Access Deny When Run PowerShell Scripts

You may get access deny when modify particular section of Windows Server. Such as some registry keys or system directories.

The reason is Windows Server protects sensitive part of operating system. This is similar like running command without root permission on Linux. You have to run as administrator to work around access deny problem.

I faced this issue when run guest command on Embotics Commander workflow. Looks like there is no official document talk about this issue. The workaround is disable UAC on Windows Server. Following are some helpful references.

Please refer to Disabling User Account Control (UAC) on Windows Server to understanding impact of disable UAC.

There are plenty of articles on internet talk about how to disable UAC.

There are two steps:

Disable UAC notification in Control Panel.
Change value of key EnableLUA from 1 to 0 in registry path HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionpoliciessystem.

You may need to reboot the server, or wait few minutes.

Validation is you should see a reminder message when run command.

Get SSD Hard Disk Information by PowerShell to HPE Servers

Summary

HPE published an advisor for SSD issue recently. The issue impacts most popular Proliant servers in the world. The remediation is upgrading firmware. Unfortunately HPE doesn’t have a product can easy report hard disk model for Gen9 and earlier models. I have tried HPE OneView and OneView Global Dashboard. However, we can get SSD hard disk information by PowerShell through API.

Solution

Following procedure helps you get SSD hard disk information in large environment.

Make sure you have same credential available on iLO of Proliant servers. It can be local or domain credentials.
Prepare a Windows 2016 or Windows 10 computer with latest patch and internet.
Install HPEiLOCmdlet by following PowerShell command

Install-Module -Name HPEiLOCmdlets

Connecting to HPE iLO.

$Conn = Connect-HPEiLO -IP xxx -User xxx -Password xxx -DisableCertificateAuthentication

Retrieving HPE Smart Array Storage Controller information.

$HardDisks = Get-HPEiLOSmartArrayStorageController -Connection $Conn

Run following command to get physical disk information.

HardDisks.Controllers.PhysicalDrives

Conclusion

PowerShell API is much flexible to get any information of hardware. The solution above is core part. Of course you can leverage ForEach-Object to do some automation report to export to CSV file. PowerShell is not only method, you can also get SSD hard disk information by other API.

Machine Learning Basic – Calculate Euclidean Distance by PowerShell

The core of Machine Learning is to find out rules in a set of data. One basic operation of Machine Learning is “Cluster”. Or simply call it “classify data”. For example, there are 1000 records of toy sales data. It will be useful for proactive new incoming customer’s behavior if we can classify the data to multiple groups (Such as “buy stuffed toys” group and “buy electronic toys” group).

So we need to leverage partition methods to classify the sales data. There are multiple ways to do so. One simple method call “K-Means“. It calculates the distance between each data point and centroids ( Center point of a group ). And then assign data points to the closest centroids. Wikipedia has a detail description of the method.

Hence, as you can see, the key to “K-Means” is to calculate distance. There are several ways of calculation. “Euclidean Distance” is one way. Please refer to Wikipedia for deep dive. Long to short, you need to distribute data to a 2D axis. Each data point has x and y value. “Euclidean Distance” between two data points is:

The formulation is simple, but you have to calculate the distance between each data point to every centroids. Following is a super simple PowerShell code to help calculate Euclidean Distance of a 3 clustered data.

$K1 = (3.67, 9)
$K2 = (7, 4.33)
$K3 = (1.5, 3.5)

$input = Import-Csv "c:tempinput.txt"

$i = 1
foreach ($seed in $input){
    $K1Result= [math]::Sqrt([math]::pow(($K1[0]-$seed.x),2)+[math]::pow(($K1[1]-$seed.y),2))
    $K2Result= [math]::Sqrt([math]::pow(($K2[0]-$seed.x),2)+[math]::pow(($K2[1]-$seed.y),2))
    $K3Result= [math]::Sqrt([math]::pow(($K3[0]-$seed.x),2)+[math]::pow(($K3[1]-$seed.y),2))
    Write-Host "K1 to  A$i distance is $K1Result"
    Write-Host "K2 to  A$i distance is $K2Result"
    Write-Host "K3 to  A$i distance is $K3Result"
    $i++
}

This script assumes you want to partition records to a set of 3 clusters (K1, K2, K3). $K1, $K2, and $K3 are centroids of each cluster (group). You can adjust it according to your purpose.

The script loads records in “input.txt” file then calculates Euclidean Distance of each record. Each record in “input.txt” only has x and y value. Following is a sample of “input.txt“. You can copy it for testing.

x,y
2, 10
2, 5
8, 4
5, 8
7, 5
6, 4
1, 2
4, 9

Following is the result:

K1 to A1 distance is 1.9465096968677
K2 to A1 distance is 7.55968914704831
K3 to A1 distance is 6.51920240520265
K1 to A2 distance is 4.33461647669087
K2 to A2 distance is 5.04469027790607
K3 to A2 distance is 1.58113883008419
K1 to A3 distance is 6.61429512495474
K2 to A3 distance is 1.05304320899002
K3 to A3 distance is 6.51920240520265
K1 to A4 distance is 1.66400120192264
K2 to A4 distance is 4.17958131874474
K3 to A4 distance is 5.70087712549569
K1 to A5 distance is 5.20469979921993
K2 to A5 distance is 0.67
K3 to A5 distance is 5.70087712549569
K1 to A6 distance is 5.5162396612185
K2 to A6 distance is 1.05304320899002
K3 to A6 distance is 4.52769256906871
K1 to A7 distance is 7.49192231673554
K2 to A7 distance is 6.43652856748108
K3 to A7 distance is 1.58113883008419
K1 to A8 distance is 0.33
K2 to A8 distance is 5.55057654663009
K3 to A8 distance is 6.04152298679729

“The terminal process terminated with exit code: 1” in Visual Studio Code when open PowerShell file

When you open a PowerShell file in Visual Studio Code, you may see following error:

The terminal process terminated with exit code: 1

The issue usually occurred on new provisioned system or enterprise environment with restricted security policy. The reason and solution are same like my other post: “Timed out waiting for the PowerShell extension to start” in Visual Studio Code.

Authentication failed when clone git repository on Windows for Bitbucket

I wrote a post talk about how to install Git and integrate with Visual Studio Code for Bitbucket server. Today, I got following message when I cloned a new repository. The reason was incorrect password.

fatal: Authentication failed for ‘https://bb.zhengwu.org/vmware.git/’

Time needed: 10 minutes

Following is express solution for authentication failed for git repository clone.

Open “Credential Manager” on Windows
a. Click Start button
b. Type “Credential Manager” and open it
c. Click “Windows Credentials“.
Change password for Git repository
a. Click your Git repository in the list
b. Click “Edit” to change credential.

Disable Default Untitled Tab in Visual Studio

A new tab with name “Untitled-1” is opened by default when you run Visual Studio if you closed all files last time run Visual Studio. It’s not big deal but annoying. Following is how to disable the default untitled tab in Visual Studio

Click “Manage” button on lower left corner of Visual Studio.
Search keyword “Untitled“.
You will find a option call “Workbench: Startup Editor“.
It’s “newUntitiledFile” by default.
Change it to “none“.

Now. “Untitled-1” tab goes away when you launch Visual Studio next time.

Cisco UCS Error: Applying moref properties. Remote-Invocation-Error.

Cisco UCS Manager shows following errors with code “F1001201”.

Applying moref properties(FSM:sam:dme:MorefImportRootApplyMoRefs). Remote-Invocation-Error: FSM Retries Exhausted.

The reason is Cisco UCS Manager cannot imports some configurations when the UCS is setup.

Solution:

Login to Cisco UCS Manager by SSH.
Run following commands:
- # scope system
If you want to see what is pending on importing please run following commands, otherwise skip this step:
- # show pending-import
- # show pending-import fsm status expand detail
Delete pending imports:
- # delete pending-import
- # commit-buffer
The alerts should go away now in Cisco UCS Manager GUI.

This procedure is online operation without downtime required.

Agentless Management with PowerShell for DELL iDRAC

DELL provides agentless management of iDRAC by PowerShell. It’s more convenience for enterprise level infrastructure compare with HPE Scripting Tools or Cisco PowerTools. You don’t have to install any extra software to retrieve hardware data from iDRAC

DELL provides an article “Agentless Management with PowerShell 3.0 – CIM Cmdlets and iDRAC/Lifecycle Controller” with a sample code which is very detail. The scripts leverage public repos on internet: schemas.dell.com.

But what if your infrastructure is offline or internet is blocked?

After few hours dig into it. I found a workaround works in my environment.

Go to DCIM library profile to find profile of what your iDRAC. (I use DCIM System Info Profile for example)
The document tells what’s the ” Implementation Namespace” and “Central Class”.
Follow sample code in DELL document but when you connect CIM session use following format:

Get-CimInstance -CimSession $session -ClassName <class name> -Namespace <Name space name>

In my sample, the command is:

Get-CimInstance -CimSession $session -ClassName DCIM_SystemView -Namespace "root/dcim"

I have some posts talk about PowerShell. Here is the article to get space utilization of Windows Servers.

Thoughts of VMworld 2019

This is my 7th time been VMworld. It’s a great IT conference. Meet genius people, experience latest technologies, discuss with experts, and listen to other’s ideas. Technology is changing really fast. I still remember VMworld was talking about ‘be pioneers’ few years ago. But now we have moved to cloud world.

‘Virtualization’ was the big focusing when I first time attended VMworld. Now VMware, Microsoft and Red Hat grabbed most of market shares. ‘Virtualization’ is very maturely today. I could see most of 3rd party vendors were focused on ‘performance monitor’ on VMworld 2017. I think the reason was no space on ‘virtualization’ market, but performance monitor was a big market. After two years, we could see lot of great virtualization performance products, such as vRealize Operation Managers, NetApp OCI, Uila…etc. Even open source product like Zabbix, added more support of ‘virtualization’ product. What’s the next?

When I went to Solution Exchange this year. Backup product everywhere, they have big booths and great shows out there. My view is cloud backup would be under spotlights in next few years. The reason is customers are moving from premises to cloud, or somehow leverage cloud. Data protection is a new demand. Every storage vendor plans or already published their data protection product aims to cloud backup. Such as VMware Cloud for AWS for DR. Some new innovators also provide pure cloud based backup services. Such as Clumio, it backups data from premises to AWS cloud with 0 traffic charge.

VMware released ‘Project Pacific’ on VMworld 2019. It aims to native apps and containers. It’s a evolution of vSphere. I think it will renew vSphere product lifecycle and give vSphere administrators more opportunities for next decade if it can be successfully. Think about containers can be vMotion between ESXi hosts, and HA protected…all these vSphere attributes will be part of containers. And everything is manageable under vSphere Client HTML 5 version. I believe it will be VMware’s next big thing.

I joined a session of ESXi on ARM. Looks like it’s still on very early stage. People is still discussing use case of that architecture. One thing is it can be witness node of vSAN cluster. I think the advantage of ESXi on ARM is services are running on a virtual machine on ESXi on ARM. Virtual machine is something easy to protect, recovery or program. It means services are more stable and flexible. This attribute matches mission critical product line. It maybe more usefully on manufacturing. For example a ESXi on Raspberry Pi. It’s portable, low cost, low power consumption, can be survived in hard environment. Looks like a ideal solution. Only thing is service providers may need to cover hardware, ESXi, virtual machine, guest OS and applications. The reason is ESXi on ARM need to be well tuned. I don’t think end users like to do such complex things. What they need is ‘power up, plugin and use’ when they have a small device on hands.

Few other things of vSphere. vMotion performance will be increased. The suspending time will be significantly reduced. It will big help for database virtual machine migration. VMware technical support model will be changed. Current higher level supports will be transferred to ‘Primer Support’. For me, it’s just another way to increasing support cost. 🙂

I hope VMworld will be hosted in other city next year (Looks like not possible). San Francisco downtown is not a ideal place for big conference. It’s tight and expensive. It leads to lower quality of hotel and food.

Convert Virtual Machine of VirtualBox to ESXi

My coworker want to build a virtual machine on ESXi, but vendor only support virtual appliance of Oracle VirtualBox format. VMware has a KB article to show how to “Importing Virtual Machine from Oracle VirtualBox to VMware Fusion, Workstation, or Player (2053864)“. It’s working fine. But it’s not applicable for VMware ESXi.

If you follow the guide to export .ova file and import to ESXi. It will show error below on ESXi 6.0 or later:

Issues detected with selected template. Details….No supported hardware versions among….

After couple of hours’ deep dive. I figured out a way to convert VirtualBox to ESXi. You need Oracle VirtualBox, VMware Workstation or VMware Player and VMware ESXi host.

Select the virtual machine -> Go to main menu -> File -> Export appliance.
Choose the virtual machine.
Make sure Format is “Open virtualization format 1.0“.
Export to a .ova file.
Open the .ova file in VMware Workstation or VMware Player.
The import of the VM maybe failed with following error. Just click Retry button it will work.
The import failed because xxxxx did not pass OVF specification conformance or virtual hardware compliance checks.
Select the virtual machine and go to main menu -> File -> Export to OVF.
VMware Workstation or VMware Player generates .ovf, .mf and .vmdk files.
Edit .ovf file and find the line with keyword “VirtualSystemType“.
Change the value “vmx-XX” to the version lower or equal to your ESXi version.
Edit .mf file and remove SHA256 value of .ovf file in first line.
SHA256(XXXXX.ovf)= xxxxxxxxxxxxxxxxx
Now it’s ready to import to VMware ESXi host.

Conclusion

This procedure is not involve any code or command. There are also couple of other ways to convert VirtualBox to ESXi by ovftool command line. I tried several ways but didn’t work. Maybe I did something wrong.

In step 10, I changed VM version in .ovf file directly. I think you can also leverage VMware Workstation or VMware Player to downgrade the virtual machine’s version in GUI. It should work as long as the version is lower than your ESXi supported VM version.