Ratio of Physical CPUs to Virtual CPUs in VMware

Posted by robd on August 06, 2018
powershell, vmware / 1 Comment

My colleague Welsh Dai made this sweet bit of PowerShell to see the ratio of physical CPUs to Virtual CPUs:


Here’s a picture

Tags: , , ,

Auditing Active Directory Password Quality

Posted by robd on April 24, 2018
Active Directory, powershell / No Comments

Hi All,

A chap called Michael Grafnetter has created a brilliant PowerShell script to check password hashes in Active Directory against a list of simple or common passwords.

This is great to encourage users not to use obvious passwords, for example if a company is called Contoso then you’d want to encourage users not to use Contoso1 etc.

Here’s how:

Download the software:


Copy the DSInternals directory to your PowerShell modules directory, e.g.

Launch Windows PowerShell.
(Optional) If you copied the module to a different directory than advised in step 4, you have to manually import it using the Import-Module .\DSInternals\DSInternals.psd1 command.

Next create a text file called passwords.txt and fill it with passwords you’d like to scan for, example:

Then here’s an example script:

First set the password txt file.

Then set the Domain Contoller, in this case DC1

Then set the distinguished name of the OU and sub OUs you can to scan:

Note ” and ‘ are not showing up properly,

$dictionary = Get-Content passwords.txt | ConvertTo-NTHashDictionary Get-ADReplAccount -All -Server DC1 -NamingContext ‘dc=adatum,dc=com’ | Test-PasswordQuality -WeakPasswordHashes $dictionary -ShowPlainTextPasswords -IncludeDisabledAccounts

Here’s an output:

Tags: , ,

365 – Shared Mailbox on a mobile device

Posted by robd on February 06, 2018
Server / 1 Comment

Some users need shared mailboxes on their mobile devices, this can be done via IMAP.

Add a IMAP:

Add the shared mailbox email:

Choose IMAP

This is the most important section; add the user’s username and the name of the shared mailbox, for example: Rob@DOMAIN.LOCAL/SHARED.MAILBOX

Tags: ,

Plex on Ubuntu

Posted by robd on December 11, 2017
Linux, Plex / No Comments

I’m no expert with Linux but I’m trying hard to improve my knowledge, I recently ran through some great CentOS videos on Pluralsight and after that tried to install Guacamole which is a clientless remote desktop gateway.  The long and the short of it is I didn’t get it fully working but really enjoyed the process.

Anyhow as I mentioned in a previous post, I decided to install Plex on a Ubuntu server as I think my problem with Linux is the lack of visual prompts i.e. If I can see or draw something then I often understand the process better.

So after my initial vmware issues, I downloaded and installed Ubuntu and installed VMware tools:

Open the VMware Tools CD mounted on the Ubuntu desktop.
Right-click the file name that is similar to VMwareTools.x.x.x-xxxx.tar.gz, click Extract to, and select Ubuntu Desktop to save the extracted contents.

The vmware-tools-distrib folder is extracted to the Ubuntu Desktop.
To install VMware Tools in Ubuntu:
Open a Terminal window. For more information.
In the Terminal, run this command to navigate to the vmware-tools-distrib folder:

Run this command to install VMware Tools:

Note: The -d switch assumes that you want to accept the defaults. If you do not use -d, press Return to accept the defaults or supply your own answers.

Enter your Ubuntu password.
Restart the Ubuntu virtual machine after the VMware Tools installation completes.

Then I updated Ubuntu:

Next download the Plex Media server package

run from a terminal:

(replace the filename with the name of the package you downloaded)

To setup Plex Media Server, on the same machine you installed the server on, open a browser window, and go to

Then I decided it best to run Plex as a service so if the server rebooted I wouldn’t have to logon:

Finally I need to map a drive so I could access the media (photos etc) on my windows server again in a fashion where if the server rebooted it would map.

To do this you need cifs utils to connect to windows shares:

Then you need to create a directory to mount the share too like so:

sudo mkdir /media/windowsshare

Then add the the share and add the Windows credentials that have permission to the share via the config file /etc/fstab, to add this line:

Finally, test the fstab entry by issuing:

If there are no errors, you should test how it works after a reboot. Your remote share should mount automatically.

See if you have access via Plex.

Tags: , ,

HP G7 N54L running ESXi 6.5 and Ubuntu

Posted by robd on December 11, 2017
Linux / 3 Comments

I run a HP G7 N54L which has ESXi 6.5 installed, its getting old but its brilliant.

Anyhow, I ran a Windows 10 VM which I had Plex installed on, for some reason Plex gave up the ghost so I decided to install Ubuntu and was planning on installing Plex on there.

Grabbed the ISO and installed and 5 minutes after install the Ubuntu server froze, so rebooted, froze again.

After some digging I post a post that mentioned its a hardware issue sorted in ESXi 6.5 update 1.

So downloaded and update my server (note there was a warning that future releases of ESXi wont be supported on this CPU) and ran Ubuntu and it worked flawlessly.


Tags: , , , ,

How to setup Cisco port mirroring to a VM

Posted by robd on December 06, 2017
Networking, vmware / No Comments

Today we needed to mirror a port on a Cisco switch in a country far far away meaning we couldn’t just wander down with a laptop.

So to get around this we decided to mirror the port to a VM that’s on site, here’s how we did it:

There’s two switches between the VM and the port we want to mirror so first we have to setup the port mirroring on every switch using RSPAN (Remote Switched Port Analyser) and a new vlan.

Add an RSPAN vlan to both the switch with the port to mirror, and to the switch that has the packet capture device on.

Then make sure that RSPAN vlan is trunked between the 2 switches and on the VMWARE interface.

Assuming the following;

You use vlan 999 for the RSPAN vlan.

The port you want to mirror is on switch 1 port g1/0/2.

You want to send the mirrored traffic to switch 2 port 1/0/23 (the port that connects to VMWARE).

You are going to use monitor session 1 on both switches. (this can be any session number between 1-66, and can be different on each switch).

On Switch 1 (mirror port 2 and punt out the traffic to 9999)

On Switch 2 (suck in all traffic from 9999 and punt it to port 23)

You can see that the monitoring is set up with;

Network Diagram:

Next, we need to do the VMware side of things:


Setup a new port group on a vswitch:

Although we chose vlan 9999 when its pushed to the new port it will not be tagged so choose all:

Next edit the port group and allow Promiscuous mode, this will allow traffic not destined for the VMs MACs (normal behaviour, any traffic not destined to a VM MAC will be dropped):

Add a NIC to your VM using the port group:

Don’t worry about a IP etc:

Fire up Wireshark:

Look at all these glorious packets:



Tags: , , , ,

DirectAccess IP-HTTPS Error 0x2af9

Posted by robd on October 26, 2017
Direct Access, powershell, Server / 1 Comment

My Windows 10 client wouldn’t connect to our Direct Access severs today, kept just getting Connecting

So to troubleshoot I’d recommend:

Checking your internet connection:

Now its worth running some PowerShell commands to get the actual error:

This likeley means your proxy is in the way of your connection.

Check the settings:


Double check your internet connection


I think its time to check the proxy settings:

Check if you can get to a website via IE and try via another browser such as Firefox.

If you cant then check if your proxy is off:

Now check the windows 10 proxy and the Netsh proxy:

Windows 10, turn it off:

Check the netsh and then turn it off or reset it to IE:

When reset should look like this:


Failing that reset the IP Helper in services.msc or reboot:


The netsh settings fixed it for me, the reason I’d set it was to allow PowerShell out to the internet for Exchange 365 work.

Tags: , , ,

WPAD Proxy Reset

Posted by robd on October 26, 2017
Proxy, Windows 7 / No Comments

Had a strange problem where the proxy was forcing IE to an incorrect proxy server so to fix:

1.Clear the Internet Explorer cache completely: ActiveX Controls, Cookies, History, etc..

2.Close all instances of Internet Explorer.

3.Delete all WPAD script instances. Open a command window as administrator and type the following command:

4.Clear the DNS and Netbios name caches. Open a command window as administrator and type the following commands:


Tags: , ,

Number of critical and security updates needed

Posted by robd on August 09, 2017
WSUS / 2 Comments

Below is a SQL script that will show how many updates are missing that are classified as critical or security for servers on WSUS:



Tags: ,

WSUS – Update Services – Error: Connection Error

Posted by robd on July 03, 2017
WSUS / No Comments

WSUS console kept crashing with the reset console error:

So after doing all the normal IIS stuff, got Microsoft involved and here’s what they did to fix it:

  • We checked and ensured that none of the services crashed or stopped after console crashes,
  • We checked and ensured that WSUSPool was also running,
  • We checked and ensured that SQL service was also running on the remote server,
  • We increased the WSUSPool PrivateMemoryLimit to unlimited by setting it to ‘0’ on the IIS console
  • We also increased the Maximum queue length from 1000 to 3000,
  • We stopped WSUSPool and Restarted the IIS service,

We ran below mentioned on SQL to check and find if there are Obsoletes update to clean up but found none


  • We found that console was failing to connect with below error as well
  • We removed the WSUS mmc from folder %appdata%\Microsoft\MMC\
  • We tried to connect again to WSUS console but with no avail


  • We further investigated and ensured that WSUS s failing to connect with SUSDB as it is timing out
  • We checked and found that SUSDB size was more than 6.5 GB
  • We restarted the SQL Service for instance hosting SUSDB
  • We tried to connect to WSUS console after restarting the service and it connected successfully
  • We see that there were more than 13,000 approved updates on WSUS console
  • This could cause an issue for WSUS to connect as it would take a long time to connect with SUSDB
  • We decided to run PowerShell script to decline superseded updates from WSUS to enhance the performance of WSUS while connecting to SUSDB
  • We ran PowerShell script from below mentioned link to decline superseded updates
  • Superseded updates were declined successfully

  • We changed the WSUS to use customwebsite port 8530 again

  • WSUS was successfully changed to port 8530
  • We tried to open WSUS console and it connected successfully
  • We ran synchronization on WSUS server and it completed successfully

Tags: ,

Copy Protected by Chetan's WP-Copyprotect.