HOWTO: Recover a failed firmware update on a #HPE / #Marvell Ethernet Adapter

It’s no secret that I exclusively utilize HPE’s oem’d Marvell Ethernet and FC adapters in not only my own servers, but all of my customers servers too. For the most part, they work great, they are feature rich compared to the competition, and lets face it, they are cost effective. The downside is that the firmware updating process provided by HPE is not overly robust, and has more than once left me with a bricked adapter. Once bricked, the adapter still appears in the ILO and server inventory, but doesn’t show any ports, MAC addresses, etc. So then I have to wait for HPE PointNext to dispatch a field tech to replace the bricked card because apparently they do not know how to fix it.

While troubleshooting another issue a while back with both the HPE ILO and Marvell Ethernet firmware development teams, the topic of bricked, borked, or otherwise dead adapters after failed HPE firmware updates came up. One of the Marvell engineers shared with me how to bring these adapters back to life, and I’m going to re-share that here. It’s a relatively easy process, and saves you from having to call to HPE support and waiting for PointNext to come replace it.

My screenshots below are based on a DL380 Gen9. As near as I can tell, this works on both Intel and AMD based Gen9 and Gen10 servers (I have definitely tested it on DL360 Gen9, DL360 Gen10, DL380 Gen9, DL380 Gen, DL325 Gen10 and DL385 Gen10). So just because the screenshots below may not look exactly like your system, the same basic steps will apply.

And as always before I begin:

Use any tips, tricks, or scripts I post at your own risk.

First, you need to extract the current firmware from the HPE executable with 7-Zip. Ideally you’ll want just the firmware .bin file in it’s own folder.

Next open Internet Explorer, log into the ILO and opened the .NET ILO console. Reboot the server to the RBSU and select embedded applications.

From the Virtual Drives drop down menu, select Folder. If you do not see Folder listed there, then you did not use Internet Explorer and / or the .NET ILO console, which is required to be able to mount a folder via the ILO.

Navigated to the folder where the extracted the firmware is and picked the folder that had the .bin file in it.

Select Firmware Update from the list of Embedded Applications, then select the adapter that requires reflashing from the list of devices.

*** Note that depending on the bricked-ness of the adapter – it may not actually appear as it’s real name – but it should be obvious which device it is by process of elimination.

At the Firmware Updates menu, select “Select a firmware file”   (**note – this particular 533FLR-T used in these screenshots is not bricked and the “Current Firmware Version” on this 533FLR-T is actually what I’m reflashing with, so the pictures may be differ slightly from what you see on screen)…

When prompted, select “[iLO Folder] iLO Virtual USB 1 : HP iLO Virtual USB Key”.

**Note – the naming of this varies depending on the BIOS version and generation of the Proliant – but the iLO Folder should be obvious in the list.

Select the firmware .bin file from the list presented…

**Note – with Gen10, I’ve noticed that sometimes the file names are truncated to 8.3, so this is why I suggest having only the .bin file in the folder presented via the ILO as it makes it alot easier to pick the right file then!

The new firmware file will load.  It generally about 10 to 15s.

Hit Start Firmware Update (as shown in the prior screenshot 3 above)…

The update process will take between 30 and 60s generally.

Once completed, exit back to the RBSU, and cold boot the host via the ILO.

Upon reboot – your Ethernet card will be back alive and ready to go again!

HOWTO: Mass delete photos and videos from an iOS device with @SkyjosApps #FTPManager

Recently, I decided to clean up my iPhone’s storage.  I had somewhere around 4500+ photos and videos on it, that had all been uploaded to my Dropbox account, and I really didn’t need them on my phone anymore.  The issue is that Apple’s iOS has no built in mechanism to delete all photos and videos on a device at once (with a “delete all” or “select all” button), so the end user is left with one of two options. Manually select each photo and delete it, or factory reset their device.  Now the funny thing is Apple provides a way to mass delete all the music on the device, but not all the photos, which is a pretty major blunder / oversight in my opinion.

I really didn’t want to reset to my device to defaults, so like you who are reading this post right now, I hit Google in search of a solution, but I never found a good one (until now if I may say so myself!!!).  I started to lean towards the factory reset to defaults, and as such, I began to document the apps I had on my phone so I could put back what I really needed afterwards.

One of the apps I have on my phone and utilize from time to time is FTPManager Pro (the free version is pictured below in my screen shots from both my iPad and iPhone) which is developed by Skyjos Co. Ltd.


When I opened up FTPManager on my phone, I noticed that Photo Library was an option (which I hadn’t really paid attention to previously).


Jumping into Photo Library allowed me to access my Camera Roll where I noticed an Edit button at the top of the screen.


Well guess what that Edit button does…  It gives you a “Select All” button at the bottom of the screen and a Delete button.


Sure enough – hitting Select All then Delete immediately deleted all my photos and videos (well, maybe not immediately since there were 4500+ items), freeing up several GB of space on my iPhone.

So the next time you run into a jam on your iOS device because you are low on space and need to mass delete your photos and videos without resetting your device to defaults, install FTPManager from Skyjos Co. Ltd. and use it’s mass delete feature.

Or better yet, just spend the $3 and purchase FTPManager Pro and support the developer who just saved you a whole bunch of time and trouble!

As always – Use any tips, tricks, or scripts I post at your own risk.

***Disclaimer – I have no affiliation with and have never had previous contact with Skyjos Co. Ltd other than I purchased their FTPManager Pro app some time ago and regularly use it because it’s a damn good app***

Do IT certifications even matter to customers anymore?


I’ve been in this business for almost 20 years now. Those of you who are IT professionals that have been around just as long will know what the term “paper certifications” mean. In the late 90s and early 2000’s Microsoft’s server business had taken off and so had demand for their certification program. It seems everybody wanted to hop on the bandwagon of Microsoft certifications, but the problem was not everybody had the necessary skill set to pass the certification exams. Many individuals went online to exam cheat sites and bought the exam answers. This allowed them to go take the exam and get a piece of paper that said they were certified; even if they had done nothing more than memorized the test questions. This is where the term “paper certification” came from – they had a piece of paper that said they were certified but in reality they had no idea what they were doing. Unfortunately this devalued the certification for the rest of us that actually knew what we were doing and who valued our achievements.  Most vendors police their certifications nowadays to catch cheaters, so while some paper certification individuals still exist today, they are not nearly as rampant as they were in the early 2000’s.

Fast forward 10 to 15 years and you arrive at today where customers and employers appear to have totally forgotten about asking for certifications from those who do work for them.  To be honest I’m not sure why customers stopped asking for certified individuals to work their accounts. I guess it could be a couple different things. Maybe they just think everybody has a certification on everything since back then everybody and their dog had a certification for Microsoft products. Or it could be they got burned by some of these individuals with paper certifications and they decided it no longer matters whether they ask for certified individuals – they think they are still going to get burned in the end (a damned if you do, damned if you don’t scenario).

Regardless of the reasons that customers and employers have stopped asking about certification, I’m here to tell you that both customers and employers are still being burned today – but for not asking. We see all the time when we meet perspective new customers and have to evaluate their current environment to get a baseline of where they are at. So what do I mean when I say burned? I am referring to the fact that it costs them time, money, and potentially data loss. I think these three items are probably self-explanatory but if not here’s what I believe.


This one should be pretty simple. If you are a customer buying a solution that hasn’t been checked or approved by an individual who is certified on the solution, then who’s to say the solution that you’re getting is going to work?  If it doesn’t work, it is going to cost you money to either replace it, upgrade it, or hire someone who is certified and knows what they are doing to install / fix it.


Time goes hand-in-hand with money. First, if the solution is not suited for what you actually require, then the whole process has been a waste of time because you just end up starting over to replace it. This in turn is going to cost you more money due to lost productivity. And if the individuals that are installing the solution are not certified on the product, then is going to take them more time to deploy the solution – assuming they can even get it working. And the more time they spend trying to deploy the solution, the more money they are going to charge you.  Unless they are like one national reseller’s deployment team I have heard of who just gets up and walks out the door when the allotted installation hours and budget are gone, whether or not the solution is working – it didn’t matter.  Incidentally, I later learned that neither the sales team nor the installation team were properly certified on the solution they sold customer.  Whoops – but case in point.

Data loss

This is probably the scariest one of the three. I can’t tell you the number of times I’ve seen solutions designed and deployed by uninformed individuals (who never took a single course or exam on the product they are trying to sell or install) with multiple potential single points of failure. It’s been my experience that poorly designed solutions tend to have a higher rate of data loss events, or situations of very poor performance from normally high performance components. It’s funny because most of the time when I talk to these clients afterwards they tell me they would’ve spent extra money to have a properly designed and deployed solution had they known the disaster awaiting them that were going to have with their current solution.

Certified Confidence

On a very regular basis, I am asked to speak to CEOs and the board of directors that they report to on various IT subjects – from explaining what a SAN is to demoing how dangerous a drive-by-download can be. Thanks to my training, certifications and knowledge, I have the confidence to stand at the front of the boardroom table and establish my credibility as an expert or specialist in the day’s subject in front of the CEO and board of directors. This better positions my employer to succeed and win more business as it builds the customer’s confidence that I know what I’m talking about and that whatever I am proposing is correct for them.

Know your vendors

Vendors (such as Hewlett Packard Enterprise, VMware, Veeam, and Citrix) usually provide special treatment to those of us who are certified on their products. This special treatment can be anything from sneak peaks of upcoming products and plans for the next generation, to a high level of technical support. This additional knowledge and treatment allows us to better service our customers – whether by allowing us to plan your environment out to take advantage of new technologies we know are coming 12, 18, or 24 months down the road, or by bypassing the level one support queue and getting right to the vendor’s support guys who have seen and know it all. And usually the special treatment affords us the ability to interact with and give direct feedback to the engineers that design the technology we are certified on. I’ve personally been in a feedback session with a design engineer where he took my feedback and literally (right in front of the rest of the audience in attendance) implemented my change request in the source code for the next release (if you use HPE ILO and it’s Advance License – you are welcome that you can cut and paste all 25 characters now at once to activate it instead of 5 x 5 like an old Windows product key!).

As a Hewlett Packard Enterprise Gold Partner, we are mandated to obtain and maintain certain certifications as part of our partner status to not only sell certain products, but deliver services on those same products.  Unfortunately for all of us, “Joe’s Taxidermy and Computer Repairs” in the basement of that house down on the corner of your street has a basic reseller status that also allows him to sell you that 3Par you’ve always dreamed about.  But what are the odds that Joe has had time in between stuffing deer heads and mount antlers on rabbits to go and get the training and certifications to provide you that level of service that you really need? Is he going to know the minimum number of drives per controller, per enclosure, or per node pair?  Is he going to know that the node interconnects in a 7400 are directional and as such can only be installed one way?  Is he going to know how to setup that new StoreOnce you just ordered?  What about best practices for replication with Veeam?  Or Golden Master image optimization for XenDesktop?  Likely not.

And not all vendor partners are equal.  Yes, that large international web-based e-tailor your love is likely certified on what you are looking for – but demand they have someone in your local region that is certified to look after your needs, instead of someone from the other side of the country, or even the other side of the world in some cases!

Your call to action!

If you are an end-user or customer reading this – then you need to demand those partners and resellers you are working with prove they have the proper certifications for the projects they are working on for you.  Do not just casually ask them about it – but rather demand they prove their certifications before they get one more penny (err – nickel for my fellow Canadians) from you.  The ITCC (Information Technology Certification Council) make it quite simple via the TechCertRegistry ( for certified individuals to share their validated certifications with potential employers and customers. Check it out – utilize it, demand it!

If you are reseller or other partner reading this – and you don’t have or believe in certifications, then please keep on doing exactly what you are doing now.  It will make your customers easier picking for the rest of us that do, and for that – we thank you!

Windows 2012 R2 is unable to connect to HP StoreOnce CIFS shares

I ran into this issue the other day with a new HPE StoreOnce deployment. When attempting to connect to a CIFS share on a StoreOnce appliance (it does matter if it is physical appliance or VSA) from a Windows 2012 R2 server, the following error is received “The account is not authorized to log in from this station”.


To fix this, navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters and set RequireSecuritySignature = 0  and then reboot Windows.  When Windows comes back up, you should now be able to browse the CIFS share on the StoreOnce appliance.


HOWTO: Generate and self-sign Wildcard SSL certs in Ubuntu

Generate a CSR:

openssl req -new -newkey rsa:2048 -nodes -sha256 -out wildcard.domain.fqdn.csr -keyout wildcard.domain.fqdn.key -subj "/C=your_country/ST=your_state/L=your_city/O=your_organization/CN=*.domain.fqdn"

View the CSR:

openssl req -text -in wildcard.domain.fqdn.csr

Sign the certificate:

openssl ca -in wildcard.domain.fqdn.csr -out wildcard.domain.fqdn.cer -config /path/to/openssl.cnf

Convert the certificate to PFX:

openssl pkcs12 -export -out wildcard.domain.fqdn.pfx -inkey wildcard.domain.fqdn.key -in wildcard.domain.fqdn.cer

Covert the certificate to PEM:

openssl pkcs12 -in wildcard.domain.fqdn.pfx -out wildcard.domain.fqdn.pem -nodes