Backtrack:  
 
showing all posts
edited by on July 23rd 2019, at 09:54
To quickly generate a self-signed certificate, follow the steps below. Note that self-signed certificates should be avoided in production environments.

Generate the private key (here, 1024-bit is used, but you can change that to lower/higher):

openssl genrsa –out ca.key 1024

Generate the certificate signing request:

openssl req –new –key ca.key –out ca.csr

You will be asked for information to include in the signing request:

Country name (2 letters)

State or province

Full locality name (city)

Organization name

Department / organizational unit

Common name (or distinguished name): should be set to the FQDN of your server

E-mail address: set to a local contact (usually the sy  ...
edited by on June 7th 2019, at 11:22

If you need to rename all folders and files to lowercase on a case-sensitive filesystem (e.g. ext4 on linux), you can use the following at the bash prompt:

If rename is available (if you have Perl installed, then it usually is):

find . -depth -exec rename 's/(.*)\/([^\/]*)/$1\/\L$2/' {} \;

If you can't use rename, try this:

for SRC in `find my_root_dir -depth`
do
    DST=`dirname "${SRC}"`/`basename "${SRC}" | tr '[A-Z]' '[a-z]'`
    if [ "${SRC}" != "${DST}" ]
    then
        [ ! -e "${DST}" ] && mv -T "${SRC}" "${DST}" || echo "${SRC} was not renamed"
    fi
done
edited by on May 13th 2019, at 13:48
It may happen (on badly configured SQL Servers) that the event log for maintenance plans fills up your storage and that it is no longer possible (because the volume is full) to use a task to clear the history. In that case, you can use the script attached to manually clear out the data.

The maintenance plan history is stored in the system database MSDB. If maintenance plans are defined and there's no task to occassionally clear the history, it will continue to fill up the database (and the volume it is on). If there's insufficient disk space, manually running the clean up task will fail because it will temporarily require additional space. The attached script drops some specific constraints  ...
edited by on May 2nd 2019, at 13:50

Attached is Microsoft's latest password guidance document.

With the application of the guidelines in this document, you should be able to get better overal security without compromising too much of the user-friendly experience.

edited by on April 24th 2019, at 13:47
Sometimes, when working on servers, you may need an USB stick to get some data over quickly. If you're working remotely on servers in a datacenter somewhere, this may not be easy. Fortunately, the remote management tools such as HPE's iLO or Dell's iDRAC provide the ability to connect virtual removable media, allowing you to map an image file as a "virtual USB stick". Although this is very neat, it still leaves you with one issue: how to get your files on such a removable media image. There are several useful tools which allow you to quickly create an USB image but one such method can also be achieved on linux systems with some of the native tools present.

The easiest method would  ...
edited by on March 25th 2019, at 13:33
You can reset the root password of any (recent) VMWare appliance, such as the vCenter Server Appliance (VCSA), or Platform Services Controller (PSC) by following the procedure outlined here. Note that you will need to have physical or console access to perform the reset. The reset also requires a restart of the appliance so you'll need to schedule downtime for it.

First of, take a snapshot or backup of the virtual appliance before proceeding. In case the reset should fail, you'll always have a backup to go back to.

Restart the appliance. Right after the BIOS screen, the PhotonOS splash screen will appear for a few seconds.

During this time, press e to enter the GNU GRUB edit menu, allowin  ...
edited by on March 25th 2019, at 12:15
You can change the default shell (used when logging on with VMRC or through SSH). By default, this is set to the appliance shell, providing limited functionality. If you rather have BASH as the default shell, you can switch this.

Log on through SSH or VMRC with the root account.

If shell access hasn't been activated yet, run this first:

shell.set --enabled true

If you are running the appliance shell, type shell to launch the BASH shell.

In the BASH shell, at the prompt, type the following to change the default shell to BASH (instead of the appliance shell):

chsh -s /bin/bash root

You'll need to log out for the changes to take effect. The next time you log in, you will log on directly   ...
edited by on March 21st 2019, at 12:24
The quickest way to enable auto-logon on Ubuntu 16.04+ and Debian (which are using systemd for management of their services) is by creating an override for the getty service, specifically for tty1 (or another tty if you prefer).

First, determine which tty you wish to have the auto-logon on. These are the terminals linked to the Alt+Fn keys, so tty1 = Alt+F1, tty2 = Alt+F2. The default is always tty1.

Next, create an override by typing:

sudo systemctl edit getty@tty1.service

This will open up a text editor where you can adjust the parameters like so:

[Service]ExecStart=ExecStart=-/sbin/agetty --noissue --autologin myusername %I $TERMType=idle

Replace myusername with the account you wish  ...
edited by on March 13th 2019, at 13:49

Currently, it is not possible to configure the DNS suffix (search domain) for SSL VPN and IPSEC tunnels through the GUI, but it can be configured using the CLI.

For SSLVPN:

config vpn ssl settings
set dns-suffix example.com example.org
end

For IPSEC:

config vpn ipsec phase1-interface
set domain example.com
end

Changes are effective immediately. After configuring the setting, users will be able to resolve names using single names instead of FQDN.

edited by on February 8th 2019, at 10:04

An excellent TechNet-article explained how rules are evaluated in Windows Firewall, specifically in what order and which rules take precedence over others.

https://social.technet.microsoft.com/wiki/contents/articles/13894.troubleshooting-windows-firewall-with-advanced-security-in-windows-server-2012.aspx#Rules_are_evaluated_in_a_specific_order

edited by on February 8th 2019, at 10:02

If for some reason the deployment of the VMWare vConverter agent fails, you can also copy the installer to the machine you wish to P2V and manually install it.

On the machine VMWare vConverter is installed, navigate to the location where it's installed (by default: C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone), and look for the file VMware-Converter-Agent.exe. Copy over this file over to the target machine and run it to install the agent. Accept the defaults, including the TCP-port (unless your setup requires you to change it). Once finished, a service will have been installed and you will be able to connect to it using vConverter.

edited by on January 29th 2019, at 12:03

Found this article online about how vSphere virtualizes NUMA and how this is relevant to the configuration of vCPUs in your VMs:

https://www.opvizor.com/decoupling-of-cores-per-socket-from-virtual-numa-topology-in-vsphere-6-5

edited by on January 11th 2019, at 10:04

In the event of migrating your old vCenter Server to a new version (or from Windows to the appliance), it may become necessary to first clear out old historical data. Not only will this speed up the migration process considerably, it will also prevent certain issues which may block the migration from completing successfully.

VMWare provided a KB with database scripts which allow you to selectively purge historical data and decreasing the database size: KB 2110031.

edited by on January 11th 2019, at 09:06

The Barracuda VPN Client does not work properly on macOS Mojave: after connecting the VPN, the UI crashes and restarting it immediately makes it crash again. The VPN tunnel itself does work, but other than manually killing the process (kill -9), it is not possible to terminate the tunnel (other than rebooting of course).

An updated version of the client, Barracuda VPN Client 5.0.2.5 for macOS is available which resolves these issues.

edited by on January 4th 2019, at 16:40
Handbrake offers the ability to convert copy-protected DVD's (aka "rip") too. It is not able to do this out of the box, but instead, relies on a specific library called libdvdcss. This library is installed by default when you also use VLC media player, but a version compatible with Handbrake is also available for download.

For Mac OSX, an installer was made available to easily install the library and have Handbrake use it, but due to the write-protection of system folders, introduced with macOS High Sierra, this method no longer works. As a result, it became difficult to use Handbrake. Fortunately, there are a number of workarounds and other methods of installing the library, whic  ...
edited by on December 20th 2018, at 15:10
On Windows Server 2016, when attempting to enter a full edition product key on an evaluation edition, you will get the error: "This edition cannot be upgraded". Fortunately, you can workaround the issue by "upgrading" via DISM (a built-in command-line tool).

Note that you will have to reboot the server when performing the upgrade, so schedule some downtime for it. Also, you cannot only convert full GUI versions of Windows Server. Server Core or Nano Server cannot be upgraded. Additionally, if you have the ADDS role installed, you need to uninstall this role before performing the upgrade.

Start an elevated command prompt, then type in the commands listed below.

First, m  ...
edited by on December 20th 2018, at 11:17
Starting or stopping the SSH service on multiple ESXi hosts can be a tedious job when having to do this via the vSphere (Web)Client. Fortunately, you can also use PowerCLI to start/stop services quickly. With a little scripting, you can expand this to start/stop services on a set of hosts, a cluster, or the entire vCenter.

First, start PowerCLI and make a connection to the vCenter. For automation, you can use something like this (note that you have to add code for credentials, if needed):

if (-not (Get-PSSnapin VMware.VimAutomation.Core -ErrorAction SilentlyContinue)) { Add-PSSnapin VMware.VimAutomation.Core | Out-Null }Connect-VIServer vcenter.domain.local

Once that's done, you can ga  ...
edited by on November 20th 2018, at 12:23

A nifty little feature of the Yealink IP Phones the ability to display the contents of the LCD via the management page.

Access the web management page, and after authenticating, change your browser URL to http://IP_of_phone/screencapture. Refresh the browser to update the capture.

This works on the following models: SIP-T48G, SIP-T46G, SIP-T42G, SIP-T41P, SIP-T29G, SIP-T28P, SIP-T27P, SIP-T26P, SIP-T23G, SIP-T23P, SIP-T22P, SIP-T21P E2.

edited by on November 19th 2018, at 11:07

The following default passwords are used for HP 3PAR storage systems:

UsernamePasswordUsed for
3paradm3pardataManagement port (MGMT) for admin control
Setupusr / root(blank)SP initial default credentials (before config)
Spvar3V#rparSP default credentials (after config)
3parcust3parInServSP default credentials, meant for customers to use
edited by on October 26th 2018, at 13:29

You can easily update your vCenter Server Appliance (VCSA) offline by downloading a product patch ISO and via the CLI.

Download the latest patch from VMware Patch Download Center. Select VC from the Search by Product drop-down menu, then select the correct version (i.e. 6.0 or 6.5). Download the patch ISO and attach it to the VCSA.

Log in to the shell (using SSH or VMRC) and initiate the update:

  1. Stage the ISO updates:
    software-packages stage --iso --acceptEulas
  2. Optionally, you can view the list of packages to be updated:
    software-packages list --staged
  3. To install the updates, run:
    software-packages install --staged

After the update has finished, you will have to reboot the VCSA.

showing all posts
 
 
« December 2024»
SunMonTueWedThuFriSat
1234567
891011121314
15161718192021
22232425262728
293031    
 
Links
 
Quote
« If the batteries of a TV remote run out, why do we press the buttons so much harder? »