Windows Connect to NFS Share

Windows Connect to NFS Share KB ID 0001861

Problem

I have an old Buffalo NAS box I use on my test network, its shared between some Windows servers and is also used by my vSphere ESX deployment as a datastore. I replaced my main admin server which had a drive mapped to the device and ‘forget’ how I’d mapped the drive originally, so it took me a while to work it out again.

Windows Connect to NFS Share: Solution

The first task is to install NFS client which you can do with the following PowerShell command.

[box]

Install-WindowsFeature NFS-Client

[/box]

Then to map the drive (persistently as Drive Letter S:) use the following command.

[box]

New-PSDrive -Name 'S' -PSProvider FileSystem -Root '\\server-name\folder-name' -Persist -Scope Global

[/box]

Your drive should now be present like so.

Windows Connect to NFS: SMB1 Warning Message

In my case, my target is a very old NAS box that still used SMB1, in production this might be a concern but as this is my test network and there only ever me on it, I enable SMB1 on the Windows 2022 server (Note: Add it as a feature from Server Manager).

Error: You can’t connect to the file share because it’s not secure. This share requires the obsolete SMB1 protocol which could expose your system to attack.

I’ve put the link to my normal SMB1 article below.

Related Articles, References, Credits, or External Links

SMB1 Is Dead? (Unfortunately Not Yet)

Adding Windows Server NFS Shares to VMware ESX

VMware vSphere: Adding NFS Storage

VMware Cannot Remove / Unmount an NFS Store

Windows 11 Unsupported CPU

Unsupported CPU KB ID 0001878

Problem

I needed to upgrade a Windows 11 VM from 21H2 to 23H2, as is recommended I installed the PC Health Check, I was surprised to see this error.

The processor isn’t currently supported for Windows 11.
More about supported CPUs
Processor Intel Xeon CPU E5-2650 v3 @ 2.4GHz

I say surprised, because although this was a VMware virtual machine it was ultimately on a HPE DL360 Gen 9 – which is getting on, but is in no way ancient.

Solution : Windows 11 Unsupported CPU

I’ve written before about to how to bypass the lack of a TPM, but you can also get Windows 11 to bypass the processor check also.

Launch the registry editor (regedit) and navigate to the following location

[box]

HKEY_LOCAL_MACHINE > SYSTEM > Setup > MoSetup

[/box]

Note: On my 21H2 VM the MoSetup Key did not exist, so I had to create that key first!

Create a new 32 bit DWORD value called AllowUpgradesWithUnsupportedTPMOrCPU and set it value to 1 (one).

You should now be able to perform the upgrade without error.

Start and end results of winver prove the upgrade was then successful.

Related Articles, References, Credits, or External Links

NA

Install RSAT (Remote Server Administration Tools)

 RSAT KB ID 0000099

Problem

Windows RSAT (Remote Server Administration Tools) is a suite of tools from Microsoft that allows IT administrators to remotely manage and administer Windows Servers and other Microsoft services from a Windows client machine. These tools are essential for system administrators to perform various tasks without needing to log directly into the server.

Here is a list of some of the primary tools included in RSAT:

  • Active Directory Administrative Center (ADAC): A graphical interface for managing Active Directory.
  • Active Directory Users and Computers (ADUC): A tool to manage users, groups, computers, and organizational units in Active Directory.
  • Active Directory Sites and Services: Used to manage the configuration of Active Directory sites, subnets, and services.
  • Active Directory Domains and Trusts: Manages domain trusts and functional levels.
  • Active Directory Module for Windows PowerShell: Provides a set of cmdlets for administering Active Directory.
  • DHCP Server Tools: Includes the DHCP Management Console, DHCP Server cmdlets for Windows PowerShell, and the Netsh command-line tool.
  • DNS Server Tools: Includes the DNS Manager snap-in and the DNS Server cmdlets for Windows PowerShell.
  • Group Policy Management Tools: Includes the Group Policy Management Console (GPMC) and the Group Policy Object Editor.
  • Hyper-V Tools: Provides the Hyper-V Manager snap-in and the Hyper-V Module for Windows PowerShell for managing Hyper-V servers.
  • File Services Tools: Includes the File Server Resource Manager (FSRM) snap-in and command-line tools, and the Distributed File System (DFS) Management snap-in.
  • Network Policy and Access Services Tools: Includes the Network Policy Server (NPS) console and the Routing and Remote Access Service (RRAS) console.
  • Remote Desktop Services Tools: Includes the Remote Desktop Licensing Diagnoser Tool, the Remote Desktop Services Manager, and the Remote Desktop Connection Manager.
  • Server Manager: A tool for managing roles and features on Windows servers.
  • Windows Server Update Services (WSUS) Tools: Includes the WSUS console and PowerShell cmdlets for managing Windows updates.
  • Failover Clustering Tools: Includes the Failover Cluster Manager snap-in and PowerShell cmdlets for managing failover clusters.
  • Storage Explorer Tools: For managing storage area networks (SANs).
  • IP Address Management (IPAM) Tools: Includes the IPAM client console and PowerShell cmdlets for IP address management.
  • Best Practices Analyzer (BPA): Tools that help administrators ensure their servers are configured according to best practices.

Solution : Install RSAT

Installing RSAT with PowerShell

To see what can be installed open an administrative PowerShell Window and execute the following command.

[box]

Get-WindowsCapability -Name RSAT* -Online | Format-List Displayname

[/box]

To install them ALL use the following command.

[box]

Get-WindowsCapability -Name RSAT* -Online | Add-WindowsCapability -Online

[/box]

Installing RSAT with DISM

To see what can be installed open an administrative Command Window and execute the following command.

[box]

DISM.exe /Online /Get-Capabilities | find "Rsat"

[/box]

Below I’m checking to see if the RSAT tool I want (the Group Policy Management Tool) is already installed  – as it returned State: Not Present I then installed it

[box]

DISM.exe /Online /Get-CapabilityInfo /CapabilityName:Rsat.GroupPolicy.Management.Tools~~~~0.0.1.0

DISM /Online /Add-Capability /CapabilityName:Rsat.GroupPolicy.Management.Tools~~~~0.0.1.0

[/box]

Installing RSAT Graphically

You can of course install the RSAT tools without issuing a command! Settings > System > Optional Features.

View Features > Type RSAT in the search option > Select the tools required  > Next.

Add > Go and have a coffee it can take a while!

 

Related Articles, References, Credits, or External Links

Windows 8 – RSAT Tools Will Not Install?

Stop Mac Screen Dim When on Battery

Mac Screen Dim KB ID 0001876

Problem

I work primarily on a macbook, (it’s usually perched on my lap while I work). My current (and my first) macbook had magsafe charging, which is a nice feature, but when you work with a laptop on your knee you are constantly knocking the magsafe charger, which results in an annoying ‘I’m NOT charging, and now I AM charging  again’ noise (I can cope with). But as soon as it’s on battery power it dims the screen which would not be a problem if it turned the brightness back up when main power resumes!

Here’s how to STOP that from happening,

 

Solution: Mac Screen Dim

Click the ‘Apple Logo’ (top left of your screen) > System Settings > Battery > Options.

Disable/Deselect ‘Slightly dim the display on battery  > Done.

For something that’s annoyed me for a while. that was a remarkably easy fix.

Related Articles, References, Credits, or External Links

NA

VMware vSphere Adding vTPM

vTPM KB ID 0001875

Problem

I’ve been asked about this a couple of times in the past, back then my test bench was running a mix of ESX 6.7 and 6.5 so I could not test and document the process. Now Everything is running ESX 8.x I can test the procedure in anger. The reason is because I was met with this today.

TPM 2.0 must be supported and enabled on this PC

So what’s a TPM, and a vTPM and why is that important?

Trusted Platform Module (TPM): A hardware component that enhances security by providing cryptographic functions and secure storage of cryptographic keys. It is used for tasks such as device authentication, secure boot, and encryption.

Virtual TPM (vTPM): A virtualised version of a TPM that provides the same functionality as a physical TPM but is implemented in software within a virtualised environment. It allows virtual machines (VMs) to use TPM features without requiring a physical TPM chip in the underlying hardware.

Key Functions of vTPM:

  • Secure Boot: Ensures that a system boots using only software that is trusted by the manufacturer.
  • Device Authentication: Verifies the integrity of the device and its software before it is allowed to connect to the network or perform sensitive operations.
  • Encryption Key Storage: Stores cryptographic keys securely, preventing unauthorized access even if the VM is compromised.

Use Cases:

  • Cloud Computing: Provides security features for VMs in cloud environments, ensuring that each VM can have its own isolated and secure TPM instance.
  • Virtualization Platforms: Enhances security in environments using hypervisors such as VMware, Microsoft Hyper-V, or KVM.

Implementation:

  • Software-Based: Implemented as part of the virtualization software stack.
  • Isolation: Each vTPM instance is isolated from others, ensuring that the security properties of TPM are maintained even in a multi-tenant environment.

Advantages:

  • Scalability: Easily scalable across many VMs without the need for physical TPM hardware.
  • Flexibility: Can be deployed in various virtualized environments and cloud infrastructures.

To summarise, vTPM provides the security benefits of TPM in virtualised and cloud environments, enabling secure operations and cryptographic functions for virtual machine

Solution: VMware vTPM

vTPM Prerequisites

To install and configure a vTPM (Virtual Trusted Platform Module) on VMware ESXi, certain prerequisites must be met to ensure compatibility and proper functionality. Here are the main prerequisites:

  • VMware ESXi Version: vTPM is supported on ESXi 6.7 and later versions. (If you have 1x older host then you will NOT be able to utilise vTPM).
  • VM Hardware Version: The virtual machine (VM) must be configured with hardware version 14 or higher. This ensures that the VM can support the vTPM functionality.
  • vSphere: vSphere 6.7 or later is required. This includes both vCenter Server and the ESXi hosts.
  • UEFI Firmware: The VM must be configured to use UEFI (Unified Extensible Firmware Interface) firmware instead of BIOS. vTPM is not supported with legacy BIOS firmware.
  • Key Management Server (KMS): A Key Management Server must be configured and accessible. VMware vSphere requires a KMS to manage the encryption keys used for VM encryption and vTPM. This cannot be done with the ‘built in’ Native Key Provider.
  • Virtual Machine Compatibility: Ensure that the guest operating system of the VM supports TPM. Most modern operating systems, including Windows 10, Windows Server 2016/2019, and certain Linux distributions, support TPM.
  • Permissions: Appropriate permissions are required to configure vTPM. Ensure that you have the necessary administrative privileges in vCenter Server to configure VM options and encryption settings.

vTPM: Adding VMware Native Key Provider

With you vCenter selected > Configure > Key Providers > Add > Give the Key Provider a sensible name > Untick “Use Key provider only with TPM protected ESXi Hosts  (Recommended)* > Add Key Provider.

*Note: Each ESXi server DOES NOT need to have its own physical TPM chip unticking this option lets you deploy vTPM to a VM on ANY host regardless of whether it has a TPM chip or not.

Before it can be used you have to back it up > Select you Key Provider > Backup > Tick ‘Protect this Native Key Provider with a password (Recommended) > Supply and conform a password > Tick “I have saved the password in a secure place” > Backup Key Provider.

Adding vTPM to a Virtual Machine

Right click the VM in question  > Edit Settings.

Add New Device > Trusted Platform Module > OK.

I Dont See Trusted Platform Module?

Yeah, I knew all my pre-requisites had been met, but if you’ve read from the start you will know this VM came from a 6.7/6.5 environment, so not being able to add a vTPM was probably a hardware version problem, to save you googling Hardware version 14 is ESX 6.7 compatibility, so you have to change the compatibility, like so.

 
Right click the VM > Compatibility > Upgrade VM Compatibility > Yes > Select a version that 6.7 or newer > OK.

Note: If you cannot perform this procedure, you can bypass the check for both a TPM and an unsupported CPU by following the procedure in the following article.

Windows 11 Unsupported CPU

Related Articles, References, Credits, or External Links

NA

What is Latency?

What is Latency? KB ID 0001874

What is Latency?

I hear people use the word ‘Latency‘ a lot, mostly without ever really understanding what it is, unlike its close relations bandwidth and thoughput* which are measurments of data, latency is a measurment of TIME, and in a lot scenarios is variable depending on what’s happening.

*Note: Too low bandwidth and thoughput can increase latency.

There will always be latency, becasue we are bound by the laws of physics, to pass a ‘light pulse’ down a fibre optic cable from London to Paris, will take less time than it will to pass that same lightpulse from London to New York. We call this propogation delay.

  1. Propagation Delay: This is the time it takes for a signal to travel from the sender to the receiver through the physical medium (such as fiber optics or copper cables). The speed of propagation is close to the speed of light but can vary slightly depending on the medium.
  2. Transmission Delay: This is the time required to push all the packet’s bits onto the wire. It is influenced by the size of the packet and the transmission rate of the network.
  3. Processing Delay: This is the time taken by network devices like routers and switches to process the packet header and make forwarding decisions. Processing delays are generally very small but can add up across multiple devices.
  4. Queuing Delay: This occurs when a packet waits in a queue before it can be transmitted. Queuing delays can vary significantly depending on the network congestion and the configuration of the network devices.
  5. Propagation Distance: The physical distance between the source and destination plays a critical role in latency. Longer distances naturally result in higher latency due to the increased time it takes for signals to travel.
  6. Network Congestion: High traffic volumes can cause congestion in the network, leading to increased queuing delays and, consequently, higher overall latency.
  7. Bandwidth and Throughput: Although bandwidth is the maximum rate of data transfer, actual throughput can be lower due to various factors, including network congestion and overheads. Lower throughput can contribute to higher latency.
  8. Protocol Overheads: Different network protocols have various overheads associated with them. For instance, the Transmission Control Protocol (TCP) has higher overhead due to its error-checking and recovery features compared to the User Datagram Protocol (UDP).
  9. Hardware and Software Limitations: The performance of network hardware (like routers, switches, and network interface cards) and software (such as drivers and network stacks) can impact latency. Faster and more efficient hardware and software reduce latency.

Latency is typically measured in milliseconds (ms) and can be assessed using various tools and techniques, such as ping tests and traceroute commands. Lower latency is especially crucial for applications requiring real-time interaction, such as online gaming, video conferencing, and financial trading systems.

Minimizing network latency involves optimizing network infrastructure, improving hardware and software efficiency, and ensuring adequate bandwidth and throughput to handle the expected traffic load.

What is Latency and Why is this Important?

Well the complaint is nearly always “We are experiencing latency issues“, usually when the ‘users’ are having performance issues with ‘something’. Now sometimes the problem IS the network (shock & horror). But all the bandwidth/Thoughput and Low latency in the worlds will not help you if you have a poorley coded application, or your DNS is not seup correctly.

But it’s not just old and poorley coded applications that require low latency Some application platforms we take for granted can suffer for example.

  1. Online Gaming: Real-time multiplayer online games require low latency to ensure smooth gameplay and quick reactions. High latency can result in lag, making the gaming experience frustrating and uncompetitive.
  2. Video Conferencing: Applications like Zoom, Microsoft Teams, and Skype require low latency to facilitate real-time communication. High latency can cause delays, leading to awkward conversations and reduced communication quality.
  3. Voice over IP (VoIP): Services like Skype, WhatsApp, and other internet-based telephony services need low latency to provide clear and immediate voice communication. High latency can cause echo and delays, making conversations difficult.
  4. Financial Trading: Stock trading platforms and high-frequency trading systems rely on low latency to execute trades in milliseconds. Even minor delays can result in significant financial losses or missed trading opportunities.
  5. Telemedicine: Remote medical consultations, surgeries, and other healthcare services often require low latency to ensure accurate diagnostics and timely intervention.
  6. Augmented Reality (AR) and Virtual Reality (VR): AR and VR applications need low latency to provide immersive and responsive experiences. High latency can cause motion sickness and degrade the user experience.
  7. Industrial Automation and Control Systems: Manufacturing processes, robotics, and other industrial applications require low latency for precise control and real-time monitoring to ensure safety and efficiency.
  8. Autonomous Vehicles: Self-driving cars and drones rely on low latency for real-time data processing and decision-making to navigate safely and respond to dynamic environments.
  9. Cloud Gaming: Services like Google Stadia, NVIDIA GeForce Now, and Xbox Cloud Gaming stream games from the cloud to users’ devices. Low latency is critical to provide a responsive gaming experience comparable to playing on a local console or PC.
  10. Smart Grids: Advanced electrical grid systems require low latency for real-time monitoring and control to manage power distribution efficiently and respond to fluctuations in demand and supply.
  11. Remote Desktop Applications: Tools like Remote Desktop Protocol (RDP) and Virtual Network Computing (VNC) require low latency to provide a seamless and responsive experience when accessing and controlling a remote computer.
  12. Live Streaming: Interactive live streaming platforms like Twitch and YouTube Live require low latency to ensure minimal delay between the broadcaster and viewers, enabling real-time interaction through chat and other features.

Ensuring low latency for these applications often involves optimizing network infrastructure, using efficient communication protocols, and sometimes deploying edge computing to process data closer to the source.

Related Articles, References, Credits, or External Links

NA

 

Proxmox Update Package Database Error

Update Package Database KB ID 0001873

Problem

More of an annoyance than a problem to be honest, but every 24 hours I get the following errors logged against every host in my Proxmox cluster.

Description ‘Update Package Database’

If you drill down into that error, you will see.

TASK ERROR: command ‘apt-get update’ failed: exit code 100

Solution : Update Package Database

This happens because (by default) the Proxmox VE install comes with the enterprise update repositories enabled, and you probably don’t have an Enterprise subscription. It’s a pretty easy fix, you just need to disable the Enterprise repositories, and enable the free (No subscription) repository.

Select the host you wish to change, Updates > Repositories > Locate the enterprise Repository and select it > Disable.

Here I have a second Enterprise repository so I’ve also disabled that > Add > Change the repository to ‘No Subscription‘ > Add.

This is what it should look like, Note: Green tick and ‘You get updates for Proxmox VE‘.

Now go to the updated tab > Refresh > Task should complete without error.

Repeat the process on your other Proxmox VE hosts.

Related Articles, References, Credits, or External Links

NA

Proxmox HA Cluster

Proxmox HA Cluster KB ID 0001872

Problem

Proxmox HA Cluster: As the name implies this allows the cluster to ‘restart’ failed virtual machines on another host in the cluster in the event of a host failure. Unlike VMware (that has a vCenter appliance to do this) in Proxmox it can be configured from any host. Which may seem like an advantage – but the GUI can get a little ‘clunky’ whilst configuring HA.

Proxmox used ‘Quorum based” or “Majority node clustering” If you’ve ever done clustering on Microsoft SQL or with Hyper-V or Set up a Microsoft Exchange DAG this should be a familiar concept. In those cases you needed a ‘witness’ if there were only two nodes in the cluster (to have the extra ‘vote’ in a fail scenario). That does not mean in Proxmox you cannot have a TWO NODE cluster, but it does mean if the nodes lose sight of each other, (to avoid a split-brain scenario) the hosts will continue to function but only in read only mode. The only way to rectify that is to manually give a host an additional vote with the following command.

[box]

pvecm expected 1

[/box]

You can also have a ‘witness node’ which would be another machine that was running corosync-qdevice but that’s outside the scope of this article

So aim for a cluster of at least THREE NODES, to keep things simple.

Solution : Proxmox HA Cluster

Proxmox HA Cluster Prerequisites

1. Proxmox VE hosts built (with Static IP addresses)

2. SSH Access (TCP port 22) to/between all hosts.

3. If there’s a firewall between the hosts UDP Port range 5405 to 5412 needs to be open between hosts.

4. Some shared storage i.e. NFS, iSCSI etc.

5. Optional:  A dedicated NIC for replication, for small deployment this is not necessary.

Creating a Proxmox HA Cluster

Log onto your first host, Datacenter > Cluster > Create Cluster > Give the cluster a name > Create.

Clunky Alert! We are waiting for it to say TASK OK, which it will say quite quickly, but in the background, it replaced the digital certificate that was being used for the very web session you are using! So if you don’t want to stare at this screen for ages wondering what is going on, have a cup of coffee, then hit ‘refresh’ and log back in again.

Whilst in the Cluster section > Join Information > Copy Information.

Proceed to your SECOND HOST > Datacenter > Cluster > Join Cluster > Paste in the information from the previous step  > Enter the Root password for the first host > Join HA Cluster. Again things can get a bit clunky – I prefer to have a management window open to host 1 so I can see what’s happening.

Again it will look like its ‘hung‘ > Wait a while and hit refresh.

Now we have a two node cluster.

Repeat those steps to add a third host.

Adding Shared Storage Proxmox HA Cluster

This is all being done in my test lab so I’ve simply created an NFS Share on a Windows Server to present as shared storage. Datacenter > Storage > Add > NFS > Add the relevant information (ENSURE you select both Disc image AND ISO Image) Add,

Adding a VM to Proxmox HA Cluster

First we need a VM, (if you already have one skip this step) Right click a host > Create VM.

Give the host a name > Next > Select the Datastore > Select the ISO* > Set the guest OS type > Next > Select you Datastore again (twice) > Bus Device set to IDE** > Next

*Note: If you can’t see you ISO file make sure it’s in the //nfs-root/template/iso folder!

**Note: If you want SCSI then read the following article.

Proxmox Windows Drive Missing

Set the number of sockets and cores > Next > Set the amount vRAM > Next > Select Network requirements > Next > Finish.

Allow HA on a Proxmox VM

Once we have a VM created, then to protect it with HA > Datacenter > HA > Add > Select VM > Add.

Once its status reads ‘Started” it will be protected.

Testing Proxmox HA Cluster

As you can see (above) my Windows VM is running on host 1, I’m going to simulate a failure of this host (by disconnecting its network card). As you can see the constant ping I have running to that VM begins to fail.

But after a while the VM is restarted on Host 2 and my pings start getting replied to. Remember folks: On Windows you need to enable ICMP on the firewall, or it won’t respond at all!

Proxmox HA Cluster ‘HA Groups’

The final thing to be aware of are ‘HA Groups’ which you can use to enforce certain rules on hosts and guest VMs. Datacenter > HA > Groups > Create > Give the group a name.

Restricted: Think of this like a VMware affinity rule – you can define which hosts a virtual machine ‘can’ run on.
Nofallback: If there is no requirement for VMs to return to the original node they resided on then select this option.

  

Then to add VMs to the HA Group > Datacenter > HA > Add > Select the VM and THEN SELECT THE HA-GROUP.

Here you can see I restricted the two VMs to hosts 2 and 3 and they have been migrated accordingly.

Related Articles, References, Credits, or External Links

Proxmox on VMware

Proxmox you do not Have a Valid Subscription

Proxmox Windows Drive Missing

Proxmox Windows Drive Missing  KB ID 0001871

Problem

When attempting to deploy a Windows VM, in this case Server 2022, you do not see the local storage.

     

Solution

I’ve been in this situation a hundred times in the past, (usually on physical servers). The problem is simply Windows does not have the driver for the storage controller. There two ways you can approach the problem,

Option 1: Proxmox Windows Drive Missing

The simplest ‘fix’ is simply to redeploy the VM with a bus device type of IDE.

Option 2 : Proxmox Windows Drive Missing

The second option is to have an iso with the VirtIO driver on it, and Proxmox will present it for you is you use the following option. This will require you to have downloaded the drivers on an ISO file and have that file ready to present to the VM (in addition  to the Windows setup .ISO).

Then at the problem screen select ‘Load Drivers‘.

Browse.

Next > Follow the rest of the install procedure.

NOTE: Before I start getting emails! Yes you can also add the drivers to the Windows install media, this is a straight forward procedure using DISM and you can find instructions here.

Related Articles, References, Credits, or External Links

NA