14-08-14

VCAP-DTA Exam Experience (Redux)

So I got back about an hour ago from my second sitting of the VCAP-DTA exam in Leeds. As regular readers will know, I sat it a couple of weeks ago and failed. The score report I got back gave me some suggestions on the areas I wasn’t quite so hot on, so I spent some extra time going back over those and making sure I understood them (two factor authentication and group policy settings to name but two). I had the mindset that if I didn’t pass it today, it would be a would be a while before I’d be back as my employer wants me to get up to speed with the latest MCSE track and quickly, meaning I wouldn’t have the bandwidth (or the mental capacity!) to take on both at the same time.

Nor did it help that I was running a little late, I’d had a coffee and an early lunch because as usual, my appointment spanned over lunch time and I didn’t want to get hungry. By the time I set off for the test centre, it was getting close to my appointment time start so I had to run the last couple of hundred yards to make it on time. With that and a coffee swilling around inside me, my eyes were on stalks when the exam started!

I’m not sure how large the pool of questions is, but I did get a few I’d had previously, including some I came a little unstuck on. I tried to move on if I felt I was getting bogged down, with the intention of picking up as many points as possible elsewhere. Somewhat surprisingly, by the time I’d completed question 23, I still had 30 minutes left. So I went back, quickly checking my answers and referring to the admin guide on the ones I was stuck on.

It turned out to be a pretty effective strategy, although I did go back to delete and restart one “answer” I’d started and then ran out of time, as the desktop refresh was a little laggier than last time, and I couldn’t quite complete the task in time.

I came out feeling tense as I thought I’d passed last time and didn’t,  and I was mindful that I hadn’t completed all tasks with the loss of points that entails. Anyway, I got the score report back quickly again (thanks Joshua!) and this time thankfully I’ve passed! So now I have four VCAPs and I can afford to dream of the far off pot of gold that is the VCDX. I’m not going to think about that yet, as I’ve a box full of Microsoft exams to get done before I can get to that. Still, in the words of Peter Venkman, “we came, we saw, we kicked it’s ASS!”

 

G-1136 - We came, we saw, we kicked its ass

 

22-07-14

VCAP-DTA Objective 6.2 – Configure Group Policies for PCoIP and RDP

  • Identify and resolve group policy conflicts – One of the great things about group policies is that there are so many settings you can configure and lock down that sooner or later you’ll end up doing something that means different group policies treading on each other’s toes. There are a couple of ways to check group policy inheritance:-
    • gpresult.exe – a command line tool that can be used to generate a RSoP report (Resultant Set of Policies). This is a quick way of looking at what’s been applied, what has been filtered and which AD groups a user is a member of, which can help troubleshooting. The command syntax for a RSoP style report is gpresult.exe /r and you’ll get something similar to below:-

Microsoft (R) Windows (R) Operating System Group Policy Result tool v2.0
Copyright (C) Microsoft Corp. 1981-2001

Created On 22/07/2014 at 20:34:43
RSOP data for BECKETT\Administrator on DC01 : Logging Mode
———————————————————–

OS Configuration: Primary Domain Controller
OS Version: 6.1.7600
Site Name: Default-First-Site-Name
Roaming Profile: N/A
Local Profile: C:\Users\Administrator
Connected over a slow link?: No
COMPUTER SETTINGS
——————
CN=DC01,OU=Domain Controllers,DC=beckett,DC=local
Last time Group Policy was applied: 22/07/2014 at 20:34:10
Group Policy was applied from: DC01.beckett.local
Group Policy slow link threshold: 500 kbps
Domain Name: BECKETT
Domain Type: Windows 2000

Applied Group Policy Objects
—————————–
Default Domain Controllers Policy
Default Domain Policy
ThinPrint

The following GPOs were not applied because they were filtered out
——————————————————————-
Local Group Policy
Filtering: Not Applied (Empty)

The computer is a part of the following security groups
——————————————————-
BUILTIN\Administrators
Everyone
BUILTIN\Pre-Windows 2000 Compatible Access
BUILTIN\Users
Windows Authorization Access Group
NT AUTHORITY\NETWORK
NT AUTHORITY\Authenticated Users
This Organization
DC01$
Domain Controllers
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS
Denied RODC Password Replication Group
System Mandatory Level

USER SETTINGS
————–
CN=Administrator,CN=Users,DC=beckett,DC=local
Last time Group Policy was applied: 22/07/2014 at 20:33:40
Group Policy was applied from: DC01.beckett.local
Group Policy slow link threshold: 500 kbps
Domain Name: BECKETT
Domain Type: Windows 2000

Applied Group Policy Objects
—————————–
N/A

The following GPOs were not applied because they were filtered out
——————————————————————-
Default Domain Policy
Filtering: Not Applied (Empty)

ThinPrint
Filtering: Not Applied (Empty)

Local Group Policy
Filtering: Not Applied (Empty)

The user is a part of the following security groups
—————————————————
Domain Users
Everyone
BUILTIN\Administrators
BUILTIN\Users
BUILTIN\Pre-Windows 2000 Compatible Access
NT AUTHORITY\INTERACTIVE
CONSOLE LOGON
NT AUTHORITY\Authenticated Users
This Organization
LOCAL
Group Policy Creator Owners
Domain Admins
Schema Admins
Enterprise Admins
Denied RODC Password Replication Group
High Mandatory Level

  • RSoP (Resultant Set of Policies) is basically a graphical representation of what you see above, which is actually quite helpful when you have a specific issue you want to troubleshoot. To run the report, go to Start | Run | rsop.msc and after the report has been generated, you kind of get a read only group policy view with details of policy settings.

rsop

 

  • Group Policy Management – One other thing to check is the Group Policy Management MMC tool. This can be accessed by going to Administrative Tools | Group Policy Management. Once within this tool, select a particular OU that you want to troubleshoot and click the Group Policy Inheritence tab. This displays which GPOs are in place and what their priorities are.

gpo

 

  • Implement PCoIP and RDP Group Policy templates – As discussed in a previous article, PCoIP can be managed by importing the pcoip.adm policy template from the C:\Program Files\VMware\VMware View\Server\extras\GroupPolicyFiles folder into the Group Policy Management  MMC view.
    • RDP can be managed via Group Policy from Group Policy Management under  Computer Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Services. From here, configure which settings you want to enable or disable etc, as shown below:-

RDP-GPO

 

 

03-04-14

vExpert 2014 Announcement

 

VMware-vExpert-2014-400x57

 

So Tuesday saw the announcement of the 2014 list of vExperts and I’m delighted to say that I made the cut this year (after checking of course it wasn’t an April Fool!). Actually, it’s the first time I’ve applied and looking down the list, it’s a “who’s who” of vRockstars from around the globe, including around a dozen or so of my ex-colleagues at Xtravirt  who continue to add a lot of value to the community.

A big thanks of course go to the team who make vExpert possible, getting through 700+ applications in a month can’t have been all that easy! Thanks too to Jason Gaudreau, our TAM at VMware, who suggested I should go for it in the first place. When I look back at the last year, I’ve done a lot – 3 VCAPs, a load of blog content, study guides, plus the work I’ve done with VMware PSO and the account management team since I’ve been at MMC.

You’d think that I might sit back now and rest on my laurels, but if anything, it’s actually making me want to do more. I’ve already offered to present at our local VMUG, I’m blogging as often as I can and there will be more VCAPs this year I’m sure, as I start on the vCloud path once I’ve got NetApp, VCAP-DTA and Hyper-V out of the way!

Looking forward now to getting started and continuing to spread the gospel of virtualisation. Congratulations to all 2014 vExperts both new and returning and thanks for making the community awesome!