wiki.getshifting.com

--- Sjoerd Hooft's InFormation Technology ---

User Tools

Site Tools

Trace: SHIFT-WIKI - Sjoerd Hooft's InFormation Technology
start

SHIFT-WIKI - Sjoerd Hooft's InFormation Technology

This WIKI is my personal documentation blog. Please enjoy it and feel free to reach out through blue sky if you have a question, remark, improvement or observation.

Cheat Sheet

Summary: An overview of cheatsheets on this wiki. Originally everything was here but it simply became too big. Small topics are kept here.
Date: 8 December 2024

Cheatsheets:

PageUserTags
Cheat Sheet 
Cheatsheet Active Directory , ,
Cheatsheet Azure CLI ,
Cheatsheet Azure DevOps ,
Chaetsheet Databases ,
Cheatsheet Docker ,
Cheatsheet GIT ,
Cheatsheet Kubernetes ,
Cheatsheet Links 
Cheatsheet Linux and Bash , ,
Cheatsheet Networking , ,
Cheatsheet Node.js ,
Cheatsheet PowerCLI , ,
Cheatsheet PowerShell ,
Cheatsheet Python ,
Cheatsheet Solaris ,
Cheatsheet Storage , ,
Cheatsheet VMware ,
Cheatsheet Windows Management , ,

BICEP

Bicep object vs array 
param objectToTest object = {
  one: 'a'
  two: 'b'
  three: 'c'
}
param arrayToTest array = [
  'one'
  'two'
  'three'
]

Azure Portal

RBAC

  • At any resource you can see which RBAC roles apply to this specific resource and what the allowed actions are: After selecting the resource, go to IAM - Roles → You'll now notice the roles that apply. Now, for any role, click on Details → This will show you the allowed actions and switch between the control and data plane for any data actions (useful with for example storage accounts).

VSCode

Key Combinations

  • Comment / uncomment: ctrl + /
  • Word wrap: alt + z
  • toggle from editor to terminal: ctrl + `
  • toggle from terminal to editor: ctrl + 1
  • vertical cursor line: shift + alt + click

Replace (CTRL + H)

  • Tabs: ALT 009
  • Regex:
    • Search for title in string <h1>(.+?)<\/h1>
    • and replace to by using the $1: #### $1

Citrix

Citrix Health Check

I once implemented a health check based on this one.

Install software and updates on Citrix Server

  1. Log on to the citrix server with a local admin account
  2. Start a command prompt and type change user /install
  3. Perform the changes you want to make
2025/06/01 11:59

Cheatsheet Windows Management

Summary: Windows Management hints, tips, oneliners and best practices.
Date: 8 December 2024

Windows Version

To find out which windows edition and version you run simply run this command, this will show you a screen with information about the edition, service pack and build number: 

winver.exe

Windows Service Management

Stop Windows Service 
  1. # Stop the service while checking the state for x² seconds and kill it if that doesn't work
  2. Write-Host "Stopping Service: $servicename; Status: Initiating"
  3. $sleeper = 1
  4. while (((Get-Service -Name "$servicename").Status -ne "Stopped") -AND ($sleeper -lt 128)){
  5.     if ($sleeper -eq 1){
  6.         Stop-Service -Name "$servicename"
  7.     } elseif ($sleeper -eq 32){
  8.         Stop-Service -Name "$servicename" -Force -NoWait
  9.     } elseif ($sleeper -eq 64){
  10.         # Try to kill the process now
  11.         $servicepid = (Get-CimInstance win32_service -Filter "Name = '$servicename'").ProcessId
  12.         try{
  13.             Stop-Process -id $servicepid -Force
  14.         }catch{
  15.             Throw "Stopping Service: $servicename; Stopping process: $servicepid; Status: Failed; Error: $($_.Exception.Message)"
  16.         }
  17.     }
  18.     if ($alllogs -eq "True"){Write-Host "Stopping Service: $servicename; Sleeptime: $sleeper seconds"}
  19.     Start-Sleep -Seconds $sleeper
  20.     $sleeper = $sleeper * 2
  21. }


Restart all Windows Services 
get-service -name grn* -ComputerName appprd02 | Restart-Service -Verbose


Start all stopped Windows Services 
Get-Service -Name grn* -ComputerName appprd01,appprd02,appprd03,appacc01,appacc02,apptst01,apptst02,appdev01,appdev02 | Where-Object {$_.Status -eq 'Stopped'} | Start-Service -Verbose
Get-Service | where {($_.Status -eq 'Stopped') -and ($_.name -like 'Grn*') -and ($_.StartType -eq 'Automatic')} | Start-Service

Note: -ComputerName only works in PS 5

Install Windows Service depends on Powershell version 
if ($($PSVersionTable.PSVersion).Major -eq 7){
    New-Service -Name $serviceName -BinaryPathName $binaryAppExecutable -StartupType "AutomaticDelayedStart" -Credential $appuserCredentials
}else {
    New-Service -Name $serviceName -BinaryPathName $binaryAppExecutable -StartupType "Automatic" -Credential $appuserCredentials
    sc.exe config $serviceName start= delayed-auto
}

Note: PS 5 does not understand the startuptype AutomaticDelayedStart

Delete Windows Service 
sc.exe delete windows.service

Note: In cmd you can use sc, in powershell sc is an alias for set-content, so you need to use sc.exe

Telnet Client

Windows Server comes by default without a telnet client which is a no go in my opinion.

I used these steps to add the telnet client to Windows Server active features:

  1. Open Server Manager by clicking Start → 'Server Manager'
  2. Click on 'features' from the left panel in Server Manager
  3. Click on 'Add Features'
  4. From the available list of features select 'Telnet Client' and click 'Next'
  5. Click on 'Install'
  6. Click 'Close'

Now telnet client works!

Windows IIS Management

Restart all App Pools 
& $env:windir\system32\inetsrv\appcmd list apppools /state:Started /xml | & $env:windir\system32\inetsrv\appcmd recycle apppools /in

Note: This does not start stopped app pools

Restart all App Pools Remotely 
$servers = 'web01','web02','web03'
Invoke-Command -ComputerName $servers { & $env:windir\system32\inetsrv\appcmd list apppools /state:Started /xml | & $env:windir\system32\inetsrv\appcmd recycle apppools /in }

Note:This does not start stopped app pools

Get the process for a IIS Site (always running under w3wp): 
# Site and Appool have the same name:
$site = "customerapi"
processId = (Get-WmiObject -Class win32_process -filter "name='w3wp.exe'" | Where-Object { ($_.CommandLine).Split("`"")[1] -eq $site } ).ProcessId

Note: This one is also listed under Windows Process Management

Windows Certificates

View cert info 
certutil -v -dump <path to cert>


Open Current User Certificate store: 
certmgr.msc


Open Local Machine Certificate store: 
certlm.msc


Get specific details from specific certificates from a list of servers and export to csv 
$servers = @("server1","server2","server3")
Invoke-Command -ComputerName $servers {Get-ChildItem Cert:\LocalMachine\My | where-object {(($_.DnsNameList -like  "*rabobank*") -OR ($_.Subject -like "*rabobank*"))} |select-object @{name="hostname";expression={$(hostname)}},DnsNameList,NotAfter,Thumbprint,Subject,Issuer,FriendlyName} | Export-Csv certs.csv -NoTypeInformation

Windows Processes

Get all processes 
$processes = Get-CimInstance -ClassName Win32_Process | Select-Object ProcessName,ProcessId,CommandLine,Path | sort processid


Kill a process 
try{
    $processid = (Get-CimInstance win32_process -Filter "Name = 'mmc.exe'").ProcessId
    if ($null -ne $processid){
        Stop-Process -id $processid -Force
    }
}catch{
    Write-Host "Error killing mmc: $_"
}


Get the process for a IIS Site (always running under w3wp): 
# Site and Appool have the same name:
$site = "customerapi"
processId = (Get-WmiObject -Class win32_process -filter "name='w3wp.exe'" | Where-Object { ($_.CommandLine).Split("`"")[1] -eq $site } ).ProcessId


Get the process and child processes: 
$id = (Start-Process cmd.exe -PassThru).id
Get-WmiObject -Class Win32_Process -Filter "ParentProcessId = '$id' or ProcessId ='$id'" | Select-Object ParentProcessId,ProcessId,CommandLine


Get all process from a specific path 
$dir = "appdir"
Write-Host "Alle processen in Path -like $dir"
Get-CimInstance win32_process -Property * | Where-Object {$_.path -like "*$dir*"}

Kill processes

Kill process and child processes 
$id = (Start-Process cmd.exe -PassThru).id
Get-WmiObject -Class Win32_Process -Filter "ParentProcessId = '$id' or ProcessId ='$id'" | Select-Object ParentProcessId,ProcessId,CommandLine | ForEach-Object {Stop-process $_.processId}


Using taskkill 
$id = (Start-Process cmd.exe -PassThru).id
# Killing the PID
taskkill /pid $id /t /f
# Or using the image name (executable name without path)
taskkill /im cmd.exe /t /f

Windows System Info

Collect uptime, patches, windows version and more 
systeminfo

System Variables

Set an environment variable until the end of the current command prompt session 
set AWS_DEFAULT_REGION eu-west-1


Set an environment variable in both the current command prompt session and all command prompt sessions that you create after running the command 
setx AWS_DEFAULT_REGION eu-west-1

Windows GPO

Group policy result to html 
gpresult /h gpreport.html


Local Group Policy editor 
gpedit.msc


GPO Management console: 
gpmc.msc


Force GPO update 
gpupdate /force

Windows Firewall

Allow incoming icmp rule to windows firewall 
netsh advfirewall firewall add rule name="ICMP Allow incoming V4 echo request" protocol=icmpv4:8,any dir=in action=allow

Windows Shutdown

Reboot in 1 second 
shutdown -r -t 1


Shutdown in 0 seconds (force option implied) 
shutdown -s -t 0

Windows Updates

Use this command to tell Windows Update to start the downloading of updates: 

wuauclt /resetauthorization /detectnow

Windows Management Tool

Use the msconfig command to configure Windows in one easy tool 

msconfig

Add User

Add the user Maintenance to a system and add it to the local administrators group 

net user Maintenance Welkom01 /ADD
net localgroup administrators maintenance /add

Execute Commands From Remote

When working in a Windows environment it could really be nice if you could perform commands on remote computers by default. You could use psexec for this, a lightweight telnet substitute that can be used to launch processes on remote Windows computers. It's originally from Sysinternals and can be downloaded here .

Once you've downloaded psexec, open a command prompt and type 

psexec \\computer cmd

where computer is the name or IP address of the remote desktop computer you are targeting. Once you've done this, you're looking at an interactive command prompt on the remote computer, and any command (like gpupdate /force) you now type will be executed on the remote machine instead of the local one. Of course, this can also be done on several computers automatically, when you use a computerlist: 

Psexec.exe -@ComputerList.txt Gpupdate.exe /Target:User /force
Psexec.exe -@ComputerList.txt Gpupdate.exe /Target:Computer /force

Of course you can substitute the gpupdate command for any command you might need to use.

Network

Net use j: \\servername\sharename “password” Creates a drive mapping J to \\servername\sharename with the logged in username and the given password
Net use j: /delete Deletes the drive mapping J
Net use Gives an overview of the mappings on the box
Ping -t -L 1450 -w 5000 www.website.nl -t continues
-L 1450 packetsize
-w timeout in milliseconds

User Sessions on Terminal Servers

Enable/Disable logons

You can enable / disable logons on terminal servers like this: 

change logon /enable
change logon /disable

Query the current setting: 

change logon /query

CMD

cmd.exe /T:0A Gives a DOS box with a black background and bright green characters

This is the way to get a menu in a dos batch file. The menu in this example is used to install groupwise in a few different ways: 

@echo off
color A
goto menu
 
:menu
echo.
echo What do you want to do?Choose and press ENTER!
echo.
echo 1 Installing English version of Groupwise 7.0.3 HP1
echo 2 Installeer Nederlandse versie van Groupwise 7.0.3 HP1
echo 3 Update Groupwise with current settings to 7.0.3 HP1
echo 4 Remove Groupwise 7
echo 5 Quit!
 
:choice
set /P C=[1,2,3,4,5]?
if "%C%"=="1" goto GWEN
if "%C%"=="2" goto GWNL
if "%C%"=="4" goto GWUP
if "%C%"=="4" goto GWREMOVE
if "%C%"=="5" goto QUIT
goto choice
 
:GWEN
start msiexec -i "gw703hp1\win32\groupwise.msi" TRANSFORMS="gw703hp1\win32\GwEngDefNl.mst" /qb+ /promptrestart
goto menu
 
:GWNL
start msiexec -i "gw703hp1\win32\groupwise.msi" TRANSFORMS="gw703hp1\win32\GwEngNlDef.mst" /qb+ /promptrestart
goto menu
 
:GWUP
start msiexec -i "gw703hp1\win32\groupwise.msi" /qb+ /promptrestart
 
:GWREMOVE
start msiexec -x "gw703hp1\win32\groupwise.msi" /qb+ /promptrestart
goto menu
 
:QUIT
exit
:end
2025/06/01 11:59
, ,

Cheatsheet VMware

Summary: A cheatsheet to collect various information regarding vmware products.
Date: 3 January 2025

VMware voor Linux

VMware tools:

  • Dependencies: gcc/gcc++/(kernel-headers)

On ESX, first mount the cdrom:

  • OES3:/media # mount /dev/cdrom /mnt/
  • mount: block device /dev/cdrom is write-protected, mounting read-only

Turn off the vm , and set the cdrom to automatically connect as host device, as auto detect.

  • mount /dev/cdrom /media/cdrom -o rm

Click “Install VMWare Tools” menu option and issue the following commands: 

cd /tmp
tar zxf /media/VMware\ Tools/vmware-linux-tools.tar.gz
cd /tmp/vmware-tools-distrib
./vmware-install.pl
Run tools: /usr/bin/vmware-toolbox

Install everything into /usr/local/bin

Installation SLES9 - double screens that are hard to read

Open 

vi /boot/grub/menu.lst

eand remove “vga=0x332” from the linux kernel load line

Discover new disk on linux

After you've added a new disk to linux you can discover it by issuing 'rescan-scsi-bus.sh' as root: 

# rescan-scsi-bus.sh
Host adapter 0 (mptspi) found.
Scanning SCSI subsystem for new devices
Scanning host 0 channels 0 for  SCSI target IDs  0 1 2 3 4 5 6 7, all LUNs
Scanning for device 0 0 0 0 ...
OLD: Host: scsi0 Channel: 00 Id: 00 Lun: 00
      Vendor: VMware   Model: Virtual disk     Rev: 1.0
      Type:   Direct-Access                    ANSI SCSI revision: 02
Scanning for device 0 0 1 0 ...
OLD: Host: scsi0 Channel: 00 Id: 01 Lun: 00
      Vendor: VMware   Model: Virtual disk     Rev: 1.0
      Type:   Direct-Access                    ANSI SCSI revision: 02
Scanning for device 0 0 2 0 ...
NEW: Host: scsi0 Channel: 00 Id: 02 Lun: 00
      Vendor: VMware   Model: Virtual disk     Rev: 1.0
      Type:   Direct-Access                    ANSI SCSI revision: 02
0 new device(s) found.
0 device(s) removed.

It says 0 devices found but the new disk is still discovered and ready for partitioning.

Time Drifting op Linux guests

Step 1: Configure NTP

Open ntp.conf and add the following lines: 

vi /etc/ntp.conf
server x.x.x.x prefer
tinker step 0

Stop, synchroniseer en start ntp: 

/etc/init.d/ntpd stop
ntpdate x.x.x.x (repeat until the difference is less then 1 second)
/etc/init.d/ntpd start
ntpq -p (repeat until the reach is on 377)

Step 2: clock=pit

  • vi /boot/grub/menu.lst
  • Add “clock=pit” to the linux kernel load line


or

  • vi /etc/lilo.conf
  • Add “clock=pit” to the “append=” line
  • /sbin/lilo

Step 3: Misc.TimerHardPeriod (on ESX)

Set to 333 or 250

Step 4: tools.syncTime

Turn on time synchronisation with the host in the VMware tools or the *.vmx config file.

Optional extra steps

Step 5: noapic nolapic nosmp

  • vi /boot/grub/menu.lst
  • add “noapic nolapic nosmp” to the linux kernel load line

Step 6: NTP polling

  • vi /etc/ntp.conf
  • server x.x.x.x prefer minpoll 4 maxpoll 6
    • (number is seconds * seconds, so 4 = 16 seconds and 6 = 36 seconds)

Extra Time Commands

Sync the hardware clock with the system clock: 

hwclock --systohc
# Check the hardware clock
hwclock --show

VMware General

If the boot screen goes too fast, F2 is the key to enter the BIOS/CMOS.

VMware Server port forwarding

I needed to be able to authenticate through LDAP on a virtual from the production network. Of course, vmware server does not support reverse NAT, so I took my chances on port forwarding… and it worked:

Invalid Link


Don't forget to press restart and apply when you've added port forwards.

Force Removal of VMware Tools

To uninstall and re-install VMware Tools:

  • Right-click on the virtual machine.
  • Click Guest > Install/Upgrade VMware Tools.
  • Open a Console to the virtual machine and log into the guest operating system.
  • Click Start > Run, type cmd, and click OK to open a command prompt in Windows.
  • Change the drive to your CD-ROM drive (For example, D:\).
  • Type setup /c and press Enter to force removal of all registry entries and delete the old version of VMware Tools.
  • Open My Computer, double click the CD-ROM that contains VMware Tools.
  • After Auto-Run starts, follow the prompts to install.
2025/06/01 11:59
,

Cheatsheet Storage

Summary: A cheatsheet to collect various information regarding storage.
Date: 31 December 2024

Storage Terminology

Here you can find some information with explanation about some commonly used terms in storage terminology.

Sequential

Refers to reading or writing data records in sequential order, that is, one record after the other. To read record 10, for example, you would first need to read records 1 through 9. This differs from random access, in which you can read and write records in any order.

Some programming languages and operating systems distinguish between sequential-access data files and random-access data files, allowing you to choose between the two types. Sequential-access files are faster if you always access records in the same order. Random-access files are faster if you need to read or write records in a random order.

Devices can also be classified as sequential access or random access. For example, a tape drive is a sequential-access device because to get to point q on the tape, the drive needs to pass through points a through p. A disk drive, on the other hand, is a random-access device because the drive can access any point on the disk without passing through all intervening points.

Random

Refers to the ability to access data at random. The opposite of random access is sequential access. To go from point A to point Z in a sequential-access system, you must pass through all intervening points. In a random-access system, you can jump directly to point Z. Disks are random access media, whereas tapes are sequential access media.

The terms random access and sequential access are often used to describe data files. A random-access data file enables you to read or write information anywhere in the file. In a sequential-access file, you can only read and write information sequentially, starting from the beginning of the file.

Both types of files have advantages and disadvantages. If you are always accessing information in the same order, a sequential-access file is faster. If you tend to access information randomly, random access is better.

Random access is sometimes called direct access.

Latency

In general, the period of time that one component in a system is spinning its wheels waiting for another component. Latency, therefore, is wasted time. For example, in accessing data on a disk, latency is defined as the time it takes to position the proper sector under the read/write head.

Seek Time

For disk drives, the terms seek time and access time are often used interchangeably. Technically speaking, however, the access time is often longer the seek time because it includes a brief latency period.

Access time

Access time is also frequently used to describe the speed of disk drives. Disk access times are measured in milliseconds (thousandths of a second), often abbreviated as ms. Fast hard disk drives for personal computers boast access times of about 9 to 15 milliseconds. Note that this is about 200 times slower than average DRAM.

The access time for disk drives includes the time it actually takes for the read/write head to locate a sector on the disk (called the seek time). This is an average time since it depends on how far away the head is from the desired data.

NetApp Deduplication

Setting Deduplication Schedule to manual

filer01*> sis config
                                              Inline
Path                 Schedule     Compression Compression
-------------------- ------------ ----------- -----------
/vol/SATA_PRD_DEDUP  sun-sat@0    Disabled    Disabled
filer01*> sis config -s - /vol/SATA_PRD_DEDUP
filer01*> sis config
                                              Inline
Path                 Schedule     Compression Compression
-------------------- ------------ ----------- -----------
/vol/SATA_PRD_DEDUP  -            Disabled    Disabled

Setting Deduplication Schedule to Run Daily

filer01*> sis config -s sun-sat@0 /vol/SATA_PRD_DEDUP
filer01*> sis config
                                              Inline
Path                 Schedule     Compression Compression
-------------------- ------------ ----------- -----------
/vol/PRD_DEDUP       sun-sat@0    Disabled    Disabled
2025/06/01 11:59
, ,

Older entries >>

start.txt · Last modified: by 127.0.0.1