Search This Blog

Batch Script for Creating An User and Adding to Member of Local Administrators Group

I built a batch script to create a local user and add it to the local administrators group. The script requires two arguments – one is the user’s login name, another is the user’s full name. The user’s password is hard-coded, but it can be changed to an argument with a small modification.

@echo off
set PASSWORD=XXXXXXXXX

REM add a local user with password
net user %1 %PASSWORD% /add /fullname:%2

REM add a local user to the administrators group
net localgroup administrators %1 /add

One thing I learned is that not all options (e.g. /fullname) are showed when typing “net user /?”. For more other options, see this Technet document.

Using nmap to Test DNS Server Recursion

  1. Download nmap binaries. For Windows OS, download the command-line zipfile is sufficient.
  2. Unzip the zip file, and install Winpcap and Visual C++ Redistributable Package installer included in the zip file
  3. Open command prompt
  4. Run “nmap –sU –p53 –script=dns-recursion <DNS_Server_IP>
  5. If the server allows resursion, it shows “Recursion appears to be enabled”

To prevent the DNS server from being used for DNS amplification attacks, disable DNS recursion on the public facing DNS server. The DNS recursion should be enabled on the DNS server serving the internal client.

On a Windows DNS server, this can be done under the DNS server properties, Advanced tab, Server options, check the checkbox “Disable recursion (also disable forwarders)”

WinDNS.Disable.Recursion

Use Get-FolderItem.ps1 to Fix PathTooLongException

When using Get-ChildItem to list all files in a folder and its subfolders, it returns the “PathTooLongException” error. This happens when the file path is more than 260 characters.

There are several ways to work around this issue. See this Technet Wiki.

Personally, I found the Get-FolderItem.ps1 script is the easiest one.

  1. Download the script from Microsoft Script Center Repository
  2. Right-click on the script and select Properties, then click Unblock
  3. Launch a PowerShell session
  4. Load the Get-FolderItem function into the session by entering “. <path>\Get-FolderItem.ps1”. (make sure there is a space between the “.” and the script)
  5. Enter “Get-FolderItem –Path <path>” to list all files in the folder and its subfolders
  6. Another use case “Get-FolderItem –Path <path> | Where {$_.LastWriteTime –gt “MM/DD/YYYY” } | Select FullName | Ft –autosize | Out-File c:\temp\modified.file.log.txt –width 4096

For more information about the Get-FolderItem.ps1 script, see this.

Prevent PowerShell Out-File Truncating Output

When trying to list the full path of all files in a folder and its subfolders, the Out-File cmdlet truncats the path for files with the long path.

It turns out that Out-File outputs the data with the same width of the PowerShell console (see Using the Out-File Cmdlet).

To work around the issue, include the –width parameter and specify a different line width(e.g. –width 4096). This outputs every line with 4096 characters long (pedding with spaces).

To output line width to match the longest output, add Ft –autosize before Out-File. For example:

Get-ChildItem -File -Recurse -Path Z:\ | where {$_.LastWriteTime -gt "MM/DD/YYYY"} | select FullName | Ft -autosize | Out-File c:\temp\modified.file.txt -Width 4096

vSphere Memory Ballooning

I know nothing about memory ballooning until I read this post – “How does memory ballooing work”.

Here is my understanding of this topic:

What is memory ballooning?

The ballooning driver (part of VMware Tools) frees up the VM guest memory (active memory + free memory) and makes it available to the Hypervisor (so avoid hypervisor swapping).

How does it work? and how does it impact performance?

The ballooning driver will balloon all ram down to the minimum recommended memory for each operating system + Mem.AppBalloonMaxSlack (16 MB by default, it’s adjustabe from 1 MB – 256 MB). The minimum recommended memory value is set by the operating sytem vendor and hard coded by VMware. It cannot be changed.

For example, RHEL 7’s minimum recommended memory is 512 MB. The ballooning driver will balloon all ram down to 528 MB (512 + 16). If an application in the OS requests more than 528 MB memory, it causes the guest operating system to swap/page. This is better than hypervisor swapping, but still a really bad impact for performance.

 How to avoid Ballooning?

  • Avoid over provisiooning server memory (the best option)
  • Make a reservation for server memory (bad idea in most respects)
  • Do not install VMware Tools (bad idea in every respects)

VMware vRealize Production Test Tool

VMware KB2134520 documents the steps to use vRealize Production Test Tool to validate and test the vRealize Automation configuration and identify potential configuration failures, password expiration, certificate errors and more.

VSAN Storage Controller Cache

In “VSAN 6.0 Design and Sizing Guide” v.1.0.5, April 2015, under Storage controller cache considerations section, “VMware’s recommendation is to disable the cache on controller if possible. Virtual SAN is already caching data at the storage layer – there is no need to do this again at the controller layer. If this cannot be done due to restrictions on the staorge controller, the recommendation is to set the cache to 100% read.”.

However in “VSAN Ready Nodes”“VSAN Ready Nodes”, the storage controller in some configuration includes the cache. For example, the storage controller in the Dell PowerEdge R630.

VSAN.Dell.PER630.Controller

Why includes the controller cache when VMware recommends disabing it?

It turns out the controller cache allows the larger queue depth – see this.

In “VSAN 6.0 Design and Sizing Guide”, VMware recommends the minimum queue depth is 256, and choose a controller with a much larger queue depth when possible.

For more information about the queue depth, see the following

Use WinSCP to Transfer Files in vCSA 6.7

This is a quick update on my previous post “ Use WinSCP to Transfer Files in vCSA 6.5 ”. When I try the same SFTP server setting in vCSA 6.7...