VMware: Integrating OpenLDAP into SSO/PSC over LDAPS

Summary:
Quite simply was trying to get an OpenLDAP identity source added to SSO/PSC.  Would work fine using non-secure LDAP, but seemed to have issues when attempting to utilize secure LDAPS.  Simple error, nondescript basically describing that it failed.

Heres what happened in my case:

  1. I had two server URL's defined for my target LDAP servers.
      2. OpenLDAP Config Screen
  2. Since I had the "Protect LDAP communications..." box checked, the next step requires me to either upload the target system's certs and their authoritative chains (think Root Certificate Authority (CA) and Intermediate CA's)
    • If you can, uploading the needed certs would save some time, otherwise you can continue w/ my outlined steps below assuming the spyglass icon works in the same fashion for you.
  3. The cert upload screen has a little spyglass icon that'll pull it down for you, but in my case it would only pull the primary server's cert and associated CA certs.  It would not pull the secondary for some reason.
  4. If I went forward anyway at this point, it would fail.  So I went back a screen, and flipped primary and secondary URL entries, then back to the cert upload screen and hit the spyglass icon again.
  5. Interestingly it pulled the secondary's (now that it was primary) cert now w/ the same associated CA.
  6. I deleted the duplicate CA entry, went back and flipped the primary and secondary back, and finished the wizard successfully.
      7. Cert Upload Screen



labels: , ,
Reactions: 
0 comments
Posted by Chris Nakagaki

Misc: Fire TV Stick 2 Screen Cut Off, no display adjustment option


Summary:
Long story short, Fire TV Stick (2nd Generation) doesn't allow you to calibrate the screen, software wise, forcing you to use your TV settings (if available) to fit the screens content within it's borders.  Super annoying for some apps, but you can fix this dumb issue as I was able to.

If your TV allows you to adjust its settings, then you'd be fine as well, but the Vizio I have, has no such setting.

Solution:
Get the Amazon Fire TV instead.  It's only slightly more expensive, but doesn't suffer the problems the Fire Stick does.



Workaround:
  • First you have to enable ADB debugging (step 1 here) on your fire stick.
  • Next you'll need the ADB provided w/ Android Studio, or you can install w/ brew on the Mac.
    • I prefer brew cause it's easier, keep following steps described by Amazon page if you are using Windows.
    • Open Terminal
    • brew cask install android-platform-tools
  • Next find the IP address of your Firestick
    • Settings --> Device --> About --> Network
Steps after ADB is installed:
  1. Connect to your fire stick using adb
    • adb connect <IPAddressofYourFireStick>
    • For example: adb connect 192.168.20.35
  2. If successful, you should see a return of something like this:
    • connected to <IPAddressofYourFireStick>:5555
  3. Now to adjust, these settings worked for my Vizio VX32L:
    • adb shell wm overscan 65,40,60,28
      • This is what the values stand for:
      • wm overscan LEFT, TOP, RIGHT, BOTTOM-Margin
  4. [Update based on comment: wm overscan ,,, can be run to see changes w/o reboot]
  5. To see the changes you have reboot the stick:
    • adb shell reboot
  6. To verify after reboot go to:
    • Settings --> Display & Sounds --> Display --> Calibrate Display
  7. Repeat Steps 1-5 until your display is calibrated to your particular TVs personality.
Reset to default values:
My assumption is that no overscan is done at factory default, so you should just be able to do:
adb shell wm overscan 0,0,0,0

Reference:
Last comment by AmazingNick is what helped get me on the right path.
labels: , , ,
Reactions: 
13 comments
Posted by Chris Nakagaki

VMware: vSphere Scheduled Tasks w/ PowerCLI (not to be confused w/ Windows scheduled tasks)


Summary:
Question was posted in the communities on how to find scheduled tasks configured against a VM.  I remembered doing it long ago, but I never posted about it.  Also found it weirdly hard to find via Google, so I'm posting here for my own reference or anyone else needing it for that matter.

Example:
labels: ,
Reactions: 
0 comments
Posted by Chris Nakagaki

VMware: Migrating Management(Mgmt) vmk to DVS/VDS fails when moving both vmnic and vmk at the same time.

Summary:
Quite simple, had a script to move physical nics to DVS/VDS w/ management vmk at the same time.  Typically this works w/o issue, but for some reason kept failing.  The answer was dead simple...

Resolution/Workaround:
  1. Spanning Tree Enabled?
    • Enable portfast on the switch ports.
  • Or
  1. Spanning Tree not available?
    1. Move one physical link at a time (assuming more than one physical link available)
    2. Wait for uplink on DVS to come online, then move management/mgmt vmk
Explanation:
Basically, the switch ports that the ESXi servers were uplinked to did not have 'portfast' (physical switchside config) enabled.  Without 'portfast', when moving a physical nic from a standard vSwitch (or vice versa), there is a negotiation downtime the host incurs as the switch/host essentially renegotiates the connectivity.  It's a short window (5-10 sec) that the port goes 'offline', but it's enough for the migration of vmk and physical nics at the same time to fail.

Example PowerCLI Snippet:
labels: , ,
Reactions: 
0 comments
Posted by Chris Nakagaki
Subscribe to: Posts (Atom)