Implementing Microsoft CA-issued SSL for vCOps

After deploying the vCSA with SSL certs, I decided it was time to finally fix up all the other services that are running on self-signed certs. Next up, vRealize Operations Manager AKA vCenter Operations (vCOps) . Although there is a KB Article for this, it is pretty limited. For this guide I assume that OpenSSL is installed in C:\OpenSSL_Win64 – update to the relevant path for your environment. I have followed the folder structure from Configuring Certificate Authority (CA) signed certificates for vCenter Server Appliance 5.5 (2057223), using c:\certs as the base. Prerequisites: Required: Configuring OpenSSL for installation and configuration of CA...


SDS and SMS fail when using CA issued certs on VCSA

Today I was deploying the VCSA and thought I’d be smart enough to generate trusted certs for each of the services. Simple, right? There’s even a KB article for it. The issue I had when I got to the end of the process was that the “VMware vCenter Storage Monitoring Service” and “VMware vSphere Profile-driven Storage Service” were showing as failed in vCenter Service Status. After confirming the services were running, I noticed that web service was returning a 503 (Service Unavailable) error. After tearing my hair out and trawling through VMware community threads and KB articles, I finally found...


Manually set proxy details for vCSA

If you have ever had to setup a proxy server on the vCenter Server appliance, you will fast run into some limitations when it comes to the username field.For example, our service accounts are named with the “svc_” prefix, which is apparently invalid due to the underscore. The solution? just set the proxy details from the commandline! SSH to the vCSA Edit /etc/environment:

Modify (or add) the following line:

Save the changes:

Finally, update the environment variable:

From there you should be able to get Internet access to download updates. You can test by using wget...



Long ago, I posted my DFS replication report. This has had a lot of interest of the years, but has not been maintained much in the last few. Enter vCheck, the HTML report framework that I mentioned in one of my previous posts. I have written a number of DFS plugins which can be used with vCheck in order to report on DFS and DFS-R status. At the moment there are the following plugins: 01 List All Domain Namespaces 02 List All Domain Replication Groups 03 List Replication group backlog The script can be downloaded here:



If you have visited my blog before, you may have noticed something different. I’ve been kicking around the idea of updating my blog for quite some time, and finally got around to doing just that. I decided that despite the flexibility it gave me, I was not using the full advantage of Silverstripe. With this in mind, I’ve now shifted to the ubiquitous WordPress blog. This means that I can keep up-to-date a lot more easily, as well as moving to a platform more suitable for my simple needs. And who knows, maybe I will actually blog more often (HA!)


Filling the gaps

It appears that a few of my previous posts were not visible on my blog. I’ve just published these so there isn’t such a massive gap in posts (whoops!). At least it wasn’t *quite* a year gap since the previous post…


vCheck it out!

So if you have been vSphere for some time, you have probably already heard of vCheck. If you haven’t heard of it, vCheck is a HTML reporting framework created by Alan Renouf, designed to generate reports on your environment in an easy-to-digest format. vCheck is a project that I immediately saw great use for, as someone that has written a tonne of scripts in the same vein (DFS, SCOM, CA Spectrum, vSphere, AD… the list goes on), having a standard framework for creating reports is fantastic. Receiving emails in your inbox (or on your mobile device), containing valuable information allows...


Happy 2013

Once again, another massive gap since the last blog entry…oops. In other news, I have now moved to Silverstripe 3 and have a schmick new theme. I also got rid of my ‘guides’ pages, instead relocating them to blog entries, if you’re looking for them. Multiple CDs to DVDs Anyway, see you in a year…or maybe sooner if I get around to it…


2012 Powershell Scripting Games

Bit of a belated post, but over the first two weeks of April I competed in the 2012 Scripting Games. Overall, it was a pretty fun little competition which provided a nice challenge and education in Powershell scripting from an impressive cast of judges. At the end of the judging I was reasonably happy with my results, achieving and average of 4 stars across the ten advanced events. The events were quite varied and most had more than one way to achieve the result. With that in mind there was usually a right way and a…less right way. Unfortunately the sheer number...


SCCM Health Status Script

A few weeks ago I was tasked with babyitting duties on an SCCM environment whilst the regular guy is away. After a few days of logging in and checking site statuses and backups, I decided that it was time to script the task. The challenge of the task being that SCCM 2007 is one of the few products that Microsoft has released lately that doesn’t include Powershell integration. Initially this meant that my script was fairly limited. I was able to check the backup status by hitting the backup directories for each site. If there was a folder named “<<sitecode>>Backup” or “C??Backup”. From there...