How to recover GRUB and Root password on VCSA This article will provide the step by step screenshot to recover the VMware vCenter Appliance

This article will provide the step by step screenshot to recover the VCSA (5.5 and 6.0 tested) root password and breaking the GRUB password.

VMware vCenter Appliance(VCSA) is a pre-configured Linux VM based on SUSE Linux.
If you forget the root password of the appliance, you need to recover the root password like other Linux Operating systems.
Recovering root password is very simple if there is no grub password has been setup or if you know the GRUB boot loader password. If you don’t know the grub password, then you need to reset the grub password first by using Redhat or SUSE Linux DVD or live cd such Hiren’s Boot CD.

RECOVER GRUB PASSWORD

If you deployed a VCSA changing grub password, and you lost it, you can remove it following this steps. Default grub passsword for VCSA is ‘vmware‘:

  1. Power OFF VCSA Server (it culd be a Physical server or VM);
  2. Insert a Live Boot CD linux for recover (Live Linux, Hiren’s Boot etc..);
  3. Power ON the Server, then Boot from CD;
  4. Start Recovery procedure from CD;
  5. Mount VCSA file system on a mount point like ‘/mnt/vcsa‘, in RW mode: ‘mount -o remount,rw /partition/identifier /mount/point‘;
  6. Navigate into /mount/point/boot/grub;
  7. List file into grub and find ‘menu.lst‘;
  8. Ensure to backup menu.lst: ‘cp menu.lst menu.lst.bck‘;
  9. Edit menu.lst with Vim editor or similar, then remove or place # to comment the ‘Password’ row:Recover Grub Password, commented ‘password’
  10. Exit VIM saving;
  11. Reboot Server.

RECOVER ROOT PASSWORD

  1. Start the VCSA Server (or VM) and interrupt the GRUB menu by pressing “ESC” key .  Press “e” edit the commands;If you know the GRUB password , you can pass it by press “p” and enter the GRUB password. If you don’t know the GRUB password , you need to follow the above procedure to break the grub password first.

    Recover Root Password Linux
    Recover Root Password Linux
  2. Press “e” to edit the commands again for the kernel;
  3. Append “init=/bin/bash” in this step and press enter;
  4. Press “b” to boot the system;
  5. You will get the bash;
  6. Set the new root password for VCSA ‘passwd root’;
  7. Exit the shell using “exit” command.

Once the system is booted , you should be able to login with new root password.

Related article:

Initial Network Setup with UBUNTU Server Main steps to configure newtwork services on Linux Ubuntu Server

How do I change the hostname without a restart?

sudo hostname your-new-name

Assigning a static IP to Ubuntu Server

vi /etc/network/interfaces

Example:

auto eth0
 iface eth0 inet static

address 192.168.1.128
 netmask 255.255.255.0
 network 192.168.1.0
 broadcast 192.168.1.255
 gateway 192.168.1.1

How to disable IPv6 in Ubuntu?

vi /etc/sysctl.conf

insert the following lines at the end:

net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1

Linux Proxy Server Settings – Set Proxy For Command Line

env | grep -i proxy

check the file :

cat /etc/apt/apt.conf
cat /etc/environment

To Modify contents of file (remove everything from apt.conf for no proxy and only proxy sentences from environment)!

sudo nano /etc/apt/apt.conf
sudo nano /etc/environment
Acquire::http::Proxy "http://proxy.site.com:8080";

Manually edit DNS in Ubuntu

sudo nano /etc/resolvconf/resolv.conf.d/base

Add your DNS to the file :

nameserver 8.8.8.8
nameserver 8.8.4.4

Update resolv configuration:

sudo resolvconf -u

Setting up NTP on Ubuntu

sudo apt-get install ntp ntpdate

sudo nano /etc/ntp.conf

server myserverdnsname1 or IP
server myserverdnsname2 or IP
server myserverdnsname3 or IP

sudo service ntp start

sudo ntpd -gq

watch ntpq -cpe -cas

Grab you Ubuntu server HERE

Troubleshooting importing OVF Template into VMware ESXi Error while importing OVA files, Unsupported hardware family, Unsupported devices

This post shows how to adapt a VMWARE OVA exported from Virtual BOX for a Virtual Machine, compatible with ESXi.

When you try to open an OVA with the VMware format on an ESXi you get the following error:

 “The OVF package requires unsupported hardware
Details: Line 25: Unsupported hardware family ‘virtualbox2.2’.”
Details: Line 25: Unsupported hardware family ‘_unsupported_version’.”

vmware1

Uncompresse OVA Archive :

First off all uncompress the OVA archive (with a zip extractor like 7-ZIP)

You will get a directory with 3 files on it like this :

VMFile.mf
VMFile.ovf
VMFile.vmdk

Modify the OVF file :

Open the *.ovf file (with Notepad+)

Change the following line :

 <vssd:VirtualSystemType>_unsupported_version</vssd:VirtualSystemType>

By this one :

 <vssd:VirtualSystemType>vmx-07</vssd:VirtualSystemType>

Modify the *.mf file and calculate the SHA1 hash of the modified OVF file:

Open the *.mf file which contains the SHA1 hash of *.ovf file. So you need to replace the value specified by the new SHA1 hash of .ovf file.

SHA1(VMFile.ovf)= 48432f9cb8b0bfa97098006abb390805449303be
SHA1(VMFile.vmdk)= ffa3500bc379a2e040badce315d6b3b06876d5a9

To calculate this hash you can use a tool like FCIV from microsoft. You can download it there : http://support.microsoft.com/kb/841290

>D:\FCIV\fciv.exe -sha1 "VMFile.ovf"
//
// File Checksum Integrity Verifier version 2.05.
//
da39a3ee5e6b4b0d3255bfef95601890afd80709 VMFile.ovf

So, put the new hash in the *.mf file and save it

SHA1(VMFile.ovf)= da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA1(VMFile.vmdk)= ffa3500bc379a2e040badce315d6b3b06876d5a9

Maybe you may encounter other errors while importing the OVF template like:

Line XX: OVF hardware element ‘ResourceType’ with instance ID ‘5’: No support for the virtual hardware device type ’20’

This is a problem of SATA controller, change settings in ovf like this:

From this

<Item>
<rasd:Address>0</rasd:Address>
<rasd:Caption>sataController0</rasd:Caption>
<rasd:Description>SATA Controller</rasd:Description>
<rasd:ElementName>sataController0</rasd:ElementName>
<rasd:InstanceID>5</rasd:InstanceID>
<rasd:ResourceSubType>AHCI</rasd:ResourceSubType>
<rasd:ResourceType>20</rasd:ResourceType>
</Item>

With this
<Item>
<rasd:Address>0</rasd:Address>
<rasd:Caption>SCSIController</rasd:Caption>
<rasd:Description>SCSI Controller</rasd:Description>
<rasd:ElementName>SCSIController</rasd:ElementName>
<rasd:InstanceID>5</rasd:InstanceID>
<rasd:ResourceSubType>lsilogic</rasd:ResourceSubType>
<rasd:ResourceType>6</rasd:ResourceType>
</Item>

Other problems could happen if in the <Item> is listed an audio card, you should delete whole line starting from

<Item>
sound-card-settings
</Item>

Then save again OVF file.

Remember that every time you save the ovf file, and you what to try to import into ESXi, you must generate the hash, replace the hash in the .mf file, follow the steps above.

Deploy the new OVF :

Now, you can deploy directly the new OVF file on ESXi.
On VSPHERE select :

File > Deploy OVF Template
Select your OVF file :

The following WARNINGS are raised but you can move forward.

vmware2

So now you can deploy and start your VM.

Related Article: VIRTUALBOX OVA TO VSPHERE OVF | Uncompress a VMWARE OVA and modify its VM version | File Checksum Integrity Verifier

Error message when you add a user to a local computer Message error adding a user: "Not enough storage is available to complete this operation"

Symptoms

When you use a Microsoft Windows Server domain controller to join a Microsoft Windows based client computer to a domain, you may receive an error message that resembles the following on the client computer:

The following error occurred attempting to join the domain “domain_name.com”: Not enough storage is available to complete this operation.

Additionally, the following Warning message may be logged in the System log on the client computer.

Cause

This problem occurs because the Kerberos token that is generated during authentication is more than the fixed maximum size. In the original release version of Microsoft Windows 2000, the default value of the MaxTokenSize registry entry was 8,000 bytes. In Windows 2000 with Service Pack 2 (SP2) and in later versions of Windows, the default value of the MaxTokenSize registry entry is 12,000 bytes.

For example, if a user is a member of a group either directly or by membership in another group, the security ID (SID) for that group is added to the user’s token. For a SID to be added to the user’s token, the SID information must be communicated by using the Kerberos token. If the required SID information exceeds the size of the token, authentication is unsuccessful.

Resolution

To resolve this problem, increase the Kerberos token size. To do this, follow these steps on the client computer that logs the Kerberos event.

  1. Click Start, click Run, type regedit, and then click OK.
  2. Locate and then click the following registry subkey:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Parameters

    Note If the Parameters key is not present, create the key. To do this, follow these steps:

    a) Locate and then click the following registry subkey:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos

    b) On the Edit menu, point to New, and then click Key.

    c) Type Parameters, and then press ENTER.

  3. On the Edit menu, point to New, and then click DWORD Value.
  4. Type MaxTokenSize, and then press ENTER.
  5. On the Edit menu, click Modify.
  6. In the Base area, click Decimal, type 65535 in the Value data box, and then click OK.
  7. Exit Registry Editor.
  8. Restart the computer.

Related Article: Article ID 935744

How to Install and Configure Linux NTP Server and Client NTP is a protocol that allows computers to synchronize time over networks for an accurate time

Install ntp

The ntp package contains utilities and daemons that will synchronize your computer’s time to Coordinated Universal Time (UTC) via the NTP protocol and NTP servers. The ntp packageincludes ntpdate (a program for retrieving the date and time from remote machines via a network) and ntpd (a daemon which continuously adjusts system time). Install the ntp package:

# yum install ntp

How do I configure an NTP Client?

Simply open /etc/ntp.conf file, enter:

# vi /etc/ntp.conf

Make sure the following line exists:

server ntp.server.com

Configure an NTP Server

If you have lots of server and desktop system, configure your own NTP server. Your NTP server contacts a central NTP server,provided by your ISP or a public time
server located at ntp.org, to obtain accurate time data. The server then allows other machines on your network to request the time data. Our sample setup:

192.168.1.5 ==> CentOS / Fedora / RHEL NTPD Server.
202.54.1.5 ==> ISP remote NTP server.
192.168.1.0/24 ==> NTP clients including desktop systems.

First, install and enable ntpd on 192.168.1.5:

# yum install ntp
# chkconfig ntpd on

Now open /etc/ntp.conf:

# vi /etc/ntp.conf

Make sure the following line exits:

restrict default ignore

Above will deny all access to any machine, server or client. However, you need to specifically authorized policy settings. Set it as follows:

restrict 202.54.1.5 mask 255.255.255.245 nomodify notrap noquery
server 202.54.1.5

Replace 202.54.1.5 and mask with actual remote ISP or ntp.org NTP server IP. Save and close the file.

Configure NTP clients to access your NTP Server

Now, you need to allow legitimate NTP clients to access the Server. For example, allow 192.168.1.0/24 network to synchronize to this server located at 192.168.1.5. Open /etc/ntp.conf and add policy as follows:

# Hosts on local network are less restricted.
restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap

Update your firewall settings, open /etc/sysconfig/iptables.

# vi /etc/sysconfig/iptables

Add the following line, before the final LOG and DROP lines for the RH-Firewall-1-INPUT chain:

-A RH-Firewall-1-INPUT -s 192.168.1.0/24 -m state --state NEW -p udp --dport 123 -j ACCEPT

Save and close the file. Finally, start ntpd:

# service ntpd start
# service iptables restart
# netstat -tulpn

Usefull Command for check NTP

1) Check if the date (year, month, day, hour, minute, second) is allign

# date

2) List active peers server

# ntpq -nc peers

3) edit ntp.conf

# vi /etc/ntp.conf

4) restart NTPd Deamon

# /etc/init.d/ntpd restart

5) Force update

# ntpdate -u ntp.server.com (ir IP)