Thursday, April 6, 2017

MSTSC - need to see RDP screen and punching username and password

Good day All,

Welcome back!!! recently i was pulled to a little issue for RDP and found it interesting so thought to share to all.

The requirement was user had a JumpServer in TestEU domain and trying to RDP to a Server in TestUS domain.

So after connecting to TestEU domain when they launch mstsc and punch in the username and password for TestUS domain, it will take sometime and through error saying "Directory Logon Failure: bad credentials supplied"

1. Firewall ports was verified nothing blocking
2.Telnet on port 3389 from TestEU domain was working to a Server in TestUS domain

This is when i was called to check, it took time to understand why they doing double hop and  i was able to tell them that this error is in RDP Client.

As we all know when RDP client version before 7.0  you will see RDP desktop first and then ask for credentials but after 7.0 as you soon as you hit connect it will ask for username and password and it will do the authentication process and it will take right you in the Server.

So what was happening when user is trying from a Jump Server in TestEU, even though he explicit provides TestUS domain name ,username and password the username and password are was checked against the current domain and getting that bad credentials error.

Why it does please google it because of single sign-on and registry it keeps validating the user name and password in current domain.

Work around:

1. Start, run , type mstsc and click options and remove any ip under Computer
2. In mstsc  under connection settings click saveas on the desktop and it will get saved as default.rdp and close the mstsc
3. Now open a notepad and click open , select all files and open default.rdp and click ok
4. Scroll all the way down and add the following 2 below in the notepad and save it.
enablecredsspsupport:i:0
authentication level:i:0
5. Now asked them to double click the default.rdp on the desktop, type in the ip and see , does it open a RDP screen of windows 2012 to punch in domain name,user name and password.

Note: If you have a RDP client version 7 and below you would have never encountered this error because when you click mstsc and hit connect it will open a RDP session allowing to punch in username and password.

Hopefully this will help some and until next one you all have a good day!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Posted by at No comments:

Blade NIC showing unplugged

Good day All,

Welcome back!!!  Couple of weeks ago we had a interesting incident so thought of sharing to all so that it helps someone.
We got a alert ticket and one of the Production Server lost both Production Team NIC's on a blade and was unreachable , strange is we had NIC's for Backup and Management both are up and online.

So troubleshooting steps we performed but issue didn't get resolved:

1.We updated to latest drivers didn't work
2.Replaced NICs didn't work
3.Replaced mother board didn't work
4.Removed blade and put in next slot didn't work
5.Removed blade and put in second half of slot(bay 14) that didn't work too
6. We tried created new profile nope that didn't help


Solution:


 We created a internal only network and then assigned 1 NIC and then on  other Blade Server we assigned a NIC to same Internal network , assigned a 192.168.1.1 and 1.2 IP and pinged both NIC's it started to work.
Now we know that its not NIC issue as when we configured internally network its pinging between both blades.

So finally what we decided was to drop the existing VLAN and then just recreated a same VLAN,...Vola.. issue got resolved.
We reached out to Level 2 HPTS guys but they had no idea why something would like fix the issue.
Hopefully this will help someone, until next one you all have good day!!!!!!!!!!!!




Posted by at No comments:

Virtual Connect upgrade - Interactive Mode

Good day All,

Welcome back!!! quite busy these days so after a very long time started to write.
We have completed upgrading Virtual Connect to 4.45 so thought of sharing the process and also issues we encountered along the way

Also i have seen people getting confused on what order to follow, we have been doing this for quite sometime and has been very successful

1.Apply ilo Firmware for all the Blades in the enclosure
2.Apply Firmware update for the Physical Blades and if its Windows OS\ESXi apply all the drivers/Firmware as well
3.Apply On-board Administrator Firmware update
4. Last Apply the Virtual Connect Firmware update

Before you do anything backup the Configuration :

























Download VCSU Utility:
http://h20564.www2.hpe.com/hpsc/swd/public/detail?swItemId=MTX_5e16cbb76d9e46e891ca04048d

VCSU User Guide:

https://h20566.www2.hpe.com/hpsc/doc/public/display?sp4ts.oid=4144084&docId=emr_na-c04567803&docLocale=en_US

Virtual Connect Firmware download:

http://h20564.www2.hpe.com/hpsc/swd/public/detail?swItemId=MTX_3adcc3c4275f460c8d97cad17e

After you install VCSU, Navigate in start menu and open Virtual Connect Support Utility - Interactive as seen in below screen

Note: If any VC version is less than 4.01 then you need to update to 4.01 first and then to required firmware in our case 4.45

First Step is to run Health Check Report: Open VCSU interactive mode

Please enter action ("help" for list): healthcheck
Please enter Onboard Administrator IP Address: OA Primary IP
Please enter Onboard Administrator Username: Administrator
Please enter Onboard Administrator Password: *************

The target configuration is integrated into a Virtual Connect Domain. Please enter the Virtual Connect Domain administrative user credentials to continue.

User Name: Administrator
Password: *************

A details report will be generated with complete VC Current Firmware list and any issues will be reported.
Make sure to go over it before you start the upgrade steps below

After verifying all at 4.01 then run the steps below to update the Firmware from 4.01 to 4.45
  •  Please enter action ("help" for list): update
  •  Please enter Onboard Administrator IP Address: OA Primary IP
  •    Please enter Onboard Administrator Username: *************
  •    Please enter Onboard Administrator Password: *************
  •    Please enter firmware package location: C:\vc\vcfwall445.bin
  •     Please enter Configuration backup password (Optional):
  •     Please enter Force Update options if any (eg: version,health): health
  •     Please enter VC-Enet module activation order if any (eg: parallel or odd-even or serial or manual. Default: odd-even):hit enter
  •    Please enter VC-FC module activation order if any (eg: parallel or odd-even or serial or manual. Default: serial):hit enter
  •    Please enter the time (in minutes) to wait between activating or rebooting VC-Enet modules (max 60 mins. Default: 0 mins):hit enter
  •    Please enter the time (in minutes) to wait between activating or rebooting VC-FC modules (max 60 mins. Default: 0 mins):hit enter
  •    The target configuration is integrated into a Virtual Connect Domain. Please enter the Virtual Connect Domain administrative user credentials to continue
  •    User Name: ************
  •  Password: *************
After like 40-45 mints you will see notification showing all your VC Modules updated with version you needed.

Issues encountered:

1, if you have critical database or application which can't withstand at-least 10-15 packet drops then make sure the team is aware, we have seen case where there was like at=least 15 packet drops when upgrade
2.Linux Blades if running in older versions of NIC drivers we have see loosing network connection and had to be rebooted
3.If you have ESXi host and VM's running, if NIC's are configured like Active/Standby then when upgrade you will see packet drops

Hopefully this will help someone and until next one all have a good day!!!!!!!!!!!!!!!!

Posted by at 2 comments:
Subscribe to: Posts (Atom)