Wednesday Tidbit: Automate VMware OSOT for your VDI Images

June 17, 2020July 6, 2020 / Mark Brookfield / 1 Comment

The other day I tweeted a short bit of code on how to automate the zeroing-out of your VDI images using SDelete:

Do you like to zero out your #VDI images using SDelete before snapshotting them for your pools?

Do you build your desktop images using @HashiCorp #Packer and would like to automate this? If so check out this code I threw together: https://t.co/14KYRIs4SD #EUC #vExpert

— Mark Brookfield (@virtualhobbit) June 16, 2020

I got quite a few DMs afterwards asking if it was possible to do the same with VMware’s OS Optimization Tool.

So without further ado, here’s the code I use as the last step in my Packer builds before closing them down for svMotioning:

	$ErrorActionPreference = "Stop"

	$webserver = "webserver.contoso.local"
	$url = "http://" + $webserver
	$files = @("VMwareOSOptimizationTool.exe","VMwareOSOptimizationTool.exe.config","my_osot.xml")
	$exe = $files[0]
	$arg = "-o -t " + $files[2]

	# Verify connectivity
	if (Test-Connection $webserver –Quiet){
	# Get the OSOT files
	ForEach ($file in $files)
	{
	Invoke-WebRequest –Uri ($url + "/" + $file) –OutFile $env:TEMP\$file
	}
	} else {
	throw "No connection to server. Aborting."
	}

	# Change to temp folder
	Set-Location $env:TEMP

	# Run OSOT
	Try
	{
	Start-Process $exe –ArgumentList $arg –Passthru –Wait –ErrorAction stop
	}
	Catch
	{
	Write-Error "Failed to run OSOT"
	Write-Error $_.Exception
	Exit -1
	}

	# Delete files
	ForEach ($file in $files)
	{
	Remove-Item –Path $env:TEMP\$file –Confirm:$false
	}

view raw

osot.ps1

hosted with ❤ by GitHub

Please remember to swap out your web server and to specify your own XML file. You could also YOLO it and use one of the built-in templates…

Bill OReilly Well Do It Live GIF - BillOReilly WellDoItLive Mad GIFs

…but don’t be surprised when you cripple half your apps 🙂

Wednesday Tidbit: PowerShell’s Import-PFXCertificate Removes the Private Key

May 27, 2020June 2, 2020 / Mark Brookfield / Leave a comment

I’ve been working on a complex automation solution recently in lab, and one task was to import a certificate to be used by VMware Horizon.

Those familiar with Horizon will know that any certificate used will need to have its corresponding private key which will also need to be exportable. The certificate also needs to have a friendly name of “vdm”. Continue reading →

Setting the vRA Software Agent to run as a different user

January 14, 2020May 28, 2020 / Mark Brookfield / 1 Comment

20161114-1 I’m currently working on a lab project which enables cloud consumers to request a full VMware Horizon environment straight from my vRealize Automation catalog. This will provision Connection Servers, a Composer server, UAGs – all load-balanced using VMware NSX. Exciting, but not without its challenges. The first being… Horizon wouldn’t install. Continue reading →

Securing VMware Horizon UAGs with Let’s Encrypt SSL certificates

December 23, 2019June 8, 2020 / Mark Brookfield / 2 Comments

Securing your Horizon Universal Access Gateway (UAG) with a genuine SSL certificate from a recognised vendor is an important process. It enables your users to be sure they’re connecting to the correct VDI infrastructure, and that the communications between their endpoint and remote desktop are secure. Continue reading →

Wednesday Tidbit: Adding the SQL Server Agent to a Windows Failover Cluster

September 23, 2015September 23, 2015 / Mark Brookfield / Leave a comment

Yesterday I decided it was time to patch my VMware vCenter 5.5 hosts to the recently released Update 3. As I make use of properly configured SSL certificates, each component (SSO, Web Client, Inventory and vCenter Server) has to be installed separately. However when I came to install the last one, I ran into an issue. Continue reading →

Wednesday Tidbit: configuring a clustered MSDTC for vRealize Automation 6.x

September 16, 2015September 21, 2015 / Mark Brookfield / Leave a comment

A few days ago I found I was unable to add reservations to my vRealize Automation installation. After finding VMware knowledge base article 2089503, I realised it was because I’d forgotten to configure the Microsoft Distributed Transaction Co-ordinator (MSDTC) on my new SQL cluster. Continue reading →

Wednesday Tidbit: Using Cluster-Aware Updating to patch a Windows Server 2012 R2 Failover Cluster

August 26, 2015August 24, 2015 / Mark Brookfield / Leave a comment

Recently I built a Windows Server 2012 R2 Failover Cluster to run my SQL, file services and Certificate Authority workloads. For a number of reasons (mentioned in the article) I decided to build it on the Server Core edition of Windows.

Whilst this offers numerous advantages, simplicity isn’t always one of them. One example of this is patching. Continue reading →

Building an advanced lab using VMware vRealize Automation – Part 7: Configure vCenter Server Appliance SSL certificates

July 20, 2015September 4, 2015 / Mark Brookfield / Leave a comment

In part 6 we installed and configured a vCenter Server Appliance in the lab. This will manage the various components, plus serve as an endpoint for vRealize Automation.

In this post we replace the default SSL certificates from the vCSA with trusted certificates from our in-house certificate authority. Continue reading →