GPO from samba 4 don't work.
On server:
samba-tool ntacl sysvolreset
On windows client:
gpupdate /force
Remove comments and whitespaces with sed
pico /usr/bin/scrub
# Remove all comments and empty lines
sed -e ‘s/#.*//’ -e ‘s/[ ^I]*$//’ -e ‘/^$/ d’ $1
chmod 755 /usr/bin/scrub
pico /usr/bin/clrspace
# Remove all leading and trailing whitespace from each line;
sed ‘s/^[ t]*//;s/[ t]*$//’ $1
chmod 755 /usr/bin/clrspace
now you can simply run
scrub filename
clrspace filename
# Remove all comments and empty lines
sed -e ‘s/#.*//’ -e ‘s/[ ^I]*$//’ -e ‘/^$/ d’ $1
chmod 755 /usr/bin/scrub
pico /usr/bin/clrspace
# Remove all leading and trailing whitespace from each line;
sed ‘s/^[ t]*//;s/[ t]*$//’ $1
chmod 755 /usr/bin/clrspace
now you can simply run
scrub filename
clrspace filename
Windows 10 startup folder
Windows 10 startup folder location
The Current Users Startup folder in Windows 10 is located at:
C:\Users\Username\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
These programs start up for the current logged in user only. To directly access this folder, open Run, type shell:startup and hit Enter.
The All Users Windows 10 startup folder is located at:
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
These programs start up for all users. To open this folder, bring up the Run box, type
shell:common startup or
shell:startup
and hit Enter.
Windows 10 default environment variables
Variable Windows 10
%ALLUSERSPROFILE% C:\ProgramData
%APPDATA% C:\Users\{username}\AppData\Roaming
%COMMONPROGRAMFILES% C:\Program Files\Common Files
%COMMONPROGRAMFILES(x86)% C:\Program Files (x86)\Common Files
%CommonProgramW6432% C:\Program Files\Common Files
%COMSPEC% C:\Windows\System32\cmd.exe
%HOMEDRIVE% C:\
%HOMEPATH% C:\Users\{username}
%LOCALAPPDATA% C:\Users\{username}\AppData\Local
%LOGONSERVER% \\{domain_logon_server}
%PATH% C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem
%PathExt% .com;.exe;.bat;.cmd;.vbs;.vbe;.js;.jse;.wsf;.wsh;.msc
%PROGRAMDATA% C:\ProgramData
%PROGRAMFILES% C:\Program Files
%ProgramW6432% C:\Program Files
%PROGRAMFILES(X86)% C:\Program Files (x86)
%PROMPT% $P$G
%SystemDrive% C:
%SystemRoot% C:\Windows
%TEMP% C:\Users\{username}\AppData\Local\Temp
%TMP% C:\Users\{username}\AppData\Local\Temp
%USERDOMAIN% {userdomain}
%USERNAME% {username}
%USERPROFILE% C:\Users\{username}
%WINDIR% C:\Windows
%PUBLIC% C:\Users\Public
%PSModulePath% %SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
Although you can use environment variables to quickly access certain locations within Windows 10, you’ll typically use these variable when building an script or an application.
Keep in mind that some of the variables mentioned are not location specific, including %COMPUTERNAME%, %PATHEXT%, %PROMPT%, %USERDOMAIN%, %USERNAME%.
While this guide is focused on Windows 10, it’s important to note that these variable will also work on Windows 8.x, Windows 7, and Windows Vista.
Zimbra plus addressing
Plus Addressing is a feature that allows a sender to append a tag to the user id of a recipient. This lets the recipient more easily sort the incoming mail using a mail filter.
For example, user@zimbra.lab could also be reached using the address user+tag@zimbra.lab.
To enable Plus Addressing with Zimbra, use zmprov as follows:
zmprov mcf zimbraMtaRecipientDelimiter +
Note that the delimiter can be a character other than '+'.
To disable Plus Addressing, use zmprov as follows:
zmprov mcf -- -zimbraMtaRecipientDelimiter +
After making changes to enable or disable this feature, you can restart the postfix service :
zmmtactl restart
And check that the postfix configuration has the right value :
postconf recipient_delimiter
recipient_delimiter = +
- Disable addresses (since 8.5.0)
If you want to disable a specific address, e.g. because it has been targeted by spam, you can enable a postfix recipient and client restriction map.
Create the postfix recipient access file:
touch /opt/zimbra/conf/postfix_recipient_access
Edit the file to include the address:
user+spam@zimbra.lab 550 User Unknown
Build the lmdb file:
postmap /opt/zimbra/conf/postfix_recipient_access
Enable check_recipient_access:
zmprov mcf +zimbraMtaRestriction "check_recipient_access lmdb:/opt/zimbra/conf/postfix_recipient_access"
For example, user@zimbra.lab could also be reached using the address user+tag@zimbra.lab.
To enable Plus Addressing with Zimbra, use zmprov as follows:
zmprov mcf zimbraMtaRecipientDelimiter +
Note that the delimiter can be a character other than '+'.
To disable Plus Addressing, use zmprov as follows:
zmprov mcf -- -zimbraMtaRecipientDelimiter +
After making changes to enable or disable this feature, you can restart the postfix service :
zmmtactl restart
And check that the postfix configuration has the right value :
postconf recipient_delimiter
recipient_delimiter = +
- Disable addresses (since 8.5.0)
If you want to disable a specific address, e.g. because it has been targeted by spam, you can enable a postfix recipient and client restriction map.
Create the postfix recipient access file:
touch /opt/zimbra/conf/postfix_recipient_access
Edit the file to include the address:
user+spam@zimbra.lab 550 User Unknown
Build the lmdb file:
postmap /opt/zimbra/conf/postfix_recipient_access
Enable check_recipient_access:
zmprov mcf +zimbraMtaRestriction "check_recipient_access lmdb:/opt/zimbra/conf/postfix_recipient_access"
NTFRS - journal wrap errors detected on domain controller
File Replication Service has detected that the replica set “DOMAIN SYSTEM VOLUME (SYSVOL SHARE)” is in JRNL_WRAP_ERROR
Are you getting this error in your File Replication Service?
The File Replication Service has detected that the replica set “DOMAIN SYSTEM VOLUME (SYSVOL SHARE)” is in JRNL_WRAP_ERROR.
Replica set name is : “DOMAIN SYSTEM VOLUME (SYSVOL SHARE)”
Replica root path is : “c:\windows\sysvol\domain”
Replica root volume is : \\.\C:
A Replica set hits JRNL_WRAP_ERROR when the record that it is trying to read from the NTFS USN journal is not found. This can occur because of one of the following reasons.
[1] Volume “\\.\C:” has been formatted.
[2] The NTFS USN journal on volume “\\.\C:” has been deleted.
[3] The NTFS USN journal on volume “\\.\C:” has been truncated. Chkdsk can truncate the journal if it finds corrupt entries at the end of the journal.
[4] File Replication Service was not running on this computer for a long time.
[5] File Replication Service could not keep up with the rate of Disk IO activity on \\.\C:.
Setting the “Enable Journal Wrap Automatic Restore” registry parameter to 1 will cause the following recovery steps to be taken to automatically recover from this error state.
This is caused when the Sysvol gets currupted and is simple to fix. I will walk you through the steps.
First off before we do anything lets backup by taking a Shadow Copy of the C: Drive. To do this we will open MyComputer and select the C:Drive, right click it and select properties. Now find the ShadowCopy Tab, highlight the C: Drive and click the “Create Now” button to create a backup point on the drive. You do not need to “Enable” ShadowCopy to take a 1 time snapshot.
Now that we have a backup point to go to if all hell breaks loose we can safely move on to the next step.
Open up REGEDIT and navigate to the RegKey -> System\CurrentControlSet\Services\NtFrs\Parameters and create a new REG_DWORD key called Enable Journal Wrap Automatic Restore and place a 1 as the hex value.
Now launch a Command window(DOS) and run the following commands:
NET STOP NTFRS
NET START NTFRS
This will then cause the following to appear in your File Replication Service Event Log:
The File Replication Service is deleting this computer from the replica set “DOMAIN SYSTEM VOLUME (SYSVOL SHARE)” as an attempt to recover from the error state,
Error status = FrsErrorSuccess
At the next poll, which will occur in 5 minutes, this computer will be re-added to the replica set. The re-addition will trigger a full tree sync for the replica set.
This will be followed by the following Event Log:
File Replication Service is scanning the data in the system volume. Computer MyDomainServer cannot become a domain controller until this process is complete. The system volume will then be shared as SYSVOL.
This will be followed by the following Event Log:
The File Replication Service moved the preexisting files in
c:\windows\sysvol\domain to c:\windows\sysvol\domain\NtFrs_PreExisting___See_EventLog.
Now we need to wait a bit and allow the replication to complete. This has taken anywhere from 5 minutes to 20 minutes for me based on server and what is being replicated. You will know it is complete when you get the Event Log:
The File Replication Service is no longer preventing the computer MyDomainController from becoming a domain controller. The system volume has been successfully initialized and the Netlogon service has been notified that the system volume is now ready to be shared as SYSVOL.
Once you get this log your replication is complete and the Journal Wrap issues are fixed. We now need to go back to REGEDIT and change the entry we placed in there from a 1 to a 0.
Linux shell network monitoring tools
1. Overall bandwidth - nload, bmon, slurm, bwm-ng, cbm, speedometer, netload
2. Overall bandwidth (batch style output) - vnstat, ifstat, dstat, collectl
2. Bandwidth per socket connection - iftop, iptraf, tcptrack, pktstat, netwatch, trafshow
3. Bandwidth per process - nethogs
Limit bandwidth in Linux
wondershaper - An easy tool to limit bandwidth of a particular interface.
apt-get install wondershaper
$ sudo wondershaper {interface} {down} {up}
the {down} and {up} are bandwidth in kpbs
So for example if you want to limit the bandwidth of interface eth1 to 256kbps downlink and 128kbps uplink,
$ sudo wondershaper eth1 256 128
To clear the limit,
$ sudo wondershaper clear eth1
Clean up boot partition - Ubuntu
1. Check the current kernel version
$ uname -r
It will shows the list like below:
3.19.0-64-generic
2. Remove the OLD kernels
2.a. List the old kernel
$ sudo dpkg --list 'linux-image*'|awk '{ if ($1=="ii") print $2}'|grep -v `uname -r`
You will get the list of images something like below:
linux-image-3.19.0-59-generic
linux-image-3.19.0-61-generic
linux-image-3.19.0-65-generic
linux-image-extra-3.19.0-58-generic
linux-image-extra-3.19.0-59-generic
linux-image-extra-3.19.0-61-generic
2.b. Now its time to remove old kernel one by one as
$ sudo apt-get purge linux-image-3.19.0-58-generic
$ sudo apt-get purge linux-image-3.19.0-59-generic
$ sudo apt-get purge linux-image-3.19.0-61-generic
$ sudo apt-get purge linux-image-3.19.0-65-generic
When you're done removing the older kernels, you can run this to remove ever packages you won't need anymore:
$ sudo apt-get autoremove
Windows Time Service (w32time) Synchronization
View time source
w32tm /query /computer:[IP] /source
Change time peers
w32tm /config /manualpeerlist:[server],0x8 /syncfromflags:MANUAL
The actual IP address of the NTP server or its host name must be entered instead of [server].
The flag "0x8" forces w32time not to send "symmetric active" packets but normal "client" requests which the NTP server replies to as usual.
Then the following command can be used to immediately make the changes effective:
w32tm /config /update
If this command has completed successfully your system clock has synchronized to the given NTP server. To check it open a Date and Time window (click "time" icon in the lower right corner of the desktop) -> Change date and time settings -> Internet Time.
Alternatively, the w32time service can be restarted:
net stop w32time && net start w32time
If the w32time service is restarted it sends immediately a request to the NTP server. Additionally, the command:
w32tm /resync
can be used to let w32time send a request.
To configure a client computer or a member server to sync time from the domain, run the following command:
w32tm /config /syncfromflags:domhier /update
And then stop and restart the time service by running:
net stop w32time && net start w32time
Setting Timezone
prompt:
tzutil /l - list Timezones
tzutil /s "TIMEZONE"
tzutil /s "SA Western Standard Time"
tzutil /s "SA Western Standard Time_dstoff" (suffix _dstoff to DISABLE DAYLIGHT SAVING)
PowerShell:
Set-TimeZone -Name "TIMEZONE"
Set-TimeZone -Name "SA Western Standard Time"
Assinar:
Postagens (Atom)