2021. január 12., kedd

How to find domain users who have never changed their passwords

 Hey, I have not posted here since 2 years! But I'm still kickin hard, and alive. Just to save this blog from being forgotten, placing is a new entry. And... see you in 2 years again. ;)

 How to find users who have never ever freaking changed their passwords? (Those lazy bastards, in spec cases when forced pw change cannot be enabled on them.)

Get-ADUser -Filter * -Properties PasswordLastSet,WhenCreated,lastlogondate | Where-Object {$_.Enabled -eq $true -and $_.Lastlogondate -ne $null -and ( $_.PasswordLastSet.datetime -eq ($_.WhenCreated.datetime) ) }

2019. április 1., hétfő

Systemd services command cheatsheet

List of all services and their status:
service --status-all
Another way:
systemctl list-units --type service --all  
List just the enabled services 
systemctl list-units --type service   
or systemctl -l –type service –all
Stop/Start/Restart a service 
systemctl restart/start yourservicename
Enable/Disable the startup of a service at boot time
systemctl enable/disable yourservicename 
Is it enabled? 
systemctl is-enabled yourservicename
Uninstall/wipe a service 
rm /etc/systemd/system/yourservicename
systemctl daemon-reload
systemctl reset-failed
Find out the dependencies: 
systemctl list-dependencies --type service
Get the files related to the service:
locate yourservicename.service 

Disable the service and forbids the others from start it
systemctl mask yourservicename

list systemd unit files and their states (enabled/disabled/etc)
systemctl list-unit-files 

To see / set the default runlevel of the system
systemctl get-defaults (set-defaults)
e.g. multi-user.target or graphical.target

systemctl isolate 
explained: (stolen from internet)
The word "isolate" means run the requested unit, and make sure nothing else is running (with a few exceptions.) Since runlevels have been replaced by targets (which are more or less just a set of services that you want to be running in a certain situation, like for multi-user or graphical usage), you can switch to a "runlevel" by starting the equivalent target and stopping anything that is not part of the new target - using isolate.
systemctl isolate multi-user.target is the modern way to unload the graphic shell, which was done by init 3 previously.   You are in runlevel 5 or to be precise in graphical.target. You do runlevel 3 or systemctl isolate multiuser.target.

Another way to change target runlevel.
systemctl set-default multi-user.target (then reboot)


2018. november 23., péntek

2018. július 24., kedd

MySQL monitoring with Zabbix 3.4

If you install Zabbix Server 3.4 there is a nice template supplied with it which is called "    Template DB MySQL". That could be used for monitoring remote MySQL database performance. Unfortunately this will also not work out of the box... Your logs will get filled by " Error connecting to database: Access denied for user 'zabbix'@'localhost' to database" and...

So you should first create a database on a _remote_ mysql server for the sake of zabbix. This could be painful if security is a high concern for you but actually doesn't hold much risk.

mysql -u root -p
use mysql;
CREATE DATABASE `zabbix_db`;
GRANT ALL PRIVILEGES ON zabbix_db.* TO 'zabbixagent'@'localhost' IDENTIFIED BY 'XXXXXXYYX';

 Then create the required config files:
mkdir /var/lib/zabbix # this is defined in /etc/zabbix/zabbix_agentd.conf.d/userparameter_mysql.conf file. You must have it.
cd  /var/lib/zabbix
touch .my.cnf
chown zabbix:zabbix /var/lib/zabbix -R
chmod 600 .my.cnf

And here is the secret magic: its content should be:

Note: no special rights needed for zabbixuser for "mysqladmin". In this way all errors should be gone and you have a nice and clean MySQL performance monitoring. Tadaam.

2018. július 23., hétfő

Zabbix agent upgrade from 2.x to 3.4

It's not easy as it seems. After you execute the first steps...
wget http://repo.zabbix.com/zabbix/3.4/ubuntu/pool/main/z/zabbix-release/zabbix-release_3.4-1+xenial_all.deb
dpkg -i zabbix-release_3.4-1+xenial_all.deb
apt update
apt install zabbix-agent -y

You suddenly realize that something is definitely wrong because the agent dies.

Jul 23 14:52:22 sss systemd[1]: Failed to start Zabbix Agent.
Jul 23 14:52:22
sss systemd[1]: zabbix-agent.service: Unit entered failed state.
Jul 23 14:52:22
sss systemd[1]: zabbix-agent.service: Failed with result 'exit-code'.
dpkg: error processing package zabbix-agent (--configure):
 subprocess installed post-installation script returned error exit status 1
Processing triggers for libc-bin (2.23-0ubuntu10) ...
Processing triggers for systemd (229-4ubuntu21.2) ...
Processing triggers for ureadahead (0.100.0-19) ...
Errors were encountered while processing:
E: Sub-process /usr/bin/dpkg returned an error code (1)

Some investigation shows /etc/zabbix/zabbix_agentd.conf.d directory does not exists and that's where the new agent looks for its configs and foolishly it does not create it. But you may have existing userparameter configs in existing /etc/zabbix/zabbix_agentd.d so the best way to continue the installation with:
ln -s /etc/zabbix/zabbix_agentd.d /etc/zabbix/zabbix_agentd.conf.d
service zabbix-agent restart
service zabbix-agent status

2018. május 11., péntek

Docker notes #2

docker ps -a = List docker containers including the stopped ones
docker logs -f [ID] = Show the logs wrote in a container
docker logs --tail 200 [ID]

docker commit [ID] (my_new_image) = Convert a container to image
(returns value: sha256:hash)

docker save -o /path/my_new_image.tar = Save a docker image to be ready to imported
docker load -i /path/my_new_image.tar = Import (load) a foreign image
docker run -it sha256:hash /bin/bash = Spin up the image and run a command in it
(you are inside the container now)

docker export [ID] > /path/ide.tar = Export a container into a .tar file
docker diff [ID] = Show the modified files inside a container since its start
docker cp [ID]:/var/log/apache2/access.log ./access.log = Copy a file from container to host

docker-compose build = Build the correctly setup container (in its directory)
docker-compose up -d = Run it
docker rm [ID] = removes an instance of the container that was run
docker rm `docker ps -a -q` = remove all stopped containers
docker rmi image-name = removes the docker image and its dependencies

docker inspect [ID] = See the details of a container
docker run -p 8080:80 = will redirect the container's port 80 to a port 8080 on the host machine's user port
docker port [ID] = will list the port mapping information

docker top [ID] = See the running processes inside of a container
docker history [IMAGE-NAME] = See the commands the container was originally created by