Author Archives: Daz

setup vmware environment

Posted on by No Comments ↓

vmwareOne of the scripts i use to standardise our vmware host deployments;


# Author : Darren T
# v1 : Setup vcenter parameters
# Usage ;
# Please manually connect to vCenter, use "Connect-VIServer" -- this promotes usernames and passwords not being saved with script.
# Modify Variables below before running.
# ------------------- VARIABLES -------------------------
# Database Retention Policy
$Days_Retension = "30"
# Set SMTP Server & Sender Account
$SMTP_Server = "192.168.9.10"
$Sender_Account = "[email protected]"
# ------------------- CODE ONLY BELOW -------------------
# Database Retention Policy -- Enable limits
# Get-AdvancedSetting -Entity $defaultVIServer | where {$_.Name -match "^task.|^event."}
Write-Host "Setting Database Retension... " -NoNewLine;
Get-AdvancedSetting -Entity $defaultVIServer -Name "event.maxAge" | Set-AdvancedSetting -Value $Days_Retension -Confirm:$false
Get-AdvancedSetting -Entity $defaultVIServer -Name "event.maxAgeEnabled" | Set-AdvancedSetting -Value $true -Confirm:$false
Get-AdvancedSetting -Entity $defaultVIServer -Name "task.maxAge" | Set-AdvancedSetting -Value $Days_Retension -Confirm:$false
Get-AdvancedSetting -Entity $defaultVIServer -Name "task.maxAgeEnabled" | Set-AdvancedSetting -Value $true -Confirm:$false
# Set SMTP Server & Sender Account
Write-Host "Setting SMTP Server & Sender Account... " -NoNewLine;
Get-AdvancedSetting -Entity $defaultVIServer -Name "mail.smtp.server" | Set-AdvancedSetting -Value $SMTP_Server -Confirm:$false
Get-AdvancedSetting -Entity $defaultVIServer -Name "mail.sender" | Set-AdvancedSetting -Value $Sender_Account -Confirm:$false

nginx – setup as reverse proxy

Posted on by 4 Comments ↓

Previously to take down this wordpress site all you needed to do was hold down F5 for about 20 seconds then the site would take about 5 mins to recover.

There were a few factors causing this and quite a few different methods to solving the problem. WordPress itself is run on php / apache, apache has an evasive mod which can block certain IPs depending on the defined abusive behavior (typical DDOS attack). Since i like to run a few websites behind a single IP i looked at fixing the issue closer to the perimeter….

Enter nginx (engine x) as a reverse proxy, the site now typically caches all content and serves it straight out of memory. No longer does mysql / apache kill itself under high load on the backend…

nginx

You will need to create the nginx directories if they dont already exist. Check /var/log/nginx/error.log (default ubuntu) if any issues starting the service.

sudo aptitude install nginx
sudo service nginx start

The following added to http {}
(located in /etc/nginx/nginx.conf)

log_format cache '***$time_local '
'$remote_addr '
'$upstream_cache_status '
'Cache-Control: $upstream_http_cache_control '
'Expires: $upstream_http_expires '
'"$request" ($status) ';
access_log /var/log/nginx/access.log cache;
error_log /var/log/nginx/error.log;
server_names_hash_bucket_size 64;
proxy_cache_path /var/www/nginx_cache levels=1:2
keys_zone=one:10m
max_size=1g inactive=30m;
proxy_temp_path /var/www/nginx_temp;

the following added to location / {}
(located in /etc/nginx/sites-enabled/default)

proxy_pass http://sigtar;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
proxy_redirect off;
proxy_buffering on;
proxy_buffer_size 16k;
proxy_buffers 32 16k;
proxy_cache one;
proxy_cache_valid 200 302 304 10m;
proxy_cache_valid 301 1h;
proxy_cache_valid any 1m;
client_body_buffer_size 128k;
proxy_busy_buffers_size 64k;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass_header Set-Cookie;

Note if you have problems with wordpress redirect issues… check this post;

http://tommcfarlin.com/resolving-the-wordpress-multisite-redirect-loop/

Also confirm you have this line in http {}

server_names_hash_bucket_size 64;

Very basic load test, user load time is reasonably consistent as user count increases.
http://loadimpact.com/load-test/sigtar.com-ad07b7870a75c854a935752b0a032c53

load test

activate windows from command line – slmgr

Posted on by No Comments ↓

Temporarily extend evaluation period (limited execution – see output below)…

C:\Windows\System32>cscript slmgr.vbs /rearm

C:\Windows\System32>shutdown -r -t 1

Show detailed license information…

C:\Windows\System32>cscript slmgr.vbs /dlv

License Status: Initial grace period
Time remaining: 43200 minute(s) (30 day(s))
Remaining Windows rearm count: 0

Activate windows…

C:\Windows\System32>cscript slmgr.vbs /ipk xxxxx-xxxxx-xxxxx-xxxxx-xxxxx

C:\Windows\System32>cscript slmgr.vbs /ato

Will require access to the internet – most of the time the issues are either time sync or connectivity to internet.

http://support.microsoft.com/kb/921471 Windows activation fails and may generate error code 0x8004FE33

To do this, configure the following list of CRLs to be unauthenticated on the proxy server:
http://go.microsoft.com/
https://sls.microsoft.com/
https://sls.microsoft.com:443
http://crl.microsoft.com/pki/crl/products/MicrosoftRootAuthority.crl
http://crl.microsoft.com/pki/crl/products/MicrosoftProductSecureCommunications.crl
http://www.microsoft.com/pki/crl/products/MicrosoftProductSecureCommunications.crl
http://crl.microsoft.com/pki/crl/products/MicrosoftProductSecureServer.crl
http://www.microsoft.com/pki/crl/products/MicrosoftProductSecureServer.crl
https://activation.sls.microsoft.com

Active Directory- redirect default Containers to Organisational Units

Posted on by No Comments ↓

One really useful tidbit I picked up last week –

Redirusr & redircmp

Configures the default OU for computers and users so they don’t appear in the default containers when they are added (effectively meaning they only get root domain policies).

As you would guess – it helps keep the default AD containers clean by placing machines straight into an OU and also applying any policies attached.

 

windows 2012 change key from evaluation to standard

Posted on by No Comments ↓

get current version;

dism /online /get-currentedition

Deployment Image Servicing and Management tool
Version: 6.2.9200.16384

Image Version: 6.2.9200.16384

Current edition is:

Current Edition : ServerStandardEval

dism /online /set-edition:ServerStandard /ProductKey:xxxxx-xxxxx-xxxxx-xxxxx-xxxxx /AcceptEula

Deployment Image Servicing and Management tool
Version: 6.2.9200.16384

Image Version: 6.2.9200.16384

Starting to update components…
Starting to install product key…
Finished installing product key.

Removing package Microsoft-Windows-ServerStandardEvalEdition~31bf3856ad364e35~amd64~~6.2.9200.16384
[==========================100.0%==========================]
Finished updating components.

Starting to apply edition-specific settings…
Finished applying edition-specific settings.

The operation completed successfully.
Restart Windows to complete this operation.
Do you want to restart the computer now? (Y/N)

note : you must change evaluation edition to standard before promoting to a domain controller. you cannot change a DC in eval mode to standard and are forced to demote the server before changing the edition.