CentOS ISCSI Target Server Setup

Requirements & Best Practices

ISCSI should have a dedicated disk or a dedicated LV to use, ensure you have sufficient space to create a new LV, otherwise storage should be added. If you are using SELInux please make appropriate changes or do the following to disable SELinux:

setenforce 0
sed -i 's/=enforcing/=disabled/g' /etc/sysconfig/selinux


If you are using iptables firewall be sure to add a rule to iptables to allow communication on port 3260 for iSCSI.

vim /etc/sysconfig/iptables

Above the explicit deny line in the iptables config enter the following line item:

-A INPUT -m state --state NEW -m tcp -p tcp --dport 3260 -j ACCEPT

Restart IP tables:

service iptables restart


Install and Enable Target Server

install the required packages

yum install scsi-target-utils -y

Enable for auto-start

chkconfig tgtd on

Start the Daemon

/etc/init.d/tgtd start


Configure Targets

Edit the contents of of the targets configuration file

vim /etc/tgt/targets.conf

Edit the following block:

# Set the driver. If not specified, defaults to "iscsi".
# This can be iscsi or iser. To override a specific target set the
# "driver" setting in the target's config.
default-driver iscsi
#<target iqn.2008-09.com.example:iser>
#       Example: the next line would override default driver type.
#       driver iser

You’ll need to include the target iqn info as well as the backing store information. When you are finished it should look something like:

# Set the driver. If not specified, defaults to "iscsi".
# This can be iscsi or iser. To override a specific target set the
# "driver" setting in the target's config.
default-driver iscsi
<target iqn.2015-08.com.tgsrv1:tgt1>
        backing-store /dev/vg_centos6/iscsi
#       Example: the next line would override default driver type.
#       driver iser

Once you have completed this step you will need to restart the tgtd servie

service tgtd restart

At this point we can verify that the ISCSI target LUN we configured is now visible:

tgtadm --mode target --op show

If you completed the configuration correctly you should see the LUN0 the control LUN and LUN1 which will the LUN we just created. It will look something like the example below:

[root@localhost ~]# tgtadm --mode target --op show
Target 1: iqn.2015-08.com.tgsrv1:tgt1
    System information:
        Driver: iscsi
        State: ready
    I_T nexus information:
    LUN information:
        LUN: 0
            Type: controller
            SCSI ID: IET     00010000
            SCSI SN: beaf10
            Size: 0 MB, Block size: 1
            Online: Yes
            Removable media: No
            Prevent removal: No
            Readonly: No
            Backing store type: null
            Backing store path: None
            Backing store flags:
        LUN: 1
            Type: disk
            SCSI ID: IET     00010001
            SCSI SN: beaf11
            Size: 20401 MB, Block size: 512
            Online: Yes
            Removable media: No
            Prevent removal: No
            Readonly: No
            Backing store type: rdwr
            Backing store path: /dev/vg_centos6/iscsi
            Backing store flags:
    Account information:
    ACL information:

Updating ESXi From ESX-CLI

Enable SSH or ESXi Shell on the ESXI Host

Method 1: Without the vSphere Client

DRAC into the ESXI Server and press f2 and enter your credentials


Arrow down to troubleshooting options and press enter, choose to enable either the EXSi shell or SSH or both.



To access the ESXi shell press F1, to return to management press alt F2

Method 2: Using vSphere Client

Log into vSphere and click the host you wish to update. Then select the configuration tab


On the left hand side under software click Security Profile then click Properties in the top right hand corner


Choose SSH and start the service and optionally set to start with the host if you wish to leave it enabled




Check Version and Patch Level

Log into SSH or ESXI shell and run the following command

vmware -vl

The following link contains a guide to correlate patch numbers to : http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1014508


Obtaining Updates

To obtain patches for ESXi visit the following link to download the patches: https://my.vmware.com/group/vmware/patch#search


Upload Patches To Datastore

Create a directory on the datastore called patches and upload the zip files you downloaded to this directory.


Apply Patches

Evacuate the VM host of any running VMs and place the host in maintenance mode


Once you have completed the step above access the ESXI CLI from either DRAC or SSH and type the following command

esxcli software vib update --depot=/vmfs/datastore/patches/<name of patch zip>

Depending on the update you may need to use install in the syntax instead of update


Reboot the host to complete patch installation once the CLI states install was successful.

Resetting Forgotten Windows Admin Password

One of the “fun” experiences I have run into in my IT career is the situation where domain trust is broken or the network is not configured, but you absolutely have to get into the box in question. The trouble is the password was set by someone who was in the position before you and there is no documentation. I have come across 2 ways to do this, one of which I consider to the conventional bare metal method and the Hyper-V guest method.


Method 1 (Bare Metal Method):

If you have a physical server or a virtual machine that is in another format other than VHD to VHDX use this method. Essentially what we will be doing is booting from the windows disk into a command prompt repair option, backing up and renaming utilman.exe and making a copy of cmd.exe name utilman.exe. This will allow us to reboot to login prompt, press windows + U (which ordinarily brings up utilman.exe) which will launch a command prompt, from where we can reset the administrator password using the net user commands.

The first step is to insert the windows disk, reboot and choose to boot from disk. Once you are on the the screen that present the option to install windows or repair your computer




Choose the troubleshoot option, and then select to command prompt.

Once you are booted into the command prompt you will need to type the following commands (note D is the normal drive for C: in this prompt, if you primary drive is labeled something other than C you can use diskpart to identify the proper disk)

  • D;
  • cd windowssystem32
  • ren utilman.exe utilman.bkp
  • copy cmd.exe utilman.exe

Close the command prompt, eject the disk and restart. Once you boot to the sign in screen press windows key + U then type the following:

  • net user administrator Password123!

Close the command prompt and login as administrator with the password you just set. Once you have completed this successfully you will want to remove the utilman.exe application and rename utilman.bkp to utilman.exe.



Method 2 (Mounting VHD Method):

If you are utilizing Hyper-V or another virtualization platform that utilizes VHD or VHDX files you have another option, which is to mound the VHD and perform similar steps to the above. If the VM in question is running shut it down. Once the virtual machine is shut down on the Hyper-V host machine open disk management (diskmgmt.msc) and choose the “action” menu, then select “attach VHD”.

attach vhd

Once you select attach VHD, you’ll need to navigate to the directory where your Hyper-V VHDs are stored (by default this is C:UsersPublicDocumentsHyper-VVirtual Hard Disks). Select the VHD and mount it. Once the VHD is mounted you’ll see it show up as a drive letter, navigate to this drive letter, choose the windowssystem32 directory. You will need to right click on utilman.exe and choose properties, select the security tab, choose advanced security and change ownership to your user account.


Once you have taken ownership and applied changes you will be able to add your account on the security tab and grant full control. Once this is applied you will then have the permissions needed to change the filename to utilman.back. Once this is done locate cmd.exe in same directory, right click and copy, then paste and rename to utilman.exe. Unmount the VHD  by opening disk managment (diskmgmt.msc), highlight the disk for the VHD you mounted, then choose “action>all tasks>detach VHD”


Once you have unmounted the VHD you can boot the Hyper-V virtual machine and press ctrl+U at the login prompt to reset the password via command prompt with the following command:

  • net user administrator Passwor123!

Once you are successfully in the server and you need to perform the same cleanup tasks as in method 1. If you run into issues moving utilman.bak to utilman.exe you can try shutting down the VM and re-mounting the VHD to the Hyper-V host and change these options, unmount the VHD and reboot the Hyper-V system.


Thank you all for reading and I hope this article is helpful. This article is intended to assist administrators to access systems they have rights to access but lack the password. This article is in no way mean to help or endorse illicit access to systems, please use this information carefully and please act ethically and only use this to access systems you own and/or are authorized to access.