Recently had a hyper v cluster that was rebooted, however upon started 

1. Get-VM Command produced no VM’s 
2. Get-clusterquorum was Blank
3. Start-clusternode Would join the node back into the cluster and Mark as Up
4. Get-ClusterNodes would bring up errors

CLUSDB is stored on the hosts under HKLM\CLuster

The CLUSDB File Size was around 60KB , on a working cluster is was around 256kb 

There was no backup per below

In the end we had to create a new Cluster and rejoin the Hosts to this ( clear-clusternode ) 

• No Comments

C:\BizLink\app\protectedstore>”C:\Program Files\Java\jre1.8.0_241\bin\keytool.exe” -importkeystore -srckeystore “C:\Program Files\Java\jre1.8.0_241\lib\security\cacerts” -destkeystore trusted.jks
Importing keystore C:\Program Files\Java\jre1.8.0_241\lib\security\cacerts to trusted.jks…

“By default, the password for the GlassFish truststore is already specified. The password is changeit .”

Enter destination keystore password:
Enter source keystore password:
Entry for alias verisignclass2g2ca [jdk] successfully imported.

After you will need to restart OpenText BizManager BizLink Msgsrv and OpenText BizManager BizLink Configuration Services

• No Comments

How to assign permissions for Domain User * This didn’t work straight away so had to create local user and auth that way

vserver cifs users-and-groups local-group add-members -vserver %Vserver% -group-name BUILTIN\Administrators -member-names domain\username

Verify permissions 

vserver cifs users-and-groups local-group show-members

cifs share access-control show

vserver security file-directory show -vserver %Vserver% -path /CIFS/Folder

How to assign permissions for Local User 

vserver cifs users-and-groups local-user create -vserver syg-svm03 -user-name CIFSSERVER\adminlocal -full-name “adminlocal”

• No Comments

Recently tried to login to my wordpress Dashboard and the backend looked like the attached Picture.

First thing I did is disable all plugins which didn’t fix the issue

Next I Reinstalled WordPress which fixed the issue

• No Comments

Recently when a user searched for an Item in Outlook , the Email could not be opened due to the error to the left and the Reading Pain showed

“This message with restricted permission cannot be viewed in the reading pane until you verify credentials”

I had to change the default search to All Mailboxes

• No Comments

Recently I enrolled in a Red Hat Academy Course , and received an email shortly after : 

Congratulations! You are eligible for a discount on your next Red Hat Certification exam. Our prestigious certifications verify your skills and knowledge in Red Hat products and technologies, which will make you a standout candidate for future employers.

It didn’t give me any details about what exam! 

After some trial and error this is the Exam it gives you the discount on 

• No Comments

Mimecast will actually let you send from another domain you do not own ( will need to open a Support ticket and give a business reason ) 

Mimecast Production IP ranges (This IP range when you have a registered internal domain)
include:au._netblocks.mimecast.com

Mimecast Non-Production IP Ranges (This IP range is used for non-internal domains)
include:au._extnetblocks.mimecast.com

If customers wish to impersonate a domain you do not own, for example with address rewriting, use the DNS Authorization Code found in Your Mimecast Account Settings. The Mimecast Secure Email Gateway checks messages that are sent from each account. If the sending domain doesn’t match a domain listed as internal to the account, it will then check the TXT record of the sending domain for the presence of the DNS Authorization Code. If this code isn’t present, messages will be sent using these IP blocks instead of the normal route.

https://community.mimecast.com/s/article/Connect-Application-Implementing-SPF-for-Outbound-Email-Delivery-731048977

• No Comments

Open Powershell As Administrator

Import-Module NTFSSecurity

#Check Existing Access

dir2 “\\?\e:\folde\path\name” -Recurse | Get-NTFSAccess

#Take Ownership

dir2 “\\?\e:\folde\path\name” -Recurse | Set-NTFSOwner -Account “Administrators”

#Add Permissiosn

dir2 “\\?\e:\folde\path\name” -Recurse | Add-NTFSAccess -Account Administrators -AccessRights FullControl

#recheck Access

dir2 “\\?\e:\folde\path\name” -Recurse | Get-NTFSAccess

Prove access for a user

Get-ChildItem -Path c:\docs -Recurse -Directory | Get-NTFSEffectiveAccess -Account ‘corp\confroom’ | select Account, AccessControlType, AccessRights, FullName

• No Comments

#To verify the Root CA CA.pem and Intermediate CA ICA.pem
openssl verify -CAfile CA.pem ICA.pem

#To create the CA chain ( In Linux or just add files together in notepad for Linux ) 
cat ICA.pem ca.pem > CA-chain.pem

#To verify the CA chain and the web cert
openssl verify -CAfile CA-chain.pem web.pem

#To generate checksum of the private key
openssl rsa -modulus -noout -in private.key 

#To generate checksum of the web cert, the checksum result should match with the private key
openssl x509 -modulus -noout -in web.pem

Exporting files for further diagnosis

openssl rsa -in private.key -text -noout
openssl x509 -in web.pem -text -noout
openssl x509 -in ica.pem -text -noout
openssl x509 -in ca.pem -text -noout

• No Comments

Recently we needed to add a new alias to a share for it to be accessible from 

1. Add DNS A record for that name ( e.g. fileshare -> 192.168.0.33 )
2. run setspn -S host/fileshare existingfileshareserver (e.g. setspn -S host/filenew file01)

• No Comments