Backtrack:  
 
showing all posts
 
edited by on July 13th 2023, at 10:28
There are several ways of booting a Windows system into Safe Mode. But if you're no longer able to boot into the system to turn on Safe Mode, and the system doesn't automatically boot into safe mode, you're usually only left with a single option: using a Windows Installer USB or DVD/ISO to enable Safe Mode.

To accomodate this, you'll need a bootable USB-key, DVD or ISO image (if you're running a VM).

Start up the system, booting from the bootable media. Because you already have Windows installed, you will need to hit Enter in time to boot from the bootable media.

When Windows Setup has started and the button "Install now" appears, click on the Repair your computer link at the bo  ...
edited by on October 14th 2022, at 14:41
In order to install a fresh copy of Windows Server on a VM with the VMWare Paravirtual SCSI controller, as the driver for the PVSCSI adapter is not included in the default Windows Server ISO, you would use the built-in floppy images to make the PVSCSI driver available during the installation, avoiding the need to install using a different SCSI controller and then swap the controller after the installation of the guest OS and VMWare Tools.

To facilitate this, you would add a virtual floppy drive, connect the correct floppy image containing the PVSCSI driver, and then load the driver during the disk selection portion of the installation wizard. Unfortunately, since the deprecation of the Flas  ...
edited by on September 1st 2022, at 10:01

Here's a list of direct download links to the latest macOS installers. They are all links to Apple's servers, either direct links to the App Store, or, in case of older versions, links to Apple's CDN.

Direct links to App Store:

Older versions are only available as DMG files from Apple's CDN:

edited by on November 8th 2021, at 17:14
Coredumps are used for analysis and debugging if/when a ESX host "crashes" with a "kernel panic". This is visualized by a purple screen (often called PSOD, similar to Windows'es "Blue Screen Of Death").

VMWare ESX 5.5 and newer introduces the ability to perform coredumps to a file instead of a partition.

To configure this, you need access to the ESX host's CLI (either through vSphere Management Assistant (vMA), directly on the host through console or SSH, or some other method). For this to work, you need "root" access (or the equivalent of it through vMA).

Once logged on, take a directory listing of the VMFS datastores to determine on which datastor  ...
edited by on August 18th 2021, at 13:53
Occassionally, the vCenter may run out of disk space on a specific disk, in which case it may become necessary to resize it. While there are many articles written about resizing a disk (like this), VMware also provides a very useful auto-resize script which automatically does the work for you, significantly improving the user experience even to those who are not familiar with resizing partitions and/or LVM in Linux. The best part is that it can be done online, so no need to stop services.

Log on to the vCenter console through SSH or through VMRC using the root account. If you wish to use SSH, you may need to enable it first through VAM.

Determine which virtual disk needs resizing. VCSA use  ...
edited by on June 23rd 2021, at 16:17
Here's a list of common installation options for Cylance. Note that they can also be used with the Cylance Unified installation MSI. Replace <PIDKEY> with the tenant's installation key.

New tenant installation (so Cylance will be running in "learning mode" for a few weeks), where clients are using Windows Defender as the primary AV:

msiexec.exe /i "CylanceProtect_x64.msi" ALLUSERS=1 /qn /norestart /log output.log PIDKEY=<PIDKEY> LAUNCHAPP=1 REGWSC=0

Existing tenant (which is past the "learning period") or a new tenant where clients are using another (supported) anti-virus as the primary AV:

msiexec.exe /i "CylanceProtect_x64.msi" ALLUSE  ...
edited by on May 3rd 2021, at 13:36
Despite of Cylance being supported on macOS 11 Big Sur since build 1580, you may encounter an issue where Cylance would still show a red dot in its icon in the menu bar, and opening the GUI would still show this error message:

Driver Failed To Connect, Device Not Protected

To resolve this, you need to give the agent and the new Cylance ES Extension full disk access:



On macOS Catalina and earlier, Cylance used kernel extensions, providing full disk access via the macOS kernel. Because of the deprecation of kernel extensions and the subsequent introduction of the new system extensions mechanism introduced in macOS 11 Big Sur, you need to explicitly allow full disk access to the system ext  ...
edited by on May 3rd 2021, at 13:07
macOS installers come equipped with a script (called createinstallmedia) to create a macOS bootable USB installer drive. But sometimes it may be necessary to create a bootable ISO. The process is similar as we will use a DMG image instead of a physical drive to create the installer, which can then be converted to ISO.

Follow these steps to get the work done:

First, download the macOS installer of your choice (direct links to most installers can be found in this article). Note that you need to do this on a supported Mac with an Apple ID. The installer app will be placed in your Applications folder.

After downloading, the installer will automatically be launched: ⌘ + Q out of it.

Fir  ...
edited by on April 30th 2021, at 09:26

If you ever need to perform connectivity troubleshooting and need to see whether a Dell server's iDRAC can reach a certain IP, you can use the iDRAC diagnostics command function to perform a "ping":

edited by on April 30th 2021, at 09:16
By default, the Palo Alto GlobalProtect client automatically starts after logging into your macOS and tries to auto-connect (if configured). This may not always be desirable and there's no real straightforward way to disable auto start from the application itself. Fortunately, as with many auto-start apps on macOS, you can disable auto start through the launch agent files.

Launch agents define what software to start at logon. The global ones (i.e. applicable to all users on a Mac), are located at /Library/LaunchAgents. Although they have the extension .plist, they are in fact XML-files and can be edited with any plain text editor. Note that if you are editing global launch agents, you will   ...
edited by on April 29th 2021, at 14:52
Newer versions (starting from 5.1.7) of the Barracuda VPN client are also available on the Mac App Store. Upon installing via Mac App Store (or via direct download from Barracuda website), you'll notice that the connection profiles are gone and that only the standard default profile is present. This is because the new version looks for the configuration profiles in a different location so as to be compliant with requirements for apps on the App Store. Luckily, the old configuration files still exist and a simple relocate of the required file will bring back your profiles.

In older versions, everything about the Barracuda VPN clients, such as profiles, license files, etc. were stored directl  ...
edited by on April 22nd 2021, at 10:40

In the past, whenever you needed to reset the machine (computer) account password for a computer joined to an Active Directory domain, you could use netdom.exe to perform the task. While this no longer exists in Windows 10, you can also perform the task through Powershell:

Reset-ComputerMachinePassword -Server dc.domain.local -Credential (Get-Credential)

Replace dc.domain.local with the FQDN of a domain controller, or simply type the domain name (domain.local) to automatically select a domain controller. When running the cmdlet, you will also be prompted to enter the credentials of an account which is delegated to reset the computer account password of this particular machine.

edited by on March 18th 2021, at 16:22

If you are annoyed by the Notification Manager for Adobe Creative Cloud and/or are using VDI and want to get rid of it, use this PS one-liner:

Get-AppxPackage -AllUsers *AdobeNotificationClient* | Remove-AppxPackage -AllUsers
edited by on March 18th 2021, at 12:36

With PowerCLI it is very easy to get a list of provisioned storage for a list of VMs:

Get-VM | Select-Object Name,@{n="ProvisionedGB"; e={(Get-HardDisk -VM $_ | Measure-Object -Sum CapacityGB).Sum}}

You can combine this with other cmdlets to limit the search to a specific folder, datastore, etc...

To get a complete sum of all the VMs, add | Measure-Object -Sum ProvisionedGB at the end.

edited by on March 15th 2021, at 16:46
The most easy way to debug the sending of the FortiToken activation e-mails from a FortiGate firewall is by using the CLI debugging tools. The sending of activation e-mails is part of the alerts e-mail system so we need to enable debugging on that system.

To enable debugging from the CLI:

diag debug resetdiag debug enablediag debug console timestamp enablediag debug application alertmail -1

Sending the activation e-mail will output the e-mail contents and the SMTP session. Particularly useful are the SMTP return codes after each SMTP command. See this page on Wikipedia to see a list of return codes.

The debug session will remain active for 30 minutes after which it will stop automaticall  ...
edited by on March 15th 2021, at 09:28

When configuring a provisioning link (e.g. for 3CX) in DHCP server on a Draytek firewall, and are using certain phones (particular Snom), you may run into the issue where the firewall is complaining about illegal characters when attempting to add the link through the web interface.

The solution is to configure the option through the CLI. Log in using either telnet or SSH (whichever is enabled), and type:

srv dhcp option -e 1 -i 1 -c 66 -v http://192.168.1.10:5000/provisioning/ajehdukzidueh/cfg{mac}

Take particular care to the -i option, which defines the LAN subnet to be used: in this case, 1 references LAN 1 on the Draytek.

edited by on February 19th 2021, at 09:54

You can enforce a password change for Office 365 (Azure AD) users without having to reset the password through Powershell.

For a single user:

Set-MsolUserPassword -UserPrincipalName user@domain.com -ForceChangePasswordOnly $true -ForceChangePassword $true

To force all users to change their password:

Get-MsolUser -All | Set-MsolUserPassword -ForceChangePasswordOnly $true -ForceChangePassword $true

You can also use filters ? {} to limit the password change enforcement to specific groups of users.

Note that it is recommended to also use Revoke-AzureADUserAllRefreshToken to end all current open sessions, and immediately enforcing the user(s) to log in again and change their passwords.

edited by on February 18th 2021, at 17:35
Offline installation of PowerCLI module is possible by following these easy steps:Uninstall all older PowerCLI software (6.5R1 or earlier).

Download the PowerCLI offline bundle (ZIP-file) from the PowerCLI home page.

Transfer the ZIP to the machine on which PowerCLI is to be installed.

Open Powershell on the target machine.

To determine the modules folder paths, run this:$env:PSModulePath

The modules will have to be extracted in one of the folders from the output of the above command. Both user-based and machine-based installation is possible (e.g. C:\Windows\System32\WindowsPowerShell\v1.0\Modules).

Extract the contents of the ZIP file directly into the folder.

For Windows, run this   ...
edited by on January 25th 2021, at 09:34
When using credentials in Powershell, you usually use Get-Credential, which essentially creates PSCredential objects. Creating such an object prompts the user to enter a username and password, which is not really usable in unattended scripts. There's a method where you can specify an unencrypted password but this is not secure. Fortunately, there's also a method where you can store the encrypted password in a file and use it to set the password.

Note
Note that the password is stored in the file using a computer-based encryption key. This means that the file would only work on the computer it was generated on. Trying to use it elsewhere would invalidate the password file.

To create a passwo  ...
edited by on December 9th 2020, at 11:02
I had an issue where a forwarder service would not work even though all settings were correctly configured (firewall/LM/real server). When troubleshooting using on the LM itself (using tcpdump), I noticed that forwarded requests (from the LB to the real server) were been sent out using the right interface but with the wrong source IP, causing return traffic not to work. As it was a migration from an older Kemp LM, I established the configuration was indeed correct but there was another reason why it was not working.

After some more troubleshooting and comparing against the backup from the original LM (backup files are in fact TGZ-archives and can be unpacked), and found these settings to be  ...
 
showing all posts
 
 
« November 2024»
SunMonTueWedThuFriSat
     12
3456789
10111213141516
17181920212223
24252627282930
 
Links
 
Quote
« You only find out who is swimming naked when the tide goes out. »
Warren Buffett