vToolbelt – February 2020
Welcome to (hopefully) the tail end of winter! 
A few brief glimpses of sun has me hopeful that the dreary days are behind us!
There is a lot of VMware Virtualization news to cover this month. Some important changes are noted in the Highlights section
Highlights for the Month
vSphere 6.0 & vCenter Server 6.0 will be at End of General Support on March 12th, 2020. Note: Even if your hosts won’t support a later version of vSphere, if they are on at least 6.0, you can still update vCenter Server to 6.5 or 6.7
Microsoft changes to LDAP Binding Requirements may impact vCenter Server and App Volumes
Apparently Microsoft will be changing how AD handles LDAP requests in their March 2020 updates. Any LDAP requests that are not using TLS could be negatively impacted. The tech marketing team for vCenter has written an article on how these changes to MS LDAP Channel Binding & Signing could affect vCenter.
There are 3 protocols that will bind vCenter to Active Directory for authentication:
- Unencrypted LDAP (LDAP:\\)
- LDAP encrypted with TLS (LDAPS:\\)
- Integrated Windows Authentication (IWA)
According to VMware testing, TLS\LDAPS and Integrated Windows Authentication binding methods are not impacted by this change. I have received customer feedback that the MS tool that helps report on unencrypted LDAP requests is including applications that are using IWA bindings.
It appears App Volumes could be impacted as well. There is a KB article (KB 77093) that discusses what VMware is working on for this and what you can do about it.
Upcoming changes to VMware CPU-based licensing
Beginning April 2nd, 2020, Any VMware software that is licensed on a per-CPU basis will require 1 CPU license for up to 32 physical cores. If a CPU has more than 32 physical cores than an additional CPU license will be required. You can read the full VMware CPU Licensing Change Announcement, as well as check out KB 77098, which describes how you can count the CPU cores in your environment (either using the vCenter Client or a PowerShell script).
Adobe Flash is near End of Life
Adobe has announced that they will EOL Flash at the end of 2020. This likely means that browser manufacturers will stop supporting Flash-based apps in their browsers at some point this year. (The Adobe article has links to the major browser partners and their plans)
The vSphere Web Client included with vCenter Server 6.7 releases (beginning in April 2018) have full HTML5 feature parity and no longer require Flash. If you haven’t upgraded yet, now is the time to start planning. A few things to check before you upgrade:
- Host Compatibility – The hosts don’t have to run the same version as vCenter. There is a interoperability matrix to show compatible versions. Hint: vSphere 6.0 & Later
- Software Compatibility – make sure any solutions that integrate with vCenter are supported. VMware has a searchable Product Interoperability Matrix for products like Horizon, vRealize, etc. You should also check any third-party solutions (backup, reporting, etc)
- vCenter Client Plugins – If you use a client plugin to manage your SAN, A/V, etc you should also check with that vendor to make sure it is supported.
