How to access DCUI/Console of ESXi

To access DCUI/Console of ESXi:

Use below key combination of ALT + Function keys to access the Direct Console User Interface (DCUI) of an ESXi host

• ALT+F1 = Switches to the console.

• ALT+F2 = Switches to the DCUI.

• ALT+F11 = Returns to the banner screen.

• ALT+F12 = Displays the VMkernel log on the console.

Vcenter server encryption configuration using HyTrust KMS key Provider

 Steps:

1.Download HYTRust Keyprovider OVA from:

https://www.entrust.com/digital-security/key-management/keycontrol

They give 60 day trail free deployment.

2.Deploy the KMS server.

3.Once Installation completes. Login to Entrust server using IP and login with user/password you provided while install.

4.Go to "KMIP" ->Basic ,mark state=Enabled ,vesion=1.1

5.From KMIP ->client certificates->Actions ->Create client certificate (Don't give any passwords)

6.Select the created certificate and download ZIP file and extract.

7.Go to Vcenter server-> Configure ->Security->Key providers

     Add Standard key Provider

     provide KMS name (certificate name)

      IP of the Entrust server

      Port:5696

8.Select the KMS server and select the keys and "Establish Trust"

    Select the zip folder and choose <KMS>.PEM that we created

    use the same file for certificate and key upload path.

Now choose existing VM->Power off -> VM Policies ->Select "Encryption policy"

it takes nearly 10 minutes to configure the VM .

Now you can check VM Summary have :

     VM hardware have "Encryption details" and Hard disk(encrypted)

Verify Windows server is virtual or physical

 Run below command on CMD prompt of windows machine:

systeminfo /s %computername% | findstr /c:"Model:" /c:"Host Name" /c:"OS Name"

C:\Users\Administrator>systeminfo /s %computername% | findstr /c:"Model:" /c:"Host Name" /c:"OS Name"

Host Name:                 RANJIServer

OS Name:                   Microsoft Windows Server 2016 Standard

System Model:              VMware Virtual Platform

C:\Users\Administrator>

Check your esxi is physical server or a virtual machine

 ESXCLI command can be used for verifying login (by ssh) esxi server is physical or virtual using:

esxcli hardware platform get

1)Physical:

[root@ranjith-s1:~] esxcli hardware platform get

Platform Information

   UUID: f 0x46 0xbb 0x77 0x4e 

   Product Name: PRIMERGY RX2530 

   Vendor Name: FUJITSU

   Serial Number: XYZABC

   IPMI Supported: true

[root@mva-rx2530-s1:~]

2)Virtual Machine

[root@ranjith-2:~] esxcli hardware platform get

Platform Information

   UUID: 2 0xbd 0x1c 0xa0 0xd4 0x5e 0x32 0x7 0

   Product Name: VMware7,1

   Vendor Name: VMware, Inc.

   Serial Number: VMware-12 34 56

   Enclosure Serial Number: None

   BIOS Asset Tag: No Asset Tag

   IPMI Supported: false

Secure boot enabled: Cannot change acceptance level to community

Error:

When you change the esxi acceptance level:

Command: esxcli software acceptance set --level=CommunitySupported

                       Secure boot enabled: Cannot change acceptance level to community

Solution:

disable secure boot for the esxi .

  a) If it's a physical server, then you need to do this in UEFI. 

   b)For VMs, Power off VM, VM  edit settings -> VM Options tab (Boot Options) ->setting for Secure Boot. ->UnCheck

A general system error occurred: PBM error occurred during PreCloneCheckCallback: vmodl.fault.systemerror

Error:

while creating VM on a vvOL datastore

A general system error occurred: PBM error occurred during PreCloneCheckCallback: vmodl.fault.systemerror

Solution:

SSH to the VCSA using PuTTY or similar SSH client.

service vmware-sps restart

Could not connect to one or more vCenter Server systems:https://VCIP:443/sdk

Error:

Could not connect to one or more vCenter Server systems:https://VCIP:443/sdk

Solution:

service-control --stop --all

service-control --start --all

SHA256 sum checksum commands Linux|Windows

For windows:

Get-FileHash <FIle> -Algorithm SHA256

For Linux:

sha256sum <File name>

MD5 checksum commands linux|Windows

For windows:

Get-FileHash <File> -Algorithm MD5

For Linux:

md5sum <File>