Server

Set-ACL – Se file and folder permissions

Posted by robd on May 12, 2019
powershell, Server / No Comments

I wanted to add an AD group to all the files and folders in a share, the problem is inheritance had been turned off on lots of the folders so I couldn’t just add the AD group to the top and let it filter down. So the solution was to use PowerShell.
First I mapped a drive to the Share (x: in this case). Why didn’t I run this on the server? UAC is a pain in the bum.

You’ll need to change the path and the domain and AD group.

$folders = Get-ChildItem -Directory -Path X:\ -Recurse
foreach ($folder in $folders){
$acl = Get-Acl -path $folder.FullName
$accessRule = New-Object System.Security.AccessControl.FileSystemAccessRule `
("DOMAIN\AD_GROUP", "FullControl", "ContainerInherit,ObjectInherit", "None", "Allow")
$acl.SetAccessRule($accessRule)
$acl | Set-Acl -path $folder.FullName
}

 

Tags: ,

Get-ACL – Report file and folder permissions

Posted by robd on May 11, 2019
powershell, Server / No Comments

If you need to report out file and folder permissions of a file share, see the below PowerShell.

First map the the share to a drive if it isnt already.  In my case X: drive.

Why didn’t I do this on the server hosting the files?  UAC gets in the way and is a pain the bum.

$FolderPath = dir -Directory -Path "x:\" -Recurse -Force
$Report = @()
Foreach ($Folder in $FolderPath) {
$Acl = Get-Acl -Path $Folder.FullName
foreach ($Access in $acl.Access)
{
$Properties = [ordered]@{'FolderName'=$Folder.FullName;'AD
Group or
User'=$Access.IdentityReference;'Permissions'=$Access.FileSystemRights;'Inherited'=$Access.IsInherited}$Report += New-Object -TypeName PSObject -Property $Properties}
}
$Report | Export-Csv -path "C:\temp\Folder_Permissions.csv"

 

 

Tags: ,

icalcs – Backing up Permissions

Posted by robd on May 10, 2019
powershell, Server / No Comments

I wanted to make some changes to some permissions on mass today but decided it would be prudent to backup the permissions first.

So I used icals, to do this I first ran CMD as admin, then mapped the share drive with “Net Use“.

Why didn’t I do this on the server hosting the files?  UAC gets in the way and is a pain the bum.

To backup the permissions:

Swicthes:

/t – Performs the operation on all specified files in the current directory and its subdirectories.

/c – Continues the operation despite any file errors. Error messages will still be displayed.

icacls x:\ /save c:\temp\permissions.txt /t /c

Then to restore:

icacls y:\test /restore c:\temp\permissions.txt

 

Tags: , ,

Azure – Linux – Change the time and time zone

Posted by robd on December 22, 2018
Linux, Server / No Comments

As you may have seen we have a Linux server in Azure running some weird stuff, anyhow the time was off screwing with reports and what not, so had to fix it.  Here’s what I did:

First, SSH onto the server and logon.

Check the time:

timedatectl

Find the timezone you would like:

ls /usr/share/zoneinfo/

Now change it:

sudo timedatectl set-timezone Asia/Dubai

Check it again:

timedatectl

Example:

Tags: , ,

Azure – Linux OS Partition

Posted by robd on December 15, 2018
Server / No Comments

Had an annoying issue where the OS disk on a linux server (hosted on Azure) was partitioned too small:

This disk is 30GB but has loads of free space::

Disk /dev/sda: 136.4 GB, 136365211648 bytes, 266338304 sectors

Then partition /dev/sda2 on the disk: 

Device Boot      Start         End      Blocks   Id  System

/dev/sda2         1026048    62914559    30944256   83  Linux

Feespace:

Number  Start   End     Size    Type     File system  Flags

        16.4kB  1049kB  1032kB           Free Space

1      1049kB  525MB   524MB   primary  xfs          boot

2      525MB   32.2GB  31.7GB  primary  btrfs

        32.2GB  136GB   104GB            Free Space

Here’s how I managed to grow the disk without loosing any data etc:

1) Login to the VM using SSH, we can check the size of the disk by using:

sudo dmesg | grep -i sda

2) To proceed with the partition resize, we will use:

sudo fdisk /dev/sda

type: p
this will show both partitions /dev/sda1 and /dev/sda2 which are basically partitions 1 and 2

type: d then 2 (to delete partition 2)
type: n then p2 (to recreate partition 2) you can accept the default values
type: w (to save the new partition)
type: q (to exit fdisk)
sudo reboot (to reboot the VM so the partition is updated)

3) To finalize the resize, after the reboot, execute the command:

For Red Hat 7.3 and CentOS 7.3:

sudo xfs_growfs /dev/sda2

For Oracle 7.3:

sudo btrfs filesystem resize max /

 

Tags: ,

Check the PowerShell version

Posted by robd on October 20, 2018
Server / No Comments

Anothe quick one, to check PowerShell version:

$PSVersionTable

 

365 – Shared Mailbox on a mobile device

Posted by robd on February 06, 2018
Server / 1 Comment

Some users need shared mailboxes on their mobile devices, this can be done via IMAP.

Add a IMAP:

Add the shared mailbox email:

Choose IMAP

This is the most important section; add the user’s username and the name of the shared mailbox, for example: Rob@DOMAIN.LOCAL/SHARED.MAILBOX

Tags: ,

DirectAccess IP-HTTPS Error 0x2af9

Posted by robd on October 26, 2017
Direct Access, powershell, Server / 1 Comment

My Windows 10 client wouldn’t connect to our Direct Access severs today, kept just getting Connecting

So to troubleshoot I’d recommend:

Checking your internet connection:

Now its worth running some PowerShell commands to get the actual error:

Get-NetIpHttpsState

This likeley means your proxy is in the way of your connection.

Check the settings:

Get-NetIPHttpsConfiguration

Double check your internet connection

Test-NetConnection

I think its time to check the proxy settings:

Check if you can get to a website via IE and try via another browser such as Firefox.

If you cant then check if your proxy is off:

Now check the windows 10 proxy and the Netsh proxy:

Windows 10, turn it off:

Check the netsh and then turn it off or reset it to IE:

#Show the proxy settings:
netsh winhttp show proxy
#Reset it to default
netsh winhttp reset proxy
#Set to IE
netsh winhttp import proxy source=ie

When reset should look like this:

 

Failing that reset the IP Helper in services.msc or reboot:

 

The netsh settings fixed it for me, the reason I’d set it was to allow PowerShell out to the internet for Exchange 365 work.

Tags: , , ,

Greyed out login box on iLO 3 after updating to 1.26

Posted by robd on April 16, 2016
Server / No Comments

If you update iLO to 1.26 (interim FW update before you can update to anything later) and afterwards the web interface still shows 1.10 (or earlier) and the login box is greyed out, purge temporary internet files and you should be good to carry on!

Tags: ,

Log a User off a Server Remotely

Posted by robd on November 04, 2015
Server / No Comments

Open a command prompt as a administrator (i.e. someone with admin over the server your trying to logon too).

Check the session number with qwinsta:

QWINSTA /server:computername

Write down the session ID.

Then use the logoff command:

LOGOFF sessionID /server:computername.

Done.