User Tools

Site Tools


# main This wiki serves as my quick and dirty documentation and fixes. There's very little explanation. Mostly its just steps to perform with references if more context is needed.

## dokuwiki

#### Installing

* download * untar

tar -zxf /location/to/file

* cd into the wiki

sudo chown www-data:www-data conf
sudo chown -R www-data:www-data data

#### Updating

1) Create a backup, cd into the install directory.

2) Download the latest version (download page) into the current install directory.

sudo wget

3) Extract and overwrite existing files.

tar -xzvf dokuwiki-YYYY-MM-DD.tgz --strip-components=1

4) Change the permissions back to www-data.

sudo chown -R www-data:www-data ./*

5) To clear the update messages, remove the messages.txt file, refresh the page.

sudo rm ./data/cache/messages.txt


## corrupt exchange database 1) Shut the server down:

net stop msexchangeadtopology /y
net stop msftesql-exchange /y
net stop msexchangeis /y
net stop msexchangesa /y
net stop iisadmin /y

2) Make a backup copy of the database 3) Start the repair:

Eseutil /P C:\Path\To\file.db

4) Defrag the database:

Eseutil /D C:\Path\To\file.db

5) Test the DB and if any errors are found - rerun the tests:

Isinteg in -fix -test alltests

6) Start Exchange

  • a) Open notepad and paste in the following:
net start "World Wide Web Publishing Service"
net start "Microsoft Exchange Information Store"
net start "Microsoft Exchange System Attendant"
net start "Microsoft Search  (Exchange)"
net start "Microsoft Exchange Information Store"
net start "Microsoft Exchange Unified Messaging"
net start "Microsoft Exchange Transport Log Search"
net start "Microsoft Exchange Transport"
net start "Microsoft Exchange Service Host"
net start "Microsoft Exchange Search Indexer"
net start "Microsoft Exchange Replication Service"
net start "Microsoft Exchange Mail Submission"
net start "Microsoft Exchange Mailbox Assistants"
net start "Microsoft Exchange File Distribution"
net start "Microsoft Exchange EdgeSync"
net start "Microsoft Exchange Anti-spam Update"
  • b) Save the file as .cmd
  • c) Run the file
  • d) Verify the services are running

7) Verify users can send/receive email


## Upgrading a Unifi controller

  1. Log into the controller and go to Settings > System and uncheck “Automatically upgrade firmware”
  2. SSH into the Unifi controller
  3. Type: apt-get update
  4. Type: apt-get install unifi
  5. After the upgrade finishes log back into the controller and go to Access Points
  6. Upgrade the access points (this will kick users off the AP)
    1. If the AP doesn’t restart and start checking back in:
      1. SSH into the AP as root
      2. Type: reboot

## Setting up network shares for CrashPlan in Windows

1) Open Notepad to create a batch script

2) Use roughly the following code:

net use X: "\\<server>\<share>" /USER:<networkusername> <networkpassword>

3) Save this file as .bat, open Task Scheduler, and click Create Task

4) Under General give it a name and description

5) Click Change User or Group… and put in System

6) On the Triggers tab: Begin the task At startup

7) Now on the Actions tab click New… Action: Start a program and browse to your batch script

8) Set any extra conditions or settings you'd like and save the task

9) The task should now be listed under Active Tasks. Double click the task and then right click it and click Run

Providing everything went smooth if you check Computer you should see your network share listed as “Disconnected Network Drive”. Open up CrashPlan, change your backup selection and the network letters should be available to backup now, yay!


## MySQL Commands Create user

create user 'newuser'@'localhost' identified by 'password';

Create a database

create database $database;

Granting privileges

grant all privileges on $database.* to '$user';


## .htaccess 1) Enable mod_rewrite

sudo a2enmod rewrite

2) Create your .htaccess file

sudo nano /var/www/

3) Add the following code to the sites vhost file

<Directory /var/www/>
    Options Indexes FollowSymLinks MultiViews
    AllowOverride All
    Order allow,deny
    allow from all

4) Restart Apache

sudo service apache2 restart


## Configuring Windows Time Server 1) Check the time server configuration

w32tm /query /status

Check the “Source” from the result to see if there's a time server set.

2) Get the latest NTP time server list from here.

3) Run the following command to set the time server filling in the $tsserver with the proper time servers:

w32tm /config /syncfromflags:manual /manualpeerlist:"$tsserver0,$tsserver1,$tsserver2,$tsserver3" /reliable:yes /update

4) Verify your changes by running the status command again:

w32tm /query /status

You should see your list of time servers under “Source” now.


## Live changing a Titanium Z (FreeBSD) server NIC 1) Login to the web GUI and go to Network → $interface

2) Change your IP here, click Save, click Apply. It'll tell you that it needs a reboot to make the changes, don't reboot.

3) SSH into the TitaniumZ server and run the following command:

ifconfig $interface $ipaddress netmask $netmask

This will change the IP address until the next reboot. On the next reboot the IP address will flip over to this since we set it in the Networking preferences.

## Creating SSH key pairs for password-less SSH

1) On the client machine run

ssh-keygen -t rsa -b 4096

2) Copy the .pub file contents to the servers .ssh/authorized_keys file


## Decrypt encrypted SSH keys

openssl rsa -in -out ssl.key


## Outlook temp folder

/Users/$user/Library/Caches/TemporaryItems/Outlook Temp

## Debian Linux and NTFS 1) Install the NTFS-3G driver

sudo apt-get install ntfs-3g

2) Mount the volume

sudo mount -t ntfs-3g /dev/sdxx /media/$mount

## Creating a Windows 8 USB installer

1) Rip the Windows 8 OEM disk into an ISO

2) Download and install Windows USB/DVD Download Tool

3) Run the tool and follow it's steps and you should be set


## Mount a cifs share in Ubuntu

1) Install the cifs-utils

sudo apt-get install cifs-utils

2) Create the cifs mount point

sudo mkdir /mnt/<$mountPoint>

3) Mount the cifs share

sudo mount -t cifs //<$ip>/<$mount> /mnt/<$mountPoint> -o user=<$username>


## Connect to Office 365 PowerShell for the first time

1) Download the Azure Active Directory Module and install it.

2) Open PowerShell as Admin and run the following command

Set-ExecutionPolicy Unrestricted

3) Run the follow commands to get connected:

Import-module MSOnline
$Cred = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri -Credential $Cred -Authentication Basic –AllowRedirection
Import-PSSession $Session
connect-msolservice -credential $Cred

And finally verify you're connected by running:



## Hide an address from the Global Addressbook in Office 365

1) Log into PowerShell

2) Run

Set-Mailbox -Identity -HiddenFromAddressListsEnabled $true


## CrashPlan ProE Login Issues

Administration Console Prompts To Create Administrator Account

## Migrating a user to a new Outlook Profile

1) Create new Outlook Profile in Controlpanel Mail

2) Add the account to the new profile

3) Verify data is there

4) Import old contacts into the new contacts folder

5) Import old calendars

6) Import or migrate any Inbox subfolders

7) Import or migrate any other user requested folders

8) Open the old PST file into the new profile

File -> Open -> Outlook Data File...

9) Copy the .NK2 (auto-complete) file to the new profile

Vista: %appdata%\Roaming\Microsoft\Outlook\*.NK2

9) any minor tweaks (i.e. for POP, maybe set it to keep mail on the server for $x days)

## Catalog job fails with error: 0xe0000900 1) Stop all Backup Exec services

2) Rename the C:\Program Files\VERITAS\Backup Exec\NT\Catalogs folder to Catalogs_old, and recreate a new Catalogs folder

3) Start the Backup Exec services.

4) In Backup Exec, go to Tools → Options and click on the Catalog setting

5) Uncheck the “Use storage media-based catalogs” box (Tools > Options > Catalogs)

6) Run “catrebuildindex -r” from command prompt within the Backup exec directory in order to make sure all the catalogs are proper and not corrupt


## Configure email forwarding for a mailbox 1) In the Exchange Admin Center, navigate to Recipients → Mailboxes.

2) In the list of user mailboxes, click the mailbox that you want to configure mail forwarding for, and then click the Edit icon.

3) On the mailbox properties page, click Mailbox Features.

4) Under Mail Flow, select View details to view or change the setting for forwarding email messages. On this page, you can set the maximum number of recipients that the user can send a message to. For on-premises Exchange organizations, the recipient limit is unlimited. For Exchange Online organizations, the limit is 500 recipients. Check the Enable forwarding check box, and then click or tap Browse. On the Select Recipient page, select a user you want to forward all email to. Select the Deliver message to both forwarding address and mailbox check box if you want both the recipient and the forwarding email address to get copies of the emails sent. Click or tap OK, and then click or tap Save.

## SFTP Too Many Login Attempts This happens when the ssh-agent tries to remember more than 5 SSH keys. Run the following command to clear out ssh-agent's keys:

ssh-add -D


## Debian 8 New Hard Disk 1) Update apt-get and install parted

sudo apt-get update && apt-get upgrade -y

2) Find your drive:

ls -la | grep sd

Plugin your drive, then repeat the above command, find the new drive.

3) Start parted

/sbin/parted /dev/sdb

(or whatever the new disk is)

4) Enter the following commands into the parted run:

mklabel gpt
mkpart primary ext4 0% 100%

will create a partition the size of the disk

to make multiple partitions use

mkpart primary ext4 0% 50%
mkpart primary ext4 50% 100%

or however you want to partition it.


5) Format the partition

sudo mkfs.ext4 /dev/sdb1

(or whatever your new partition is in /dev)

6) Update /etc/fstab

sudo vi /etc/fstab

Add something similar to the following line, but with the new partition in /dev:

/dev/sdb1    /media/new_disk    ext4    defaults,noatime    0 1

7) Create the disks mount point

sudo mkdir /media/mount

8) Set the disk's owner

sudo chown user:group /media/mount

9) Mount the disk

sudo mount -a

## Migrating Windows profiles from one machine to another

1) Download Transwiz from ForensiT

2) Run Transwiz and select the drive you want to save the profile to

3) Run Transwiz on the new PC and select the data from the drive

4) Done!


## Expanding Graylog Storage ## These steps were used to add storage for Graylog Server Graylog 2.4.5+8e18e6a and Debian 9.4.

WARNING: Do not use a NAS. If the NAS goes offline when Graylog isn't expecting it to (crashes or even soft-reboots) it can mess up Graylog.

  1. Add storage to the VM in ESXi
  2. Reboot VM
  3. Install parted: sudo apt-get update && apt-get install -y parted
  4. Find the raw disk: sudo parted -l | grep Error (Error: /dev/sda: unrecognised disk label)
  5. Set the partition scheme: sudo parted /dev/DISK mklabel gpt
  6. Create the partition: sudo parted -a opt /dev/DISK mkpart primary ext4 0% 100%
  7. Verify the partition creation: lsblk
  8. Create the partition filesystem: sudo mkfs.ext4 -L PARTNAME /dev/PARTITION (if the disk was sdb, this should be sdb1)
  9. Verify the filesystem creation: lsblk –fs
  10. Make a mount point: mkdir /mnt/newStorage
  11. Mount the new storage: mount -o defaults /dev/PARTITION /mnt/newStroage
  12. Create a safe space to copy the log indexes mkdir /mnt/newStorage/nodes
  13. Run an initial rsync rsync -av /var/lib/elasticsearch/nodes/ /mnt/newStorage/nodes
  14. Stop Graylog: systemctl stop graylog-server.service
  15. Stop Elasticsearch: systemctl stop elasticsearch.service
  16. Run rsync again to mirror the existing indexes: rsync -av –delete-during /var/lib/elasticsearch/nodes/ /mnt/logs/nodes
  17. Verify that there are no differences between the folders: sudo diff -qr –suppress-common-lines /var/lib/elasticsearch/nodes/ /mnt/logs/nodes
  18. Move old data mv /var/lib/elasticsearch/nodes/ ~/nodes
  19. Create a new “nodes” folder mkdir /var/lib/elasticsearch/nodes/
  20. Unmount the new storage: umount /mnt/newStroage
  21. Add /dev/PARTITION /var/lib/elasticsearch/nodes ext4 defaults 0 2 to /etc/fstab
  22. Mount fstab: mount -a
  23. Verify the data is present: ls /var/lib/elasticsearch/nodes/
  24. Move the indexes into their proper spot: mv /var/lib/elasticsearch/nodes/nodes/* /var/lib/elasticsearch/nodes/
  25. Fix permissions: chmod -R elasticsearch:elasticsearch /var/lib/elasticsearch/nodes
  26. Reboot
  27. Verify Graylog is up-and-running
  28. Verify index data is present on the server ls /var/lib/elasticsearch/nodes/


Sign Meraki SCEP CA Cert

  1. Log into Meraki Console
  2. Goto Organization → MDM
  3. Under SCEP CA Certificate Configuration download the Meraki\_SCEP\_CA\_CSR.csr
  4. Copy the CSR to your Windows CA server
  5. Open PowerShell with admin privileges
  6. Run this command: certreq -submit -attrib “CertificateTemplate:SubCA” Meraki\_SCEP\_CA\_CSR.csr
    1. Select your CA when prompted
    2. Save the file, name it whatever you want
  7. Back in Meraki on the Orgs MDM settings click Choose File under the SCEP CA Certificate Configuration settings
  8. Select and upload your signed cert
  9. Click Save
  10. Test install the cert
main.txt · Last modified: 2018/11/13 21:27 by bryanheinz