Install OpenSSL from here:
Copy the PFX file to the directory you want the .pem files in. Open a command prompt as admin, change to the directory and run these commands:
To export the private key without a passphrase or password.
C:\OpenSSL-Win32\bin\openssl pkcs12 -in adams14wildcard.pfx -nocerts -nodes -out serverkey.pem
To export the Certificate
C:\OpenSSL-Win32\bin\openssl pkcs12 -in adams14wildcard.pfx -clcerts -nokeys -out servercert.pem
Restart whatever service (in this case it was Tenable Nessus).
I forget this every time I reset my password…
(Get-Credential).Password | ConvertFrom-SecureString | Out-File “C:\Scripts\365SecureString.txt”
$pass = cat “C:\Scripts\365securestring.txt” | convertto-securestring
$mycred_online = new-object -typename System.Management.Automation.PSCredential -argumentlist “UserAccount@contoso.com”,$pass
$mycred = new-object -typename System.Management.Automation.PSCredential -argumentlist “UserAccount”,$pass
Storing this one for later…
$cred = Get-Credential
Enter-PSSession -Credential $cred -Computername <hostname>
Get-DNSClientServerAddress –interfaceIndex XX (Just making sure this is the interface I want to change).
Set-DNSClientServerAddress –interfaceIndex XX –ServerAddresses (“x.x.x.x”,”x.x.x.x”)
Ugh. Ok, so something I came across today that I figured might help someone else out in the future. I’m setting up a new CentOS 7 box and while I was doing that I kept having intermittent network connectivity issues. For some reason I decided NetworkManager needed to get out of my way… so I went about the process of disabling all that nonsense and went back to doing network config the way I know how. I set a reservation in DHCP (temporary), and set ifcfg-eth0 as a static IP along with all the other relevant pieces to get the interface manually configured.
Problem was I couldn’t get the network to come up. Here was my first issue:
Naturally I follow directions and ran “systemctl status network.service -l” and was greeted with:
Relevant bits highlighted. Now I’m pretty sure nothing is using that address since I got it from DHCP … so a bit of Googling led me to this link. The explanation here is that when ifup-eth runs it does an arping to determine if anything is using that address, and if anything replies then it exists the script. The offending section is this: Continue reading
On your DHCP Server
You need this VB Script in the scripts directory of NSClient++ on the DHCP Server:
Change the .doc extension to .vbs or hit the link to Nagios exchange below for the original file.
Now in nsc.ini — Enable NRPEListener.dll and CheckExternalScripts.dll
Also in nsc.ini add the following in the External Scripts Section:
check_dhcp_scope=cscript.exe //T:30 //NoLogo scripts\check_dhcp_scope.vbs
Restart the NSClient++ on the DHCP server.
The PDC Emulator in your domain is the only system you should need to run this on. The rest of the systems should sync with this DC. I’ve included the commands below that you can run against your secondary DCs just to make sure they know what they should be doing. This is a rare thing to have to do … but I ended up having to do it today because the time source configured on our domain (long ago) stopped serving up time. WARNING: To much time skew between your current time and the updated time could cause serious headaches for your clients. WARNING!
On your PDC Emulator from an elevated command prompt:
What follows is the basic outline I followed to upgrade System Data Protection Manager 2010 – DPM – running on a Windows Server 2008 R2 host to DPM 2012 SP1. Obviously each step has small libraries of documentation you could read, warnings you could ignore, and whatnot – but if you’re simply looking to make sure you’ve got the right steps planned out, this is what I did to upgrade our setup:
Please note – I did this same set of steps across both of our systems (primary site and secondary site).
- Ensure Windows is up to date.
- Ensure DPM 2010 is up to date.
- Ensure you are running SQL Server 2008 R2 (I have SP1 — 10.50.2550.0)
- You are set to install DPM 2012 at this point. Install was simple – put in the disk, provide some passwords… next, next, next. Continue reading