Cool Tricks and Tools, Operating Systems, Virtualization

Optimize Windows 7 Guest Operating System Performance for VMware

No Comments

These recommendations include turning off the screen saver and not specifying a sleep timer. Your organization might require the use of screen savers. For example, you might have a GPO-managed security policy that locks a desktop a certain time after the screen saver starts. In this case, use a blank screen saver.

Prerequisites

Prepare a guest operating system for desktop deployment.

First Procedures:

Disable any unused ports, such as COM1, COM2, and LPT.

Adjust display properties.

a
 Choose a basic theme.
b

Set the background to a solid color.
c

Set the screen saver to None.
d
 Verify that hardware acceleration is enabled.

Select a high-performance power option and do not specify a sleep timer.

Disable the Indexing Service component.

Note

Indexing improves searches by cataloging files. Do not disable this feature for users that search often.
Remove or minimize System Restore points.

Turn off system protection on C:\.

Disable any unnecessary services.
Set the sound scheme to No Sounds.

Set visual effects to Adjust for best performance.
Open Windows Media Player and use the default settings.

Turn off automatic computer maintenance.

Adjust performance settings for best performance.

Delete any hidden uninstall folders in C:\Windows, such $NtUninstallKB893756$.

Delete all event logs.
Run Disk Cleanup to remove temporary files, empty the Recycle Bin, and remove system files and other items that are no longer needed.

Run Disk Defragmenter to rearrange fragmented data.

 

Next Procedure

1

Uninstall Tablet PC Components, unless this feature is needed.
2

Disable IPv6, unless it is needed.
3

Use the File System Utility (fsutil) command to disable the setting that keeps track of the last time a file was accessed.

For example: fsutil behavior set disablelastaccess 1
4

Start the Registry Editor (regedit.exe) and change the TimeOutValue REG_DWORD inHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Disk to 0x000000be(190).
5

Shut down the guest operating system and power off the virtual machine.
6

Change the virtual machine video card RAM setting to 128 MB.
7
 Power on the virtual machine.

 

Thank you to:  pubs.vmware.com for this information.

Continue Reading

Security & SSL, Virtualization

Failed to connect to VMware Lookup Service, SSL certificate verification failed

No Comments

I ran in to this error today that which says “Failed to connect to VMware Lookup Service”. Or to be more precise:

Failed to connect to VMware Lookup Service.
SSL certificate verification failed.

I had been playing around in my lab and I am guessing this error was caused by the fact that I changed the hostname of my vCenter Server Appliance after configuring it. When I rebooted the VCVA I bumped in to this issue. Luckily it is very easy to solve:

  1. Go to http://<vcenter ip address or fqdn>:5480
  2. Click “Admin” Tab
  3. Click “Toggle certificate setting” under “Actions”
  4. Restart the vCenter Server Appliance
  5. During the restart the certificates will be regenerated
  6. Click “Admin” Tab and disable the “Toggle certificate setting”

vcvascreen

 

 

 

Special thanks to Yellow Bricks for this blog!

Continue Reading

Command Line Shortcuts, Security & SSL, Virtualization

Creating and importing self-signed SSL certificates for vCD using keytool

No Comments
To create and import self-signed SSL certificates:
  1. Create an untrusted certificate for the HTTP service host with the command:keytool -keystore certificates.ks -storetype JCEKS -storepass passwd -genkey -alias http
  2. Enter the fully qualified domain name of the HTTP service host when prompted for your first name and last name.
  3. Create an untrusted certificate for the console proxy service host with the command:keytool -keystore certificates.ks -storetype JCEKS -storepass passwd -genkey -alias consoleproxy
  4. Verify that all the certificates have been imported, list the contents of the keystore file with the command:keytool -storetype JCEKS -storepass passwd -keystore certificates.ks -list
Notes:
  • By default, certificates are valid only for 3 months. To increase the duration, add the switch -validity number_of_days when creating your certificate.
  • After creating the certificates, you must run the /opt/vmware/vcloud-director/bin/configure script. This script prompts you for the SSL certificates. After you enter the required passwords, the vCloud Director service starts.
Continue Reading

Command Line Shortcuts, Security & SSL, Virtualization

Creating and importing signed SSL certificates for vCloud Director using keytool

No Comments
To create and import signed SSL certificates:
  1. Create the certificate.
    • To create an untrusted certificate for the HTTP service host, run the command:keytool -keystore certificates.ks -storetype JCEKS -storepass passwd –genkey -alias http
    • To create a certificate signing request for the HTTP service, run the command:keytool -keystore certificates.ks -storetype JCEKS -storepass passwd –certreq -alias http -file http.csrNoteThis command creates a certificate signing request in the file http.csr.

       

    • To create an untrusted certificate for the console proxy service host, run the command:keytool -keystore certificates.ks -storetype JCEKS -storepass passwd -genkey -alias consoleproxy
    • To create a certificate signing request for the console proxy service, run the command:keytool -keystore certificates.ks -storetype JCEKS -storepass passwd -certreq –alias consoleproxy -file consoleproxy.csrNote: This command creates a certificate signing request in the file consoleproxy.csr.

       

  2. Send the certificate signing requests to your Certification Authority. You receive the SSL Certificates in an email.
  3. When you receive the signed certificates, import them into the keystore.
    • To import the Certification Authority’s root certificate into the keystore file, run the command:keytool -storetype JCEKS -storepass passwd -keystore certificates.ks -import –alias root -file root.cer
    • To import the Certification Authority’s intermediate certificates into the keystore file, run the command:keytool -storetype JCEKS -storepass passwd -keystore certificates.ks -import –alias intermediate -file intermediate.cer
    • To import the host-specific certificate for the HTTP service, run the command:keytool -storetype JCEKS -storepass passwd -keystore certificates.ks -import –alias http -file http.cer
    • To import the host-specific certificate for the console proxy service, run the command:keytool -storetype JCEKS -storepass passwd -keystore certificates.ks -import –alias consoleproxy -file consoleproxy.cer
  4. Verify that all the certificates have been imported, list the contents of the keystore file with the command:keytool -storetype JCEKS -storepass passwd -keystore certificates.ks -list
Continue Reading