Blogs and podcasts
Bring your knowledge and expertise while creating blogs and podcasts
- 817 Topics
- 6,787 Comments
Although the post is very small, the news in it is big 😃With v12 you can start a Active Full backup of a single VM processed by a job. Just open the progress dialog of the job and right-click the VM you want to backup. As you can see, this can also be used to run a Retry just for selected machines. Important: this will just work when you use the also new feature in v12: True per-machine backup files
Hi Team, i want to share my latest best practice article about VB365. It is more a “understanding best practices” (the official titel is a bit missleading) and why there is not only one best practice for all installations. https://www.veeam.com/blog/veeam-backup-for-microsoft-365-best-practices.html If you have questions or feedback feel free to contact me.
The Veeam Backup for AWS, Azure, and GCP products supplies an effortless way to protect workloads running in one of the hyperscale public clouds. Workload protection is done by taking native snapshots and copying snapshots to object storage for a defined period. A full instance recovery and file-level recoveries can be performed from the backup. But this only scratches the surface of what Veeam can do with a cloud-based backup. To use advanced storage functions like Instant VM recovery directly to an on-premises hypervisor, full instance recovery into another hyperscale cloud, or copying backup files to an on-premises harden repository will require Veeam Backup and Replication to be integrated with Veeam Backup for AWS, Azure, and GCP through what’s called an “external repository”. The Veeam Backup and Replication external repository is a read-only connection to the Veeam Backup for AWS, Azure, and GCP object-based storage repository. It allows Veeam Backup and Replication to perform
One of the many features that Veeam Backup and Replication provide to ensure an organization can successfully recover their backups every day and in case of a malware emergency is the ability to scan your backup images for latent malware before they are restored. This goes beyond the ability to scan for possible entropic encryption of a server during backup by scanning for the malware that has caused the encryption. If an infection is detected then the restore can be aborted, or the server can be restored but not get connected to a network.Secure Restore is the name of the Veeam Backup and Replication feature that does the malware scan before restoring. Secure restore can restore Windows servers fromVMs from any hypervisor Physical servers that are protected with Veeam Agent for Windows. From backups stored on immutable block storage. From backups stored on immutable object storage. From backups stored on NFS/SMB shares Secure restore can be run before recovery is performed from the
When using preferred networks you might find your backup jobs take longer to initalise, commonly when you’ve got distributed backup components such as a physical proxy/repository and your Veeam Backup & Replication server isn’t performing any backup processing. This is because your Veeam Backup & Replication Server is also required to use your preferred networks configuration, even if it doesn’t have any network connectivity that resides within your preferred networks.This causes the job initialisation to take a lot longer than usual, and this grows even slower the more distributed your network topology and the more preferred networks you have. This is because your Veeam Backup & Replication server has to work through every preferred network match, before moving onto the rest of your network interfaces.Now, a quick reminder that the scenario above is just one example of why isolated networks might exist, but certainly not the only one. If you’re attempting to use preferred
I am old enough to remember the intense wars between Windows and Linux users in the late 90’s.I actually had a dream that I woke up many many years in the future, circa 2100 where both OS’s had merged and life was wonderful. Well it is 2023, the world is still crazy BUT… today I got Terminator and Remmina running on Windows 11 via WSL2, and what's more with a shortcut!!! I am back on a windows laptop due to corporate stuff. I don’t miss the MAC to be honest, It felt like it was a half Windows half Linux (or BSD) Frankenstein but hey that is just personal taste so to each their own.How far has the world come though!!Terminator is my favorite terminal program and Remmina for RDP well, I just like it (don’t save your passwords in there though). In your Ubuntu shell type sudo apt install terminator -ysudo apt install remmina -yFirst see if it can run (some complaints about the config but I will figure those out later) Terminator is backand now for Remmina:RemminaSome verbose anger there ba
Hi Folks, I recently was lucky enough to be chosen as an Auth0 Ambassador. However, I am still very much on the initial learning curve when it comes to identity management so have signed up to a few udemy courses and pulled out the documentation. When starting a new path it is always nice to take your first steps in familiar territory so I decided to try out leveraging SAML2.0 for Veeam Enterprise Manager. First we need to create a free Okta developer account: Then we will create a new app integration: VEM (Veeam Enterprise Manager supports SAML 2.0 so that will be our choice here:We need to give it a name:Next we need to enter our SAML settings. I used a laptop where I have a test VBR setup:These two settings (Single Sign On URL and Audience URI can be found in VEM here after you have ticked the Enable SAML 2.0 radio box. Don’t worry about the other settings we will import them later. Save the SAML settings in Okta then open up the App page: Further down on the right hand side you wil
If you had this on your 2022 IT bingo card, well done, you probably should try the lottery. If you’re less psychically gifted however, this announcement is slightly bizarre. Microsoft announced yesterday that they’re intending to retire their Basic SKU IP Addresses. Here’s everything we need to know. Basic SKU only, Standard SKU Unaffected It wouldn’t be much of a cloud if we couldn’t access it, so don’t worry, only Basic SKUs will be impacted by this change. Microsoft have announced that on the 30th September 2025, Basic SKU IP addresses will be retired.Further, from the 31st March 2025, you won’t be able to provision new Basic SKU IP addresses. How do these SKUs differ? Static/Dynamic IP AddressesAll IP Address allocations are static within the Standard SKU, whereas the Basic SKU offers Dynamic/Static for IPv4 and Dynamic is the only option for IPv6. Security ModelStandard SKU IP Addresses follow the ‘Secure-by-Default’ model. This means it’s mandatory to utilise a Network Security G
Microsoft 365 formerly referred to as Office 365 is a SaaS application that provides productivity and collaboration through a diverse set of micro-services and applications such as Exchange Online, SharePoint Online, Skype for Business Online, Microsoft Teams, Exchange Online Protection, Office in a browser, and many others. Microsoft recently made a distinction between M365 and O365. Therefore, M365 is a bundle of services that includes O365, and many other services as mentioned previously. I will be discussing these details in a subsequent guide. Here are some related guides that might interest you: How to Cancel Office 365 Family Subscription, how to complete Microsoft Office 365 Family Subscription, how to install Microsoft Teams on a Mac PC, and how to install and activate Office 2019 on your Mac PC.As of today, data is the most critical resources and one of the most valuable currency in the world. In Cyber Security, we refer to data as the New Oil. This Forbes link will highlight
Hi Folks, One topic that I don’t think has been addressed or discussed is VeeamON in relation to all of our many duties and responsibilities. How do you fit it in? How do you deal with the extra stress levels? VeeamON was a success and thoroughly enjoyed by all who attended but we would be kidding ourselves if we thought that it did not add extra pressures in our daily lives. First of all some of us might have to convince the bosses of this world that a trip to VeeamON is not, as the British would say just a “Jolly” i.e. vacation have fun only party. Yes we have fun but there is a lot of intense activity and knowledge transfer back and forth. I personally come out of VeeamON with my head exploding with new ideas and initiatives that I have gained from the sessions but even more from simple in person one on one conversations. Then there is the fact that no one is taking away the day job. Some of the folks there were having to simultaneously work during the conference or after hours. I
I’d like to first thank Rick Vanover, Madalina Cristil, Nikola Pejková, Aubrey Galen, and everyone at Veeam for their efforts and support leading into the Veeam 100 Summit. It’s a HUGE undertaking that requires many levels of coordination. This was my first time attending the event in person. It was an honour to attend such a prestigious event and meet many fellow Vanguards, Legends and MVPs in person. It is amazing how being at an event and being able to speak to others of the same mindset makes you feel great. As for the host city of Prague, it never fails.Day 1 included a Welcome Reception.A big thanks to Jim Jones and 11:11 Systems for sponsoring our Go Kart event earlier in the day! It’s safe to assume everyone thoroughly enjoyed this experience!Day 2 was the official kickoff for the Veeam 100 Summit. Rick, Madalina, and Hannes Kasparick started the day with a presentation in which we learned more about the various Community groups managed by each. If you’re not familiar with e
An incremental update has been released for Veeam Backup for Nutanix AHV. Version 4a has a few new enhancements and some issues that were resolved. The download link is in the KB link below. Note: Veeam Backup for Nutanix AHV 4a only supports integration with Veeam Backup & Replication version 12. What's NewUpgraded OpenSSL to version 1.0.2zg Configuration restore now assigns a default start time to a restored job that used an active full schedule but did not have a start time configured Configuration restore now assigns proper value and proceeds if BackupUID is found to be an empty string during configuration restore Default settings for Active Full and Synthetic Full job settings in the web UI have been adjusted to be consistent with Veeam Backup & Replication.Resolved IssuesA backup job continues to retry when the session ends with a warning.Now, after the first session completes with only a warning, no further retries will occur. Notification emails sent to Enterprise Micr
Hey Veeam community. I am starting my New Year’s resolution early and posting my first video on YouTube. It’s a walkthrough of Veeam Backup for Salesforce. I’m planning to post more videos as I find it helps deepen my understanding of various Veeam solutions. I hope to document some parts of Veeam products that I found challenging or hard to implement. I welcome all comments as I know there are a bunch of people here with much more experience at this than I have. Have a great rest of 2022! Cheers!
📢Join this webinar on July 18th for an exciting discussion featuring our CTO, @dannyallan , Opti9's own Sagi Brody, who is also one of our Veeam 100 members, and cybersecurity expert Guy Mizrahi, CEO of CyPROS. They'll be discussing how to tackle ransomware risks, why backup infrastructure is a top target for attackers, and how our Veeam+Observr solution sets us apart from other backup vendors in the battle against ransomware, revolutionizing your protection strategy. Don't miss out!Register in here: https://opti9tech.com/events/webinar-anatomy-of-ransomware-attack-preventing-attacks-on-your-backup-infrastructure/ Best, Madi
The following disclosure vulnerability (CVE-2022-22948) was reported to VMware by Yuval Lazar (@Ul7raVi0l3t) of Pentera. To remediate this vulnerability, apply the patch in the response matrix below as it applies to you. The vCenter Server contains an information disclosure vulnerability due to improper permission of files. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.5.Below are the affected productsVMware vCenter Server (vCenter Server) VMware Cloud Foundation (Cloud Foundation)An information disclosure vulnerability in VMware vCenter Server was privately reported to VMware. Updates are available to remediate this vulnerability in affected VMware products.Known Attack VectorsA malicious actor with non-administrative access to the vCenter Server may exploit this issue to gain access to sensitive information.ResolutionTo remediate CVE-2022-22948 apply the patches listed in the 'Fixed Version' column of the 'R
VMSA-2021-0025.2 - VMware vCenter Server updates address a privilege escalation vulnerability (CVE-2021-22048)
VMware vCenter Server is advanced server management software that provides a centralised platform for controlling your VMware vSphere environments, allowing you to automate and deliver a virtual infrastructure across the hybrid cloud with confidence.This privilege escalation vulnerability in VMware Center Server was reported to VMware by Yaron Zinar and Sagi Sheinfeld of Crowdstrike for reporting.Present IssueThe vCenter Server contains a privilege escalation vulnerability in the IWA (Integrated Windows Authentication) authentication mechanism. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.1. Impacted ProductsThe following products are impacted. Workarounds are available to remediate this vulnerability in the affected VMware products.VMware vCenter Server (vCenter Server) VMware Cloud Foundation (Cloud Foundation).Known Attack VectorsA malicious actor with non-administrative access to vCenter Server may expl
Hi Folks, When I think about being a Systems/Backup Administrator all of these years I can’t single out one single story that fully represents the highs and lows of this profession. So instead I have decided to write a few short sound bytes, streams from moments of memory suffixed with rhymes like one of the those “_restored” attachment names we use in order not to overwrite production. Every moment is also and emotion. We add a taint of emotional metadata to events and memories that we often don’t fully comprehend ourselves. Our work is matrix of puzzles and problems that we face everyday with our silicon little friends. Although sometimes it feels like they are our foes. Gratitude The call broke through the comforting calm silence of a Friday morning IT room like a waiter’s tray that gets turned over in a busy restaurant. An important file was missing. It had been erroneously deleted in one of those careless human moments of blissful neglect. The stakes were very high. First attempt
When attempting to add a pre-created (provisioned) PC to a domain or reuse an existing computer account, the following error below is encountered.An account with the same name exists in Active Directory. Re-using the account was blocked by the security policy.Microsoft released this update on October 11, 2022, thereby introducing additional protections (hardening) for your environment. This hardening mitigates the following “CVE-2022-38042 (Active Directory Domain Services Elevation of Privilege Vulnerability)”.Legacy behaviourBefore the installation of the October 11, 2022 update, or later cumulative updates, the client computer queries Active Directory for an existing account with the same name. This query occurs during domain join and computer account provisioning. If such an account exists, the client will automatically attempt to reuse it.Note: During this time, the re-use computer account will only fail if the user does not have the appropriate permission to join the device to th
Password Authentication & Certificate Authentications both have their pros and cons, but one undisputed stance is that certificates are more secure than passwords when used properly. To that end, I prefer to deploy certificate authentication when working with SSH, and when deploying Linux VMs, Azure prefers to as well.However, Veeam Backup for Microsoft Azure also signs you in with your Ubuntu user account, but doesn't support certificate authentication. Does this mean you're stuck with password authentication? Nope! Is it complex to configure? Also, nope! How does this work?Simply, we'll ensure that SSH is configured to only support certificate authentication, whilst configuring a password for authentication against the Veeam Backup for Microsoft Azure portal. For good measure, we'll also go through how to secure this platform further to reduce your attack risk. Getting set up with Certificate AuthenticationWhilst typically the more difficult part, Azure has done a great job of ma
It's been almost a month since the release of Veeam Backup for Microsoft 365 v6. If you're looking for all the details of v6, then check out @MicoolPaul’s post: Until now no bigger problems were discovered or reported. There's only a known issue, that the CPU load in idle is higher then usual; no big issue, but if you want to solve that, there's a hotfix available: https://www.veeam.com/kb4294 One change, which didn’t get much attention so far, is the newly designed setup: I really like the new fresh look, compared to the old setup. It’s clean, modern and good looking. And it also updates the Veeam Explorers during the setup/upgrade process; in previous versions, those had to be manually installed. Want a comparison to the old setup? Here’s how it looked in v5. What do you think? Which setup is the better one?
Introduction Creating the CSR Requesting the certificate Creating the PFX Replace the certificate Introduction Some customers would like to change the self-signed certificate used by the Web Console for Veeam for Public Cloud products.In this guide I will show all the steps involved in this process: Creating the request Creating the certificate Importing CA Root certificates Changing the certificateI'm using the Veeam Backup for Azure as an example, but all the steps are the same for Veeam for GCP and Veeam for AWS. Important:This guide assumes you have a public domain and that you created the host A record for the DNS name you will use.Also, I’m using ZeroSSL just to demonstrate the process of requesting a valid certificate, some steps could be different depending on the Certificate Authority used. Creating the CSR Let's create the certificate request using OpenSSL.DigiCert has a web tool to create the command: https://www.digicert.com/easy-csr/openssl.htm Connect to the appliance vi
VMware vSphere logoRecently VMware released Update 1 for both VMware vCenter and ESXi. I successfully upgraded my vCenter but had to wait on the ESXi hosts until the VMware USB NIC Fling was updated to be compatible with Update 1. It is now updated and can be downloaded from here – VMware USB NIC FlingI downloaded the fling and the Update1 ZIP file from the VMware site that I could run on the CLI of each host after enabling SSH. So I connected to my hosts via the Web UI, logged in and enabled SSH. I then used Mobaxterm to connect to each of my hosts.The steps at a high level to upgrade are as follows –Remove the current USB Fling driver from each host Reboot the host to complete the VIB removal Enable SSH again on each host Run the CLI command to process the Update1 ZIP file on each host Reboot each host to ensure Update 1 is applied Enable SSH again on each host Install the USB NIC Fling for Update 1 Reboot each host to ensure the drivers are loaded Check the Web UI to ensure the USB
Looking to build your own chatbot but don’t want to break the bank on hardware and keen on some privacy ? I’ve created 2 blogposts on how you can create your own AI LLM powered chatbot.The first post is live and tells you how to get to your source data. I gave it a little twist and used the transcripts of several YouTube instructional videos to train the model.Interested, remarks, comments ?Read it all here: https://integriservices.blogspot.com/2023/06/create-your-own-private-offline-ai-q.html My second post will become available later this week. Then I’ll take you on the tour how to deploy your own private chatbot and train it with the data we’ve collected before. 100% private free and local AI LLM powered Q&A chatbot at your disposal.
Hi Folks, I wasted a lot of time in my life doing dumb things. Luckily a remain young in spirit and continue to do dumb things even now. Like troubleshooting an ignition process on Flatcar when the issue was staring me in the face. When dealing with failures and errors be it in backup or anything else try the “metaphor” method in order to help you solve the problem. For me it was that services were not starting when booting the immutable OS. Permission denied came up in the journalctl output but it made no sense since that part of the filesystem was chmod with the right access. Then I checked the location and the files were there with the correct names but… there size was zero. I checked the ignition file creation and all looked fine. I struggled until it hit me when on my walk and passing by a location that I used to frequent quite often.. the beer store. If you are in line up to buy beer and you have brought your empty bottles to cash in on the recycling refund.. you can’t just take
Login to the community
Log in with your Veeam account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.