Moving from Windows 1809's OpenSSH to OpenSSH Portable ...
The problemWe are currently using AWS Cloudfront to front our backend .NET web application (the origin). A new requirement came through asking us to serve up customised content based on whether the originating request was from a bot or human.By default, AWS Cloudfront does not forward the user request's User-Agent to the origin so what can we do? Well one (non-peformant) way is to simply modify our distribution behavior to whitelist the the User-Agent header but this puts a ...
I was recently curious about Secure Boot, a mechanism that starts the bootloader only if the bootloader’s signature has maintained integrity, assuring that only approved components are allowed to run. I was pleasantly surprised to find that it was supported on most Linux distributions. The important take away here is to configure the VM to use the Microsoft UEFI Certificate Authority.If you have an existing VM, you can enable it bySet-VMFirmware TestVM -SecureBootTemplate MicrosoftUEFICertificateAuthority If you want to ...
Censorship is real in China. Here are some of the workarounds I can think ofSpin up a Windows server with GUI in Hong Kong or Japan then just remote deskop into the instance.Spin up a Linux server in Hong Kong or Japan and setup a VPN and connect to this VPN using a Connect VPN client.Purchase a VPN that China doesn't actively block. PIA for example gets actively blocked by the great firewall where as a service like ...
Recently did a fresh install of Windows 10 with all the vital updates and tried to use git fetch on both cmd and powershell but was prompted to enter my ssh key so I tried to run ssh-add but I got an error saying Error connecting to agent: No such file or directory so then I tried ssh-agent and got an error saying unable to start ssh-agent service, error :1058 so what could it be?A quick scan of Get-Service ...
I'm currently using Azure's Application Gateway with a backend pool utilising Azure's App Service. When the application gateway forwards your request to the backpool, it also forwards X-Original-Host HTTP Header together with it to help you identity which listener the gateway originally acted upon but what if you wanted it to match the HOST header at the web server (app service)? This might be useful for cases where you need to generate absolute URLs in your web app for whatever ...
We will need to run the following on Powershell with Administrator rights. # Setup variables $companyName = "contoso" $certFilePath = "$PSScriptRoot\$companyName-wildcard.pfx" $dnsName = "*.$companyName.com" $date = (Get-Date).ToString('MMM-yyyy') $certFriendlyname = "$companyName-wildcard-$date" $certExpiry = (Get-Date).AddYears(10) # Removal existing certificates gci Cert:\LocalMachine\Root | Where FriendlyName -Like "*$companyName*" | Remove-Item gci Cert:\LocalMachine\My | Where FriendlyName -Like "*$companyName*" | Remove-Item # Create self signed certificate and store thumbprint variable $thumb = (New-SelfSignedCertificate -DnsName $dnsName -CertStoreLocation ...
Motivation NiceHash Miner is an incredibly simple program to use and I've been wanting to start and stop the program using the Windows Task Scheduler. I initially tried stop the task by using the "Stop task if running more than x" option in the settings section but quickly found that NiceHash Miner 2.exe actually launches another process named excavator.exe (and not as a child process) which doesn't get stopped even though NiceHash Miner 2.exe was ...
Recently, we've been trialing Azure's SQL Data Sync (in Preview at time of writing) feature which allows you to sync database schema and data between multiple databases. This has been working great but we've run into some issues with database triggers so we wanted to dig down deeper. Checking for irregularities use master -- check for recent events select top 1000 * from sys.event_log order by start_time desc -- filter by severity select top 100 * from sys.event_ ...
Find where the logs are located for each website Import-Module WebAdministration foreach($WebSite in $(get-website)) { $logFile="$($Website.logFile.directory)\w3scv$($website.id)".replace("%SystemDrive%",$env:SystemDrive) Write-host "$($WebSite.name) [$logfile]" } # Results mysite1.dev[C:\inetpub\logs\LogFiles\w3scv2] mysite2.dev[C:\inetpub\logs\LogFiles\w3scv3] mysite3.dev[C:\inetpub\logs\LogFiles\w3scv4] mysite4.dev[C:\inetpub\logs\LogFiles\w3scv5] mysite5.dev[C:\inetpub\logs\LogFiles\w3scv1] mysite6.dev[C:\inetpub\logs\LogFiles\w3scv6] # Let's ...
Recently wanted to enable remote management of a server via powershell so that I could try out Project Honolulu for managing Windows Servers Make sure WinRM service is running and start up to automatic Get-Service winrm Enable Powershell Remoting Enable-PSRemoting -Force Ensure network profiles are ok # Show network profile > Get-NetConnectionProfile Name : Network InterfaceAlias : Ethernet InterfaceIndex : 2 NetworkCategory : Public IPv4Connectivity : Internet IPv6Connectivity : NoTraffic # Set network profile from Public to Private > Get-NetConnectionProfile | Set-NetConnectionProfile -NetworkCategory Private # Verify the update completed > ...
Setting up Visual Studio Build Tools 2017 Recently wanted to setup a Windows Server Core VM/image for portability. It's mainly used to build ASP.NET MVC web apps on the full .NET Framework which would then need to be deploy to Azure. Just documenting the steps I took along the way. # Download and install VS Build Tools Invoke-WebRequest https://aka.ms/vs/15/release/vs_buildtools.exe -OutFile vs_buildtools.exe ; Start-Process -FilePath 'vs_BuildTools.exe' -ArgumentList ` '--quiet', '--norestart', ...
WARNING : This does not work Windows Server Core Some folk have been arriving to this post hoping to find a solution for Windows Server Core might need to look elsewhere. I've only tested this on Windows Server 2012. Service requirements We need to make sure the following services are running # Check status of services required for Network Discovery on Windows Get-Service -DisplayName "Function Discovery Resource Publication" Get-Service -DisplayName "DNS Client" Get-Service -DisplayName "SSDP Discovery" ...
Recently, I've been testing ASP.NET MVC's Output Cache feature and wanted to test using different parameters such as VaryByCustom which would read a user's cookies and construct a cache key according to some value. I ended up having to log in and out of Google Chrome, Firefox, Edge etc just to test this so I created a script to do so instead. $loginUrl = "https://example.com/log-in" $normalUrl = "https://example.com/logged-in-area" $postParams = @{email='foo@ ...
Let's say you have a VM hosted by Hyper-V named CICDSRV01 and we want to enable nested virtualization to run another Docker for Windows instance, we first need to enable this feature by setting ExposeVirtualizationExtensions to $true on the target VM's processor # Check if VM named CICDSRV01 supports nested virtualization Get-VMProcessor -VMName "CICDSRV01" | Select VMName,Count,ExposeVirtualizationExtensions VMName Count ExposeVirtualizationExtensions ------ ----- ------------------------------ CICDSRV01 12 False The ExposeVirtualizationExtensions property reads False so let's enable it Get-VMProcessor -VMName " ...
Tonight, I was testing some Windows Docker images across my different computers on my home network. I did a docker pull microsoft/iis and the file download wasn't exactly fast on my slow internet connection so I decided to save the image as a .tar file by docker image save -o c:\docker-images-export\microsoft-iis.tar but how can I move this across to my target computer quickly without setting domains, setting up users, setting a home group etc. ? The quickest ...
Windows containers only 2019 update : Doing this via dockerd This shows how we can set D:\ProgramData\docker as our directory rather than the default C:\ProgramData\docker by utilizing dockerd CLI's --data-root option which sets the "Root directory of persistent Docker state". See their API for further options sc stop docker cd "C:\Program Files\Docker\Docker\Resources" .\dockerd.exe --unregister-service .\dockerd.exe --register-service --data-root "D:\ProgramData\docker" sc start docker docker info ...
Windows 10 Setup In short, setup failed request tracing feature on IIS On Windows 10, let's first enable it netmgr > server > website > failed request tracing rules > edit site tracing > enable add > all content > status codes > 500 Then to view the logs inetmgr > server > website > failed request tracing rules > view trace logs then find the fr*.xml related files, right click and open with IE Internet Explorer. Not sure ...
Recently attempted to implement Azure's Local Cache feature for App Service and so after updating App Settings "WEBSITE_LOCAL_CACHE_OPTION": "Always", "WEBSITE_LOCAL_CACHE_SIZEINMB": "1800", And restarting my app, how do I verify that the web app's local cache instance is serving up the content and not from a shared network location? You will need to navigate to https://yourwebsitename.scm.azurewebsites.net/ProcessExplorer and find the properties column for ...
Today I went to tinker around with Network Profiles on Windows 10. I made some changes going from Public to Private and a few changes here and there. After resetting my PC, I realised that some of the VM's (Ubuntu and Windows Server 2016) all using same virtual network adapter that were running could not longer resolve DNS names like www.example.com. Upon diagnosing the situation, I got an error message saying Windows could not automatically detect this network's ...
