Category Archives: Certification

[WS2016]INSTALLING AND CONFIGURING IIS ON WINDOWS SERVER 2016 NANO -PART02

In the previous post, we covered basic implementation of Nano Server along with IIS Package. As the goal of our blog is to configure Website to host vSphere Update Manager repository in the Airgapped zone, we need to start focusing in that direction.

Now we have to start doing some initial work. If you refer to Vmware Installation and configuration guide, you have to add MIME types. For the beginners, we have added MIME types at IIS level and not per website. In the PowerShell script below, I have added MIME Types

Before we begin, let me open a remote session on Nano server

After the remote session is opened, paste following lines in the console which will be a session on Nano Server.

Even though it is not a requirement but the above script is enabling directory browsing at IIS level.

I have to enable it to show site is working.  It is worth noting that you can enable directory browsing per site level.

Probably I have not found a way to enable it per site level. I suggest you try to get some help on it. In production, it is strongly discouraged to enable directory browsing. Another point I would like you to note is to import IIS Administration module. These are the only module loaded in Nano. While doing some online search, you might come across Web Administration module which unfortunately is not available. In the above script Line, 8,9 and 13 are adding the MIME types to the website whereas Line 16,17 and 18 are optional but advisable as they assure you that changes we have made are incorporated. Finally, don’t forget to exit the session. I keep forgetting this step and keep wondering why some cmdlets are not working.

Next section is a bit involved and needs some concentration. To make it simple, I will break my codes into several lines. First, my aim is to get signed certificate from My Internal CA. As you might be aware, you need Certificate Signing Request (CSR) generated. In GUI world CSR creation on IIS is way too simple, but in non-GUI, you will need to know how it can be achieved using the command line. My knowledge on vSphere certificates helped me a lot.

To create CSR, you have to create INF file manually. Below is how it looks.

If you’re planning to use my script, just change the Subject i.e. line 4 to reflect you FQDN name of the site and save with filename. This filename should be taken into account in $inifile. My site is kzare.contoso.com. For testing, you must also create a DNS record.

INF file is CSR request but in RAW format. To truly generate a CSR in the below script,  you just have to type the following command stated in line:09.  Line 1 -7 are the variables I have declared.

Line 9 will create a file kzare_certreq.req. Please ensure you execute this command from c:\kzare which is a working directory.  Since we have a CSR, the most logically next step is to get it signed by CA. Below lines are doing that exactly

syd-dc is my CA host name, and contososyd-dc-ca is my CA name
The first line signs the certificate while the second line imports the certificate in default certificate store which is Personal store on my working server.

Now that certificate has got installed on the working server; we must export this certificate to Nano Server. As a first step, I have to export the certificate in PFX format which must have a password. Without the password, the private key will not get transferred to the file. All the variables I have declared at the start of the script, please to complete script at the end of this post. At the close of this script, we export the certificate along with private key in pfx format

Now that we have shipped the signed certificate along with private key we have a final task of copying it to Nano server

N.B.: Right now don’t read into variables. It will be clear when you read the entire script which I have pasted below.

I have learned that you cannot open an interactive session via a line in a script and start to execute the command via script line. But instead, you must open a session, capture that in a variable and then execute the block of the script against the session. So line 1 is opening the remote session, catching it in $NanoSession and from line 2 – 19 it is the script block I’m executing in the Nano Server

You might be wondering why I’m declaring variable there again (line 4-6)? Well, the reason is, it is an entirely different session, a session which is unaware of the variables.

Line:9 I’m importing the certificate in the personal store of Nano Server.

Line:12 You must import IIS module. Without which all the subsequent commands will crash.

Line:13 I’m creating  a site with default binding on port:80

Line:14 I’m capturing certificate stored in my personal store to retrieve thumbprint.

Line:15 I’m storing the thumbprint in the $thumprint variable

Line:16 I get all information from IIS Manager

Line:17 I’m filtering against the site name and adding SSL certificate

Line:18 Finally, You must commit changes

That is all for the blog post.

PowerShell, Nano do wonders
PowerShell, Nano do wonders

In Summary

  1. IIS Management tool is not available. Therefore you must use PowerShell to create and manage websites in IIS
  2. Nano Server footprint in the enterprise is subject to the availability of a very high skilled PowerShell administrators. Nothing to scare of, PowerShell is very easy to learn, the more you find, the more you start enjoying.
  3. You can create and manage sites on Nano server, but further delving is expected.
  4. I was able to achieve the business requirement of optimize VM footprint and limiting the Server cost. You can add value to the organization by optimizing deployment and management cost

Below is the full script

 

[Nutanix] NPP Journey

Starting this year I choose to learn a new technology which was Nutanix. In order to start the Journey I choose to put a goal NPP as a starting goal. NPP stands for Nutanix Platform Professional. I have found putting certification as a goal is best way to learn any technology. If you focus on certification of any particular technology, you are more likely to learn new technology as here the focus is to clear the exam. Nutanix as of now offers three certification NPP, NSS and NPX .

Where to start

  1. You must install nutanix community edition and here is the best blog i have found. This is the only blog which explains the workaround if you don’t have SSD
  2. If you have budget of 35,000 INR, I strongly suggest you enroll online plus exam.
  3. At least go through PRISM WEB CONSOLE GUIDE.
  4. And youtube videos here
  5. Optionally Nutanix Bible here

Online Plus Course

First & foremost this is very unique learning approach. You are given access to nutanix course material and lab starts after 2-3 days. It allows you to read training material at least 2 days before and helps you with good head start with Nutanix. One of the best part of Online Plus course, you have access to learning material even after you have completed your course. Unfortunately it is not documented anywhere but I suspect access will remain for more than a year. You don’t need to take any notes. This course duration is for 2 weeks and you get two lectures. First lecture is about lab and second one is question and answer session with instructor. I liked the second lecture a lot. Instructor was extremely knowledgeable and source of lot of information and has been part of this blog. It was worth 35k, however if your organization is going to enter in partnership agreement with Nutanix, you get free online plus course.

The NPP exam is free to all Nutanix customers and partners, Request an account from education@nutanix.com.

Do you really need to do undergo this course. You would be surprised, it is completely optional. In fact NPP do not have any critiera. Do you want to give this exam?, just drop a email to education@nutanix.com they will send you email for exam. And it might surprise some of you, this is open book exam. You don’t have to go to any VUE/Prometric center for it. You can give this exam in group/Home/Office. It reminded me of how we use to pass compliance requirements in my previous organization. Jokes apart, you have a choice to be honest here. So this exam is free, this exam is open book. I did this course sometime in March and proud to say I have completed it within month. What next?

Preetam Zare_NPP Certification Exam (4.5)_Certificate

Reference for Nutanix Platform Pprofessional

Nutanix Certifications 

Nutanix Professional Exams

Nutanix Online Plus exam course description

Nutanix Online Plus Exam schedule