Spammy phone calls from 281-806-5695, 725-696-3397, 650-722-1909

 
7 Kudos
Don't
move!

Apparently I am approved for a large loan for my business, although I don’t even own a business… block these numbers too: 281-806-5695 , 725-696-3397 from yesterday, and from the day before,  650-722-1909 . I wonder why I seem to be getting so many of these spam phone calls when there are heavy penalties for violating the “Do not call” list? Time to check the National Do Not Call registry again and re-register.

If you’re also getting annoying spam calls from these numbers please go to https://complaints.donotcall.gov/complaint/complaintcheck.aspx and file a complaint.

Adding users to Active Directory with a bulk import

 
0 Kudos
Don't
move!

 

One of the tasks a system administrator will probably have to tackle at one point in their careers, is to quickly add a large amount of users to Active Directory. Without too much difficulty or money, one can accomplish the feat using the following  powershell script: Active Directory User Creation Tool: http://community.spiceworks.com/scripts/show/1917-active-directory-user-creation-tool 

So a quick kudos to Gabriel.jensen@gmail.com and Jim Smith for making this tool available for free online.

By following the instructions on the download page, it’s a few hours work to get the xml file and the csv template to work together to bulk import the users into AD.

Download the script, change then name to a .ps1 file and then execute the script with powershell (right-click on the powershell icon and choose “Run as Administrator”.) Because this is an unsigned script, and in case you can’t recall, the command to run first is:

Set-ExecutionPolicy RemoteSigned

One thing to note is when building your csv file, all cells must be quoted.  An easier way to do this, rather than struggling with Excel functions, is to use Libre Office.

Open your csv file with Libre Office, do a Save As -> csv -> check ‘use filter’ -> check ‘Quote all text cells’ -> finish save to a new location with a new filename. Then open the file in a text editor to make sure all cells are quoted.

In the XML file, the most difficult part to configure is the canonical name used to populate the OU you want with the users. In our case we used:

Domain=
subdomain.domain.domain.com
Path=
OU=ImportedUsers,DC=subdomain,DC=domain,DC=domain,DC=com

This will make more sense once you are configuring your XML file. Before you do a big bulk import, generate a template with the script/tool, fill out the essential fields with test accounts (first, last, username, password, etc.), then re-import the template, configure your XML file, and then submit the import. Then test your imports with just a few users at a time.

If you can’t find your test user accounts  that you imported in Active Directory, you might need to right-click on the root in Active Directory Users and Computers (ADUC) and do a “Find…” then search for the test user accounts. They may have been added to the wrong OU. Again, this will take some tweaking, but at least if you can get the users into an OU, later you can select the users, right-click and choose Move… to put them in the correct OU container.

Once your test accounts are being imported correctly, go back, edit your bulk user lists according to the template specifications, and have at it.

Another issue that came up is that in our source file for our users, we only had the First Name, Last Name in the same cell. In order to split the names into two separte columns, we used the following tips:

Split full name to first and last name with Text to Column command – http://www.extendoffice.com/documents/excel/829-excel-split-first-last-name.html
For the First Name/Last name split, create a temporary column named General to the right of the Last name column

This project on spiceworks looks like it’s actively developed so it might be worth while to contact the developer if you run into any trouble or have a feature request.

 

Ubuntu Linux Server setup guide – Setup ssh, keygen, brew, and ssh-copy-id on Mac OS X

 
7 Kudos
Don't
move!

 

 

iTerm on OS X
ssh config file in iTerm on OS X

What follows is a ubuntu/linux server setup guide that can be used to configure, 1. A new linux server and 2. setup an OS X workstation to easily connect to your linux servers with preshared keys.

  • Build the server on Hyperv, then setup your initial account during the Ubuntu LTS 14.04.2 setup.
  • Log in as the initial user and add accounts as necessary:
    • “sudo su -“ – this does a sudo and copies root path and all environmental variables
    • useradd -m -s /bin/bash jcoltrin
    • passwd jcoltrin
    • vi /etc/sudoers
      • (end of file) add line: jcoltrin ALL=NOPASSWD: ALL
    • su jcoltrin – make sure you can su.
    • sudo su – this sequence has allowed you to sudo without having to type in your password.
    • Just a note: modifying /etc/group – putting users in here is the wrong way of adding sudoers – no granular control – users here will be required to enter their password when doing sudo.
  • ctrl+l clears screen
  • apt-get:
    • apt-get update – checks online for updates
    • apt-get upgrade – installs updates and security patches
    • apt-get dist-upgrade – note: make sure /boot dir is not more than 80% full. If it’s full it may have old kernel upgrades so google ubuntu clean old kernels.
    • reboot
Setup ssh, keygen, brew, and ssh-copy-id on Mac OS X

Now we need to establish a secure and easy connection from our mac to the new server. On our Mac issue the commands:

  • Install iTerm on your Mac. Configure to your liking, but it’s a good idea to set, in the Terminal settings, the scroll-back limit to either 99,999 or unlimited. Now in our new iTerminal, issue the command: ssh-keygen – this generates both public and private keys in our .ssh directory in our home directory.
    • Install HomeBrew on your Mac in order to get unix tools installed on your mac:
      • Make sure your account on your Mac is an administrator by going into System Preferences → Users and Groups → (unlock) → Select Account → checkmark Allow user to administer this computer.
      • First install XCode, then open a terminal again and paste in the command for installing homebrew from http://brew.sh
      • Install homebrew as it prompts, and run brew doctor so that we know we’re ready to install homebrew
      • brew install nmap ssh-copy-id wget htop ccze – this installs the linux tools we want on our mac
  • ssh-copy-id jcoltrin@serverIPaddress (password) – this copies our public key into the server we connected to. Now we can log into the servers from our mac terminal without having to type in the password.
    • Also on the mac we want to make it easy to ssh into, for example, server.domain.com.
    • vi .ssh/config
    • Line 1: host server
    • Line 2: hostname server.domain.com
    • Line 3: User jcoltrin
    • Line 4: KeepAlive yes
    • ctrl+wq!
    • The result should look like the following:

jcmbp:.ssh jcoltrin$ cat config

Host	    server
    Hostname server.domain.com
    User jcoltrin
    KeepAlive yes
    ServerAliveInterval 15

Host    myAmazonAWS1
    Hostname jasoncoltrin.com
    user ubuntu
    IdentityFile ~/.ssh/jasoncoltrin_keypair1.pem
    KeepAlive yes  
    ServerAliveInterval 15
  • ssh server – now we are able to issue this command and get in immediately without having to enter a password and also we can run sudo commands without having to enter our password again. As you can see in the config file above, we can also copy our .pem files into our .ssh directory and have config point to them so that we can easily ssh into our amazon AWS servers as well.
  • If we will be running websites, we now want to install virtualmin. Go to http://www.virtualmin.com/download.html#gpl and follow instructions here for downloading install.sh
Adding a new remote Administrative User’s ssh keys to a Linux Server

useradd -m -s /bin/bash newadmin1
mkdir ~newadmin1/.ssh
echo ssh-dss ****key data***..xxblahblahACBAM……kpucyrGw== newadmin1@remotedomain.com » ~newadmin1/.ssh/authorized_keys
chown -R newadmin1:newadmin1 ~newadmin1/.ssh
chmod 700 ~newadmin1/.ssh
chmod 600 ~newadmin1/.ssh/authorized_keys

vi /etc/sudoers

newadmin1 ALL=NOPASSWD: ALL

While this guide is not meant to be a comprehensive step-by-step guide, it should provide you with enough to setup an OS X workstation with pre-shared keys, and copy those keys to your new server. Working with iTerm and pre-shared keys, I think, is vastly superior to Putty on Windows. I hope this guide helps a few admins become more efficient and versatile working on OS X and linux.

 

Getting started with Bitcoin – Coinbase.com and Changetip.com

 
0 Kudos
Don't
move!

Plug: Since I’ve put a lot work into my site and sharing my knowledge and troubleshooting skills on jasoncoltrin.com, please consider leaving a bitcoin “tip” at the bottom of this page. Thanks!

bitcoin
.
So perhaps you’ve read about Bitcoin and don’t know how to get started? Read below to get a REAL quick overview and links to get a Bitcoin wallet.

Bitcoin seems to be here to stay, and it’s acceptance and list of Merchants that use Bitcoin is growing.

According to coinbase.com, Bitcoin is digital money used for instant transfer of value anywhere in the world. Bitcoin was developed to make payments methods for the internet age an improvement over traditional banking.

Bitcoin is safe because the Bitcoin protocols, algorithms, and sourcecode is open and has been audited and vetted by thousands of security researchers around the world.

Bitcoin is not tied to or pegged to any other currency’s value. Bitcoin value is determined by buying and selling of Bitcoins on the open market, much like stocks or property.

Bitcoin can change value because it is traded for dollars, Euros, Yen and other currencies 24 hours a day. Depending on demand, the price can fluctuate. Bitcoin value can be volatile because it is an emerging technology.

Unlike credit cards or Paypal, bitcoin is not owned by a company. Bitcoin is the world’s first completely open payment network which anyone with an internet connection can use. Bitcoin was designed to be used on the internet, and doesn’t depend on banks or private companies to process transactions.

Bitcoin allows you to instantly send any amount of money to anyone without needing a bank. It allows you to access your money without needing an ATM or credit card – bitcoin gives you back control over your money. Plus you can pay friends back for dinner, buy your next computer, and donate to charity, all using bitcoin.

Here are some businesses that accept Bitcoin:

overstock.com

Expedia.com

Dell.com

Below is a larger list of merchants and partners of Bitcoin and Coinbase.com:

https://www.coinbase.com/clients

Coinbase.com is one of the first US-Based Bitcoin exchanges, and according to Business Insider:  “Of all the startups in the bitcoin ecosystem, Coinbase is probably most prominent. Early in 2015, it closed a $75 million funding round — the largest ever for the industry at the time — at a (unconfirmed) $400 million valuation. It then went on to launch the first US-based bitcoin exchange. ”

The signup for a Coinbase.com account is easy and I funded money into my account within 10 minutes. The transaction won’t complete with my bank until approximately 4 business days later, however. Coinbase.com does have a Mobile App, but doesn’t appear to have a way to add funds into your wallet from your bank within the app.
Lastly, I wanted a way to monetize jasoncoltrin.com without adding annoying advertisements and found that the “tipping” application changetip.com fits this necessity to a “t”. According to changetip.com, “ChangeTip allows you to send small amounts of money all over the web and it’s free! All of the social platforms you can send money via ChangeTip include Twitter, Reddit, Facebook, Github, YouTube, Slack, WordPress, Google+, Tumblr, and StockTwits.
So there you have it, now you can get started with Bitcoin by creating a US-Based Bitcoin account through coinbase.com, buy goods with Bitcoin, and “tip” jasoncoltrin.com, as well as any other user’s videos, content, or blog posts through the use of changetip.com.

WP-Filebase plugin for WordPress – changing maximum upload file size limits in php

 
3 Kudos
Don't
move!
WP-Filebase
WP-Filebase

So my new favorite plugin for WordPress is WP-Filebase; a free, easy way to upload files into WordPress that makes those files easy for others to download. While the plugin seems a little daunting at first to manage, it pretty much follows the typical methods other plugins employ such as shortcode. While editing a page or post there is a WP-Filebase button next to the other editing buttons such as “insert link” or “Italic”. Once the basic concepts are mastered, it becomes a pleasure to create categories, upload, and post files for download. There are a ton of other features to categorize, post and track hits with WP-Filebase if you want.

One issue I encountered when using WP-Filebase is that by default the upload size for files in php and WordPress are pretty small, and that the upload size for my entire site had to be increased. When I tried to upload a file with WP-Filebase of any size larger than 2MB, the upload would quit and fail without much information or error messages. When you’re expecting to see “File added”, and instead the page just refreshes without an error, it can be a little frustrating. Here are the steps I took to increase the file upload size:

Login to an ssh session on the server running WordPress.

Before you edit php.ini, it’s always a good idea to make a copy of the original file with a command of something like:

cp /etc/php5/apache2/php.ini /home/jcoltrin/php.ini.original

edit /etc/php5/apache2/php.ini with the command:

sudo vi /etc/php5/apache2/php.ini

Below this paragraph are the php settings to find and change in the vi editor. To find the settings, it can be useful for vi to be in command mode (the vi editor starts in command mode by default). While in command mode, hit the forward slash key /, and then type the keyword, then hit [enter/return]. The vi editor will jump to the first instance of the keyword it finds. You can then simply hit the n key to cycle to the next instance of that keyword. Then hit the i key to go into insertion mode. Now you can hit the delete/backspace keys and use your arrow keys to edit the settings. When you’re done editing, hit the Escape key, then the : key, then type wq, then hit enter. There are ton of other shortcuts, tips and cheats for vi you can find here: http://www.lagmonster.org/docs/vi.html .

upload_max_filesize = 20M
post_max_size = 20M
max_execution_time = 500
max_input_time = 500

After making these changes, I wanted to be sure they stuck if apache restarts. I did this by restarting apache and then viewing the php settings coming from the web browser itself.

Restarted apache2 with:
sudo /etc/init.d/apache2 restart

Made sure these limits stuck by creating a new file in the root of my apache website files location:
sudo touch /var/www/phpinfo.php

Insert the following line into phpinfo.php (only):
<?php phpinfo(); ?>

Then visited the file by going to http://domainname.com/phpinfo.php

I found that the settings were active and applied successfully by looking at the phpinfo settings website.

I then tested uploads of 12.9MB files which were previously unable to upload and can now upload successfully.

Delete the phpinfo.php you created (you probably don’t want this file hanging around for the world to find.)

That’s it, enjoy using WP-Filebase, and uploading/downloading files of any size to your heart’s content.

Hyper-V failed to generate initial replica for server

 
4 Kudos
Don't
move!

turbolift_access_denied

I recently found that one of my virtual machines had failed it’s initial replication off to a server located at a different site. I looked at a few of the Hyper-V-VMMS \ Admin Event Logs and found some of the following errors:

Event ID: 32042 – Hyper-V failed to generate initial replica for ‘040REP001′: General access denied error (0x80070005). (Virtual machine ID GUID)

Event ID: 33680 – Replication operation for virtual machine ‘ServerName’ failed.

Event ID: 32086 – Hyper-V suspended replication for virtual machine ‘ServerName’ due to a non-recoverable failure. Resume replication after correcting the failure.

Also Event ID’s 33676, 18012, 16370

I googled around and found that most resolutions revolved around fixing the “Virtual Machine” group permissions of the parent Folder or Volume by using the icacls command that looks something like this:

icacls “C:\ProgramData\Microsoft\Windows\Hyper-V\Virtual Machines\5A6F2E44-7F95-4CF8-89E5-AE8A6648C93A.xml” /grant “NT VIRTUAL MACHINE\5A6F2E44-7F95-4CF8-89E5-AE8A6648C93A”:(F) /L

or this:

icacls “C:\Users\Public\Documents\Hyper-V\Virtual Hard Disks\MountPointHere” /grant “NT VIRTUAL MACHINE\Virtual Machines”:F /T

The folder that the .vhd was contained in did not have “Virtual Machine” group permissions (c:\hyper-v\exports), so I decided I should move the VM and it’s virtual hard disk to a new location that did have the correct permissions. Since this was an old export, I found the original location of the .vhd in the config file in c:\hyper-v\exports\config.xml.

Since I didn’t like the current location of the virtual machine and .vhd anyway, I decided rather than trying to fix permissions, I’d move it to a better location in a folder that would inherit the correct permissions.

To resolve the replica problem I did the following:

1. Disabled alerting on the server, then shut down the VM.

2. Disabled replication on the vm – right-click on VM in HyperV Manager -> Replication -> Remove Replication

3. Moved all Virtual Machine folders associated with MyServerName out of c:\Hyper-V\Exports\  including the .vhd within (folders that did not have the permissions) and cut/pasted into C:\hyper-v\Virtual hard disks\MyServerName folder I created. This folder inherited permissions from the parent folder including the “Virtual Machines” group.

4. On the shut-down VM, I then went into the VM’s settings and then IDE Controller 0 -> Hard Drive -> Changed Location of Virtual Hard Disk by hitting the “Browse…” button, browsed to the new .vhd location folder with the correct permissions -> OK

5. Started the Virtual Machine successfully, then re-enabled replication with the remote site Replica server and, – yes! – initial replica started normally and health is normal again. Sending initial Replica now at 3%.

6. Re-enabled alerting on the server.

Hope this helps someone else who’s replications are failing and they’re struggling with the “General Permissions Error” problems associated with snapshots and replication.

Microsoft Hyper-V 2012 High Availability and Live Migration

 
0 Kudos
Don't
move!

I’m about 75% of the way through the Introduction to Hyper-V Jump start in the Microsoft Virtual academy. There is a lot of great information contained in the videos and .ppt downloads.  Below are some of the highlights of the material that I am not as familiar with: High-Availability and Clustering. Microsoft Hyper-V in Server 2012  provides “Complete Redundancy In the Box.”

Virtualization can cause problems if you take 10 or 20 servers and virtualize them all onto a single piece of hardware (your host server); you’ve created a single point of failure. If your single host goes down you lose a whole workload. Because Microsoft realizes that the value of these hosts exponentially increases, they’ve worked hard to create complete redundancy and protection in all core services; from the bottom of the stack, to the top. Below are the five levels, from the physical to the virtual, where Server 2012 can protect your data.

1. Hardware Fault:

  • Windows Hardware Error Architecture (WHEA)
  • Reliability, Availability, Serviceability (RAS)

Server 2012 provides RAS Hardware Fault detection capabilities. For example, if a memory controller detects an address is failing, hyper-v is notified, and the address space is taken offline. The information about the hardware fault is sent to the BDC store so it survives reboots, and the server never allocates this area of memory again. This is a nice feature that fixes hardware errors without user intervention.

2. Physical Node Redundancy:

  • Live Migration for Planned Downtime
  • Failover Cluster for Unplanned Downtime

If a server is going to go down unplanned, we want the workloads to failover without any user intervention. In planned downtime, we can live-migrate, perform maintenance on our host, then live-migrate our workloads back over to our repaired host. This physical node redundancy is provided with Hyper-V 2012.

3. I/O Redundancy:

  • Network Load Balancing & Failover via Windows NIC Teaming
  • Storage Multi-Path I/O (MPIO)
  • Multi-Channel SMB (Server 2012 Fileserver)

Storage Multi-path I/O provides redundancy for example iSCSI and  Fiber Channel both from a Host level and a Guest level. If you’re using a Server 2012 fileserver as back-end storage, you get redundancy her as well.

4. Application/Service Failover:

  • Non-Cluster Aware Apps: Hyper-V App Monitoring
  • VM Guest Cluster: iSCSI, Fiber Channel
  • VM Guest Teaming of SR-IOV NICs

If you’re running VM’s and you want to provide failover of applications within the virtual machine, you can cluster applications already. For Non-cluster aware (legacy) apps, Server 2012 provides App Monitoring which does light-level health monitoring such as restarting processes and notifications automatically etc.

5. Disaster Recovery:

  • Hyper-V Replica for Asynchronous Replication
  • CSV 2.0 Integration with Storage Arrays for Synchronous Replication

If you want to failover to another site completely, with cluster shared volumes, you need redundancy – two of everything. All nodes simultaneously monitor eachother through a heartbeat network. Every node keeps track of every other node in the cluster in a registry database (states/properties). If a node crashes, all the other nodes know about what workloads and VM’s were running on the crashed node. It will connect to the appropriate VHDs on the network, and pick up that workload. There are two types of clustering that we can consider: Host Clustering and Guest Clustering.

Host Clustering: The most common type of clustering, were we are clustering the physical servers, and we can move apps and vms between the servers.

  • Avoids a single point of failure when consolidating
  • VM’s can survive a host crash because the replica VM is restarted on another node, VMs can be restarted on the same node also when a the VM OS crashes or hangs.
  • Zero downtime maintenance and patching (live-migrate VMs to other hosts
  • Mobility and Load distribution – Live Migrate VMs to different servers to load balance.

Guest Cluster: Two virtual machines running Windows Server and form a cluster themselves for high availability. If one of the two needs to be patched, we can fail over to the other VM. If one of the two crashes, it will fail-over for example that SQL server to the live VM. The difference between virtual and physical options for storage on Guest Clusters is it requires virtualized HBAs: Virtualized Fiber Channel, Fiber Channel over Ethernet and iSCSI (not Serial Attached SCSI).

Combining Host and Guest Clustering:

It’s recommended to combine Host and Guest clustering for flexibility and protection. You can combine all VMs as long as your VMs pass the Clusters Best Practice Analyzer, known as “Validate”.

 

 

Kudos to Microsoft Virtual Academy, Symon Perriman, and Jeff Woolsey

Spammy promotional call from Comcast number 855-849-4255

 
17 Kudos
Don't
move!

So for the past 3 days I’ve been getting a call from (855) 849-4255. Googling the number didn’t produce any good info about the origin of the call, so I wanted to post about it to help others. I thought I was on the National “Do Not Call” list, it amazes me that direct phone marketing is a promotional tactic. If I call back the number it says “Thank you for calling Comcast. If you received a call from this number, you were receiving a promotional offer.” So I go into my Android Galaxy Note 2, go to my call ( Recent ) history, and long-press on the number and tapped “Add to Reject List”. Maybe because I just closed my Comcast account they’ve targeted me. Anyway, I hope the Android Reject Call list does it’s magic and this is the last time I get a call from this number. Bye Comcast, do not call.

How To Install Symantec BackupExec 2014 Mac Apple Client Step by Step

 
3 Kudos
Don't
move!

BackupExec2014

OSX Mac Client Installation

 

  1. Log into the Mac you want to backup with an admin account.
  2. Launch the terminal (command + spacebar, type terminal, enter).
  3. At the prompt type in: sudo su root , then enter the admin account password (this password will be configured later in the Symantec BUExec server client configuration)
  4. At the root prompt#, type in: cpan
  5. At the cpan> prompt, type in: force install Switch — at the prompt type “yes” to agree. The installer should finish with … /usr/bin/make install — OK
  6. Exit CPAN by typing: exit
  7. Obtain the Backup_Exec_2014_14.1.1786_MultiPlatforms_Multilingual iso, or installer DVD image. Inside the extracted or unzipped installer image,  you will find a folder named LinuxMac. Inside this folder look for the RALUS_RMALS_RAMS-1786.0.tar file approximately 155MB. Copy this .tar (.gz) file to your Mac’s desktop.
  8. Double-click on the file to unarchive the gzipped/tarball to the desktop. You should now have a folder of the same name on the desktop.
  9. Back in the terminal, cd into the folder. For example: cd /Users/admin/Desktop/RALUS_RMALS_RAMS-1786.0/
  10. At the prompt, type in: ./installrams  — follow the prompts (hit the “Return” key a few times. This should complete successfully.
  11. Back on your BackupExec 2014 server, go into the backup exec server and then the “Backup and Restore” tab. Right-click on an empty space under your already-added servers and choose “Add Server”.
  12. Scroll down and choose “Macintosh Computer” -> Next.
  13. Place checkmark in “allow trust”. -> Next.
  14. Type in the FQDN (servername.domainname) of the server or the IP address. -> Next
  15. Add/Edit the admin/root username/password that you used to install the CPAN module. If you have Macs with different admin accounts, use the username and pw of the admin account but identify them differently by changing the “Account Name: ” and Notes. -> Next -> Finish
  16. This should insert the server successfully. If there is a problem with the Trust relationship it is probably due to a bad username/password combination.
  17. Setup your initial backups, select/edit your source(s) and destination(s).
  18. That’s it! Sit back and relax knowing you at least have flat-file backups, and in the event of a complete OS/Server loss, you can re-install the OS, then re-install your BackupExec client, then do a restore of your files and settings. Be sure to test your backups by doing a test restore.

IT administration, support, and solutions.