Error “Idm client exception: Error trying to join AD, error code [11]” when joining a VCSA to AD domain

This is not clear in the documentation, but if you receive the following error when adding your device to an Active Directory:

Error “Idm client exception: Error trying to join AD, error code [11]” when joining a VCSA to AD domain

 The root cause of this is because of incorrectly formatted entries in the details form.

When adding a vCenter appliance to an Active Directory domain, remember this the vCenter Appliance is not a Windows device but a PhotonOS device and as such you should use the following:

  • The fully qualified domain name not the NETBios name for the domain field.
  • The LDAP format for Organisation units not the Active Directory format
  • The Qualified Username not the Windows format

See below for an example:



Notes on securing Meltdown and Spectre

Now that the dust is slightly starting to settle It became clear to me that there’s an enormous amount of information and confusion out there. I have read a lot of websites in order to get a clear picture and being able to get all of my hosts and Virtual Machines patched. While not completely done yet, here’s my collection of links and some answers on questions that I see asked often. This is a live document and will be updated with notes relevant for patching. Last update 2018/01/29 Continue reading “Notes on securing Meltdown and Spectre”

Monitor storage for a Dell PERC H710 Mini on vSphere 6.5

So I managed to get myself some DELL R320 servers for the lab. Great servers, love that R3x0 series, they fit my needs perfectly. In previous R3xx series and vSphere versions using the “thick” vSphere client you could just monitor the storage (PERC H710 mini) and other hardware so that you could easily find out if your server needs maintenance.

Continue reading “Monitor storage for a Dell PERC H710 Mini on vSphere 6.5”

VSAN is Great, but their Licensing Sucks

On April 1st I tweeted that

And I still stand by this remark. Building and configuring a New VSAN is simple, even if you have to spend most of the morning in 4 machines LSI Bios configuring several single disk RAID0 groups and associated vDisks and then manually marking your SSD as such in ESXCLI. Continue reading “VSAN is Great, but their Licensing Sucks”

Remember Remember, Edit your Host Profile before applying.

Well today I remembered something, well to be truthful, I remembered it five minutes after moving my new hosts into maintenance mode, applying my newly created host profile from my reference host, filling in the network details for all the port groups and VMkernel groups and clicking finish.

So what exactly did I remember? Well I remembered that before you apply a reference host profile to a host that is over 6000 miles away (well to be fair, even if it is under your desk or hosted on your desktop), always remember to remove the policy that relates to your primary management console. Why? I hear you ask.

rug Continue reading “Remember Remember, Edit your Host Profile before applying.”

End of General Support for vSphere 4.x

The 21st of May 2014 was a big day in the life of vSphere 4.x as it marked the official beginning of the end.  The product and its associated pieces are no longer under general support. this means that security fixes only from now on. Therefore if you have not started your upgrade plan now is the time to do so.  You need to be looking at moving up your version.

Other products that are added to this are Lab manager 4.x, vCenter 4.x, vCenter Update manager 4.x,

The document below shows the current status of VMware products:

Lets revisit vRAM

I was on a customer site today and was discussing the new HP Proliant 960 G7 server, when the conversation veered towards ESXi and vRAM licensing.  it quickly became apparent that my client was labouring under a misinterpretation, so I had to explain how vRAM worked.  I had thought that these issues had gone and everybody understood vRAM and the FUD that other vendors out about during the VMware vSphere 5.0 launch had been put to bed but it appears not.  so with you further ado here is a brief overview of vRAM and its features per vSphere edition.

 With the release of vSphere 5.0 VMware changed the licensing model from processor based with a Core count limitation to a processor based and vRAM limitation. so what exactly is vRAM? vRAM is a set about of physical ram that is licensed per processor this number varies from edition to edition, see the table below for full details of what vRAM count is defined per differing edition.

vSphere Edition

vRAM Entitlement

vSphere Enterprise+ 96 GB
vSphere Enterprise 64 GB
vSphere Standard 32 GB
vSphere Essentials+ 32 GB
vSphere Essentials 32 GB
Free vSphere Hypervisor 32 GB (1)
vSphere Desktop Unlimited

(1) relates to maximum memory allowed in physical host server and is not processor bound,  i.e. 1pCPU 32GB Memory 2pCPU still 32GB Memory.

What this means with the exception of the Free vSphere Hypervisor is that each pCPU has an amount of free vRAM entitlement.  now remember when this was released the majority of Hosts were running between 32 and 64 GB of RAM and environments were starting to move to 128 and 256 GB of RAM.

Also the vast majority of vSphere licenses out in the wild are (from my experience) Enterprise Plus.

so lets to a little bit of maths.

Edition Number of CPU Total vRAM per Edition
Enterprise+ 1 96GB
Enterprise+ 2 192GB
Enterprise+ 4 384GB
Enterprise+ 8 768GB
Enterprise 1 64GB
Enterprise 2 128GB
Enterprise 4 256GB
Enterprise 8 512GB
Standard 1 32GB
Standard 2 64GB
Standard 4 128GB
Standard 8 256GB
Essentials & Essentials+ 1 32GB (1)
Essentials & Essentials+ 2 64GB (1)
Essentials & Essentials+ 4 128GB (1)

Essentials & Essentials+

8 192GB (1)
Free VMware Hypervisor 1 32GB
Free VMware Hypervisor 2 32GB
Free VMware Hypervisor 4 32GB
Free VMware Hypervisor 8 32GB

(1) There is a Soft cap of 192GB of vRAM entitlement for the Essentials and Essentials + editions,  now this can be bypassed but you will be in breach of your EULA for the edition and there is nothing to say that VMware will not patch the Soft limit to a Hard Limit and then you will be in a position where you cannot start VM’s.  So basically don’t do it

So at the time of the license change (yes I am malarky when it was first introduced) the numbers were more than adequate for the size of the Hosts that were coming into service and for those that were 1-1/1/2 yrs ahead in the pipeline.

All that sounds pretty nifty but remember that VMware introduced the MONSTER vm with vSphere 5 this is a 32 virtual CPUs and one terabyte of virtual RAM beast of a Guest.

so if I created 32vCPU 1024GB beast of a machine that would cost me 10.6 licenses of Enterprise Plus in vRAM alone,  well no.

VMware also capped the amount of vRAM per VM to 96GB

The following table from the Rethink IT explains it all.

Customer feedback Changes to the vSphere 5 licensing model Impact
 1. Affects only a small percentage of customers today, but customers are concerned about their future-looking business cases based on new powerful hardware capabilities Substantially raise the vRAM entitlements per vSphere edition from 48/32/24/24/24 GB to 96/64/32/32/32 GB With these increased vRAM entitlements, hardly any customer will be impacted by higher licensing costs upon upgrading to vSphere 5
2.  Introduces additional hesitation for virtualizing business critical apps Cap the amount of vRAM counted per VM at 96GB[i] No application, doesn’t matter how big, will require more than one vSphere (Ent+) license to be virtualized
3.  Penalizes short lived usage “spikes” in dev & test, and transient VMs Calculate a 12 month average of consumed vRAM rather than a high water mark Short lived “spikes” will increase the 12 month average a little but a customer will not be required to pay for them in perpetuity

Now all this was well and good when Host machines were containing a maximum of 256GB of RAM but HP now has the Proliant 980 that can contain a maximum of 4TB of RAM perhaps it is time for VMware to revisit the vRAM maximums again. So this is a great box if you want to run Monster VM’s but from a licensing perspective, a nightmare for most normal workloads of say 4 to 8 GB of assigned memory.  

Now I know that very few if any will use these beasts as Virtualisation host. but remember what is top of the range today, eventually becomes entry level. and Hosts with 512GB of Physical Ram are starting to get common place.  

Food for thought.

It is all a question about which path to take.

Planning storage is a simple thing,  you go to your Storage Admin’s and say, I need x amount of LUNs of this size please for my ESX servers and they NO, we only do xGB size LUN’s, or they breath thought their teeth like a motor mechanic or plumber and say, Storage doesn’t grow on trees you know, we don’t have much left, are you sure you really need all that space, etc.

But I digress. 🙂

Continue reading “It is all a question about which path to take.”

Possible bug in SRM installer

I have been playing in my lab with SRM, and forgot to create my DSN connection to the SRM database,  no worries I thought, the installation routine allows you to create on during the install.

Well that is only half the story.

Yes you can create your connection. but the install routine does not refresh itself and the only way you can actually get to select the new DSN is to quit the installation and start again.

A right royal pain in the backside, but the moral of the story is to create your DSN’s and Databases before you start to install SRM.

How-to run XenServer on top of vSphere

As most of the readers here know, vSphere is so powerful it is able to virtualise itself. What is even more amazing is that it is able to virtualise the competition. Yes that’s right, you can run XenServer on top of vSphere including running some nested guests, without any problems.  Below I’ll walk you through the basic setup for doing this. Continue reading “How-to run XenServer on top of vSphere”