Skip to main content

Posts

Showing posts from September, 2015

vCenter 5.5 - Unable to Grant Permission to Domain ID - No Domain Listed

One fine day, someone came to me and asked, " I can't add domain users to vCenter. Can you help?" So, when I checked, I found this : So yes, no domain listed there. So when I asked in detail, it seems this was a new deployment, vCenter just being created. Which really helped me to narrow down to root cause. Issues : Unable to Grant Permission to Domain ID - No Domain Listed  Troubleshooting  Login to vCenter using default admin ID ( [email protected] ). These steps shall be done from Web Console rather than vSphere Client.    Click at Administration Click at Single Sign-On > Configuration . So as we can see here, only vSphere.local and vCenterServer (Default) are configured in Identity Sources. It means, these are the only domains which can be authenticated to. Resolution :  Click at Add Identity Source.  Depending on the environment, appropriately choose identity source type . For this example, it is Act

The Trust Relationship Between This Workstation and The Primary Domain Failed

This is one of the common issue happen to PVS environment, IF the environment is not properly configured. The trust relationship will failed, if the password expiration days is  set below than computer account password updates. For example, if you set the password to be expired in 5 days, and computer account password updates set for 7 days, the password will then expired 2 days before renewal. Therefore, either disable password expiration, or properly set these 2 options according to Corporate Security policy. Issues : PVS : The Trust Relationship Between This Workstation and The Primary Domain Failed Troubleshooting   Accessed to the VDA, could not authenticate using domain ID.  Convert the VDA to Private mode / Create new version under Maintenance mode, unjoined and rejoined to domain. Put the VDA to Standard Mode / promote to Production, issue persisted. Resolution :  Shut down the target device.  Right click at it, go to Active Directory >

How To : StoreFront Factory Reset / Rejoin Citrix StoreFront to Server Group

In some situations, you may need to unjoin a StoreFront server from an existing server group, and join the server to a different server group. However, after you remove it, there is no option to add it back. You will see this screen at your StoreFront server. So, what it The easiest way? Reinstall StoreFront! .  However, there is another cool way to do this, especially if you want to show off in front of your customers (no, I have never done this), or if you want to flaunt your expertise in front of your juniors (never done this as well). Description : StoreFront Factory Reset / Rejoin Citrix StoreFront to Server Group How To Do :  Close all opened / active Storefront consoles. You will get error if there is active session. Launch PowerShell as Administrator.  Type asnp Citrix*  Browse to %Program Files%\Citrix\Receiver StoreFront\Scripts  Run ImportModules.ps1   Modules imported Run this command : Clear-DSConfiguration Command completed.  

Disabling drive mapping on Server 2008

In previous post , I mentioned on how to disable drive mapping on Server 2003 via GPO. In this post, I will show on how to disable drive mapping on server 2008. Description : Disabling drive mapping on Server 2008 How To Do :  Access to GPMC , edit the intended GPO. Browse to Computer Configuration > Policies > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Device and Resource Redirection Click at ' Do not allow drive redirection  '. That is our target setting Right click at it, and press Edit  Choose Enabled , press Apply and OK .  You can double confirm the setting by checking at ICA-TCP and RDP-TCP Properties. They are now checked, and  grayed out. And this is the explanation by Microsoft on the GPO setting.