Tag: Cloud

VMware vSphere PowerCLI 11.0

VMware vSphere PowerCLI 11.0 New Features

New features available on  VMware vSphere PowerCLI 11.0 is to support the new all updates and release of VMware products , find the below following has been features,

  • New Security module
  • vSphere 6.7 Update 1
  • NSX-T 2.3
  • Horizon View 7.6
  • vCloud Director 9.5
  • Host Profiles – new cmdlets for interacting with
  • New Storage Module updates
  • NSX-T in VMware Cloud on AWS
  • Cloud module multiplatform support
  • Get-ErrorReport cmdlet has been updated
  • PCloud module has been removed
  • HA module has been removed

Now we will go through above mentioned new features to find what functionality it bring to PowerCLI 11.0

What is PowerCLI 11.0 New Security Module

The new security module brings more powerful automation features to PowerCLI 11.0 available  new cmdlets include the following

  • Get-SecurityInfo
  • Get-VTpm
  • Get-VTpmCertificate
  • Get-VTpmCSR
  • New-VTpm
  • Remove-VTpm
  • Set-VTpm
  • Unlock-VM

Also New-VM cmdlet has enhanced functionality with the security module functionality and it includes parameters like KmsCluster, StoragePolicy, SkipHardDisks etc which can be used while creating new virtual machines with PowerCLI .In addition to that  Set-VM, Set-VMHost, Set-HardDisk, and New-HardDisk cmdlets are added.

Host Profile Additions

There are few additions to the VMware.VimAutomation.Core module that will make managing host profiles from PowerCLI

  • Get-VMHostProfileUserConfiguration
  • Set-VMHostProfileUserConfiguration
  • Get-VMHostProfileStorageDeviceConfiguration
  • Set-VMHostProfileStorageDeviceConfiguration
  • Get-VMHostProfileImageCacheConfiguration
  • Set-VMHostProfileImageCacheConfiguration
  • Get-VMHostProfileVmPortGroupConfiguration
  • Set-VMHostProfileVmPortGroupConfiguration

Storage Module Updates

These new Storage Module updates specifically for VMware vSAN , the updates has predefined time ranges when using Get-VsanStat. In addition  Get-VsanDisk has additional new properites that are returned including capacity, used percentage, and reserved percentage. Following are the  cmdlets have been added to automate vSAN

  • Get-VsanObject
  • Get-VsanComponent
  • Get-VsanEvacuationPlan – provides information regarding bringing a host into maintenance mode and the impact of the operation on the data, movement, etc

Additionally  following modules have been removed

  • PCloud module
  • HA module

Download now and start using

Update-module VMware.Powercli

Useful Links
Tags: , , , , , , , , , , , , , , , , , , , , , , , ,

VMware vSphere 6.7

VMware is announcing vSphere 6.7, the latest release of the industry-leading virtualization and cloud platform. vSphere 6.7 is the efficient and secure platform for hybrid clouds, fueling digital transformation by delivering simple and efficient management at scale, comprehensive built-in security, a universal application platform, and seamless hybrid cloud experience.

vSphere 6.7 delivers key capabilities to enable IT organizations address the following notable trends that are putting new demands on their IT infrastructure:

  • Explosive growth in quantity and variety of applications, from business critical apps to new intelligent workloads.
  • Rapid growth of hybrid cloud environments and use cases.
  • On-premises data centers growing and expanding globally, including at the Edge.
  • Security of infrastructure and applications attaining paramount importance.

Let’s take a look at some of the key capabilities in vSphere 6.7:

Simple and Efficient Management, at Scale

vSphere 6.7 builds on the technological innovation delivered by vSphere 6.5, and elevates the customer experience to an entirely new level. It provides exceptional management simplicity, operational efficiency, and faster time to market, all at scale.

vSphere 6.7 delivers an exceptional experience for the user with an enhancedvCenter Server Appliance (vCSA). It introduces several new APIs that improve the efficiency and experience to deploy vCenter, to deploy multiple vCenters based on a template, to make management of vCenter Server Appliance significantly easier, as well as for backup and restore. It also significantly simplifies the vCenter Server topology through vCenter with embedded platform services controller in enhanced linked mode, enabling customers to link multiple vCenters and have seamless visibility across the environment without the need for an external platform services controller or load balancers.

Moreover, with vSphere 6.7 vCSA delivers phenomenal performance improvements (all metrics compared at cluster scale limits, versus vSphere 6.5):

  • 2X faster performance in vCenter operations per second
  • 3X reduction in memory usage
  • 3X faster DRS-related operations (e.g. power-on virtual machine)

These performance improvements ensure a blazing fast experience for vSphere users, and deliver significant value, as well as time and cost savings in a variety of use cases, such as VDI, Scale-out apps, Big Data, HPC, DevOps, distributed cloud native apps, etc.

vSphere 6.7 improves efficiency at scale when updating ESXi hosts, significantly reducing maintenance time by eliminating one of two reboots normally required for major version upgrades (Single Reboot). In addition to that, vSphere Quick Boot is a new innovation that restarts the ESXi hypervisor without rebooting the physical host, skipping time-consuming hardware initialization.

Another key component that allows vSphere 6.7 to deliver a simplified and efficient experience is the graphical user interface itself. The HTML5-based vSphere Client provides a modern user interface experience that is both responsive and easy to use. With vSphere 6.7, it includes added functionality to support not only the typical workflows customers need but also other key functionality like managing NSX, vSAN, VUM as well as third-party components.

Comprehensive Built-In Security

vSphere 6.7 builds on the security capabilities in vSphere 6.5 and leverages its unique position as the hypervisor to offer comprehensive security that starts at the core, via an operationally simple policy-driven model.

vSphere 6.7 adds support for Trusted Platform Module (TPM) 2.0 hardware devices and also introduces Virtual TPM 2.0, significantly enhancing protection and assuring integrity for both the hypervisor and the guest operating system. This capability helps prevent VMs and hosts from being tampered with, prevents the loading of unauthorized components and enables guest operating system security features security teams are asking for.

Data encryption was introduced with vSphere 6.5 and very well received.  With vSphere 6.7, VM Encryption is further enhanced and more operationally simple to manage.  vSphere 6.7 simplifies workflows for VM Encryption, designed to protect data at rest and in motion, making it as easy as a right-click while also increasing the security posture of encrypting the VM and giving the user a greater degree of control to protect against unauthorized data access.

vSphere 6.7 also enhances protection for data in motion by enabling encrypted vMotion across different vCenter instances as well as versions, making it easy to securely conduct data center migrations, move data across a hybrid cloud environment (between on-premises and public cloud), or across geographically distributed data centers.

vSphere 6.7 introduces support for the entire range of Microsoft’s Virtualization Based Security technologies. This is a result of close collaboration between VMware and Microsoft to ensure Windows VMs on vSphere support in-guest security features while continuing to run performant and secure on the vSphere platform.

vSphere 6.7 delivers comprehensive built-in security and is the heart of a secure SDDC. It has deep integration and works seamlessly with other VMware products such as vSAN, NSX and vRealize Suite to provide a complete security model for the data center.

Universal Application Platform

vSphere 6.7 is a universal application platform that supports new workloads (including 3D Graphics, Big Data, HPC, Machine Learning, In-Memory, and Cloud-Native) as well as existing mission critical applications. It also supports and leverages some of the latest hardware innovations in the industry, delivering exceptional performance for a variety of workloads.

vSphere 6.7 further enhances the support and capabilities introduced for GPUs through VMware’s collaboration with Nvidia, by virtualizing Nvidia GPUs even for non-VDI and non-general-purpose-computing use cases such as artificial intelligence, machine learning, big data and more. With enhancements to Nvidia GRID™ vGPU technology in vSphere 6.7, instead of having to power off workloads running on GPUs, customers can simply suspend and resume those VMs, allowing for better lifecycle management of the underlying host and significantly reducing disruption for end-users. VMware continues to invest in this area, with the goal of bringing the full vSphere experience to GPUs in future releases.

vSphere 6.7 continues to showcase VMware’s technological leadership and fruitful collaboration with our key partners by adding support for a key industry innovation poised to have a dramatic impact on the landscape, which is persistent memory. With vSphere Persistent Memory, customers using supported hardware modules, such as those available from Dell-EMC and HPE, can leverage them either as super-fast storage with high IOPS, or expose them to the guest operating system as non-volatile memory. This will significantly enhance performance of the OS as well as applications across a variety of use cases, making existing applications faster and more performant and enabling customers to create new high-performance applications that can leverage vSphere Persistent Memory.

Seamless Hybrid Cloud Experience

With the fast adoption of vSphere-based public clouds through VMware Cloud Provider Program partners, VMware Cloud on AWS, as well as other public cloud providers, VMware is committed to delivering a seamless hybrid cloud experience for customers.

vSphere 6.7 introduces vCenter Server Hybrid Linked Mode, which makes it easy and simple for customers to have unified visibility and manageability across an on-premises vSphere environment running on one version and a vSphere-based public cloud environment, such as VMware Cloud on AWS, running on a different version of vSphere. This ensures that the fast pace of innovation and introduction of new capabilities in vSphere-based public clouds does not force the customer to constantly update and upgrade their on-premises vSphere environment.

vSphere 6.7 also introduces Cross-Cloud Cold and Hot Migration, further enhancing the ease of management across and enabling a seamless and non-disruptive hybrid cloud experience for customers.

As virtual machines migrate between different data centers or from an on-premises data center to the cloud and back, they likely move across different CPU types. vSphere 6.7 delivers a new capability that is key for the hybrid cloud, called Per-VM EVC. Per-VM EVC enables the EVC (Enhanced vMotion Compatibility) mode to become an attribute of the VM rather than the specific processor generation it happens to be booted on in the cluster. This allows for seamless migration across different CPUs by persisting the EVC mode per-VM during migrations across clusters and during power cycles.

Previously, vSphere 6.0 introduced provisioning between vCenter instances. This is often called “cross-vCenter provisioning.” The use of two vCenter instances introduces the possibility that the instances are on different release versions. vSphere 6.7 enables customers to use different vCenter versions while allowing cross-vCenter, mixed-version provisioning operations (vMotion, Full Clone and cold migrate) to continue seamlessly. This is especially useful for customers leveraging VMware Cloud on AWS as part of their hybrid cloud.

Learn More

As the ideal, efficient, secure universal platform for hybrid cloud, supporting new and existing applications, serving the needs of IT and the business, vSphere 6.7 reinforces your investment in VMware. vSphere 6.7 is one of the core components of VMware’s SDDC and a fundamental building block of your cloud strategy. With vSphere 6.7, you can now run, manage, connect, and secure your applications in a common operating environment, across your hybrid cloud.

This article only touched upon the key highlights of this release, but there are many more new features. To learn more about vSphere 6.7, please see the following resources.

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

VMware Horizon 7.3.1 and Horizon Client 4.6 released

VMware has released VMware Horizon 7.3.1 and Horizon Client 4.6! With this new release, Horizon 7.3 enhances key platform features, including Horizon Virtualization Pack for Skype for Business, VMware Instant Clone Technology and the Horizon Help Desk Tool.

Many new items have been introduced, such as HTML5 video redirection support for the Chrome browser and the ability to configure Windows Start menu shortcuts for desktop and application pools using the Horizon Administrator console. As always, you can count on increased operating system support for virtual desktops and clients.

Here is an overview of the new features:

VMware Horizon 7.3 Server Enhancements

Horizon Help Desk Tool

  • Displays application process resources with reset control
  • Role-based access control for help desk staff
  • Activity logging for help desk staff
  • Displays Horizon Client information
  • Granular logon time metrics
  • Blast Extreme display protocol metrics

Instant Clone Technology

  • Instant-clone desktops can now use dedicated assignment to preserve the hostname, IP address and MAC address of a user’s desktop
  • Windows Server OS is now supported for desktop use
  • Instant clones are now compatible with Storage DRS (sDRS)
  • If there are no internal VMs in all four internal folders created in vSphere Web Client, these folders are unprotected, and you can delete them
  • IcUnprotect.cmd utility can now unprotect or delete template, replica or parent VMs or folders from vSphere hosts

Windows Start Menu Shortcuts Created Using the Admin Console

  • Create shortcuts to Horizon 7 resources:
    • Published applications
    • Desktops
    • Global entitlements

Cloud Pod Architecture Scale

  • Total session limit is increased to 140,000
  • The site limit is now seven

VMware Horizon Apps

  • This update makes Horizon Apps easier to use and allows the administrator to restrict entitlements
  • Restrict access to desktop and application pools from specific client machines

Resiliency for Monitoring

  • If the event database shuts down, Horizon administrator maintains an audit trail of the events that occur before and after the event database shutdown

Database Support

  • Always-On Availability Groups feature for Microsoft SQL Server 2014

ADMX Templates

  • Additional GPO settings for ThinPrint printer filtering, HTML5 redirection and enforcement of desktop wallpaper settings

Remote Experience

Horizon Virtualization Pack for Skype for Business

  • Multiparty audio and video conferencing
  • Horizon 7 RDSH support
    • Windows Server 2008 R2
    • Windows Server 2012 R2
  • Forward Error Correction (FEC)
  • Quality of Experience (QOE) metrics
  • Customized ringtones
  • Call park and pickup
  • E911 (Enhanced 911) support, to allow the location of the mobile caller to be known to the call receiver
  • USB desktop-tethering support
  • Horizon Client for Linux support for the following Linux distributions:
    • Ubuntu 12.04 (32-bit)
    • Ubuntu 14.04 (32 & 64-bit)
    • Ubuntu 16.04 (64-bit)
    • RHEL 6.9/CentOS 6.x (64-bit)
    • RHEL 7.3 (64-bit)
    • SLED12 SP2 (64-bit)

Additional NVIDIA GRID vGPU Support

  • Support for the Tesla P40 graphics card from NVIDIA

HTML5 Video Redirection

  • View HTML 5 video from a Chrome browser and have video redirected to the client endpoint for smoother and more efficient video playback

Performance Counter Improvements

  • Windows agent PerfMon counters improvements for Blast Extreme sessions: imaging, audio, client-drive redirection (CDR), USB and virtual printing

Linux Virtual Desktops

  • KDE support: Besides RHEL/CentOS 6.x, the KDE GUI is now supported on RHEL/CentOS 7.x, Ubuntu 14.04/16.04 and SUSE Linux Enterprise Desktop 11 SP4
  • MATE  interface is now supported on Ubuntu 14.04 and Ubuntu 16.04
  • Blast Extreme Adaptive Transport is now supported for Linux desktops
  • vGPU hardware H.264 encoder support has been added

USB Redirection

  • USB redirection is supported in nested mode

ThinPrint Filtering

  • Administrators can filter out printers that should not be redirected

Horizon Client 4.6 Updates

Security Update

  • All clients have been updated to use SHA-2 to prevent SHA-1 collision attacks

Session Pre-launch

  • Session pre-launch is now extended to both Horizon Client for macOS and Horizon Client for Windows

Apteligent

  • Integration of Apteligent crash log

Blast Extreme

  • Improvements in Blast Extreme Adaptive Transport mode for iOS and macOS
  • User can change Blast Extreme settings without having to disconnect

Horizon Client 4.6 for Windows

  • Support for UNC path with CDR

Horizon Client 4.6 for macOS

  • Support for macOS Sierra and macOS High Sierra
  • Selective monitor support
  • Norwegian keyboard support

Horizon Client 4.6 for iOS

  • CDR support with drag and drop of files in split view
  • iOS split keyboard enhancement
  • iOS UI updates

Horizon Client 4.6 for Android

  • Android Oreo support
  • Manage the Horizon server list with VMware AirWatch
  • Simple shortcuts
  • External mouse enhancements
  • Real-Time Audio-Video (RTAV) support for Android and Chrome OS

Horizon Client 4.6 for Linux

  • Blast Extreme Adaptive Transport support

Horizon Client 4.6 for Windows 10 UWP

  • Network recovery improvements

Horizon HTML Access 4.6

  • HTML Access for Android with a revised UI
  • Customization of HTML Access page

Horizon Help Desk Tool

The Horizon Help Desk Tool provides a troubleshooting interface for the help desk that is installed by default on Connection Servers. To access the Horizon Help Desk Tool, navigate to https://<CS_FQDN>/helpdesk, where <CS_FQDN> is the fully qualified domain name of the Connection Server, or click the Help Desk button in the Horizon Administrator console.

The Help Desk Tool was introduced in Horizon 7.2 and has been greatly expanded upon in the Horizon 7.3 release.

Help Desktop Tool features with Horizon 7.2:

  • Virtual machine metrics
  • Remote assistance
  • Session control (restart, logoff, reset, and disconnect)
  • Sending messages

Additional features with Horizon 7.3:

  • Display application process resources with reset control
  • Role-based access control for help desk staff
  • Activity logging for help desk staff
  • Granular login time metrics
  • Display Horizon Client information

User Session Details

The user session details appear on the Details tab when you click a user name in the Computer Name option on the Sessions tab. You can view details for Horizon Client, the VDI desktop or RDSH-published desktop, CPU and memory stats, and many other details.

  • Client version
  • Unified Access Gateway name and IP address
  • Logon breakdown (client to broker):
    • Brokering
    • GPO load
    • Profile load
    • Interactive
    • Authentication

Blast Extreme Metrics

Blast extreme metrics that have been added include estimated bandwidth (uplink), packet loss, and transmitted and received traffic counters for imaging, audio, and CDR.

Note the following behavior:

  • The text-based counters do not auto-update in the dashboard. Close and reopen the session details to refresh the information.
  • The counters for transmitted and received traffic counters are accumulative from the point the session is queried/polled.

Blast Extreme Metrics for a Windows 10 Virtual Desktop Session

Display and Reset Application Processes and Resources

This new feature provides help desk staff with a granular option to resolve problematic processes without affecting the entire user session, similar to Windows Task Manager. The session processes appear on the Processes tab when you click a user name in the Computer Name option on the Sessions tab. For each user session, you can view additional details about CPU- and memory-related processes to diagnose issues.

Role-based Access Control and Custom Roles

You can assign the following predefined administrator roles to Horizon Help Desk Tool administrators to delegate the troubleshooting tasks between administrator users:

  • Help Desk Administrator
  • Help Desk Administrator (Read Only)

You can also create custom roles by assigning the Manage Help Desk (Read Only) privilege along with any other privileges based on the Help Desk Administrator role or Help Desk Administrator (Read Only) role.

Members of the Help Desk Administrators (Read Only) role do not have access to following controls; in fact, functions such as Log Off and Reset are not presented in the user interface.

Watch this brief demonstration video of the Horizon Help Desk Tool to see it in action:

Horizon Virtualization Pack for Skype for Business

You can now make optimized audio and video calls with Skype for Business inside a virtual desktop without negatively affecting the virtual infrastructure and overloading the network.

All media processing takes place on the client machine instead of in the virtual desktop during a Skype audio and video call.

New support with many expanded features for the Horizon Virtualization Pack for Skype for Business can be found in Horizon 7.3 and Client 4.6.

New Features

Horizon Virtualization Pack for Skype for Business offers the following supported features:

System Requirements

The following table outlines the system requirements for the new release:

Supported Clients

The following table provides the list of support Horizon clients:

Start Menu Shortcuts Configured Through the Admin Console

This feature improves the user experience by adding desktop and application shortcuts to the Start menu of Windows client devices.

You can use Horizon Administrator to create shortcuts for the following types of Horizon 7 resources:

  • Published applications
  • Desktops
  • Global entitlements

Shortcuts appear in the Windows Start menu and are configured by IT. Shortcuts can be categorized into folders.

Users can choose at login whether to have shortcuts added to the Start menu on their Windows endpoint device.

Watch this brief demonstration video of the new Desktop and Apps Shortcuts feature to see it in action:

Dedicated Desktop Support for Instant Clones

Upon the initial release of instant clones in Horizon 7, we supported floating desktop pools and assignments only. Further investments have been made to Instant Clone Technology that add support for dedicated desktop pools. Fixed assignments and entitlements of users to instant-clone machines is now provided as part of Horizon 7.3.

Dedicated instant-clone desktop assignment means that there is a 1:1 relationship between users and desktops. Once an end user is assigned to a desktop, they will consistently receive access to the same desktop and corresponding virtual machine. This feature is important for apps that require a consistent hostname, IP address, or MAC address to function properly.

Note: Persistent disks are not supported. Fixed assignments to desktops does not mean persistence for changes. Any changes that the user makes to the desktop while in-session will not be preserved after logoff, which is similar to how a floating desktop pool works. With dedicated assignment, when the user logs out, a resync operation on the master image retains the VM name, IP address, and MAC address.

Support for the Tesla P40 Graphics Card from NVIDIA

VMware has expanded NVIDIA GRID support with Tesla P40 GPU cards in Horizon 7.3.

HTML5 Video Redirection

This feature provides the ability to take the HTML5 video from a Chrome (version 58 or higher) browser inside a Windows VDI or RDSH system and redirect it to Windows clients. This feature uses Blast Extreme or PCoIP side channels along with a Chrome extension.

The redirected video is overlaid on the client and is enabled as well as managed using GPO settings.

Benefits include:

  • Supports generic sites such as YouTube, without requiring a server-side plugin.
  • Provides smooth video playback comparable to the native experience of playing video inside a browser on the local client system.
  • Reduces data center network traffic and CPU utilization on the vSphere infrastructure hosts.

Improved USB Redirection with User Environment Manager

The default User Environment Manager timeout value has been increased. This change ensures that the USB redirection Smart Policy takes effect even when the login process takes longer than expected.

With Horizon Client 4.6, the User Environment Manager timeout value is configured only on the agent and is sent from the agent to the client.

You can now bypass User Environment Manager control of USB redirection by setting a registry key on the agent machine (VDI desktop or RDSH server). This change ensures that smart card SSO works on Teradici zero clients. Note: Requires a restart.

HKLM\Software\VMware, Inc.\VMware VDM\Agent\USB uemFlags (REG_DWORD 1)

Blast Extreme Performance Counter Improvements

The Windows Agent PerfMon counters for the Blast Extreme protocol have been improved to update at a constant rate and to be even more accurate.

Counters include:

  • Imaging
  • Audio
  • CDR
  • USB
  • Virtual printing

Linux Virtual Desktops

Features and functions for Horizon 7 for Linux virtual desktops have been expanded:

  • KDE support – Besides RHEL/CentOS 6.x, the KDE GUI is now supported on RHEL/CentOS 7.x, Ubuntu 14.04/16.04, SUSE Linux Enterprise Desktop 11 SP4.
  • Support for the MATE interface on Ubuntu 14.04, Ubuntu 16.04.
  • Blast Extreme Adaptive Transport support.
  • vGPU hardware H.264 encoder support.

USB Redirection Support in Nested Mode

The USB redirection feature is now supported when you use Horizon Client in nested mode. When using nesting–for example, when opening RDSH applications from a VDI desktop–you can now redirect USB devices from the client device to the first virtualization layer and then redirect the same USB device to the second virtualization layer (that is, nested session).

Filtering Redirected Printers

You can now create a filter to specify the printers that should not be redirected with ThinPrint. A new GPO ADMX template (vmd_printing_agent.admx) has been added to enable this functionality.

By default, the rule permits all client printers to be redirected.

  • Supported attributes:
    • PrinterName
    • DriverName
    • VendorName
  • Supported operators:
    • AND
    • OR
    • NOT
  • Supported searching pattern is a regular expression.

Blast Extreme Improvements in CPU Usage

Now even lower CPU usage is achieved with adaptive Forward Error Correction algorithms. This clever mechanism decides how to handle error correction, lowering CPU usage within virtual desktop machines as well as on client endpoint devices.

Blast Extreme Adaptive Transport Side Channel

New support has been added for Blast Extreme Adaptive Transport side channels for USB and CDR communications. Once enabled, TCP port 32111 for USB traffic does not need to be opened, and USB traffic uses a side channel. This feature is supported for both virtual desktops and RDS hosts.

  • Feature is turned off by default.
  • Enable the feature through a registry key: HKEY_LOCAL_MACHINE\SOFTWARE\VMware, Inc.\VMware Blast\Config\UdpAuxiliaryFlowsEnabled 1

Entitlement Restrictions Based on Machine Name

This feature allows IT administrators to restrict access to published applications and desktops based on both client computer and user. With client restrictions for RDSH, it is now possible to check AD security groups for specific computer names. Users only have access to desktops and apps when both the user and the client machine are entitled. For this release, the feature is supported only for Windows clients and works with global entitlements.

Pre-Launch Improvements

Pre-launch provides the ability to launch an empty (application-less) session when connecting to the Connection Server. The feature is now also available to Windows clients, in addition to macOS.

Also, it is no longer necessary to manually make changes to the client settings. You can configure automatic reconnection.

Blast Extreme Adaptive Transport Mode for iOS and macOS

With prior client releases, users were required to configure their Blast Extreme settings before they connected to the Connection Server. After a connection was established, the options to change the Blast Extreme setting—which included H.264, Poor, Typical, and Excellent—were unavailable.

With this release, users can change the network condition setting from Excellent to Typical or the reverse while inflight to sessions. Doing so also changes the protocol connection type between TCP (for Excellent) and UDP (for Typical).

Note: End users will not be able to change the network condition setting if Poor is selected before establishing a session connection.

Horizon Client for Windows

Horizon Client 4.6 updates include:

  • Additional command-line options for the new client installer – When silently installing the Windows client, using the /s flag, you can now also set:
    • REMOVE-SerialPort,Scanner – Removes the serial port, scanner, or both.
    • DESKTOP_SHORTCUT-0 – Installs without a desktop shortcut.
    • STARTMENU_SHORTCUT-0 – Installs without a Start menu shortcut.

  • Support for UNC paths with client drive redirection (CDR):
    • Allows remote applications to access files from a network location on the client machine. Each location gets its own drive letter inside the remote application or VDI desktop.
    • Folders residing on UNC paths can now be redirected with CDR, and get their own drive letter inside the session, just as any other shared folder.

Horizon Client for macOS

Horizon Client 4.6 updates include:

  • Apple macOS High Sierra day 0 support.
  • Users can select which monitors to use for VDI sessions and which to use for the local system.
  • Norwegian keyboard support and mappings are now available

Horizon Client for iOS

Horizon Client 4.6 updates include:

  • iOS 11 support
  • iOS split keyboard update – Removes the middle area in the split keyboard for a better view of the desktop
  • New dialog box for easy connection to a Swiftpoint Mouse

Horizon Client for Android

Horizon Client 4.6 updates include:

  • Android 8.0 Oreo support.
  • Server URL configuration – Allows administrators to configure a list of Connection Servers and a default Connection Server on Android devices managed by VMware AirWatch.

Android and Chrome OS Client Updates

Horizon Client 4.6 for Android and Horizon Client 4.6 for Chrome OS updates include:

  • Simple shortcuts – Users can right-click any application or desktop to add a shortcut to the home screen.
  • Webcam redirection – Integrated webcams on an Android device or a Chromebook are now available for redirection using the Real-Time Audio-Video (RTAV) feature.

HTML Access

HTML Access 4.6 updates include:

  • HTML Access on Android devices – Though HTML Access has fewer features than the native Horizon Client, it allows you to use remote desktops and published applications without installing software.
  • HTML Access page customization – Administrators can customize graphics and text and have those customizations persist through future upgrades.

Horizon Client for Linux

Horizon Client 4.6 updates include:

  • Support for Raspberry Pi 3 Model B devices:
    • ThinLinx operating system (TLXOS) or Stratodesk NoTouch operating system
    • Supported Horizon Client features include:
  • Blast Extreme
  • USB redirection
  • 264 decoding
  • 8000Hz and 16000Hz audio-in sample rate
  • RHEL/CentOS 7.4 support

Horizon Client for Windows 10 UWP

Horizon Client 4.6 updates include:

  • Network recovery improvements – Clients can recover from temporary network loss (up to 2 minutes). This feature was already available for Windows, macOS, Linux, iOS, and Android, and is now available for Windows 10 UWP.
    • Automatically reconnects Blast Extreme sessions
    • Reduces re-authentication prompts

We are excited about these new features in Horizon 7.3.1 and the Horizon Client 4.6.  We hope that you will give them a try.

You can download it here.

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Exchange Server 2016 Cumulative Update 7 (KB4018115) and Exchange Server 2013 Cumulative Update 18 (KB4022631)

The latest set of Cumulative Updates for Exchange Server 2016 and Exchange Server 2013 are now available on the download center.  These releases include fixes to customer reported issues, all previously reported security/quality issues and updated functionality.

Minimum supported Forest Functional Level is now 2008R2

In our blog post, Active Directory Forest Functional Levels for Exchange Server 2016, we informed customers that Exchange Server 2016 would enforce a minimum 2008R2 Forest Functional Level requirement for Active Directory.  Cumulative Update 7 for Exchange Server 2016 will now enforce this requirement.  This change will require all domain controllers in a forest where Exchange is installed to be running Windows Server 2008R2 or higher.  Active Directory support for Exchange Server 2013 remains unchanged at this time.

Support for latest .NET Framework

The .NET team is preparing to release a new update to the framework, .NET Framework 4.7.1.  The Exchange Team will include support for .NET Framework 4.7.1 in our December Quarterly updates for Exchange Server 2013 and 2016, at which point it will be optional.  .NET Framework 4.7.1 will be required on Exchange Server 2013 and 2016 installations starting with our June 2018 quarterly releases.  Customers should plan to upgrade to .NET Framework 4.7.1 between the December 2017 and June 2018 quarterly releases.

The Exchange team has decided to skip supporting .NET 4.7.0 with Exchange Server.  We have done this not because of problems with the 4.7.0 version of the Framework, rather as an optimization to encourage adoption of the latest version.

Known unresolved issues in these releases

The following known issues exist in these releases and will be resolved in a future update:

  • Online Archive Folders created in O365 will not appear in the Outlook on the Web UI
  • Information protected e-Mails may show hyperlinks which are not fully translated to a supported, local language

Release Details

KB articles that describe the fixes in each release are available as follows:

Exchange Server 2016 Cumulative Update 7 does not include new updates to Active Directory Schema.  If upgrading from an older Exchange version or installing a new server, Active Directory updates may still be required.  These updates will apply automatically during setup if the logged on user has the required permissions.  If the Exchange Administrator lacks permissions to update Active Directory Schema, a Schema Admin must execute SETUP /PrepareSchema prior to the first Exchange Server installation or upgrade.  The Exchange Administrator should execute SETUP /PrepareAD to ensure RBAC roles are current.

Exchange Server 2013 Cumulative Update 18 does not include updates to Active Directory, but may add additional RBAC definitions to your existing configuration. PrepareAD should be executed prior to upgrading any servers to Cumulative Update 18. PrepareAD will run automatically during the first server upgrade if Exchange Setup detects this is required and the logged on user has sufficient permission.

Additional Information

Microsoft recommends all customers test the deployment of any update in their lab environment to determine the proper installation process for your production environment. For information on extending the schema and configuring Active Directory, please review the appropriate TechNet documentation.

Also, to prevent installation issues you should ensure that the Windows PowerShell Script Execution Policy is set to “Unrestricted” on the server being upgraded or installed. To verify the policy settings, run the Get-ExecutionPolicy cmdlet from PowerShell on the machine being upgraded. If the policies are NOT set to Unrestricted you should use the resolution steps in KB981474 to adjust the settings.

Reminder: Customers in hybrid deployments where Exchange is deployed on-premises and in the cloud, or who are using Exchange Online Archiving (EOA) with their on-premises Exchange deployment are required to deploy the most current (e.g., 2013 CU18, 2016 CU7) or the prior (e.g., 2013 CU17, 2016 CU6) Cumulative Update release.

For the latest information on Exchange Server and product announcements please see What’s New in Exchange Server 2016 and Exchange Server 2016 Release Notes.  You can also find updated information on Exchange Server 2013 in What’s New in Exchange Server 2013, Release Notes and product documentation available on TechNet.

Note: Documentation may not be fully available at the time this post is published.

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Important update for Azure Active Directory Connect – Version 1.1.553.0

Microsoft released Azure Active Directory Connect version 1.1.553.0 on June 26, 2017. More importantly, they published an important security advisory one day later.

Microsoft Security Advisory 4033453 – Vulnerability in Azure AD Connect Could Allow Elevation of Privilege explains,

The [ADD Connect version 1.1.553.0] update addresses a vulnerability that could allow elevation of privilege if Azure AD Connect Password writeback is misconfigured during enablement. An attacker who successfully exploited this vulnerability could reset passwords and gain unauthorized access to arbitrary on-premises AD privileged user accounts. The issue is addressed in the latest version (1.1.553.0) of Azure AD Connect by not allowing arbitrary password reset to on-premises AD privileged user accounts.

Microsoft highly recommends all customers update to version 1.1.553.0 or later to mitigate this vulnerability, even if you don’t use the optional password writeback feature. If you are unable to update immediately, the article above describes mitigation steps you can consider.

  • If the AD DS account is a member of one or more on-premises AD privileged groups, consider removing the AD DS account from the groups.
  • If an on-premises AD administrator has previously created Control Access Rights on the adminSDHolder object for the AD DS account which permits Reset Password operation, consider removing it.
  • It may not always be possible to remove existing permissions granted to the AD DS account (for example, the AD DS account relies on the group membership for permissions required for other features such as Password synchronization or Exchange hybrid writeback). Consider creating a DENY ACE on the adminSDHolder object which disallows the AD DS account with Reset Password permission using Windows DSACLS tool.

Expta

Tags: , , , , , , , , , , , , , , , , , , , ,

European Skype for Business User Group Meeting about Office 365 PSTN calling

On April 6 i was attending the Dutch Skype for Business user groups event at  Microsoft Netherlands. Especially for those present in the Netherlands, we will explain the new telephony capabilities Netherlands in Office 365 (PSTN calling).

The agenda:

17: 30-18: 00 Registration

18:00 to 18:30 Skype for Business Online developments in the Netherlands (van Houttum, MVP)

18:30 to 18:45 Welcome and Key Note Session

18:45 to 19:10 Session 1 (Nordic)
Cloud PBX – Options (AA CQ CCE and more) (Lasse Nordvik Wedo, MVP), support from (Stale Hansen, MVP)

19:10 to 19:35 Session 2 (Germany)
Online Dial Pans with CloudPBX (Thomas Poett, MVP)

19: 35- 20:00 Session 3 (UK)
Trusted Server API SfB (Tom Morgen and Ben Lee, MVPs)

8:00 p.m. to 20:15 BREAK

20:15 to 20:40 Session 4 (Benelux)
Teams in O365 (Johan Delimon, MVP) with support from (van Houttum, MVP)

20:40 to 21:05 Session 5 (Italy)
Hybrid Skype4B Best Practice for Cloud PBX with PSTN Connectivity (Alessandro Appiani, MVP)

If you want to look the session back: https://join-emea.broadcast.skype.com/skype4b-ug.de/9dab4d2cc4074a25b7ab83ddbfe57821/nl-NL/

Tags: , , , , , , , , , , , , , , , ,

Zerto Virtual Replication

Zerto Virtual Replication Ends Hypervisor Vendor Lock-In

Zerto Virtual Replication (ZVR) is the first hypervisor-based replication solution to offer enterprise-class cross-hypervisor replication, disaster recovery, data protection and workload mobility. With ZVR, IT departments can automatically convert Hyper-V VMs to VMware, convert VMware VMs to Hyper- V, & convert Hyper-V to AWS for increased flexibility and cost savings.

Tags: , , , , , , , ,

Important notice about certificate expiration for Exchange 2013 Hybrid customers

If you’re running Exchange 2013 and you’ve configured a hybrid deployment with Office 365, this post contains important information that might impact you. Please evaluate this information and take any necessary action before April 15, 2016.

On April 15 2016, the Office 365 TLS certificate will be renewed. This certificate is used by Office 365 to provide TLS encryption between Office 365 and external SMTP servers. The new certificate, which will help improve the security of mail sent to and from Office 365, will be issued by a new Certificate Authority and it will have a new Issuer and Subject.

This change has the potential to stop hybrid mailflow between Office 365 and your on-premises Exchange servers if one of the following conditions applies to you:

  • Your on-premises Exchange servers are running Exchange 2013 Cumulative Update 8 (CU8) or lower.
  • You’ve upgraded the Exchange 2013 servers that handle hybrid mailflow to Exchange 2013 CU9 or higher. However, since upgrading to CU9, you HAVE NOTre-run the Hybrid Configuration wizard (either from the Exchange Admin Center or via the direct download link).

If one of the previous conditions applies to your organization, hybrid mailflow between Office 365 and your organization will stop working after April 15, 2016unless you complete the steps below.

Note: This only affects hybrid mailflow. Regular mailflow and TLS encryption is NOT affected.

How to keep hybrid mail flowing (MUST be completed before 4/15/2016)
Let the new Hybrid Configuration wizard do it for you

You can use the latest Hybrid Configuration wizard (HCW) to configure your Exchange 2013 servers to work with the new TLS certificate. Just follow these steps:

  1. If the Exchange 2013 servers handling hybrid mailflow are running Exchange 2013 CU8 or lower, follow the instructions in Updates for Exchange 2013 to install the latest cumulative update on at least one server.
  2. After you install the latest cumulative update, download the new HCW application and run the wizard following the instructions here .

Note: For information on which releases of Exchange are supported with Office 365, see Hybrid deployment prerequisites.

Manual update

If you can’t upgrade Exchange 2013 to latest cumulative update right now (although we would like to remind you of our support policy), you can manually configure your servers to work with the new TLS certificate. On each Exchange 2013 server that’s used for hybrid mailflow, open the Exchange Management Shell, and run the following commands:

$rc=Get-ReceiveConnector |where {$_.TlsDomainCapabilities -like “*<I>*”}

Set-ReceiveConnector -Identity $rc.Identity -TlsDomainCapabilities “mail.protection.outlook.com:AcceptCloudServicesMail

http://blogs.technet.com/b/exchange/archive/2016/02/19/important-notice-about-certificate-expiration-for-exchange-2013-hybrid-customers.aspx

Tags: , , , , , , , , , , , , , , , ,

Cumulative Update 8 for Exchange Server 2013

The Exchange team is announcing today the availability of Cumulative Update 8 for Exchange Server 2013. The Cumulative Update Package and UM Language Packsare now available on the Microsoft Download Center. Cumulative Update 8 represents the continuation of our Exchange Server 2013 servicing and builds upon Exchange Server 2013 Cumulative Update 7. The release includes fixes for customer reported issues, minor product enhancements and previously released security bulletins. A complete list of customer reported issues resolved can be found in Knowledge Base Article KB3030080. Customers running any previous release of Exchange Server 2013 can move directly to Cumulative Update 8 today. Customers deploying Exchange Server 2013 for the first time may skip previous releases and start their deployment with Cumulative Update 8 directly.

We would like to call your attention to a few items in particular about the Cumulative Update 8 release:

  • Calendar and Contact Modern Public Folders favorites added in Outlook are now accessible in OWA
  • Batch Migration of Public Folders to 2013 improves migration throughput and PF migration experience
  • Smoother migration for EAS clients to O365 with automatic profile redirect upon successful Hybrid migration to O365 (EAS client must support HTTP 451 redirect)

For the latest information and product announcements please read What’s New in Exchange Server 2013, Release Notes and product documentation available on TechNet.

Cumulative Update 8 includes Exchange related updates to Active Directory schema and configuration. For information on extending schema and configuring the active directory please review the appropriate TechNet documentation. Also, to prevent installation issues you should ensure that the Windows PowerShell Script Execution Policy is set to “Unrestricted” on the server being upgraded or installed. To verify the policy settings, run the Get-ExecutionPolicy cmdlet from PowerShell on the machine being upgraded. If the policies are NOT set to Unrestricted you should use the resolution steps in KB981474 to adjust the settings.

Reminder: Customers in hybrid deployments where Exchange is deployed on-premises and in the cloud, or who are using Exchange Online Archiving (EOA) with their on-premises Exchange deployment are required to deploy the most current (e.g., CU8) or the prior (e.g., CU7) Cumulative Update release.

Tags: , , , , , , , , , , , , , , ,

Moving to Office 365/Exchange Online? A good idea?

Reducing IT costs: Especially in challenging economic times, organizations need to cut costs wherever possible—but without reducing capabilities.

Increasing predictability of IT costs: Replacing or upgrading on-premises IT systems can require significant one-time capital expenditures.

Increasing user productivity: Users face growing volumes of email, and need tools to help them manage it more efficiently.
Enhancing collaboration: Increasingly mobile and distributed workers need technology that helps them work together wherever they are.

Reducing IT administration: IT can be stretched thin and spend too much time managing hardware, updates, and upgrades.
Increasing reliability and availability of email: Email is a business-critical application, and many organizations face challenges keeping it running—especially with shrinking IT budgets.

Staying up-to-date with the latest technology: To stay competitive and recruit the next generation of talent, businesses need to have the latest functionality. But, upgrading on-premises software can be a significant undertaking.

1 Simplified Administration

Managing corporate email can be complex. With Exchange Online, many of the most time-consuming tasks are taken care of by Microsoft, including the management of hardware, updates, and upgrades. Additionally, Exchange Online delivers a streamlined administration experience, making it easier for IT administrators to configure and manage email services in ways that benefit the business.

2 Conclusion

The benefits of moving email to the cloud are clear; including lower costs, increased agility, simpler management, and higher-quality services. Exchange Online meets these expectations by delivering a wide-range of features and capabilities that support anywhere access, protection and compliance, and simplified administration.

But now the real world experience with Exchange Online

If your organization is using google DNS servers. You will be redirected to the Exchange Online servers in America not Dublin if you live in The Netherlands.

Exchange Online works the best if you use cached mode.

The Question is do you want is you using Microsoft Remote Desktop Services or Citrix XenDesktop or VMware Horizon (View)

Cached Exchange Mode in a Remote Desktop Session Host environment: planning considerations
Limits to using personal folders (.pst) files over LAN and WAN links.

My Conclusion:
Exchange Online is great for most organizations. Lower costs, increased agility, simpler management, and higher-quality services.

But is your organization using Microsoft Remote Desktop Services or Citrix XenDesktop or VMware Horizon (View). You need think twice for you migrate.

As IT admin you don’t want ost files locally on Remote Desktop or XenDesktop or VMware View Servers & Desktops or on your file server.

Saving money can mean angry & complaining customers….

Tags: , , , , , , , ,