Sunday, March 15, 2015

vSphere-land : vSphere 6.0 Link-O-Rama

vSphere-land : vSphere 6.0 Link-O-Rama ........ A complete guide to all the essential vSphere 6.0 links from all over the VMware universe. 

vSphere 6.0 Lockdown Modes

Today when I was checking VMware blogs, I found this interesting blog thought to make note of it....

Lockdown Modes
In 5.1 only the “root” user could log into the DCUI. In 5.5 you could add users to the “DCUI.Access” list in the Host Advanced Settings. They did not need full administrative privileges. But they could bypass lockdown mode and access the DCUI. Starting with vSphere 6.0, you can select either Normal lockdown mode or Strict lockdown mode, depending on your security requirements. 

With vSphere 6 VMware is introducing a couple of new concepts about Lockdown modes, Now there are three lockdown modes...
  • Normal Lockdown Mode
  • Strict Lockdown Mode
  • Exception Users
Normal Lockdown Mode
In normal lockdown mode the DCUI service is not stopped. If the connection to the vCenter Server system is lost and access through the vSphere Web Client is no longer available, privileged accounts can log in to the ESXi host’s Direct Console Interface and exit lockdown mode. Only the following accounts can access the Direct Console User Interface:
  • Accounts in the Exception User list for lockdown mode who have administrative privileges on the host. The Exception Users list is meant for service accounts that perform very specific tasks. Adding ESXi administrators to this list defeats the purpose of lockdown mode.
  • Users defined in the DCUI.Access advanced option for the host. This option is for emergency access to the Direct Console Interface in case the connection to vCenter Server is lost. These users do not require administrative privileges on the host.
Strict Lockdown Mode
In strict lockdown mode, which is new in vSphere 6.0, the DCUI service is stopped. If the connection to vCenter Server is lost and thevSphere Web Client is no longer available, the ESXi host becomes unavailable unless the ESXi Shell and SSH services are enabled and Exception Users are defined. If you cannot restore the connection to the vCenter Server system, you have to reinstall the host.

Exception Users
These are local accounts or Microsoft Active Directory accounts with permissions defined locally on the host where these users have host access. You can define those exception locally on the host, but it’s not recommended for normal user accounts, but rather for service accounts. You should set permissions on these accounts to strict minimum and anly what’s required for the application to do its task and with an account that needs only read-only permissions to the ESXi host.
This is basically the same principle of local server accounts on Windows member server, where you can create local accounts, but as a best practice to give them only the permissions they need…

Read the original full blog posts on VMware blogs: 

Restricting Access to the ESXi Host Console – Revisiting Lockdown Mode

Download a VMware Product Suite using VMware Software Manager with a single click

If you are looking for an easy and simple way to download all VMware products (of a product suite) with a single click, VMware Software Manager is a free product that dramatically simplifies the download of VMware suites and products. 

What VMware Software Manager download service does does: 
  • Easy to use: Provides an easy to use interface to find, select & download the content needed to install or upgrade a VMware suite with the push of a button
  • New Release Detection : Automatically detects the release of new VMware suites, products and versions 
  • File Integrity Check: Verifies the suite was downloaded without corruption

 Once you select the Product suite,

Currently these product suites are available for download:
  • VMware vSphere 6.0, 5.5 and 5.1
  • VMware vCloud Suite 6.0, 5.8 and 5.5
  • VMware vSphere with Operations Management 6.0 and 5.5
Additional suites and suite versions will be released in the future and will dynamically show up in Download Service.
VMware Software Manager download link: 
You may Check the product release notes for detailed info here:

That's all.... :)

Tuesday, March 10, 2015

VCP re-certification deadline pushed out until May 8, 2015

This is a good news for guys who still didn't re-certify, VMware extended the re-certification grace period until May 8, 2015. 

VMware allowing the ones who have already re-certified (within the current deadline between March 10, 2014 - March 10, 2015), to upgrade their certification to VCP6 (via a VCP6 migration exam) for 65% off but to take advantage of this offer one must take the exam by August 31, 2015. 

In Conjunction with the short extension VMware also extending the availability of VCP5-DCV Delta re-certification exam until May 8 for those who want to re-certify using this exam.

For more info check out this original VMware blog post here: Short Extension For VCP Recertification Deadline (and a Reward for Those Who Met the Original Deadline).

That's all.... :)