04 Feb

Extend Microsoft Azure Data Disk & OS Disk

Extend Microsoft Azure Data Disk & OS Disk

To extend Microsoft Azure Data Disk & OS Disk,  the Powershell method can be used for both Classic and ARM models. By default, the OS disk will be 30 GB for Virtual Machines, which may not be sufficient as the ore data is started to get saved into the OS drive.

Extend Data Disk using Powershell – Classic Mode

To extend a Data disk in an Azure Virtual Machine in Classic Mode, we need to perform the below steps,

  1. Open the Windows Powershell ISE and execute the below script

Extend Data Disk using powershell – ARM Mode

To extend a Data disk in an Azure Virtual Machine in ARM Mode, we need to perform the below steps,

  1. Open the Windows Powershell ISE and execute the below script

Extend OS Disk using Powershell – Classic Mode

To extend a OS disk in an Azure Classic Mode Virtual Machine, we need to perform the below steps,

Open the Windows Powershell ISE and execute the below script

Extend OS Disk using Powershell – ARM Mode

To extend a OS disk in an Azure ARM mode Virtual Machine, we need to perform the below steps,

Open the Windows Powershell ISE and execute the below script

Extend the File System Volume of Extended Data or OS Disk – Windows

Once the data disk is extended, the next step is to extend the file system volume on that data disk. For Windows based virtual machines, You can do the volume extension from Server Manager -> Tools -> Computer Management -> Disk Management

Step 1. Open the Server Manager Window

Extend Microsoft Azure Data Disk & OS Disk

Step 2 : Click Tools and then click Computer Management

Extend Microsoft Azure Data Disk & OS Disk

It will open up a window similar to the below picture. Click the Disk Management menu. It will list all the available volumes.

Extend Microsoft Azure Data Disk & OS Disk

Select the Volume, that you wish to extend. Right click the volume to open the menu. Click the Extend Volume option.

Extend Microsoft Azure Data Disk & OS Disk

Click Next button as shown below

Extend Microsoft Azure Data Disk & OS Disk

Then select the size as shown below. Here, we are using a sample volume to extend. So we are extending by 397 MB. After the size is selected, click “Next

Extend Microsoft Azure Data Disk & OS Disk

Now click “Finish” to complete the volume resize.

Extend Microsoft Azure Data Disk & OS Disk

Now you will see the extended volume under Disk Management.
Extend Microsoft Azure Data Disk & OS Disk

https://docs.microsoft.com/en-us/azure/virtual-machines/virtual-machines-windows-expand-os-disk

https://blogs.msdn.microsoft.com/cloud_solution_architect/2016/05/24/step-by-step-how-to-resize-a-linux-vm-os-disk-in-azure-arm/

22 Jan

Error : Hyper-V cannot installed. hypervisor already running

Error : Hyper-V cannot installed. hypervisor already running

When you try to install Hyper-V role on a VM, you may face the error message “Hyper-V cannot installed. hypervisor already running”.

Hyper-V cannot installed. hypervisor already running

To resolve this issue, you may need to run the below commands,

Try installing the Hyper-V feature using the below command,

1
Enable-WindowsOptionalFeature –Online -FeatureName Microsoft-Hyper-V –All -NoRestart 

Hyper-V cannot installed. hypervisor already running

Hyper-V cannot installed. hypervisor already running

Next step is to install the RSAT-Hyper-V Tools. To install the Hyper-V RSAT tools, please execute the below command.

1
Install-WindowsFeature RSAT-Hyper-V-Tools -IncludeAllSubFeature


Hyper-V cannot installed. hypervisor already running

If you wish to enable the clustering, then you need to install the RSAT-Clustering also.

1
Install-WindowsFeature RSAT-Clustering -IncludeAllSubFeature

Hyper-V cannot installed. hypervisor already running
Hyper-V cannot installed. hypervisor already running

To install the MPIO in your server, please execute the below command,

1
Install-WindowsFeature Multipath-IO


Hyper-V cannot installed. hypervisor already running
Hyper-V cannot installed. hypervisor already running

To know more about the MPIO, refer the link https://technet.microsoft.com/en-us/library/ee619734(v=ws.10).aspx

To know more about the MPIO usage, please refer the link, https://blogs.msdn.microsoft.com/san/2012/07/20/managing-mpio-with-windows-powershell-on-windows-server-2012/

Now we need to restart the server once. To restart the server, please execute the below command,

1
Restart-Computer

Hyper-V cannot installed. hypervisor already running

After the server restart, please verify the Hyper-V installation. In the server manager, you will be able to see the Hyper-V installed. Open the Hyper-V manager to start your LAB setup.Hyper-V cannot installed. hypervisor already runningHyper-V cannot installed. hypervisor already running

22 Jan

Windows package manager Chocolatey, installation using Powershell

Windows package manager Chocolatey, installation using Powershell

Here, we are discussing about the Windows package manager Chocolatey, installation using powershell. To start the installation process, open the Windows Powershell ISE in your machine, and type the command,

1
iwr https://chocolatey.org/install.ps1 -UseBasicParsing | iex 

Windows package manager Chocolatey, installation using Powershell

If you are getting the error “running scripts is disabled in this system“, please follow the below steps.

Open the Windows Powershell ISE as “Administrator” using the “Run as Administrator” option. Once you have opened the  Windows Powershell ISE as “Administrator“, please proceed to execute the below command,

1
Set-ExecutionPolicy RemoteSigned

Windows package manager Chocolatey, installation using Powershell

Press “Yes to All“, if you wish to allow the script execution permanently.

Once the script is executed, please run the installation command once again,

1
iwr https://chocolatey.org/install.ps1 -UseBasicParsing | iex

Windows package manager Chocolatey, installation using Powershell

To upgrade the windows package manager, “Chocolatey“, please run the command,

1
choco upgrade chocolatey

Windows package manager Chocolatey, installation using Powershell

You can read more about the package manager installation from the official Chocolatey page, https://chocolatey.org/docs/installation

07 Jan

Remote join client to WSUS – no psexec

Remote join a client to WSUS without using psexec

To remote join client  to WSUS , please execute the below two commands, without using the psexec and also without login to the client machine,

1
2
WMIC /node: process call create "cmd.exe /c GPUpdate.exe /force"
WMIC /node: process call create "cmd.exe /c wuauclt.exe /detectnow"
07 Jan

WSUS not showing cloned machines

WSUS not showing cloned machines

In case your WSUS not showing cloned machines, please verify the SusClientId & SusClientIdValidation keys in the cloned servers. Most probably, all the servers will be having the same key, so that only one server will be successful in establishing the connectivity towards your WSUS server. In that case, please execute the below script as a bat file in your cloned servers from an elevated command prompt.

https://social.technet.microsoft.com/Forums/windowsserver/en-US/40b694e6-6586-47d3-8a68-dc11ecb7759b/wsus-cloned-server-2008-machines-and-registry-keys?forum=winserverwsus

05 Jan

Install Azure Resource Manager modules

To install Azure RM module. The first command will install the AzureRM module from the PowerShell Gallery and the second command will install the component modules of Azure Resource Manager.

To import the AzureRM.* modules, please run the below command,

To import a single AzureRM module, please execute below command with module name

To list all Azure Resource Manager modules installed,

03 Sep

HTTP Error 405 – The HTTP verb used to access this page is not allowed

When I try to open the MSSQL WebAdmin, I got the following error:

The page you are looking for cannot be displayed because an invalid method (HTTP verb) was used to attempt access.

HTTP Error 405 – The HTTP verb used to access this page is not allowed.
Internet Information Services (IIS)?

Solution

Try to fix it with

\Plesk\admin\bin>defpackagemng –fix –type=sqladminmssql

11 Aug

Windows Command Set

ADDUSERS  : Add or list users to/from a CSV file
ARP  :    Address Resolution Protocol
ASSOC   :    Change file extension associations
ASSOCIAT   :    One step file association
AT   :     Schedule a command to run at a later time

ATTRIB   :  Change file attributes

BROWSTAT   :     Get domain, browser and PDC info

CACLS   :  Change file permissions
CALL   :     Call one batch program from another
CD    :    Change Directory – move to a specific Folder
CHANGE    :     Change Terminal Server Session properties

CHKDSK  :   Check Disk – check and repair disk problems
CHKNTFS   :   Check the NTFS file system
CHOICE     :     Accept keyboard input to a batch file
CIPHER      :      Encrypt or Decrypt files/folders
CleanMgr   :     Automated cleanup of Temp files, recycle bin

CLEARMEM Clear memory leaks
CLIP Copy STDIN to the Windows clipboard.
CLS   :   Clear the screen
CLUSTER   :   Windows Clustering
CMD  :     Start a new CMD shell
COLOR  :    Change colours of the CMD window
COMP    :     Compare the contents of two files or sets of files

COMPACT Compress files or folders on an NTFS partition
COMPRESS   :  Compress individual files on an NTFS partition
CON2PRT   :   Connect or disconnect a Printer
CONVERT   :   Convert a FAT drive to NTFS.
COPY   :    Copy one or more files to another location

CSVDE   :   Import or Export Active Directory data

DATE  :    Display or set the date
Dcomcnfg  :    DCOM Configuration Utility
DEFRAG  :    Defragment hard drive
DEL   :   Delete one or more files
DELPROF   :   Delete NT user profiles

DELTREE   :   Delete a folder and all subfolders
DevCon  :    Device Manager Command Line Utility
DIR    :    Display a list of files and folders
DIRUSE   :   Display disk usage
DISKCOMP   :    Compare the contents of two floppy disks

DISKCOPY   :    Copy the contents of one floppy disk to another
DNSSTAT    :    DNS Statistics
DOSKEY   :   Edit command line, recall commands, and create macros
DSADD  :    Add user (computer, group..) to active directory

DSQUERY    :   List items in active directory

DSMOD   :    Modify user (computer, group..) in active directory

ECHO   :   Display message on screen
ENDLOCAL   :   End localisation of environment changes in a batch file
ERASE Delete one or more files
EXIT Quit the CMD shell

EXPAND Uncompress files
EXTRACT Uncompress CAB files

FC Compare two files
FDISK Disk Format and partition
FIND Search for a text string in a file
FINDSTR Search for strings in files
FOR Conditionally perform a command several times

FORFILES Batch process multiple files
FORMAT Format a disk
FREEDISK Check free disk space (in bytes)
FSUTIL File and Volume utilities
FTP File Transfer Protocol
FTYPE Display or modify file types used in file extension associations

GLOBAL Display membership of global groups
GOTO Direct a batch program to jump to a labelled line

HELP Online Help
HFNETCHK Network Security Hotfix Checker

IF Conditionally perform a command

IFMEMBER Is the current user in an NT Workgroup
INSTSRV Install an NT Service
IPCONFIG Configure IP

KILL Remove a program from memory

LABEL Edit a disk label
LOCAL Display membership of local groups

LOGEVENT Write text to the NT event viewer.
LOGOFF Log a user off
LOGTIME Log the date and time in a file

MAPISEND Send email from the command line
MEM Display memory usage
MD Create new folders

MODE Configure a system device
MORE Display output, one screen at a time
MOUNTVOL Manage a volume mount point
MOVE Move files from one folder to another
MOVEUSER Move a user from one domain to another

MSG Send a message
MSIEXEC Microsoft Windows Installer
MSINFO Windows NT diagnostics
MUNGE Find and Replace text within file(s)
MV Copy in-use files

NET Manage network resources
NETDOM Domain Manager

NETSH Configure network protocols
NETSVC Command-line Service Controller
NBTSTAT Display networking statistics (NetBIOS over TCP/IP)
NETSTAT Display networking statistics (TCP/IP)
NOW Display the current Date and Time

NSLOOKUP Name server lookup
NTBACKUP Backup folders to tape
NTRIGHTS Edit user account rights

PATH Display or set a search path for executable files
PATHPING IP trace utility
PAUSE Suspend processing of a batch file and display a message

PERMS Show permissions for a user
PERFMON Performance Monitor
PING Test a network connection
POPD Restore the previous value of the current directory saved by PUSHD
PORTQRY Display the status of ports and services

PRINT Print a text file
PRNCNFG Display, configure or rename a printer
PRNMNGR Add, delete, list printers set the default printer
PROMPT Change the command prompt
PUSHD Save and then change the current directory

QGREP Search file(s) for lines that match a given pattern.

RASDIAL Manage RAS connections
RASPHONE Manage RAS connections
RECOVER Recover a damaged file from a defective disk.
REG Read, Set or Delete registry keys and values

REGEDIT Import or export registry settings
REGSVR32 Register or unregister a DLL
REGINI Change Registry Permissions
REM Record comments (remarks) in a batch file
REN Rename a file or files.
REPLACE Replace or update one file with another

RD Delete folder(s)
RDISK Create a Recovery Disk
RMTSHARE Share a folder or a printer
ROBOCOPY Robust File and Folder Copy
ROUTE Manipulate network routing tables
RUNAS Execute a program under a different user account

RUNDLL32 Run a DLL command (add/remove print connections)

SC Service Control
SCHTASKS Create or Edit Scheduled Tasks
SCLIST Display NT Services
ScriptIt Control GUI applications
SET Display, set, or remove Windows NT environment variables

SETLOCAL Begin localisation of environment changes in a batch file
SETX Set environment variables permanently
SHARE List or edit a file share or print share
SHIFT Shift the position of replaceable parameters in a batch file

SHORTCUT Create a windows shortcut (.LNK file)
SHOWGRPS List the NT Workgroups a user is in
SHOWMBRS List the members of an NT Workgroup
SHUTDOWN Shutdown the computer
SHUTGUI Shutdown the computer
SLEEP Wait for x seconds

SOON Schedule a command to run in the near future
SORT Sort input
START Start a separate window to run a specified program or command
SU Switch User
SUBINACL Edit file and folder Permissions, Ownership and Domain

SUBST Associate a path with a drive letter

TASKLIST List running applications and services
TIME Display or set the system time
TIMEOUT Delay processing of a batch file
TITLE Set the window title for a CMD.EXE session

TOUCH Change file timestamps
TRACERT Trace route to a remote host
TREE Graphical display of folder structure
TYPE Display the contents of a text file

USRSTAT List domain usernames and last login

VER Display version information
VERIFY Verify that files have been saved
VOL Display a disk label

WHERE Locate and display files in a directory tree
WHOAMI Output the current UserName and domain
WINMSD Windows NT Diagnostics

WINMSDP Windows NT Diagnostics II

WMIC WMI Command

XCACLS Change file permissions
XCOPY Copy files and folders

11 Aug

Dangerous WinHelp.exe – Dangerous

winhelp.exe

The W32.HLLW.Lovgate.O@mm worm is a variant of W32.HLLW.Lovgate@mm.
This variant is also a mass-mailing worm that attempts to reply to all the email messages in the Microsoft Outlook Inbox.
The “sender” of the email is spoofed and its subject line and message vary.
The attachment name varies with a .exe, .pif, or .scr file extension.
This worm also attempts to copy itself to all the computers on a local network using the weak passwords to attempt to log in as an Administrator
and to the Kazaa-shared folders.

Copies itself as the following: %Windir%\Systra.exe; %System%\iexplore.exe; %System%\Media32.exe; %System%\RAVMOND.exe; %System%\WinHelp.exe; %System%\Kernel66.dll

Creates a file named AUTORUN.INF in the root folder of all the drives, except the CD-ROM drives, and copies itself as COMMAND.EXE into that folder.
Creates a zip file . in the root folder of all the drives, unless the drive letter is A or B. For example: setup.rar or pass.zip.
Creates the following files: %System%\ODBC16.dll, %System%\msjdbc11.dll, %System%\MSSIGN30.DLL
These files are all the same—they are backdoor components of the worm.

Modifies the (Default) value of the registry key: HKEY_CLASSES_ROOT\exefile\shell\open\command
to: %System%\Media32.exe “%1” %* so that the worm runs when you execute any .exe files.
Terminates all the processes that contains any of the following strings:
KV, KAV, Duba, NAV, kill, RavMon.exe, Rfw.exe, Gate, McAfee, Symantec, SkyNet, rising

Manual removal:
In the key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
please delete the values:
“Program in Windows”=”%system%\iexplore.exe”
“VFW Encoder/Decoder Settings”=”RUNDLL32.exe MSSIGN30.DLL ondll_reg”
“Winhelp”=”%System%\WinHelp.exe”

Navigate to the key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices
and delete the value:
“Systemtra”=”%Windir%\Systra.exe”

In the key:
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows
delete the value:
“run”=”RAVMOND.exe”

And delete the subkey, if exists:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ZMXLIB1