Quantcast
Channel: Network Audit and Documentation, CENTREL Solutions Blog
Viewing all 432 articles
Browse latest View live

Restore backup SQL Server shows no backups and displays "No backupset selected to be restored"

January 12, 2017, 5:17 am
$
0
0
When you use SQL Server Management Tools to try and restore a database you are able to browse to the .bak file however when you selected it the user interface shows no backups and displays "No backupset selected to be restored".



This can occur if you are trying to restore a database from a newer version of SQL Server.

Unfortunatley the user interface doesn't display this...
Search

Document Microsoft Azure Configuration including Virtual Machines

January 31, 2017, 8:08 am
$
0
0
Lately we've been asked a lot about Microsoft Azure - including both whether customers can  document their Microsoft Azure environments but also whether they can use XIA Configuration Server to document the Windows virtual machines and Linux virtual machines.

The answer is now yes to all of these with XIA Configuration Server v9.



The new agent supports the ability to document resource groups, resources including virtual machines, storage accounts and SQL servers.

We've created a short tutorial video here

https://www.youtube.com/watch?v=7Y8YH-2_V9k&feature=youtu.be

And full information about the Azure functionality can be found here
https://www.centrel-solutions.com/xiaconfiguration/capabilities.aspx?capability=microsoft-azure-reporting-and-inventory-tool-audit-settings-and-create-documentation


Cannot alter the role ‘db_Owner’, because it does not exist or you do not have permission

February 2, 2017, 7:55 am
$
0
0
You may have experienced the issue whereby you see the error

Cannot alter the role ‘db_Owner’, because it does not exist or you do not have permission

Infact this can be any role... the problem can occur when the role name is specified in the wrong case and the SQL server is using a case-sensitive collation, in this example the role should be 'db_owner' rather than ‘db_Owner’.



Using PowerShell New-WebServiceProxy to access Web Services with Client Certificate Authentication

February 15, 2017, 2:37 am
$
0
0
We've recently been looking into helping our customers implement two factor authentication with client certificates.

This was going very well, until writing the help to consume our ASP.NET soap web services with a client certificate.

Here's the problem... It seems that the New-WebServiceProxy cmdlet does not support passing client certificates when it generates the compiled WSDL.

$uri="https://centrel-ws02/xiaconfiguration/webservice/xiaconfiguration.asmx"
$proxy=New-WebServiceProxy$uri-UseDefaultCredential 


The following error is returned
New-WebServiceProxy : The request failed with HTTP status 403: Forbidden.

This limitation is confusing because the following command would help, however the cmdlet requires that a connection is immediately made, which is then too late to add the certificate


$proxy.ClientCertificates.Add($certificate)


This is somewhat annoying given that the Invoke-WebRequest cmdlet does have client cetificate functionality built in


$reqest=Invoke-WebRequest-Uri$uri-UseDefaultCredentials-CertificateThumbprint"FD68506860158BA2B878E0322094E5A6092EDDE6"




Workaround
The only workaround we've managed to find is to save the WSDL from the web service in a web browser and manually add the certificate

$proxy=New-WebServiceProxy"file://c:\temp\my.wsdl"
$certificate=Get-ChildItemCert:\CurrentUser\My\FD68506860158BA2B878E0322094E5A6092EDDE6
$proxy.ClientCertificates.Add($certificate)
Write-Host$proxy.SomeMethod()

Visual Studio 2010 Code Snippets fail on VS 2015 with "Object reference not set to an instance of an object"

February 20, 2017, 6:05 am
$
0
0
We've recently had a problem with some old Visual Studio 2010 code snippets written in C# failing when used in Visual Studio 2015 with an "Object reference not set to an instance of an object" error.


It appears that the code snippets now require the title value to be set.



<CodeSnippetFormat="1.0.0">
  <Header>
    <Title>Add collection editor attribute</Title>
    <Shortcut>coledit</Shortcut>
  </Header>
  <Snippet>
    <CodeLanguage="csharp">
      <![CDATA[[Editor(typeof(AdvancedCollectionEditor), typeof(UITypeEditor))]]]>
    </Code>
  </Snippet>
</CodeSnippet>



Setting the title will immediately remedy the issue, but another gotcha is....

Any code snippet in the document missing the title element will cause subsequent code snippets to fail.

Chromecast streaming stopped when locking the iPhone or the screen automatically locks on TalkTalk player (BlinkBox player).

March 21, 2017, 3:30 am
$
0
0
I've recently had a problem streaming content from the TalkTalk player (which was BlinkBox) to my TV through my Google Chromecast from an iPhone.

The issue was the streaming would work fine, then as soon as the phone went to sleep or automatically locked the screen the streaming would stop.



This seems to be an issue with the TalkTalk player specifically, the easiest way I found around this was to switch to the Google Home application and click the play button in here, the streaming would continue and you can then lock the phone without the stream stopping.

Also I'd like to give Nocturnal Animals a rating of 10%, as this is the approximate length of the film I managed to watch before giving up on it.






Windows 10 Critical Process Died Error

March 24, 2017, 4:45 am
$
0
0
So I ran into this today on a fully patched Windows 10 anniversary installation.

Your PC ran into a problem and needs to restart. We're just collecting some error info, and then we'll restart for you.

CRITICAL_PROCESS_DIED


There are lots of posts about this which involve running sfc /scannow from the recovery console none of which worked. Here's what I found to work

  • Allow Windows 10 to fail and reboot and display the options

  • Goto System Restore - try and restore and it will fail because Windows 10 bugs with System restore with 0x80070091
     
  • Panic
     
  • Allow Windows 10 to fail and reboot and display the options
     
  • Goto Troubleshoot, Advanced Options, Command Prompt
     
  • Find your *real* C: drive probably by going to D:

  • Type cd "Program Files"
     
  • Type attrib –h WindowsApps
     
  • Type ren WindowsApps WindowsApps.old
     
  • Type rstrui
     
  • Run Windows restore again - you may get ANOTHER error, but it seemed to work correctly.
     
  • Immediately go and do a Windows System Image Backup.






Create a system image backup in Windows 10

March 24, 2017, 4:56 am
$
0
0
After experiencing a rather scary SYSTEM_PROCESS_DIED blue screen error on Windows 10 I decided to look at a system backup image as well as full data backups.

These seem to be being de-emphasised in Windows but you can still do them


Goto Control Panel\System and Security\File History



Click on System Image Backup on the bottom left


Click Create a System Image and select the drive where to create






Search

C#.NET AccountExpirationDate Parameter name: fileTime ---> System.ArgumentOutOfRangeException: Not a valid Win32 FileTime.

April 12, 2017, 3:45 am
$
0
0
So we've found a rather strange bug in .NET Framework from 3.5.1 to the latest version (4.6.2).

When using the System.DirectoryServices.AccountManagement library you may get the following error when reading the AccountExpirationDate of a principal.

Not a valid Win32 FileTime.
Parameter name: fileTime ---> System.ArgumentOutOfRangeException: Not a valid Win32 FileTime.
Parameter name: fileTime
   at System.DateTime.FromFileTimeUtc(Int64 fileTime)
   at System.DirectoryServices.AccountManagement.ADStoreCtx.DateTimeFromLdapConverter(dSPropertyCollection properties, String suggestedAdProperty, Principal p, String propertyName, Boolean useAcctExpLogic)
   at System.DirectoryServices.AccountManagement.ADStoreCtx.AcctExpirFromLdapConverter(dSPropertyCollection properties, String suggestedAdProperty, Principal p, String propertyName)
   at System.DirectoryServices.AccountManagement.ADStoreCtx.Load(Principal p, String principalPropertyName)
   at System.DirectoryServices.AccountManagement.Principal.HandleGet[T](T& currentValue, String name, LoadState& state)
   at System.DirectoryServices.AccountManagement.AuthenticablePrincipal.get_AccountExpirationDate()
 

This can occur when the account expires value is set to -1 as seen in ADSIEdit.msc.







 
 
 
The solution to this problem is to either correct these values (Never Expires should be 9223372036854775807) or read the accountExpires value directly using the underlying DirectoryEntry object and checking if it is set to -1.
 

 

Azure cmdlets Get-AzureRmAlertRule and Get-AzureRmRoleAssignment report "api-version=) is required for all requests"

May 3, 2017, 7:56 am
$
0
0
When you use the Azure PowerShell cmdlets such as Get-AzureRmAlertRule and Get-AzureRmRoleAssignment you might see the following

MissingApiVersionParameter: The api-version query parameter (?api-version=) is required for all requests.


This can occur if there are hash symbols in the resource name or resource type parameters.

For example "CDD1EE35DC872C48F799BAC150FBB128E702BB9C##North Europe#'"


You must encode these parameters, replacing the hash # symbols with %23 - for example
"CDD1EE35DC872C48F799BAC150FBB128E702BB9C%23%23North Europe%23'" and then run the command again

















Windows Server 2016 or Windows 10: Date and time "Some settings are managed by your organization".

May 8, 2017, 7:02 am
$
0
0
When you're using the new "Modern" date and time settings in Windows Server 2016 or Windows 10 you may find that you can't set the correct date and time and the value "Some settings are managed by your organization".





The simplest way around this is to go back to the proper control panel using Start, Run, "Control.exe" and searching for "Set the date".





Within here you can set the date and time manually as required



Why is FireFox using / listening on port 80

May 15, 2017, 6:59 am
$
0
0
After a short moment today I was wondering why FireFox was listening on TCP port 80 and stopping IIS from starting because of

netstat -anb which gives the following.

 [firefox.exe]
  TCP    127.0.0.1:52243        127.0.0.1:52242        ESTABLISHED
 [firefox.exe]
  TCP    127.0.0.1:60137        127.0.0.1:443          TIME_WAIT
  TCP    192.168.1.3:80         0.0.0.0:0              LISTENING
 [Skype.exe]

Well it's not it's just the order Netstat reports in, and of course it was Skype blocking the port which can be configured with this checkbox on the connection tab! Sanity restored.


Copying files is painfully slow on Windows 10

May 18, 2017, 6:32 am
$
0
0
Today I've been trying to copy files between two very fast SATA SSD drives.

I know that copying a large number of small files is slow on Windows already but this was excruciating.

The first thing I tried helped a lot, which is temporarily turning off Windows Defender. Obviously this isn't ideal but you can see the performance increase from the red line.


Simply click Start and search for Defender


Open Windows Defender Security Centre

Goto Virus & Threat Protection

Goto Virus & Threat Protection Settings

Turn off Real-Time Protection and Cloud-based protection


 Don't forget to turn them back on after copying your files!

 

Installer created by AdvancedInstaller by Caphyon does not elevate UAC to administrator correctly on uninstall - "A program required for this install to complete could not be run"

June 21, 2017, 3:38 am
$
0
0
We've recently had issues with installers created by AdvancedInstaller by Caphyon that do not elevate UAC to administrator correctly on uninstall. This was causing one of our custom actions to fail on uninstall.

Which lead to a "A program required for this install to complete could not be run" error.

The confusion here seems to be that the install gives you an option to Run as Administrator, however this does not apply to the uninstallation.



For this to work you must select the following option hidden in the Themes section.







Can't remove HP Printer on Windows 10, status: Removing Device

June 22, 2017, 2:01 am
$
0
0
You may find when you're trying to remove a HP printer on Windows 10 that you can't and the printer is stuck in printers in control panel.


Clicking Remove Device does nothing and the status of the printer is displayed as Removing Device. Rebooting does not resolve the issue.

Attempting to uninstall the HP software hangs during the uninstallation.

The method I used to resolve this issue was as follows


  • Reboot the computer and login as the built-in Administrator account.
  • Check the Print Spooler service is running.
  • Goto device manager and uninstall the WSD Print Provider for this printer.


  • Then remove the Software devices related to the printer.

  • If you go back to the printer you will see that the icon has changed.


  • Reboot the computer again, and login as the built-in Administrator account and then you should now be able to remove the printer.
Search

A file that is required cannot be installed because the cabinet file .cab has an invalid digital signature. This may indicate that the cabinet file is corrupt.

June 30, 2017, 1:50 am
$
0
0
When installing or upgrading the XIA Configuration Server you see the error
"A file that is required cannot be installed because the cabinet file <path>.cab has an invalid digital signature. This may indicate that the cabinet file is corrupt."

This is typically caused in a disconnected environment where the trusted certificate authorities are not updated automatically. The system can therefore not validate the certificate that was used to sign the XIA Configuration Server installer.

To validate the signature, right click the installer and select properties, and then view the Digital Signatures tab.


Select the signature and click Details, issues with the signature will be displayed here.


Clicking View Certificate and then viewing the Certification Path tab will display the certificates that are required to complete the chain.



More Information
For more information about disconnected environments please see the following Microsoft article
https://support.microsoft.com/en-us/help/2813430

Resolution
If any of the certificates from the trust chain displayed in the Certification Path tab are missing they can be manually downloaded from the DigiCert site.
https://www.digicert.com/digicert-root-certificates.htm

The required certificates should then be installed into the Trusted Root Certification Authorities certificate store.




















The PowerShell cmdlet Get-NetRoute returns more results than the standard "route print" command

August 24, 2017, 11:36 am
$
0
0
We've been working to migrate our server documentation tool from a combination of WMI, and low level APIs to PowerShell and have come across an interesting issue.

Microsoft recommend using the PowerShell cmdlet Get-NetRoute as a replacement for the old "route print" command, but it returns more results than the standard "route print" command and the WMI class Win32_IP4RouteTable.

It turns out that the former returns routes for interfaces that are down whereas the later two methods do not. This is what leads to the inconsistency.

To ignore the results from network adapters that aren't up you need to correlate them with the results from the Get-NetAdapter cmdlet and check the ifOperStatus.



$routes=Get-NetRoute
$adapters=Get-NetAdapter
foreach ($routein$routes)
{
    $interfaceOnline=$true
    foreach($adapterin$adapters)
    {
        if($adapter.InterfaceIndex -eq$route.InterfaceIndex)
        {
            if([System.Convert]::ToInt32($adapter.ifOperStatus) -ne1) { $interfaceOnline=$false; }
        }
    }
    if (!$interfaceOnline) { continue; }
    $route
}

Get-Printer StartTime and UntilTime

September 18, 2017, 2:14 am
$
0
0
The Windows PowerShell Get-Printer cmdlet provides a start and finish time for printer availability but confusingly this value is returned as an integer value.



More confusingly this is stored as a value of minutes from midnight GMT so if you print server is in GMT -5 and has a available from time of midnight you'll see the StartTime of 300.

If you'd like to convert the time to a DateTime that is more understandable that reflects what is seen in the UI try the following



$baseTime=[System.DateTime]::MinValue.AddDays(1)
$baseTime=$baseTime.AddHours([System.TimeZoneInfo]::Local.BaseUtcOffset.TotalHours)
$baseTime=$baseTime.AddMinutes(150)

Get-CimInstance PowerShell cmdlet doesn't have any methods

September 19, 2017, 8:15 am
$
0
0
If you've moved from the Get-WmiObject to the new Get-CimInstance cmdlets you may find that these no longer have the methods available that you would have had when using Get-WmiObject.

This is because everything is being routed correctly though the WS-MAN protocol and the objects that are returned are not code and cannot be executed.

It's a simple work around - just pipe the object back to the Invoke-CimMethod cmdlet...

$printers = Get-CimInstance Win32_Printer
$descriptor = $printers[0] | Invoke-CimMethod -MethodName GetSecurityDescriptor

The apply button of the PowerShell security descriptor dialog does not work as expected - Set-PSSessionConfiguration -ShowSecurityDescriptorUI -Name Microsoft.PowerShell

September 25, 2017, 6:16 am
$
0
0
When running the following command to modify the PowerShell security descriptor
Set-PSSessionConfiguration -ShowSecurityDescriptorUI -Name Microsoft.PowerShell

The following dialog is displayed.


Be aware that clicking the Apply button does not apply the security setting until either the OK or cancel button is clicked.

This behaviour can give confusing results when testing the access control lists.
Viewing all 432 articles
Browse latest View live
Search