IIS redirect HTTP to HTTPS

The Requirement

Recently I posted about creating and using a certificate for use on and IIS website. I did this recently for my Dev to deploy his new web app, which required use of a devices camera for QR scanning purposes, well it runed out that the camera could not be used unless the app was secured with TLS (a certificate). So we created a cert and created a new secure binding.

However, it was soon pretty apparent every time I pressed the down arrow key on my browsers URL it would use the regular HTTP (at first we removed the port 80 binding which caused site unavailable issue). So after re-adding the standard port 80 binding for regular HTTP, I decided to use a rewrite rule to handle the redirection.

It wasn’t as intuitive as I thought it would be so a little google search and I was on my way…

As the source states, after you have your certificate and port binding for HTTPS, as well as one for regular HTTP.

In order to force a secure connection on your website, it is necessary to set up a certain HTTP/HTTPS redirection rule. This way, anyone who enters your site using a link like “yourdomain.com” will be redirected to “https://yourdomain.com” or “https://www.yourdomain.com” (depending on your choice) making the traffic encrypted between the server and the client side.

Below you can find the steps for setting up the required redirect:

The Source

    1. Download and install the “URL Rewrite” module.
    2. Open the “IIS Manager” console and select the website you would like to apply the redirection to in the left-side menu:iisred1
    3. Double-click on the “URL Rewrite” icon.
    4. Click “Add Rule(s)” in the right-side menu.
    5. Select “Blank Rule” in the “Inbound” section, then press “OK”:iisred2
    6. Enter any rule name you wish.
    7. In the “Match URL” section:- Select “Matches the Pattern” in the “Requested URL” drop-down menu
      – Select “Regular Expressions” in the “Using” drop-down menu
      – Enter the following pattern in the “Match URL” section: “(.*)”
      – Check the “Ignore case” box

      iisred3

    8. In the “Conditions” section, select “Match all” under the “Logical Grouping” drop-down menu and press “Add”.
    9. In the prompted window:
      – Enter “{HTTPS}” as a condition input
      – Select “Matches the Pattern” from the drop-down menu
      – Enter “^OFF$” as a pattern
      – Press “OK”

      iisred4

    10. In the “Action” section, select “Redirect” as the action type and specify the following for “Redirect URL”:https://{HTTP_HOST}/{R:1}
    11. Check the “Append query string” box.
    12. Select the Redirection Type of your choice. The whole “Action” section should look like this:iisred5

The Note

NOTE: There are 4 redirect types of the redirect rule that can be selected in that menu:
– Permanent (301) – preferable type in this case, which tells clients that the content of the site is permanently moved to the HTTPS version. Good for SEO, as it brings all the traffic to your HTTPS website making a positive effect on its ranking in search engines.
– Found (302) – should be used only if you moved the content of certain pages to a new place *temporarily*. This way the SEO traffic goes in favour of the previous content’s location. This option is generally not recommended for a HTTP/HTTPS redirect.
– See Other (303) – specific redirect type for GET requests. Not recommended for HTTP/HTTPS.
– Temporary (307) – HTTP/1.1 successor of 302 redirect type. Not recommended for HTTP/HTTPS.

  1. Click on “Apply” on the right side of the “Actions” menu.

The redirect can be checked by accessing your site via http:// specified in the URL. To make sure that your browser displays not the cached version of your site, you can use anonymous mode of the browser.

The Helping Hand

The rule is created in IIS, but the site is still not redirected to https://

Normally, the redirection rule gets written into the web.config file located in the document root directory of your website. If the redirection does not work for some reason, make sure that web.config exists and check if it contains the appropriate rule.

To do this, follow these steps:

  1. In the sites list of IIS, right-click on your site. Choose the “Explore” option:iisred6
  2. “Explore” will open the document root directory of the site. Check if the web.config file is there.
  3. The web.config file must have the following code block:
    <configuration>
    <system.webServer>
    <rewrite>
    <rules>
    <rule name=”HTTPS force” enabled=”true” stopProcessing=”true”>
    <match url=”(.*)” />
    <conditions>
    <add input=”{HTTPS}” pattern=”^OFF$” />
    </conditions>
    <action type=”Redirect” url=”https://{HTTP_HOST}/{R:1}” redirectType=”Permanent” />
    </rule>
    </rules>
    </rewrite>
    </system.webServer>
    </configuration>
  4. If the web.config file is missing, you can create a new .txt file, put the aforementioned code there, save and then rename the file to web.config.

This one, much like my Offline Root CA post is a direct copy of the source. For the same reason, I felt I had no need to re-word it as it was very well written.

Thanks Namecheap, although it would have been nice to thank the actual author who took the time to do the beautiful write up with snippets. 🙂

The Zewwy PiCade

Building a PiCade

Hey all,

I figured I’d finally blog about my PiCade build I made. To start off this is nothing new, and I got the idea basically from this blog post by PJ. PJ’s site has gone down, use waybackmachine for reference which is still accessible here.
There’s also this original source dating back to 2017. In both cases all the electronics and IC’s are mounted to the back of the unit, then either left as is (out of sight out of mind), or covered up completely, My unit is a bit more elegant as it manages to place all the components on the same board the screen rests in.

As I don’t have all the pictures I may borrow a couple from his site, well see.

The Parts

Well first and foremost you’re going to need a iCade cabnet, I found them going for new on Amazon for over $200 (This is way too much), so I managed to get a used like new one off e-bay for a bout $50. At the time of this writing I found a ebay posting for one used as low as $23!!

Next you’ll need a Raspberry PI, I used a Pi3B for my system, however there is a Pi3B+ at the time of this writing and should be considered instead. These are generally $40 to $50. (In my case I managed to pick up a Pi3B gaming kit from MemEx which included a 16GB Micro SD, a 16 GB USB stick, the HeatSink set and the PSU and a old SNES USB Controller for $90)

You’ll need an iPad screen, in my case, again had a broken one from work, which I had my colleague rip the screen from it (remember this version the touch screen digitizer is separate from the screen itself).

Obviously iPad screens don’t have an HDMI in, so you’ll need to order an LVDS to HDMI converter board something like this I managed to get mine from Alibaba for about $20, it didn’t have a remote or VGA options.

In my case I first attempted to utilize the Bluetooth of the controller board, and the Pi, however even after talking to some pretty smart dudes that run and build Lakka (The OS we’ll be using for the build) it turns out I had to go the USB controller board route. I picked this route so I could use the joystick part of the cabinet. So, I bought a “Reyann Zero Delay Arcade USB Encoder PC to Joystick for MAME” was about $15 on amazon, this isn’t technically required, I did it, so I didn’t have to program the buttons via GPIO pins as PJ did. *

I Temp used a MonoPrice Thin HDMI but I had to wrap it around my boards to handle all the excess length, so I ended up buying a 20 CM cable, since I ended up making my build a little sleeker and more organized than PJ’s I decided to buy the more expensive slim style 20cm Cable.

I got my speakers by disassembling some old USB speakers my work was throwing away, so I managed to get these for free however, you can get amazing cheap USB powered speakers by Logitech for $10 (S-120).

iCade $20-$250
Pi Kit $40-$100
iPad Screen Free – $90
LVDS-to-HDMI $20-$40
USB Controller $15 *
20cm HDMI cable $1-$25
Plywood Free – $10 (Huge Shout out to Thor)
USB Speakers Free – $10
Velcro Tape Free – $5
Total $100-$460+

Now I use the plywood to mound all the pieces and then slide it into the cabinet like it was the iPad (That’s how sleek I managed to make my build ;)!). You could go the extra mile like this guy in the UK did. Where he drilled holes into the side of the cabinet to provide side buttons ( I love this idea just didn’t have time or the extra higher grade buttons). This would add to the cost of the build but it is a possibility for those who maybe reading this.

Alright lets get started!

The Build

The Screen

This section assumes you already have your iPad screen ready to go. In my POC, I had initially placed everything on a cardboard cutout shaped exactly as the amount allowed to be slipped into the cabinet where the iPad goes.

As you can tell I followed the design of the UK guy and mounted my screen landscape mode instead of portrait mode ( It would have been amazing if I could have designed a swivel mount mechanism, unfortunately I didn’t have the ingenuity to pull that off so stuck with Landscape. )

Using this cardboard as my template I out my plywood (2 pieces) and then on one of them I cut out the size of the screen, glued the two pieces of plywood together and then mounted to screen to it.

Beauty, alright now I cut a small square hole on the backside to allow the LVDS-to-HDMI ribbon cable through the plywood, as you can see it hanging off the left side of the last picture. Now on the backside of the plywood is where I mounted all the components.

As you can tell from my first template it was a bit messy, and the long HMDI cable is very unsightly. This will be cleaner in the final build with the 20 CM flat HDMI cable. so again using the as my template I started with the video controller board (LVDS-to-HMDI) seen in the lower center.

As you can tell I readjusted the board a lil more to the left, and placed the screens LED power module right next to the Pi at the top. You may have also noticed that I precut the holes for the speakers and attached slide anchors, this allows for easy speaker removal and replacement if needed.

The Sound

Now in PJ’s build he doesn’t cover the sound much at all other than he states that you need a USB speaker, and from looking at his final build it appears to be that simple little cheesy red dot in the upper left corner of the back of his cabinet. Meh.

The UK guy’s is pretty impressive as he installs speakers in the top part facing down which also lights up. This is very impressive however, it leaves the screen a little on the lower side, which I found is OK only on higher tables, most tables and desk heights I tried I found it more comfortable, with the screen positioned higher on the cabinet. Thus my design places the speakers at the bottom and the screen at the top.

As I mentioned I ripped apart some old PC USB speakers from work, these obviously had lengthy cords, so after ripping their plastic enclosures wide open, I shortened the cables and re-soldered them to the main board.

I then proceeded to shorten the speaker wires, mount the speakers in the holes I cut out, anchor them, connect them to the main board, connect that to the pi via the 3.5 mm jack, and power them via the USB slot of the Pi (There’s 4 slots, and 3 of them will be used; 1. Power Speakers 2. Joystick 3. USB Stick for games).

I also mounted the potentiometer between the speakers to allow for really easy and rapid volume adjustments.

One final thing to note about sound, and that is that you have to SSH in to the Lakka installation and configure the sound to go out the 3.5 mm jack…

Jonathon

amixer cset numid=3 1

Will force the audio out the speaker jack.”

The Cable Diff

As you can see the wrapping around of the long thin HDMI cable, I was super pleased once I got my high priced flat 20cm HDMI cable… just check out the difference!

The Joystick

Sadly I did not take any pictures of this while I was doing it, pretty much cause and I quote as the UK guy said it well…

“First up is to get the main case open, which involved about 4 thousand screws, two of which being those awful security types, so be aware that you’ll need a tiny screwdriver just for those if your iCade has them (some don’t apparently).

Removing the top panel, you can see the bluetooth board in the back, which we wont be needing so first off lets disconnect all of that. If you’re not intending on upgrading the controls, then the connections here will plug straight on to the USB board, saving you a load of time and effort, but as i’m looking to upgrade everything, out it all comes.”

Since I had purchased the USB controller board and I didn’t swap the buttons, it was literally plug-n-play, the only thing I will mention though is, in order to get the unit closed back up I had to cutout the spot where the batteries went, and mounted the USB controller board in it’s place.

Then it just came down to using another USB keyboard to bind all the User 1 input controllers under Lakka’s settings.

The Power

You might have noticed in the last couple pictures that you can’t quite make sense of the cables that protrude from the bottom of the arcade system. This hole was initially designed to route the iPad power, however since I decided to sneakily hide all the electronics between the iCade backboard and my plywood, I used this hole to route: 1. The Pi’s USB power (cable coming out and dropping to the right) 2. The LSVD-to-HDMI controller board power (The cable going to the top right and you see the open solder points to a female coaxial barrel connector) 3. The Joystick USB cord (From the top right, coiled, and then shoved up into the cabinet.

This allowed me some flexibility. 1. I could use my LiPo Car Booster pack to run the system since it has multiple voltage outs (19v, 12v, 5c) and even more conveniently provides power separately to 5v via a USB output. Meaning I had a completely portable bar-top arcade system, with a run-time of about 8 hours.

Or 2. replace the LiPo Battery pack with a Nema Extension and Wall Warts much how PJ had his mess setup. Should I ever run out of battery power.

The Lakka

I installed Lakka directly to a 16 GB SD card following their installation instructions. Etcher IO is AMAZING, there’s also Rufus. 😉

Now I might follow up on this blog post with some Lakka specific posts cause there are some interesting nitty gritty’s you have to understand about it, although they do a fairly decent job in their wiki or “doc” section.

The Result

An awesome little arcade unit, that’s super fun to enjoy some old classics on. They even managed to make 8 button setups like this work with more button controllers such as the N64. One of my favorite examples is showing off Mario 64 in full smoothness. :D… That’s nice you can see me taking the picture of my arcade in the glare of the screen… lovely…

And a picture of the unit slipped into the cabinet….

Amazigly even for how tight it is, with the heat sinks and the pi mounted at the top, I have not once had an issue with heat. 😀

Hope you enjoyed this post and maybe it inspired you to build you own arcade cabinet! Cheers

Some new revisions since inception.

RegEx

It’s power and complex.

I was gonna write a blog post, but I got sucked into learning regex for hours… and I’m still baffled at the syntax…

One thing is for sure…. backlooks are difficult without context awareness (variables)…..

Ugh, Example 1 Example 2

Then there’s learning about Anchors or “automatic zero-width assertions” … ooooeeeeeee that’s a mouthful.

Ugh man… I’ll eventually get the results I want, just a matter of time…

Interesting how to get everything but a set string.

Don’t forget it’s sometimes OK to be Greedy and Lazy.

It amazes me how much time I’ve spent reading up on regex… I knew it was powerful… but man…

MSI installer – Network Resource Unavailable

The Start

The other day my boss came in with a colleagues laptop and told me that the VPN software failed to update, and by fail to update completely removed the old version and didn’t update to the latest version. Checking the laptops ‘Programs and Features’ sure enough showed no signs of the application.

I simply grabbed the latest version of the software installer and attempt to reinstall the application, yet to my dismay the latest installer complains with the following error ‘The feature you are trying to use is on a network resource that is unavailable.’ How insightful…

I figured it was a registry issue, as the registry is known to hold old settings from applications and do not get cleaned up properly. This place can be a cease pool on old machines that have been constantly upgraded.

The Dig

There are plenty of references online when it comes to this error. The main one people reference is the HKLM/Software/Classes/installer/products.

Even though I cleaned everything in this based on the application I was installing, it was still failing with with same error.

The Answer

Lucky for me it kept specifying what it was expecting for a network path, I decided to search the registry based on this, and found there was a key.

After removing the parent GUID based key, the installer ran successfully.

If my memory serves me correctly I believe the problematic key was under:

HKEY_CLASSES_ROOT\Installer\Products

SSH Banners

I love SSH… like I really love it. It is pretty surprising that Windows only first had the ability to naively ssh only in the recent Windows 10 1803 build. That’s pretty sad. Just teste don my 1803 build.. nope… well I know I have done it before… anyway teh point I wanted to get here was more about SSH servers.

Now normally allowing SSH in to a system basically enables an SSH services on that system, making it the SSH server. Then you usually utilize a workstation, like the computer you usually use to navigate websites, like this one, to connect to that server with a piece of software (with Windows that’s usually Putty)… if I can get that dang native ssh to work (shakes fist)… anyway…

When you enable this service it is pretty powerful, depending on how you configure it, and what application is running the service. There are plenty of flavors to choose from (this is pretty common with Linux and open source). This is usually a good thing cause each one is scoped for a certain target audience. In my case I wanted to bring some old life back to my old Asus Router. I’ve been running DDWRT on it for a long time, and utilizing the simple command line interface (embedded linux) on a decent lil system only working as an AP otherwise, is a fun lil place to use IRC. 🙂 Find me on #Freenode (#Windows-Server, VMware, Cisco, Skullspace, FreeNAS) .

Now I figured if I was going to use this again, why not have some fun and re-do my loggin banner. Now in this case there are two things to consider:

1) The Message of the Day (MOTD) – This displays as soon as a client connects before it asks for a username. In most cases this is a great place to place your unauthorized message. (In my case the MOTD was tied to a Read-Only FileSystem file, and I had no intentions of compiling my own build, so I decided to utilize the option to not display this).

2) The Login Banner – This message displays after you have specified a user name.

Now there can be many ways to customize your login banner, you may need to google the based on the SSH server you are using. In my case my router was utilizing dropbear lucky for me they have decent documentation.

In my case I simply had to create a simple text file pointing anywhere using the -b option: dropbear -b /somepath/banner.file

After I created my file I configured my startup script to point to my new banner file. Sure enough now when I log on I see this:

Boo yeah! Now that’s sweet.

Zewwy Joins GitHub!

Actually I created my account apparently over 6 years ago :O…..

Sadly in those 6 years all I contributed was a couple really lousy DDWRT scripts…. and that OS was painful as getting help with it was near impossible.

I’ve updated my blog social links to include my GitHub Link. I moved my PowerShell Center Write-Host function there. I hope to move my SharePoint script I had written for the SharePoint migration at work. As well as some other contributions coming up soon. Maybe I’ll fork GhettoVCB and finally do part 3 of my Free Hypervisor Backup series. I’m sure everyone’s been waiting so eager for. 🙂

This was a short one. I hope to provide some more meaningful content in the short while. Just been a rough couple days recently.

BitLocker Can’t find the file

This was an interesting one, created a new Windows image to deploy recently. Then after deployment went to enable bitlocker and was prompted with the error “The system cannot not find the file specified”. Since this was new to new, what other than to do a web search to see if anyone else had experienced this, and sure enough, yup.

Short answer: rename REAgent.xml file (in C:\Windows\System32\Recovery) to REAgent.xml.old (or dlete it but I haven’t tested that).

and it worked, apparently….

“Sooooo, what we have found is that when we captured the image, since we had already opened the Bitlocker console (even though we hadn’t actually Bitlocked the unit), the REAgent.xml file (in C:\Windows\System32\Recovery) had been populated with the specific GUIDs for both WinreBCD and WinreLocation path.” – Borch25

I like borch, can’t wait for more.

Free Hypervisor Backup
Before Part 3

The Story

I’m currently in the quest to fulfill my needs for a free VM backup solution, my hypervisor of choice right now is ESXi, while there are great alternative free hypervisors ( Citrix’s Xen, Microsoft’s Hyper-V, Linux’s KVM) I personally always felt comfortable with VMwares user interface (I’m talking the old Windows Phat Client). I totally understood the need for a web based client, however I felt it a sham to drop the phat client as to provided multiple benefits that the Web UI just doesn’t. Although the latest 6.7 Web UI has been pretty decent, besides their placement of the Hostname location…. :@

Anyway… if you’ve been following my posts you’ll see I decided to give Veeam Free a shot. I love these guys, great software, so I figured best to get better antiquated with their software, to my dis-may their simply relied on VMwares APIs solely. Which meant no SSH backdoor tricks for use ESXi free users.

However as I also mentioned in my previous post, an awesome dude who runs virtuallyGhetto.com, William Lam; wrote a script to complete the task we wanted via the hosts local CLI, which can be connected to via SSH. The script is called GhettoVCB. I took a quick look at the source code and did find a couple instances of zombie code and other anomalies but for the most part looked decent enough to give it a shot. Now I will get to this stuff in my next post using the same example VM I will specify here where I came across a couple issues and interesting facts I discovered during this adventure.

My Discoveries

The first thing I noticed about the script was the lack of certain dependency checks, in this case there’s no actual source code dependencies that his script relies on, it’s all meant to run on ESXi, and sure enough there’s some line of code to check for that…

Nice, however there doesn’t seem to be a check to validate if the datastore specified in the very first variable has enough space to complete it’s task.

In this case the script would simply error out once the destination ran out of space stating the source VMDK was the issue, this lead me briefly down the wrong rabbit whole. After validating I had no issues with my source VMDK (booted the VM and checked all services and FileSystem integrity) I noticed a couple things.

1) Even though I specified Thin disc for my destination, which had enough space to store the VM data (60~ GBs), the thin disc was attempting to create the full provisioned size of the disc, cause…..

2) I forgot the source disc was set to Thick Provisioned Eagered Zero

So there was a couple things about this VM….

1) It’s my ZoneMinder VM which holds my IP camera footage on motion detection

2) This data is mostly useless due to no events having taken place

Alright so now my goal was the following:

1) Remove all the un-needed data

A) Open ZoneMinder Web UI
B) Click on Camera
C) Delete All Events
D) wait a while before all the MySQL queries to kick off to clear the data
E) Used “df -h” to watch usage drop

2) Once I had all the data removed, I had to re-claim the space. I decided to dig up my old blog post on the subject matter… Well that was a bit underwhelming and simply provided my links instead of any valid examples… So I hope to provide a bit better details here:

A) I’m running Linux not Windows so sdelete is out.

B) My first attempts I decided to follow this DD exampledd if=/dev/zero of=/zeroes && rm -f /zeroes” (DO NOT DO THIS, from my tests it caused mySQL service to not come up properlly). I then found people stating to use secure-delete or zerofree, however I had some issues with these against a live system and wanted a simple live system, general technique… if there so many references stating dd can do it… how.. then I found this
“dd if=/dev/zero of=/tmp/empty.dd bs=1048576; rm /tmp/empty.dd”
I’m assuming maybe cause I used /tmp instead of /… only diff I can think of.

C) At this point I made a backup using ghettoVCB which I had to use an alternate Datastore to save the VMDK that I would then finally hole punch, in this case the ghettoVCB script converts the VMDK from thick to Thin however will still be the size of the provisioned Disc.

D) Now this is where I started to get a bit… annoyed… However I did learn a few things… one is that & to bring a process to the background doesn’t disconnect that process from the current terminal session. So while I was SSH’d in and running the clone operation, it wasn’t fully completing when my SSH session timed out, even though I used & to run it in the background. Read this for more info but the gist take away is this: “nohup and disown both can be said to suppress SIGHUP, but in different ways. nohup makes the program ignore the signal initially (the program may change this). nohup also tries to arrange for the program not to have a controlling terminal, so that it won’t be sent SIGHUP by the kernel when the terminal is closed. disown is purely internal to the shell; it causes the shell not to send SIGHUP when it terminates.” –Gilles

E) OK so after a few annoying hours of failed transfers due to my own ignorance. I finally had a legit copy of my VMDK in thin format but sucking up a lot of space (See pic above) *Note I technically did the DD trick after making a backup, but the size shown on the datastore would still be teh same* the final part… hole punching: So quick re-cap, we deleted unused data, then zeroed out the unused blocks, we see a low size in the guest system (E.G. df -h), but we still see a large size used by the thin provisioned disc. K let’s hole punch
“vmkfstools -K /vmfs/volume/Datastore/VM/VM.vmdk”

Host Status During Hole Punch

CPU ESXi Host

CPU Storage Unit (FreeNAS)

Disk Usage Host

Disk Usage Storage Unit (FreeNAS)

Datastore Latency Host

Network Usage Host

As you can tell from the source images we can tell a couple things:

1) HolePunching a VMDK does a high read I/O on the datastore

2) If the Datastore is iSCSI based it’ll saturate the iSCSI NIC (this can cause a performance degradation for other VMs utilizing the same Datastore

3) The latency increases due to the high Read I/O on the Datastore, again this directly affects performance of VMs running on the same Datastore

Once done the VMDK looked liked this:

Results / Summary

*NOTE* You can use the following command to convert a Thick Disk to thin manually, if you wish to Hole Punch a VMDK without the script.

vmkfstools -i Source-Thick.vmdk -d thin Destination-thin.vmdk

So why did I go through all this pain? Well I didn’t like the fact I was backing up useless data, weather it be pointless old images, or zeros. In the end the same VM backup went from taking almost an hour down to 5 minutes!

Free Hypervisor Backup
Part 2 – The VMware Screw

Veeam

Run Veeam by clicking the icon on the desktop or in the start menu, for Veeam Backup and Replication.

First Run

At first you will get this:

click apply.

Click Veeam, Zip, haha I expected this.. 😛

Click ok, and the add host wizard pops up.

Infrastructure Wizard

In my case I’m using ESXi.

Credentials

In the next section you will need to specify the credentials, you could specify the root account, however in my case even with one host, and only me, I decided to create a Veeam account on my ESXi host to use for this case. On 5.5 using the phat client it is really easy and intuitive, highlight the host, click the local User and Groups tab, right click the open space, select new user, then click the permissions tab, click add user, select the newly created user, select the admin role. Done! Click here for 6.5/6.7 or the Web UI, not as intuitive. Click the add button, and add the account details that you specified when you created them on the hosts.

Then click OK, then next.

You will get this alert if you use self-signed certificates, even though I did write a blog post on setting up my own PKI, I did not use it in the case, as my Veeam server and ESXi host are not part of my AD domain, this also does simplify some aspects of the installation/deployment. Click Connect.

Click Finish, congrats you’ve added your free ESXi host. 😀

The dis-appointment

Next! Storage, Veeam needs to know where to save your data. Alright, seems there was no requirement here besides having local storage or a USB drive already attached, or in my case I used an SMB share. However I was very soon disappointed to see this error…

So…. so much for this being a free option, which I don’t think is fair, anyway. As usual its not even Veeam fault, this is cause VMware doesn’t allow the APIs for this, check this Veeam blog post out for more details.

If you use VMware a lot you you might have come across a blog site called virtuallyghetto run by William, this guy is great and my colleague just happened to find a script that was written by him to use the VMware CLI directly to create snapshots of VMs and copy their delta files to another disk, completely free.

In Part 3 I hope to install and try out this script, see how it handles my needs. Stay tuned!