openssl.cfg for vcenter 5.0 (not 5.1)

for god sakes please use ver .9.8, if you use 1.0, the pfx wont work correctly and web services will be broke and you will be pulling your hair out.


add sans to openssl.cfg
# Extensions to add to a certificate request

basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
subjectAltName= @alt_names

req_extensions = v3_req
And in the v3_req section:

[ v3_req ]
subjectAltName = @alt_names

DNS.1 = in2vc01
DNS.2 =
IP.1 =

openssl.exe genrsa 1024 > rui.key

mine had to be 2048

openssl.exe genrsa 2048 > rui.key

openssl req -config openssl.cfg -new -key rui.key > rui.csr
openssl req -text -noout -in rui.csr
to verify

submit as 64 to cert, approve

openssl pkcs12 -export -in rui.crt -inkey rui.key -name -passout pass:testpassword -out rui.pfx

# Get the hostsystem object for every host currently disconnected.
$VMhosts = Get-View -ViewType ‘Hostsystem’ `
-Property ‘name’ `
-Filter @{"Runtime.ConnectionState"="disconnected"}

Foreach ($VMhost in $VMhosts)
# Create a reconnect spec
$HostConnectSpec = New-Object VMware.Vim.HostConnectSpec
$HostConnectSpec.hostName = $
$HostConnectSpec.userName = ‘root’
$HostConnectSpec.password = ‘password’

# Reconnect the host
$taskMoRef = $VMhost.ReconnectHost_Task($HostConnectSpec,$null)

# optional, but i like to return a task object, that way I can
# easily integrate this into a pipeline later if need be.
Get-VIObjectByVIView -MORef $taskMoRef

vCenter 5 upgrade leaves convertor red in health for service status

I ran into an issue where an upgrade to vCenter 5 left some trails of convertor behind… very annoying as i want it to be all green!!
here is the fix

get ldp, you don’t have to if you are server 2008 r2
run click cmd run as admin

connection -> connect to your vc
connection -> bind

view -> tree
leave base dn blank
double click dc=virtualcenter,DC=vmware,DC=int
double click on OU=Health,DC=virtualcenter,DC=vmware,DC=int
double click on
double click on random string below it

right click

and choose delete

restart vc, log back in, and go click refresh!

welcome back all green!!


find vms with resource settings and set ram

$vms = Get-VM
foreach ($vm in $vms){
$vmre = $vm | Get-VMResourceConfiguration
if ($vmre.MemLimitMB -ne ‘-1’){
$rp = $vm | Get-VMResourceConfiguration
$rpvmmb = $rp.MemLimitMB
write-host $vm ", mem granted= " $vm.memorymb ", mem resources = " $rpvmmb

cooler one to only show when they don’t match!

$vms = get-vm
foreach ($vm in $vms){
$vmre = $vm | Get-VMResourceConfiguration
if ($vmre.MemLimitMB -ne ‘-1’){
$rp = $vm | Get-VMResourceConfiguration
$rpvmmb = $rp.MemLimitMB
if ($vm.memorymb -ne $rpvmmb){
write-host $vm ", mem granted= " $vm.memorymb ", mem resources = " $rpvmmb

ibm pos with rdms everywhere

get-vmhost | where {$_.Version -match "4.1"}| get-vmhostadvancedconfiguration -Name Scsi.CRTimeoutDuringBoot
get-vmhost | where {$_.Version -match "4.1"}| set-vmhostadvancedconfiguration -Name Scsi.CRTimeoutDuringBoot -value "1"

get-vmhost | where {$_.Version -match "4.1"}| get-vmhostadvancedconfiguration -Name VMkernel.Boot.iovDisableIR
get-vmhost | where {$_.Version -match "4.1"}| set-vmhostadvancedconfiguration -Name VMkernel.Boot.iovDisableIR -value:$true

VMlogix is a piece of shit.

here is a script to detect with it explodes (and it will) by using the cpu values, if the rp is less then 9Ghz, it reboots it.

i have this a task to check every 30 mins for now, will probably change it to 15 when i feel like it

[powershell]#script to reboot labman if cpu useage is lower then expected.
connect-viserver atl-mis-vc01.eclipsys.lan
$uptimeweee = (get-stat -entity (get-vm atl-vmlm01) -stat sys.uptime.latest -maxsample 1 -realtime).Value
if ($uptimeweee -ge 1800){
$cpuuse = (Get-Stat -entity (Get-ResourcePool "LabManager-RP") -Stat cpu.usagemhz.average -MaxSamples 75 -realtime | Measure-Object Value -Average)
$cpuuse = $cpuuse.Average
Write-Host $cpuuse
if ($cpuuse -le 9500){
get-vapp LabManager | stop-vapp -Confirm:$false -ErrorAction:SilentlyContinue
sleep 30
get-vapp LabManager | start-vapp -Confirm:$false -ErrorAction:SilentlyContinue
else {Write-Host "Not up long enough!"}
Disconnect-VIServer -Confirm:$false[/powershell]

Let’s build some vm’s


Connect-VIServer vcenter
$sr = Get-VM zTemplate2008R2SP1
$datastore = Get-Datastore ssd-nodeup
$num = 10
$vhost = get-vmhost esx-03*
while ($num -le 20){
$num2 = ($num-12)
Stop-VM 2008r2sp1-$num2 -Confirm:$false
$vm2 = New-VM -Name "2008r2sp1-$num" -VM $sr -Datastore $datastore -VMHost $vhost
Start-VM 2008r2sp1-$num
$num = ($num+1)

Stage 4, no power :(

add-pssnapin VMware.VimAutomation.Core -ErrorAction SilentlyContinue
#stage 4, we are fucked, and probably wont get power back. kill them all.
$hoeson = (get-vmhost | where {$_.Powerstate -eq "PoweredOn"})
$hoeson | Stop-VMHost -Confirm:$false -Force:$true

Stage 3, Getting low on power….

Hell, where even going to stop a host now…
add-pssnapin VMware.VimAutomation.Core -ErrorAction SilentlyContinue
#stage 3, now we are running leaning, and also fuck a host for good measure
$vmsilike = "dc1","vcenter","exchange2010","sql"
$vmson = (get-vm | where {$_.powerstate -eq "PoweredOn"})
$dievms = ($vmson -like $vmsilike)
foreach ($vmso in $vmson){if ($vmsilike -notcontains $vmso.Name){
# debug Write-Host $ "shut this bitch down"}}
$fvm = Get-VM $vmso
$toolver = (get-vm $fvm |% {get-View $} | select @{Name="toolsver"; expression={$}})
if ($toolver.toolsver -gt 10000){$fvm | Stop-VM -Confirm:$false}
if ($toolver.toolsver -le 10000){$fvm | Shutdown-VMGuest -Confirm:$false}
$ho = get-vmhost esx-02*
$clu = get-cluster -vmhost $ho
$task = $ho | Set-VMHost -Evacuate:$true -State "Maintenance" -RunAsync
Get-DrsRecommendation -Cluster $clu | where {$_.Reason -eq "Host is entering maintenance mode"} | Apply-DrsRecommendation
$host = Wait-Task $updateHostTask
$ho | Stop-VMHost -Confirm:$false -Force:$true