If you are running an unsupported RHEL/Centos distro you can get Sophos talpa modules enabled by installing the kernel modules to allow compilation.
yum install kernel-devel-`uname -r`
Then select the talpa modules again to build them
/opt/sophos-av/engine/talpa_select select
Also check on access scanning is enabled and running and start if not
/opt/sophos-av/bin/savdctl enable
service sav-protect status (Sophos Anti-Virus daemon is active)
/opt/sophos-av/bin/savdstatus (Sophos Anti-Virus is active and on-access scanning is running)
Check that AV is updated
/opt/sophos-av/bin/savupdate (Successfully updated Sophos Anti-Virus from sdds:SOPHOS)
Everything else should be configurable from Sophos Central
Friday, 22 May 2020
Tuesday, 29 October 2019
Installing Powershell 5 on older Windows servers
If you can't install modules due to an older Powershell install you can update to a newer version by installing WMF 5.1. Get it from here:
https://www.microsoft.com/en-us/download/details.aspx?id=54616
You will need a minimum of .Net 4.5.2 first though.
You'll also need a reboot after the install.
https://www.microsoft.com/en-us/download/details.aspx?id=54616
You will need a minimum of .Net 4.5.2 first though.
You'll also need a reboot after the install.
Thursday, 13 June 2019
Install Windows Updates from Powershell
To install you need to load this module:
Install-Module PSWindowsUpdate
Then to check which updates are available:
Get-WindowsUpdate
To then install all updates that are available:
Install-WindowsUpdate
Install-Module PSWindowsUpdate
Then to check which updates are available:
Get-WindowsUpdate
To then install all updates that are available:
Install-WindowsUpdate
Friday, 4 January 2019
Adding Exchange schema to AD so that Office 365 synced users can be hidden from address lists
Now that MS have removed the ability for users that were synced with AD to Office 365 to be 'cloud only' accounts (after a delete and restore user) this causes a few issues.
As the user accounts are still synced we must extend the AD schema to add additional Exchange properties that can be synced to Azure AD.
First find an install on the MS site for latest Exchange, you don't need a license as you're not actually going to install it.
Extract the package using 7-zip or similar into a folder.
Run the setup.exe with the following parameters on a domain controller with a user account that has admin privileges:
Setup.exe /IAcceptExchangeServerLicenseTerms /PrepareSchema
This will add the extended Schema, you may need to wait for all DC's to sync or user repadmin to force a sync.
A few quick powershell commands to set the parameters to hide old users from the address lists (after you have renamed them and set their emails to a none default domain, we use the test onmicrosoft.com one)
Set-ADUser -identity zzzzz -Add @{msExchHideFromAddressLists=$true}
Use the short login name for identity.
Once AD is synced to Azure AD you should find that the users mailboxes (we convert to shared mailboxes) are now set to not show in address lists.
You may need to Refresh the Directory Schema in your Azure AD Connect after installing the Exchange Schema and run a full sync. (Still seems to be issues here with it not synchronising, still investigating and will update ASAP)
UPDATE: You need to specifically add the hide from address lists schema to the AD connect profile for it to sync, otherwise it'll ignore it.
As the user accounts are still synced we must extend the AD schema to add additional Exchange properties that can be synced to Azure AD.
First find an install on the MS site for latest Exchange, you don't need a license as you're not actually going to install it.
Extract the package using 7-zip or similar into a folder.
Run the setup.exe with the following parameters on a domain controller with a user account that has admin privileges:
Setup.exe /IAcceptExchangeServerLicenseTerms /PrepareSchema
This will add the extended Schema, you may need to wait for all DC's to sync or user repadmin to force a sync.
A few quick powershell commands to set the parameters to hide old users from the address lists (after you have renamed them and set their emails to a none default domain, we use the test onmicrosoft.com one)
Set-ADUser -identity zzzzz -Add @{msExchHideFromAddressLists=$true}
Use the short login name for identity.
Once AD is synced to Azure AD you should find that the users mailboxes (we convert to shared mailboxes) are now set to not show in address lists.
You may need to Refresh the Directory Schema in your Azure AD Connect after installing the Exchange Schema and run a full sync. (Still seems to be issues here with it not synchronising, still investigating and will update ASAP)
UPDATE: You need to specifically add the hide from address lists schema to the AD connect profile for it to sync, otherwise it'll ignore it.
Saturday, 26 May 2018
Using apex.run with cli53 AWS credentials without error
Using the cli53 command from https://github.com/barnybug/cli53 caused a slight issue with AWS credentials. We were seeing:
Error: NoCredentialProviders: no valid providers in chain. Deprecated. For verbose messaging see aws.Config.CredentialsChainVerboseErrors
This was due to no credentials file in ~/.aws/ even though the config file there had the credentials in it. Easy fix is to copy the config file to credentials.
Error: NoCredentialProviders: no valid providers in chain. Deprecated. For verbose messaging see aws.Config.CredentialsChainVerboseErrors
This was due to no credentials file in ~/.aws/ even though the config file there had the credentials in it. Easy fix is to copy the config file to credentials.
Tuesday, 22 May 2018
Create certificate from root CA
On a root CA with a standard CSR from another webserver to create the crt file enter the following command at elevated command prompt:
certreq -submit -attrib "CertificateTemplate:Webserver" .\CSR.txt
certreq -submit -attrib "CertificateTemplate:Webserver" .\CSR.txt
Tuesday, 13 March 2018
Server core 2016 handy commands
Setting up new server with core (no GUI) handy commands for setting up:
1) Setting static IP (using sconfig) - unbinding components not needed (everything except IPv4)
Listing current bound components:
PS> Get-NetAdapterBinding -InterfaceAlias Ethernet
Disable with the following commands:
PS> Disable-NetAdapterBinding -InterfaceAlias "Ethernet" -ComponentID XXXXX
2) Create extra drives for data/SQL server etc.
Change current CDROM drive letter
>diskpart
DISKPART> list volume
DISKPART> select volume 0
DISKPART> assign letter=F
Create drive for SQL data/log files etc.
Use Get-Disk first to see the drive numbers
Get-Disk -Number 1 | Initialize-Disk -PartitionStyle MBR -PassThru | New-Partition -UseMaximumSize -DriveLetter D | Format-Volume -FileSystem NTFS -NewFileSystemLabel "DATA" -AllocationUnitSize 65536
If installing SQL Server, this must be done on command line as the GUI doesn't work.
setup.exe /QS /ACTION=Install /FEATURES=SQL /INSTANCENAME=SQL2016 /TCPENABLED=1 /NPENABLED=1 /IACCEPTSQLSERVERLICENSETERMS=1 /UPDATEENABLED=True /SECURITYMODE=SQL /SAPWD="R@nd0mp4ssw0rd" /INSTALLSQLDATADIR=D:\DATA\ /SQLUSERDBDIR=D:\DATA\ /SQLUSERDBLOGDIR=E:\LOG\ /SQLCOLLATION="Latin1_General_CI_AS" /INDICATEPROGRESS /SQLSYSADMINACCOUNTS="Administrator"
3) When protected by additional firewall, turn off Windows local firewall:
Get-NetFirewallProfile | Set-NetFirewallProfile -enabled false
Check you can access the server remotely for settings you need to change etc. using Server Manager from another machine.
Change the port that SQL Server is listening on, as you can't use SQL Server Configuration Manager, run SQL Powershell from: C:\Program Files (x86)\Microsoft SQL Server\130\Tools\Binn\SQLPS.exe
Then run these commands:
$MachineObject = new-object ('Microsoft.SqlServer.Management.Smo.WMI.ManagedComputer') .
$ProtocolUri = "ManagedComputer[@Name='" + (get-item env:computername).Value + "']/ServerInstance[@Name='SQL2016']/ServerProtocol"
$tcp = $MachineObject.getsmoobject($ProtocolUri + "[@Name='Tcp']")
$MachineObject.getsmoobject($tcp.urn.Value + "/IPAddress[@Name='IPAll']").IPAddressProperties[1].Value = "1437"
$tcp.alter()
Stop and restart the SQL Service and then you can connect with SSMS on a remote machine to the new port:
net stop MSSQL$SQL2016
net start MSSQL$SQL2016
1) Setting static IP (using sconfig) - unbinding components not needed (everything except IPv4)
Listing current bound components:
PS> Get-NetAdapterBinding -InterfaceAlias Ethernet
Disable with the following commands:
PS> Disable-NetAdapterBinding -InterfaceAlias "Ethernet" -ComponentID XXXXX
2) Create extra drives for data/SQL server etc.
Change current CDROM drive letter
>diskpart
DISKPART> list volume
DISKPART> select volume 0
DISKPART> assign letter=F
Create drive for SQL data/log files etc.
Use Get-Disk first to see the drive numbers
Get-Disk -Number 1 | Initialize-Disk -PartitionStyle MBR -PassThru | New-Partition -UseMaximumSize -DriveLetter D | Format-Volume -FileSystem NTFS -NewFileSystemLabel "DATA" -AllocationUnitSize 65536
Get-Disk -Number 2 | Initialize-Disk -PartitionStyle MBR -PassThru | New-Partition -UseMaximumSize -DriveLetter E | Format-Volume -FileSystem NTFS -NewFileSystemLabel "LOG" -AllocationUnitSize 65536
If installing SQL Server, this must be done on command line as the GUI doesn't work.
setup.exe /QS /ACTION=Install /FEATURES=SQL /INSTANCENAME=SQL2016 /TCPENABLED=1 /NPENABLED=1 /IACCEPTSQLSERVERLICENSETERMS=1 /UPDATEENABLED=True /SECURITYMODE=SQL /SAPWD="R@nd0mp4ssw0rd" /INSTALLSQLDATADIR=D:\DATA\ /SQLUSERDBDIR=D:\DATA\ /SQLUSERDBLOGDIR=E:\LOG\ /SQLCOLLATION="Latin1_General_CI_AS" /INDICATEPROGRESS /SQLSYSADMINACCOUNTS="Administrator"
3) When protected by additional firewall, turn off Windows local firewall:
Get-NetFirewallProfile | Set-NetFirewallProfile -enabled false
Check you can access the server remotely for settings you need to change etc. using Server Manager from another machine.
Change the port that SQL Server is listening on, as you can't use SQL Server Configuration Manager, run SQL Powershell from: C:\Program Files (x86)\Microsoft SQL Server\130\Tools\Binn\SQLPS.exe
Then run these commands:
$MachineObject = new-object ('Microsoft.SqlServer.Management.Smo.WMI.ManagedComputer') .
$ProtocolUri = "ManagedComputer[@Name='" + (get-item env:computername).Value + "']/ServerInstance[@Name='SQL2016']/ServerProtocol"
$tcp = $MachineObject.getsmoobject($ProtocolUri + "[@Name='Tcp']")
$MachineObject.getsmoobject($tcp.urn.Value + "/IPAddress[@Name='IPAll']").IPAddressProperties[1].Value = "1437"
$tcp.alter()
Stop and restart the SQL Service and then you can connect with SSMS on a remote machine to the new port:
net stop MSSQL$SQL2016
net start MSSQL$SQL2016
Friday, 2 March 2018
"maximum consolidate retries was exceeded for scsix:x" error in ESXi (2082886)
If disk consolidation retries are exceeded, try this KB article. Use the PowerCLI command, seems to do the trick.
https://kb.vmware.com/s/article/2082886
https://kb.vmware.com/s/article/2082886
Wednesday, 26 July 2017
Connection limit reached in Windows Server
Windows server allows only 16384 connections to be open, if you need the maximum then run this:
netsh int ipv4 set dynamicport tcp start=1025 num=64510
To check this has worked correctly run this:
netsh int ipv4 show dynamicport tcp
netsh int ipv4 set dynamicport tcp start=1025 num=64510
To check this has worked correctly run this:
netsh int ipv4 show dynamicport tcp
Tuesday, 15 November 2016
Server core - assign static IPs on command line
First determine your interface names for multiple NICs:
netsh int ipv4 show interfaces
Next assign IP details to the interface name you require:
netsh interface ip set address "Ethernet1" static 192.168.99.101 255.255.255.0 192.168.99.1
netsh interface ip set dns "Ethernet1" static 192.168.99.2
netsh interface ip add dns "Ethernet1" 192.168.99.3 index=2
netsh int ipv4 show interfaces
Next assign IP details to the interface name you require:
netsh interface ip set address "Ethernet1" static 192.168.99.101 255.255.255.0 192.168.99.1
netsh interface ip set dns "Ethernet1" static 192.168.99.2
netsh interface ip add dns "Ethernet1" 192.168.99.3 index=2