I am looking for a way to re-generate the default hostname on Windows, or to know how it is been generated to set it as hostname when it has been changed already.
Those usually looks like DESKTOP-ABCDEFG where the 2nd part is like a serial number.
I have a PowerShell script that is running many msdeploy concurrently on multiple remote servers using Powershell Workflow.
Everything works fine except that at the end of each "Foreach -Parallel" loop, I get this exception:
Microsoft.PowerShell.Utility\Write-Error : The workflow was terminated by a Terminate activity.
At Execute-Bootstrapper:28 char:28
+
+ CategoryInfo : NotSpecified: (:) [Write-Error], WorkflowReturnException
+ FullyQualifiedErrorId : Microsoft.PowerShell.Workflow.WorkflowReturnException,Microsoft.PowerShell.Commands.Writ
eErrorCommand
+ PSComputerName : [localhost]
How can I fix this ? Is there a specific way to end a workflow ?
Here is the part related to the parallel execution :
foreach -Parallel ($remoteHost in $selectedHosts) {
if($Env:FULL -eq "true") {
$process = Start-Process -PassThru -Wait -NoNewWindow "C:\Program Files\IIS\Microsoft Web Deploy V3\msdeploy.exe" "xxx --full"
} else {
$process = Start-Process -PassThru -Wait -NoNewWindow "C:\Program Files\IIS\Microsoft Web Deploy V3\msdeploy.exe" "xxx"
}
if($process.ExitCode -ne 0) {
Exit $process.ExitCode
}
}
Thank you.
When looking at my Observium monitoring, I just found strange results on this graphs "IPv6 Packet Statistics", this server is on a IPv4 network with IPv6 disabled on the server itself with :
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
Here is the graph:
When looking on the routes , I still find IPv6 routes (look 6to4) :
ip -6 route show
unreachable ::/96 dev lo metric 1024 error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable ::ffff:0.0.0.0/96 dev lo metric 1024 error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:a00::/24 dev lo metric 1024 error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:7f00::/24 dev lo metric 1024 error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:a9fe::/32 dev lo metric 1024 error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:ac10::/28 dev lo metric 1024 error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:c0a8::/32 dev lo metric 1024 error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:e000::/19 dev lo metric 1024 error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 3ffe:ffff::/32 dev lo metric 1024 error -101 mtu 16436 advmss 16376 hoplimit 4294967295
fe80::/64 dev eth0 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 dev eth1 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 dev eth2 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 4294967295
Is this normal that I still have IPv6 routes and IPv6 traffic without any IPv6 interface or IPv6 network and IPv6 disabled at Kernel level ? (::1 don't ping)
I currently begin to deploy Windows servers facing the web.
And I would like to know what are you way of protecting your servers ? What softwares are you using ?
On Linux, i'm using Fail2ban to prevent bruteforce and Logwatch to get daily reports about what's going on on my servers. Are there any equivalents of those softwares on Windows ? If not, what do you recommend to use to protect the server ?
I've setup a network monitoring using Observium but I see something really strange, on 3 buildings (2 Production laboratories and 1 office) (There are no servers connected on those switchs), the network is more loaded at night than at day .
Here are the graphs (one per building, this is the global traffic on the whole switch) :
On those swith are connected :
- Desktops (should be shutdown at night)
- Wyse client (same thing)
- CCTV
- Printers
- Environment monitoring
Have you any idea of what can this be ?
Thank you
I currently have the idea to deploy IPv6 on the corporate network of my enterprise. But my boss (CIO) asked me what the benefits are? And I did not have an answer.
So what could I say to make the case for IPv6?
It will run in dual stack with IPv4.
We use firewalls, VPN, and multiple WAN connections.
I am trying to configure a Fortigate 60C to act as an IPSec endpoint for remote VPN.
I configured it like this :
SCR-F0-FGT100C-1 # diagnose vpn ike config
vd: root/0
name: SCR-REMOTEVPN
serial: 7
version: 1
type: dynamic
mode: aggressive
dpd: enable retry-count 3 interval 5000ms
auth: psk
dhgrp: 2
xauth: server-auto
xauth-group: VPN-group
interface: wan1
distance: 1
priority: 0
phase2s:
SCR-REMOTEVPN-PH2 proto 0 src 0.0.0.0/0.0.0.0:0 dst 0.0.0.0/0.0.0.0:0 dhgrp 5 replay keep-alive dhcp
policies: none
Here is the configuration:
config vpn ipsec phase1-interface
edit "SCR-REMOTEVPN"
set type dynamic
set interface "wan1"
set dhgrp 2
set xauthtype auto
set mode aggressive
set proposal aes256-sha1 aes256-md5
set authusrgrp "VPN-group"
set psksecret ENC xxx
next
config vpn ipsec phase2-interface
edit "SCR-REMOTEVPN-PH2"
set keepalive enable
set phase1name "SCR-REMOTEVPN"
set proposal aes256-sha1 aes256-md5
set dhcp-ipsec enable
next
end
But when I try to connect from a remote device (I tested with an Android Phone), the phone fail to connect and the fortinet return this error :
2012-07-20 13:08:51 log_id=0101037124
type=event
subtype=ipsec
pri=error
vd="root"
msg="IPsec phase 1 error"
action="negotiate"
rem_ip=xxx
loc_ip=xxx
rem_port=1049
loc_port=500
out_intf="wan1"
cookies="xxx"
user="N/A"
group="N/A"
xauth_user="N/A"
xauth_group="N/A"
vpn_tunnel="N/A"
status=negotiate_error error_reason=no matching gateway for new request
peer_notif=INITIAL-CONTACT
I tried searching on the web, but i did not find anything revelant to this.
Do you have any idea of what can be the problem ? I tried many combinaisons of settings on the fortigate without success..
I would like to know if there is not Fortigates an equivalent of the packet-tracer command that we can find on the ASA.
Here is an example of execution for those who don't know it:
NAT and pass :
lev5505# packet-tracer input inside tcp 192.168.3.20 9876 8.8.8.8 80
Phase: 1
Type: ACCESS-LIST
Subtype:
Result: ALLOW
Config:
Implicit Rule
Additional Information:
MAC Access list
Phase: 2
Type: ROUTE-LOOKUP
Subtype: input
Result: ALLOW
Config:
Additional Information:
in 0.0.0.0 0.0.0.0 outside
Phase: 3
Type: ACCESS-LIST
Subtype: log
Result: ALLOW
Config:
access-group inside-in in interface inside
access-list inside-in extended permit tcp any any eq www
access-list inside-in remark Allows DNS
Additional Information:
Phase: 4
Type: IP-OPTIONS
Subtype:
Result: ALLOW
Config:
Additional Information:
Phase: 5
Type: VPN
Subtype: ipsec-tunnel-flow
Result: ALLOW
Config:
Additional Information:
Phase: 6
Type: NAT
Subtype:
Result: ALLOW
Config:
object network inside-network
nat (inside,outside) dynamic interface
Additional Information:
Dynamic translate 192.168.3.20/9876 to 81.56.15.183/9876
Phase: 7
Type: IP-OPTIONS
Subtype:
Result: ALLOW
Config:
Additional Information:
Phase: 8
Type: FLOW-CREATION
Subtype:
Result: ALLOW
Config:
Additional Information:
New flow created with id 94755, packet dispatched to next module
Result:
input-interface: inside
input-status: up
input-line-status: up
output-interface: outside
output-status: up
output-line-status: up
Action: allow
Blocked by ACL:
lev5505# packet-tracer input inside tcp 192.168.3.20 9876 8.8.8.8 81
Phase: 1
Type: ROUTE-LOOKUP
Subtype: input
Result: ALLOW
Config:
Additional Information:
in 0.0.0.0 0.0.0.0 outside
Phase: 2
Type: ACCESS-LIST
Subtype:
Result: DROP
Config:
Implicit Rule
Additional Information:
Result:
input-interface: inside
input-status: up
input-line-status: up
output-interface: outside
output-status: up
output-line-status: up
Action: drop
Drop-reason: (acl-drop) Flow is denied by configured rule
Is there any equivalent on the Fortigates ?
I just got a refurbished ASA 5505.
It works fine until un need to reload it or unplug it from power and replug it, when I do this and it's warm (even after some minutes of uses, so still physicaly cold while touching it), in this case, it simply reboot in chain withing 1 or 2 seconds. I have to unplug it from power and wait 5 minutes before replugging it to power (maybe to let it cold or to empty the capacitors ?).
I don't know if it's a problem from the power supply (that makes some noise, but I think it's normal), I tried loading more the power supply by plugin in some PoE device (Cisco 7940G) and it works fine, so it looks more like it's a problem on the ASA itself.
I posted a video of it's reboot cycles... and nothing show on the console port.
Do you have any idea of what can be the problem ? Must I send it back to the vendor ?
I tried updating the ASA image, but this don't changes anything.
Thank you
EDIT: I also see an orange LED inside.
I have a problem, I have a Cisco 1841 running Cisco IOS 15, and I get strange behavior. The CPU usage is shown as 40%, but there is no processes that is using this much CPU power.
Here is an example:
lev1841#show processes cpu sorted
CPU utilization for five seconds: 41%/39%; one minute: 42%; five minutes: 32%
PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process
96 88 147299 0 1.11% 1.04% 0.92% 0 Ethernet Msec Ti
117 40 36582 1 0.15% 0.19% 0.17% 0 IPAM Manager
240 28 36535 0 0.15% 0.14% 0.12% 0 MMON MENG
2 92 236 389 0.07% 0.04% 0.03% 0 Load Meter
183 24 1775 13 0.07% 0.02% 0.00% 0 CEF: IPv4 proces
140 8 4661 1 0.07% 0.02% 0.00% 0 SSS Feature Time
121 2236 1958 1141 0.07% 0.19% 0.17% 0 IP Input
176 4 1172 3 0.07% 0.00% 0.00% 0 RUDPV1 Main Proc
212 4 2287 1 0.07% 0.00% 0.00% 0 CCE DP URLF cach
95 8 6733 1 0.07% 0.03% 0.02% 0 Ethernet Timer C
lev1841#show processes cpu history
lev1841 04:11:07 PM Saturday Jan 14 2012 UTC
444444444444444444444444444444444444444444444444444444444444
333111111111111111111111111122222111111111111111111111111133
100
90
80
70
60
50
40 ************************************************************
30 ************************************************************
20 ************************************************************
10 ************************************************************
0....5....1....1....2....2....3....3....4....4....5....5....6
0 5 0 5 0 5 0 5 0 5 0
CPU% per second (last 60 seconds)
lev1841# show processes cpu extended
################################################################################
Global Statistics
-----------------
5 sec CPU util 41%/39% Timestamp 00:22:52
Queue Statistics
----------------
Exec Count Total CPU Response Time Queue Length
(avg/max) (avg/max)
Critical 1 0 0/0 1/1
High 683 0 0/0 1/2
Normal 462 8 0/4 1/7
Low 14 0 0/0 1/2
Common Process Information
-------------------------------
PID Name Prio Style
-------------------------------
95 Ethernet Timer C H New
96 Ethernet Msec Ti H New
CPU Intensive processes
-------------------------------------------------------------------------------
PID Total Exec Quant Burst Burst size Schedcall Schedcall
CPUms Count avg/max Count avg/max(ms) Count Per avg/max
-------------------------------------------------------------------------------
Priority Suspends
------------------------------------
PID Exec Count Prio-Susps
------------------------------------
95 38 19
96 644 19
Latencies
-------------------------
PID Exec Count Latency
avg/max
-------------------------
################################################################################
I can't find what is causing all this CPU load.
Can you help me ?
Here is some information on the router :
Cisco 1841 (revision 6.0) with 358400K/34816K bytes of memory.
System image file is "flash:c1841-adventerprisek9-mz.151-4.M1.bin"
The system has just been updated to IOS 15.4M1 from IOS 13.
Thank you.
I am trying to create a SSTP VPN on my Windows Server 2008 R2, I installed the Network Policies and Access Service, and the AD Certificate Autority service,
I create my root certificate and generated a Server authentication certificate (named with the FQDN of the server), validated it and installed it on the server, I also have installed the CA authority certificate on the client that I need to connect, but when I try to connect, I get this error
Could not build a certificate chain for CA certificate 0 for xxx.netyxia.net-DC-CA. A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider. 0x800b0109 (-2146762487).
(xxx.netyxia.net is the (altered) hostname), the certificate is deployed on both the server and the client.. I've searched for hours... and nothing :(
Any idea please ?
Thank you
I would like to know if there is a way to use Active Directory for Physical Access Control ?
Example: All users will have a RFID card or a fingerprint entry registered on the domain (linked to the user name), and I would like to secure the buildings (doorlock, airlock) using this and controlled by Active Directory (ex: authorizing a group to use some doors, disabling the user will make the RFID/Fingerprint ineffective, access logging)
Is this possible ? Thank you
Is there a way to share the sessions and the cache between multiple IIS7.5 servers that use ASP.NET MVC 2 ?
Something like that what we can easily do with Rails/Django and a memcached server.
It looks like the 'Web Farm mode' in the IIS control panel does that, but I'm not sure.
I am looking for a phone system that integrate well with an (almost) 100% Microsoft environment.
I would like something that can integrate with Exchange and Active Directory (in-phone searching/calling by name (is this possible using SIP ?), etc) and if possible something not too expensive (Bye bye Cisco !), what do you recommend me ? I've heard of 3CX as IPBX and Aastra as Phones, are they good for this ? Or do you know something else good at this ?
I've also seen some Alcatel IP Phones doing this (search by name, but I think that was a separated address book and not loaded from AD/Exchange)
I am looking for rackable servers that will run on Debian or Ubuntu Server with a manufactuer that provide .deb files for the systems tools (Like OpenManage or Insight Manager).
It looks like HP provide .deb for its last servers, but Dell does not...
What manufacturer do you have on your Debian/Ubuntu server ? What do you recommend ? Thank you ;)
I am looking for a Live Video Streaming solution.
The clients will be able to watch the video with a plugin (Flash or Silverlight), or a standalone application (Windows Media Player, FLV, etc).
But I can't choose between Microsoft Solution (Windows Media Server (MMS, RTSP) + Silverlight as client) or the Adobe solution (Flash Media Server (RTMP) + Flash/Flex).
The streaming is for short duration cast and will not be online 24/24h.
I tried both, and I found the cheaper version of FMS don't provide security to prevent users to register as published (you have to write custom module...), Windows Media Server provides this function.
We already have Windows Server licences. (So Windows Media Server will be "free" for us.)
What do you recommend? What is the best between Flash or Silverlight for Live Video Streaming?
Thank you!
I have a little problem, I have a server with Windows Server 2008 R2 Enterprise edition with the File Service installed, and a client with Windows 7 Pro.
Everything works fine but the file transfert via SMB from the client to the server is VERY slow, the network is gigabits and the transfer rate is not stable at all (I'm the only to use the network):
Server to Client : Stable, shown at ~44MBps
Client to Server : The shown speed is between 16MBps and 5MBps (Average = 10MBps), while looking on the network graph of the Task manager, I see a lot of peek, it send the file, stop for 1 or 2 seconds, continue to send the file, re-stop, etc...
Any idea of what can be this problem and how to fix it ? I checked the DNS but there isn't any Error. Thank you
EDIT: I tried with another computer as client (MacOsX), and same problem when uploading (but slower when downloading).
I have a little machine ( AMD Athlon 64 X2 2.1 GHz, 3GB of DDR2, 320GB disk space) that I use as a server,
I would like to convert it as an Hypervisor to host many little Linux Virtual Machines (between 128MB and 256MB of RAM per VM, just for some tests (I'm IT student)), but I don't know what solution choose (I need to host many servers softwares like Apache, Mysql/Postgresql, Samba, etc), I tried many :
VMWare Server: Not bad at all, compatible with all the other VMWare solutions (Workstation, Marketplace), good performances, but the Web UI is really buggy and that don't look very "scriptable".
XenServer: The Management Interface is really good, but I have very bad performances on Linux VM (Ubuntu Server take more than 30min to install instead of ~15min on VMWare server)
ProxmoxVE/OpenVZ: Really good solution, fit in 99% of cases, low memory overhead, fast, just perfect ! But there isn't a lot of compatible distribution (the Last Ubuntu server by example), but that not really a problem in my case, the real problem is the kernel, it's a bit locked, I wanted to create a iSCSI Target VM, but it's possible because that require kernel modification that are not allowed on this type of virtualization (Containers).
What do you recommend me ?
Thank you