Innlegg

Viser innlegg fra desember, 2020

vRealize Orchestrator and Microsoft Powershell Double Hops

Recently started automating Microsoft DNS and the best way in seems to be through Powershell . One of the common ways to deal with this is through a Powershell Host defined in vRO. You set it up securely with HTTPS and Kerberos and specify the credentials of a user with DNS server rights enough to see and manipulate the content of the zones and records you want to automate. So far so good, and you start developing the PowerShell commands you might need. Resolve-DnsName (Get-ADDomain).DNSroot -type ns | ? {$_.type -eq "A"} | select name,Address,IP4Address,IPAddress | ConvertTo-Json -depth 1 -Compress Get-DnsServerZone -ComputerName (Get-ADDomain).DNSroot Get-DnsServerResourceRecord -ComputerName (Get-ADDomain).DNSroot And they all work out nicely when you run them from your Powershell host, but once you run them from vRO in the Powershell session you run into the double-hop auth problem . There are many ways to deal with this, but often you need to thinker both with the Powers

vRA 7.6 Patch 18

Bilde
As it seems every week now VMware releases a hotfix for vRA7.6 https://kb.vmware.com/s/article/70911 Installing these usually go rather smoothly, but today we ran into a smaller issue. Installation got stuck at rpm -Uvh --replacepkgs /usr/lib/vcac/patches/repo/cafe/patchRpms/*.rpm We tried to manually update the packages and found there was a transaction lock warning: waiting for transaction lock on /var/lib/rpm/__db.000 This can be fixed by rebuilding the RPM database. rm -f /var/lib/rpm/__db.00* rpm --rebuilddb Now we were more or less ready to revert to snapshots and restart the whole process when I noticed there is actually a retry option, previously when patches failed we had to restart the whole process.  Cheers VMware that was useful