I spent all morning chasing an annoying error in Group Policy Management while trying to delete an old unused OU while logged in as Domain Admin: Group Policy Management Access is Denied Continue reading
I was doing an in-place upgrade of a vCenter 5.5 to vCenter 6 (Windows), when I encountered an unusual error, that didn’t seem to have a relevant KB article or much other information. This was most definitely NOT a database incompatibility, as was indicated by the second error.
It turns out that the solution is buried in the vCenter 6.0 U1b Release Notes
On Windows OS:
Open file C:\ProgramData\VMware\CIS\runtime\VMwareSTS\Conf\Server.xml.
Remove the tag sslEnabledProtocols=”TLSv1,TLSv1.1,TLSv1.2″ from the below line in the server.xml file: <Connector SSLEnabled=”true” sslEnabledProtocols=”TLSv1,TLSv1.1,TLSv1.2″
Restart VMwareSTS and VMwareIdentityMgmtService services.
Start the SSO service.
Of course, in true VMware style, you will find no services with the names “VMwareSTS,” “VMwareIdentityMgmtService,” and/or “SSO,” so after you edit the file, restart all VMware and VirtualCenter services.
Here are the steps:
Edit the file: C:\ProgramData\VMware\CIS\runtime\VMwareSTS\Conf\Server.xml
Remove the text: sslEnabledProtocols=”TLSv1,TLSv1.1,TLSv1.2″
The file should look like this now:
Now restart all of the VMware and VirtualCenter services.
Building Mission Critical VMs on VMware vSphere is pretty simple. There are just a few commonly acknowledged Best Practices with which to adhere, regardless of whether you are installing Windows or Linux:
- Use Paravirtualized drivers wherever possible
- Remove unnecessary hardware from the VM (settings)
- Disable unnecessary or unused devices in BIOS
- Assign no more resources to the VM than are actually required
In the following steps, I am going to be building a VM to serve as Active Directory Domain Controller for my lab (jb-lab.local) on Windows Server 2012. Continue reading