Keith Smith - My Blog

Microsoft

Keith Smith - My Blog > Microsoft

Active Directory Topology Diagrammer

Thursday, May 17, 2018 - Posted by Keith A. Smith, in Automation, Microsoft

Overview

Have you ever wondered…what does our Active Directory structure really look like? Do you want to automate the process of creating a diagram of Active Directory OU? As described on Microsoft’s download page for Active Directory Topology Diagrammer:
The Microsoft Active Directory Topology Diagrammer reads an Active Directory configuration using LDAP, and then automatically generates a Visio diagram of your Active Directory and /or your Exchange Server topology. The diagrams may include domains, sites, servers, organizational units, DFS-R, administrative groups, routing groups and connectors and can be changed manually in Visio if needed.

If you need to create Active Directory drawings for Visio, then this is the utility that is going to do it for you in really detailed fashion.

You Don’t Create the Drawings From Inside Visio
Previous versions of Visio made connections into different data sources. For instance, you could ping networks and connect up to Active Directory. Visio 2016 does not connect up to Active Directory directly, and the Active Directory Topology Diagrammer does not operate from inside Visio.

After downloading the AD Diagrammer, you run it independently. You actually don’t even need Visio on your machine unless you want to edit the diagrams. If you just want to view them, you can just use the Visio Viewer, or upload them to a SharePoint site with Visio Services enabled.

Running the Active Directory Topology Diagrammer



To create your Active Directory diagrams, start the AD Topology Diagrammer and provide it with the domain name in the Global Catalog Server / DNS Domain Name section of the main window. The tabs let you specify which parts of the directory information you want to diagram. You can also choose to update the drawings that are already there or to create new drawings. You can also choose whether or not to diagram the trusted domains, or just provide the details for the trusts. Choose whether you want your diagram to include user counts for each domain diagrammed.




For OU options, you can limit the number of levels to search in an OU and you can also include the names of any GPOs that are applied to an OU.



Options that you can set in the Sites tab let you decide if you want site connections listed, including empty sites, and whether or not to include subnet information in the AD diagrams being created. You can also specify whether or not to include all possible site connections for cases where the sites have more than 2 connections.




The Exchange tab allows the utility to connect into your Exchange Server to diagram the message connectors, as well as options like counting the number of mailboxes per server and overwriting the Routing Group information with AD Sites instead.




There’s only one options for diagramming the application partition, and that’s whether or not to diagram it! Make your choice and you’re done with this tab.



Likewise, you only need to set whether or not to include the DFS Replication settings for the DFS-R tab. There are no other options available for this section.
Finally, you can choose to diagram the servers in the AD Structure:



Options for the Server diagramming include whether to include the OS version that the server is running and whether to include the fully qualified domain name. If you’re mapping multiple domains, it may be helpful to color code them based on what domain they’re in.





Set the File Output Options and You’re Ready To Diagram


In the Options menu, you can modify the location of the diagrams. You can specify different locations for each file that’s going to be created for you.




There are also log files that are created for the AD Export data and any debug info for the Application.



This is a really awesome tool and I hope you find it useful. Happy AD Topo Diagramming Big smile



-End
View Comments 0 Comments
Share Post   

event id 5807

Tuesday, March 27, 2018 - Posted by Keith A. Smith, in Microsoft

I recently encountered a rare event log entry event id 5807

During the past 4.22 hours there have been 24 connections to this Domain Controller from client machines whose IP addresses don't map to any of the existing sites in the enterprise. Those clients, therefore, have undefined sites and may connect to any Domain Controller including those that are in far distant locations from the clients. A client's site is determined by the mapping of its subnet to one of the existing sites. To move the above clients to one of the sites, please consider creating subnet object(s) covering the above IP addresses with mapping to one of the existing sites.

The names and IP addresses of the clients in question have been logged on this computer in the following log file '%SystemRoot%\debug\netlogon.log' and, potentially, in the log file '%SystemRoot%\debug\netlogon.bak' created if the former log becomes full. The log(s) may contain additional unrelated debugging information. To filter out the needed information, please search for lines which contain text 'NO_CLIENT_SITE:'. The first word after this string is the client name and the second word is the client IP address. The maximum size of the log(s) is controlled by the following registry DWORD value 'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters\LogFileMaxSize'; the default is 20000000 bytes.  The current maximum size is 20000000 bytes.  To set a different maximum size, create the above registry value and set the desired maximum size in bytes.

After doing a search for netlogon.log and taking a closer look at the netlogon.log file, I noticed that it doesn’t record the year of each entry, just the day and month.  I scrolling down to the bottom and all the most recent entries, I noticed that the ip address range had not been defined in AD Sites and Services.  The IP’s were from laptops connecting through the VPN which was assigning a completely different subnet,  so I just added the VPN subnet and everything was fine after that.


-End
View Comments 0 Comments
Share Post   

A List of SCCM Log Files

Tuesday, November 28, 2017 - Posted by Keith A. Smith, in Microsoft

The client logs are located in the %WINDIR%\System32\CCM\Logs folder or %WINDIR%\SysWOW64\CCM\Logs (for x64 OS).

The SCCM server log files are located in the \Logs or C:\Program Files\Microsoft Configuration Manager\Logs folder. IIS logs can be found in %WINDIR%\System32\logfiles\W3SVC1 folder.

I recommend using cmtrace to read any sccm logs, cmtrace is located here C:\Program Files\Microsoft Configuration Manager\tools\cmtrace.exe

 

Client Log Files

  • CAS - Content Access Service. Maintains the local package cache.
  • Ccmexec.log - Records activities of the client and the SMS Agent Host service.
  • CertificateMaintenance.log - Maintains certificates for Active Directory directory service and management points.
  • ClientIDManagerStartup.log - Creates and maintains the client GUID.
  • ClientLocation.log - Site assignment tasks.
  • ContentTransferManager.log - Schedules the Background Intelligent Transfer Service (BITS) or the Server Message Block (SMB) to download or to access SMS packages.
  • DataTransferService.log - Records all BITS communication for policy or package access.
  • Execmgr.log - Records advertisements that run.
  • FileBITS.log - Records all SMB package access tasks.
  • Fsinvprovider.log (renamed to FileSystemFile.log in all Service Packs) - Windows Management Instrumentation (WMI) provider for software inventory and file collection.
  • InventoryAgent.log - Creates discovery data records (DDRs) and hardware and software inventory records.
  • LocationServices.log - Finds management points and distribution points.
  • Mifprovider.log - The WMI provider for .MIF files.
  • Mtrmgr.log - Monitors all software metering processes.
  • PolicyAgent.log - Requests policies by using the Data Transfer service.
  • PolicyAgentProvider.log - Records policy changes.
  • PolicyEvaluator.log - Records new policy settings.
  • Remctrl.log - Logs when the remote control component (WUSER32) starts.
  • Scheduler.log - Records schedule tasks for all client operations.
  • Smscliui.log - Records usage of the Systems Management tool in Control Panel.
  • StatusAgent.log - Logs status messages that are created by the client components.
  • SWMTRReportGen.log - Generates a usage data report that is collected by the metering agent. (This data is logged in Mtrmgr.log.)


Server Log Files

  • Ccm.log - Client Configuration Manager tasks.
  • Cidm.log - Records changes to the client settings by the Client Install Data Manager (CIDM).
  • Colleval.log - Logs when collections are created, changed, and deleted by the Collection Evaluator.
  • Compsumm.log - Records Component Status Summarizer tasks.
  • Cscnfsvc.log - Records Courier Sender confirmation service tasks.
  • Dataldr.log - Processes Management Information Format (MIF) files and hardware inventory in the Configuration Manager 2007 database.
  • Ddm.log - Saves DDR information to the Configuration Manager 2007 database by the Discovery Data Manager.
  • Despool.log - Records incoming site-to-site communication transfers.
  • Distmgr.log - Records package creation, compression, delta replication, and information updates.
  • Hman.log - Records site configuration changes, and publishes site information in Active Directory Domain Services.
  • Inboxast.log - Records files that are moved from the management point to the corresponding SMS\INBOXES folder.
  • Inboxmgr.log - Records file maintenance.
  • Invproc.log - Records the processing of delta MIF files for the Dataloader component from client inventory files.
  • Mpcontrol.log - Records the registration of the management point with WINS. Records the availability of the management point every 10 minutes.
  • Mpfdm.log - Management point component that moves client files to the corresponding SMS\INBOXES folder.
  • MPMSI.log - Management point .msi installation log.
  • MPSetup.log - Records the management point installation wrapper process.
  • Ntsvrdis.log - Configuration Manager 2007 server discovery.
  • Offermgr.log - Records advertisement updates.
  • Offersum.log - Records summarization of advertisement status messages.
  • Policypv.log - Records updates to the client policies to reflect changes to client settings or advertisements.
  • Replmgr.log - Records the replication of files between the site server components and the Scheduler component.
  • Rsetup.log - Reporting point setup log.
  • Sched.log - Records site-to-site job and package replication.
  • Sender.log - Records files that are sent to other child and parent sites.
  • Sinvproc.log - Records client software inventory data processing to the site database in Microsoft SQL Server.
  • Sitecomp.log - Records maintenance of the installed site components.
  • Sitectrl.log - Records site setting changes to the Sitectrl.ct0 file.
  • Sitestat.log - Records the monitoring process of all site systems.
  • Smsdbmon.log - Records database changes.
  • Smsexec.log - Records processing of all site server component threads.
  • Smsprov.log - Records WMI provider access to the site database.
  • SMSReportingInstall.log - Records the Reporting Point installation. This component starts the installation tasks and processes configuration changes.
  • SMSSHVSetup.log - Records the success or failure (with failure reason) of installing the System Health Validator point.
  • Srvacct.log - Records the maintenance of accounts when the site uses standard security.
  • Statmgr.log - Writes all status messages to the database.
  • Swmproc.log - Processes metering files and maintains settings.


Admin Console Log Files

  • RepairWizard.log - Records errors, warnings, and information about the process of running the Repair Wizard.
  • ResourceExplorer.log - Records errors, warnings, and information about running the Resource Explorer.
  • SMSAdminUI.log - Records the local Configuration Manager 2007 console tasks when you connect to Configuration Manager 2007 sites.


Management Point Log Files

  • MP_Ddr.log - Records the conversion of XML.ddr records from clients, and copies them to the site server.
  • MP_GetAuth.log - Records the status of the site management points.
  • MP_GetPolicy.log - Records policy information.
  • MP_Hinv.log - Converts XML hardware inventory records from clients and copies the files to the site server.
  • MP_Location.log - Records location manager tasks.
  • MP_Policy.log - Records policy communication.
  • MP_Relay.log - Copies files that are collected from the client.
  • MP_Retry.log - Records the hardware inventory retry processes.
  • MP_Sinv.log - Converts XML hardware inventory records from clients and copies them to the site server.
  • MP_Status.log - Converts XML.svf status message files from clients and copies them to the site server.


Mobile Device Management Log Files

  • DmClientHealth.log - Records the GUIDs of all the mobile device clients that are communicating with the Device Management Point.
  • DmClientRegistration.log - Records registration requests from and responses to the mobile device client in Native mode.
  • DmpDatastore.log - Records all the site database connections and queries made by the Device Management Point.
  • DmpDiscovery.log - Records all the discovery data from the mobile device clients on the Device Management Point.
  • DmpFileCollection.log - Records mobile device file collection data from mobile device clients on the Device Management Point.
  • DmpHardware.log - Records hardware inventory data from mobile device clients on the Device Management Point.
  • DmpIsapi.log - Records mobile device communication data from device clients on the Device Management Point.
  • dmpMSI.log - Records the MSI data for Device Management Point setup.
  • DMPSetup.log - Records the mobile device management setup process.
  • DmpSoftware.log - Records mobile device software distribution data from mobile device clients on the Device Management Point.
  • DmpStatus.log - Records mobile device status messages data from mobile device clients on the Device Management Point.
  • FspIsapi.log - Records Fallback Status Point communication data from mobile device clients and client computers on the Fallback Status Point.


Mobile Device Client Log Files

  • DmCertEnroll.log - Records certificate enrollment data on mobile device clients.
  • DMCertResp.htm (in \temp) - Records HTML response from the certificate server when the mobile device Enroller program requests a client authentication certificate on mobile device clients.
  • DmClientSetup.log - Records client setup data on mobile device clients.
  • DmClientXfer.log - Records client transfer data for Windows Mobile Device Center and ActiveSync deployments.
  • DmCommonInstaller.log - Records client transfer file installation for setting up mobile device client transfer files on client computers.
  • DmInstaller.log - Records whether DMInstaller correctly calls DmClientSetup and whether DmClientSetup exits with success or failure on mobile device clients.
  • DmInvExtension.log - Records Inventory Extension file installation for setting up Inventory Extension files on client computers.
  • DmSvc.log - Records mobile device management service data on mobile device clients.


Operating System Deployment Log Files

  • CCMSetup.log - Provides information about client-based operating system actions.
  • CreateTSMedia.log - Provides information about task sequence media when it is created. This log is generated on the computer running the Configuration Manager 2007 administrator console.
  • DriverCatalog.log - Provides information about device drivers that have been imported into the driver catalog.
  • MP_ClientIDManager.log - Provides information about the Configuration Manager 2007 management point when it responds to Configuration Manager 2007 client ID requests from boot media or PXE. This log is generated on the Configuration Manager 2007 management point.
  • MP_DriverManager.log - Provides information about the Configuration Manager 2007 management point when it responds to a request from the Auto Apply Driver task sequence action. This log is generated on the Configuration Manager 2007 management point.
  • MP_Location.log - Provides information about the Configuration Manager 2007 management point when it responds to request state store or release state store requests from the state migration point. This log is generated on the Configuration Manager 2007 management point.
  • Pxecontrol.log - Provides information about the PXE Control Manager.
  • PXEMsi.log - Provides information about the PXE service point and is generated when the PXE service point site server has been created.
  • PXESetup.log - Provides information about the PXE service point and is generated when the PXE service point site server has been created.
  • Setupact.log Setupapi.log Setuperr.log Provide information about Windows Sysprep and setup logs.
  • SmpIsapi.log - Provides information about the state migration point Configuration Manager 2007 client request responses.
  • Smpmgr.log - Provides information about the results of state migration point health checks and configuration changes.
  • SmpMSI.log - Provides information about the state migration point and is generated when the state migration point site server has been created.
  • Smsprov.log - Provides information about the SMS provider.
  • Smspxe.log - Provides information about the Configuration Manager 2007 PXE service point.
  • SMSSMPSetup.log - Provides information about the state migration point and is generated when the state migration point site server has been created.
  • Smsts.log - General location for all operating system deployment and task sequence log events.
  • TaskSequenceProvider.log - Provides information about task sequences when they are imported, exported, or edited.
  • USMT Log loadstate.log - Provides information about the User State Migration Tool (USMT) regarding the restore of user state data.
  • USMT Log scanstate.log - Provides information about the USMT regarding the capture of user state data.


Network Access Protection Log Files

  • Ccmcca.log - Logs the processing of compliance evaluation based on Configuration Manager NAP policy processing and contains the processing of remediation for each software update required for compliance.
  • CIAgent.log - Tracks the process of remediation and compliance. However, the software updates log file, *Updateshandler.log - provides more informative details on installing the software updates required for compliance.
  • locationservices.log - Used by other Configuration Manager features (for example, information about the client’s assigned site) but also contains information specific to Network Access Protection when the client is in remediation. It records the names of the required remediation servers (management point, software update point, and distribution points that host content required for compliance), which are also sent in the client statement of health.
  • SDMAgent.log - Shared with the Configuration Manager feature desired configuration management and contains the tracking process of remediation and compliance. However, the software updates log file, Updateshandler.log, provides more informative details about installing the software updates required for compliance.
  • SMSSha.log - The main log file for the Configuration Manager Network Access Protection client and contains a merged statement of health information from the two Configuration Manager components: location services (LS) and the configuration compliance agent (CCA). This log file also contains information about the interactions between the Configuration Manager System Health Agent and the operating system NAP agent, and also between the Configuration Manager System Health Agent and both the configuration compliance agent and the location services. It provides information about whether the NAP agent successfully initialized, the statement of health data, and the statement of health response.


System Health Validator Point Log Files

  • Ccmperf.log -Contains information about the initialization of the System Health Validator point performance counters.
  • SmsSHV.log - The main log file for the System Health Validator point; logs the basic operations of the System Health Validator service, such as the initialization progress.
  • SmsSHVADCacheClient.log - Contains information about retrieving Configuration Manager health state references from Active Directory Domain Services.
  • SmsSHVCacheStore.log - Contains information about the cache store used to hold the Configuration Manager NAP health state references retrieved from Active Directory Domain Services, such as reading from the store and purging entries from the local cache store file. The cache store is not configurable.
  • SmsSHVRegistrySettings.log - Records any dynamic changes to the System Health Validator component configuration while the service is running.
  • SmsSHVQuarValidator.log - Records client statement of health information and processing operations. To obtain full information, change the registry key LogLevel from 1 to 0 in the following location:HKLM\SOFTWARE\Microsoft\SMSSHV\Logging\@GLOBAL


Desired Configuration Management Log Files

  • ciagent.log - Provides information about downloading, storing, and accessing assigned configuration baselines.
  • dcmagent.log - Provides high-level information about the evaluation of assigned configuration baselines and desired configuration management processes.
  • discovery.log - Provides detailed information about the Service Modeling Language (SML) processes.
  • sdmagent.log - Provides information about downloading, storing, and accessing configuration item content.
  • sdmdiscagent.log - Provides high-level information about the evaluation process for the objects and settings configured in the referenced configuration items.


Wake On LAN Log Files

  • Wolmgr.log - Contains information about wake-up procedures such as when to wake up advertisements or deployments that are configured for Wake On LAN.
  • WolCmgr.log - Contains information about which clients need to be sent wake-up packets, the number of wake-up packets sent, and the number of wake-up packets retried.


Software Updates Site Server Log Files

  • ciamgr.log - Provides information about the addition, deletion, and modification of software update configuration items.
  • distmgr.log - Provides information about the replication of software update deployment packages.
  • objreplmgr.log - Provides information about the replication of software updates notification files from a parent to child sites.
  • PatchDownloader.log - Provides information about the process for downloading software updates from the update source specified in the software updates metadata to the download destination on the site server.
  • replmgr.log - Provides information about the process for replicating files between sites.
  • smsdbmon.log - Provides information about when software update configuration items are inserted, updated, or deleted from the site server database and creates notification files for software updates components.
  • SUPSetup - Provides information about the software update point installation. When the software update point installation completes, Installation was successful is written to this log file.
  • WCM.log - Provides information about the software update point configuration and connecting to the Windows Server Update Services (WSUS) server for subscribed update categories, classifications, and languages.
  • WSUSCtrl.log - Provides information about the configuration, database connectivity, and health of the WSUS server for the site.
  • wsyncmgr.log -Provides information about the software updates synchronization process.


WSUS Server Log Files

  • Change.log - Provides information about the WSUS server database information that has changed.
  • SoftwareDistribution.log - Provides information about the software updates that are synchronized from the configured update source to the WSUS server database.


Software Updates Client Computer Log Files

  • CAS.log - Provides information about the process of downloading software updates to the local cache and cache management.
  • CIAgent.log - Provides information about processing configuration items, including software updates.
  • LocationServices.log - Provides information about the location of the WSUS server when a scan is initiated on the client.
  • PatchDownloader.log - Provides information about the process for downloading software updates from the update source to the download destination on the site server. This log is only on the client computer configured as the synchronization host for the Inventory Tool for Microsoft Updates.
  • PolicyAgent.log - Provides information about the process for downloading, compiling, and deleting policies on client computers.
  • PolicyEvaluator - Provides information about the process for evaluating policies on client computers, including policies from software updates.
  • RebootCoordinator.log - Provides information about the process for coordinating system restarts on client computers after software update installations.
  • ScanAgent.log - Provides information about the scan requests for software updates, what tool is requested for the scan, the WSUS location, and so on.
  • ScanWrapper - Provides information about the prerequisite checks and the scan process initialization for the Inventory Tool for Microsoft Updates on Systems Management Server (SMS)  clients.
  • SdmAgent.log - Provides information about the process for verifying and decompressing packages that contain configuration item information for software updates.
  • ServiceWindowManager.log - Provides information about the process for evaluating configured maintenance windows.
  • smscliUI.log - Provides information about the Configuration Manager Control Panel user interactions, such as initiating a Software Updates Scan Cycle from the Configuration Manager Properties dialog box, opening the Program Download Monitor, and so on.
  • SmsWusHandler - Provides information about the scan process for the Inventory Tool for Microsoft Updates on SMS client computers.
  • StateMessage.log - Provides information about when software updates state messages are created and sent to the management point.
  • UpdatesDeployment.log - Provides information about the deployment on the client, including software update activation, evaluation, and enforcement. Verbose logging shows additional information about the interaction with the client user interface.
  • UpdatesHandler.log - Provides information about software update compliance scanning and about the download and installation of software updates on the client.
  • UpdatesStore.log - Provides information about the compliance status for the software updates that were assessed during the compliance scan cycle.
  • WUAHandler.log - Provides information about when the Windows Update Agent on the client searches for software updates.
  • WUSSyncXML.log - Provides information about the Inventory Tool for the Microsoft Updates synchronization process. This log is only on the client computer configured as the synchronization host for the Inventory Tool for Microsoft Updates.


Windows Update Agent Log File

  • WindowsUpdate.log - Provides information about when the Windows Update Agent connects to the WSUS server and retrieves the software updates for compliance assessment and whether there are updates to the agent components.
View Comments 0 Comments
Share Post   

SQL Server and Locking Pages in Memory (LPIM)

Wednesday, October 11, 2017 - Posted by Keith A. Smith, in Microsoft

A question came up recently around using the feature to Lock Pages in Memory (LPIM) for SQL Server and is it still needed?

What is LPIM?

When processes are running, they ask Windows for memory to perform operations.  Windows will assign physical memory space to these processes.  When a process has physical memory allocated, and windows needs it back, windows will move that information from physical memory to virtual memory (Page File on Disk).  Accessing data from physical memory is very fast, while from virtual memory, not so much.  When you enable the LPIM feature for a process, you are basically instructing Windows that it cannot take this memory back, and must look else where for it’s needs.

How does it apply to SQL Server?

SQL Server allocates as much RAM as it can from the operating system.  Out of the box, there is no memory limit set (Maximum Server Memory).  There are many formulas out there to calculate this, but lets take the following example.  You have a 64 bit OS with 32 GB of RAM.  You set Max Memory to 26 GB, and leave 6 GB free for Windows to use.  When SQL Server starts up, it will allocate all of the memory it can (26 GB) to the SQL Server process.  It will then begin using this memory to improve the performance of database operations.  If another process outside of SQL starts up (say backup software or a virus scanner) and Windows starts to get low on physical memory, then it will move some of the items SQL Server has stored in physical memory to virtual memory, all the while SQL Server doesn’t know it.  When it needs to access this data in memory, instead of being extremely fast, it is slow since it has to be read from the disk, thus slowing SQL Server down.

When LPIM is enabled for SQL server, then Windows will not be able to move this data to virtual memory.  This allows SQL Server to continue perform at an optimal level.

Why isn’t this turned on by default?

There are some dangers to enabling this feature, that many people don’t know or talk about.  Take the example above, if Windows was in a situation where it was really pressed for memory, and was not able to find it / release it from somewhere else, then Windows would encounter an out of memory error and potentially a blue screen of death (BSOD).  This scenario is not feasible for a production server, so caution must be taken not to allow this to occur.

So should I enable it?

After researching this topic quite extensively, I have come to conclude that this is one of the bigger debates in the SQL Server community.  There are some very smart and influential people on each side of the debate.  That wasn’t enough for me though, I wanted a clear, cut definition on it.  So I dug and dug until I was satisfied with an answer I can live with.

So – what’s the results?

As with anything in technology, IT DEPENDS!

I don’t believe it’s as important today as it used to be, when servers had smaller amounts of RAM and we had 32-bit operating systems and applications.  There are some considerations on to whether you enable it or not and what you set the values to.

Is this a physical or virtual server?

Is this a shared or dedicated server?

Is there one or multiple instances on the server?

Is this a 64 bit server (please say yes)?

Is this a highly utilized server or used for smaller loads?

When setting the LPIM feature, it is important to make sure you also set the Server Maximum Memory setting for the server correctly.  As for myself, luckily I am not a DBA, so I don’t have to dwell over this, but I now know what it is, and why it should or should not be used.

Popular Posts / Debates

Below are a couple of posts that I found useful while digging into this.

Jonathan Kehayias – Recommends it, very in-depth post on the subject –  https://www.red-gate.com/simple-talk/sql/database-administration/great-sql-server-debates-lock-pages-in-memory/

Brent Ozar – doesn’t usually enable it – https://www.brentozar.com/archive/2016/07/video-office-hours-20160706-with-transcriptions/

Other Resources:

Enabling LPIM in SQL 2012 – https://support.microsoft.com/en-us/help/2659143/how-to-enable-the-locked-pages-feature-in-sql-server-2012

Enabling for Process in Windows – https://docs.microsoft.com/en-us/sql/database-engine/configure-windows/enable-the-lock-pages-in-memory-option-windows
View Comments 0 Comments
Share Post   

How to import the VCSA certificate for VMware vSphere

Monday, September 18, 2017 - Posted by Keith A. Smith, in VMware, Microsoft

How to import the VCSA certificate so VMware vSphere browser security warnings go away in Windows 10

  1. Open the Edge or google chrome Brower, type in the FQDN for your VCSA 6.5 then press enter, when warned, click 'Details'.
  2. Bypass the security warning in order to proceed to the Getting Started page of the VCSA
  3. Click on 'Download trusted root CA certificates' on the right to download the zip file which contains the certs
  4. Navigate to the zip file location, extract the contents of the zip. Open the folder downloads folder then go into certs
  5. The certs vary by what OS you are using so choose the right folder then double-click 'filename.0.crt' (your exact filename will vary)
  6. Click 'Install Certificate' and choose local machine (Note: If you get any prompts click yes to proceed)
  7. On the certificate store screen choose place all certifications in the following store and click browse
  8. Select 'Trusted Root Certification Authorities' then click 'OK'
  9. Click next and then finish then ok.

Now to test it close the browser then visit the  FQDN for your VCSA 6.5 you should see the green pad lock now and shouldn’t see the security warning any longer.


-End
View Comments 0 Comments
Share Post   

Page  <12345...6>