All posts by admin

IIS Backup Script

To Backup and Restore IIS configuration to Another Server you could try below steps:

1)if you configured the certificate with old iis site you need to Backup (export) of IIS certificates.

2)open the command prompt as administrator and create IIS configuration backup on the first server by using below command:

cd c:\Windows\system32\inetsrv


appcmd add backup srviis1-backup-2019

srviis1-backup-2019 this is a backup folder name.

After the command has been executed, a folder with your backup name appears in c:\Windows\system32\inetsrv\backup. Here is its contents for my simple website:

administration.config
applicationHost.config
MBSchema.xml
MetaBase.xml
redirection.config

3)Copy the backup folder to the same directory c:\windows\system32\backup on another server.

To display the list of all available backups, run the following command:

appcmd list backup

4)Recover IIS configuration from this backup:

appcmd restore backup srviis1-backup-2019

The list of restrictions and important issues:

The same IIS version has to be used on both servers
If any application pool is run not from the integrated accounts, they have to be available on another server as well
Before recovery, you should export and migrate all current certificates to the new server

February 19, 2020

Upgrade XCP Remotely

First you need to have an XCP ISO Image mounted somewhere on an HTTP accessable server!

1.get uuid of host

[root@xen-to-xcp-test2 ~]# xe host-list 
uuid ( RO)                : 7b2ebfd3-f33a-4025-b757-e91d26a46242
         name-label ( RW): xen-to-xcp-test1
   name-description ( RW): Default install


uuid ( RO)                : 750d9176-6468-4a08-8647-77a64c09093e
         name-label ( RW): xen-to-xcp-test2
   name-description ( RW): Default install

Test URL access
xe host-call-plugin plugin=prepare_host_upgrade.py host-uuid=750d9176-6468-4a08-8647-77a64c09093e fn=testUrl args:url=http://<ip-address>/xcp-ng/7.4.1/
Output must be true
Run the Upgrade/prepare function
xe host-call-plugin plugin=prepare_host_upgrade.py host-uuid=750d9176-6468-4a08-8647-77a64c09093e fn=main args:url=http://<ip-address>/xcp-ng/7.4.1/
Output should be true as well

This adds a temporary entry to grub bootloader which will automatically invoked on next reboot. This runs the upgrade to XCP-NG, it will do the normal backup to secondary partition as well.

It’s good to have some remote KVM access to the machine to watch the output.

XCP-NG Create Large Partition on Host

vgs to get Storgae Group

lvcreate -L3T -n"LV-"$(uuidgen) VG_XenStorage-69722415-65da-eaf5-599f-7df70c517304 --config global{metadata_read_only=0}

xe sr-scan uuid={Storage uuid}

NEC SL1100 Autoattendant

This Example Covers:

How to record an Auto Attendant Greeting using a multiline telephone set on an NEC SL1100. While you have the option of importing custom greetings using Web Pro, some customers may want to record their own greetings or announcements using their own phone.

Requirements:

NEC Multiline telephone connected to NEC SL1100 KSU
Extension being used must be in class of service 15. Extension 101 is the only extension in class of service 15 by default. (Class of service can be changed in Program 20-06 Class of Service for Extensions)
Program 47-02 InMail Station Mailbox Options: “12 – System Administrator” must be enabled for each mailbox extension you would like to have access to system administrator privileges. (This is needed in order to record an Auto Attendant Greeting from phones other than the Operator Extension 101)

Steps:

Find a multiline phone which is in class of service 15. Extension 101 is in class of service 15 by default. This class gives the phone higher level privileges which are required to access the system manager part of the InMail system.
Press the Voice Mail soft key (Labeled VM) or dial *8 to access the InMail Voice Mail System.
Now you are in Extension User 101’s Voice Mail box.
Now we want to get into the System Administrator. We will do this by dialing 72 or SA on the phone keypad.
Now we are logged into the System Administrator where we can record, listen and delete recordings.Here you can access Instruction Messages (Instr) also known as Routing Mailboxes, Announcement Messages (Annc) , Subscriber Maintenance (Subs) and others.
Now press the soft key labeled “Instr” to access instruction message recordings for Routing Mailboxes. There are 32 Routing Mailboxes by default and must be entered with three digits. Example: 001
In our case, we will be recording greeting 1. Therefore we must enter in 001. The InMail prompts on the phone always have to be 3 digits hence the two zeroes in front of the one.
Now pickup your handset to prepare for recording. You may record the message using the speakerphone however the quality of the recording will be better using the microphone in the handset.
Record your message by pressing the record button labeled as “Rec”
When you are finished with your recording press the # key.
If you desire to preview your recording, you can listen to it by pressing the softkey labeled “Lstn”
If you are satisfied with your recording, simply hang up.

This concludes the tutorial for recording an auto attendant greeting through the phone.

How To Activate Windows 10 / Server 2016 Through Command Line

If you are having problems activating Windows 10, Server 2016, Windows 8, or Server 2012 one of these three solutions below should get you through:

Command Line to Launch Activation GUI:

This is handy if the GUI won’t start and you want to skip some steps to get it to work.

click START (gets you to the tiles)
type RUN
type slui 3 and press ENTER
1. yes, SLUI: which stands for SOFTWARE LICENSING USER INTERFACE
  1. SLUI 1 brings up the activation status window
  2. SLUI 2 brings up the activation window
  3. SLUI 3 brings up the CHANGE PRODUCT KEY window
  4. SLUI 4 brings up the CALL MICROSOFT & MANUALLY ACTIVATE window
Type in your product key
Have a nice day.

Command Line to Activate Windows Through Command Line:

Launch a CMD as an Administrator
Type: slmgr.vbs /ipk xxxxx-xxxxx-xxxxx-xxxxx-xxxxx
Press Enter

If your key is valid and you are connected to the internet, it should activate within a second or two.

Edge Router X Remote Access

Add a rule to ruleset WAN_LOCAL to accept tcp port 22,80,443.

Go to the ‘Security’ tab…

Click the button on the right under WAN_LOCAL and select ‘edit ruleset’. (Pic 1)

This will bring up the ‘Ruleset Configuration fro WAN_LOCAL’ dialog box. (Pic 2)

Click on the button for ‘Add New Rule’. (Pic3)

Under ‘Basic’, give the rule a name, choose the ‘Accept’ bullet, Protocol ‘tcp’ bullet, & check the box for logging. (pic 4)

On the destination tab, enter port 22,80,443 (no spaces) (Pic5)

Click the ‘Save’ button.

Done.

Re: Quickly Enable Remote Access to EdgeMAX GUI?

Edge Router X VPN Setup

I just spent the better part of 3 hours tracking down the CLI commands necessary to clear out any old VPN settings and set just the L2TP VPN server on an Ubiquiti Edgemax device running firmware 1.7.1. I gathered all that in one place here for reference.

1.	Connect via SSH Open either the webportal and click the CLI option (does not allow you to paste) or better yet just download Putty and connect over SSH that way.
2.	Show Running VPN Configuations configure #show l2tp config show vpn l2tp #show pptp config show vpn pptp
3.	Delete VPN Configurations configure delete vpn pptp delete vpn l2tp delete vpn ipsec commit save
4.	L2TP Server Configuration # change eth1 to whatever is the external interface port of the Edgemax set vpn ipsec ipsec-interfaces interface eth1 set vpn ipsec nat-networks allowed-network 0.0.0.0/0 set vpn ipsec nat-traversal enable set vpn l2tp remote-access authentication mode local #Add local users for L2TP set vpn l2tp remote-access authentication local-users username WhateverUserName password WhatEverUserPassword # Set a range of IP addresses that are not being used by your LAN DHCP set vpn l2tp remote-access client-ip-pool start 192.168.x.x set vpn l2tp remote-access client-ip-pool stop 192.168.x.x # Set the DNS servers to give out over DHCP for VPN Name Resolution set vpn l2tp remote-access dns-servers server-1 192.168.x.x set vpn l2tp remote-access dns-servers server-2 192.168.x.x # Set the authentication mode for L2TP set vpn l2tp remote-access ipsec-settings authentication mode pre-shared-secret set vpn l2tp remote-access ipsec-settings authentication pre-shared-secret ThisIsYourLongPassword set vpn l2tp remote-access ipsec-settings ike-lifetime 3600 # Set the l2tp listening address to the WAN IP and WAN Gateway set vpn l2tp remote-access outside-address ThisIsYourWANIP set vpn l2tp remote-access outside-nexthop ThisIsYourWAN-GW-IP # Optional to set the MTU but I do this just in case they end up on DSL or T1 set vpn l2tp remote-access mtu 1492 commit save exit
5.	Add The Firewall Rules For L2TP Traffic Open the web browser of choice and enter the LAN IP of the edgemax to login to the portal. Go to the Security Tab and then find WAN_Local in the Firewall Rules. Click Actions on the right and drop down choosing Edit Ruleset Add a new rule with the following settings: Basic Tab: Description = L2TP Enable = Checked (true) Action = Accept Protocol = UDP Choose the Destination Tab Ports = 500,1701,4500 (no spaces) Save Add another rule in the ruleset Description = ESP Enable = Checked (true) Action = Accept Protocol = choose by name then choose ESP Save Save again to exit the firewall settings
6.	Configure Windows L2TP VPN On your windows box that needs to VPN into the Ubiquiti you will create a new VPN connect using the wizard and then go to ncpa.cpl and set the properties on the VPN connect. Specifically three settings: 1 – On the security tab of the VPN connection properties change the type of VPN to Layer 2 Tunneling Protocol Choose Advanced Settings right below that option and set the shared secret you used above when configuring the L2TP server. Under allow these protocols choose Challenge Handshake and Microsoft CHAP Version 2 Under the Networking tab choose IPV4 then advanced and turn off the option for Use Default Gateway On Remote Network so you can browse the internet locally while connected to the VPN.
7.	Test the connection Enable the VPN connect and enter the username and password you created when setting up the local users on the Ubiquiti Edgemax box and hit connect. You should now be connected but the tunnel will not come live until you ping across it or try and access resources on the LAN.

Conclusion

In conclusion I found all the information was in bits and pieces scattered throughout the internet and the docs on the Ubiquiti Wiki were incomplete.
Hopefully if someone else needs to configure VPN for your Ubiquiti device this will help.

Here is the actual script i used:


configure

set vpn ipsec ipsec-interfaces interface eth0

set vpn ipsec nat-networks allowed-network 0.0.0.0/0

set vpn ipsec nat-traversal enable

set vpn l2tp remote-access authentication mode local
#Add local users for L2TP

set vpn l2tp remote-access authentication local-users username Remote password f@stsigns613
# Set a range of IP addresses that are not being used by your LAN DHCP

set vpn l2tp remote-access client-ip-pool start 192.168.2.200

set vpn l2tp remote-access client-ip-pool stop 192.168.2.220
# Set the DNS servers to give out over DHCP for VPN Name Resolution

set vpn l2tp remote-access dns-servers server-1 192.168.1.1

set vpn l2tp remote-access dns-servers server-2 1.1.1.1
# Set the authentication mode for L2TP

set vpn l2tp remote-access ipsec-settings authentication mode pre-shared-secret

set vpn l2tp remote-access ipsec-settings authentication pre-shared-secret f@stsigns613

set vpn l2tp remote-access ipsec-settings ike-lifetime 3600
# Set the l2tp listening address to the WAN IP and WAN Gateway

set vpn l2tp remote-access outside-address 66.76.177.176

set vpn l2tp remote-access outside-nexthop 66.76.177.1
# Optional to set the MTU but I do this just in case they end up on DSL or T1

set vpn l2tp remote-access mtu 1492

commit

save

XenServer Management Command Line

Copied from https://console.kim.sg/xenserver-management-command-line/

In a pool without HA.

Check who is alive and dead

xe host-list params=uuid,name-label,host-metrics-live

xe host-is-in-emergency-mode

View all server hosts

xe host-list

Elect a new Poolmaster.

xe pool-emergency-transition-to-master

Recover the other pool servers

xe pool-recover-slaves

Determine the VMs still running on that failed server.

xe vm-list is-control-domain=false resident-on=UUID_OF_Failed_server

Reset the power state

xe vm-reset-powerstate resident-on= UUID_of_failed_server –-force –-multiple

This server can not be forgotten because there are some user VMs still running.

Get list of servers

xe host-list

Find what’s runnong on each server

xe vm-list resident-on=58ee6a78-c20c-4069-b07d-0b092e15fc1c

Reset the power state

xe vm-reset-powerstate uuid=603432e2-c85c-42fa-7bcd-430ddef6688a --force
xe vm-reset-powerstate uuid=062a61b6-0ee3-9383-adf9-e2a506e5e3be --force

Forget the dead poolmaster server

xe host-forget uuid=58ee6a78-c20c-4069-b07d-0b092e15fc1c

How to apply xenserver patches on CLI

Assign UUID to the patch

xe patch-upload file-name=path_to_update_file\XS000.xsupdate

Apply the patch using the generated uuid

xe patch-pool-apply uuid=

Confirm the patch

xe patch-list
xe patch-list | grep name-label | sort

Export & import VM to windows share

mount -t cifs -o username=xxx@xxx.com.sg //192.168.1.9/Common /mnt/

Export/import your vm

xe vm-export vm=xxx filename=/mnt/xxx.xva
xe vm-import filename=xxx.xva

Import vm to shared storage in a pool

xe sr-list
xe vm-import filename=Ubuntu.xva sr-uuid=214b4445-ef9b-626f-ca8b-58b8cbf4b281

Umount them once completed

umount /mnt

Export vm to external USB drive

Verify USB drive

fdisk -l

Format USB drive if required

mkfs -t ext3 /dev/sdx1

Mount USB

mkdir /mnt/usb
mount /dev/sdx1 /mnt/usb

Export vm using xenserver XAPI

xe vm-export vm=XXX filename=/mnt/usb/xxx.xva

Umount once completed

umount /mnt/usb

How to remove local SR (Storage Repository)

Identify UUID of SR you wish to remove

xe sr-list name-label=Local\ storage

Identify UUID of PBD (physical block device)

xe pbd-list sr-uuid=<UUID-OF-SR)

Remove by unplugging UUID of PBD

xe pbd-unplug uuid=<UUID-OF-PBD>

Remove completely by forgetting UUID of SR

xe sr-forget uuid=<UUID-OF-SR>

If you have trouble removing, check below logs

/var/log/messages.*
/var/log/SMlog.*

How to add local SR (Storage Repository)

Find disk ID of new device

cat /proc/partitions
ll /dev/disk/by-id

Create new SR type LVM

xe sr-create content-type=user device-config:device=/dev/disk/by-id/<scsi-xx> host-uuid=<host-uuid> name-label=”Local Storage 2” shared=false type=lvm

Create new SR type EXT

xe sr-create content-type=user device-config:device=/dev/sdx4 host-uuid=<host-uuid> name-label="Local EXT3" shared=false type=ext

Check VM running on which host

VM is running on which Host?

xe vm-list resident-on=

Check Xen server host spec & version

more /proc/cpuinfo
more /etc/redhat-release
xe patch-list
xe patch-list | grep name-label | sort

Change Xenserver hostname

xe host-set-hostname-live host-uuid=xx-xx-xx-xx-xx host-name=xxxx

Troubleshooting HA

Get list of xenserver hosts (alive & dead)

xe host-list
xe host-list params=uuid,name-label,host-metrics-live

Find what’s runnong on each host

xe vm-list resident-on=uuid-of-each-xen-server-host

Who is master now?

xe pool-list
more /etc/xensource/pool.conf

Change pool master in HA mode

Check HA status

xe pool-list params=name-label,uuid,ha-enabled

Disable HA

xe pool-ha-disable

Choose a new host to become a new pool master

xe host-list
xe pool-designate-new-master host-uuid=

Finally enable back HA

xe pool-ha-enable

Lost pool storage repository (SR) and heartbeat (lost everything)

Error: “The host could not join the liveset because the HA daemon could not access the heartbeat disk.”
Confirm that you lost everything and hosts are all in emergency mode

xe host-is-in-emergency-mode

Disable HA and unplug lost SR

xe host-emergency-ha-disable --force
xe pool-emergency-transition-to-master
xe sr-list name-label=XXX
xe pbd-list sr-uuid=<UUID-OF-SR)
xe pbd-unplug uuid=<UUID-OF-PBD>
xe-toolstack-restart

# Never get to use below command 
xe pool-designate-new-master
xe pool-emergency-reset-master

Use your backup to import your VMs

Adding a new network card to Xenserver

Scan to see if hwardware has dedected new NIC

lspci
lspci | grep -i ethernet
ifconfig -a

Scan and allow Xenserver to use new NIC

xe pif-scan host-uuid=xxxxxx-xxxxx-xxxx-xxxx-xxxxxx

#You can get host uuid by
xe host-list

Check for interface detected by Xenserver

xe pif-list

You may wish to set some custom param

xe pif-param-set uuid=<UUID of physical interface> other-config:ethtool-autoneg=”off”
xe pif-param-set uuid=<UUID of physical interface> other-config:ethtool-duplex=”full”
xe pif-param-set uuid=<UUID of physical interface> other-config:ethtool-speed=1000

To remove interface

xe pif-forget uuid=

Troubleshooting Xenserver

Temporarily enable DNS for ntp update

sudo echo "nameserver 8.8.8.8" | sudo tee -a /etc/resolv.conf
/etc/init.d/ntpd restart

Restart toolstack on master

xe-toolstack-restart

Running MYSQL/MariaDB Commands Remotely

Some remote Administration consoles will only allow running a command without output for a few seconds before terminating it, So running mysql updates with the -p and entering the password after the command is not possible.

"C:\Program Files\MariaDB 10.1\bin\mysql.exe" -u root -p12345678 geolog -e "Update data set state='TX' where jid=16206;"
make sure the password ,{12345678} here, is touching the -p if there is a space in it it will not work.

Notepadd++ Dark Theme

Here is a link to the Githttps://github.com/Nidre/VS2015-Dark-Npp/

Installation

Right Click HERE and select Save As to download the theme.
Go to %APPDATA%\Notepad++.
Open themes folder, create a new folder named themes if it doesn’t exists.
Place downloaded .xml file inside the folder.
Restart Notepad++.
Open Settings->Style Configurator.
Select VS2015-Dark from the theme drop-down box.
Click Save & Close