# main This wiki serves as my quick and dirty documentation and fixes. There's very little explanation. Mostly its just steps to perform with references if more context is needed.
## dokuwiki
#### Installing https://www.dokuwiki.org
* download * untar
tar -zxf /location/to/file
* cd into the wiki
sudo chown www-data:www-data conf
sudo chown -R www-data:www-data data
#### Updating
1) Create a backup, cd into the install directory.
2) Download the latest version (download page) into the current install directory.
sudo wget http://download.dokuwiki.org/src/dokuwiki/dokuwiki-stable.tgz
3) Extract and overwrite existing files.
tar -xzvf dokuwiki-YYYY-MM-DD.tgz --strip-components=1
4) Change the permissions back to www-data.
sudo chown -R www-data:www-data ./*
5) To clear the update messages, remove the messages.txt file, refresh the page.
sudo rm ./data/cache/messages.txt
Resources:
## corrupt exchange database 1) Shut the server down:
net stop msexchangeadtopology /y net stop msftesql-exchange /y net stop msexchangeis /y net stop msexchangesa /y net stop iisadmin /y
2) Make a backup copy of the database 3) Start the repair:
Eseutil /P C:\Path\To\file.db
4) Defrag the database:
Eseutil /D C:\Path\To\file.db
5) Test the DB and if any errors are found - rerun the tests:
Isinteg in -fix -test alltests
6) Start Exchange
- a) Open notepad and paste in the following:
net start "World Wide Web Publishing Service" net start "Microsoft Exchange Information Store" net start "Microsoft Exchange System Attendant" net start "Microsoft Search (Exchange)" net start "Microsoft Exchange Information Store" net start "Microsoft Exchange Unified Messaging" net start "Microsoft Exchange Transport Log Search" net start "Microsoft Exchange Transport" net start "Microsoft Exchange Service Host" net start "Microsoft Exchange Search Indexer" net start "Microsoft Exchange Replication Service" net start "Microsoft Exchange Mail Submission" net start "Microsoft Exchange Mailbox Assistants" net start "Microsoft Exchange File Distribution" net start "Microsoft Exchange EdgeSync" net start "Microsoft Exchange Anti-spam Update"
- b) Save the file as .cmd
- c) Run the file
- d) Verify the services are running
7) Verify users can send/receive email
References:
## Upgrading a Unifi controller
- Log into the controller and go to Settings > System and uncheck “Automatically upgrade firmware”
- SSH into the Unifi controller
- Type: apt-get update
- Type: apt-get install unifi
- After the upgrade finishes log back into the controller and go to Access Points
- Upgrade the access points (this will kick users off the AP)
- If the AP doesn’t restart and start checking back in:
- SSH into the AP as root
- Type: reboot
## Setting up network shares for CrashPlan in Windows
1) Open Notepad to create a batch script
2) Use roughly the following code:
@ECHO OFF net use X: "\\<server>\<share>" /USER:<networkusername> <networkpassword>
3) Save this file as .bat, open Task Scheduler, and click Create Task
4) Under General give it a name and description
5) Click Change User or Group… and put in System
6) On the Triggers tab: Begin the task At startup
7) Now on the Actions tab click New… Action: Start a program and browse to your batch script
8) Set any extra conditions or settings you'd like and save the task
9) The task should now be listed under Active Tasks. Double click the task and then right click it and click Run
Providing everything went smooth if you check Computer you should see your network share listed as “Disconnected Network Drive”. Open up CrashPlan, change your backup selection and the network letters should be available to backup now, yay!
References:
## MySQL Commands Create user
create user 'newuser'@'localhost' identified by 'password';
Create a database
create database $database;
Granting privileges
grant all privileges on $database.* to '$user';
References:
## .htaccess 1) Enable mod_rewrite
sudo a2enmod rewrite
2) Create your .htaccess file
sudo nano /var/www/example.com/.htaccess
3) Add the following code to the sites vhost file
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
4) Restart Apache
sudo service apache2 restart
References:
## Configuring Windows Time Server 1) Check the time server configuration
w32tm /query /status
Check the “Source” from the result to see if there's a time server set.
2) Get the latest NTP time server list from here.
3) Run the following command to set the time server filling in the $tsserver with the proper time servers:
w32tm /config /syncfromflags:manual /manualpeerlist:"$tsserver0,$tsserver1,$tsserver2,$tsserver3" /reliable:yes /update
4) Verify your changes by running the status command again:
w32tm /query /status
You should see your list of time servers under “Source” now.
References:
## Live changing a Titanium Z (FreeBSD) server NIC 1) Login to the web GUI and go to Network → $interface
2) Change your IP here, click Save, click Apply. It'll tell you that it needs a reboot to make the changes, don't reboot.
3) SSH into the TitaniumZ server and run the following command:
ifconfig $interface $ipaddress netmask $netmask
This will change the IP address until the next reboot. On the next reboot the IP address will flip over to this since we set it in the Networking preferences.
## Creating SSH key pairs for password-less SSH
1) On the client machine run
ssh-keygen -t rsa -b 4096
2) Copy the .pub file contents to the servers .ssh/authorized_keys file
References:
## Decrypt encrypted SSH keys
openssl rsa -in ssl.key.secure -out ssl.key
References:
## Outlook temp folder
/Users/$user/Library/Caches/TemporaryItems/Outlook Temp
## Debian Linux and NTFS 1) Install the NTFS-3G driver
sudo apt-get install ntfs-3g
2) Mount the volume
sudo mount -t ntfs-3g /dev/sdxx /media/$mount
## Creating a Windows 8 USB installer
1) Rip the Windows 8 OEM disk into an ISO
2) Download and install Windows USB/DVD Download Tool
3) Run the tool and follow it's steps and you should be set
References:
## Mount a cifs share in Ubuntu
1) Install the cifs-utils
sudo apt-get install cifs-utils
2) Create the cifs mount point
sudo mkdir /mnt/<$mountPoint>
3) Mount the cifs share
sudo mount -t cifs //<$ip>/<$mount> /mnt/<$mountPoint> -o user=<$username>
References:
## Connect to Office 365 PowerShell for the first time
1) Download the Azure Active Directory Module and install it.
2) Open PowerShell as Admin and run the following command
Set-ExecutionPolicy Unrestricted
Y
3) Run the follow commands to get connected:
Import-module MSOnline
$Cred = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $Cred -Authentication Basic –AllowRedirection
Import-PSSession $Session
connect-msolservice -credential $Cred
And finally verify you're connected by running:
Get-MsolUser
References:
## Hide an address from the Global Addressbook in Office 365
1) Log into PowerShell
2) Run
Set-Mailbox -Identity User@domain.com -HiddenFromAddressListsEnabled $true
References:
## CrashPlan ProE Login Issues
Administration Console Prompts To Create Administrator Account
## Migrating a user to a new Outlook Profile
1) Create new Outlook Profile in Controlpanel Mail
2) Add the account to the new profile
3) Verify data is there
4) Import old contacts into the new contacts folder
5) Import old calendars
6) Import or migrate any Inbox subfolders
7) Import or migrate any other user requested folders
8) Open the old PST file into the new profile
File -> Open -> Outlook Data File...
9) Copy the .NK2 (auto-complete) file to the new profile
Vista: %appdata%\Roaming\Microsoft\Outlook\*.NK2
9) any minor tweaks (i.e. for POP, maybe set it to keep mail on the server for $x days)
## Catalog job fails with error: 0xe0000900 1) Stop all Backup Exec services
2) Rename the C:\Program Files\VERITAS\Backup Exec\NT\Catalogs folder to Catalogs_old, and recreate a new Catalogs folder
3) Start the Backup Exec services.
4) In Backup Exec, go to Tools → Options and click on the Catalog setting
5) Uncheck the “Use storage media-based catalogs” box (Tools > Options > Catalogs)
6) Run “catrebuildindex -r” from command prompt within the Backup exec directory in order to make sure all the catalogs are proper and not corrupt
References:
## Configure email forwarding for a mailbox 1) In the Exchange Admin Center, navigate to Recipients → Mailboxes.
2) In the list of user mailboxes, click the mailbox that you want to configure mail forwarding for, and then click the Edit icon.
3) On the mailbox properties page, click Mailbox Features.
4) Under Mail Flow, select View details to view or change the setting for forwarding email messages. On this page, you can set the maximum number of recipients that the user can send a message to. For on-premises Exchange organizations, the recipient limit is unlimited. For Exchange Online organizations, the limit is 500 recipients. Check the Enable forwarding check box, and then click or tap Browse. On the Select Recipient page, select a user you want to forward all email to. Select the Deliver message to both forwarding address and mailbox check box if you want both the recipient and the forwarding email address to get copies of the emails sent. Click or tap OK, and then click or tap Save.
## SFTP Too Many Login Attempts This happens when the ssh-agent tries to remember more than 5 SSH keys. Run the following command to clear out ssh-agent's keys:
ssh-add -D
References:
## Debian 8 New Hard Disk 1) Update apt-get and install parted
sudo apt-get update && apt-get upgrade -y
2) Find your drive:
ls -la | grep sd
Plugin your drive, then repeat the above command, find the new drive.
3) Start parted
/sbin/parted /dev/sdb
(or whatever the new disk is)
4) Enter the following commands into the parted run:
mklabel gpt
mkpart primary ext4 0% 100%
will create a partition the size of the disk
to make multiple partitions use
mkpart primary ext4 0% 50%
mkpart primary ext4 50% 100%
or however you want to partition it.
quit
5) Format the partition
sudo mkfs.ext4 /dev/sdb1
(or whatever your new partition is in /dev)
6) Update /etc/fstab
sudo vi /etc/fstab
Add something similar to the following line, but with the new partition in /dev:
/dev/sdb1 /media/new_disk ext4 defaults,noatime 0 1
7) Create the disks mount point
sudo mkdir /media/mount
8) Set the disk's owner
sudo chown user:group /media/mount
9) Mount the disk
sudo mount -a
## Migrating Windows profiles from one machine to another
1) Download Transwiz from ForensiT
2) Run Transwiz and select the drive you want to save the profile to
3) Run Transwiz on the new PC and select the data from the drive
4) Done!
References:
## Expanding Graylog Storage ##
These steps were used to add storage for Graylog Server Graylog 2.4.5+8e18e6a and Debian 9.4.
WARNING: Do not use a NAS. If the NAS goes offline when Graylog isn't expecting it to (crashes or even soft-reboots) it can mess up Graylog.
- Add storage to the VM in ESXi
- Reboot VM
- Install parted:
sudo apt-get update && apt-get install -y parted - Find the raw disk:
sudo parted -l | grep Error(Error: /dev/sda: unrecognised disk label) - Set the partition scheme:
sudo parted /dev/DISK mklabel gpt - Create the partition:
sudo parted -a opt /dev/DISK mkpart primary ext4 0% 100% - Verify the partition creation:
lsblk - Create the partition filesystem:
sudo mkfs.ext4 -L PARTNAME /dev/PARTITION(if the disk was sdb, this should be sdb1) - Verify the filesystem creation:
lsblk –fs - Make a mount point:
mkdir /mnt/newStorage - Mount the new storage:
mount -o defaults /dev/PARTITION /mnt/newStroage - Create a safe space to copy the log indexes
mkdir /mnt/newStorage/nodes - Run an initial rsync
rsync -av /var/lib/elasticsearch/nodes/ /mnt/newStorage/nodes - Stop Graylog:
systemctl stop graylog-server.service - Stop Elasticsearch:
systemctl stop elasticsearch.service - Run rsync again to mirror the existing indexes:
rsync -av –delete-during /var/lib/elasticsearch/nodes/ /mnt/logs/nodes - Verify that there are no differences between the folders:
sudo diff -qr –suppress-common-lines /var/lib/elasticsearch/nodes/ /mnt/logs/nodes - Move old data
mv /var/lib/elasticsearch/nodes/ ~/nodes - Create a new “nodes” folder
mkdir /var/lib/elasticsearch/nodes/ - Unmount the new storage:
umount /mnt/newStroage - Add
/dev/PARTITION /var/lib/elasticsearch/nodes ext4 defaults 0 2to/etc/fstab - Mount fstab:
mount -a - Verify the data is present:
ls /var/lib/elasticsearch/nodes/ - Move the indexes into their proper spot:
mv /var/lib/elasticsearch/nodes/nodes/* /var/lib/elasticsearch/nodes/ - Fix permissions:
chmod -R elasticsearch:elasticsearch /var/lib/elasticsearch/nodes - Reboot
- Verify Graylog is up-and-running
- Verify index data is present on the server
ls /var/lib/elasticsearch/nodes/
References:
Sign Meraki SCEP CA Cert
- Log into Meraki Console
- Goto Organization → MDM
- Under
SCEP CA Certificate Configurationdownload theMeraki\_SCEP\_CA\_CSR.csr - Copy the CSR to your Windows CA server
- Open PowerShell with admin privileges
- Run this command:
certreq -submit -attrib “CertificateTemplate:SubCA” Meraki\_SCEP\_CA\_CSR.csr- Select your CA when prompted
- Save the file, name it whatever you want
- Back in Meraki on the Orgs MDM settings click
Choose Fileunder theSCEP CA Certificate Configurationsettings - Select and upload your signed cert
- Click
Save - Test install the cert
