Monday, October 5, 2015

Uninstalling McAfee Virus Scan Enterprise with force



If you get the following error when Uninstalling McAfee, '' McAfee Agent cannot be removed while it’s in managed mode'', do the following;
  1. Click Start, Run, cmd ( run As Administrator) and type the following commands:
   cd C:\Program Files (x86)\McAfee\Common Framework
   frminst.exe /forceuninstall

NOTE: The path will vary depending on the version and whether you installed McAfee Agent as an upgrade or clean install. Use Windows Explorer to determine the correct path.
( in windows 10 : C:\Program Files\McAfee\Agent\x86)
  1. Restart the system to remove McAfee Agent processes from memory and complete the deletion of file.

Tuesday, September 15, 2015

Upgrading TestLink 1.9.3 (Prague) to 1.9.13 (Stormbringer)



If you have a TestLink 1.9.3 (Prague) and want to upgrade to the newest version TestLink 1.9.3 (Prague). this is the steps.

Steps :

  • Configure a new testlink version in a another server so you will have a fail over something happens. In my case we are moving the server to Azure (http://thusharapriyantha.blogspot.in/2015/04/install-testlink-1913-stormbringer-in.html)
  •  Take a backup of the Database of the TestLink 1.9.3 (Prague)
             # mysqldump -u root -p testlink > 15-9-2015.sql
  • Then copy the  files to the new server. ( can use the tools like winscp to copy the file to another Linux  server )

  •  Restore the Database to the new server 
# mysql -u root -p testlink < 15-9-2015.sql
  • Need to run some update script for this im using PHPmyadmin. log in with the user name and select the Testlink database and go to SQL

  • copy the contains of the following files and run the updates script one by one in the following order.
  •  Files are located in testlink folder.
" /testlink/install/sql/alter_tables "
  • Now you have upgraded the testlink 
  •  To This 
Appreciation : Thilina Gunarathna guide me how do this. ( https://www.facebook.com/thilina.sameera?fref=ts)

Friday, September 4, 2015

Activity report in Office 365



If you are a company that is searching for ISO 27001 security certificate. there is always need to check the activity report. if its a cloud plat form its really hard to do that but luckily Microsoft  has few ways to check unusual activities in the office 365.

  • log in to the portal as a administrator. (https://portal.office.com)
  • then go to the admin panel.
  • go  down to the Admin and Azure AD
  • In the azure ad select the company

  •  Go to reports.
 

Sunday, August 2, 2015

Install .net 3.5 Offline windows 10

To install .net 3.5 Offline in windows 10.

Open Command prompt as administrator.

Type the following command.

Dism /online /enable-feature /featurename:NetFX3 /All /Source: (installation media) :\sources\sxs

Eg : Dism /online /enable-feature /featurename:NetFX3 /All /Source:f:\sources\sxs

Tuesday, July 21, 2015

TLS/SSL Server Supports Weak Cipher Algorithms - Variability Windows 2008 R2

If you found the following vulnerability in windows 2008 R2 Active Directory.

   "TLS/SSL Server Supports Weak Cipher Algorithms".


The TLS/SSL server supports cipher suites based on weak algorithms. This may enable an attacker to launch man-in-the-middle attacks and monitor or tamper with sensitive data. In general, the following ciphers are considered weak:
  • So called "null" ciphers, because they do not encrypt data.
  • Export ciphers using secret key lengths restricted to 40 bits. This is usually indicated by the word EXP/EXPORT in the name of the cipher suite.
  • Obsolete encryption algorithms with secret key lengths considered short by today's standards, eg. DES or RC4 with 56-bit keys.
To resolve this we need to change the following registry settings.
To this copy following settings and open your favorite editor (in my case Notepad++) and save the file as .reg and import the registry file to windows server.


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\Multi-Protocol Unified Hello]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\Multi-Protocol Unified Hello\Server]
"Enabled"=dword:00000000
"DisabledByDefault"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\PCT 1.0]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\PCT 1.0\Server]
"Enabled"=dword:00000000
"DisabledByDefault"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Client]
"DisabledByDefault"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server]
"Enabled"=dword:00000000
"DisabledByDefault"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client]
"DisabledByDefault"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server]
"Enabled"=dword:00000000
"DisabledByDefault"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client]
"DisabledByDefault"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server]
"Enabled"=dword:ffffffff
"DisabledByDefault"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client]
"DisabledByDefault"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Server]
"Enabled"=dword:ffffffff
"DisabledByDefault"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client]
"DisabledByDefault"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server]
"Enabled"=dword:ffffffff
"DisabledByDefault"=dword:00000000


More information : https://support.microsoft.com/en-us/kb/245030

Wednesday, July 8, 2015

How to Add All users to Skype for Busness Client



If you ever want to add all the users on the Skype for Business in your Company. this are the steps what i have done. according to Microsoft they are not giving access to Skype for Business Server.
so the only way we can do this adding groups.

  • Login to Microsoft Exchange admin Portal ( https://portal.office.com/ )
  • Go to Exchange admin center and select groups.
 

  •  After that create Distribution group and add the user's to that group
          Note : group shouldn't be contains more than 100 users.
Tip: what i did to over come this is to add distribution groups with department so there was less then 100 users for a one group.
         Examples : IT-Team , Hr Team , Management etc..

  • Next log in the Skype for Business and type the group name in the search bar then right click and '' Add to Contact List ''

  • Then you can see that the users are in that group in Skype for Business Client. and you can do this to other groups as well.








Tuesday, June 23, 2015

Remotly Manage Linux Servers In Azure with Webmin

To managing Linux servers in Azure is not that easy some times the server SSH sessions are dropped and cant connect to server to manage. To this we can use "Webmin" this tools is Like a c panel for managing Linux servers.

  • Install dependency packagers for for Webmin.
# sudo apt-get install perl libnet-ssleay-perl openssl libauthen-pam-perl libpam-runtime libio-pty-perl apt-show-versions python
  • Download Webmin.
# wget http://sourceforge.net/projects/webadmin/files/webmin/1.760/webmin_1.760_all.deb
  • Install webmin
#  sudo dpkg --install webmin_1.760_all.deb
  • Open firewall ports for Webmin
# sudo ufw allow 10000
  • Create a endpoint with following configuration.
       
  • Now access  the webmin portal with  http://name.cloudapp.net:10000
  • Login with root and root password.

How to Automate MySQL Backup - Ubuntu

Recently i want to backup some MySQL Database  to this i have used Automysqlbackup tool.
this tool backup the Databases daily weekly and Monthly.

  • To Install the automysqlbackup
         # sudo apt-get install automysqlbackup
  • Start the Service
        # sudo automysqlbackup
  • Config Files are stored in /etc/default/automysqlbackup
       # sudo nano /etc/default/automysqlbackup
  •  uncomment the Following Lines. 
Note : From this it will create a seprate folders daly , weekly , Monthly and have separate folders for DB in /var/lib/automysqlbackup.

 # Username to access the MySQL server e.g. dbuser
USERNAME=`grep user /etc/mysql/debian.cnf | tail -n 1 | cut -d"=" -f2 | awk '{print $1}'`
# Username to access the MySQL server e.g. password
PASSWORD=`grep password /etc/mysql/debian.cnf | tail -n 1 | cut -d"=" -f2 | awk '{print $1}'`

# Host name (or IP address) of MySQL server e.g localhost
DBHOST=localhost

# reading the mysql folder content. Feel free to replace by something else.
DBNAMES=`find /var/lib/mysql -mindepth 1 -maxdepth 1 -type d | cut -d'/' -f5 | grep -v ^mysql\$ | tr \\\r\\\n ,\ `

# This one does a list of dbs using a MySQL statement.

DBNAMES=`mysql --defaults-file=/etc/mysql/debian.cnf --execute="SHOW DATABASES" | awk '{print $1}' | grep -v ^Database$ | grep -v ^mysql$ | grep -v ^performance_schema$ | grep -v ^information_schema$ | tr \\\r\\\n ,\ `

# root, with Unix rights 0600.
BACKUPDIR="/var/lib/automysqlbackup"

# List of DBBNAMES for Monthly Backups.
MDBNAMES="mysql $dbname "

Monday, June 22, 2015

Cant SSH to Linux VM - Azure



Did you encounter that the SSH connection is suddenly not working with Azure Linux machine.
This happens to me quit a lot with Azure Ubuntu VM. and there were not much help in the internet about this and had to call the Microsoft support,
This are the steps what we have done to resolve this issue.

  • First we can try to reset the remote session form the portal.
  • Log in to https://portal.azure.com/
  • Then go to Browse All and select Virtual Machines.
 
  • Then select the vm and  click Reset Remote Access.
 
  • If this didn't work ( in my case this didn't work) there is a script to run.
  • Open  Microsoft Azure Command Shell
  • Then first remove the All the saved azure accounts form the computer.
 # Get-AzureAccount | %{Remove-AzureAccount -Name $_.Id} Clear-AzureProfile
  • Add the Azure account to Powershell.
# Add-azureaccount
  • Then run the following script to reset the SSH
  • Replace the  red colourd with the details of the your Azure VM
$subname = "Subscription name"     #Set subscription details
$subid = "Subscription id"         #Subscription id

Set-AzureSubscription -SubscriptionName $subname
Select-AzureSubscription -SubscriptionName $subname
Get-AzureSubscription

#Sample script to reset the SSH configuration on your VM
#Identify the VM
$vm = Get-AzureVM -ServiceName 'CLOUD_SERVICE_NAME_WITHOUT_cloudapp.net'  ' -Name 'VM_Name'
##Get-AzureVMExtension -VM $Vm | Select ExtensionName, Publisher, Version
$vm.GetInstance().ProvisionGuestAgent = $true
Get-AzureVMExtension -VM $Vm | Select ExtensionName, Publisher, Version
#Set-AzureVMExtension -ExtensionName 'CustomScriptForLinux' -VM $vm -Publisher 'Microsoft.OSTCExtensions' -Version '1.2' | Update-AzureVM -Verbose
$TimeStamp = (Get-Date).Ticks

$PrivateConfig = '{"reset_ssh": "True", "timestamp": "' + $TimeStamp + '"}'

# Begin execution
$ExtensionName = 'VMAccessForLinux'
$Publisher = 'Microsoft.OSTCExtensions'
$Version =  '1.*'
Set-AzureVMExtension -ExtensionName $ExtensionName -VM  $vm -Publisher $Publisher -Version $Version -PrivateConfiguration $PrivateConfig | Update-AzureVM
  • Now try to log in the Azure with SSH Using the first account you used to connect to Azure. 
( eg : azureuser and the Password )

Saturday, June 20, 2015

Configure Https In apache - Ubuntu server - Azure

To Configure https In Apache ( Ubuntu )
  •  First need to enable  https
          $ sudo a2enmod ssl
  • Create a Folder to store SSL certificate
         $ sudo mkdir /etc/apache2/ssl/
  •  Next copy the following certificate to above folder
    1. SSL CertificateFile (.crt)
    2. SSL Certificate Key File (.key)
    3. Certificate Chain file (.crt)
Note : 
  • This certificates can be downloaded form the Certificate authority.
  • Also can Self Signed SSL Certificate form following command.
" $ sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt "
This was copied form https://www.digitalocean.com/community/tutorials/how-to-create-a-ssl-certificate-on-apache-for-ubuntu-12-04
  •    Next open the SSL configuration file.
$ sudo nano /etc/apache2/sites-available/default-ssl.conf
  • Make sure SSL on
    # SSLEngine on
  • And change the  following with the certificate name.
 # SSLCertificateFile    /etc/apache2/ssl/SSL CertificateFile.crt
          #  SSLCertificateKeyFile /etc/apache2/ssl/SSL Certificate Key File.key
 # SSLCertificateChainFile /etc/apache2/ssl/Certificate Chain file.crt
  • Save the file.
  •  Next Open the 443 port from the Firewall
$ sudo ufw allow 443
  • Restart the Apache service.
$ sudo service apache2 restart
  •  In azure to work this also need to open the 443 from Azure port. 
  # log in the portal and select the Virtual Machine  and go to Endpoint and create a endpoint with following config.

Saturday, June 13, 2015

Can't Delete Blob - ''There is Currently a lease on the blob and no lease ID was specified in the request."

If you got following error when your deleting a storage contaner.

'' There is Currently a lease on the blob and no lease ID was specified in the request ''

this mainly because when you deleting vm some times it dosen't  the disks.
to resolve this.

  • Go to Virtual Machines and select Images. and delete the image.


  •  Then go to Disks and delete the disk that was attached to the deleted Virtual machine.
 
  •  now you wll able to delete the blob storage.



Upload VHD file to Azure


Azure has many good feature and one thing I loved is that we can attached VHD files and run the Virtual machines.

  • First we need to Prepare the VHD files to Upload to the Azure. To do that we need to run sysprep tool
  • When the machine is powered on go to  windows/system32/sysprep and run the sysprep.exe
  •  Next we need to create  a storage
  • Sign in to the Azure Management Portal
  •  On the command bar, click New. 
  •  Click Data Services > Storage > Quick Create. And give a name and create a new storage. 
  •  Next open the storage  and go to containers. And create  a new container 

 
  • Enable Debug mode so it will give more detials about the process. 
          # DebugPreference='Continue'
  • Login to Windows Azure subscription
          # Add-AzureAccount
  •  Get Azure publisher settings
          # Get-AzurePublishSettingsFile
  •  Import azure publisher Files 
          # Import-AzurePublishSettingsFile –PublishSettingsFile Pay-As-You-Go-6-11-2015-credentials.publishsettings

   EG :  #Import-AzurePublishSettingsFile –PublishSettingsFile C:\Users\user\Downloads\Pay-As-You-Go-6-11-2015-credentials.publishsettings

  •  Upload the VHD files
            # add-AzureVhd –LocalFilePath /Filepath/vhdfileneame.vhd -NumberOfUploaderThreads 36 -Destination "blobspace "

            # add-AzureVhd -LocalFilePath F:\Virtual_Hard_Disks\2012R3A_OS.vhd -NumberOfUploaderThreads 36 -Destination https://rir.blob.core.windows.net/vhds/2012R3A_OS.vhd

Subscribe to: Posts (Atom)