Summary: I was looking to automate configuration of iDRAC's (Dell Remote Admin Console) synonymous w/ iLOM and many other acronyms. I also wanted to enable domain authentication in a somewhat secure manner. By using a kerberos keytag, I'm able to in the very least obfuscate the username and password into a file for upload into the iDRAC. What follows is a journey into a ridiculous realm. PreReqs: RACADM ktpass Powershell 3.0 (2.0 probably works too, but I was using 3.0 @ the time) Your root CA's cert This is so it AD Authentication can be setup Solution: It's not a complete solution, but hopefully it'll help you get started in your own endeavors. Below assumes the iDRAC has been configured and is available on the network in default config. To generate a kerbero's keytab , you simply need the name and password of a service account (this is simply a Active Directory user account) in your domain. ktpass /pass ReallySecurePas5word /ptype K
Popular posts from this blog
MacOS: AnyConnect VPN client was unable to successfully verify the IP forwarding table modifications.
The VPN client was unable to successfully verify the IP forwarding table modification. A VPN connection will not be established. Summary: I started running into issue utilizing Cisco AnyConnect on my Mac basically complaining about not able to overwrite IP forwarding tables. This was on 4.6.x. Since my VPN endpoints were not providing me w/ an updated client and w/ no access to Cisco Anyconnect downloads, my only option was to try openconnect. It was totally worth it, here is why and how to set it up. PreReqs: Homebrew Installing OpenConnect: Launch MacOS Terminal brew install openconnect Getting VPN IP's/DNS Endpoints from AnyConnect: The information is typically located in your profile xml files located here: /opt/cisco/anyconnect/profile/somethingsomething.xml In the xml file, you are looking for "<HostAddress>typicallyaDNSName.com</HostAddress>" entry. These are your VPN endpoints that you would need to pass to openconnect. Using
Summary: Unable to connect to ESXi/vCenter server with Connect-VIserver cmdlet, get the following error: "The SSL connection could not be established, see inner exception." Be sure to "Set-PowerCLIConfiguration -InvalidCertificateAction:Ignore" if you plan to connect to an ESXi/vCenter that does not have trusted certificate. Interestingly, something must've changed recently because the PowerCLI module actually would output a more descriptive message about setting your PowerCLIConfiguration. This appears to be the case w/ Powershell Core 6.1. I'm actually unsure when this behavior started happening and whether is module or powershell related. Regardless, figured I'd post this since I was initially confused myself when running some things on another system.