Monthly Archives: July 2015

VMware vCenter 5.5 appliance max password age

Ran across this issue earlier this week when a customer advised there backup service account had expired. The service account was created as a SSO (Single Sign On) user rather than using a Active Directory account due to a pending domain migration.

To stop this issue from reoccurring they changed the maximum password age from 90 days to a higher value as they couldn’t set this to never expire. Upon testing logon for the service account logon they were repeatedly presented with a password change prompt. Grudging resetting the password only for the prompt to keep reappearing.

1. Logon Screen

Logon

2. Password Prompt

Password_Change

3. Password Change Successful

password_changed

Upon logging again the logon procedure was continually looping round these 3 steps.

To troubleshoot the issue I checked the VMware Password Age Policy and the maximum was set to 99999999 (eight 9’s )which on first look seemed a bit excessive.

password policy

I thought that since the Password Age Policy has changed surely only a value that is valid would be accepted. Anyhow as with most things in IT the simplest answer is the most likely. Let’s peel the onion back and start to undo the last change but also achieve the same goal as the same time. Changing the maximum password age to 9999999 (seven 9’s).

password policy new

Logging on this time is now successful

post_logon

Looks like the maximum is 9999999, so if you really need to you can set the value to this. Best practice would dictate to change any passwords periodically along with a alphanumeric complex password

How to reduce Veeam ONE Database size

Veeam ONE is the monitoring and reporting component of the popular Veeam Availability Suite.

The default installation stores the monitoring data within a Microsoft SQL Express database. Depending on version this will either be a SQL 2008 or SQL 2012 Express which has a maximum size of 10 GB.

I’ve seen an issue in a couple of our customer environments that DB size can grow¬†to the maximum size. Reason being due to a high number of events being generated from a Hyper-V node windows security log. If you are currently running version 8 it is recommended to install the following patch which should resolve the underlying issue from occurring again.

Link to Veeam ONE v8 Update 2 https://www.veeam.com/kb2025

To reduce the size of the database follow the below steps:

Procedure has been tested on a Veeam ONE v8, running Microsoft SQL 2008 R2 Express on Windows Server 2012 R2.

PLEASE NOTE: It is critical to perform a backup of the database before carrying out this procedure. The official line from Veeam is to log a call with support if you come across this issue. So you may want to log a support call as this method may be unsupported.

Due to the high quantity of transaction logs generated during this process I would recommend to delete at maximum 2 weeks data at a time. Then backup the database and then shrink the logs.

1. Stop Veeam ONE Services
Log onto the Veeam One Server
Open powershell as administrator

stop-service VeeamDCS
stop-service VeeamRSS

2. Backup your Veeam ONE SQL database
If you unsure how to do so do this, the following Veeam Knowledge Base article provides instructions
http://www.veeam.com/kb1471
Or alternatively execute the following SQL query

BACKUP DATABASE [VeeamOne] TO  DISK = N'C:\Program Files\Microsoft SQL Server\MSSQL10_50.VEEAMSQL2008R2\MSSQL\Backup\veeamone.bak' WITH NOFORMAT, NOINIT,  NAME = N'VeeamOne-Full Database Backup', SKIP, NOREWIND, NOUNLOAD,  STATS = 10
GO

3. Identify a range of records to delete
Run the following SQL query to identify a suitable date range. To query to see how many rows are affected

USE [VeeamOne]
GO
SELECT * from monitor.Event
where time <'2015-06-06';
GO

4. Execute deletion of required records
If you are happy with the returned values that will be delete.
Run the following SQL query to delete records earlier than the date range specified

USE [VeeamOne]
GO
DELETE from monitor.Event
where time <'2015-06-06';
GO

5. Backup SQL DB again

6. Shrink Transaction Log

USE [VeeamOne]
GO
DBCC SHRINKFILE (N'VeeamOne_log' , 0, TRUNCATEONLY)
GO

8. This step should be carried out only once the database has been trimmed down to a suitable size

USE [VeeamOne]
GO
DBCC SHRINKFILE (N'VeeamOne' , 0, TRUNCATEONLY)
GO

9. Now it should be ok to restart Veeam ONE services to restore service

start-service VeeamDCS
start-service VeeamRSS

Create DFS Replication Healthcheck email report

DFS-R is the replication component of the Distributed File System (DFS). Windows Server 2012R2 introduces powershell cmdlets that can be used for management rather thsn relying on the old dfsutil commands.

Some of the common issues with DFS-R are files not replicating due to network latency or connectivity issues. The knock on effect leads to staging folders becoming full leading and file replication stopping.

If you dont have SCOM or other monitoring tools at hand to monitor DFS-R. The code below can be saved as a ps1 poweshell script and scheduled to run on one of the DFS-R servers. The script generates a healthcheck report and sends the report by email.

Amend the variables at the start to define replication group and email server/recipent/sender details.

Additonal DFS servers can be specified by extending the Write-DfsrHealthReport command by adding the “$DFSservers[..]” variable with array index value.

$DFSGroupName ="Enter DFS Replication group name here"
$DFSservers = (Get-DfsrMembership -GroupName $DFSGroupName |select -ExpandProperty computername)
$foldernamedate = $(get-date -f dd-MM-yyyy)
$source = "C:\DFSReportsImport\"
$destination = "C:\DFSReportsExport\$foldernamedate\DFS_Report.zip"
$emailServer = "mysmtpserver.example.com"
$sender = "sender@example.com"
$recipients = "recipient@example.com"
mkdir c:\DFSReportsImport\$foldernamedate
mkdir c:\DFSReportsExport\$foldernamedate
Write-DfsrHealthReport -GroupName $DFSGroupName -ReferenceComputerName $DFSservers[0] -MemberComputerName $DFSservers[0], $DFSservers[1] -CountFiles -Path c:\DFSReportsImport\$foldernamedate\

Add-Type -assembly "system.io.compression.filesystem"
[io.compression.zipfile]::CreateFromDirectory($source, $destination)
remove-item -path c:\DFSReportsImport\$foldernamedate -Recurse -Force
send-mailmessage -from $sender -to $recipients -subject "DFS Report $foldernamedate" -Body "DFS Report generated from $DFSservers[0]" -smtpserver $EmailServer -attachments "C:\DFSReportsExport\$foldernamedate\DFS_Report.zip"
remove-item -path c:\DFSReportsExport\$foldernamedate -Recurse -Force