Blog

Modify XML files with PowerShell (for manipulating AppV)

2013-01-08
/ / /
 

Read More

Windows 8 iSCSI

2012-11-17
/ / /

iSCSI and Windows 8 changes

It appears Windows 8 has removed the CriticalDeviceDatabase key.  Or, it looks like it just moved it to HKLMSystemControlSet001ControlDeviceLocations.  Under the old CDD key there was thousands of listings of hardware ID’s that were useless.  It appears they just eliminated them and then renamed CDD to DeviceLocations.

There you go.

Read More

iSCSI, iPXE, Microsoft iSCSI Software Target, Microsoft DHCP

2012-11-14
/ / /

I was recently struggling to get iSCSI working for myself.  Here were my problems and how I eventually fixed them.

To get iSCSI working the first thing I did was install the Microsoft Software Target 3.3 on a server machine. It’s pretty simple.  Go to iSCSI Targets and create a new target.  Whatever you name it will be on the IQN so I’ve kept it short.  The iSCSI Initators Identifiers is like MAC Address filtering for a DHCP server, if you don’t match you can’t connect to the iSCSI target.  So set the SII to whatever IP, MAC Address or IQN you plan on using.  If you’re like me and wasn’t sure what the IQN will be set to, preferring to have iPXE’s generated one; the Windows event viewer Application log will tell you what the IQN is when it fails to connect.  Look for Event ID 22.

Highlighted is the IQN that tried to connect and failed.  Add it to the SII and you’ll be good to go the next time.

When you are done creating the target you need to create the Virtual Disk (VHD) for the target.  Right-click on the target and go “Create Virtual Disk for iSCSI Target” and follow the prompts until you have your vDisk associated with the target.

We are now done on the server side.  To test the connection I launched iSCSI initiator on the same server and tried to connect to the iSCSI Software Target. It had a “Target Error” as the error message.  To get around this I enabled loopback.


I could now connect to the iSCSI target that resided on the same server and validate the software target was working correctly.

Now to get the client side working.  My goal with this is to PXE boot some client machines with differencing VHD’s off a golden Windows 7 image.  I encountered numerous issues attempting to do this and I’ll share with you my problems and how I solved them.

The first thing I did was configure PXE booting off the Microsoft DHCP server.  I was going to make it launch PXELinux prior to iPXE and may modify my DHCP to do so in the future, but below is a screenshot of my working settings:

I don’t think 043 Vendor Specific Info is required.  I put it in when I was trying to get PXELinux working.  This is a working DHCP config.

When I was trying to get PXELinux working with iPXE I ran into numerous problems.  Before I get too far ahead here, this was my PXELinux default config file:

# These default options can be changed in the geniso script
SAY iPXE ISO boot image
TIMEOUT 30
DEFAULT ipxe.lkrn
LABEL ipxe.lkrn
 KERNEL ipxe.krn
 INITRD ipxe.ipxe

Can you spot the error already?
 
 

#!ipxe
  
  dhcp
  set keep-san 1
  sanhook –drive 0x80 iscsi:192.168.1.2::::iqn.1991-05.com.microsoft:aclgdc01-t1-target
  sanboot –nodescribe –drive 0xe0 http://192.168.1.2/win7/winpe.iso

My ipxe.ipxe script file.  Everything I read said this should work.

PXELinux was booting the iPXE kernel, The iSCSI target wasn’t detected natively by the Windows 7/2008 DVD’s (which everything I read said that it should be).  To correct this I made a modified WinPE with the iSCSI Initiator builtin.  When I booted up that WinPE I could start the MSISCSI service and connect to the target.  I thought things looked good and I could format the target and make folders/files on it.  I could even bootsect it.  I then mapped a network drive to the Windows installer files (which iPXE recommends) then ran setup.exe.  I got to the part where I could choose the hard disk but Windows wouldn’t let me install on it giving me an error message.

“Windows cannot be installed to Disk <#> Partition <#>. (Show details)” -> “Windows cannot be installed to this disk. iSCSI deployment is disabled since no NICs referenced in the iBFT can be resolved to actual NT-visible devices. Windows cannot be installed to this disk. This computer’s hardware may not support booting to this disk.

Alright, at least I was making progress.  From here I had to find out what a iBFT was and why can’t Windows resolve it when I’m staring straight at the hard disk.  The importance of it is found here.

“When the pre-boot loader starts, it loads a real-mode network stack driver. The loader contains an iSCSI initiator which logs on to the iSCSI target and mount the boot disk to the system. Another function of the loader is to populate the iSCSI Boot Firmware Table (iBFT), which is required for iSCSI boot. The Boot Parameter driver in Windows will load the parameters from the iBFT, and the Microsoft iSCSI Software Initiator will be able to connect to the iSCSI target using the parameters set in the iBFT. The importance of the iBFT is to be able to share the parameters between the iSCSI boot initiator (which establishes the session in the preboot phase) and the Microsoft iSCSI initiator (which establish the session after Windows boots).”

So my iPXE isn’t storing it’s values in the iBFT.  This seemed weird to me because I could see it preserving the connection when I booted.  Everything I read said the “set keep-san 1” is the magic to storing the iPXE values in the iBFT.

Isn’t that what Registered SAN Device 0x80 means?  That it’s registered in the iBFT? 

So it appeared to be working and I thought maybe it’s Hyper-V.  I read other people using Hyper-V were able to get this to work, but I’m stumped.  It won’t work for me.  So I tried VMWare Player.  I had the same issue there.  No NICs referenced in the iBFT even though I could use the MS Initiator to connect to the target.

At this point I was getting pretty frustrated.  For all intent and purposes this should work.  So I went back to ipxe.org and read their Windows Deployment Service guide and setup WDS and made a WDS wim thinking maybe it had some magic touch; even though I had read that the standard install media should work.

Well, the WDS image didn’t work either.  At this point I went back to ipxe.org and followed their PXE Chainloading guide exactly.  Well, mostly exactly.  I didn’t want to make a reservation so I applied the setting across the entire DHCP by entering everything in Server Options (see the first screenshot of this post).

Like magic, as soon as I changed the kernel from iPXE.KRN to undionly.kpxe it showed me something different on the Hyper-V console:

This *feels* more promising.

Like Magic the undionly.kpxe kernel spewed forth more information than the iPXE.KRN.  I now had a problem where I wanted to boot from the local CDROM and not from the SAN Device, but *after* it became registered.  This is my http://192.168.1.2/win7/ipxe.ipxe script:

#!ipxe


#  set skip-san-boot 1
set keep-san 1

If I uncomment skip-san-boot then it will boot from the local CD-ROM.  You’ll need to recomment it if you want it to boot from the SAN.  Magically, the Windows 7 install DVD picked up the SAN device during the install, no hacked WinPE required.

And that’s it.  Booting from the UNDIONLY.KPXE works where iPXE.KRN does not.

And that will get you a iSCSI booting disk.  I suspect I can change PXELinux to boot the UNDIONLY.KPXE.  I prefer to use PXELinux because if I want to burn a bootable CD/DVD or USB stick I can just transfer my entire PXELinux folder structure over for SYSLinux or ISOLinux as a boot loader.

Next I’m going to try differencing disks.  The goal for this little project is to see if I can setup a render farm by iSCSI booting computers and have them join automatically.  This way if you need more power added to your farm you can just add any hardware, boot it up via PXE and it will launch into an environment where everything is pre-configured and ready to go.

UPDATE

I’ve been able to get pxelinux to boot iPXE.KRN.  The trick is the ipxe launch file needs the net0 to have the keep-san set.  Setting it globally didn’t appear to make it set in net0 (which, I assume, becomes stored in the iBFT)

This is my ipxe.ipxe that works with iPXE.KRN after been chainloaded by pxelinux.0:

#!ipxe
dhcp
sanhook ${root-path}
set net0/skip-san-boot 1
set net0/keep-san 1
prompt –key 0x02 –timeout 4000 Press Ctrl-B for the iPXE command line… && shell ||
exit

I set the skip-san-boot so I could boot from a regular Windows CD.  You’ll want to remove that line to actually boot from the SAN.

Keep in mind there is a gateway issue with MS’s iSCSI implementation.  It will add a static route to the SAN  IP so you will either need to clear the gateway via the iPXE script or have the software target on the same location as your router (or have your router route local LAN traffic).


Read More

Loopback iSCSI targets (aka, Target Error on iSCSI Initiator)

2012-11-11
/ / /

Enable the following registry key:

http://blogs.technet.com/b/csstwplatform/archive/2012/02/09/windows-svr-2008-r2-iscsi-initiator-getting-quot-target-error-quot-message-when-attempting-to-connect-to-iscsi-target-on-localhost.aspx

 

Read More

Creating a batch file that accepts parameters

2012-10-24
/ / /

We are App-V’ing a bunch of our applications and one of the applications requires a different .ini file depending if it’s test, production or training.  To get around creating 3 different packages with just a single file, I’ve written a pre-launch batch file that will auto-create the .ini depending on the parameters passed to it.

:===========================================================================================
:         Paris Pre-launch script for App-V
:         By Trentent Tye
:         2012-10-24
:
:
:         This command file will take numerous parameters for launching the specific type
:         of Paris application.  It will autogenerate an INI file that Paris uses on
:         launch to self configure.  If no parameter is passed, it’s assumed to be
:         commented out in the INI file.
:         This file should be launched like so:
:         paris.cmd PARA request=0 hostname=nice servergroup=development_3861
:
:         it will automatically find the variable without an equal sign and assume
:         that it is the alias.  Everything else gets matched up to the [Host]
:         section of the .ini




:1) Pull string off the command line
:2) filter out ” and ‘
:3) break each set out by spaces
:4) save to temp file
:5) iterate through temp file (for) and create variables.

@ECHO OFF

ECHO Launching Paris
SET PARAMS=%*

:NOTE: We are replacing quotations with whitespace characters!  Ensure there is no
:whitespace in the parameters, but whitespace *between* parameters.

call set PARAMS=%%PARAMS:”= %%
call set PARAMS=%%PARAMS:’= %%

ECHO %PARAMS%

:Break each set of parameters into it’s own set seperated by the equals sign.
:If there is no parameter stored we “breakout”
for /f “tokens=1-26 delims= ” %%A IN (“%PARAMS%”) DO (
IF ‘%%A’ EQU ” GOTO BREAKOUT
ECHO %%A > “%TEMP%variables.txt”
IF ‘%%B’ EQU ” GOTO BREAKOUT
ECHO %%B >> “%TEMP%variables.txt”
IF ‘%%C’ EQU ” GOTO BREAKOUT
ECHO %%C >> “%TEMP%variables.txt”
IF ‘%%D’ EQU ” GOTO BREAKOUT
ECHO %%D >> “%TEMP%variables.txt”
IF ‘%%E’ EQU ” GOTO BREAKOUT
ECHO %%E >> “%TEMP%variables.txt”
IF ‘%%F’ EQU ” GOTO BREAKOUT
ECHO %%F >> “%TEMP%variables.txt”
IF ‘%%G’ EQU ” GOTO BREAKOUT
ECHO %%G >> “%TEMP%variables.txt”
IF ‘%%H’ EQU ” GOTO BREAKOUT
ECHO %%H >> “%TEMP%variables.txt”
IF ‘%%I’ EQU ” GOTO BREAKOUT
ECHO %%I >> “%TEMP%variables.txt”
IF ‘%%J’ EQU ” GOTO BREAKOUT
ECHO %%J >> “%TEMP%variables.txt”
IF ‘%%K’ EQU ” GOTO BREAKOUT
ECHO %%K >> “%TEMP%variables.txt”
IF ‘%%L’ EQU ” GOTO BREAKOUT
ECHO %%L >> “%TEMP%variables.txt”
)
:BREAKOUT


:Now we iterate through the temp file and auto-create the Paris.ini
for /f “tokens=1-2 delims==” %%A IN (‘TYPE “%TEMP%variables.txt”‘) DO (
IF /I ‘%%A’ EQU ‘REQUEST’ set REQUEST=%%B
IF /I ‘%%A’ EQU ‘OBJECTNAME’ set OBJECTNAME=%%B
IF /I ‘%%A’ EQU ‘HOSTNAME’ set HOSTNAME=%%B
IF /I ‘%%A’ EQU ‘REQUESTBROKER’ set REQUESTBROKER=%%B
IF /I ‘%%A’ EQU ‘RequestBrokerBackup’ set RequestBrokerBackup=%%B
IF /I ‘%%A’ EQU ‘ServerGroup’ set ServerGroup=%%B
IF /I ‘%%B’ EQU ” set ALIAS=%%A
)

:Now that we have all the parameters for the ini file we can create it.

SET PARISPATH=”%TEMP%paris.ini”

ECHO [PreLogin] >”%PARISPATH%”
ECHO ClientDLL=STAPPClientLogin >>”%PARISPATH%”
ECHO FunctionName=DoLogin >>”%PARISPATH%”
ECHO ServerDLL=STServerLogin >>”%PARISPATH%”
ECHO DataModule=Login >>”%PARISPATH%”
ECHO. >>”%PARISPATH%”
ECHO [PostLogin] >>”%PARISPATH%”
ECHO ServerDLL=STSRVLogin >>”%PARISPATH%”
ECHO DataModule=Login >>”%PARISPATH%”
ECHO. >>”%PARISPATH%”
ECHO [Timer] >>”%PARISPATH%”
ECHO Enabled=0 >>”%PARISPATH%”
ECHO Interval=10000 >>”%PARISPATH%”
ECHO. >>”%PARISPATH%”
ECHO [Host] >>”%PARISPATH%”


if /I “%REQUEST%” EQU “” ECHO #Request=0 >>”%PARISPATH%”
if /I “%REQUEST%” NEQ “” ECHO Request=%REQUEST% >>”%PARISPATH%”

if /I “%OBJECTNAME%” EQU “” ECHO #objectname=I4AppServer >>”%PARISPATH%”
if /I “%OBJECTNAME%” NEQ “” ECHO objectname=%OBJECTNAME% >>”%PARISPATH%”

if /I “%HOSTNAME%” EQU “” ECHO #hostname=AComputerName >>”%PARISPATH%”
if /I “%HOSTNAME%” NEQ “” ECHO hostname=%HOSTNAME% >>”%PARISPATH%”

if /I “%REQUESTBROKER%” EQU “” ECHO #RequestBroker=AComputerName >>”%PARISPATH%”
if /I “%REQUESTBROKER%” NEQ “” ECHO RequestBroker=%REQUESTBROKER% >>”%PARISPATH%”

if /I “%RequestBrokerBackup%” EQU “” ECHO #RequestBrokerBackup=AnotherComputerName >>”%PARISPATH%”
if /I “%RequestBrokerBackup%” NEQ “” ECHO RequestBrokerBackup=%RequestBrokerBackup% >>”%PARISPATH%”

if /I “%ServerGroup%” EQU “” ECHO #ServerGroup=AnotherComputerName >>”%PARISPATH%”
if /I “%ServerGroup%” NEQ “” ECHO ServerGroup=%ServerGroup% >>”%PARISPATH%”


ECHO. >>”%PARISPATH%”
ECHO [Settings] >>”%PARISPATH%”
ECHO MaxLookup=200 >>”%PARISPATH%”
ECHO NotifyInterval=30000 >>”%PARISPATH%”
ECHO #Interval between refresh of InBox screen (1second=1000) >>”%PARISPATH%”
ECHO Helpfile=paris1.chm >>”%PARISPATH%”


:ADD COPY COMMAND
:ADD LAUNCH COMMAND
:copy /y “%PARISPATH%” “B:In4tek_Paris_37_MNTParisbinSTAPPParisShellDCOM.INI”
ECHO “B:In4tek_Paris_37_MNTParisbinSTAPPParisShellDCOM.exe -alias %ALIAS%
type “%PARISPATH%”
Read More

ESXi 5.1 on MacBook 4,1

2012-09-13
/ / /

Well…  I got ESXi 5.0 installed on the MacBook but I was unable to get Mountain Lion to work.  VMWare just came out with ESXi 5.1 which supports Mountain Lion so I attempted to install ESXi 5.1 on a USB key and get it up and running on my MacBook.  5.1 was a little different from 5.0 as the installerhelper.sh appears to operate differently…?  Anyways, what I had to do was slipstream the sky2 driver into the ESXi 5.1 image, boot into “ESXi ‘No Network Adapters Found'” then Fn-Option-F1 into the console.  I then typed the following commands:

vmkload_mod sky2
esxcfg-init -n
vmkload_mod lvmdriver
install

Without the lvmdriver the install would not see the storage (USB or HDD)

I am now installing ESXi 5.1 onto my MacBook.  Hopefully, I’ll be able to run Mountain Lion from it 🙂

Read More

ESXi 5 on older MacBook 4,1

2012-09-04
/ / /

I’m looking to get my MacBook 4,1 under a little more utilization and I thought playing with VMWare’s ESXi-5 on it would be interesting.  As well, I’m hoping that I’ll be able to install a virtualized Mountain Lion in there (unsupported natively on this MacBook).  My first attempt at installing ESXi 5U1 was a miserable disaster.  ESXi won’t let you complete the installation process without a NIC.  This triggered a search to find what NIC was in my MacBook (Marvell Yukon 88E8055 VEN_11AB&DEV_436A) and a requirement to get it working.

I found this thread:
http://www.vm-help.com/forum/viewtopic.php?f=25&t=3558&start=10

It got me started on the path I needed to enable the drivers for my MacBook.  I found that the Marvell driver is already included but it is only enabled for two device ID’s and neither were the same as my macbook’s; but they were from the same family.

http://www.vm-help.com/esx41/sky2_driver.php

I later found that the driver supports my device ID but you need to edit a text file in the VMWare driver files to enable it.  This will not work though, because VMWare signs their files and if there is a mismatch it will error out (unable to boot or corrupt image or some such).  To get around this we need to inject the driver into the ESXi installer.

In order to do this I needed to understand how to make a driver injectable.  It appears whatever you make will overwrite files during the unpacking process when ESXi is booting.  I was able to “sort-of” confirm this by packing up the sky2 driver and including my Device ID in the ESXi driver ID file.  When I packed up the sky2 binary driver in addition to the text files the install would error out.  Since it’s redundant to include the driver as well, I just tried including the driver text file that enables the deviceID.  This file could be located here:

“etcvmwaredriver.map.dsky2.map”

To also make this more complicated I did everything on Windows and had to install UnxUtils and UnxUpdates and some Cygwin tools to do the archiving/unarchiving.

By editing sky2.map I could add my device ID:

regtype=linux,bus=pci,id=11ab:4354 0000:0000,driver=sky2,class=network
regtype=linux,bus=pci,id=11ab:4362 0000:0000,driver=sky2,class=network
regtype=linux,bus=pci,id=11ab:436A 0000:0000,driver=sky2,class=network

I compressed the file into a .tgz (bsdtar  -cvzf sky2.tgz “etc”) and then used ESXi Customizer 2.7 to inject it into a generic ESXi 5.0U1 image.  I then used Linux  Live USB Creator to move the ISO to a USB key that was made bootable.

I could now boot my MacBook4,1 off the USB key.  At least, it worked to a point.  I got to a stage where I was notified that I had no Network Adapters Found.  At this point I dropped into the ESXi console (Fn-Option-F1), logged in to root and ran the following commands:

vmkload_mod sky2
#loads the sky2 driver
lspci -p
#confirms sky2 driver is loaded for 436A DEV ID
esxcfg-init -n
#initializes network for default settings
installerhelper.sh
#preps install command
install

The install command kicked me out to the default console where I was sitting at the “Network Adapters Not Found” screen.  Simply Fn-Option-F1 to return to the console and run through the install prompts.  Choose the same USB key you used earlier (or choose a new one if you prefer) and do the install.  Once it’s complete; restart onto the USB key.  You should go into a full ESXi install but the network (for me anyways) was still no working correctly.  I had to enable the console through the “GUI” of the text screen, drop into the console and run vmkload_mod sky2 and I had network again and was up and running.  Once I can figure out how to automatically run that command I will come back and update this post.  But for now I have ESXi working on a old MacBook and hopefully I’ll be able to install Mountain Lion on this old workstation   🙂

Read More

Enable RemoteApp on Server 2008/Windows 7

2012-07-09
/ / /
We have two Citrix farms, a XenApp 5 farm and a XenApp 6 farm.  XenApp 6 only supports 64bit OS’s.

We have some applications that will not operate on a 64bit OS (Microsoft FRx).  Since we want to decommission our old Citrix XenApp 5 farm because we’re moving to XenApp 6/6.5 we need a solution.  The solution I have come up with is to use Microsoft RemoteApp functionality to publish this application through XenApp 6.  I’ve come across this blog post that details how to do it, but I’m going to summarize the technical changes here:

Step 1
Run regedit (registry editor) and locate the key TsAppAllowList
     a) New KeyApplications.
     b) Under Applications, create New Key1234567 (the key name is not important, we just need any key for next two steps)
     c) In the new key, Create New -> String ValueName. Set value to Notepad
     d) Also in the new key, Create New -> String ValuePath. Set to c:windowssystem32Notepad.exe

Navigate back to the TsAppAllowList branch
     a) Edit fDisableAllowList value, and set to 1


Step 2 – Creating the RDP file to access the RemoteApp
Now the guest operating system has a RemoteApp created we need to use a Remote Desktop Connection to access that application.
1. Run remote desktop connection, setup your desired settings as you would in a normal connection
2. Save the settings to an RDP file.
 
3) Use Notepad to open the RDP file to edit the configuration file,
   a) Modify the setting; remoteapplicationmode:i:0  to  remoteapplicationmode:i:1
   b) Add the setting; remoteapplicationprogram:s:Notepad
   c) Add the setting; disableremoteappcapscheck:i:1
   d) Add the setting; alternate shell:s:rdpinit.exe
   e) Save the RDP file

Final thought
Similar to VirtualBox seamless mode, you will not be able to move the floating guest application window between monitors, unless you save the RDP to use all monitors available.  Either set this option prior to saving the RDP file, or edit the RDP setting multimon:i:1.

Read More

Retrieving Citrix user accounts via PowerShell

2012-06-07
/ / /

Retrieving Citrix user accounts via PowerShell

Here’s a neat little two liner to pull all the AD accounts associated with Citrix applications:

Awesome.

Read More