Backtrack:  
 
showing all posts
 
by lunarg on August 24th 2018, at 15:14
In case of disaster, it is usually a very good idea to periodically back up the configuration of your network switches. This article lists syntax for backing up configuration to a TFTP server for different vendors.

In the syntax examples below, the IP for the TFTP is 1.2.3.4, and we're writing to the file switch.cfg.

Note that this article is definitely not complete. If you have additions to this article, please post them in the comments.

The syntax for Dell and Cisco switches is mostly the same. For N-series and PowerConnect, a summary is displayed which needs to be confirmed, which is not the case for Cisco and Dell S-series.

For Cisco Small Business (SF- and SG-series), the CLI ne  ...
by lunarg on August 21st 2018, at 14:44

Cisco's SF/SG 300/500 series managed switches have CLI access via Telnet and SSH but this is turned off by default, leaving only the web interface to manage the switch. You can enable Telnet and/or SSH via the web interface, enabling management via CLI.

  1. Log on to the web interface, then navigate to Security → TCP/UDP Services.
  2. Check the Enable boxes for Telnet Service and/or SSH Service. You can check both if you wish to enable both protocols. Click Apply, which will immediately start the selected services:
  3. Don't forget to save the configuration change to flash. Otherwise, the change will be lost after a reboot:
by lunarg on August 21st 2018, at 14:16
When installing tftpd-hpa, as a security measure, the service does not allow uploading new files. It does allow overwriting existing files, provided that the permissions are set correctly (as expected). The idea behind this is to secure TFTP a bit by only allowing uploads if the file already exists (and is writable). But this can be very tedious in some cases, where a lot of files have to be uploaded, and it is not possible to guess the names to create them in advance.

It is possible to configure tftpd-hpa to allow the creation of new files by adding the -c or --create parameter when starting the daemon.

For Ubuntu and Debian, this means editing the file /etc/default/tftpd-hpa, and adding   ...
by lunarg on August 21st 2018, at 11:20
To enable SSH on Dell Networking N-series (formerly known as Dell PowerConnect), you first have to generate the required private RSA and DSA keys. If you don't, you're met with a very secretive error message:

SSH could not be enabled.

To generate the keys, and configure and enable SSH, log on to the switch using the console cable or log on through Telnet:

Go into EXEC mode, then in CONFIG mode:

enableconfigure

Generate both the RSA and DSA keys:

crypto key generate rsacrypto key generate dsa

Now, you can enable the SSH server:

ip ssh server

Optionally: you can also change the default listen port:

ip ssh port 22

With more recent firmware versions, you are no longer able to   ...
by lunarg on August 16th 2018, at 10:13
MacPostfactor is a tool to install Mac OSX 10.8+ on older Macbooks that normally only support up to OSX 10.7 (Lion). It works through a combination of a highly customized installer, a replaced set of drivers and various frameworks, and the original installation app from the App Store. The installation can be done directly on a Macbook already running OSX Lion (so no USB disk required), or on an USB media for installation on another system.

You need an Intel-based Macbook capable of running OSX Lion (10.7) (otherwise your Mac is too old), but one that does not support OSX Mountain Lion (10.8) or higher. PowerPC-based Macs are not supported (they do not run OSX Lion).

The installer app of th  ...
by lunarg on August 8th 2018, at 15:03

Similar as on FreeBSD and Linux, you can add/remove static network routes through the command line with the route command. The syntax somewhat differs from Linux, though.

To add a route (e.g. subnet 192.168.3.0/24 to gateway 192.168.1.254):

sudo route -n add -net 192.168.3.0/24 192.168.1.254

To remove a route:

sudo route -n delete -net 192.168.3.0/24
by lunarg on July 12th 2018, at 09:47
When creating a SQL Server maintenance plan, the owner of the plan is set to the user logged in when the plan is created. If another user makes changes, the owner does not change. Sometimes it may become necessary to change the owner (e.g. if the owner's account is being disabled or removed). You can manually change the owner through the SQL Server Agent's Job Activity Monitor but changing it there is only temporary: changes to a maintenance plan will reset the owner back to the original one. Changing the owner from within the maintenance plan is not possible through the GUI, but there is a way to make the change through T-SQL statements.

The following queries need to be run against the msd  ...
by lunarg on July 10th 2018, at 14:46
A few steps to enable management of your Office 365 subscription using Powershell. One uses Powershell because not all configuration is available through the Office 365 Portal, and it's also useful for automation.

Note that the old method of installing the Azure Active Directory Module is deprecated. The only supported way is to install the cmdlets directly through Powershell, as described below.

UPDATE (2018-07-09): removed all deprecated information.

UPDATE (2016-04-20): updated links and information.

Download and install the Microsoft Online Services Sign-In Assistant.

Download and install Windows Management Framework 5.1.

Open an elevated Powershell, and run the following comma  ...
by lunarg on July 9th 2018, at 14:32
If you are using multi-factor authentication, it is not possible to use the old method of connecting to Exchange Online. You will have to install the Exchange Online Remote PowerShell Module, and use the Connect-EXOPSSession cmdlet to connect.

You can install the PowerShell module by following these instructions:

Log on to Exchange admin center.

In the left menu, click on hybrid.

Click the configure button for the Exchange Online Remote PowerShell Module. This will start the installation.

In the Application Install that appears, click the Install button.

A shortcut will be placed on your desktop which will start PowerShell with the required modules.

Start Exchange Online Remote PowerS  ...
by lunarg on July 9th 2018, at 14:30
You can manage Exchange Online through Powershell in a similar fashion as you would an on-premise Exchange. There are some differences between available cmdlets and what they do between on-premise Exchange and Exchange Online, but the majority are the same.

Using multi-factor authentication
The method mentioned below is deprecated and only works for non-MFA usage. If you are using multi-factor authentication, you will have to use the Exchange Online Remote PowerShell Module to connect to Exchange Online. Instructions can be found in this article.

Using PS remoting, the cmdlets for Exchange Online are imported through the internet, so first, you need to change the Powershell execution polic  ...
by lunarg on July 3rd 2018, at 14:58
When using VMware vConverter Standalone 6.1 or newer, performing a P2V may fail very early in the process with the following error:

Error
FAILED: A file I/O error occurred while accessing ''.

You can work around the issue by enabling Use proxy mode on the Destination System page at the conversion wizard. As an alternative workaround, perform the P2V directly to a ESX host.

The reason for the error has to do with the ESX host's certificate not being trusted when performing a P2V to a vCenter.

If the Use proxy mode does not resolve your issue, please check whether the FQDN of the ESX host is resolvable on the machine running vConverter. Even when using strictly IP addresses, the FQDN still  ...
by lunarg on June 18th 2018, at 12:17

The actual serial number of a Barracuda NG Firewall can be obtained remotely in two ways:

  • Log on locally using NGAdmin and read the serial number from the dashboard. The serial number shown there is the actual serial number, and not the configured serial number.
  • Log on locally using SSH and run hwtool -s will also display the actual serial number.
by lunarg on May 29th 2018, at 19:11

A very useful guide on how to download specific files (such as older versions of games) on Steam:

https://www.reddit.com/r/Steam/comments/611h5e/guide_how_to_download_older_versions_of_a_game_on/

by lunarg on May 2nd 2018, at 15:43
After performing actions which causes the SID to change (such as sysprep or a DC promote/demote), when opening an existing task in the task scheduler, you may encounter the following error:

Task Scheduler
General page initialization failed.
The specific error is:
"0x8007000d: The data is invalid." An error has occurredattempting to retrieve task account information.
You may continue editing the task object, but will beunable to change task account information.

As a result, it is also not possible to view or change the account information for the selected task.

To work around the issue, remove a saved RSA key, which has been invalidated with the change:

Stop the Task Scheduler s  ...
by lunarg on April 3rd 2018, at 13:38

DellEMC offers a free-to-try virtual appliance of DataDomain, allowing you to do a Try & Buy. You can download the appliance here:

https://www.emc.com/products-solutions/trial-software-download/data-domain-virtual-edition.htm

by lunarg on March 22nd 2018, at 16:34
On a fresh install of Windows Server 2012R2, not joined to a domain, the first network connection (obtained through DHCP) is always treated as a Public network. Normally, when joining a domain, the network connection then becomes a Domain network, but if the server will not be joined to a domain, you probably will want to set it to Private. Unfortunately, the Public Network link in Network Center is not clickable, and thus, cannot be changed. But you can make the change anyway through the Local Security Policy.

Through Powershell (preferred method):

Look up the name of the network interface (e.g. "Local Area Connection") in the network adapters list.

Open an elevated Powershell   ...
by lunarg on March 12th 2018, at 12:01

A very useful blog article about killing active sessions to a compromised Office 365 account:

https://blogs.technet.microsoft.com/cloudyhappypeople/2017/10/05/killing-sessions-to-a-compromised-office-365-account/

by lunarg on March 12th 2018, at 08:27

Starting from Windows 10 Creators Fall Update, you can use VT escape sequences to colorize the output to console. You can use this to colorize columns in Format-Table, too.

A sample snippet, colorizing the output based on the contents of the "Status" field:

$somelist | FT FirstName,LastName,@{l="Status";e={
    switch ($_.Status) {
        "OK" {$color = 92; break}
        "NOT OK" {$color = 91; break}
        default {$color = 93}
    }
    "$e[${color}m$($_.Status)${e}[0m"
}}

A complete list of color codes can be found here: https://docs.microsoft.com/en-us/windows/console/console-virtual-terminal-sequences

by lunarg on February 23rd 2018, at 11:19
When opening the EMC or EMS on an Exchange 2010 server, you may encounter this error:

Error
The attempt to connect to http://server.domain.local/Powershell user 'Kerberos' authentication failed: Connecting to remote server failed with the following error message: The WS-Management service cannot process the request. The system load quota of 1000 requests per 2 seconds has been exceeded. Send future requests at a slower rate or raise the quota for this user. The next request from this user will not be approved for at least X milliseconds.

To workaround the issue, perform a restart of IIS: open an elevated command prompt and run:

iisreset /restart

After the restart, you will be able to log  ...
by lunarg on February 12th 2018, at 13:36
When starting up SQL Server or Analysis Services on Server 2012, you may encounter errors in the Application event log, even though SQL Server itself seems to operate normally:

ESENT error 1032
sqlservr (3472) An attempt to open the file "C:Windowssystem32LogFilesSumApi.log" for read only access failed with system error 5 (0x00000005): "Access is denied. ". The open file operation will fail with error -1032 (0xfffffbf8).

These errors are logged due to insufficient permissions for the service startup accounts for SQL Server and Analysis Services when the services access the following folder for logging as a part of the Software Usage Metrics feature: C:\Windows\System32\  ...
 
showing all posts
 
 
« September 2018»
SunMonTueWedThuFriSat
      1
2345678
9101112131415
16171819202122
23242526272829
30      
 
Links
 
Quote
« Have you tried turning it off and on again? »
The IT Crowd