Co-author: Damon Earley
IT Admins can realize significant time savings with up to 98% less hands-on time to update hypervisor and firmware¹
We’ve often heard that the most precious resource is time. What if we told you that Dell EMC PowerEdge and VMware have teamed up to help your IT staff get a little more time back in their day? No, it’s not magic, although you may feel compelled to work on your next virtual party trick with all of the time savings that your IT staff will reap from using Dell EMC OpenManage Integration for VMware vCenter (OMIVV) and vSphere Lifecycle Manager (vLCM). Better yet, use the time saved to access more exciting content from the first-ever virtual VMworld 2020, including the PowerEdge and VMware on-demand technical session.
Dell EMC PowerEdge and VMware have jointly innovated to give your IT staff the virtualization mathematics that really add up to true time savings. Earlier this year, VMware launched VMware vSphere 7 as vSphere Lifecycle Manager (vLCM), which enables IT to deploy, manage and update both software and drivers in conjunction with a hardware support manager for hardware firmware using a desired state model. Dell EMC PowerEdge was one of the first server manufacturers to implement this epic new feature with our own hardware support manager, Dell EMC OpenManage Integration for VMware vCenter (OMIVV). The results include some pretty impressive time savings for your IT staff, who like the rest of the world, are strapped for time. We’ll dive into those time savings but first, let’s talk about OMIVV.
OMIVV is the systems management plug-in from Dell for vCenter, providing a unified view of physical and virtual servers for PowerEdge hosts running vSphere. With it, monitoring and lifecycle management of the physical server can be brought into the native vCenter user interface, helping provide a holistic view of your server resources. With vLCM and OMIVV, you can see a significant decrease in the total time it takes to run these updates. Benefits include:
- Reduced manual steps by setting up templates
- Repositories that can be used repeatedly across many servers
- Communication with vCenter to work with its software policies, like ProActive HA, DRS, and vSAN
- Capability to leverage live migration policies, including for VMware vSAN
Customers have maximum flexibility and control when patches and updates are deployed, with unified software and firmware lifecycle management. And they can do it simply within vCenter, a familiar and comfortable tool. With Cluster Profiles, both for legacy vSphere and with vLCM, monitor for compliance and drift automatically, and schedule updates from within vCenter.
Based on this report by Principled Technologies, with vLCM and OMIVV, it took 98% fewer steps to update the hypervisor and firmware on an 8-node PowerEdge cluster.
Number of steps to update both hypervisor and firmware across a cluster. Fewer steps are better. Source: Principled Technologies
A lot of the steps to this process – defining the software image, what drivers are needed, what firmware needs to be applied – are generally done only a handful of times based on the specific servers are in the cluster. Leveraging vLCM’s new functions for setting the ESXi baseline and driver add-ons, along with hardware templates for server firmware, lets you set these things once, then use them across the environment. The overall time, as well as hands-on time, was also significantly reduced, per the chart below. Essentially, the admin time was reduced to under 4 minutes versus 3.5 hours manually.
Time (h::mm:ss) to update both the hypervisor and firmware across a cluster. Less time is better. Source: Principled Technologies
While we cannot jointly innovate or engineer more hours in the day, our commitment to our PowerEdge server customers using VMware vSphere, vSAN and Cloud Foundation is to help simplify and accelerate your hybrid cloud with new features such as vLCM. Learn more about our approach to lifecycle management with this on-demand PowerEdge and VMware breakout session at VMworld 2020, or visit our PowerEdge and VMware website.
¹Principled Technologies report commissioned by Dell EMC, “New VMware vSphere 7.0 features reduced the time and complexity of routine update and hardware compliance tasks,” August 2020.
There can be a number of resolutions to the issue including but not limited to the following:
- Install the Latest Version of Citrix Receiver
- Add Website to Trusted Sites
- Remove or Disable Third Party Browser Adware
- Clear the “Do not save encrypted data to disk” Option
- Automatically Open ICA Files
- Associate .ica File Type With Citrix Connection Manager
- Disable ActiveX Filtering
- Enable Citrix ICA Client Object (ActiveX Win32)
Install the latest Citrix Receiver version which can be downloaded from: Download Citrix Clients.
Add the site to the Trusted sites list if using Internet Explorer browser using the following steps:
Go to Tools > Internet Options > Security tab > Sites
In the Add this website to the zone field, enter your organization’s website and click Add.
Repeat this for the .com, .net, .org, or .gov Web site addresses of your organization to allow the use of the ActiveX ICA client object for the launched connection to be automatically accepted.
Note: It might be required to also add any additional subdomain.domain.com URLs to the Trusted sites list in the Security tab setting if still experiencing unwanted prompts.
Remove or disable any third party browser based Adware software that could be interfering with the successful launch of the ICA file. Restart the browser after removing these software and try again.
If you are using Internet Explorer, click Tools > Internet Options > Advanced tab and clear the option “Do not save encrypted data to disk.”. This option should be cleared because the dynamic files are stored in the Temporary Internet Files folder. When applications are clicked, a file is downloaded to the folder, then launched using MIME type. If access to the folder is disabled or not available, the process cannot occur successfully.
After the ICA file is downloaded, enable the browser to open similar files automatically.
- Internet Explorer:
1. Download the file using IE 10/11
2. You’ll ge Open/Save/View download prompt.
3. Select the Save.
4. Then in Internet Explorer click Tools
5. Under Tools click the View Downloads option
6. You will see a popup containing the file that you just downloaded.
7. Right-click on the file, un-check the option : Always ask before opening this type of file
- Google Chrome: Click the drop-down list for the file in the download bar and select Always Open Files of This Type.
On Windows computers, go to Control Panel > Settings > Apps > Default apps > Choose default apps by file type
Under Name, find .ica file type.
Ensure that the current default is set to Citrix Connection Manager. If not, click Change program and choose Citrix Connection Manager.
Note: Connection Manager is the wfcrun32 file located at C:Program Files (x86)CitrixICA Client. On Windows 10, this file is located at C:Program Files (x86)Citrix.
Caution! Refer to the Disclaimer at the end of this article before using Registry Editor.
Configure Internet Explorer as follows to allow successful application launching:
- Disable ActiveX filtering feature for the Web Interface site, either by:
Disabling ActiveX filtering globally:
Click Gear icon, select Safety, de-select ActiveX Filtering. Alternatively, press Alt key and click Tools menu (ActiveX filtering is enabled if a “tick” appears next to it and is disabled if the “tick” disappears).
- Disabling ActiveX filtering for an individual site when ActiveX filtering is enabled globally:
Log on to the Web Interface site and attempt to launch an application. At the end of the address bar a blue warning sign appears, indicating filtered content.
Click the blue warning sign and select Turn off ActiveX Filtering.
- Enable ICA launch using one of the following options:
Add the site to the Trusted sites list: In the Security tab of Internet Options, add the Web Interface site to Trusted Sites list to allow the use of the ActiveX ICA client object for the launch.
Disable the MIME filter: Rename the following registry key: HKEY_CLASSES_ROOTPROTOCOLSFilterapplication/x-ica
Log off and close window then restart the browser after making this change.
Configure Internet Explorer as follows to allow successful application launching:
- Enable Citrix ICA Client IE plugin by following the steps below:
- Launch Internet Explorer
- Go to Tools > Manage add-ons
- Select Citrix ICA Client plugin and click Enable
Then remove contents of folder C:WindowsServiceProfilesNetworkServiceAppDataRoamingCitrixSubscriptionsStore on both Storefront Servers,
The follow the steps in the section “Restoring Data on a StoreFront Server Group”
Stop the Subscriptions Store service on working Storefront server..
Restore the data on non-working server using the Restore-STFStoreSubscriptions cmdlet.
Restart the Subscriptions Store service on servers StoreFront2.
It will then receive a copy of the data from StoreFront1.
We as a user have a licensed version of SPE which we have installed in Windows Server 2012 Server.
We are using .Net Library of Symantec to send File for scanning. When we were testing out the solution we came to know that the Syamntec is not detecteing virus MS office files. We are using stand EICAR test files for the testing. Normal EICAR .txt files are dtected as a threat by syamntec and the ScanResult object gives out proper message.
But incase of EICAR MS Office files send to Symantec, server the responds as file not infected. The ScanResult object from Symantec says a proper connection to server is establised (ERR_CONN_SUCCESS) but just that file is not infected. The same file is flagged by my local laptop McAfee as infected.
Server Installed : Windows Server 2012
SPE Version : 8.0
In Symantec Console settings, set to scan all files & Bloodhound level is Medium
Could you please let us know what could be the possible issue over here and Could you also send out some Sample test file of all file types which can be tested.
It would be really great if you could respond ASAP, because our production deployment is waiting on this.
Thanks & Regads