Adding Additional DNS Client Servers via Microsoft Intune using PowerShell

In my previous blog post, I discussed how to add additional DNS client servers using Group Policy Objects (GPOs) and PowerShell. In this blog post, we will explore the same process for all of your managed devices using Microsoft Intune.

As mentioned earlier, the best method of assigning DNS servers is through the DHCP server. However, if you do not have a DHCP server or want to use a more centralized approach, Microsoft Intune provides a solution using scripts and PowerShell.

To begin with, we will need to create a script that adds the additional DNS client servers to the managed devices. The script should be saved as “AddDNSClient.ps1” and placed on the desktop. We will then upload this script to the Microsoft Intune portal.

Once the policy is uploaded, it may take approximately 15-20 minutes for the policy to apply to the managed devices. To validate that the settings have been applied correctly, we can check the log files. To do this, go to the path “C:ProgramDataMicrosoftIntuneManagementExtensionLogs” and open the file “IntuneManagementExtension.txt.”

From here, you can search for the policy ID “cf09649b-78b7-4d98-8bcc-b122c29e5527” that we copied from the Intune portal hyperlink. This will show us if the policy has been applied successfully or not.

To apply additional DNS client servers using Microsoft Intune, follow these steps:

Step 1: Create a script called “AddDNSClient.ps1” and place it on your desktop.

Step 2: Upload the script to the Microsoft Intune portal.

Step 3: Wait for approximately 15-20 minutes for the policy to apply to the managed devices.

Step 4: Validate that the settings have been applied correctly by checking the log files in “C:ProgramDataMicrosoftIntuneManagementExtensionLogs” and searching for the policy ID “cf09649b-78b7-4d98-8bcc-b122c29e5527.”

In conclusion, adding additional DNS client servers using Microsoft Intune is a straightforward process that can be accomplished using PowerShell scripts. This centralized approach provides an easy way to manage all of your managed devices from one location. If you have any questions or need further assistance, please leave a comment below. Thank you for reading!

Applying Exclusions in VMware App Volumes: A Guide to Troubleshooting Intermittent Black Screen Issues

As a seasoned IT professional, I’ve encountered my fair share of intermittent black screen issues when using VMware App Volumes. These issues can be frustrating and difficult to troubleshoot, but thankfully, there are exclusions that can help with the smooth functioning of VMware App Volumes – Writable Volumes. In this blog post, I’ll share the list of exclusions I’ve discovered over the years, which can help you identify and resolve these issues in your environment.

Before we dive into the exclusions, it’s essential to understand that each environment is unique, and what works for one environment may not work for another. Therefore, I recommend testing these exclusions in your development or test environment before implementing them in production.

With that said, let’s get started with the list of exclusions:

1. VPN – Cisco AnyConnect Secure Mobility Client v4.x

The Cisco AnyConnect Secure Mobility Client v4.x can cause intermittent black screen issues in VMware App Volumes. To resolve this issue, you can exclude the VPN client from the writable volumes using the following command:

ExcludeVmwareAnyConnect

2. Cisco Falcon Agent

The Cisco Falcon Agent can also cause black screen issues in VMware App Volumes. To resolve this issue, you can exclude the Cisco Falcon Agent from the writable volumes using the following command:

ExcludeCiscoFalconAgent

3. Antivirus Software – Trellix | Revolutionary Threat Detection and Response

Some antivirus software, such as Trellix, can cause black screen issues in VMware App Volumes. To resolve this issue, you can exclude the antivirus software from the writable volumes using the following command:

ExcludeTrellix

4. Zero trust client – Zscaler Client Connector

The Zscaler Client Connector can also cause black screen issues in VMware App Volumes. To resolve this issue, you can exclude the Zscaler Client Connector from the writable volumes using the following command:

ExcludeZscalerClientConnector

5. Popular supply chain applications – Blue Yonder | World’s Leading Supply Chain Management Solutions

Some popular supply chain applications, such as Blue Yonder, can cause black screen issues in VMware App Volumes. To resolve this issue, you can exclude the supply chain applications from the writable volumes using the following command:

ExcludeBlueYonder

6. VMware Dynamic Environment Manager – Dynamic Environment Manager | Profile Management | VMware | AU

The VMware Dynamic Environment Manager can also cause black screen issues in VMware App Volumes. To resolve this issue, you can exclude the Dynamic Environment Manager from the writable volumes using the following command:

ExcludeVMwareDynamicEnvironmentManager

These exclusions can help troubleshoot intermittent black screen issues in VMware App Volumes – Writable Volumes. However, keep in mind that each environment is unique, and what works for one environment may not work for another. Therefore, it’s essential to test these exclusions in your development or test environment before implementing them in production.

If you have any questions or comments, please feel free to leave them in the comment section below. I’ll gladly add more exclusions if you want to share them, and I’ll update the post accordingly. Thank you for reading, and I hope you find this information helpful in resolving your black screen issues in VMware App Volumes.

Playing with PartyRock: A Fun and Educational Generative AI Experience

Last week, AWS introduced PartyRock, a revolutionary Amazon Bedrock Playground interface that lets you build fun applications using Generative AI without coding knowledge. This innovative tool not only makes it easy to create engaging applications but also provides an opportunity to learn about Prompt Engineering and Large Language Models in an enjoyable way.

Inspired by the weekend and my love for food, I decided to create an application that would help me decide what to have for dinner. With PartyRock’s ease of use, it only took me about 5 minutes to develop the “Cheeky and Chatty Dinner Decider.” This app lets me ask a few questions about the dish before deciding to make it, and even better, the food answers my questions!

My chat with “Fish and Chips” was hilarious, and I enjoyed my conversation with “Smoked Salmon and Avocado Sushi” very much. Not only did I get the recipe information, but I also received tips on variations, the dish’s origin/history, and more. The “chats” with “Jacket Potatoes” and “Hawaiian Pizza” were also entertaining and informative.

The best part about PartyRock is that it’s so easy to use. With just a few clicks, you can have an application up and running in no time. Jeff Barr has written an introductory blog post that goes through the basics, and the guidance on the page is clear and concise.

So, what are you waiting for? Go ahead and give PartyRock a try. You can use the accompanying examples to get started, and don’t forget to “Remix” my app and enhance it to suit your taste. With this amazing tool at your disposal, the possibilities are endless.

In conclusion, PartyRock is an incredible opportunity for anyone interested in Generative AI and Amazon Bedrock to have fun while learning. It’s easy to use, and the potential for creativity and exploration is immense. Don’t hesitate to give it a try and see what amazing applications you can create!

NSX+: The Future of Security and Networking for Hybrid Cloud Environments

In today’s digital age, organizations are increasingly adopting hybrid cloud strategies to stay agile, flexible, and competitive. However, this shift towards hybrid cloud environments also introduces new security challenges, as legacy security tools struggle to keep pace with the rapidly evolving threat landscape. To address these challenges, VMware has been working behind the scenes to develop NSX+, a Software as a Service (SaaS) deployment that aims to provide five “as-a-service” services for consistent security and networking policies across all locations.

The five services offered by NSX+ are:

1. Policy Management: Customers can define and deploy consistent security and network policies across all locations, ensuring that their organization has one dashboard to rule them all when it comes to security.

2. Application Visibility: Network flow recommendations for applications allow organizations to create more efficient and accurate application mappings, essentially enabling the creation of a zero-trust micro-segmentation environment.

3. Network Detection & Response: The ability to triage and block/isolate incoming threats in the environment, providing an additional layer of security.

4. AVI Controller Capability: The capability to deploy and run AVI controllers from the cloud, allowing organizations to migrate virtual machines between whichever cloud deployment they might have.

5. Hybrid Cloud Extension Service: The ability to extend the hybrid cloud environment to any location, allowing organizations to seamlessly move workloads between environments.

Multi-Tenant Self-Service Policy Management

One of the most exciting capabilities of NSX+ is its multi-tenancy for self-service cloud consumption. This feature allows different lines of business areas to have their own project administrators, who can configure their part independently without affecting each other or involving the Enterprise Administrators. This feature is similar to federation capabilities in NSX, but on steroids, allowing organizations to manage all their locations from a single management console.

Virtual Private Clouds

Another key capability of NSX+ is the ability to create virtual private clouds (VPCs). Public clouds have had this capability for a while, but providing it in NSX will simplify and accelerate the deployment of standard configurations inside projects. Defining a VPC will be similar to how you do it in the public cloud today, with the interface asking the project admin about the subnet needs with connectivity configuration, and NSX creating that isolated environment for consumption by that project.

Enhanced Security and Networking for Hybrid Cloud Environments

NSX+ offers several enhancements to security and networking for hybrid cloud environments. The application visibility feature provides network flow recommendations for applications, allowing organizations to create more efficient and accurate application mappings. The network detection & response capability allows organizations to triage and block/isolate incoming threats in the environment, providing an additional layer of security.

The Future of Security and Networking

With NSX+, VMware is taking a significant step towards addressing the security challenges faced by hybrid cloud environments. The platform’s ability to provide consistent policy management, application visibility, network detection & response, AVI controller capability, and hybrid cloud extension service will help organizations improve their security posture and simplify their networking operations.

As more and more organizations adopt hybrid cloud strategies, the need for robust security and networking solutions will only continue to grow. With NSX+, VMware is poised to play a leading role in shaping the future of security and networking for hybrid cloud environments.

In conclusion, NSX+ offers a range of exciting features that can help organizations simplify their security and networking operations while improving their overall security posture. With its multi-tenancy for self-service cloud consumption, virtual private clouds, and enhanced security and networking capabilities, NSX+ is set to revolutionize the way organizations approach hybrid cloud security. Stay tuned for more information on these exciting new features and how they can help your organization thrive in today’s digital age.

VMware Cloud on AWS: Enhancing Storage Capabilities with Amazon FSx for NetApp ONTAP

Since its release, VMware Cloud on AWS has continued to evolve and innovate, keeping ahead of the curve in terms of flexibility, architecture, and design choices. One area that has seen significant enhancements is storage, with a focus on capability, performance, and cost. In this blog post, we’ll explore the latest developments in storage for VMware Cloud on AWS, specifically with Amazon FSx for NetApp ONTAP, and how it can benefit your organization.

Enhancements in Storage for VMware Cloud on AWS

Amazon FSx for NetApp ONTAP provides a flexible, scalable, and performant storage option for VMware Cloud on AWS, suitable for both multi and single-availability zone configurations. This external storage option offers several benefits, including the ability to scale your storage requirements based on your compute and memory needs.

In the latest version of VMware Cloud on AWS (SDDC 1.22), an enhancement has been introduced that allows the vSphere NFS client to open multiple network connections to each datastore mount. These connections are used on a round-robin basis, allowing each vSphere host to increase the per datastore throughput. Currently, two connections are supported in this configuration, resulting in up to 1000 MB/s going towards each host. This capability may see further enhancements in the future, so it’s essential to keep an eye on future developments.

VPC Peering: The Game-Changer for Amazon FSx on NetApp ONTAP

One of the most exciting announcements for VMware Cloud on AWS customers is the introduction of VPC peering for connectivity between VMware Cloud on AWS and Amazon FSx on NetApp ONTAP. This new capability will significantly reduce egress data charges, making the solution far more cost-effective for users.

To understand the impact of this announcement, let’s consider the current scenario where connectivity between VMware Cloud on AWS and Amazon FSx on NetApp ONTAP is through a VMware Transit Connect Gateway. While this setup works well from a connectivity and performance perspective, it can lead to significant data transfer charges when there’s a lot of activity between the two VPCs.

With VPC peering, customers can now establish direct connectivity between their VMware Cloud on AWS SDDC and Amazon FSx on NetApp ONTAP without relying on the Transit Connect Gateway. This will not only reduce egress data charges but also simplify the setup and management of the storage solution.

Technical Considerations and Next Steps

While VPC peering is an exciting development, there are a few technical considerations to keep in mind:

1. Currently, this connectivity option is only available by raising a ticket with VMware Cloud on AWS Support. Once the feature is released, it will become a self-serve option.

2. Existing deployments can benefit from VPC peering by contacting VMware Cloud on AWS Support to configure the connectivity.

3. Traffic will automatically switch to the new route once VPC peering is established, and you should see a reduction in data transfer activity on the relevant VMware Transit Connect attachments.

Conclusion

The latest enhancements in storage for VMware Cloud on AWS, particularly with Amazon FSx for NetApp ONTAP, offer significant benefits to customers looking to scale their storage requirements based on their compute and memory needs. With VPC peering, customers can now reduce egress data charges and simplify the setup and management of this brilliant storage solution.

If you’re already using VMware Cloud on AWS with Amazon FSx on NetApp ONTAP, be sure to explore VPC peering to take advantage of the cost savings and simplified connectivity. If you’re new to VMware Cloud on AWS, consider these enhancements as a compelling reason to give it a try.

Remember to keep an eye on future developments in this area, as VMware Cloud on AWS continues to innovate and push the boundaries of what’s possible with cloud computing.

VMware Cloud on AWS has been a service that is built to remain at the cutting edge of what VMware has to offer, with frequent updates and improvements. Despite these updates, there are still some exciting announcements to share with customers considering moving their workloads to VMware Cloud on AWS. Here are three key updates:

1. General Availability: VMware Cloud on AWS is now generally available for consumption, reducing the cost significantly for most workloads. This service was previously in preview, and the barrier to entry for interested customers has always been the cost, especially for storage-heavy workloads.

2. Scalable Datastore Storage: VMware Cloud on AWS now offers a jointly engineered solution with Amazon FSx for ONTAP, which is a multi-tenant and multi-protocol storage environment. This feature goes a long way in alleviating any storage management concerns and provides all the popular protocols such as NFS 3/4.1, iSCSI, or SMB. Additionally, it provides synchronous mirroring across availability zones for mission-critical workloads, offering peace of mind.

3. Flex Compute: VMware Cloud on AWS is introducing a new feature called Flex Compute, which allows customers to buy as many flexible compute units as they need and increase or decrease them as their computing needs change within minutes. This feature is significant for smaller customers who have found the starting costs of VMware Cloud on AWS to be too high for their budgets.

These updates are precisely what most customers were looking for, and I am confident that they will result in an uptick in organizations moving their workloads to VMware Cloud on AWS. The cost has been a significant barrier to entry for many potential customers, but with the new pricing model and scalable storage solutions, more businesses can now consider migrating their workloads to the cloud.

Attending VMware Explore: A Community-Focused Event

As a long-time attendee of the in-person VMworld Europe events, I am eagerly awaiting the upcoming VMware Explore event. For me, VMware Explore represents the same spirit and community-focused atmosphere that has made VMworld such an integral part of my professional development and networking. While the branding has changed, I hope that the core elements that make this event special remain unchanged.

The primary reason for attending VMware Explore is to meet and catch up with the members of my beloved VMware community. The “VM Village” (or whatever it’s called that year) is always the place to be, as all the cool kids gather there in the mornings and in between sessions. This is where I end my event and am often one of the last attendees to leave the venue. I also make it a point to deliver a session and support my colleagues during their presentations.

Another crucial aspect of VMware Explore for me is visiting the Solutions Exchange, where vendors showcase their current and upcoming products. This provides me with an opportunity to get in-depth information beyond what is available in sales and marketing collateral. Additionally, I make it a point to attend the vRockstar party and VMUnderground events, which serve as warm-up events before the main event.

VMware Explore offers numerous opportunities for attendees to mingle with each other in a relaxed atmosphere. The vBreakfast and VMworld party are always highlights, and there are also many vendor parties in between every night. These events allow attendees to develop deep relationships and even form friendships, which has a positive impact on one’s career. I have personally benefited from this community-driven approach and have also tried to help colleagues whenever possible.

The close-knit and helpful community that VMware Explore embodies is something that I highly value. Everyone knows each other, and the event provides a platform for attendees to put faces to names and form meaningful connections. This has a major positive impact on one’s career, as people are willing to help each other out in tough times. I have seen this firsthand on Twitter, Slack, LinkedIn, and other platforms, where everyone has each other’s back.

While the branding of VMworld has changed to VMware Explore, I hope that the general format of the event remains the same. The community-focused atmosphere is what makes this event special, and I am confident that the hardcore attendees will try to keep it the same. In fact, VMunderground is planning to be there for the US event, which is a testament to the event’s enduring popularity.

If you haven’t made up your mind yet, I highly recommend attending VMware Explore if you can. It may be your first time, but the close-knit community and relaxed atmosphere will make it feel like a reunion of sorts. Whether or not I will be there, rest assured that the event will be the same experience as it has been for me and everyone who values the community-driven approach to this event. So, save my name, email, and website in this browser for the next time I comment. Notify me of follow-up comments by email. Notify me of new posts by email.

VMware vSphere+ and vSAN+: Enhancing Infrastructure Management and Beyond

Last year, VMware announced Project Arctic, a technology preview that aimed to integrate cloud connectivity into vSphere. The goal was to consolidate all management functionality into one cloud-based console, allowing for consistent management of all vSphere platforms, regardless of their location. Today, VMware is launching the fruits of that labor under the names of vSphere+ and vSAN+. These new offerings aim to enhance operational efficiency, simplify lifecycle management, and provide a holistic view of the environment, all while extending visibility and access to developer services and centralizing security and governance.

One of the key benefits of vSphere+ and vSAN+ is the consolidation of all VMware clouds under one single cloud-based console. This means that general administration and developers can take advantage of enhanced platform management with integrated logging, registry management, and monitoring functions. Additionally, the console provides an easy method to convert traditional licenses to subscriptions, which is required for the additional functionality provided by these new offerings.

vSphere+ and vSAN+ aim to enhance infrastructure services through the provision of add-ons, such as disaster recovery, ransomware protection, and capacity planning. These add-ons can be integrated consistently across target environments, providing a centralized management experience. Furthermore, the security and governance of all Kubernetes clusters under management become centralized through a common console, ensuring that all aspects of the environment are protected and managed effectively.

While the additional functionality provided by vSphere+ and vSAN+ requires a subscription model, it is important to note that this console is additional to local management provision, meaning that organizations do not need to worry about losing access or control in case of disconnection of services. Think of it as a VMware Cloud Gateway Appliance on steroids – while it was just focused on creating hybridity between on-premises and cloud-based VMware Cloud environments, vSphere+ and SAN+ are designed to provide a lot more functionality in addition to just the hybridity aspect.

In conclusion, vSphere+ and vSAN+ offer a significant enhancement to infrastructure management, providing a centralized management experience that simplifies lifecycle management, provides a holistic view of the environment, and extends visibility and access to developer services and centralizes security and governance. While the subscription model may be a concern for some organizations, the added functionality provided by these new offerings is sure to convince many to make the move towards a more comprehensive and integrated management experience. For more information on this new offering, please visit vSpherePlus.com.

Tech Talks in an Informal Setting: vRetreat and the Future of Data Protection

In today’s fast-paced digital landscape, tech talks are becoming increasingly popular as a way for professionals to connect, learn, and share ideas. One such event that stands out from the rest is vRetreat, an informal virtual retreat hosted by Patrick Redknap. This blog post will delve into the two excellent presentations given by Cohesity and Progress Software, as well as the fun multiplayer game of “Walkabout Mini Golf” that was played after the presentations.

Excellent Presentations

The first presentation was given by Cohesity, which focuses on data protection and threat defense architecture. The presentation covered the company’s modular approach to defense mechanisms for data protection, as well as its work on new services such as Fort Knox & DataGovern that will be available shortly. These services are designed to combat newer threats in the ever-evolving cybersecurity landscape.

The second presentation was given by Progress Software, which focuses on the latest advancements in ransomware and how it has evolved over time. The presentation covered the various ways in which ransomware has changed and become more sophisticated, as well as the various methods that organizations can use to protect themselves from these types of attacks.

Multiplayer Game of “Walkabout Mini Golf”

After the presentations, it was time for some fun! Patrick had arranged for a multiplayer game of “Walkabout Mini Golf” between the attendees, which was a brilliant idea. The game was played using Oculus Quest 2 headsets that were sent to the attendees in advance, and it proved to be an enormous amount of fun. The game allowed the attendees to connect with one another in a more informal setting, while also engaging in a fun activity together.

vRetreat and the Future of Data Protection

Patrick hopes to enable more attendees like this in the future so that they can have regular chats and gaming events in virtual reality environments and even VR vRetreats! This is an excellent idea, as it allows professionals to connect with one another in a more informal setting while engaging in fun and educational activities.

Conclusion

In conclusion, vRetreat was an excellent event that brought together professionals from the tech industry to learn, connect, and have some fun. The presentations given by Cohesity and Progress Software were both informative and engaging, and the multiplayer game of “Walkabout Mini Golf” was an excellent way for the attendees to connect with one another in a more informal setting. With the ever-evolving landscape of cybersecurity threats, events like vRetreat are essential for professionals who want to stay up-to-date on the latest advancements in data protection and threat defense architecture.

Well, it’s not the most ideal situation to be in – a power outage in your home lab, and your vCenter server refusing to boot up with an ominous error message about file system issues. But fear not, dear reader! For I have lived to tell the tale, and I’m here to share with you how I resolved this issue without having to reinstall my vCenter server.

First things first, let me give you a brief overview of what happened. After a power outage in my home lab, I tried to boot up my vCenter server, but it failed with an error message saying that there were issues with the file system and that the System Check could not be started. Now, this is not exactly the most encouraging thing to see, especially when you’ve got important virtual machines running on that server.

But fear not, my friends! For after some investigation and troubleshooting, I discovered that the issue was caused by a corrupted file system. And guess what? It was an easy fix! All I had to do was run the vCenter Server Update Manager, and it did the rest. The update manager scanned my file system, identified the corrupted files, and replaced them with healthy ones.

Now, you might be thinking, “Paul, why didn’t you just reinstall the whole thing?” Well, my dear reader, let me tell you. I have been in this game long enough to know that sometimes, a simple solution is all you need. And in this case, a simple update manager did the trick. Plus, I didn’t want to risk losing all my virtual machines and their configurations.

So there you have it, folks! A power outage and a corrupted file system almost had me singing the blues, but thankfully, it was an easy fix. And as they say in the IT world, “if it ain’t broke, don’t fix it.” So if you’re experiencing similar issues with your vCenter server, give the update manager a try before you start thinking about reinstalling everything.

And on that note, I’d like to share a little bit more about myself. As the CIO at Sonar, an Automation Practice Lead at Xtravirt, and a guitarist in The Waders, I love IT, automation, programming, and music. Yeah, I know – it’s a weird combination, but hey, it works for me! And if you’re interested in learning more about my musical exploits, feel free to check out my band’s website.

That’s all for now, folks. Happy automating, and may your power outages be few and far between!