How to Back & Restore VMware ESXi Configuration Using vSphere CLI

by Zubair Alexander @ 7:40 am. Filed under Tips & Tricks, Tools/Utils, Virtualization, Windows 7

The vSphere Command-Line Interface (vSphere CLI) command set allows you to run common system administration commands against ESX/ESXi systems from any machine with network access to those systems. vSphere CLI commands are especially useful for ESXi hosts because ESXi does not include a service console. You can use vicfg-cfgbackup.pl within vSphere CLI to backup or restore your VMware ESXi 4.1 server configuration or to reset the host to factory settings.

vicfg-cfgbackup

The vicfg-cfgbackup command backs up and restores ESXi configuration data. You can back up the host configuration, restore the configuration to the host, force the restore of the configuration, and reset the host to factory settings.

WARNING! This command is supported for ESXi hosts but not for ESX hosts.

vicfg-cfgbackup
<conn_options>
[--force |
--help |
--load <backupfile> |
--reset |
--save <backupfile>]

You can use the following options with vicfg-cfgbackup.

conn_options
Specifies the target server and authentication information if required. Run vicfg-cfgbackup –help for a list of all connection options.

–force | -f
Forces the restore of the configuration.

–help
Prints a help message for each command-specific and each connection option. Calling the script with no arguments or with –help has the same effect.

–load | -l <backupfile>
Restores configuration from <backupfile> onto the host.

–save | -s <backupfile>
Backs up the host configuration.

Include the number of the build that is running on the host that you are backing up in the backup filename. If you are running the vSphere CLI from vMA, the backup file is saved locally on vMA. Local storage for backup files is safe because vMA is stored in the /vmfs/volumes/<datastore> directory, which is separate from the ESXi image and configuration files.

--reset | -r
Resets the host to factory settings.

–quiet | -q
Performs all operations without prompting for confirmation.

Step-by-Step Instructions

Follow the instructions below for backing up and restoring your ESXi 4.1 server configuration from your Windows computer.

Backing Up the Configuration

Install vSphere CLI on your Windows computer. I like to install it on Windows 7 and manage my ESXi server using vSphere Client GUI and vSphere CLI. You can download vSphere CLI here.
Go to Start -> All Programs -> VMware -> VMware vSphere Client -> Command Prompt.
Change directory to the folder where the vicfg-cfgbackup.pl is located. This will typically be in the C:\Program Files (x86)\VMware\VMware vSphere CLI\bin folder. Obviously, if you add the path to your system path you can run the command from any folder.
Use the following syntax at the vCLI prompt:
vicfg-cfgbackup.pl –server ip-address –username root –password your-password –save filename
For example, type the following command and press Enter:
vicfg-cfgbackup.pl –server 192.168.1.200 –username root –password MySecretPassword –save esxi41.bak
Where 192.1681.200 is your ESXi server’s IP address, MySecretPassword is your password, and esxi41.bak is the name of the backup file that will contain the server configuration settings. Note that there is a space after each double dash (–) but not after the double dash.
After you run the command you should see the following notification and your file will be backed in the folder where you ran the command, e.g. in the VMware vSphere Client\bin folder.
Saving firmware configuration to esxi4.1.bak …
Make sure you verify that the file exists by running the dir *.bak command at the command prompt.

Restoring the Configuration

To restore your VMware ESXi 4.1 server configuration use the same vicfg-cfgbackup.pl command.

Go to Start -> All Programs -> VMware -> VMware vSphere Client -> Command Prompt.
Change directory to the folder where the vicfg-cfgbackup.pl is located. This will typically be in the C:\Program Files (x86)\VMware\VMware vSphere CLI\bin folder.
Use the following syntax at the vCLI prompt:
vicfg-cfgbackup.pl –server ip-address –username root –password your-password –load esxi41.bak -f -q
For example, type the following command and press Enter:
vicfg-cfgbackup.pl –server 192.168.1.200 –username root –password MySecretPassword –load esxi41.bak -f -q
Where 192.1681.200 is your ESXi server’s IP address, MySecretPassword is your password, and esxi41.bak was the name of the backup file that contains the server configuration settings. Note that there is a space after each double dash (–) but not after the double dashes.

In order to restore your configuration, you need to place your new ESXi 4.1 server into evaluation mode. This may not be necessary if you have recently installed your server and have not added your license key. If you have already added your license key then simply use the vSphere Client and set the server to evaluation mode. Another thing to keep in mind if your restore fails is to use the -f option, which forces a restore.

Helpful Links

More information and documentation for vSphere CLI is available here.
A complete reference for vSphere CLI is available here.
vSphere CLI is available for download here.

[Comments (1)] [link]

February 12, 2011

Free Wake-On-LAN GUI Tool

by Zubair Alexander @ 1:31 pm. Filed under Tools/Utils, Win2K Pro, Windows 2000, Windows 2003, Windows 2008, Windows 7, Windows Home Server, Windows Vista, Windows XP

There is a free Wake-On-LAN GUI tool available that you can use to wake a remote computer up by either using it’s IP address or it’s Fully Qualified Domain Name (FQDN). You can use the Wake-On-LAN feature to start a computer either on the LAN or through the Internet.

You can download the tool here.

[Comments (0)] [link]

December 5, 2010

Active Directory Cmdlets in Windows PowerShell

by Zubair Alexander @ 8:02 am. Filed under Scripting, Tools/Utils, Windows 2008

Here’s a list of all the Active Directory cmdlets in Windows PowerShell that are available in Windows Server 2008 R2 with a link to Microsoft TechNet for each cmdlet for more details.

Add-ADComputerServiceAccount

Adds one or more service accounts to an Active Directory computer.

Add-ADDomainControllerPasswordReplicationPolicy

Adds users, computers, and groups to the Allowed List or the Denied List of the read-only domain controller (RODC) Password Replication Policy (PRP).

Add-ADFineGrainedPasswordPolicySubject

Applies a fine-grained password policy to one more users and groups.

Add-ADGroupMember

Adds one or more members to an Active Directory group.

Add-ADPrincipalGroupMembership

Adds a member to one or more Active Directory groups.

Clear-ADAccountExpiration

Clears the expiration date for an Active Directory account.

Disable-ADAccount

Disables an Active Directory account.

Disable-ADOptionalFeature

Disables an Active Directory optional feature.

Enable-ADAccount

Enables an Active Directory account.

Enable-ADOptionalFeature

Enables an Active Directory optional feature.

Get-ADAccountAuthorizationGroup

Gets the Active Directory security groups that contain an account.

Get-ADAccountResultantPasswordReplicationPolicy

Gets the resultant password replication policy for an Active Directory account.

Get-ADComputer

Gets one or more Active Directory computers.

Get-ADComputerServiceAccount

Gets the service accounts that are hosted by an Active Directory computer.

Get-ADDefaultDomainPasswordPolicy

Gets the default password policy for an Active Directory domain.

Get-ADDomain

Gets an Active Directory domain.

Get-ADDomainController

Gets one or more Active Directory domain controllers, based on discoverable services criteria, search parameters, or by providing a domain controller identifier, such as the NetBIOS name.

Get-ADDomainControllerPasswordReplicationPolicy

Gets the members of the Allowed List or the Denied List of the RODC PRP.

Get-ADDomainControllerPasswordReplicationPolicyUsage

Gets the resultant password policy of the specified ADAccount on the specified RODC.

Get-ADFineGrainedPasswordPolicy

Gets one or more Active Directory fine-grained password policies.

Get-ADFineGrainedPasswordPolicySubject

Gets the users and groups to which a fine-grained password policy is applied.

Get-ADForest

Gets an Active Directory forest.

Get-ADGroup

Gets one or more Active Directory groups.

Get-ADGroupMember

Gets the members of an Active Directory group.

Get-ADObject

Gets one or more Active Directory objects.

Get-ADOptionalFeature

Gets one or more Active Directory optional features.

Get-ADOrganizationalUnit

Gets one or more Active Directory OUs.

Get-ADPrincipalGroupMembership

Gets the Active Directory groups that have a specified user, computer, or group.

Get-ADRootDSE

Gets the root of a domain controller information tree.

Get-ADServiceAccount

Gets one or more Active Directory service accounts.

Get-ADUser

Gets one or more Active Directory users.

Get-ADUserResultantPasswordPolicy

Gets the resultant password policy for a user.

Install-ADServiceAccount

Installs an Active Directory service account on a computer.

Move-ADDirectoryServer

Moves a domain controller in AD DS to a new site.

Move-ADDirectoryServerOperationasterRole

Moves operation master (also known as flexible single master operations or FSMO) roles to an Active Directory domain controller.

Move-ADObject

Moves an Active Directory object or a container of objects to a different container or domain.

New-ADComputer

Creates a new Active Director computer.

New-ADFineGrainedPasswordPolicy

Creates a new Active Directory fine-grained password policy.

New-ADGroup

Creates an Active Directory group.

New-ADObject

Creates an Active Directory objet.

New-ADOrganizationalUnit

Creates a new Active Directory OU.

New-ADServiceAccount

Creates a new Active Directory service account.

New-ADUser

Creates a new Active Directory user.

Remove-ADComputer

Removes an Active Directory computer.

Remove-ADComputerServiceAccount

Removes one or more service accounts from a computer.

Remove-ADDomainControllerPasswordReplicationPolicy

Removes users, computers, and groups from the Allowed List or the Denied List of the RODC PRP.

Remove-ADFineGrainedPasswordPolicy

Removes an Active Directory fine-grained password policy.

Remove-ADFineGrainedPasswordPolicySubject

Removes one or more users from a fine-grained password policy.

Remove-ADGroup

Removes an Active Directory group.

Remove-ADGroupMember

Removes one or more members from an Active Directory group.

Remove-ADObject

Removes an Active Directory object.

Remove-ADOrganizationalUnit

Removes an Active Directory OU.

Remove-ADPrincipalGroupMembership

Removes a member from one or more Active Directory groups.

Remove-ADServiceAccount

Removes an Active Directory service account.

Remove-ADUser

Removes an Active Directory user.

Rename-ADObject

Changes the name of an Active Directory object.

Reset-ADServiceAccountPassword

Resets the service account password for a computer.

Restore-ADObject

Restores an Active Directory object.

Search-ADAccount

Gets Active Directory user, computer, and service accounts.

Set-ADAccountControl

Modifies user account control (UAC) values for an Active Directory account.

Set-ADAccountExpiration

Sets the expiration date for an Active Directory account.

Set-ADAccountPassword

Modifies the password of an Active Directory account.

Set-ADComputer

Modifies an Active Directory computer.

Set-ADDefaultDomainPasswordPolicy

Modifies the default password policy for an Active Directory domain.

Set-ADDomain

Modifies an Active Directory domain.

Set-ADDomainMode

Sets the domain functional level for an Active Directory domain.

Set-ADFineGrainedPasswordPolicy

Modifies an Active Directory fine-grained password policy.

Set-ADForest

Modifies an Active Directory forest.

Set-ADForestMode

Sets the forest mode for an Active Directory forest.

Set-ADGroup

Modifies an Active Directory group.

Set-ADObject

Modifies an Active Directory object.

Set-ADOrganizationalUnit

Modifies an Active Directory OU.

Set-ADServiceAccount

Modifies an Active Directory service account.

Set-ADUser

Modifies an Active Directory user.

Uninstall-ADServiceAccount

Uninstalls an Active Directory service account from a computer.

Unlock-ADAccount

Unlocks an Active Directory account.

[Comments (0)] [link]

July 24, 2010

Choosing a Deployment Strategy for Windows 7

by Zubair Alexander @ 9:12 am. Filed under Tools/Utils, Windows 2008, Windows 7

When it comes to deploying Windows 7, one of the challenges administrators face is trying to figure out which deployment method is the best suited for a particular scenario. Fortunately, Microsoft has documented some guidelines for Choosing a Deployment Strategy in detail. The following table will help you with your decision but you might want to download the complete document here.

	High-Touch with Retail Media	High Touch with Standard Image	Lite-Touch, High-Volume Deployment	Zero-Touch, High-Volume Deployment
IT skill level	IT generalist	IT pro with optional deployment experience	IT pro with deployment experience recommended	IT pro with deployment and Configuration Manager 2007 R2 expertise
Windows license agreement	Retail	Retail or Software Assurance	Software Assurance	Enterprise Agreement
Number of client computers	<100	100–200	200–500	>500
Infrastructure	Distributed locations Small, unmanaged networks Manual client computer configuration Distributed locations Small networks Standardized configurations, including applications Managed networks At least one office with more than 25 users Windows Server® products Configuration Manager 2007 R2 (optional) Managed network At least one office with over 25 users Windows Server products Configuration Manager 2007 R2
Application support	Manually installed commercial applications	Manually installed commercial or line-of-business (LOB) applications	Automatically installed commercial or LOB applications	Automatically installed commercial or LOB applications
User interaction	Manual, hands-on deployment	Manual, hands-on deployment	Limited interaction at the beginning of installation	Fully automated deployment
Lower cost and effort by…	…automating client computer configuration	…creating standardized images	…providing network-based deployment to support large-scale deployment with limited interaction	…providing network-based deployment to support large scale-deployment with no interaction
Helping to…	…create reproducible and faster client computer installation	…reduce configuration testing and deployment time	…leverage standardized images with network access by using pull automation	…leverage standardized images with network access by using push automation
Strategy description	High-Touch with Retail Media	High Touch with Standard Image	Lite-Touch, High-Volume Deployment	Zero-Touch, High-Volume Deployment
Windows 7 Tools	Retail media Windows Automated Installation Kit (Windows AIK) Retail or volume-licensed (VL) media Windows AIK Microsoft Deployment Toolkit (MDT) 2010 Application Compatibility Toolkit (ACT) 5.5 VL media Windows AIK MDT 2010 ACT 5.5 Microsoft Assessment and Planning Toolkit Windows Deployment Services VL media Windows AIK MDT 2010 ACT 5.5 Microsoft Assessment and Planning Toolkit Windows Deployment Services Configuration Manager 2007 R2

[Comments (0)] [link]

July 23, 2010

Windows 7 Deployment FAQs

by Zubair Alexander @ 7:56 am. Filed under Tools/Utils, Windows 2008, Windows 7

Microsoft provides numerous tools for deploying Windows operating systems. It sure would be nice if we could use one tool that included all the functionality in dozens of separate utilities and toolkits. Here are some frequently asked questions that Microsoft has posted on TechNet. These will help you understand what you can and can’t do with all these new deployment tools for Windows 7 and Windows Server 2008.

“If I am running Windows XP and haven’t looked at the Windows Vista and Windows Server 2008 imaging and deployment tools, what should I know about Windows 7 deployment?

If you have not yet looked at Windows Vista Deployment Enhancements, you can learn about the enhancements made around file-based, nondestructive imaging that uses the Windows® Imaging Format (WIM), Hardware Abstraction Layer (HAL) independence, and language neutrality in Windows Vista® and Windows 7 images.

Which tools are available to help with my Windows 7 deployment project?

The following are some of the predeployment and deployment tools that help you automate common project-related tasks:

Microsoft Assessment and Planning (MAP) Toolkit This tool inventories hardware and devices.

Application Compatibility Toolkit (ACT) version 5.5 This tool inventories applications, analyzes compatibility, and creates compatibility fixes for applications.

Microsoft Deployment Toolkit (MDT) This tool helps you create images and automate the OS and application installations, data migration, and desktop configuration process.

Microsoft System Center This is a family of products for large organizations that provides end-to-end deployment and management support.

How is imaging and image servicing in Windows 7 different compared to Windows Vista?

Deployment Image Servicing and Management (DISM) in the Windows Automated Installation Kit (AIK) provides additional functionality for Windows 7 and Windows Server® 2008 R2–based operating system images. In Windows 7, you can use DISM to enumerate drivers, packages (including updates), and features in the image. You can also use DISM to add and remove flat file drivers from a Windows 7 or Windows Server 2008 R2 system image. DISM consolidates functions previously found across several tools.

Notably, you can also use DISM to manage Windows Preinstallation Environment (Windows PE) images; DISM can manage international configurations and can be used for mounting and unmounting WIM images. Previously, these functions were spread across the PEImg, IntlConfig, and ImageX tools. Finally, DISM contains changes that allow for backward compatibility with Package Manager (PKGMGR) commands that were used for Windows Vista and Windows Server 2008 image files to help ensure that existing tools and scripts written for previous versions of the Windows AIK continue to work. ImageX is still provided with the Windows AIK for system image creation and application functions.

Where can I find the User State Migration Tool for Windows 7?

The Microsoft® Windows® User State Migration Tool (USMT) 4.0 is included in the Windows Automated Installation Kit (Windows AIK), which you can download from the following Microsoft® Web site: The Windows Automated Installation Kit (AIK) for Windows 7. For more information about USMT 4.0, see User State Migration Tool 4.0 User’s Guide.

What is Hard-Link Migration, and how can I migrate user states from one operating system to another?

A hard-link migration store enables you to perform an in-place migration. The all-user state is maintained on the computer while the old operating system is removed and the new operating system is installed. Use of a hard-link migration store improves migration performance and reduces hard-disk space usage. For more information, see Hard-Link Migration Store.

Are there any changes in the role of the Windows Deployment Services server in Windows Server 2008 R2?

Windows Deployment Services (WDS) in Windows Server 2008 R2 enables network deployments of WIM images or virtual hard disks as files used for OS deployments. The previous release of WDS in Windows Server 2008 included multicast for image transmission to computers in the deployment pool.

One consequence of using multicast in Windows Server 2008 was that the slowest client determined the transfer rate for all client machines. In Windows Server 2008 R2, multicast now supports the use of multiple stream transfer of 2 to 3 speeds to ensure that the fastest clients can receive deployment images faster. In addition, you can use standard multicast without multiple stream transfer to set minimum transfer thresholds and automatically remove slow clients from the multicast pool.

Windows Server 2008 R2 with WDS also enables dynamic driver provisioning so that driver files can be stored centrally, outside the image, and only the required drivers are installed during deployment by using Plug and Play device matching. For organizations that include large driver payloads with standard network-installed images, dynamic driver provisioning can help reduce image size and ease driver management routines.

Why is upgrade from Windows XP® to Windows 7 not supported?

There are many changes in how PCs have been configured (applets, hardware support, driver model, and so on), and a clean installation yields the highest quality. The User State Migration Tool provides support for moving files and settings, but you must reinstall applications. For a set of customers this tradeoff may seem less than perfect, but the upfront time is well worth it. For more information about this topic, read the blog Engineering Windows 7: Delivering a quality upgrade experience. For more information about how to migrate data from Windows XP to Windows 7, see Step-by-Step: Windows 7 Upgrade and Migration.

Are there any tools available to help find out which applications my users have installed and to test for application compatibility?

You can use the Application Compatibility Toolkit (ACT) version 5.5 to inventory applications and identify known compatibility issues that are common to both Windows Vista and Windows 7. ACT 5.5 also includes tools for testing Web-based applications and for building compatibility fixes for applications where a compatible version is not available and recoding the application is not an option.

You can also search for applications and devices that are compatible with Windows Vista at the Windows Vista Compatibility Center. To perform a bulk query of an inventoried application list against a known list of Windows Vista compatible applications, you can use the Windows Vista Application Compatibility Downloadable List for IT Professionals which is available from the Microsoft Download Center. Both resources share common data, which is currently specific to Windows Vista. Compatibility data specific to Windows 7 will appear in these resources as the data becomes available from software vendors.

Microsoft is collaborating with service partners to help overcome application compatibility, from application inventory to application compatibility remediation. For more information, see the Application Compatibility Factory partner program on Microsoft TechNet.

What specific changes are there in Windows 7 compared to Windows Vista that could affect application compatibility?

Compatibility between Windows Vista and Windows 7 is very high. There are relatively minor changes that affect application compatibility, including the following:

Operating system version The internal version number for Windows 7 and Windows Server 2008 R2 is 6.1.

Removal of Windows gallery applications Windows Mail, Messenger, Address Book, Photo Gallery, and Movie Maker are deprecated in Windows 7.

National Language Support changes The National Language Support (NLS) functions help applications support the different language-specific and locale-specific needs of users. Windows 7 includes some NLS changes.

Internet Explorer 8 user agent string The user agent string is the Internet Explorer® identifier that provides data about its version and other attributes to Web servers. Many Web applications rely on the Internet Explorer user agent string.

Removal of Windows registry reflection for 64-bit operating systems The registry reflection process copies registry keys and values between two registry views to keep them in sync.

New low-level binaries To improve engineering efficiencies, Microsoft has relocated some functionality to new low-level binaries.

File library replaces document folder Libraries provide a centralized folder for file storage, search, and access across multiple locations, both local and remote.

User interface high DPI awareness The goal is to encourage end users to set their displays to native resolution and to use DPI rather than screen resolution to change the size of text and images.

Internet Explorer 8 DEP/NX Internet Explorer 8 enables DEP/NX protection when run on an OS with the latest service pack.

For detailed information on these changes, see Windows 7 and Windows Server 2008 R2 Application Quality Cookbook . If you are running Windows XP and want more information about changes starting with Windows Vista, see The Windows Vista and Windows Server 2008 Developer Story: Application Compatibility Cookbook .

What about Volume Activation? Will I need a separate infrastructure for Windows 7?

Volume Activation fundamentally works in the same way in Windows 7 as it does with Windows Vista and Windows Server 2008. You can use key management service or multiple activation keys. The same infrastructure is used to activate Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. Virtual machine activations can be counted against activation thresholds. The volume activation management tool is included in the Windows AIK.

With so many deployment options, how do I know which one is best-suited to my organization?

For consumers and small businesses, manual deployment options include data migration assisted by Windows easy transfer and installation via retail media. For more information about migrating data with Windows Easy Transfer, see Step-by-Step: Windows 7 Upgrade and Migration.

You can review the deployment options in the Choosing a Deployment Strategy evaluation. These topics describe the recommended deployment types based on your type of organization and help you select an appropriate deployment method.

What is VHD Native Boot?

In Windows 7, you can use a virtual hard disk as the running OS on designated hardware without any other parent operating system, virtual machine, or hypervisor. For more information, see Virtual Hard Disks in Windows Server 2008 R2 and Windows 7.

How can I use the Microsoft Desktop Optimization Pack tools to help with my Windows 7 deployment?

Microsoft Application Virtualization (App-V), a component of the Microsoft Desktop Optimization Pack (MDOP), can minimize time-consuming regression testing and application compatibility issues. This is possible because applications are virtualized and not redirected or installed on the client, saving you significant time and effort. You can use dynamic virtualization to control virtual application combinations, consolidate virtual environments, and simplify and speed administration. Customers can accelerate and centralize the deployment and management of operating systems and applications, including simplifying the global management of virtual applications by letting users work in localized environments with localized applications.”