blog howto server windows

EXCHANGE 2010: SAN Certifcate with mutiple DNS names (private windows CA)

New-ExchangeCertificate -FriendlyName "Exchange 2010 multiple DNS" -IncludeServerFQDN -DomainName mail.*****.***,autodiscover.******.***,computername.*****.local,computername -GenerateRequest -PrivateKeyExportable $true

Copy the full code you receive including the —BEGIN… and —END… lines.
Open the sertificate services web interface.
-Request a certificate -> Advanced certificate request -> Submit a Certificate request by using …
Paste the code you received in the textbox, on the template dropdown select Web Server.
Click Submit.
On the next page click on Download Certificate.
Save the file on disk somewhere.
Go to Exchange console (GUI) – server Configuration – Hub transport – Exchange certificates.
Right click on the pending request and choose “Complete pending request”.
Select the file you saved to disk and finish the wizard.
When finished right click on the now completed certificate and choose “Assign services”.
Assign all services (except Unified messaing), choose YES to All for overwrite.
Delete all other certificates no longer needed.

Test your OWA and see what certificate is now being used.


blog howto server windows

EXCHANGE 2007: Certifcate with mutiple DNS names

New-ExchangeCertificate -GenerateRequest -Path c:\install\mail_cert_request.csr -SubjectName "c=BE, o=******, ou=IT, cn=mail.*****.com" -DomainName: mail.******.com, autodiscover.*****.com, MAILSRV2, MAILSRV.*****.**, mail.****.**-KeySize 1024 -PrivateKeyExportable: $true
certreq.exe -submit -attrib "CertificateTemplate:WebServer" c:\install\MAIL_cert_request.csr

Choose the right CA, choose output folder. Open inside Issued certificates in Cert. MMC. Go to details. Click Copy to -> Complete chain, save as p7b file.

Import-ExchangeCertificate -Path C:\install\mail2.*****.com.p7b
Enable-ExchangeCertificate -Thumbprint 5B485A86***********60A04 -services IIS, POP, IMAP, SMTP
Remove-ExchangeCertificate -Thumbprint oldcertificatesthumbprint

blog howto linux server

DUF show disk usage (human readable) for each folder/file sorted by size

alias duf='du -sk * | sort -n | perl -ne '\''($s,$f)=split(m{\t});for (qw(K M G)) {if($s<1024) {printf("%.1f",$s);print "$_\t$f"; last};$s=$s/1024}'\'
Usage: duf
Tested on: Linux (Redhat, Centos, Debian), Unix (Solaris, SunOS)

blog server virtualization

Install HP offline bundle on VMWARE ESXi v5

EDIT: You can always just download HP’s ready made install ISO for Vpshere 5.

When using the VMWARE iso image on HP Proliant you should install the HP offline bundle for hardware status and event log viewing in the Vsphere client.
Download the files. Check if there are newer versions.

Place host in maintenance mode via the Vsphere Client.
Upload the files to the root folder of the datastore.
My datastore is called DAS600GBRAID10, look up your name and change the path in the commands accordingly.

Run these commands from the Vsphere CLI v5.
esxcli.exe -s -u root software vib install -d /vmfs/volumes/DAS600GBRAID10/
esxcli.exe -s -u root software vib install -d /vmfs/volumes/DAS600GBRAID10/

Change the IP, path and username according to your situation. Password will be prompted for.

If you want to run the command without vCLI then run them on the host in Local Shell or SSH like this:
esxcli software vib install -d /vmfs/volumes/DAS600GBRAID10/
esxcli software vib install -d /vmfs/volumes/DAS600GBRAID10/

Change path according to your situation.

server virtualization

Enable software iSCSI adaptor on ESXi v5

Through SSH or on local console:
esxcli iscsi software set --enabled=true

blog server virtualization

HP ESXi 5.0 image license problem

The vmware.lic file is read only with a free ESXi key inside.

Execute on the command line of the particular ESX host:
esxcli software vib remove -n hp-esx-license --no-live-install
Connect with the VI client directly as root to the host and select by right-click to “shutdown” the host.

blog howto server windows

Errors with ntbackup caused by shadow copy.

Portions of FILENAME cannot be read. The backed up data is corrupt or incomplete. This file will not restore correctly.

I would receive this error numerous times in my ntbackup log.

In my case the C: drive would backup without any issue, but the D: drive would show these errors for every file in use.

My backup destination was a 2TB USB disk (G:) with a newer cluster size that is greater than 512. This is not really an issue for storing the backups. But somehow my shadow copy settings on the D: drive were using the G: backup drive as the place to store the shadow copies for the D: drive. And storing shadow copies on a drive with cluster size != 512 will fail. Note: on the G: drive itself shadow copies are disabled. Not needed for backup drive and will fail anyways because of above mentioned reason.

blog howto linux server

Ubuntu upgrade from 10.10 to 11.04 broke grub

After upgrading my Ubuntu server from 10.10 to 11.04 using the “do-release-upgrade” method, my system would no longer boot.
It was stuck on a GRUB shell. I downloaded the liveCD, booted from that and ran the excellent Boot-Repair utility. I had to install it using apt-get, so you need an internet connection. They should include it in the liveCD. I belive you can also download a Boot-Repair ISO file to boot from.

But the Boot-Repair tool worked great and fixed my GRUB in no time.
I see a lot of problems with GRUB after the upgrade. Maybe it’s a bug that affects people who, in the past, already upgraded from 9.x or 8.x to 10.x. So people who had GRUB v1 at some point in time.

linux server virtualization

GhettoVCB ESX(i) VM’s backup: E-mail logfile

UPDATE: GhettoVCB now has it’s own function to send a report mail. It only works on ESXi > 4.1.

I’m using an excellent script to backup my virtual machines called GhettoVCB. This script works perfect. I wanted to get the daily logfile in my e-mal inbox. I have ESXi (4.0) and i don’t know whether it can e-mail by itself, i think not. But i used a linux VM i am running, to pull the logfile and mail it to me. The linux VM is set up with sendmail and outgoing mailhost is configured. I you don’t have a linux VM, a windows VM or PC can work too. You can use wget for windows to pull the file (syntax would maybe change a little bit) and then blat to mail the file. I won’t go in detail about this.

I have altered the GhettoVCB script to make the backups & logiles use this date syntax “date +%F”. I find it easier to read for humans. You have to adjust this in the Cronjob that calls the ghettoVCB script, the logfile is given as a paramter.
In the script below, please adjust the youruser and yourpass to valid login credentials for browsing the datastore trough https. Usually the user you login with directly on the ESXi. Also adjust the you@domain.tld, place your e-mail address. Pretty simple & basic but it works excellent. Last point, adjust the 192.168.x.y to your ESXi’s IP address.

#grab esxi backup log file and mail it v0.1
#Note the WGET part should be 1 line, no line breaks
#Adjust the youruser & yourpass to valid credentials for logging in to ESXi (browse the datastore)
#Adjust the IP address (192.168.x.y) to your ESXi ip addresss
#In the wget line below, my logs were located in a folder called backup on a datastore called 750GBdisk2
#You could check the syntax of the link by browsing to your datastore and locate the backup log files then look at the addressbar
cd /tmp
wget "https://192.168.x.y/folder/backup/ghettoVCB-backup-$(date +\%F).log?dcPath=ha-datacenter&dsName=750GBdisk2" --user youruser --password yourpass --no-check-certificate
cat /tmp/ghettoVCB* | mail -s "Backup log ESXi4" you@domain.tld
rm -rf /tmp/ghettoVCB*

blog linux server virtualization

Installed ESXi 4 (with FTP & SSH enabled) & migrated VM’s from workstation

UDATE: This is an outdated article, since ESXi 4.1 you can enable SSH (remote & local) from the VI client through “security features” in “configuration”.

After my XenServer5.5 experience i decided to use VMWare ESXi, let’s be honest, the leader in the market.
First problem, installation would fail because no supported NIC was found. I tried several NIC’s such as 3Com 3C509 & Realtek RTL8139 but no luck.
I ordered an Intel PRO/1000 Desktop PCI adapter. I tested with the ESXi 4 CD and it was detected and supported.
Success, then I made a custom ESXi 4 CD with FTP & SSH enabled (trough custom oem.tgz) and installed ESXi. All went flawless.
Since it took some time for me to test the different NIC’s and finally order the Intel NIC. I had already installed VMWare Workstation evaluation on my desktop and had recreated my VM’s. Of course my PC was not 24/24 online so the website I’m writing this on was only at some times available.

After ESXi was installed and running, I used the VMWare Converter Standalone to convert my workstation VM’s to ESXi. The Windows VM went excellent.
The Ubuntu VM was installed through VMWare Workstation easy install mode, and on the ESXi it would boot fine but would not load the correct drivers for the NIC.
I was trying different things on it, but without NIC there wasn’t much i could do. I tried compiling the VMware tools and drivers but had failures.
I finally had to make a new VM with Ubuntu server fresh install and copied the files and exported the SQL database (on my VMWare workstation i could still boot the VM with network access). But after at least 6 hours of work ESXi was running with the 2 VM’s and the website was operational.

Since i use Windows 7 I had to follow a how-to because Vsphere Client fails on Windows 7 (have to copy system.dll and make a batch script). After updates from VMWare the latest Vsphere Client works fine on Windows 7.
Yesterday and today I finished up the Windows VM and moved PC’s in to the domain, copied back files & setup shares.

Now on to some last items, torrentflux-b4rt, truecrypt, moblock, RAS, …