0

Redirect Old WordPress Tags to Squarespace Tags

Posted by paris on Dec 31, 2016 in Research

Got to 

Config/settings/advanced/url-mappings

Then add the following : 

/tag/[name] -> /?tag=[name] 301

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Tags: , ,

 
0

Convert to Virtual Machine from Point in Time Greyed Out

Posted by paris on Dec 31, 2016 in Research

When trying to restore from a backup exec backup to a Virtual machine , the dropdown option “Convert to Virtual Machine from Point in Time” is Greyed Out.

Make sure when you backup the Machine you backup Everything including System State or this option will not be available 

Also make sure one of your backup jobs are not backing up the machine through a Vcenter. This is how backup Exec manages VM level backup jobs for fulling restoring a VM

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Tags: , ,

 
0

How to enable SNMP monitoring on a VCSA 6.5 Vmware Vcenter

Posted by paris on Dec 29, 2016 in Research

Enabled SSH Login on your VCenter Appliance ( this can be done through the GUI or via Direct Console Access )

Run the below commands replacing username and snmp servername

snmp.set --users username/-/-/none
snmp.set --communities liability
snmp.set --v3targets snmpservername@161/username/none/trap

 

This command will show you all the current settings

snmp.get

 

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Tags: , , , , , , ,

 
0

Adding new SC220 Enclosures to a SC8000 SAN in Daisy Chain Mode

Posted by paris on Oct 6, 2016 in Research

If I understand correctly, these are 4x SC220 enclosures for the SC8000 SAN. Although there is no IO interruption to the SAN, ideally this should be done during scheduled outage. Ensure that backup on current CML LUNs have been taken prior to this activity. The steps below need to be precisely followed to avoid outage and issues.

Required materials:

  • 4x SC220 enclosures with its spindles.
  • 4x additional minimum length of 2m mini-SAS HD to SAS cables.
  • 6x minimum length of 0.5m SAS to SAS cables.
  • 2x 4-port low-profile LSI SAS9206-16E SAS HBA.
  • 2x full-height 2-port iSCSI PCI bracket.
  • Velcro and label machine.

Here’s the plan and tasks:

  1. Verify current SAS cabling

Ensure that current SAS cabling is according to figure 1 below. 

  1. Install 2x additional SAS cards and re-arrange PCI cards on both SC8000 controllers in rolling fashion.

The 2x SAS cards and 2x full-height PCI brackets come with the SC8000 systems. Note that this will cause a split-second front-end IO disruption when the LUNs failover to the other controller. Monitoring system will generate alerts and there will be a call from Dell Pro Support. It is transparent to servers. Current CML SAN layout is attached 

Sequence:

  1. Shut SC8000 A down, all LUNs are served by SC8000 B.
  2. Install and re-arrange PCI cards on SC8000 A.
  3. Power SC8000 A back on, inventory and health check, do not re-balance.
  4. If health check on SC8000 A passed, shutdown SC8000 B.
  5. Install and re-arrange PCI cards on SC8000 B.
  6. Inventory and health check on SC8000 B. Re-balance if health check passed.

                After new SAS card installation and PCI cards re-arrangement, the cards layout should be:

  • Slot 1: 2-port low-profile QLogic QLE2662 16G FC HBA
  • Slot 2: 4-port low-profile LSI SAS9206-16E 6Gbps SAS HBA.
  • Slot 3: 4-port low-profile LSI SAS9206-16E 6Gbps SAS HBA.
  • Slot 4: 2-port full-height 1GbE QLogic QLE4062 iSCSI HBA.

Reference:

Figure 2: SC8000 rear port layout.

  1. Adding enclosures

Adding three enclosures are going to be done in two phases:

  1. Modify current setup from one SC220 enclosure single chain to two SC220 enclosures single chain.

Single chain two enclosures side A

  1. Ensure that the new second SC220 enclosure is powered off and mounted securely to the rack immediately next to the current SC220 labelled as ENCLOSURE 1 with nothing connected to it except power cords.
  2. Disconnect Chain 1: Side A cables (maroon lines) on both endpoints. Turn on the second SC220 enclosure. Wait until it finished booting up. The front status LED should be fully lit green and lit blue. Note that this cause a brief unnoticeable back-end IO disruption.

Figure 3: Removal of Chain 1: Side A SAS connections from current topology.

  • Connect enclosure 1 top EMM port B to enclosure 2 top EMM port A.
  1. ConnectSC8000 A slot 2 port 1 to enclosure 1 top EMM port A.
  2. Connect SC8000 B slot 2 port 3 to enclosure 2 top EMM port B.
  3. Label enclosure as ENCLOSURE 2.
  • Verify the new Chain 1: Side A connectivity (contact Hendrik). You will end up with this:

Figure 4: Chain 1: Side A new topology.

Single chain two enclosures side B

  • Disconnect Chain 1: Side B SAS connections indicates as orange lines in figure 4. Note that this cause a brief unnoticeable back-end IO disruption.
  1. Connect enclosure 1 bottom EMM port B to enclosure 2 bottom EMM port A.
  2. Connect SC8000 A slot 3 port 3 to enclosure 2 bottom EMM port B.
  3. Connect SC8000 B slot 3 port 1 to enclosure 1 bottom EMM port A.
  • Verify the new Chain 1: Side B connectivity (contact Hendrik). You will end up with this:

Figure 5: Chain 1: Side B new topology.

  1. Adding new chain with two new SC220 enclosures.
    1. Ensure that enclosure 3 is located immediate to enclosure 2.
    2. Ensure that enclosure 4 is located immediate to enclosure 3.
  • Ensure that enclosure 5 is located immediate to enclosure 4.
  1. Ensure that both enclosure 3, 4 and 5 are turned off. Label as ENCLOSURE 3, ENCLOSURE 4 and ENCLOSURE 5.
  2. Connect enclosure 3 top EMM port B to enclosure 4 top EMM port A.
  3. Connect enclosure 4 top EMM port B to enclosure 5 top EMM port A.
  • Connect enclosure 3 bottom EMM port B to enclosure 4 bottom EMM port A.
  • Connect enclosure 4 bottom EMM port B to enclosure 5 bottom EMM port A.
  1. Turn enclosure 3, 4 and 5 on and wait until it is finished to boot up. The front green and blue light must be fully lit.
  2. Connect SC8000 A slot 2 port 3 to enclosure 3 top EMM port A.
  3. Connect SC8000 A slot 3 port 1 to enclosure 5 bottom EMM port B.
  • Connect SC8000 B slot 2 port 1 to enclosure 5 top EMM port B.
  • Connect SC8000 B slot 3 port 3 to enclosure 3 bottom EMM port A.
  • You’ll end up with this. I’ll verify remotely once it is done..
  1. Once the verification is completed, remove the IPC connections: the LAN cable that goes from IPC LAN port on both controllers and the SAS cables that are connected to slot 3 port 2 and 4 on both controllers.

Figure 6: 2 controllers, 2 chains, 2 sides, 5 enclosures topology

You will be taking out and in excess of after completion:

  • 2x mini-SAS HD to mini-SAS HD cables from the SAS IPC connections.
VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Tags: , ,

 
0

Migrate VDM’s from one SAN to Another

Posted by paris on Oct 6, 2016 in Research

 

rdm_basic1It might be worth checking if these still need to be RDM’s. This was previously used for older versions of VMDK’s could only use 2TB , now with esx 5.5 and Virtual Machine hardware 10 this is upped to 62TB

Changed Pysical RDM to Virtaul RDM to VMDK’s

Use the webclient for this

1) Shutdown the server
2) Upgrade the Virtual Hardware to 10
3) Remove the Physical RDM Lun
4) Re-Add the Lun as Virtual
5) Power on server
6) Storage VMotion to New SAN

 

FYI Virtual RDM’s cannot be resized without shutting down the machine unlike Physical 

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Tags: , , , , , ,

 
0

Juniper Exam Revision Notes

Posted by paris on Oct 6, 2016 in Research

 

Deploy vSRX – VMware Workstation

RE – Routing Engine

— Manages the PFE

— Maintins Routing Tables

— Manages the Packet Forwarding Engine


PFE – Packet Forward Engine

— Is incharge of Policing , Stateless Firewall Filtering and CoS implemented by forwarding plane

— Forarding Plane Central Procesing contains the PFE

They are seperated in Juniper ( Control and Forwarding Planes ) to benifit speed and reduce bottlenecks -> https://www.juniper.net/techpubs/en_US/junos9.3/topics/concept/psd-control-and-forwarding-plane-in-separate-chassis.html

– Forwarding table is stored on both

-Routing Table ( stored on Control Plane ) Populate Forwarding Table

–Import Policys filter items doing to Routing Table

Routing Policy

Must have a then doesn’t need a from

Juniper also split software processes in Modules

Same base source code for all Boxes

Ctrl-A = Left All

Ctrl-U = Delete All

Ctrl-W = Backspace

Default Location for Configs are in /home/user

Default Location for logs /var/logs/

WIP Config = Canidate Configurations

Active Config = After Commit

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Tags:

 
0

Juniper Config for an SRX 240 in Failiver mode

Posted by paris on Oct 6, 2016 in Research

 

 

version 12.1X44-D35.5;
groups {
    node0 {
        system {
            host-name A;
        }
        interfaces {
            fxp0 {
                unit 0 {
                    family inet {
                        address 192.168.50.1/24;
                    }
                }
            }
        }
    }
    node1 {
        system {
            host-name SB;
        }
        interfaces {
            fxp0 {
                unit 0 {
                    family inet {
                        address 192.168.50.2/24;
                    }
                }
            }
        }
    }
}
apply-groups "${node}";
system {
    time-zone Australia/Brisbane;
    root-authentication {
        encrypted-password "";
    }
    name-server {
        8.8.8.8;
        8.8.4.4;
    }
    services {
        ssh;
        web-management {
            http;
        }
        dhcp {
            pool 192.168.30.0/24 {
                address-range low 192.168.30.100 high 192.168.30.200;
                router {
                    192.168.30.1;
                }
                propagate-settings vlan.100;
            }
    }
    ntp {
        server 129.250.35.250;
    }
}
chassis {
    cluster {
        reth-count 3;
        redundancy-group 0 {
            node 0 priority 200;
            node 1 priority 1;
        }
        redundancy-group 1 {
            node 0 priority 200;
            node 1 priority 1;
            interface-monitor {
                ge-0/0/14 weight 255;
                ge-5/0/14 weight 255;
                ge-0/0/15 weight 255;
                ge-5/0/15 weight 255;
            }
        }
        redundancy-group 2 {
            node 0 priority 254;
            node 1 priority 1;
        }
    }
}
interfaces {
    traceoptions {
        file interface-debug;
        flag all;
    }
    ge-0/0/11 {
        unit 0 {
            encapsulation ppp-over-ether;
        }
    }
    ge-0/0/13 {
        gigether-options {
            redundant-parent reth2;
        }
    }
    ge-0/0/14 {
        gigether-options {
            redundant-parent reth0;
        }
    }
    ge-0/0/15 {
        gigether-options {
            redundant-parent reth1;
        }
    }
    ge-5/0/13 {
        gigether-options {
            redundant-parent reth2;
        }
    }
    ge-5/0/14 {
        gigether-options {
            redundant-parent reth0;
        }
    }
    ge-5/0/15 {
        gigether-options {
            redundant-parent reth1;
        }
    }
    fab0 {
        fabric-options {
            member-interfaces {
                ge-0/0/2;
            }
        }
    }
    fab1 {
        fabric-options {
            member-interfaces {
                ge-5/0/2;
            }
        }
    }
    pp0 {
        unit 0 {
            ppp-options {
                pap {
                    local-name "";
                    local-password "";
                    passive;
                }
                lcp-max-conf-req 0;
            }
            pppoe-options {
                underlying-interface ge-0/0/11.0;
                idle-timeout 0;
                auto-reconnect 10;
                client;
            }
            family inet {
                mtu 1492;
                negotiate-address;
            }
        }
    }
    reth0 {
        vlan-tagging;
        redundant-ether-options {
            redundancy-group 1;
        }
        unit 100 {
            vlan-id 100;
            family inet {
                address 192.168.30.1/24;
            }
        }
    }
    reth1 {
        redundant-ether-options {
            redundancy-group 1;
        }
        unit 0 {
            encapsulation ppp-over-ether;
        }
    }
    reth2 {
        vlan-tagging;
        redundant-ether-options {
            redundancy-group 2;
        }
        unit 100 {
            vlan-id 100;
            family inet {
                address 192.168.30.1/24;
            }
        }
    }
}
routing-options {
    static {
        route 0.0.0.0/0 next-hop pp0.0;
    }
}
class-of-service {
    host-outbound-traffic {
        ieee-802.1 {
            default be;
        }
    }
}
security {
        tcp-mss {
            all-tcp {
                mss 1300;
            }
        }
    }
    nat {
        source {
            rule-set students_srcnat {
                from zone Student;
                to zone untrust;
                rule students_srcnat_1 {
                    match {
                        destination-address 0.0.0.0/0;
                    }
                    then {
                        source-nat {
                            interface;
                        }
                    }
                }
            }
            rule-set staff_srcnat {
                from zone Internal;
                to zone untrust;
                rule staff_srcnat_1 {
                    match {
                        destination-address 0.0.0.0/0;
                    }
                    then {
                        source-nat {
                            interface;
                        }
                    }
                }
            }
            rule-set wireless_srcnat {
                from zone Wireless;
                to zone untrust;
                rule wireless_srcnat_1 {
                    match {
                        destination-address 0.0.0.0/0;
                    }
                    then {
                        source-nat {
                            interface;
                        }
                    }
                }
            }
        }
    }
    policies {
        from-zone Internal to-zone untrust {
            policy default-permit {
                match {
                    source-address any;
                    destination-address any;
                    application any;
                }
                then {
                    permit;
                }
            }
        }
        from-zone Student to-zone untrust {
            policy student-internet {
                match {
                    source-address any;
                    destination-address any;
                    application any;
                }
                then {
                    permit;
                }
            }
        }
        from-zone Wireless to-zone untrust {
            policy wireless-internet {
                match {
                    source-address any;
                    destination-address any;
                    application any;
                }
                then {
                    permit;
                }
            }
        }
        from-zone Internal to-zone Internal {
            policy test-1 {
                match {
                    source-address any;
                    destination-address any;
                    application any;
                }
                then {
                    permit;
                }
            }
        }
    }
    zones {
        security-zone External {
            interfaces {
                reth1.0;
            }
        }
        security-zone Internal {
            address-book {
                address NEC <IPofNEC>/32;
            }
            interfaces {
                reth0.100 {
                    host-inbound-traffic {
                        system-services {
                            dhcp;
                            all;
                        }
                        protocols {
                            all;
                        }
                    }
                }
            }
        }
        security-zone untrust {
            host-inbound-traffic {
                system-services {
                    http;
                    ssh;
                }
            }
            interfaces {
                pp0.0;
                ge-0/0/11.0;
            }
        }
    }
}
VN:F [1.9.22_1171]
Rating: 4.0/10 (1 vote cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

 
0

Adding Domain/Forest Trust

Posted by paris on Oct 6, 2016 in Research

Set DNS Forwarders between domains using either one of these

Conditional Forwarder – How to configure a Conditional Forwarder in DNS

Stub Zone – How to configure a DNS Stub Zone in Windows Server

Secondary Zone – How to configure a DNS Secondary Zone in Windows Server

What should I use, a Stub, Conditional Forwader, Forwarder, or Secondary Zone??

 

How to configure Forest Level Trust in Windows Server

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

 
0

the type 11 controller is not supported by this firmware

Posted by paris on Oct 6, 2016 in Research

dell51

Was recently trying to update a PS6000 SAN from Firmware upgrade Failure from V5.0.8 to V6.0.7

FYI when trying firmware updates make sure you have the passive controller setup , as this will take the controllers offline during the update.

The error displayed was the type 11 controller is not supported by this firmware

 Upgrade your 5.0.8 to 5.2.x first and than to 6.0.7.

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Tags: , , , ,

 
0

GPO’s For Enterprise Windows 10 Roll Out

Posted by paris on Oct 4, 2016 in Research

There is a big list by Microsoft I went through – https://technet.microsoft.com/itpro/windows/manage/manage-connections-from-windows-operating-system-components-to-microsoft-services#BKMK_WiFiSense , Microsoft also provides a DISA STIG Baseline ( here )  however I have gone a bit further on security

Computer Configuration – Administrative Templates – Windows Components – Data Collection and Preview Builds

Disable access to pre-release features – Disabled

Configure telemetry to level 0 – Enterprise Only

Do not show feedback notifications – Enabled

Toggle user control over Insider builds – Disabled

 

Computer Configuration – Administrative Templates – System – Log on

                Show first sign-in animation – Disable

                Turn on convenience PIN sign-in – Diable

Turn off picture password sign-in -Enable

 

Computer Configuration – Administrative Templates – Windows Components – Search –

Allow Cortana – Disabled

 

Computer Configuration – Administrative Templates – Windows Components – Cloud Content

                Do Not Show Windows Tips – Enabled

                Turn off Microsoft Consumer Experiences – Enabled

 

Computer Configuration – Administrative Templates – Control Panel

                Do not display the lock screen – Enabled

 

Computer Configuration – Windows Settings – Security Settings – Local Policies – Security Options     

                Accounts: Block Microsoft Accounts – Enabled From Longon and Adding

 

Computer Configuration\Administrative Templates\Network\WLAN Service\WLAN Settings\

Allow Windows to automatically connect to suggested open hotspots, to networks shared by contacts, and to hotspots offering paid services – Disabled 

 

Computer Configuration\ Administrative Templates\ Control Panel\ Regional and Language Options\ Allow Input Personalization and set to Disabled.

We also collect your typed and handwritten words to improve character recognition and provide you with a personalized user dictionary and text completion suggestions. Some of this data is stored on your device and some is sent to Microsoft to help improve these services.

Is it possible that any collected words may accidentally include patient information?

 

Computer Configuration > Administrative Templates > Windows Components > OneDrive > Prevent the usage of OneDrive for file storage – Enabled

 

Computer Configuration > Administrative Templates > Windows Components > Search> Don’t search the web or display web results in Search – Enabled

 

Computer Configuration > Administrative Templates > Windows Components > Search> Don’t search the web or display web results in Search over metered connections– Enabled

Why might you want to disable web search?  It is a good idea if you don’t want your local search queries sent to Bing.

Computer Configuration> Administrative Templates> System> User Profiles> Turn off the advertising ID

Turn off the advertising ID to disable targeted ads –  Enabled

Computer Configuration > Administrative Templates > Windows Components > Store >Disable all apps from Windows Store.
You can turn off the ability to launch apps from the Windows Store that were preinstalled or downloaded. This will also turn off automatic app updates, and the Windows Store will be disabled. On Windows Server 2016, this will block Windows Store calls from Universal Windows Apps.

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Tags: , , ,

Copyright © 2017 Welcome to Pariswells.com All rights reserved. Theme by Laptop Geek. Privacy Policy