The Zewwy PiCade

Building a PiCade

Hey all,

I figured I’d finally blog about my PiCade build I made. To start off this is nothing new, and I got the idea basically from this blog post by PJ. PJ’s site has gone down, use waybackmachine for reference which is still accessible here.
There’s also this original source dating back to 2017. In both cases all the electronics and IC’s are mounted to the back of the unit, then either left as is (out of sight out of mind), or covered up completely, My unit is a bit more elegant as it manages to place all the components on the same board the screen rests in.

As I don’t have all the pictures I may borrow a couple from his site, well see.

The Parts

Well first and foremost you’re going to need a iCade cabnet, I found them going for new on Amazon for over $200 (This is way too much), so I managed to get a used like new one off e-bay for a bout $50. At the time of this writing I found a ebay posting for one used as low as $23!!

Next you’ll need a Raspberry PI, I used a Pi3B for my system, however there is a Pi3B+ at the time of this writing and should be considered instead. These are generally $40 to $50. (In my case I managed to pick up a Pi3B gaming kit from MemEx which included a 16GB Micro SD, a 16 GB USB stick, the HeatSink set and the PSU and a old SNES USB Controller for $90)

You’ll need an iPad screen, in my case, again had a broken one from work, which I had my colleague rip the screen from it (remember this version the touch screen digitizer is separate from the screen itself).

Obviously iPad screens don’t have an HDMI in, so you’ll need to order an LVDS to HDMI converter board something like this I managed to get mine from Alibaba for about $20, it didn’t have a remote or VGA options.

In my case I first attempted to utilize the Bluetooth of the controller board, and the Pi, however even after talking to some pretty smart dudes that run and build Lakka (The OS we’ll be using for the build) it turns out I had to go the USB controller board route. I picked this route so I could use the joystick part of the cabinet. So, I bought a “Reyann Zero Delay Arcade USB Encoder PC to Joystick for MAME” was about $15 on amazon, this isn’t technically required, I did it, so I didn’t have to program the buttons via GPIO pins as PJ did. *

I Temp used a MonoPrice Thin HDMI but I had to wrap it around my boards to handle all the excess length, so I ended up buying a 20 CM cable, since I ended up making my build a little sleeker and more organized than PJ’s I decided to buy the more expensive slim style 20cm Cable.

I got my speakers by disassembling some old USB speakers my work was throwing away, so I managed to get these for free however, you can get amazing cheap USB powered speakers by Logitech for $10 (S-120).

iCade $20-$250
Pi Kit $40-$100
iPad Screen Free – $90
LVDS-to-HDMI $20-$40
USB Controller $15 *
20cm HDMI cable $1-$25
Plywood Free – $10 (Huge Shout out to Thor)
USB Speakers Free – $10
Velcro Tape Free – $5
Total $100-$460+

Now I use the plywood to mound all the pieces and then slide it into the cabinet like it was the iPad (That’s how sleek I managed to make my build ;)!). You could go the extra mile like this guy in the UK did. Where he drilled holes into the side of the cabinet to provide side buttons ( I love this idea just didn’t have time or the extra higher grade buttons). This would add to the cost of the build but it is a possibility for those who maybe reading this.

Alright lets get started!

The Build

The Screen

This section assumes you already have your iPad screen ready to go. In my POC, I had initially placed everything on a cardboard cutout shaped exactly as the amount allowed to be slipped into the cabinet where the iPad goes.

As you can tell I followed the design of the UK guy and mounted my screen landscape mode instead of portrait mode ( It would have been amazing if I could have designed a swivel mount mechanism, unfortunately I didn’t have the ingenuity to pull that off so stuck with Landscape. )

Using this cardboard as my template I out my plywood (2 pieces) and then on one of them I cut out the size of the screen, glued the two pieces of plywood together and then mounted to screen to it.

Beauty, alright now I cut a small square hole on the backside to allow the LVDS-to-HDMI ribbon cable through the plywood, as you can see it hanging off the left side of the last picture. Now on the backside of the plywood is where I mounted all the components.

As you can tell from my first template it was a bit messy, and the long HMDI cable is very unsightly. This will be cleaner in the final build with the 20 CM flat HDMI cable. so again using the as my template I started with the video controller board (LVDS-to-HMDI) seen in the lower center.

As you can tell I readjusted the board a lil more to the left, and placed the screens LED power module right next to the Pi at the top. You may have also noticed that I precut the holes for the speakers and attached slide anchors, this allows for easy speaker removal and replacement if needed.

The Sound

Now in PJ’s build he doesn’t cover the sound much at all other than he states that you need a USB speaker, and from looking at his final build it appears to be that simple little cheesy red dot in the upper left corner of the back of his cabinet. Meh.

The UK guy’s is pretty impressive as he installs speakers in the top part facing down which also lights up. This is very impressive however, it leaves the screen a little on the lower side, which I found is OK only on higher tables, most tables and desk heights I tried I found it more comfortable, with the screen positioned higher on the cabinet. Thus my design places the speakers at the bottom and the screen at the top.

As I mentioned I ripped apart some old PC USB speakers from work, these obviously had lengthy cords, so after ripping their plastic enclosures wide open, I shortened the cables and re-soldered them to the main board.

I then proceeded to shorten the speaker wires, mount the speakers in the holes I cut out, anchor them, connect them to the main board, connect that to the pi via the 3.5 mm jack, and power them via the USB slot of the Pi (There’s 4 slots, and 3 of them will be used; 1. Power Speakers 2. Joystick 3. USB Stick for games).

I also mounted the potentiometer between the speakers to allow for really easy and rapid volume adjustments.

One final thing to note about sound, and that is that you have to SSH in to the Lakka installation and configure the sound to go out the 3.5 mm jack…

Jonathon

amixer cset numid=3 1

Will force the audio out the speaker jack.”

The Cable Diff

As you can see the wrapping around of the long thin HDMI cable, I was super pleased once I got my high priced flat 20cm HDMI cable… just check out the difference!

The Joystick

Sadly I did not take any pictures of this while I was doing it, pretty much cause and I quote as the UK guy said it well…

“First up is to get the main case open, which involved about 4 thousand screws, two of which being those awful security types, so be aware that you’ll need a tiny screwdriver just for those if your iCade has them (some don’t apparently).

Removing the top panel, you can see the bluetooth board in the back, which we wont be needing so first off lets disconnect all of that. If you’re not intending on upgrading the controls, then the connections here will plug straight on to the USB board, saving you a load of time and effort, but as i’m looking to upgrade everything, out it all comes.”

Since I had purchased the USB controller board and I didn’t swap the buttons, it was literally plug-n-play, the only thing I will mention though is, in order to get the unit closed back up I had to cutout the spot where the batteries went, and mounted the USB controller board in it’s place.

Then it just came down to using another USB keyboard to bind all the User 1 input controllers under Lakka’s settings.

The Power

You might have noticed in the last couple pictures that you can’t quite make sense of the cables that protrude from the bottom of the arcade system. This hole was initially designed to route the iPad power, however since I decided to sneakily hide all the electronics between the iCade backboard and my plywood, I used this hole to route: 1. The Pi’s USB power (cable coming out and dropping to the right) 2. The LSVD-to-HDMI controller board power (The cable going to the top right and you see the open solder points to a female coaxial barrel connector) 3. The Joystick USB cord (From the top right, coiled, and then shoved up into the cabinet.

This allowed me some flexibility. 1. I could use my LiPo Car Booster pack to run the system since it has multiple voltage outs (19v, 12v, 5c) and even more conveniently provides power separately to 5v via a USB output. Meaning I had a completely portable bar-top arcade system, with a run-time of about 8 hours.

Or 2. replace the LiPo Battery pack with a Nema Extension and Wall Warts much how PJ had his mess setup. Should I ever run out of battery power.

The Lakka

I installed Lakka directly to a 16 GB SD card following their installation instructions. Etcher IO is AMAZING, there’s also Rufus. 😉

Now I might follow up on this blog post with some Lakka specific posts cause there are some interesting nitty gritty’s you have to understand about it, although they do a fairly decent job in their wiki or “doc” section.

The Result

An awesome little arcade unit, that’s super fun to enjoy some old classics on. They even managed to make 8 button setups like this work with more button controllers such as the N64. One of my favorite examples is showing off Mario 64 in full smoothness. :D… That’s nice you can see me taking the picture of my arcade in the glare of the screen… lovely…

And a picture of the unit slipped into the cabinet….

Amazigly even for how tight it is, with the heat sinks and the pi mounted at the top, I have not once had an issue with heat. 😀

Hope you enjoyed this post and maybe it inspired you to build you own arcade cabinet! Cheers

Some new revisions since inception.

RegEx

It’s power and complex.

I was gonna write a blog post, but I got sucked into learning regex for hours… and I’m still baffled at the syntax…

One thing is for sure…. backlooks are difficult without context awareness (variables)…..

Ugh, Example 1 Example 2

Then there’s learning about Anchors or “automatic zero-width assertions” … ooooeeeeeee that’s a mouthful.

Ugh man… I’ll eventually get the results I want, just a matter of time…

Interesting how to get everything but a set string.

Don’t forget it’s sometimes OK to be Greedy and Lazy.

It amazes me how much time I’ve spent reading up on regex… I knew it was powerful… but man…

MSI installer – Network Resource Unavailable

The Start

The other day my boss came in with a colleagues laptop and told me that the VPN software failed to update, and by fail to update completely removed the old version and didn’t update to the latest version. Checking the laptops ‘Programs and Features’ sure enough showed no signs of the application.

I simply grabbed the latest version of the software installer and attempt to reinstall the application, yet to my dismay the latest installer complains with the following error ‘The feature you are trying to use is on a network resource that is unavailable.’ How insightful…

I figured it was a registry issue, as the registry is known to hold old settings from applications and do not get cleaned up properly. This place can be a cease pool on old machines that have been constantly upgraded.

The Dig

There are plenty of references online when it comes to this error. The main one people reference is the HKLM/Software/Classes/installer/products.

Even though I cleaned everything in this based on the application I was installing, it was still failing with with same error.

The Answer

Lucky for me it kept specifying what it was expecting for a network path, I decided to search the registry based on this, and found there was a key.

After removing the parent GUID based key, the installer ran successfully.

If my memory serves me correctly I believe the problematic key was under:

HKEY_CLASSES_ROOT\Installer\Products

SSH Banners

I love SSH… like I really love it. It is pretty surprising that Windows only first had the ability to naively ssh only in the recent Windows 10 1803 build. That’s pretty sad. Just teste don my 1803 build.. nope… well I know I have done it before… anyway teh point I wanted to get here was more about SSH servers.

Now normally allowing SSH in to a system basically enables an SSH services on that system, making it the SSH server. Then you usually utilize a workstation, like the computer you usually use to navigate websites, like this one, to connect to that server with a piece of software (with Windows that’s usually Putty)… if I can get that dang native ssh to work (shakes fist)… anyway…

When you enable this service it is pretty powerful, depending on how you configure it, and what application is running the service. There are plenty of flavors to choose from (this is pretty common with Linux and open source). This is usually a good thing cause each one is scoped for a certain target audience. In my case I wanted to bring some old life back to my old Asus Router. I’ve been running DDWRT on it for a long time, and utilizing the simple command line interface (embedded linux) on a decent lil system only working as an AP otherwise, is a fun lil place to use IRC. 🙂 Find me on #Freenode (#Windows-Server, VMware, Cisco, Skullspace, FreeNAS) .

Now I figured if I was going to use this again, why not have some fun and re-do my loggin banner. Now in this case there are two things to consider:

1) The Message of the Day (MOTD) – This displays as soon as a client connects before it asks for a username. In most cases this is a great place to place your unauthorized message. (In my case the MOTD was tied to a Read-Only FileSystem file, and I had no intentions of compiling my own build, so I decided to utilize the option to not display this).

2) The Login Banner – This message displays after you have specified a user name.

Now there can be many ways to customize your login banner, you may need to google the based on the SSH server you are using. In my case my router was utilizing dropbear lucky for me they have decent documentation.

In my case I simply had to create a simple text file pointing anywhere using the -b option: dropbear -b /somepath/banner.file

After I created my file I configured my startup script to point to my new banner file. Sure enough now when I log on I see this:

Boo yeah! Now that’s sweet.

Zewwy Joins GitHub!

Actually I created my account apparently over 6 years ago :O…..

Sadly in those 6 years all I contributed was a couple really lousy DDWRT scripts…. and that OS was painful as getting help with it was near impossible.

I’ve updated my blog social links to include my GitHub Link. I moved my PowerShell Center Write-Host function there. I hope to move my SharePoint script I had written for the SharePoint migration at work. As well as some other contributions coming up soon. Maybe I’ll fork GhettoVCB and finally do part 3 of my Free Hypervisor Backup series. I’m sure everyone’s been waiting so eager for. 🙂

This was a short one. I hope to provide some more meaningful content in the short while. Just been a rough couple days recently.

BitLocker Can’t find the file

This was an interesting one, created a new Windows image to deploy recently. Then after deployment went to enable bitlocker and was prompted with the error “The system cannot not find the file specified”. Since this was new to new, what other than to do a web search to see if anyone else had experienced this, and sure enough, yup.

Short answer: rename REAgent.xml file (in C:\Windows\System32\Recovery) to REAgent.xml.old (or dlete it but I haven’t tested that).

and it worked, apparently….

“Sooooo, what we have found is that when we captured the image, since we had already opened the Bitlocker console (even though we hadn’t actually Bitlocked the unit), the REAgent.xml file (in C:\Windows\System32\Recovery) had been populated with the specific GUIDs for both WinreBCD and WinreLocation path.” – Borch25

I like borch, can’t wait for more.

Free Hypervisor Backup
Before Part 3

The Story

I’m currently in the quest to fulfill my needs for a free VM backup solution, my hypervisor of choice right now is ESXi, while there are great alternative free hypervisors ( Citrix’s Xen, Microsoft’s Hyper-V, Linux’s KVM) I personally always felt comfortable with VMwares user interface (I’m talking the old Windows Phat Client). I totally understood the need for a web based client, however I felt it a sham to drop the phat client as to provided multiple benefits that the Web UI just doesn’t. Although the latest 6.7 Web UI has been pretty decent, besides their placement of the Hostname location…. :@

Anyway… if you’ve been following my posts you’ll see I decided to give Veeam Free a shot. I love these guys, great software, so I figured best to get better antiquated with their software, to my dis-may their simply relied on VMwares APIs solely. Which meant no SSH backdoor tricks for use ESXi free users.

However as I also mentioned in my previous post, an awesome dude who runs virtuallyGhetto.com, William Lam; wrote a script to complete the task we wanted via the hosts local CLI, which can be connected to via SSH. The script is called GhettoVCB. I took a quick look at the source code and did find a couple instances of zombie code and other anomalies but for the most part looked decent enough to give it a shot. Now I will get to this stuff in my next post using the same example VM I will specify here where I came across a couple issues and interesting facts I discovered during this adventure.

My Discoveries

The first thing I noticed about the script was the lack of certain dependency checks, in this case there’s no actual source code dependencies that his script relies on, it’s all meant to run on ESXi, and sure enough there’s some line of code to check for that…

Nice, however there doesn’t seem to be a check to validate if the datastore specified in the very first variable has enough space to complete it’s task.

In this case the script would simply error out once the destination ran out of space stating the source VMDK was the issue, this lead me briefly down the wrong rabbit whole. After validating I had no issues with my source VMDK (booted the VM and checked all services and FileSystem integrity) I noticed a couple things.

1) Even though I specified Thin disc for my destination, which had enough space to store the VM data (60~ GBs), the thin disc was attempting to create the full provisioned size of the disc, cause…..

2) I forgot the source disc was set to Thick Provisioned Eagered Zero

So there was a couple things about this VM….

1) It’s my ZoneMinder VM which holds my IP camera footage on motion detection

2) This data is mostly useless due to no events having taken place

Alright so now my goal was the following:

1) Remove all the un-needed data

A) Open ZoneMinder Web UI
B) Click on Camera
C) Delete All Events
D) wait a while before all the MySQL queries to kick off to clear the data
E) Used “df -h” to watch usage drop

2) Once I had all the data removed, I had to re-claim the space. I decided to dig up my old blog post on the subject matter… Well that was a bit underwhelming and simply provided my links instead of any valid examples… So I hope to provide a bit better details here:

A) I’m running Linux not Windows so sdelete is out.

B) My first attempts I decided to follow this DD exampledd if=/dev/zero of=/zeroes && rm -f /zeroes” (DO NOT DO THIS, from my tests it caused mySQL service to not come up properlly). I then found people stating to use secure-delete or zerofree, however I had some issues with these against a live system and wanted a simple live system, general technique… if there so many references stating dd can do it… how.. then I found this
“dd if=/dev/zero of=/tmp/empty.dd bs=1048576; rm /tmp/empty.dd”
I’m assuming maybe cause I used /tmp instead of /… only diff I can think of.

C) At this point I made a backup using ghettoVCB which I had to use an alternate Datastore to save the VMDK that I would then finally hole punch, in this case the ghettoVCB script converts the VMDK from thick to Thin however will still be the size of the provisioned Disc.

D) Now this is where I started to get a bit… annoyed… However I did learn a few things… one is that & to bring a process to the background doesn’t disconnect that process from the current terminal session. So while I was SSH’d in and running the clone operation, it wasn’t fully completing when my SSH session timed out, even though I used & to run it in the background. Read this for more info but the gist take away is this: “nohup and disown both can be said to suppress SIGHUP, but in different ways. nohup makes the program ignore the signal initially (the program may change this). nohup also tries to arrange for the program not to have a controlling terminal, so that it won’t be sent SIGHUP by the kernel when the terminal is closed. disown is purely internal to the shell; it causes the shell not to send SIGHUP when it terminates.” –Gilles

E) OK so after a few annoying hours of failed transfers due to my own ignorance. I finally had a legit copy of my VMDK in thin format but sucking up a lot of space (See pic above) *Note I technically did the DD trick after making a backup, but the size shown on the datastore would still be teh same* the final part… hole punching: So quick re-cap, we deleted unused data, then zeroed out the unused blocks, we see a low size in the guest system (E.G. df -h), but we still see a large size used by the thin provisioned disc. K let’s hole punch
“vmkfstools -K /vmfs/volume/Datastore/VM/VM.vmdk”

Host Status During Hole Punch

CPU ESXi Host

CPU Storage Unit (FreeNAS)

Disk Usage Host

Disk Usage Storage Unit (FreeNAS)

Datastore Latency Host

Network Usage Host

As you can tell from the source images we can tell a couple things:

1) HolePunching a VMDK does a high read I/O on the datastore

2) If the Datastore is iSCSI based it’ll saturate the iSCSI NIC (this can cause a performance degradation for other VMs utilizing the same Datastore

3) The latency increases due to the high Read I/O on the Datastore, again this directly affects performance of VMs running on the same Datastore

Once done the VMDK looked liked this:

Results / Summary

*NOTE* You can use the following command to convert a Thick Disk to thin manually, if you wish to Hole Punch a VMDK without the script.

vmkfstools -i Source-Thick.vmdk -d thin Destination-thin.vmdk

So why did I go through all this pain? Well I didn’t like the fact I was backing up useless data, weather it be pointless old images, or zeros. In the end the same VM backup went from taking almost an hour down to 5 minutes!

Free Hypervisor Backup
Part 2 – The VMware Screw

Veeam

Run Veeam by clicking the icon on the desktop or in the start menu, for Veeam Backup and Replication.

First Run

At first you will get this:

click apply.

Click Veeam, Zip, haha I expected this.. 😛

Click ok, and the add host wizard pops up.

Infrastructure Wizard

In my case I’m using ESXi.

Credentials

In the next section you will need to specify the credentials, you could specify the root account, however in my case even with one host, and only me, I decided to create a Veeam account on my ESXi host to use for this case. On 5.5 using the phat client it is really easy and intuitive, highlight the host, click the local User and Groups tab, right click the open space, select new user, then click the permissions tab, click add user, select the newly created user, select the admin role. Done! Click here for 6.5/6.7 or the Web UI, not as intuitive. Click the add button, and add the account details that you specified when you created them on the hosts.

Then click OK, then next.

You will get this alert if you use self-signed certificates, even though I did write a blog post on setting up my own PKI, I did not use it in the case, as my Veeam server and ESXi host are not part of my AD domain, this also does simplify some aspects of the installation/deployment. Click Connect.

Click Finish, congrats you’ve added your free ESXi host. 😀

The dis-appointment

Next! Storage, Veeam needs to know where to save your data. Alright, seems there was no requirement here besides having local storage or a USB drive already attached, or in my case I used an SMB share. However I was very soon disappointed to see this error…

So…. so much for this being a free option, which I don’t think is fair, anyway. As usual its not even Veeam fault, this is cause VMware doesn’t allow the APIs for this, check this Veeam blog post out for more details.

If you use VMware a lot you you might have come across a blog site called virtuallyghetto run by William, this guy is great and my colleague just happened to find a script that was written by him to use the VMware CLI directly to create snapshots of VMs and copy their delta files to another disk, completely free.

In Part 3 I hope to install and try out this script, see how it handles my needs. Stay tuned!

Free Hypervisor Backup
Part 1 – Installing Veeam Backup

Intro

A little while back I had blogged about how you can get ESXi for free (you can also choose to use Hyper-V free with any version of Windows Server 2016/10, or using the stand alone core image).

However now that I have a couple nice hypervisor test beds, (I use FreeNAS for my storage needs, I hope to write a couple FreeNAS posts soon) how do we go about making backups, now we could manually backup the VM files manually, but that takes a lot of work, and I’d generally don’t like dealing with the file directly as soon as snapshots get involved, then I prefer to stick with the providers APIs. As you can guess I don’t have time to learn ever providers huge list of APIs, let alone the time to build any type of application for it (be it direct .NET, ASP.NET (w/ whatever front end (bootstrap/angular/etc)), JAVA (shutters), and whatever… so I could go on here but I’ll stop.

I’m personally not going to test a whole bunch of different solutions, but instead pull a bit of a fan boy and cover just Veeam. I came from using Backup Exec (which is now the hot potato of Backup Software, since it almost destroyed Symantec)… anyway, to using Veeam, and it was a breath of fresh air, not only do they have amazing support staff you know what they are doing (usually if you get in the higher tiers), but they also have a great form site with a good following and replies by the developers themselves. You also don’t need to sign up to read them if you need to find a solution to a problem in a pinch, they don’t mind airing out any dirty laundry cause more often then not it’s not directly their fault but the APIs they rely on. Anyway moving on.

Getting the Installation Media

To start go here to grab Veeam Free Backup. This requires a login, I can only assume to avoid Captcha, or other mechanism to prevent DDOS or annoyances, as well as information gathering. Feel free to use fake information for this.

Now Veeam can only be installed on Windows, see here for all the detailed specs.

I’ll choose Windows Server 2016 Datacenter as I have it available with my MSDN for all my educational needs. 😀

So at this point we have:

  1. A supported OS installed physical or virtual (i prefer virtual specially for labs)
  2. A Copy of the latest version of Veeam free
  3. A hypervisor (Hyper-V or ESXi) with VMs

*If you are looking to backup physical machines liek desktops and laptops look at Veeam’s agent options, Veeam Windows agent and Linux agent allow to backup physical machines.

Running the Installation Media

After updates it’s finally time to mount that ISO! In my case I had downloaded it on my workstation machine running Windows with the vSphere phat client, so I mounted it via the vSphere option to mount a local ISO to the VM. After mounting, and double clicking the installation executable, you are presented with this:

The EULA

Ooo, ahhhhh, click install…. and accept the EULA

Licensing (Free)

You will be present with this license part of the wizard, but as the text at the bottom indicates, click next without this to use free mode… wow how intuitive, no radio buttons, or check boxes… just simple intuitive wizard design…. would you just look at that… a thing of beauty. Click Next.

I was good with an all-in-one so I left the defaults, click next,

Dependencies

What is this? A clear, concise dependency check! And here I thought I could trick them by not installing things and see how it go, they seem to have done a good job covering their bases… and what is this?! and install button… you mean… I don’t have a vague link to a KB with some random technical blabber that links me to an executable to install before having to re run the wizard…. well lets see if it even works… Click Install… (Assuming internet connection; which this server does have, as how I got it updated)

Kool…

What is this?! no way…. it installed everything for me… and I didn’t have to reboot or re-run the wizard. Get out of town!; and click next.

Install location and verification

Again I’m OK with the defaults, click Install.

Let it install (it will use MS SQL Express (which is free up to 10 GB DB’s).

There’s a saying that goes “waiting is the hardest part”, thankfully with Veeam, this seems to be the case. Be patient while the installation completes, you’ll be glad you did. 🙂

Alright finally…

Click Finish, Now that was easy.

Click Restart.

Summary

That’s it! That’s all there is to it, the smoothest installation I’ve ever done, so smooth it doesn’t actually warrant it’s own blog post. But what the heck…

In Part 2 I’ll cover some basic configurations, and backup our first VM!

Creating and Managing Local Users ESXi 6.5/6.7

The Story

I recently started playing around with the later ESXi hypervisor (OK I’ve tried the Web UI before, and simply stayed away). Now it has been far more polished with the release of 6.7. I have been enjoying the experience a far amount. However, then I needed to create another account on my free host (since I do not have vCenter to play around with in my home lab). While most things a seemed pretty intuitive at first..

Creating a User

Host -> Manage -> Security & Users -> Add a User (Specify Username and Password)

If you actually tried to login at this point I’d laugh a bit, but it could happen, you just created a user account, right? Well first thing you should have noticed is that there was no options to define what permissions this newly created user should have, read-only?, administrator?, etc.

So you click on Roles, there are all the nice pre-created roles… mhmm nice… alright… so… how do I map a user to a role?

You can look all under Security and users (where it should be), heck you can even look all under all the Manage options… you won’t find it there either… I had to find this out by googling… and if I have to google it… it’s not intuitive…

Assigning the Roles

So click on the main host icon in the left nav area, then when the right pane has loaded, select the Action menu, you should see it on the list of options above the host, right next to refresh.

Then select “Permissions”.

When the Host’s permissions modal box appears, click add user.

Marvel at how you can now assign users to roles, from here instead of the logical place where you easily found creating the user. Even if they wanted to keep the actions menu, and the modal box, just create a dang link under Security and Users… Arrrrggg.