vSphere U1, 1 down, 1 to go.
Good news first - in my previous blog post I had mentioned that there was a serious bug with updating to ESX 4 U1 and HP SIM agents. This has been resolved, U1 has been re-released and people should not have this issue any more (I have not tested this myself). That KB article has been updated and is available here.
The bad news is that there is now a bug with U1 and vCenter if it manages ESXi hosts.
It does not seem nearly as drastic as the previous issue I blogged about, but you should be aware of it. For now, it seems that you can avoid running into it by not adding, removing and then readding an ESXi host to vCenter.
Stay tuned for my next post (possibly a series?) about backups.
vSphere Update 1 and HP SIM agents
Phew - I'm glad I waited a little bit before installing vSphere update 1!
Turns out there's a nasty bug that will PSOD (purple screen of death) your vSphere hosts when updating if you are running HP SIM agents.
You can find the information here.
The document says that you should stop the HP agents on your host before updating. I can verify that this worked for me. I can also verify that not doing this will cause a PSOD - a colleague of mine had it happen.
This is exactly why I always wait at least a week after any major update... to see if it made the news.
vSphere Update 1 is out!
Apparently as I lay in bed in dreamland last night VMWare released vSphere update 1 - took long enough!
Update 1 brings several notable improvements:
• vSphere client works in Windows 7 - without a hack!
• You can run Windows 7 and Windows Server 2008 R2 as guest operating systems.
• View 4.0 support.
• Improved MSCS support.
• PVSCSI for 2003 and 2008.
• Improved dvswitch performance.
• 25 vCPU's per core!
• Support for Intel Xeon 3400 Series.
• And a whole lot of bug fixes.
No USB pass-through fix, and it seems like there are more known issues than fixed. To be fair, one of my VMWare colleagues mentioned that there were more known issues when 4 released than now, and most of these have existed since then.
For those of you with ESXi free, it's not available yet. No word on when it will be released - sorry!
Reports are already coming in of successful deployments, and I will probably update myself during next week’s rather large maintenance window (read: Thanksgiving).
Cisco AnyConnect, LDAP, and you.
I recently discovered that Cisco had released a much cheaper version of their AnyConnect client alongside their ASA 8.2 release. AnyConnect Essentials runs $150 (list price, so for Cisco, chop off an average of 35%) and allows for up to 250 concurrent connections on my ASA 5510. Previously you either had to settle for their IPSec client or their Premium AnyConnect license. From my own impressions, Cisco had given up on their IPSec client... no 64 bit client? Hello? Their more expensive AnyConnect license included features that I didn't need and was something obscene like $150/user.
Enter AnyConnect essentials. You can install it by going to your ASA's IP address and logging in. It downloads the client which is about 1.5MB compressed, and connects you. Bam! Instant SSL encrypted VPN tunnel. In testing it appears to work really well. I've tried the client on XP, Vista, 7, and Linux and I like it. I'll be deploying this to my company very soon.
Like most things Cisco, just because you can do it doesn't mean it's easy to do (or easy to find relevant information for). In my case, I wanted to implement the AnyConnect software with LDAP and allow different groups access to different resources depending on Active Directory group memberships.
After an hour or so of using Google, I found a few documents that really helped me (and hopefully you!):
Configuring AnyConnect VPN Client Connections
ASA 8.0: Configure LDAP Authentication for WebVPN Users
PIX/ASA 8.0: Use LDAP Authentication to Assign a Group Policy at Login
I hope that helps - if you need any help, leave a comment and I'll see what I can do
Windows 7 is not bad.
Windows 7 - what a breath of fresh air!
I've been using Windows 7 since the beta was released on Technet and like a lot of people I believe it's everything Vista should have been. My only real problem with it is it's a couple years late.
Whoever Microsoft has in charge of usability did a really good job. The interface improvements have increased my efficiency, and more importantly (and very much unlike Vista) the improvements are far beyond cosmetic. For example, being able to effectively split screen applications by dragging them to right/left sides and the stacked taskbar with thumbnails.
For my home environment, I have found that homegroups are a great way to share media, such as music, between rooms and my HTPC. Remote desktop and various other applications that remember the last connection or documents you have opened in the past.
At my job, there are even more improvements. I chose to skip Vista, we will not be skipping Windows 7. Bitlocker - good bye PGP whole disk encryption? That alone will save us $150 per FTE. DirectAccess could potentially replace our Cisco ASA firewalls. The search feature may actually mean that I don't have to deal with employees installing Google Search and the associated privacy issues.
Oh, and it's faster too.
I guess it goes without saying that if Windows 7's launch went as bad as Vista's Microsoft would have been in a heap of trouble. I think that Microsoft not only dodged a bullet, but managed to create a great product.
Well done!