Posts

Showing posts from June, 2012

ESXi Hosts Timing Out During HA Cluster Election

Image
[Guest Post by Jeremy Reiman ] Summary: ESXi hosts timing out during HA cluster election phase after cluster master is selected.  The HA Agent status in vCenter shows as unreachable on all hosts that timed out. Symptoms: ESXi host fails to enable HA Agent and shows error "operation timed out". Error message "[ClusterManagerImpl::IsBadIP] x.x.x.x is bad ip" showing in /var/log/fdm.log on ESXi hosts. TCPdump capture from ESXi host shows packets destined for IP address of other ESXi host are being sent to the MAC address of the firewall.  These should be going to the MAC address of the ESXi host management interface since both reside on the same VLAN. Configuration Info: ESXi host managment interfaces are on the same VLAN. ESXi 4.1 + Firewall is a Cisco ASA5500 running IOS 8.2(2) . Firewall Switch Module running 3.2(5) is also applicable. All network ports are open on the firewall between the vCenter server and the ESXi hosts. Resolution: Disa

Get a powershell code signing cert from a Microsoft CA.

Image
Summary: This took me a little while to figure out.  Here are the basic steps.  This is so you can sign any scripts using your locally available domain CA.  By doing this, you can sign scripts and they will be authorized for use on your local domain.  This is so you can keep your powershell execution policy as remotesigned rather than unrestricted.