AD Powershell

After running Windows Server 2016 recently with a DC, I’ve started using Powershell to perform AD functions. Here are a few basics.

New-ADUser cmdlet to create a new user:

 New-ADUser -Name John.Smith 

The above would only create the username, create a new user with more associations:

 New-ADUser -Name John Smith -GivenName John -Surname Smith -Path "OU=Staff,DC=Company,DC=Com" 

Add the password for above account:

 $password = "Strong Password" | ConvertTo-SecureString -AsPlainText -Force
New-ADUser -Name John.Smith -GivenName John -Surname Smith -Path "OU=Staff,DC=Company,DC=Com" 

Bulk Import Users with New-ADUser:

$Import =Import-CSV "c:\utils\aduserimport.csv"
$OU = "OU=staff,DC=ausinfotech,DC=local"
Foreach ($user in $Import)
{
$password = $user.Password | ConvertTo-SecureString -AsPlainText -Force
New-ADUser -Name $user.Name -GivenName $user.FirstName -Surname $user.LastName -Path $OU -AccountPassword $Password -ChangePasswordAtLogon $True -Enabled $True
}

The above script imports the CSV file, sets the standard OU and calls each data record (line of your CSV), writes the password and creates the user account. We are using a “Foreach”-loop, which loads each user record with its parameters from the CSV file.

See here for more info:
http://activedirectoryfaq.com/2016/04/ad-powershell-basics-new-aduser

snap – snapcraft.io

Package any app for every Linux desktop, server, cloud or device, and deliver updates directly. Snap packages are a great way of running apps in an isolated state without using VMs or Containerisation. The website http://snapcraft.io has more details and examples such as this to get going:

A snap is a fancy zip file containing an application together with its dependencies, and a description of how it should safely be run on your system, especially the different ways it should talk to other software. Most importantly snaps are designed to be secure, sandboxed, containerised applications isolated from the underlying system and from other applications. Snaps allow the safe installation of apps from any vendor on mission critical devices and desktops.

Try this (you may need to install snapd)

 $ sudo snap install hello-world 

Now you have installed a snap. You can take a look inside the snap very easily, it shows up as a new directory on your system:

$ cd /snap/hello-world/current/

$ tree
.
├── bin ← this directory structure is just for convenience
│ ├── echo there is no hardcoded structure requirement other
│ ├── env than meta/snap.yaml
│ ├── evil
│ ├── sh
│ ├── showdev
│ └── usehw
└── meta ← your snap must have this directory
├── icon.png ← no prizes for guessing what this is
└── snap.yaml ← this is the required metadata

 

Sysdig

Sysdig is open source, system-level exploration: capture system state and activity from a running Linux instance, then save, filter and analyze. Sysdig is scriptable in Lua and includes a command line interface and a powerful interactive UI, csysdig, that runs in your terminal. Think of sysdig as strace + tcpdump + htop + iftop + lsof + awesome sauce.
With state of the art container visibility on top.

http://www.sysdig.org/

mtr utility

Traditionally the traceroute (print the route packets take to network host) and ping (send ICMP ECHO_REQUEST to network hosts) programs are used as diagnostic tool to solve and isolate networking errors. It may take some time to use both tools to diagnose network issues. However, you can use the mtr program instead of ping and traceroute. It is a network diagnostic tool and it is the combination of traceroute and ping programs (in terms of functionality) and works as a single network diagnostic tool.

Once mtr invoked it starts investigates the network connection between the hosts (workstation) mtr runs on and HOSTNAME by sending packets with purposely low TTLs (time to live). It will continue to send packets with low TTL, noting the response time of the intervening routers. This allows mtr to print the response percentage and response times of the internet route to HOSTNAME.

During this run if you notice a sudden increase in packet-loss or response time is an indication of overloaded link or a bad link.

Examples:

mtr -c 5 -r -w ausinfotech.net

http://www.cyberciti.biz/tips/finding-out-a-bad-or-simply-overloaded-network-link-with-linuxunix-oses.html

Compact/defrag VirtualBox VDI disk

VirtualBox disks can get out of shape if you expand and reduce them and/or they can get slower over time. Compacting a virtual disk can help, here are the steps:

  1. Inside the VM Guest run the defrag utility or 3rd party defragger if you have one.
  2. Empty the free space to zeros with sysinternals sdelete utility. See http://technet.microsoft.com/en-gb/sysinternals/bb897443 From an elevated command prompt run:
     sdelete -c -z c: 

    Now shutdown the VM Guest

  3. On the host computer, run the “VboxManage modifyhd” command to compact the disk. For example if your disk image is located in /home/keith/VMGuests/win8.1/win8.1hd.vdi run this:
     $ VBoxManage modifyhd /home/keith/VMGuests/win8.1/win8.1hd.vdi --compact 

Reference:
https://www.virtualbox.org/manual/ch08.html#vboxmanage-modifyvdi
https://forums.virtualbox.org/viewtopic.php?f=1&t=62334

 

Brackets OpenSource Code Editor

Brackets is an open source code editor for web designers and front-end developers. However, sysadmins should also take a look and try it out on scripts or configuration files. One of cool features is the live preview in a browser, i.e. change the code and see a live preview in your browser without refreshing. Note: this feature is currently only supported with Chrome as of August 2014. It’s also cross platform, having tried it on both Linux and Mac OSX.

Download and install instructions available here:
http://brackets.io/

 

 

How to take a KVM Snapshot

kvm-small

KVM Snapshots

To take a snapshot of a guest image:

# Shut down virtual machine first.

 host:$ cd path to images 
 host:$ sudo qemu-img snapshot -l machine.img # list snapshots in an image 
 host:$ sudo qemu-img snapshot -c snapshotName machine.img # create a new snapshot for a machine 

# Start virtual machine. Modify data. Break something. Shut down virtual machine.

 host:$ sudo qemu-img snapshot -a snapshotName machine.img # apply a snapshot 

To do this, the guest image needs to be qcow2, not raw. To check what type of image it is, run:

 host:$ sudo file /var/lib/libvirt/images/$MACHINE.img 

It should say:
MACHINE.img: Qemu Image, Format: Qcow , Version: 2
If your guest image is raw, you can convert it to qcow2 by doing (and being careful with an image that contains important data or configuration):

# Show down virtual guest first

 host:$ sudo qemu-img convert -O qcow2 /var/lib/libvirt/images/$MACHINE.img \
/var/lib/libvirt/images/$MACHINE.img.qcow2 && \
sudo mv /var/lib/libvirt/images/$MACHINE.img.qcow2 /var/lib/libvirt/images/$MACHINE.img 
 host:$ sudo chmod 600 /var/lib/libvirt/images/$MACHINE.img 

TO Delete Snapshot:

 qemu-img snapshot -d Flounder-Gui-Base Flounder-GUI.img 

Where Flounder-Gui-Base is the snapshot reference name and Flounder-GUI.img is the actual Qcow2 image vm file.

Reference:
http://linux.lsdev.sil.org/wiki/index.php/Create_a_KVM_guest#Snapshots

XenServer Boot error from fstab

If you modify a fstab file on Citrix XenServer 6.2 or higher and made an error which results in the server not booting, you can quickly do this to get going again:

mount -n -o remount /

Then edit the fstab with vi and fix the error or comment it out, and reboot the server.

Reference site:
http://bobsfieldnotes.blogspot.com.au/2011/04/xenserver-repair-filesystem-prompt.html

 

Linux Server Provisioning Tools

FAI:
http://fai-project.org

Ansible:
http://ansible.cc

Puppet Labs Razor
https://puppetlabs.com/solutions/next-generation-provisioning

OpenQrm:
http://www.openqrm-enterprise.com/community

Vagrant:
http://www.vagrantup.com
https://puphpet.com

Cobbler:
http://centoshowtos.org/installation/kickstart-cobbler-on-centos-server
https://github.com/cobbler/cobbler/wiki/Start%20Here
http://www.colinmcnamara.com/setting-up-cobbler-pxe-auto-deployment-for-ubuntu-server-12-04-precise/

Docker:
http://www.docker.io

 

VMware ESXi 5.1 won’t boot from USB

Installed ESXi 4 onto a USB key some time ago and it works well. Trying to install ESX 5.1 onto a USB key works fine during the installation, but it won’t boot for my white-box server.

Found this posting http://vmtoday.com/2012/09/esxi-5-wont-boot-from-usb which sorted my issue.

Basically the white-box server I had does not support booting from GPT partitions, so a modification to the ESXi install on the USB key as follows:

  1. Boot server with install media (ESXi Installer) and press SHIFT+O to edit the boot options.
  2. In lower left corner of the screen insert a space after the word “runweasel” and type “formatwithmbr”. So it should read “runweasel formatwithmbr”.
  3. Press enter to continue the installation process.
  4. Once the install finishes it should boot from the USB key fine.