS {
$accountObj = Get-ADUser $accountIdentity -properties PasswordExpired, PasswordNeverExpires, PasswordLastSet
if ($accountObj.PasswordExpired) {
echo ("Password of account: " + $accountObj.Name + " already expired!")
} else { 
if ($accountObj.PasswordNeverExpires) {
echo ("Password of account: " + $accountObj.Name + " is set to never expires!")
} else {
$passwordSetDate = $accountObj.PasswordLastSet
if ($passwordSetDate -eq $null) {
echo ("Password of account: " + $accountObj.Name + " has never been set!")
}  else {
$maxPasswordAgeTimeSpan = $null
$dfl = (get-addomain).DomainMode
if ($dfl -ge 3) { 
## Greater than Windows2008 domain functional level
$accountFGPP = Get-ADUserResultantPasswordPolicy $accountObj
if ($accountFGPP -ne $null) {
$maxPasswordAgeTimeSpan = $accountFGPP.MaxPasswordAge
} else {
$maxPasswordAgeTimeSpan = (Get-ADDefaultDomainPasswordPolicy).MaxPasswordAge
}
} else {
$maxPasswordAgeTimeSpan = (Get-ADDefaultDomainPasswordPolicy).MaxPasswordAge
}
if ($maxPasswordAgeTimeSpan -eq $null -or $maxPasswordAgeTimeSpan.TotalMilliseconds -eq 0) {
echo ("MaxPasswordAge is not set for the domain or is set to zero!")
} else {
echo ("Password of account: " + $accountObj.Name + " expires on: " + ($passwordSetDate + $maxPasswordAgeTimeSpan))
}
}
}
}
}
}

Nicely designed themes for Ubuntu (with Gnome 2)

I really like the Bisigi themes for Ubuntu with Gnome 2 (no support for Unity planned). They beautifully designed and also un-cluttered.

Here is the website:

http://www.bisigi-project.org/?lang=en

Firefox tweaks to improve Google Reader experience

These are settings I usually set in every Firefox instance I use.
In about:config make these settings:

dom.popup_maximum = 20000

browser.tabs.loadDivertedInBackground = True

Find VM snapshots

VM snapshots can eat up a lot of storage space. Sometimes snapshots get created automatically by backup software but are not automatically deleted.

A little PowerCLI script to find virtual machine snapshots in a vSphere cluster.

Get-VM | Get-Snapshot | Select VM,Name,SizeMB,Created | Sort SizeMB -Desc

PS: The size is interesting, also the age of the snapshot, the name sometimes makes it clear if it was a manually or automatically created snapshot.

Find duplicate MAC addresses

In the physical world duplicate MAC addresses rarely happened. In the virtual world this can happen quite easily. How to find those?

A little PowerCLI script that looks through all VMs in a vSphere cluster / vSphere host and sorts entries by MAC addresses:

Connect-VIServer [server name]
Get-VM | Get-NetworkAdapter | select MacAddress,Parent,NetworkName | sort MacAddress


Update: see also 2nd entry: http://adminthoughtcollection.blogspot.com/2011/08/find-duplicate-mac-addresses-2.html

First post

The idea behind this blog is to collect ideas and solutions in connection with real life admin work. To have it all in one place will hopefully help me to find things again ;-)