How to update/upgrade VMware vSphere ESXi from zip file

Example on updating and patching VMware ESXi 8.0.2 build xxxx to 8.0.3 build xxx on a Dell PowerEdge server

Typically every 6 months or we reach out to Dell enterprise support (since they are the vendor of the servers we manage and maintain) to make sure servers are up to date with drivers, BIOS and firmware.  We ensure the VMware updates are compatible with the hardware.

Find the appropriate Dell customized zip file from VMware/Broadcom support site and download.

Read the Release Notes.

Download the 8.0.3 build xxxx zip file into your PC.

Connect to the host running ESXi via a browser

Browse the Data Store.

Create a folder to upload the zip file to, and upload it.

Enable SSH to the host from the host itself or through vCenter.

Shutdown all VMs running on host.

Place the host in Maintenance Mode.

SSH to host and login using root.

Type:

CD /

Now suppose the name and location of the uploaded zip file is:

vmfs/volumes/SAN1-Vol01/Updates/VMware-VMvisor-Installer-8.0.0.update03-24022510.x86_64-Dell_Customized-A00.zip

In 8.0.2 and earlier the command to update would look like the following:

esxcli software vib update -d /vmfs/volumes/SAN1-Vol01/Updates/VMware-VMvisor-Installer-8.0.0.update03-24022510.x86_64-Dell_Customized-A00.zip

But when we tried it with 8.0.3 we got the following error:

ESXi version change is not allowed using esxcli software vib commands.  Please use a supported method to upgrade ESXi.   

The command has changed in 8.0.3.  You will need to use the profile included in the zip file instead of using vib in the command.

To find out the name of the profile you would type:

esxcli software sources profile list -d /vmfs/volumes/SAN1-Vol01/Updates/VMware-VMvisor-Installer-8.0.0.update03-24022510.x86_64-Dell_Customized-A00.zip

Suppose the name of the profile listed is:

DEL-ESXi_803.24022510-A00

The you would type the following to update:

esxcli software profile update -p DEL-ESXi_803.24022510-A00 \
–depot=/vmfs/volumes/SAN1-Vol01/Updates/VMware-VMvisor-Installer-8.0.0.update03-24022510.x86_64-Dell_Customized-A00.zip

After it is finished, scroll up and make sure it says that the update was successful and you need to reboot.

Reboot and once fully up, take out the host of Maintenance Mode and start the VMs.  Stop SSH for security reasons.

This is what we had to do in our last vmware update. 

Consult VMware and Dell support on your update

 

Office / Outlook 365 Authentication Couldn’t Be Completed, Blank page

We’ve encountered difficulties with Office 365 functionality on macOS systems.

When attempting to configure Outlook with Office 365, users encountered the following error message after entering their email address:

“Connecting to Office 365

Authentication Couldn’t be Completed

Try Again”

Moreover, even after successful configuration, Outlook failed to receive emails, accompanied by sporadic pop-up windows that quickly closed. Attempts to launch other Office 365 applications such as Word and Excel resulted in blank, white windows.

In our troubleshooting efforts, we undertook several steps:

– Removed and recreated Outlook profiles
– Deleted credentials stored in the Keychain
– Updated the macOS to the latest version

Despite these efforts, the issue persisted. However, when testing the macOS devices outside the office network (e.g., at home or over a hotspot), all Office 365 functionalities worked seamlessly.

Our preliminary conclusion is that the issue stems from the office network environment. We intend to investigate the SonicWall firewall settings and the DHCP server, focusing on potential IPv6-related issues that may be causing the disruption.

This investigation is ongoing, and further updates will follow.

How to White-list a domain/email in Office 365

Login to the Office 365 and go to the antispam section.  Direct link:

https://security.microsoft.com/antispam

Edit the “Anti-spam Inbound Policy (Default)”

Scroll domain and you should find the a section for allowed domains to enter.

Windows 11 Button/Option Missing from Settings Page

 

If your Windows Updates option/button is missing from the Settings page of Windows 11, check the following Reg_SZ (SettingsPageVisibility), if exists delete.  Close and Re-open Settings.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer

SettingsPageVisibility —-> Value —-> REG_SZ hide:windowsupdate

 

Recovery is trying to change system settings. No Administrator Found

I was trying to enable an Extension on a MAC, but the MAC asked to boot to Recovery, go to System Security settings and enable it from there.

The MAC was part of Jamf.  I logged in to it using a username First.Last, then I needed to login to Azure/Office 365, First.Last@Domain.com and password, and when I went to System Setting/Preferences to enable an extension for Egnyte, I got a message that I would need to shut down the computer, which I did, then pressed and held power button, until I got to the recovery screen, and from there I selected Options, provided encryption recovery key for HD (can’t recall the order here), then when I went  the top menu and chose the system security, and attempted to reduce security and enable Kernel extensions… I got a message saying that “Recovery is trying to change system settings. No Administrator Found

Then another message, Biometric accessory is not connected.

The way I circumvented the issue was by shutting it down, turn it on until it got to the login screen, logged in with the user, then when I got to the Office 365 sign on screen, there was an option to Login Locally (we had a local admin user created on the MAC), I logged in with that local user, and shut down the MAC from there, pressed and held the power button like above, and I went through the above process and I was able make that change to recovery screen.

So the key here is to have been logged in as the local admin user not the Azure user when you shut the mac down, and that seemed to fix the issue.

How to search Outlook phrases using AND / OR

How to search Outlook email for phrases using AND / OR

First make sure you can use quotations in Outlook search, so you might need to make a registry change

https://support.microsoft.com/en-us/topic/unexpected-search-results-when-you-use-double-quotation-marks-to-search-items-in-a-mailbox-in-outlook-d1de87c9-2ce6-0ce7-69b6-a6e872ba14c8

If the leading keys don’t exist, please create them

Example of searching Outlook for emails received between 01/01/2019 to 01/01/2023 with phrases, words or email address like

Name@domain.com

-OR-

New Agreement

-OR-

26/23.6

-AND

Design

How where you can type in Outlook search

received:2019/01/01..2023/01/01 (“Name@Domain.com” OR “New agreement” OR “26/23.6”  AND “Design”)

Manage AD from a PC that is not Member of the Domain

If you are remote and want to manage Active Directory from a computer that is not part of the AD domain.

VPN into the office
For Windows 10/11, add “RSAT: Active Directory Domain Services and Lightweight Directory Services Tool” to Windows. This is an Optional Feature in Windows so if you go to Optional Features you should be able to find it and add it.

Go to command line and change directory to C:\windows\system32

Run the following command

runas /netonly /user:User@Domain.Whatever “mmc dsa.msc /domain=Domain.Whatever”

Where user@Domain.Whatever is a domain user with domain admin privileges so if the user is John and the domain is domain.local, that would be John@Domain.local
Domain.Whatever would be Domain.local in the example above.

How to encrypt drive – Bitlocker – Command Prompt/line

 

How to encrypt drive of Windows 10 / 11 with Bitlocker and print encryption key to copy and save for future recovery.  Don’t save on the same C drive.

Run command line as admin

manage-bde -protectors -add C: -rp

 

How to Schedule Tasks from Command Line Windows 10/11

Learn how to automate daily reboots or shutdowns at specific times using the command line or command prompt in Windows 10/11.

Below is an example of scheduling a computer shutdown daily at 6 PM:


schtasks /create /sc daily /tn ShutdownAt6PM /tr "shutdown -s -f -t 2" /st 18:00 /NP

schtasks: Command used to schedule tasks. The deprecated AT command from earlier Windows versions is no longer supported.

/create: Creates a new task.

/sc: Sets the frequency of the task, such as once or daily.

/tn: Specifies the name of the task, serving as its description.

/tr: Defines the command to execute, like “shutdown -s -f -t 2“. Here, -s initiates shutdown, -f forces shutdown, and -t 2 introduces a 2-second delay. Replace -s with -r to reboot instead of shutting down.

/st: Indicates the time to execute the command.

/NP: Ensures the scheduled task runs on Windows computers irrespective of user logins.

By using this command, you can streamline and automate regular shutdowns or reboots for enhanced system management.

How to Extract Private Key and SSL Certificate from a Certificate.pfx file

 

If you have an SSL certificate in pfx format (also called PKCS#12 format) and that usually includes the SSL certificate for your host or domain along with the private key (usually the key is secured with a password), and if you want to extract the certificate file and the private key, here what you can do

Assuming the name of the certificate is MyCertificate.pfx

1- download/Install/extract OpenSSL command line utility into a temp folder.

2- Copy the the MyCertificate.pfx certificate file into that folder.

3- To export the ssl certificate into pem format

openssl  pkcs12  -in  MyCertificate.pfx  -nokeys  -out  MyCertificate.pem

4- To export private key:
openssl  pkcs12  -in MyCertificate.pfx  -nocerts  -out  MyPrivateKey.pem  -nodes

5- To remove the passphrase/password from the private key:
openssl rsa  -in  MyPrivateKey.pem  -out   NewPrivateKey.key

Now you have you have the certificate MyCerificate.pem & the private key NewPrivateKey.key (the names here could be anything – you can name them or rename them to anything descriptive or to whatever your webserver/web application documentation requires).

 

My notes on Halo (unrelated to the above)

Open the “cert” on the servers desktop, backup the current certificate and private key and move them out.  Copy the new cert and private key and match the names to backup files..

Restart Halo services.