Hello
my website was over years reachable under josh-burkard.ch, which was a long url. I was on search for a new and shorter domain name for this website. now I have found one, which is shorter and which describes what i’m doing and writing about: Information Technology (IT). So, my new web address is burkard.IT
of course, the old address will be available, but I would like the new shorter one.
This days, I had a very special problem with some new SCOM agents. I installed some new servers and installed the SCOM 2012 agent on it. But after some time, they appeared in the Agent Managed view, still as not monitored.
first I looked up the event logs on the new servers and found this errors:
According to this errors, I found a lot of blogs about network and certificate issues, like this one: http://geertbaeten.wordpress.com/2013/07/08/scom-agent-or-gateway-certificate-issue/
but I don’t have a Certificate authority and I also assumed not have a network problem.
I know, it is an unsupported configuration to create a site-to-site VPN to Microsoft Azure with a FortiGate firewall. But a FortiGate device is what i have and only to run some test’s I don’t want to buy some of this expensive supported firewalls.
I tried a lot of configurations, but nothings seams to run with Azure and my Fortigate firewall. So this week, I started a new try with this problem and after a few test’s I was successfully.
First I detected, that there is a new Option in Windows Azure, I never saw before: Dynamic Routing GateWay. After trying the old option Static Routing Gateway, I tried the new one and was successfully. The differences between dynamic and static routing gateways are described here.
I created a new plugin for mirroring a WordPress site to a test site: Sandbox Mirror.
Currently it’s in beta status and not available for download. if you are interested to test it, please contact me.
Today I had a request from a first-level-admin which need the Bitlocker Recovery Password for a already deleted computer object. Here is what I came up with:
|
1 2 3 4 5 6 |
$compname = "ComputerName" $SearchRoot = "CN=Deleted Objects,DC=domain,DC=local" $recoverykeys = Get-QADObject -Tombstone -Recycled -Type "msFVE-RecoveryInformation" -SizeLimit 0 -Includedproperties msFVE-RecoveryPassword -SearchRoot $SearchRoot | ? {$_.lastknownparent -like "*$compname*"} | select msFVE-RecoveryPassword $recoverykeys |
Please note that you need to be a Domain Admin (or equivalent) to be able to read the Deleted Objects Container. The tombstones will have a lifetime, after their expiration, you can’t access anymore to the recovery passwords.
With PowerCLI, you can add AD authentication to a single managed ESXi Host. For this you need to add your ESXi-Host to the AD (line 9) and then add permissions (line 11):
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 |
$VMHost = "hostname.domain.local" $HostPW = "yxz" $DomainAdmin = "DomainAdmin" $DomainPW = "yxz" $ADGroup = "domain\DomainGroup" $Domain = "domain.local" Add-PSSnapin VMware.VimAutomation.Core Connect-VIServer $VMHost –User root –Password $HostPW Get-VMHostAuthentication -VMHost $VMHost | Set-VMHostAuthentication -Domain $Domain -Username $DomainAdmin -Password $DomainPW -JoinDomain -Confirm:$false Get-VMHost $VMHost | New-VIPermission -Principal $ADGroup -Role "Admin" Disconnect-VIServer $VMHost -Confirm:$false |
sometimes line 11 will fail, then you have to wait for domain replication and repeat it.
i like vCheck to daily report my virtual environment status. But a lot of our guest systems are not in my responsibility, so the VM Tools are not uptodate or aren’t installed.
i wroted this plugin for vCheck:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 |
$Title = "VMs by VM Tools status" $Header = "VMs by VM Tools status : $($VMToolsVersions.count)" $Comments = "The following Operating Systems are in use in this vCenter." $Display = "Table" $Author = "Josh Burkard" $Version = 1.0 # Start of Settings # —- VM Guest OS Pivot Table —- $VMTools = get-vm | % { get-view $_.ID } | select Name, @{ Name="hostName"; Expression={$_.guest.hostName}}, @{ Name="ToolsStatus"; Expression={$_.guest.toolsstatus}}, @{ Name="ToolsVersion"; Expression={$_.config.tools.toolsVersion}} | sort-object ToolsVersion $VMToolsVersions = $VMTools | Where { $_.ToolsStatus -ne "toolsOk" } | sort ToolsVersion -desc If (($VMToolsVersions | Measure-Object).count -gt 0 -or $ShowAllHeaders) { $MyReport += Get-CustomHeader "VMs by VM Tools status : $($VMToolsVersions.count)" "The following VM Tools Status are not OK or old." $MyReport += Get-HTMLTable $VMToolsVersions $MyReport += Get-CustomHeaderClose } |
If you use a proxy server in your company, you would like to automatically configure your clients using a WPAD.dat-file. If you use the myIpAddress()-function, this function will returns the ip address from one active network adapter, maybe from the wrong one. This function couldn’t determine, which network adapter would made the connection to your proxy server. In this case you couldn’t connect to the internet, cause the WPAD.dat file returns the wrong result.
There is no automatic metric inside the WPAD.dat to detect, which adapter is the active adapter, nearest to your proxy server. You need to set the ip metric manualy on each network adapter:
Since DSM 4.1 you can configure proxy service at the Control Panel – Network:
but if you have installed the AntiVirus Essential package, it wouldn’t use this settings to update it’s virus definitions and will fail:
To configure autoupdate for the virus definitions behind a proxy server, you need to configure some settings manualy:
activate ssh on your NAS:
connect to your NAS by SSH and login as root (not as admin!)
create a new script:
|
1 |
vi /var/packages/AntiVirus/target/bin/synoavupdate |
change vi to the insert mode by press key i, then insert this lines:
i need often to calculate network addresses, subnet-masks/bits, Hosts and more. For this i wrote this script Network.bas, which you can implement in your Excel file or your Default template book.xltm:
i implemented this functions:
