TIL how to disable the timeout of mapped drives in Windows

I was trying to copy some big files over the network to another server, and I mapped the destination drives in the local server for easy copying. However I kept getting errors in my script, which I suspected because the drives getting disconnected. Here is how to set it to not disconnect.

Run as administrator in a command prompt, where -1 means disable.

net config server /autodisconnect:-1

TIL how to check the bandwidth between 2 servers

We subscribed for a dedicated line between 2 datacenters, and when we were trying to copy some files over, it was really slow.
We were supposed to get few MB/s transfer rate, but were getting only 20KB/s which was unacceptable. We needed to make a clear case with the service provider to get their support on fixing this. Simple google searches showed me the tool called iperf, and it provided me what I wanted. It is a shame that I never knew this tool existed.

In the destination server, I ran the iperf server by below command:

.\iperf3.exe -s -p 136 (I only have few ports open in between, and that is not currently in use)

and in the source, I ran the iperf client:

.\iperf3.exe -c <Destination IP> -p 136

The results were enough to convince the service provider to fix their network.

This is probably the most basic test that can be done using the tool, but there are plenty of other options as documented here.

How to export services and their users into csv

I need to export the services and their ‘run as’ users in a number of servers. This is how I did it.

#Ebin Issac 6/3/2018
#This will read a list of servers from a text file, and extract the services which are not run by localsystem, and save into a csv file. Need to be run from a server with elevated permissions

$ComputerList = Get-Content serverlist.txt
ForEach ($Server In $ComputerList) {
    Write-Host "Processing $($Server) ... " -ForegroundColor White -NoNewline
    Get-wmiobject -computername $Server win32_service | where { $_.startname -notmatch "localsystem"}| select-object pscomputername,Displayname,name,startname | Export-Csv "$Server.csv" -NoTypeInformation 
   # write-host $?
    If ($? -eq 'True') {
			Write-Host "OK." -ForegroundColor Green
    }
     Else {
			Write-Host "Failed." -ForegroundColor Red
    }
}

You can find the download link here.

So this will take a list of servers, and extract the services, but excludes those run by localsystem, and export into a csv. You can filter that part based on your requirements. The output will look similar to this.

ServiceUsers

How to fix puppet certificate errors

When we recently took over some client’s infrastructure, we started to get the following error.

puppet-cert-error

I just had to renew the cert to fix this. To renew, follow the steps below:

1.Delete the old certificate from client.

root@agent1:/etc/puppetlabs/puppet# mv ssl ssl.20171115

2.Delete the old certificate from server.

root@ip-172-31-7-177:/home/ubuntu# puppet cert clean agent1.ap-southeast-1.compute.internal   //make sure to change the agent name

3.Run puppet agent again, it will create a new certificate.

root@agent1:/etc/puppetlabs/puppet# puppet agent -tv
Info: Creating a new SSL key for agent1.ap-southeast-1.compute.internal
Info: Caching certificate for ca
Info: csr_attributes file loading from /etc/puppet/csr_attributes.yaml
Info: Creating a new SSL certificate request for agent1.ap-southeast-1.compute.internal
Info: Certificate Request fingerprint (SHA256): 16:E8:E6:51:46:A1:07:0E:FA:E1:E9:F9:54:C4:4E:F7:F9:EF:0E:xx:xx:xx:xx:xx:xx
Info: Caching certificate for ca
Exiting; no certificate found and waitforcert is disabled
root@agent1:/etc/puppetlabs/puppet#

4.If we get the following message, that means puppet server auto sign is not enabled, so we need to manually sign the cert from server. If it is not there, move to step 7

Exiting; no certificate found and waitforcert is disabled

5.To manually sign, first list the certs to be signed in the master.

root@ip-172-31-7-177:/home/ubuntu# puppet cert --list
"agent1.ap-southeast-1.compute.internal" (SHA256) 16:E8:E6:51:46:A1:07:0E:FA:E1:E9:F9:54:C4:4E:F7:F9:EF:0E:xx:xx:xx:xx:xx:xx
"agent2.ap-southeast-1.compute.internal" (SHA256) B1:3F:AF:A5:70:90:33:60:B8:63:EF:2C:A5:97:72:2C:DD:EF:xx:xx:xx:xx:xx:xx:xx
root@ip-172-31-7-177:/home/ubuntu#

6.Sign the certificate for that agent by :

root@ip-172-31-7-177:/home/ubuntu# puppet cert sign agent1.ap-southeast-1.compute.internal
Signing Certificate Request for:
"agent1.ap-southeast-1.compute.internal" (SHA256) 16:E8:E6:51:46:A1:07:0E:FA:E1:E9:F9:54:C4:4E:F7:F9:EF:xx:xx:xx:xx:xx:xx:xx
Notice: Signed certificate request for agent1.ap-southeast-1.compute.internal
Notice: Removing file Puppet::SSL::CertificateRequest agent1.ap-southeast-1.compute.internal at '/etc/puppetlabs/puppet/ssl/ca/requests/agent1.ap-southeast-1.compute.internal.pem'
root@ip-172-31-7-177:/home/ubuntu#

7.To verify, run puppet agent again in agent.

root@agent1:/etc/puppetlabs/puppet# puppet agent -tv
Info: Retrieving plugin
Info: Caching catalog for agent1.ap-southeast-1.compute.internal
Info: Applying configuration version '1510728583'
Info: Creating state file /var/lib/puppet/state/state.yaml
Notice: Finished catalog run in 0.01 seconds
root@agent1:/etc/puppetlabs/puppet#

How to export the last login details of all users in a Windows server using Powershell

So one of our clients want to get a monthly report on the last login details of all users in the Windows servers in our environment. So we came up with this powershell script which is scheduled to run end of every month. This will extract the data, and upload them to an S3 bucket. It makes use of awscli for uploading to s3. We can even include SNS notification, but right now it is not implemented.

Below is the script:

Disclaimer : I do not know if this is the best way to do it just like all my other scripts, but this works [ At least for me ]

$currentMonth = Get-Date -Format MM
$currentYear = Get-Date -UFormat %Y
$hostname = hostname
$filename = $currentYear+""+$currentMonth+""+$hostname+"_login.csv"
$([ADSI]"WinNT://$env:COMPUTERNAME").Children | where {$_.SchemaClassName -eq 'user'} | select @{l='name';e={$_.name}},@{l='LastLogin';e={$_.lastlogin}} | export-csv C:/temp/$filename

(gc C:/temp/$filename) -replace (gc C:/temp/$filename)[0],"" | sc C:/temp/$filename -Force
(gc C:/temp/$filename) -replace (gc C:/temp/$filename)[1],"" | sc C:/temp/$filename -Force
(gc C:/temp/$filename) | ? {$_.trim() -ne "" } | set-content C:/temp/$filename

aws s3 cp C:/temp/$filename s3://YourBucket/$currentYear/$currentMonth/

This will create a csv file in the following format.
windows_last_login

How to select full URL upon click in Firefox..

I use Firefox as my personal browser. Although I sync it, there are some settings which are not synced. So every time I reinstall or change PC, I have to redo them again and again. This is one of those things. After a re install, if I click on the address bar, it wont select the whole address. I need to click Ctrl+A for it. But with a simple tweak, we can get that functionality. For that,

  • go to about:config in firefox address bar.
  • Search for browser.urlbar.clickSelectsAll
  • FirefoxDouble click and change the value to true.

How to get a Snapshot report from AWS using Python..

I was not sure if I was making a mistake by leaving Micron for a job in a small company. Anyway I don’t regret the move. In fact I actually love this job so far. It has all the good and bad things of working in a small company. Things are messy there. But.. the opportunity to learn and perform are tremendous, and that is what I really was looking for.

I was asked to modify a python script written by an ex-employee to get the snapshot report from AWS. I have never touched python for at least 5 years, and even then, that was all about simple things. And my experience with AWS SDK were none. So when I looked at the code, I did not understand anything. So I decided to do it myself from scratch instead of modifying it.

You can find the script here.

Basically, it collects the access and secret keys as arguments, then connect to ec2, get all the running instances, then the volumes attached to it, and then the snapshots. I have no idea if it is the best way to do it. I don’t even think that I used the best python practices.  Anyway, it works well now. Once the script is executed, it will create a nice csv file as follows, which is great. It has all the fields, and it is easy to manipulate in a spreadsheet according to our needs.Snapshots

This saves us a  lot of time from checking manually for each of our customer accounts if the snapshots are there or not.

I feel pretty proud about this. You know, no matter how bad  the code is, it works. 😉