Monday, 08 March 2021 19:28

    Installing and configuring PowerShell on Ubuntu Linux

    Download Powershell package from https://github.com/PowerShell/PowerShell/. Download a suitable version depending on the version of the Operating System you have. Here I am showing the procedure for Ubuntu Server 16.04. Below is the process for installing and configuring PowerShell on Ubuntu Linux.

    Run the following command to download Powershell Package for Ubuntu 16.04 .

    wget https://github.com/PowerShell/PowerShell/releases/download/v6.0.0-alpha.17/powershell_6.0.0-alpha.17-1ubuntu1.16.04.1_amd64.deb

    081420 2006 Installinga1

    Then execute the following in terminal.

    sudo dpkg -i powershell_6.0.0-alpha.17-1ubuntu1.16.04.1_amd64.deb

    sudo apt-get install -f

    081420 2006 Installinga2

    Powershell is installed on Ubuntu now. This is time to test the powershell on Ubuntu Linux. Let us run some commands.

    Enter powershell in the terminal to start Powershell.

    Enter the following in powershell console.

    081420 2006 Installinga3

    $PSVersionTable

    The output should be something like the following.

    081420 2006 Installinga4 

    The following is a brief listing of the common Cmd.exe and UNIX commands that you can use inside Windows PowerShell:

           

    cat

    dir

    mount

    rm

    cd

    echo

    move

    rmdir

    chdir

    erase

    popd

    sleep

    clear

    h

    ps

    sort

    cls

    history

    pushd

    tee

    copy

    kill

    pwd

    type

    del

    lp

    r

    write

    diff

    ls

    ren

     

    However, all the PowerShell commands are not available on Linux PowerShell. For further reference please check at https://docs.microsoft.com/en-us/powershell/scripting/whats-new/known-issues-ps6?view=powershell-7 : (Known Issues for PowerShell on Non-Windows Platforms)

    Configure WinRM for HTTPS

    GUI Forms PowerShell

    PowerShell Remote Sessions and Invoke-Command

    Managing Registry with PowerShell

    Sunday, 07 March 2021 20:31

    Some times you may receive an error if both Hyper-V and VMware workstation are installed. You can disable Hyper-V to run VMware Workstation and also disable Device / Credential guard.

    081420 2023 Yourhostdoe1

    Here is a procedure to disable Device/Credential guard on Windows 10 System.

    Disable Windows Defender Credential Guard by using Group Policy:

    • You can use Group Policy to enable Windows Defender Credential Guard.
    • From the Group Policy Management Console, go to Computer Configuration -> Administrative Templates -> System -> Device Guard.
    • Double-click Turn On Virtualization Based Security, and then click the Disabled option.

     

    081420 2023 Yourhostdoe2

    Update Group Policy to apply changes with gpupdate /force.

    If the group policy update does not resolve the issue, reboot the system.

    Setup Microsoft Active Directory Certificate Services – Windows 2012

    Create a Certificate Request using Active Directory Certificate Services

    VPShellRes.dll could not be found

    Delete Windows.old folder

    Monday, 08 March 2021 20:00

    Configure Ansible to access Windows Servers:

    (with Python 2.x)

     

    1. After installing Ansible, let us configure it to access Windows servers. Hoping that Windows server is already configured with WinRM. 1. Install PIP if not installed already.

    sudo apt install python-pip

    2. Install WinRM module on Ansible server

    sudo pip install "pywinrm>=0.3.0"
    .
    .
    .
    .
      Running setup.py install for pywinrm ... done
    Successfully installed ntlm-auth-1.4.0 pywinrm-0.4.1 requests-ntlm-1.1.0

    3. Now edit hosts file with Windows hosts and Variables

    sudo nano /etc/ansible/hosts
    
    [windows]
    172.168.20.10
    
    [windows:vars]
    ansible_user=test\wintel
    ansible_password=P@ssw0rd
    ansible_connection=winrm
    ansible_winrm_transport=ntlm
    ansible_port=5985

    *** Please do not give password in Production environment. You can use ansible-vault to encrypt the inventory file. 4. Now check a simple module to check windows host connectivity

    winadmin@ansible01:~$ ansible windows -i inventory -m win_ping
    172.168.1.10 | SUCCESS => {
        "changed": false,
        "ping": "pong"
    }

    5. If you configured WinRM with a certificate, add the following line to inventory file.

    ansible_winrm_cert_validation=ignore

    This is not recommended in production environment. Instead, you configure certificate from a certificate server. 6. The above will work for NTLM authentication. Let us configure with Kerberos authentication.

     Install and Setup Kerberos

    sudo apt install python-dev libkrb5-dev krb5-user 
    
    sudo pip install pywinrm[kerberos]

    7. Check kerberos configuration file if the required values are set correctly

    sudo nano /etc/krb5.conf
    
    [libdefaults]
            default_realm = TEST.ORG
    
    [realms]
            TEST.ORG = {
                    kdc = 172.168.1.10
                    admin_server = 172.168.1.10
            }

    8. Check if the kerberos is working.

    winadmin@ansible01:~$ kinit This email address is being protected from spambots. You need JavaScript enabled to view it.
    Password for This email address is being protected from spambots. You need JavaScript enabled to view it.:
    winadmin@ansible01:~$ klist
    Ticket cache: FILE:/tmp/krb5cc_1000
    Default principal: This email address is being protected from spambots. You need JavaScript enabled to view it.
    
    Valid starting       Expires              Service principal
    01/19/2020 08:25:47  01/19/2020 18:25:47  krbtgt/This email address is being protected from spambots. You need JavaScript enabled to view it.
            renew until 01/20/2020 08:25:43
    winadmin@ansible01:~$

    We can see that kerberos ticket is generated. 9. You can destroy using command kdestroy.

    winadmin@ansible01:~$ kdestroy
    venu@ansible01:~$ klist
    klist: No credentials cache found (filename: /tmp/krb5cc_1000)
    winadmin@ansible01:~$

    10. Modify inventory file to use kerberos authentication.

    ansible_winrm_transport=kerberos
    

    Install and configure ansible on Ubuntu server 18.04

    Saturday, 13 March 2021 15:52

    Here is a script to get all the applications installed on the server. This script can be used to list all the applications installed on a single server.

    $Applications = Get-ItemProperty HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\* | Select-Object DisplayName, DisplayVersion, InstallDate
    $Applications += Get-ItemProperty HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\* | Select-Object DisplayName, DisplayVersion, InstallDate
    
    $Applications = $Applications | Where-Object {$_.DisplayName} | Sort-Object DisplayName
    
    $Applications

    See the explanation of the above script below:

    $Applications = Get-ItemProperty HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\* | Select-Object DisplayName, DisplayVersion, InstallDate

    All 64 bit applications are here at the above mentioned registry key. So we need to check for 32 bit applications as well to get total list of Application installed on the server.

    $Applications += Get-ItemProperty HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\* | Select-Object DisplayName, DisplayVersion, InstallDate

    Here, we have added the applications list to above 64 bit applications.

    Then the last line prints the total applications.

    There is another option to get installed applications using WMI calss win32_product. WIn32_product represents the products installed by windows installer. This process is very slo and is not recommended. Whenever you run this WMI class, it performs a consistency check of packages that are installed and also attempts to verify and repair installs.

    Check drive space for multiple servers using PowerShell

    © 2021 WinAdmin.org. All Rights Reserved.