Virtualization, Cloud, Infrastructure and all that stuff in-between

My ramblings on the stuff that holds it all together

How to find which port a device MAC address is plugged into on a Cisco switch

I have to do this every so-often to reverse engineer the cabling in my lab (which isn’t easily accessible, well.. without some walking and moving things), and by the time I have to do it, I’ve invariably forgotten the command fro the last time and waste time googling the many variants to do so, so – parking it here for reference!

show mac address-table | include

note: MAC needs to be in aaaa.bbbb format (don’t ask me why, you can also search for partial MACs, e.g the last 2 digits)

show mac address-table | include e50d

Will give you an output like..

100 0418.d6ac.e50d DYNAMIC Fa0/44

Troubleshoot IaaS performance problems in Azure

Given in the public cloud you’ve not got much visibility of what’s going on under the hood in your IaaS VMs this is a handy tool from MSFT – instructions and downloads here

Or you can install it from the Azure portal by following these steps (You’ll need the name and key for one of your storage accounts.

If you install it via the portal you don’t have to login to the VM to enable it.

POSH1Liner:Configure all hosts in a cluster

ok, a little more than a 1-liner; but a shell loop that you can use to do *something* to all hosts in a given cluster (in this case the cluster is called L2-C2; 2nd level of virtualization, e.g. not physical which is L1, 2nd cluster if you’re interested in my naming convention)

in this case it’s adding an iSCSI software adapter and pointing it at some targets – pause is optional (assumes you’re already connected to a vCenter via connect-vihost)

# Generic shell
$cluster = get-cluster L2-C2 | get-vmhost
foreach ($hypervisor in $cluster) {

write-host Doing config for $hypervisor
#Do stuff here for each host in the cluster $hypervisor is the hostname variable
Get-VMHostStorage -VMHost $hypervisor | Set-VMHostStorage -SoftwareIScsiEnabled $True
get-vmhost -name $hypervisor | Get-VMHostHba -Type iScsi | Where {$_.Model -eq “iSCSI Software Adapter”}
Get-VMHost -name $hypervisor | Get-VMHostHba -Type iScsi | New-IScsiHbaTarget -Address “”
Get-VMHost -name $hypervisor | Get-VMHostHba -Type iScsi | New-IScsiHbaTarget -Address “”
get-vmhost -name $hypervisor | get-VMhostStorage -refresh -RescanAllHba -RescanVmfs
write-host “————————————————————————————-”
pause #wait for keypress

POSH1Liner: Set NTP server on all hosts attached to a vCenter

Get-VMHost | Add-VMHostNtpServer -ntpserver “”
Get-VMHost | Get-VMHostFirewallException | where {$_.Name -eq “NTP client”} | Set-VMHostFirewallException -Enabled:$true
Get-VMHost | Get-VmHostService | Where-Object {$_.key -eq “ntpd”} | Start-VMHostService
Get-VMhost | Get-VmHostService | Where-Object {$_.key -eq “ntpd”} | Set-VMHostService -policy “automatic”

Original script from this blog post Modified to add -ntpserver parameter and public NTP server name incase you don’t have your own

POSH1Liner:Deploy VM from template

Populate variables

$targetdisk = Get-Datastore -name vd03*
$target = get-vmhost -name

#Deploy VM from template
new-vm -name L2-C2-NXX -Template TPL_vESXI -vmhost $target -Datastore $targetdisk -runasync

#rinse & repeat

Posh1Liner – Add ESX Host to vCenter

#Connect to vCenter server
$vc = connect-viserver -name
Add-VMHost -server $vc -name -location theBORG -user root -Password YourPassword -force -RunAsync

#then add to cluster L2-C1
Move-VMHost -destination L2-C1

#Add a bunch of hosts to vCenter 1 liner
for($i=99; $i -le 102; $i++) {$runline= “L2-C2-N” + $i +”” ; Add-VMHost -server $vc -name $runline -location theBORG -user root -Password VMware1! -force -RunAsync}

#put hosts following a naming pattern into maintenance mode
get-vmhost -name L2-c2* | set-vmhost -state maintenance

#move ESX host called L2-C2-N$i to L2-C2 cluster

for($i=2; $i -le 8; $i++) {$runline= “l2-c2-n” + $i +”” ; move-VMHost $runline -server $vc -destination L2-C2}

Clicking Configure to bind with a Google Android for Work account in Azure InTune doesn’t do anything

I hit this and scratched my head for ages. I was using a Mac (so I’ve not tried this in IE or Edge, where I would expect it to work).

if i hit the configure button under “device enrolment” / “Android for Work enrolment” it does nothing in Chrome or Safari (my 2 normal browsers)

spent ages disabling plugins, Private mode etc. however, weirdly – it worked 1st time in FireFox…

So if you hit the same issue and have found this via Google – try that.

online UI and docs are moving quickly for InTune as it’s absorbed into Azure.


Password sync Warning: no recent synchronization on Office365

If you manage an Office365 tenant like I do for my lab, and are security minded you may decide to change the password of the account you configured AAD Connect to use to talk to your on-prem Active Directory. For example if maybe you were lazy and used the default domain administrator account in your lab…. tut, tut :)) you need to update AAD Connect to reflect the new password otherwise you’ll get “Password sync Warning: no recent synchronization” on your admin page and no password changes will sync to Office365.

*I* thought you did this by running the Azure AD Connect tool and re-entering the password there, refreshing the directory. nope and other error logging is a bit sparse, other than the warning in the o365 tenant admin portal.

Password sync Warning: no recent synchronization on Office365

There are some excellent PowerShell utils for debugging this stuff in this post

in my case I got an error back like the following;

AAD Tenant -
Password hash synchronization cloud configuration is enabled

AD Connector - MyDomain.tld
Password hash synchronization is enabled
No password hash synchronization heartbeat is detected

Directory Partition - MyDomain.tld
Password synchronization agent had a problem to resolve a domain controller in the domain "MyDomain.tld" at: 07/
11/2017 16:38:19 UTC
Please make sure AD Connector account username and password are correct
Only Use Preferred Domain Controllers: False
Checking connectivity to the domain...
Domain "MyDomain.tld" is reachable

Would you like to diagnose single object issues? [y/n]: n

For more help:
+ Please see - or
+ Open a service request through Azure Portal or Office 365 Admin Portal.

Which led me to think maybe AAD Connect was still using the old password.

To actually change the password and configure more details there is another utility outside of the Azure Connect wizard called “Synchronization service” which resides under “Azure AD Connect” on your start menu, run this. select the connectors to MyDomain.tld hit properties/Connect to AD Forest and update the password for the account you use to connect to on-prem AD.

You can also use this utility to configure a preferred domain controller if you don’t want it to follow the normal DC discovery process (useful if you have a segregated environment)

Blogged for when I have to do this again and invariably forget how..

Where there are geeks, there are gadgets – a cautionary vBeers tale

At the London VMUG we’ve held social beers in a pub after the event for over 10 years, in what has become known as vBeers.

In all that time I’m pleased to say that we’ve never had any problems, it’s all been good social fun. As you’d expect most of our attendees come with gadgets. Laptops, tablets, phones, watches etc. and we’ve never had any issues – other than the occasional identical bag or phone picked up by mistake. but quickly resolved.

Unfortunatley at our most recent event we were targetted by an oportunist thief who helped themselves to a selecton of gadgets from the bag pile – directly under the pub CCTV system.

The pub think they have identified the thief on CCTV and will be handing it over to the police.

Hopefully that won’t detract from future events or discourage you from attending some crime is unfortunatley inevitable in a large city like London but please do be careful and don’t make yourself a target. Keep an eye on your bag as you never know who is keeping an eye on your bag for you.

Cohesity at vRetreat

Last month I had the luck to be invited to the vRetreat event put together by Patrick Redknap, this was a day to get some bloggers face to face with some presenters looking at some cool, new tech.

In the interests of disclosure I should point out that there was a Porsche track day, food and a hotel involved. On the day we were very privileged to have 1:1 instruction around the purpose built track at Silverstone race course (you can pay a visit for this yourself There is no directive on what content I have to write or pressure to write something positive. Evidence of this is that it was over a month ago and work commitments have meant I’ve not had chance to write a blog post about the event until now, Patrick was very cool about it.

This delay did, however give me some time to give some serious thought to the info we received during the day, Veeam, Zerto and Cohesity presented on the day. I’ve worked hands-on with Zerto and Veeam before but Cohesity were new to me and it piqued my interest – the delay in writing this blog post meant I thought about some very cool real-world use-cases.

As a side note; Zerto also demonstrated something very cool, they have a ready to use appliance in Azure, I’ve been doing a lot of experimentation with Azure recently and whilst they were explaining some of the finer points I managed to deploy it before the end of the session! Now that’s the real power of the cloud! A little disappointing that the Azure ready to run appliance at the time was a Windows VM with some links, but I understand this has was due to some license constraints and the full appliance will be ready to download from Azure soon.

Anyways, back to Cohesity, who bill themselves as a Hyperconverged platform for secondary storage. I have to say I rolled my eyes a little at the mention of “another” hyperconverved platform, it’s secondary storage – everyone de-dupes etc. Jam in more capacity and shove some data on it to forget about it, or let it rot. We spent a lot of time talking about storage functionality that to be honest is plain storage, But I have to say regardless of how their magic is served up software or hardware offering – the last 5mins were the coolest part; it has a very cool plug-in architecture to allow Java apps to run on the appliance itself, just think about that analytics, search, applications themselves running on the storage itself. Now that is the cool bit, and it’s USP as far as I’m concerned, it’s new and still being developed, but bear with me..

A long time ago I worked for a company that did video on demand solutions, about 10 years ago one of the most interesting (but now defunct) vendors I worked with had scale-out storage solution (think cheap, x86 pizza boxes with very clever software way ahead of its time) that could store large amounts of video content but also transcode it to different formats at the same (or near-realtime) something that is very computationally expensive; storage is boring (sorry, but it is..) but if you can make it do something with the data it holds at the same time then to me, it’s very clever.

Cohesity offers this with its plugin and analytics plug-ins, what if you have a compliance use-case and you need to prove to regulators that all your data doesn’t contain credit-card numbers or other Personally Identifiable Information (PII); scanning large volumes of data with an application can only run a) periodically on a schedule, and b) at the speed of NFS/SMB etc. as data has to be read off the array, scanned, and in some cases written back. in this case the storage can do it efficiently on the array itself using all that spare CPU power.

Plug that together with an API on the Cohesity array or via the plug-in application and you not only have a really powerful scale-out storage device, but you have an application with vast amounts of data adjacent and on-tap (sorry, rubbish NetApp joke).

I like to think I maintain an even, unbiased professional line and I guess like me you’ll eye start-up storage vendors with the evil-eye as there is a risk that they go belly-up leaving you with an un-supportable storage headache that you need to replace at massive cost and migrate off, but I think this one has legs and something that nobody else on the market has, and to me that’s a reasonable bet they’ll get snapped up or live on their own.

Anyways, back to the Porsche bit. As a life-long Porsche fan the Porsche Experience is a great day out and you get to do some cool stuff like skidding about and a wet skidpan to test your driving skills (verdict: needs work!). I’ve always been a sceptic of those new fangled J pretend automatic/sort of manual gearboxes in sports cars after a bad investment in a BMW e46 M3 with an SMG gearbox (don’t do it kids). But a couple of hours of proper driving with a PDK gearbox is starting to convert me. My wife said specifically to me when I left the house for this event to not come back wanting to change my car, err..

Also got a ride in Joe Baguley’s Tesla Model X… those things are like rocket ships!

Sad post-note: Several days of very creative man-maths have not yet resulted in me being able to buy one, back to the grind-stone Gallagher.

if you want to get a flavour of what went on, check out this video