One annoying thing about the vSphere web client is the fact it throws you out after a period of inactivity. Now I know there are straight forward security reasons for this, and on a production environment thats fine. But on my test network theres just me, sighing every few minutes and logging back in again.
As the ‘Flash’ client is getting depreciated I’ll concentrate on the HTML5 client, but I’ll mention how to alter the flash client also. (If your version of VCSA still supports it!_
vSphere Disable Timeout
vCenter Appliance (VCSA) vSphere Disable Timeout
Connect directly to the console or via SSH. to launch a BASH type ‘shell‘, then execute the following commands
[box]
cd /etc/vmware/
ls
[/box]
You will see a folder for vsphere-ui (the HTML5 client)
Note: For older versions of the VCSA, you will also see vsphere-client (the legacy Flash client).
Change directory to the client you want to alter the settings for, then edit the web client-properties file.
[box]
cd vsphere-ui
vi webclient.properties
[/box]
Locate the ‘session.timeout = 120′ value and change it to zero ‘0’ to disable, (or a new figure in minutes).
Note: Navigate with the arrow keys > press ‘I’ to insert > change the text > press ‘Esc’ > type ‘:wq’ to save and exit.
Then restart the HTML5 client with the following commands’
I updated my vCenter to 6.7.0.45100 yesterday, and since then every time I tried to login to the HTML5 web client, it authenticated, let me in, showed me the error (below), then kicked me out again?
Solution
I assumed, (wrongly) that the upgrade had overwritten the webclient.properties file that controls timeouts. this may be you problem, see the following article If my ‘fix’ does not work for you.
In the end my fix was quick and simple, go to add/remove programs and locate the vSphere Enhanced Authentication Plugin (in my case version 6.5.0) and uninstall it.
Related Articles, References, Credits, or External Links
I’ll cover the ones that have tripped me up, if you find some new ones feel free to post them below.
Solutions
Before continuing, the image needs to have the Horizon Agent installing within it, and it has to be the SAME version that your Composer and Connection servers are running, (or newer). Also your Horizon servers are connecting to VMware vCenter using an account, (in a lot of cases that will be the domain administrator account, or an account you setup for this reason), make sure that account has global administrator properties in vSphere.
Also in your image install the LATEST version of VMWare Tools, Note: that might be NEWER than the one that you have on your ESX servers, download it and install it manually, (to do this uninstall the old VMWare Tools, then Uninstall the Horizon Agent, then Install the NEW VMWare Tools, then finally reinstall the Horizon Agent again. (Note: If using Horizon Composer, make sure you install the composer option!)
Horizon Inability to get a licence for your KMS Server.
For sysprep obviously you need to be deploying images with sysprep and NOT quick prep, if you are using sysprep check the error log, (if the error log is empty, then sysprep is not your problem).
Navigate to: C:\Windows\System32\Sysprep\Panther\setuperr.log
Sysprep Problem 1
Problem 0x0f0043 Failed DeleteInstance AntiSpywareProduct
Error [0x0f0073] SYSPRP RunExternalDlls:Not running DLLs; either the machine is in an invalid state or we couldn't update the recorded state, dwRet = 0x1f
Error SYSPRP WinMain:Hit failure while processing sysprep re-specialize internal providers; hr = 0x8007001f
Error SYSPRP Error 0x-2147417850: Failed to re-enable Compat-Gentel custom trigger.[gle=0x0000047e]
Error SYSPRP setupdigetclassdevs failed with error 0
[/box]
This is happening because the machine you are using as your image has been sysprepped too many times, you nee to make some changes on the reference image to reset/rearm it, so it can be sysprepped.
On your image machine run regedit and navigate to;
HKLM > SYSTEM > Setup > Status > Sysprep Status
Ensure the following;
CleanupState is set to 2
GeneralizationState is set to 7
Open an administrative command window and execure the following commands;
[box]
msdtc -uninstall
msdtc -install
[/box]
Back in registry editor navigate to
HKLM > SOFTWARE > Microsoft > Windows NT > CurrentVersion > SoftwareProtectionPlatform
Set SkipRearm to 1
Try again.
Related Articles, References, Credits, or External Links
Timeouts for the RDWeb portal are defined by the choice you made when you logged in, if you selected ‘private’ or ‘public’ on the PC options, this sets the timeout. The default is 240 mins for private, and 20 minutes for public connections.
Solution
To alter these values you need to make changes in the ‘Internet Information Services Management Console’ on the RDWeb server.
Navigate to {Server-name} > Sites > Default Web Site > RDWeb > Pages > Application Settings.
You need to alter;
PrivateModeSessionTimeoutIn… AND PublicModeSessionTimeoutIn…
Edit the values according to your requirements.
If you find that the changes don’t take effect immediately drop to command line and issue an ‘iisreset’ command.
Related Articles, References, Credits, or External Links
You receive an Event ID 3033 error, with the following description,
‘The average of the most recent <?> heartbeat intervals used by clients is less than or equal to <?>. Make sure that your firewall configuration is set to work correctly with Exchange ActiveSync and direct push technology. Specifically, make sure that your firewall is configured so that requests to Exchange ActiveSync do not expire before they have the opportunity to be processed. For more information about how to configure firewall settings when using Exchange ActiveSync, see Microsoft Knowledge Base article 905013, “Enterprise Firewall Configuration for Exchange ActiveSync Direct Push Technology”
Firstly, the lock screen is there for a valid security reason, so I would not advocate doing this on a production network. But on my test network when I’m jumping between multiple servers all the time, it’s annoying to have to press CTRL+ALT+DELETE and tap the password in, each time I change console sessions.
Solution
In older versions of Windows you could simply go to the following registry key;
1. Connect to the Exchange admin center > Mail flow > receive connectors > Add.
2. Give the connector a name (take note of it, you will need it in a minute) > Select ‘Frontend Transport’ > Custom > Next.
3. Accept the default of TCP Port 25 (SMTP) > Next.
4. REMOVE the 0.0.0.0-255.255.255.255 range. (WARNING: If you do not do this you will become an open relay).
5. Add in the IP address of the host (from which you want to allow relaying) > Save.
6. Open the properties of the connector you just created > Security > Under Authentication select ‘Externally Secured (for example with IPSEC) > Under Permission groups, select ‘Exchange servers’ and ‘Anonymous users’ > Save.
7. At this point, you may find that when you test from the host you get the following error;
421 4.4.1 Connection timed out
I would suggest you change some parameters of the receive connector. Execute the following PowerShell command;
8. Restart the Microsoft Exchange Transport Service on the Exchange server.
[box]Restart-Service MSExchangeTransport[/box]
Exchange 2013 – Test Email Relaying from your ‘Allowed IP’
1. Go to the machine you have allowed relaying from, and attempt to ‘relay’ mail. In the example below I’m attempting to send an email to test@relay.com. In the first example we cannot relay, so something has been misconfigured.
2. However this time we CAN relay so our connector is configured properly.
Related Articles, References, Credits, or External Links