• Well, Onedrive should be a decision for later. Many installers do not realise this will sync files. This is a major security risk for professionals if sensitive files are being duplicated. It also breaks scripts that expect a normal path for folders.. Now we have people with 30 or 40 dummy Microsoft accounts….

    You can also add an account later. The major problem is that rather than basing the home folder on the user name (Mary, John, etc.) it is based on a substring of the logon, which is a bugger to remember for RDP.

    You almost never logon with the Microsoft account, it will be a device PIN. Only networking and terminal services will use that logon. Again, you guess what it is and where it truncated.

  • Is the user account on the CISCO device you are using have level 15 privileges? Since the error seems to be the show run command it might be the user account does not have the correct privilege to execute the show run command?

  • How would you add multiple inbound and outbound rules to an NSG in one PowerShell Script?

  • Easy… see for example https://docs.ansible.com/ansible/latest/collections/cisco/index.html

    Who wants to use a GUI if you can let handly Ansible all of it and you can just leave it all for automation… GUIs are outdated….

    With Ansible you can automate you’re entire IT!

    e.g. with an Ansible play you take a VM, check for updates, if available you set monitoring to pause that system, then you create a VM-snap, then you update, then you reboot and finally you email out a report and activate monitoring again… and you can do a lot of this even with your firewall (palo alto e.g.) and cisco devices. If things are changed you can have ansible change it back to keep a good state… try that with WSUS….

  • Need to give “Domain Computers” read access to the source share and NTFS folder permissions where the TTF files are hosted when doing GPO rollout method FYI

  • Hi,

    Thanks for the script.

    I have followed the instructions,however the extension I m trying to uninstall is still showing but is disabled not removed.

    I am missing somthing ?

  • I’ve used `cat` and `>>` to add the contents of the public key file to administrators_authorized_keys file but the contents were converted on the fly to utf16. The file looked ok in notepad but openssh could not read it. What is worse: there was no error in the logs neither on server side nor in client (`-vvv`). I’ve wasted hours on this! I’ve tried `LogLevel DEBUG` in `sshd_config` but the `__PROGRAMDATA__/ssh/logs` directory is empty.

  • Hello Brandon.

    Do you know how I can get information from a user logged into Windows using Get User Information?

    Regards,
    Everton

  • Riccardo Bicelli,
    Great review of TRMM. I am using TRMM in a closed environment and want to bring it to production. Do you know of any companies using this in production?

  • Hi Leos:

    I have used the Autoruns to delete or disable applications sparingly.
    Like many Sysinternals apps, it is somewhat forbidding to the average user like myself, with its many settings and functions (but useful).
    There are manuals which document Sysinternals, which I have, but rarely read. They are probably out of date with the many changes made to Sysinternals.
    Good article.

    Allan

  • I’ll take a command line over a GUI any day since it’s batchable. Plus I like the keyboard so anything that keeps me away from the mouse is my preferred platform.

  • It now seems unlikely Microsoft will ever release DNS over HTTPS for Windows 10.

  • I’m using Google drive but I can’t see the kdbx file. I can see it only using the windows keepass program. Hence, I can’t open it on my mobile.. help please. Thanks

  • As per my experince , You mean SyncToy , the Microsoft tool , but for this comment
    “Try copying millions of files, possibly without keeping the same tree structure at the target as at the source, and logging errors (the most frequent being missing NTFS permissions at the source) ” ,
    Gs Richcopy 360 and Syncback are created exactly for such cases.
    Backup/sync GUI tools like Gs Richcopy 360 and Syncback have a nice and simple GUI, able to copy to local drives, remote servers, LANs, WANs, and clouds, able to copy all the permissions types from source to destination, and also able to copy time stamps.
    and as I remember, there are options to throttle the connection speed to prevent bandwidth consumption, a feature to email you after the job is finished, an excellent task scheduler and it will never crash while transferring a large amount of data.
    there are also other differences between such a GUI tools and CLI tools, just try to search

  • You are right Michael 🤣🤣

  • Hello Sarah
    I too recognize that the GUI is very practical and useful … but only in certain cases: Simple and unitary tasks

    For all that is complex tasks – even simple but repetitive – nothing beats the command line and the script.

    you named 3 tools: SyncToy – Gs Richcopy 360 – Syncback
    Try copying millions of files, possibly without keeping the same tree structure at the target as at the source, and logging errors (the most frequent being missing NTFS permissions at the source), I wish you good luck with these tools.

    These 3 tools are undeniably practical for personal use only and limited in volume, not for professional use.

  • Hello John,

    thanks for replying. I am using the code below, which I think is identical to the one in your article. I wonder if there is any special formatting used for the devicelist textfile (I simply put each IP address on a new line) ?

    # import modules needed and set up ssh connection parameters
    import paramiko
    import datetime
    user = ‘admin’
    secret = ‘admin’
    port = 22
    ssh = paramiko.SSHClient()
    ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())

    # define variables
    time_now = datetime.datetime.now().strftime(‘%m_%d_%Y_%H_%M_%S’)
    infilepath = “F:Automationcisco automation”
    outfilepath = “F:Automationcisco automation”
    devicelist = “device-list1.txt”

    # open device file
    input_file = open( infilepath + devicelist, “r”)
    iplist = input_file.readlines()
    input_file.close()

    # loop through device list and execute commands
    for ip in iplist:
    ipaddr = ip.strip()
    ssh.connect(hostname=ipaddr, username=user, password=secret, port=port)
    stdin, stdout, stderr = ssh.exec_command(‘show run’)
    list = stdout.readlines()
    outfile = open(outfilepath + ipaddr + “_” + time_now, “w”)
    for char in list:
    outfile.write(char)
    ssh.close()
    outfile.close()

  • Hello John,

    thanks for your reply. I am using the code below, which I think is pretty much identical to the one in your article. The devices are Cisco routers and switches. Do you have a sample of the text file that is used in the devicelist ? I just put each IP address on a new line, maybe that is the wrong format ?

    # import modules needed and set up ssh connection parameters
    import paramiko
    import datetime
    user = ‘admin’
    secret = ‘admin’
    port = 22
    ssh = paramiko.SSHClient()
    ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())

    # define variables
    time_now = datetime.datetime.now().strftime(‘%m_%d_%Y_%H_%M_%S’)
    infilepath = “F:Automationcisco automation”
    outfilepath = “F:Automationcisco automation”
    devicelist = “device-list1.txt”

    # open device file
    input_file = open( infilepath + devicelist, “r”)
    iplist = input_file.readlines()
    input_file.close()

    # loop through device list and execute commands
    for ip in iplist:
    ipaddr = ip.strip()
    ssh.connect(hostname=ipaddr, username=user, password=secret, port=port)
    stdin, stdout, stderr = ssh.exec_command(‘show run’)
    list = stdout.readlines()
    outfile = open(outfilepath + ipaddr + “_” + time_now, “w”)
    for char in list:
    outfile.write(char)
    ssh.close()
    outfile.close()

  • Can you show me more of the code where you get this error? What type of device are you connecting too?

  • > Storing recovering information in Active Directory fails

    As a sidenote, if your environment is still very old (Read 2008 R2 DCs) there are scripts that are required to be run to create the various objects and ACLs for storing the bitlocker keys in AD. Microsoft used to provide these scripts on their articles, but it’s getting harder and harder to find these old vbs scripts that perform these steps. Not that anyone should still be running 2008 R2 nowadays, but it’s worth noting that this will stop keys from backing up.

    The dumbest bitlocker-related error we used to see was “This PC doesn’t support entering a bitlocker recovery password during startup”. Fix is to do an admin cmd prompt and run “Reagentc.exe /enable” then attempt to bitlocker again. Related to that are “The system cannot find the FILE specified” which means “delete C:WindowsSystem32RecoveryReAgent.xml and try to enable bitlocker again” or “The system cannot find the PATH specified” which means “Ensure that a folder called ‘Recovery’ exists in C:WindowsSystem32”

    On some really old HP 810’s we also had to do some weird stuff when trying to update firmware:

    Case: Bitlocker is OFF, and when trying to update the TPM firmware you get prompted for an Owner password. Owner Password is a legacy key that is no longer in use. Trying to clear TPM from within Windows doesn’t work as expected. You can clear the “TPM Owner” before updating TPM firmware as follows:

    Run Command Prompt as Administrator and run the following lines:

    reg add HKLMSOFTWAREPoliciesMicrosoftTPM /f /v OSManagedAuthLevel /t REG_DWORD /d 4

    WMIC /namespace:rootcimv2SecurityMicrosoftTpm Path Win32_Tpm Where __RELPATH=”Win32_Tpm=@” Call SetPhysicalPresenceRequest 14

    Then reboot.

    You may also have to set a bios setting to allow Windows to adjust TPM password before doing these changes.

  • Load More
© 4sysops 2006 - 2022

CONTACT US

Please ask IT administration questions in the forums. Any other messages are welcome.

Sending

Log in with your credentials

or    

Forgot your details?

Create Account