This wiki serves as my quick and dirty documentation and fixes. There's very little explanation. Mostly its just steps to perform with references if more context is needed.

• Apple
• Configuration Profiles
• Hypervisor
• Munki
• Reposado

https://www.dokuwiki.org

• download
• untar

tar -zxf /location/to/file

• cd into the wiki

sudo chown www-data:www-data conf

sudo chown -R www-data:www-data data

1) Create a backup, cd into the install directory.

2) Download the latest version (download page) into the current install directory.

sudo wget http://download.dokuwiki.org/src/dokuwiki/dokuwiki-stable.tgz

3) Extract and overwrite existing files.

tar -xzvf dokuwiki-YYYY-MM-DD.tgz --strip-components=1

4) Change the permissions back to www-data.

sudo chown -R www-data:www-data ./*

5) To clear the update messages, remove the messages.txt file, refresh the page.

sudo rm ./data/cache/messages.txt

Resources:

• Upgrading DokuWiki
• Extracting the DokuWiki tgz
• Update Check

1) Shut the server down:

net stop msexchangeadtopology /y
net stop msftesql-exchange /y
net stop msexchangeis /y
net stop msexchangesa /y
net stop iisadmin /y

2) Make a backup copy of the database 3) Start the repair:

Eseutil /P C:\Path\To\file.db

4) Defrag the database:

Eseutil /D C:\Path\To\file.db

5) Test the DB and if any errors are found - rerun the tests:

Isinteg in -fix -test alltests

6) Start Exchange

• a) Open notepad and paste in the following:

net start "World Wide Web Publishing Service"
net start "Microsoft Exchange Information Store"
net start "Microsoft Exchange System Attendant"
net start "Microsoft Search  (Exchange)"
net start "Microsoft Exchange Information Store"
net start "Microsoft Exchange Unified Messaging"
net start "Microsoft Exchange Transport Log Search"
net start "Microsoft Exchange Transport"
net start "Microsoft Exchange Service Host"
net start "Microsoft Exchange Search Indexer"
net start "Microsoft Exchange Replication Service"
net start "Microsoft Exchange Mail Submission"
net start "Microsoft Exchange Mailbox Assistants"
net start "Microsoft Exchange File Distribution"
net start "Microsoft Exchange EdgeSync"
net start "Microsoft Exchange Anti-spam Update"

• b) Save the file as .cmd
• c) Run the file
• d) Verify the services are running

7) Verify users can send/receive email

References:

• Repairing Exchange databases with ESEUTIL - when and how
• Exchange 2007 Server Shutdown Script

1. Log into the controller and go to Settings > System and uncheck “Automatically upgrade firmware”
2. SSH into the Unifi controller
3. Type: apt-get update
4. Type: apt-get install unifi
5. After the upgrade finishes log back into the controller and go to Access Points
6. Upgrade the access points (this will kick users off the AP)
   1. If the AP doesn’t restart and start checking back in:
      1. SSH into the AP as root
      2. Type: reboot

1) Open Notepad to create a batch script

2) Use roughly the following code:

@ECHO OFF
net use X: "\\<server>\<share>" /USER:<networkusername> <networkpassword>

3) Save this file as .bat, open Task Scheduler, and click Create Task

4) Under General give it a name and description

5) Click Change User or Group… and put in System

6) On the Triggers tab: Begin the task At startup

7) Now on the Actions tab click New… Action: Start a program and browse to your batch script

8) Set any extra conditions or settings you'd like and save the task

9) The task should now be listed under Active Tasks. Double click the task and then right click it and click Run

Providing everything went smooth if you check Computer you should see your network share listed as “Disconnected Network Drive”. Open up CrashPlan, change your backup selection and the network letters should be available to backup now, yay!

References:

• Backup you [sic] network drives with CrashPlan

Create user

create user 'newuser'@'localhost' identified by 'password';

Create a database

create database $database;

Granting privileges

grant all privileges on $database.* to '$user';

References:

• How-To Create A MySQL Database And Set Privileges To A User

1) Enable mod_rewrite

sudo a2enmod rewrite

2) Create your .htaccess file

sudo nano /var/www/example.com/.htaccess

3) Add the following code to the sites vhost file

<Directory /var/www/>
    Options Indexes FollowSymLinks MultiViews
    AllowOverride All
    Order allow,deny
    allow from all
</Directory>

4) Restart Apache

sudo service apache2 restart

References:

• How To Set Up Mod_Rewrite

1) Check the time server configuration

w32tm /query /status

Check the “Source” from the result to see if there's a time server set.

2) Get the latest NTP time server list from here.

3) Run the following command to set the time server filling in the $tsserver with the proper time servers:

w32tm /config /syncfromflags:manual /manualpeerlist:"$tsserver0,$tsserver1,$tsserver2,$tsserver3" /reliable:yes /update

4) Verify your changes by running the status command again:

w32tm /query /status

You should see your list of time servers under “Source” now.

References:

• NTP Server Best Practices
• W32tm
• North America — north-america.pool.ntp.org
• How to set an NTP time server in Windows 2008

1) Login to the web GUI and go to Network → $interface

2) Change your IP here, click Save, click Apply. It'll tell you that it needs a reboot to make the changes, don't reboot.

3) SSH into the TitaniumZ server and run the following command:

ifconfig $interface $ipaddress netmask $netmask

This will change the IP address until the next reboot. On the next reboot the IP address will flip over to this since we set it in the Networking preferences.

1) On the client machine run

ssh-keygen -t rsa -b 4096

2) Copy the .pub file contents to the servers .ssh/authorized_keys file

References:

• HOWTO: set up ssh keys

openssl rsa -in ssl.key.secure -out ssl.key

References:

• How to Decrypt an Enrypted SSL RSA Private Key (PEM / KEY)

/Users/$user/Library/Caches/TemporaryItems/Outlook Temp

1) Install the NTFS-3G driver

sudo apt-get install ntfs-3g

2) Mount the volume

sudo mount -t ntfs-3g /dev/sdxx /media/$mount

1) Rip the Windows 8 OEM disk into an ISO

2) Download and install Windows USB/DVD Download Tool

3) Run the tool and follow it's steps and you should be set

References:

• How To Install Windows 8 or 8.1 From a USB Device
• Windows USB/DVD Download Tool
• Create installation media for Windows 8.1

1) Install the cifs-utils

sudo apt-get install cifs-utils

2) Create the cifs mount point

sudo mkdir /mnt/<$mountPoint>

3) Mount the cifs share

sudo mount -t cifs //<$ip>/<$mount> /mnt/<$mountPoint> -o user=<$username>

References:

• Mount a Samba smb shared folder Ubuntu
• Mount Windows Shares Permanently

1) Download the Azure Active Directory Module and install it.

2) Open PowerShell as Admin and run the following command

Set-ExecutionPolicy Unrestricted

Y

3) Run the follow commands to get connected:

Import-module MSOnline

$Cred = Get-Credential

$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $Cred -Authentication Basic –AllowRedirection

Import-PSSession $Session

connect-msolservice -credential $Cred

And finally verify you're connected by running:

Get-MsolUser

References:

• PowerShell with Office 365: Getting Connected
• Managing Office 365 and Exchange Online with Windows PowerShell

1) Log into PowerShell

2) Run

Set-Mailbox -Identity User@domain.com -HiddenFromAddressListsEnabled $true

References:

• Hiding users in the Global Address List

Administration Console Prompts To Create Administrator Account

1) Create new Outlook Profile in Controlpanel Mail

2) Add the account to the new profile

3) Verify data is there

4) Import old contacts into the new contacts folder

5) Import old calendars

6) Import or migrate any Inbox subfolders

7) Import or migrate any other user requested folders

8) Open the old PST file into the new profile

File -> Open -> Outlook Data File...

9) Copy the .NK2 (auto-complete) file to the new profile

Vista: %appdata%\Roaming\Microsoft\Outlook\*.NK2

9) any minor tweaks (i.e. for POP, maybe set it to keep mail on the server for $x days)

1) Stop all Backup Exec services

2) Rename the C:\Program Files\VERITAS\Backup Exec\NT\Catalogs folder to Catalogs_old, and recreate a new Catalogs folder

3) Start the Backup Exec services.

4) In Backup Exec, go to Tools → Options and click on the Catalog setting

5) Uncheck the “Use storage media-based catalogs” box (Tools > Options > Catalogs)

6) Run “catrebuildindex -r” from command prompt within the Backup exec directory in order to make sure all the catalogs are proper and not corrupt

References:

• Catalog job fails with error: "0xe0000900 The requested media is not listed in the media index and could not be mounted."

1) In the Exchange Admin Center, navigate to Recipients → Mailboxes.

2) In the list of user mailboxes, click the mailbox that you want to configure mail forwarding for, and then click the Edit icon.

3) On the mailbox properties page, click Mailbox Features.

4) Under Mail Flow, select View details to view or change the setting for forwarding email messages. On this page, you can set the maximum number of recipients that the user can send a message to. For on-premises Exchange organizations, the recipient limit is unlimited. For Exchange Online organizations, the limit is 500 recipients. Check the Enable forwarding check box, and then click or tap Browse. On the Select Recipient page, select a user you want to forward all email to. Select the Deliver message to both forwarding address and mailbox check box if you want both the recipient and the forwarding email address to get copies of the emails sent. Click or tap OK, and then click or tap Save.

This happens when the ssh-agent tries to remember more than 5 SSH keys. Run the following command to clear out ssh-agent's keys:

ssh-add -D

References:

• SSH aborts with Too many authentication failures

1) Update apt-get and install parted

sudo apt-get update && apt-get upgrade -y

2) Find your drive:

ls -la | grep sd

Plugin your drive, then repeat the above command, find the new drive.

3) Start parted

/sbin/parted /dev/sdb

(or whatever the new disk is)

4) Enter the following commands into the parted run:

mklabel gpt

mkpart primary ext4 0% 100%

will create a partition the size of the disk

to make multiple partitions use

mkpart primary ext4 0% 50%

mkpart primary ext4 50% 100%

or however you want to partition it.

quit

5) Format the partition

sudo mkfs.ext4 /dev/sdb1

(or whatever your new partition is in /dev)

6) Update /etc/fstab

sudo vi /etc/fstab

Add something similar to the following line, but with the new partition in /dev:

/dev/sdb1    /media/new_disk    ext4    defaults,noatime    0 1

7) Create the disks mount point

sudo mkdir /media/mount

8) Set the disk's owner

sudo chown user:group /media/mount

9) Mount the disk

sudo mount -a

1) Download Transwiz from ForensiT

2) Run Transwiz and select the drive you want to save the profile to

3) Run Transwiz on the new PC and select the data from the drive

4) Done!

References:

• ForensiT

These steps were used to add storage for Graylog Server Graylog 2.4.5+8e18e6a and Debian 9.4.

WARNING: Do not use a NAS. If the NAS goes offline when Graylog isn't expecting it to (crashes or even soft-reboots) it can mess up Graylog.

• Add storage to the VM in ESXi
• Reboot VM
• Install parted: sudo apt-get update && apt-get install -y parted
• Find the raw disk: sudo parted -l | grep Error (Error: /dev/sda: unrecognised disk label)
• Set the partition scheme: sudo parted /dev/DISK mklabel gpt
• Create the partition: sudo parted -a opt /dev/DISK mkpart primary ext4 0% 100%
• Verify the partition creation: lsblk
• Create the partition filesystem: sudo mkfs.ext4 -L PARTNAME /dev/PARTITION (if the disk was sdb, this should be sdb1)
• Verify the filesystem creation: lsblk –fs
• Make a mount point: mkdir /mnt/newStorage
• Mount the new storage: mount -o defaults /dev/PARTITION /mnt/newStroage
• Create a safe space to copy the log indexes mkdir /mnt/newStorage/nodes
• Run an initial rsync rsync -av /var/lib/elasticsearch/nodes/ /mnt/newStorage/nodes
• Stop Graylog: systemctl stop graylog-server.service
• Stop Elasticsearch: systemctl stop elasticsearch.service
• Run rsync again to mirror the existing indexes: rsync -av –delete-during /var/lib/elasticsearch/nodes/ /mnt/logs/nodes
• Verify that there are no differences between the folders: sudo diff -qr –suppress-common-lines /var/lib/elasticsearch/nodes/ /mnt/logs/nodes
• Move old data mv /var/lib/elasticsearch/nodes/ ~/nodes
• Create a new “nodes” folder mkdir /var/lib/elasticsearch/nodes/
• Unmount the new storage: umount /mnt/newStroage
• Add /dev/PARTITION /var/lib/elasticsearch/nodes ext4 defaults 0 2 to /etc/fstab
• Mount fstab: mount -a
• Verify the data is present: ls /var/lib/elasticsearch/nodes/
• Move the indexes into their proper spot: mv /var/lib/elasticsearch/nodes/nodes/* /var/lib/elasticsearch/nodes/
• Fix permissions: chmod -R elasticsearch:elasticsearch /var/lib/elasticsearch/nodes
• Reboot
• Verify Graylog is up-and-running
• Verify index data is present on the server ls /var/lib/elasticsearch/nodes/

References:

• Partition and Format Storage Devices in Debian
• Extend disk space

1. Log into Meraki Console
2. Goto Organization → MDM
3. Under SCEP CA Certificate Configuration download the Meraki_SCEP_CA_CSR.csr
4. Copy the CSR to your Windows CA server
5. Open PowerShell with admin privileges
6. Run this command: certreq -submit -attrib “CertificateTemplate:SubCA” Meraki_SCEP_CA_CSR.csr
   1. Select your CA when prompted
   2. Save the file, name it whatever you want
7. Back in Meraki on the Orgs MDM settings click Choose File under the SCEP CA Certificate Configuration settings
8. Select and upload your signed cert
9. Click Save
10. Test install the cert