Generate a memory dump for a frozen VMware, windows virtual machine.

  1. Enable complete memory dump feature by changing following registry keys:

 

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\CrashControl

CrashDumpEnabled    REG_DWORD    0x1

 

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Memory Management

PagingFiles    REG_MULTI_SZ    c:\pagefile.sys 13312 13312

 

  1. Enable keyboard crash dump feature by adding following registry keys:

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\i8042prt\Parameters

Value Name: CrashOnCtrlScroll

Data Type:    REG_DWORD

Value:    1

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\kbdhid\Parameters

Value Name: CrashOnCtrlScroll

Data Type:    REG_DWORD

Value:    1

 

  1. Enable NMI crash dump feature by adding following key:

 

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\CrashControl

Value Name: NMICrashDump

Data Type:  REG_DWORD

Value:   1

 

  1. Restart Server to take effects.

 

  1. Do a memory dump test with below steps:

 

  1. a)       Capture a kernel memory dump in following ways:

o    Send NMI to Guest OS

How to send NMI to Guest OS on ESXi 6.x (2149185)

 

Or

 

o   On VM console, press Right Ctrl + Scroll Lock button 2 times.

 

  1. b)       Machine crashes into blue screen and save a memory dump, restart automatically once dump generation reaches 100%. You should be able to see 12GB C:\Windows\MEMORY.DMP file.

adding VCSA to domain renames the dns suffix to the domain.

The other day, I had a customer having all management applications on a different DNS suffux as that of the domain.

Ie: Domain : ikigo.net
Management host’s: on mgmt.local

on the customer’s setup, the VCSA was deployed with an FQDN VCSA.MGMT.local However, when the appliance was added to domain ikigo.net, the VCSA renames itself to VCSA.ikigo.net

 

Apparently the likewise scripts on VCSA is set to rename the appliance to the domain suffix. This might cause all sort of strange behaviour/PNID mismatches on normal functionality.

 

In order to sort this/set this right, we  wanna invoke the domain join script ignoring  the hostname.

Syntax: /opt/likewise/bin/domainjoin-cli join –disable hostname domain_name domain_user

 

Example: 
root@vcsa [ ~ ]# /opt/likewise/bin/domainjoin-cli join –disable hostname ikigo.net nik
Joining to AD Domain:   ikigo.net
With Computer DNS Name: vcsa.mgmt.local

 

notice that the script acknowledges that it is going to join to join AD with the computer name vcsa.mgmt.local. this is precisely what we want.

Esxi Root password lock out/ Determining source of last failed ssh login on Esxi

Generally.  Should the root account be locked out, SSH and UI/client access to the host fails. In order to work this around

  • Bring up a Console session to the Host and enable Esxi Shell (under troubleshooting options)
  • on the console session, press ALT+F1,
  • log in as  root and password:
  • In order to unlock the root account and determine the last log on failure, type the below:
  • /sbin/pam_tally2 -r -u root

  • The root account should now be unlocked. Review the IP listed there to prevent logon(scripted or 3’rd party monitoring)