Recently had a hyper v cluster that was rebooted, however upon started 

  1. Get-VM Command produced no VM’s 
  2. Get-clusterquorum was Blank
  3. Start-clusternode Would join the node back into the cluster and Mark as Up
  4. Get-ClusterNodes would bring up errors

CLUSDB is stored on the hosts under HKLM\CLuster

The CLUSDB File Size was around 60KB , on a working cluster is was around 256kb 

There was no backup per below

 

In the end we had to create a new Cluster and rejoin the Hosts to this ( clear-clusternode ) 

GD Star Rating
loading...
GD Star Rating
loading...
Indicates whether to use a secure connection (SSL or TLS). If SSL or TLS is selected, the server’s certificate or its authority must be in protectedstore/trusted.jks.
 
Error while sending
 
javax.mail.MessagingException: Could not convert socket to TLS; nested exception is: javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
 
Solution ( Change to your Java version on PC ) 

C:\BizLink\app\protectedstore>”C:\Program Files\Java\jre1.8.0_241\bin\keytool.exe” -importkeystore -srckeystore “C:\Program Files\Java\jre1.8.0_241\lib\security\cacerts” -destkeystore trusted.jks
Importing keystore C:\Program Files\Java\jre1.8.0_241\lib\security\cacerts to trusted.jks…

“By default, the password for the GlassFish truststore is already specified. The password is changeit .”


Enter destination keystore password:
Enter source keystore password:
Entry for alias verisignclass2g2ca [jdk] successfully imported.

After you will need to restart OpenText BizManager BizLink Msgsrv and OpenText BizManager BizLink Configuration Services

GD Star Rating
loading...
GD Star Rating
loading...

How to assign permissions for Domain User * This didn’t work straight away so had to create local user and auth that way

vserver cifs users-and-groups local-group add-members -vserver %Vserver% -group-name BUILTIN\Administrators -member-names domain\username

Verify permissions 

vserver cifs users-and-groups local-group show-members

cifs share access-control show

vserver security file-directory show -vserver %Vserver% -path /CIFS/Folder

How to assign permissions for Local User 

vserver cifs users-and-groups local-user create -vserver syg-svm03 -user-name CIFSSERVER\adminlocal -full-name “adminlocal”

GD Star Rating
loading...
GD Star Rating
loading...

Recently tried to login to my wordpress Dashboard and the backend looked like the attached Picture.

First thing I did is disable all plugins which didn’t fix the issue

Next I Reinstalled WordPress which fixed the issue

GD Star Rating
loading...
GD Star Rating
loading...

Recently I enrolled in a Red Hat Academy Course , and received an email shortly after : 

Congratulations! You are eligible for a discount on your next Red Hat Certification exam. Our prestigious certifications verify your skills and knowledge in Red Hat products and technologies, which will make you a standout candidate for future employers.

It didn’t give me any details about what exam! 

After some trial and error this is the Exam it gives you the discount on 

GD Star Rating
loading...
GD Star Rating
loading...

Mimecast will actually let you send from another domain you do not own ( will need to open a Support ticket and give a business reason ) 


Mimecast Production IP ranges (This IP range when you have a registered internal domain)
include:au._netblocks.mimecast.com

Mimecast Non-Production IP Ranges (This IP range is used for non-internal domains)
include:au._extnetblocks.mimecast.com

If customers wish to impersonate a domain you do not own, for example with address rewriting, use the DNS Authorization Code found in Your Mimecast Account Settings. The Mimecast Secure Email Gateway checks messages that are sent from each account. If the sending domain doesn’t match a domain listed as internal to the account, it will then check the TXT record of the sending domain for the presence of the DNS Authorization Code. If this code isn’t present, messages will be sent using these IP blocks instead of the normal route.


https://community.mimecast.com/s/article/Connect-Application-Implementing-SPF-for-Outbound-Email-Delivery-731048977

GD Star Rating
loading...
GD Star Rating
loading...

Open Powershell As Administrator

Import-Module NTFSSecurity

#Check Existing Access

dir2 “\\?\e:\folde\path\name” -Recurse | Get-NTFSAccess

#Take Ownership

dir2 “\\?\e:\folde\path\name” -Recurse | Set-NTFSOwner -Account “Administrators”

#Add Permissiosn

dir2 “\\?\e:\folde\path\name” -Recurse | Add-NTFSAccess -Account Administrators -AccessRights FullControl

#recheck Access

dir2 “\\?\e:\folde\path\name” -Recurse | Get-NTFSAccess

Prove access for a user

Get-ChildItem -Path c:\docs -Recurse -Directory | Get-NTFSEffectiveAccess -Account ‘corp\confroom’ | select Account, AccessControlType, AccessRights, FullName

GD Star Rating
loading...
GD Star Rating
loading...

#To verify the Root CA CA.pem and Intermediate CA ICA.pem
openssl verify -CAfile CA.pem ICA.pem

#To create the CA chain ( In Linux or just add files together in notepad for Linux ) 
cat ICA.pem ca.pem > CA-chain.pem

#To verify the CA chain and the web cert
openssl verify -CAfile CA-chain.pem web.pem

#To generate checksum of the private key
openssl rsa -modulus -noout -in private.key 

#To generate checksum of the web cert, the checksum result should match with the private key
openssl x509 -modulus -noout -in web.pem

 

Exporting files for further diagnosis

openssl rsa -in private.key -text -noout
openssl x509 -in web.pem -text -noout
openssl x509 -in ica.pem -text -noout
openssl x509 -in ca.pem -text -noout

GD Star Rating
loading...
GD Star Rating
loading...

Recently we needed to add a new alias to a share for it to be accessible from 

  1. Add DNS A record for that name ( e.g. fileshare -> 192.168.0.33 )
  2. run setspn -S host/fileshare existingfileshareserver (e.g. setspn -S host/filenew file01)
GD Star Rating
loading...
GD Star Rating
loading...