You have migrated your virtual machines to new storage but find that the summary tab of the virtual machines shows two datastores within the vSphere Web Client and vSphere Client. You have checked the datastore and no data resides on the LUN.
Here are a couple of things you want to check,
1) The most obvious is to check whether there are ISO’s mounted to your servers
2) vSwap file. Does a vSwap file exist on the data store? browse the datastore and check if any vSwap files exist. If yes, a VMotion of the Virtual Machine migrates the vswap to the new location. If you’re moving VM’s to new storage, don’t forget to check your vSwap configuration, especially if you originally configured the vSwap location to reside on a different LUN. Ensure the vSwap file location has been reconfigured to point to new storage.
3) Check if any VMWare snapshots exist. If a VMWare snapshot was taken whilst an ISO was attached to the VM, this could be the issue. Remove the snapshot
To check the version of PowerShell you currently have installed, launch PowerShell, run the command below:
Get-Host | Select-Object Version
2) Now that you have the latest version of PowerShell installed, you will need to install the AZ module if not already installed. The command below will allow you to check if you already have the AZ Module installed including the version number.
Get-Module -Name Az -ListAvailable
3) If you already have the AZ module installed, the version will appear. If no version is installed, no results will appear after running the above command. You may find that you have more the one version installed.
To install the latest version, type the command below:
Install-Module -Name Az -AllowClobber
Please note, if you already have older versions of the Az Module installed, you may wish to add -force to the end of the command so that the module installs side by side with your existing versions. Such as:
Install-Module -Name Az -AllowClobber -force
Installing the module will take about a minute. Run the command below again to confirm the module has installed
Get-Module -Name Az -ListAvailable
If you have multiple versions of the AZ Module installed, the latest version will be used by default, unless you specify for an older version to be used.
Please note, the below post is from my personal experience using Zoom, so please configure your Zoom settings as per your own security requirements. I am in no way affiliated to Zoom but I am a keen user of the service.
For those who are not aware of what the Zoom service is, here is a snippet from the Zoom website.
Zoom is the leader in modern enterprise video communications, with an easy, reliable cloud platform for video and audio conferencing, collaboration, chat, and webinars across mobile devices, desktops, telephones, and room systems. Zoom Rooms is the original software-based conference room solution used around the world in board, conference, huddle, and training rooms, as well as executive offices and classrooms. Founded in 2011, Zoom helps businesses and organizations bring their teams together in a frictionless environment to get more done. Zoom is a publicly traded company on Nasdaq (ticker: ZM) and headquartered in San Jose, California.
Zoom has become a really popular platform since the outbreak of Corono Virus due to the company providing the ability for individuals, companies and schools to interact with each other online, whilst staying safe at home during this difficult time.
Zoom offer a number of packages which can be located on their website at zoom.us, including a free package with a 40 minute meeting limit. I have found the service really easy and quick to setup, but want to stress that security needs to be taken into account by users of the service. It’s not just a Zoom responsibility.
As we all know with popularity of a service comes attackers, security flaws are found and patched, and risks for users of the service when security is not taken seriously.
Zoom are responsible for resolving bugs and improving the service by releasing security updates, similar to when Microsoft publish new security windows updates for you to patch your windows desktop/laptop/server, but we as users need to take the responsibility for securing our environments, similar to when we set up a strong password to ensure no one can login to our laptop, we install Antivirus/Malware software to protect our devices from viruses, configure disk encryption, and secure the device when it’s not in use.
Like with any online service, Zoom security also needs to be taken seriously and friends who have also started to use Zoom recently have encouraged me to create a post on my personal experience and how I secure my Zoom meetings. I would like to discuss a number of the options available within Zoom which I use personally to secure my Zoom meetings. I may miss a few points but the aim of this post is to get you thinking about security. If you have an idea to share, please do leave a comment towards the end of this post.
ok, so here goes…
1) Don’t publish your meeting ID and password publicly I have lost count of the number of times I have mentioned this to first time and existing users of Zoom. Have a think before publishing your meeting ID and password to the World without any form of control or registration. It’s like advertising your home address and letting people know that you have left your house key outside under the mat.
If there is no requirement for users to interact with you such as a question and answer session, you could even use the feature to hook up your Zoom meeting to YouTube and advertise your YouTube link to participants. Before setting up a meeting, ask yourself whether you have made every effort to secure your meetings? Do you need to use YouTube Live for this event? As mentioned above, Zoom can be configured to connect to YouTube so your session could be streamed from Zoom to YouTube.
2) Enable waiting room This is a very useful Zoom feature which will allow you to manually admit participants into the meeting as they arrive. You could also move participants to the waiting room once they have been admitted if there was a requirement to do so (Right click the participant and send participant to waiting room). Or you could right click and remove the participant. If you wish to setup a message for those waiting to be admitted you can do so here by clicking ‘Customize the title, logo, and description’. See screenshot below.
3) Enable encryption
4) Disable Webcam and Mic on Entry
It can be embarrassing when your join a meeting not realising that your webcam is enabled, and then panic to locate the disable web cam button 🙂
The below options will ensure that webcam and mic are off upon participant and host entry.
Once you have started the meeting, there is a feature which will allow you prevent participants from unmuting themselves. I find this feature very useful to prevent participants accidentally unmuting themselves and disturbing the meeting.
To prevent participants from unmuting themselves; start the meeting, click participants, click the three dots to the right of ‘Unmute All’. See image below
Disable the option ‘Allow Participants to Unmute themselves’ as show below. If a participant attempts to unmute their mic, they will receive a message to inform them the mic has been disabled. The host can manually enable the mic for each participant when required. If any of the participants wish to ask a question, there is an option for them to click a button which raises a hand against their name to catch the attention of the Host. At this point the host could unmute the individual participant. Participants could also send a message to the host via Zoom’s chat feature.
Some may be thinking if there is a similar option to prevent participants from enabling Web Cam. At the time of writing this post, there was no option to prevent all participants to enable Webcam. I am hoping Zoom will introduce this feature soon, as it’s a great security feature. In the mean time, if you find a troublesome participant who continuously enables his/her webcam, the host can right click and stop the webcam for the individual participant. The participant will not be able to start their web cam again once it’s been disabled by the host unless the host permits. But this feature is only available to the host once the participant has enabled their web cam, and the host has had the opportunity to disable. This is the one feature I feel that Zoom is lacking and hoping they will release soon.
5) Join before host
Personally, I don’t allow participants to join before the host as I prefer to be the first to join the meeting and be in control over who is joining the meeting. Along with the waiting room option we discussed above, I switch off the below option.
6) Enable passwords for meetings Always setup a strong password for your meetings and enable the below option in case you forget to setup a password for future meeting scheduling. If someone was to guess a Meeting ID at random, they would be faced with a password prompt. Use the max 10 password length and include a mix of Numbers and Characters, including both uppercase and lowercase.
You can setup a password when creating your meeting. Here is the option:
7) Change your meeting password
If you have setup a reoccurring meeting you will be setup with the same Meeting ID which is useful, but make a habit of changing the password just incase someone has forwarded the password or even lost that piece of paper where the password was documented. Never document passwords on paper and store securely.
8) Embedded password with meeting ID
It’s easy sending out a link to your particpants which includes the meeting ID and password as a one click link to enter the meeting, but I prefer to disable this option and let the particpants type the password manually. I have not had to enable this feature as even non-tech people have managed to join my sessions with the system being easy to use.
9)Password for Participants coming in via Phone If there is a requirement for any participants to attend the meeting via a dial in number, don’t forget to enable this option so they are prompted to enter using a password. I have never had to use the dial in via phone feature because most join via the internet via laptop/desktop or smart phone using the Zoom Client Meeting app. Please don’t confuse joining via phone as being able to connect via a mobile phone with access to the Internet. This option involves dialing a telephone number to join the meeting. Would come in use for those who don’t have an internet connection but there is an additional cost for this service so please contact Zoom or visit the website.
10) Chat features
Personally, I disable the option to allow participants to send private messages amongst themselves. Including allowing participants to save chat conversation content. I allow for messages to be sent so all on the meeting can view, and participants have the option to send messages directly to the host. A personal choice and depends on your meeting requirements.
If there was a requirement to disable chat for all participants, both private and being able to post a message to everyone within the meeting; start the meeting, click the security shield icon and untick chat.
11) Sharing files
A great feature which allows the host and participants to share files, but I don’t like the idea of sharing files from personal computers and not knowing the state of those personal computers (No Anti Virus, not patched with latest windows updates etc) so I leave this option disabled.
12) Add Co-Hosts
I love this feature and always enable it. It allows the host to enable trusted/known members as co-hosts. Co-hosts can help with moderating participants waiting to be admitted, send them a message or even remove them. Co-Hosts can not promote further participants to co-hosts, as only the host can do this. If there was a requirement to do so the host can assign the host right to another participant. There can only be one host so the permissions would be transferred and the original host would become a normal participant with no moderator permissions. But the good thing is that Zoom have allowed for the original host to revoke permissions and take the host role back at anytime whilst the meeting is in progress.
13) Screen sharing
A great feature to allow the host or co-host to share their screen or switch on Zoom’s whiteboard. I disable the share screen option for participants and allow for hosts/co-hosts only.
This option allows participants to draw on your shared screen which I disable as there is no requirement for it to be enabled for me personally. But it could be used for fun, or if you were having a brain storming session where all in the meeting were taking part. It’s worth enabling and trying out. The feature can also be disabled from within the meeting if you found that participants were starting to annoy you 🙂
15) Virtual Background
This allows a bit of fun where participants can put up a background of a beach or any other background they wish using a image. We have used this feature and it does put a smile on everyone’s face. Personally, I disable it for participants. When disabled, hosts and co-hosts can still add a background within the meeting by accessing video settings.
16) Use the Lock Meeting Room Feature
Zoom offer a lock meeting room option so once your participants have joined the meeting, you could decide to Lock the meeting so no one else can enter.
To lock a meeting; start the meeting, click participants, click the three dots to the right of ‘Unmute All’. See image below
Click the option Lock Meeting
I hope this helps, and please do comment below if you have an idea to share. Thankyou
Microsoft recommend upgrading your server OS to the latest version, but we all know that this is not always possible. Your business may be running third party applications that have not yet been tested or even compatible with later Windows Server Operating Systems.
Always check whether the applications running on your current Operating System are supported, before you decide to upgrade to a higher version OS. It will save you a lot of time and disappointment.
So let’s continue on the basis that you have carried out your checks and the applications currently running on your server to be upgraded supports Server 2019.
First, as you will already be aware, ensure you have a full backup of your server, so in the event the upgrade goes horribly wrong, you have a backup to restore to.
Note: If you have Microsoft Endpoint Protection installed, you will be prompted to remove this app. This app is not compatible with server 2019
Now, that you are all set, you may be thinking, can I upgrade directly from server 2012 or server 2012 R2 to Server 2016? The answer is yes, you can and it’s a supported method. See support matrix from Microsoft below. So whether you decide to upgrade from Server 2012 to 2019 or from 2016 to 2019 a one hop in-place upgrade is support.
Ok, so we now have a full system backup, and we know that third party apps are supported with server 2016/2019.
Before we get started with the upgrade, Microsoft recommend that you collect some information from your device, for diagnostic and troubleshooting purposes. Because this information is intended for use only if your upgrade fails, you must make sure that you store the information somewhere that you can get to it off of your device.
To collect your info
Open a command prompt, go to c:\Windows\system32, and then type systeminfo.exe.
Copy, paste, and store the resulting system information somewhere off of your device.
Type ipconfig /all into the command prompt, and then copy and paste the resulting configuration information into the same location as above.
Open the Registry Editor, go to the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion hive, and then copy and paste the Windows Server BuildLabEx (version) and EditionID (edition) into the same location as above.
Upgrade Server 2012 to 2019
1) Patch your server with the latest windows updates if not already up to date 2) Locate the Windows Server 2019 Setup media, and then selectsetup.exe 3) Select the Windows Server version you wish to upgrade to
4) Accept the licensing terms
5) If you’re running Microsoft Endpoint Protection on your server, setup will prompt for this app to be removed as it isn’t compatible with Windows Server 2019
6) Select Keep personal files and apps, and then select Next
7) After Setup analyses your server, setup will prompt you to proceed with your upgrade by clicking install
8) Wait for the upgrade to complete
9) To ensure the upgrade completed successfully
– Open the Registry Editor, go to the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion hive, and view the ProductName. You should see your edition of Windows Server 2019, for example Windows Server 2019 Standard. Make sure all of your applications are running and that your client connections to the applications are successful.
If you think something might have gone wrong during your upgrade, copy and zip the %SystemRoot%\Panther (usually C:\Windows\Panther) directory and contact Microsoft support.