Author: Sadaf

VMware vSAN 7.0 Witness Appliance Deployment

Sadaf

As part of vSAN Stretched or 2-Node cluster configuration, a witness appliance should be deployed and configured. This witness appliance will host witness components that are being used in split-brain failure scenarios. The witness component will act as a tie-breaker and help vSAN cluster to satisfy the quorum requirements. The witness server could be installed as a dedicated physical ESXi host or a specialized virtual witness appliance can be used instead. The main reason for having witness as a virtual appliance is it does not require an extra vSphere license to consume and eventually save some cost especially for smaller implementation like ROBO. The other reason behind using a virtual appliance is for multi-cluster environments like VCF stretched cluster implementation. Due to the reason of each vSAN cluster needs its own witness, then you can consolidate all of them on one physical host on a third site.

https://blogs.vmware.com/virtualblocks/files/2016/11/SCDIAG.png
Continue reading “VMware vSAN 7.0 Witness Appliance Deployment”

Deploying & Configuring VMware Identity Manager (vIDM) – Part 2

Sadaf

Following the first blog post about deployment of vIDM, this post will cover how to configure vIDM and implement NSX-T Role Based Access Control (RBAC) with help of vIDM. As you might noticed, in NSX-T 2.5 and earlier release RBAC cannot be enabled without use of vIDM.

When you login to administration page with vIDM’s admin user account, dashboard would be the fist page you will land. Dashboard contains login information and applications which are used by users and analytics.

To start vIDM configuration click on Identity & Access Management. Here you can join vIDM to Active directory domain, add directory to sync with vIDM and define user attributes which get synchronized from directory service to vIDM.

Continue reading “Deploying & Configuring VMware Identity Manager (vIDM) – Part 2”

Cloud Journey with AWS!

Sadaf

Since beginning of 2020, we have started our cloud computing journey by actively practicing and studying Amazon Web Services(AWS) public cloud computing services. We choose AWS because of its tight integration with VMware’s private cloud & SDDC offering and also broad usage & service coverage of AWS intentionally.

https://www.gratasoftware.com/wp-content/uploads/2019/05/https___blogs-images.forbes.com_janakirammsv_files_2018_12_aws-1080x675.jpg

AWS was founded in 2006 to provide IT infrastructure as a service which now commonly known as Cloud Computing. Initially AWS lunched with Simple Storage Service(S3), Elastic Cloud Computing(EC2) and Simple Queue Service(SQS) service offering. Since then AWS has experienced rapid growth in terms of number of customers, service portfolio and also profitability. AWS also maintained its position as the leader in cloud computing market. AWS interestingly surpass its giant parent company, Amazon, in terms of profitability!

In series of blog posts we will cover AWS wide range of services and also AWS architectural principals.

Deploying & Configuring VMware Identity Manager (vIDM) – Part 1

Sadaf

VMware Identity Manager(vIDM), formerly known as VMware Workspace Portal, is VMware Workspace ONE’s identity & authentication component. vIDM aims to mainly achieve two goals increasing security and improve productivity by providing Single Sign-On(SSO). Beyond providing SSO to mobile users in End-User Computing(EUC) and Bring Your Own Device (BYOD) scenarios, vIDM can be used to provide SSO for different VMware products like vRealize suite and NSX. For instance, Configuring Role-Based Access Control (RBAC) in NSX-T Datacenter is only possible through vIDM.

vIDM can be installed on Windows (2008R2, 2012, 2012R2 and 2016) or as an Virtual appliance on Linux (SUSE Linux Enterprise 11). In this post, I am going to describe how to deploy VMware Identity Manager as a virtual appliance and in following post, I’ll describe initial configuration of vIDM.

Continue reading “Deploying & Configuring VMware Identity Manager (vIDM) – Part 1”

NSX-T Password Expiration

Sadaf

NSX-T has a default password expiration policy of 90 days for NSX-T Manager and NSX-T Edges. As soon as this expiration period passes, at the login page of NSX-T Manager an error appears complaining that “Your password has expired”. As a result, you are not able to login to NSX-T Manager.

To solve this issue, login to NSX Manager’s virtual appliance through SSH. Enter admin as the username and use current password to login. After login in NSX Manager, you will be asked to change your password because it is expired. This is the way you can reset NSX Manager admin’s password.

Continue reading “NSX-T Password Expiration”