What has been literally years in the making, Microsoft has just now enabled Microsoft 365 users to send email as a proxy (alias) address. Why is this news? Well Gmail Suite and other business email services have had this feature forever, and some businesses have a hard requirement for such...
Hot off the press is Nutanix Move 4.0. What is Nutanix Move? Move is our free VM mobility tool that allows you to migrate VMs between various hypervisors and hyperscaler clouds. And you can run the Move appliance on either AHV or ESXi hypervisors. What's new in Move 4.0? Supports...
If you enable SSH access on your OPNsense firewall, for the best security you should use SSH keys and disable username/password logins. This blog post will guide you through the quick and easy process of creating SSH keys, installing them, and then configuring OPNsense to only allow SSH key logins....
In a previous post a while back I wrote how to capture outbound DNS queries with your Ubiquiti EdgeRouter and forward them to Pi-Hole. Now that I've transitioned to OPNsense + NextDNS (replacing my EdgeRouter and Pi-Hole), I wanted to post how to do the same thing in OPNsense. Why...
Recently I've been re-doing my home network, and I'm now using the OPNsense firewall, replacing my Ubiquiti EdgeRouter 12 with a more robust solution. For OPNsense I selected the PROTECTLI FW6D platform, which has 6 ports and an Intel i5-8250U CPU. I've also been running Pi-Hole on my network for...
For a number of years now Nutanix has offered a 'community edition' of our AOS and Prism Central software suite. The community edition closely resembles the enterprise versions, but is packaged in a way to allow it to install on commodity hardware, or in a nested virtualization environment. It's also...
I was doing some testing in my lab with vCenter 7 (VCSA), using snapshots. I rolled back a test vCenter instance and was unable to subsequently login. The error I got was: User name and password are required. I also noticed that the windows session authentication was also check-able, even...
Over the years I've written a number of blog posts about replacing the SSL certificates for vSphere. Back in the day it was exceedingly difficult and was very error prone (think 5.x and 6.x). However, VMware has made great strides with vSphere 7 in how you manage certificates. Yippee!For enterprises...
During installation of trusted SSL certificates for a VMware vSphere 7.0 lab environment, I ran into the following error when I was trying to replace the certificates: ERROR certificate-manager 'lstool get-site-id' failed: 1 This error was logged on my VCSA, in the /storage/log/vmware/vmcad/certificate-manager.log file. Some searching found VMware KB71120, which...
Now that we have our offline Windows Server 2019 certificate authority configured in Part 1, and our online subordinate setup in Part 2, now we should setup auto-enrollment and secure the subordinate’s web certificate services with SSL.Auto-enrollment is where domain joined Windows computers are automatically issued a computer certificate. Services...
Now that our root Windows Server 2019 certificate authority is installed and published to Active Directory from Part 1, it is time to bring online our subordinate CA. The subordinate CA will be our online issuing CA, since it will be the CA which issues all certificates, be they for...
Its been quite some time since I wrote up how to setup a Microsoft Windows two-tier certificate authority (CA). While Windows Server 2019 is not new, I did want to write up how to set a two-tier certificate authority (CA). I'm building out a new home lab, and thought this...