It's such a lame topic.
Having trouble just getting a functional disc or whatever together to update the BIOS on a Dell server running ESXi? Use this:
http://linux.dell.com/files/openmanage-contributions/omsa-64-live/OMSA64-CentOS55-x86_64-LiveCD.iso
And put a copy of the BIOS that you need (from the Linux drivers section of support.dell.com - .bin file) on another server on the same network or pop it on to a USB stick (or even another CD/DVD). Copy the BIOS to ~, chmod 777 the file and execute it. Easy as pie. I can't believe this very simple method wasn't plastered all over the internet in place of the 4 bajillion websites that suggest doing a myriad of other painful things. Maybe I suck at searching, who knows.
Tuesday, May 15, 2012
ADM template to disable password saving on IE/Windows authentication dialogs
This is an ADM template to prevent people from saving their credentials in those proxy pop-up dialog type boxes that you tend to come across for things like IIS/Apache auth or outbound proxies (like internet authentication). If you ended up here you were probably looking for this, so here it is:
CLASS USER
CATEGORY "Internet Explorer Password Caching"
POLICY "Disable password caching in Internet Explorer"
KEYNAME "Software\Microsoft\Windows\CurrentVersion\Internet Settings"
VALUENAME "DisablePasswordCaching"
VALUEON NUMERIC "1" VALUEOFF NUMERIC "0"
END POLICY
END CATEGORY;
The important things to note are:
1. In the GPO editor, highlight Administrative Templates and from the top menu choose View -> Filtering... and uncheck "Only show policy settings that can be fully managed." Otherwise you won't see it.
2. Due to the nature of this key, I expect a very crafty user could open up regedit, change the key to 0 (since it is in HKCU) and save their credentials prior to the GPO refreshing it back to 1. I haven't tried it, but if you have users that would have the wherewithal to do that, I'd think silly little blockades like this wouldn't be enough anyways. Also, why aren't you blocking regedit.exe and friends from being run? HrrrmmMMM?
Monday, May 14, 2012
Deleting a Nexus 1000V from vCenter
Pro-tip: If you're planning on deleting your Nexus 1000V dvs from vCenter, hang on to that VM just a little while longer to run no vmware dvs if you can. Otherwise you have to do all this stuff.
The directions on VMWare's site are spot on, just a lot of wasted time that's easily avoided. If you're reading this though it's probably too late anyway!
Friday, May 4, 2012
Oh, it goes in the "repository" directory
File under: Dell Repository Manager and SUU / Dell Systems Build and Update Utility.
If you're making a USB stick with firmware / etc updates, just export it to your local disk, go to the directory it exported to (it'll be named something like SUU_2012-05-04_07-21-33-AM), swipe the "repository" directory out of there and put it on the root of the USB stick. I don't know why this isn't better outlined in the documentation, but maybe I'm not good at reading things.
If you're making a USB stick with firmware / etc updates, just export it to your local disk, go to the directory it exported to (it'll be named something like SUU_2012-05-04_07-21-33-AM), swipe the "repository" directory out of there and put it on the root of the USB stick. I don't know why this isn't better outlined in the documentation, but maybe I'm not good at reading things.
Wednesday, May 2, 2012
Emulex OCe10102-FX firmware upgrades
If for some reason you ever find yourself in the undoubtedly very common situation where you need to update a very old firmware/boot code version on some Emulex 10g OCe10102-FX cards that you just received and they're installed in an ESXi box, have I got some delightful news for you!
Maybe not delightful. But, since I couldn't find any references to this anywhere, I thought I'd share.
Here are what I considered my options to accomplish the task at hand:
Option 1: So there's this Emulex OneConnect vCenter plugin that's a bit weird but I expect gets the job done in better cirumstances - it actually requires (for lack of a better term) a proxy Windows server that runs a service that does all the heavy lifting (I just ended up installing it on my vCenter server for my own sanity). Fortunately, it has an interface to update the firmware. Unfortunately, attempting to update the firmware via that interface just resulted in a "job" that sat out there forever and did nothing until I restarted the (Windows) service.
Option 2: There are some fine instructions here that give a very straightforward look in to creating a WinPE boot disk with the Emulex offline utilities and Windows AIK that can be used for updating firmware. However, when I went to use my disk, my cards were all identified by the Emulex drivers as OCe10100 cards and they wouldn't update the firmware due to it being for a different adapter type.
Option 3: A loatheful option, but the one I started chasing - build up a Windows or Linux server and plug as many cards in to it as possible and just bulk update them using the normal Emulex tools. This isn't terribly helpful if you don't have a spare server lying around or if you're, I don't know, in any sort of hurry, but I couldn't figure out any other way of pulling this off.
On a whim I shot an email over to Emulex's technical support telling them about the misidentified cards in a WinPE environment and they responded with this:
In any event, no ISO yet and my Windows box will be plugging away at the cards in the morning if it's able, but there it is. If anyone's curious, the current firmware on most of these cards is 2.703.269.30. Seeing as the current version I downloaded is 4.0.360.3, I suppose I can see how issues might arise.
Edit: The provided ISO from Emulex worked dandily!
Maybe not delightful. But, since I couldn't find any references to this anywhere, I thought I'd share.
Here are what I considered my options to accomplish the task at hand:
Option 1: So there's this Emulex OneConnect vCenter plugin that's a bit weird but I expect gets the job done in better cirumstances - it actually requires (for lack of a better term) a proxy Windows server that runs a service that does all the heavy lifting (I just ended up installing it on my vCenter server for my own sanity). Fortunately, it has an interface to update the firmware. Unfortunately, attempting to update the firmware via that interface just resulted in a "job" that sat out there forever and did nothing until I restarted the (Windows) service.
Option 2: There are some fine instructions here that give a very straightforward look in to creating a WinPE boot disk with the Emulex offline utilities and Windows AIK that can be used for updating firmware. However, when I went to use my disk, my cards were all identified by the Emulex drivers as OCe10100 cards and they wouldn't update the firmware due to it being for a different adapter type.
Option 3: A loatheful option, but the one I started chasing - build up a Windows or Linux server and plug as many cards in to it as possible and just bulk update them using the normal Emulex tools. This isn't terribly helpful if you don't have a spare server lying around or if you're, I don't know, in any sort of hurry, but I couldn't figure out any other way of pulling this off.
On a whim I shot an email over to Emulex's technical support telling them about the misidentified cards in a WinPE environment and they responded with this:
Oh, I get it. My firmware is too old to update to a newer version.This is an indication that the firmware on the adapter is fairly old. To work around is a bootable ISO image that will install the newer firmware version into the adapter.Due to release policy inside Emulex, I will need to request the ISO be sent to you. You will receive an email from another Emulex employee to get the ISO.
In any event, no ISO yet and my Windows box will be plugging away at the cards in the morning if it's able, but there it is. If anyone's curious, the current firmware on most of these cards is 2.703.269.30. Seeing as the current version I downloaded is 4.0.360.3, I suppose I can see how issues might arise.
Edit: The provided ISO from Emulex worked dandily!
Subscribe to:
Posts (Atom)