I like this, lol: (https://wiki.fogproject.org/wiki/index.php?title=New_Home_Page#Hardware)
Requirements
Hardware
FOG is best implemented on a dedicated server, any spare machine you have. We recommend that you have sufficient hard drive space as each image you make is usually between 5 and 10 GB and it's best to have a gigabit NIC with as much processor and RAM you can throw at it.

Wow, that's SO helpful of them to tell me exactly how much CPU, RAM and HD resources to throw at my server, lol!

We have a new ESXi v6.5 host that we've deployed, and we're trying to get the management network configured and working, but we're having problems.  When we only have one NIC selected in the ESXi DCUI, we can ping the host.  But when we select the two NICs that are on the trunk that we created, we can't ping the host anymore...

The new host (ESXI2) is a Dell PowerEdge R730xd with 4 NIC ports, and an additional set of 4 NIC ports from a daughter card.  The initial goal was to make a trunk with NIC ports 1 and 2 for the management network, then make a separate trunk with ports 3-8 for the VM guest traffic.  This new host is connected to an HP ProCurve 3500yl-24G.  I've created two trunks (trk1 for management and trk2 for VM guests).  trk1 is created from ports 1 and 2 on the ProCurve, and those ports are connected to the physical NIC ports 1 and 2 on the server.  I used the following command to create the trunk:

trunk 1,2 trk1 trunk

Quick reference:  We have another v6.0 ESXi host (ESXI-1 / an HP ProLiant DL360 G8) at another site, and it too has a trunk for the management network (created with the same command as above), and that trunk is working fine - we can talk to and manage that host without any problems.  The switch that ESXI-1 is connected to is a ProCurve E5412zl. This switch and the 3500yl at the other site are both running the same exact firmware ROM version.

The VLAN tagging is exactly the same on the trunk connected to ESXI-1 and ESXI-2 on their respective switches.

Also, the VLAN ID on the hosts themselves is "not set".  We don't use or need to have that set (and I've tried it on the new host just to rule it out).

I either need to figure out why the trunk on the new server isn't working (and fix it of course), or I need to just use one NIC port for managment, and create a separate vSwitch from the other trunked ports for the guest traffic (once I can actually get the management network working and connect to the host via the vSphere client).  If I go with a single NIC for the management network, how big of a deal is this?  A lot of the documentation I've read says that the management network should be configured with at least two NICs.

I'm not sure why, but our two DL380 G7 servers have two different part numbers O_o... (583914-B21 and P01227). I'm assuming (and hoping) that these two servers both take the same exact parts.

Each server is currently configured with two 146GB SAS drives in a RAID 1 setup (running Windows Server 2008 R2).

We'd like to upgrade these to be storage servers for all of our backups, so the initial thought is that we'll remove the optical drive from each and install the additional 8-bay SFF drive cages and populate all of the drive slots (the original two drives will still host the OS, and the remaining 14 drives would be pooled into one big RAID 10 array; on each server).

Each server currently has a P410i and a P411 controller cards installed (not sure if that's a factory default setup, but it appears to be). Each server also has two 460 watt PSUs.

I have some questions:

1. Is our intended setup possible? If so, is it possible to use our existing raid controllers? Would we need to order any sort of additional "riser board" or "expander"?

2. Which parts would we need in order to achieve our goal? For instance, if we want the PSUs to be fully redundant, would we need to buy larger ones in order to provide enough power for all of the hard drives that will be installed? Would two 750 watt PSUs suffice? (part number 599383-001) I'm also assuming we'll need the backplane board (507690-001) and the SFF 8-bay drive cage assembly (496074-001), but I'm not sure if we also need the hard drive backplane power cable (496070-001) and/or what other cables we'll need (or if the drive cage or backplane board come with cables).

Thanks so much for whatever info someone is able to provide!

:-O.... I can't even comprehend having those speeds, lol!

@scottalanmiller said in "Invalid Drive Movement" (HP Smart Array P411):

@Shuey said in "Invalid Drive Movement" (HP Smart Array P411):

@scottalanmiller said in "Invalid Drive Movement" (HP Smart Array P411):

@Shuey said in "Invalid Drive Movement" (HP Smart Array P411):

I actually rebooted this server multiple times about a month ago when I installed updates on it. The reboots went fine. We also completely powered that server down at around the same time because I added more RAM to it. Again, after powering everything back on, the server and raid array information was all intact.

Does your normal reboot schedule of your server include a reboot of the MSA? Could it be that they were powered back on in the incorrect order? MSAs are notoriously flaky, likely that is where the issue is.

I'd call HPE support. The MSA is a flaky unit but HPE support is quite good.

We unfortunately don't have a "normal reboot schedule" of ANY for our servers :-/...

I should not have said schedule. I should have said your "Normal reboot process." Regardless of the regularity of the reboots, is the process a standard one?

I'm not sure we have a "standard"... we only reboot this particular ESXi host when absolutely necessary, and this weekend is possibly the first time we've rebooted the MSA in a year or more :-S...

@IRJ said in Logical IT Certification Progression:

A+ didn't teach me anything useful. It was a test just to get a piece of paper to help me get a job.

This, at least in my opinion, really depends on experience and understanding prior to taking the test.

I personally think that the A+ certification is great in at least two scenarios:

1. For people who don't have enough experience or understanding to realize that solving IT problems, in a "foundational" sense, really boils down to "Is the issue I'm trying to work through a 'hardware problem', a 'software problem' or 'both'?"
2. For people who partially fit the profile of #1 but they don't yet realize it, or they haven't developed it enough.

(3) My opinion is that the A+ cert is either for someone who is very green to the field of IT and is just beginning their journey (and this may not even mean someone who is pursuing a career in IT), so they're looking to build foundational knowledge -OR- it's for someone who's got some IT experience and they want to either begin a career in IT, or they're still in the early phases of their IT career and they need to play the game of "show me your paper" in order to take it to the next level (which matches your scenario).

@dashrender said in Advice on building "storage servers" with two DL380 G7 servers:

Why does storage form factor matter?

Eight 6TB drives is cheaper than trying to build out 18TB of usable storage with the 2.5" drives...

@scottalanmiller said in "Invalid Drive Movement" (HP Smart Array P411):

@Shuey said in "Invalid Drive Movement" (HP Smart Array P411):

We don't have a support contract on this server or the attached MSA, and they're likely way out of warranty (ProLiant DL360 G8 and a StorageWorks MSA60), so I'm not sure how much we'd have to spend in order to get HP to "help" us :-S...

A bit. Why is there an MSA out of contract? The only benefit to an MSA is the support contract. Not that that makes it worth it, but proprietary storage requires a warranty contract to be viable. The rule is that any storage of that nature needs to be decommissioned the day before the support contract runs out because there isn't necessary any path to recovery in the event of an "incident" without one. It's not a standard server that you can just fix yourself with third party parts. Sometimes you can, but as it is a closed, proprietary system, you are generally totally dependent on your support contract from the vendor to keep it working.

There is a good chance that this is a "replace the MSA and restore from backup" situation in that case.

Unfortunately, my company's philosophy on "investing in IT infrastructure" goes like this: "We'll spend hundreds to thousands of dollars every time our PACS vendor tells us they need it. Then, when they say that they need to upgrade their equipment, we'll re-purpose their old stuff for the rest of our production environment (because we don't understand the importance of spending money on the rest of our infrastructure, and we don't trust the knowledgeable people we hired in our IT department)"

One of the best pieces of advice I can give you is this:

1. Don't limit yourself by taking a path that you think you should take when your heart is leaning towards something else. Here's an example: Someone just starts tinkering with Linux and they're immediately excited about it. But instead of diving in and taking advantage of that natural spark, they miss an opportunity to start a fire and gain a lot of great experience because they instead choose to do something they're less interested in (Perhaps because someone convinced them to go down a different path because it "might pay more" or something of that nature).

(Which leads me to #2)
2. Follow your passion! I'm so glad I've never been in a situation like the example I gave in #1. If you continue to spend time pursuing the things that excite you, it's a lot easier to be happy and feel fulfilled. This, at least for me, also requires having an open mind and sometimes making sacrifices to "dabble" and try new things to keep the journey fresh and exciting.

@scottalanmiller said in Advice on building "storage servers" with two DL380 G7 servers:

@shuey said:

@dashrender LOL, that's an upgrade for us! We're still running Server 2008 R2 on almost every server in our fleet!

Might be an upgrade, but why deploy anything new that isn't current? Why take the time and effort to deploy old software?

Because we still have keys for 2008 R2. It's one more thing that the bean counters can avoid spending money on (and that's not MY choice by the way...).

@scottalanmiller said in Invalid Drive Movement from HP SmartArray P411 RAID Controller with StorageWorks MSA60:

Next step... get local drives and decom that MSA60. It just sent a shot across your bow and has exposed how dangerous and precarious it is. Don't fail to heed its warning.

Absolutely Scott! I'm gonna be talking more with my boss about this as soon as possible!

So much truth in this article! Great write-up Scott!

Indeed, continual learning throughout the entire journey is a must. This field is growing and evolving so quickly that we have to be passionately diligent if we're going to keep up with it and remain relevant.

Thanks again to everyone who replied and gave feedback on this. It's great to know that there's a solid community of knowledgeable people who are willing to share their expertise - I really appreciate it!!

@scottalanmiller said in Migrate and/or replace old cert server?:

@Shuey said in Migrate and/or replace old cert server?:

First let me say that I know nothing about certificate services, IIS or SQL (all three of which are currently configured and running on this server).

Why are those together? That's not generally a best practice. I realize that Windows licensing causes some decisions that would otherwise be poor, but this seems an odd combination.

Your guess is as good as mine, lol. I know it's not a good business practice, but "bad business practices" at my company are kinda like cereal and milk; they have always gone together for as long as I've known. Here's a great example reference: We have two main datacenters, which my boss refers to as "the cold room" (LOL). One of the datacenters is shared with a janitor's closet, and there's no lock on the door! Yep, literally hundreds of thousands of dollars worth of equipment that anyone in the entire building could access without restriction (one of the big dollar items in this "cold room" is an EMC SAN!!). Despite the fact that I've told my boss and upper management that this is crazy, they have done nothing to change it. Another example: The datacenter at one of our other sites has a crazy ghetto "cooling system" (if that's what you wanna call it). Prior to getting an air conditioner installed in this server room, the way they used to cool it was to open the server room door and put several floor fans in their blowing the hot air out (and that's STILL what they do when the air conditioner dies!) - and this "cold room" also has an EMC SAN!!! O_o

@Dashrender said in Migrate and/or replace old cert server?:

@Mike-Davis said in Migrate and/or replace old cert server?:

@scottalanmiller said in Migrate and/or replace old cert server?:

@Shuey said in Migrate and/or replace old cert server?:

Is it common for every business/company that has a domain network to have a cert server for issuing/updating all of the AD account certificates?

Maybe I've lost my mind but... what is an "AD Account Certificate"?

You can integrate AD with certificate services so that the workstations use the certs for communication. I've never seen it done.

The only time I have used certificate services is to generate certificates for securing communication between Wireless APs and company owned devices.

While I haven't seen it, I've read about it in NPS (Network Policy Server setups). The machine comes on the network, checks in with the NPS, and the NPS determines what VLAN it should be on, etc, etc.

@wrx7m said in Migrate and/or replace old cert server?:

I am using AD cert services for RADIUS authentication of wireless client devices and users.

This makes more sense now! They USED to do radius authentication, as well as wireless authentication via the cert server. Since we no longer use either, it sounds like I might be safe to completely skip this project all together, and move on to the SharePoint project. What do you guys think?

@scottalanmiller Thanks for the enlightenment Scott! I can't believe I JUST NOW found out how Hyper-V really works, lol. Better late than never :D.

@scottalanmiller said in Migrate and/or replace old cert server?:

@Shuey said in Migrate and/or replace old cert server?:

I'd really like to figure out how to safely test this role in a disabled state, but I don't know how to disable it without completely removing the role :D.

Just suspect the VM.... oh wait, not a discrete VM. One of the many reasons why that is important

Sorry, had to go there.

LOL, touche!

I've been using SecureAPlus for the last several months, along with Microsoft Security Essentials on Windows 7 and Windows Defender on Windows 10. It uses ClamAV and it's free - check it out: https://www.secureaplus.com/

@scottalanmiller said in content filter for small school?:

@Shuey said in content filter for small school?:

I thought I loosely conveyed that pfSense would be the router and DansGuardian would be a module you install inside it for the filtering, lol.

Well that's incorrect, then pfSense is the router and it has a module that is Squid. Squid inside of pfSense does the filtering. Dansguarding is the set of filter rules for Squid. In all cases, Squid is what does the filtering.

My original point was that if you wanted DansGuardian and Squid that it should not be run on your router, like pfSense. It should be on a VM running Linux (or FreeBSD), but not on your router.

Ah, I see - thanks for clarifying. I mean this with all sincerity Scott: I've only had a handful of virtual interactions with you in the relatively short amount of time I've known you, but I really enjoy it and look forward to learning a lot more. You remind me a lot of one of my other IT friends (Joseph Granneman); both of you guys possess a mind-blowing amount of knowledge and skills!

"RanSim"