Wednesday, 13 June 2018

Log off remote user

First, check the session number with qwinsta:

QWINSTA /server:YOURCOMPUTERNAMEHERE

Write down the session ID.

Then use the logoff command:

LOGOFF YOURSESSIONIDHERE /server:YOURCOMPUTERNAMEHERE

Friday, 1 June 2018

Replace ESXi ixgben driver with ixbge (for Intel 82599 card)

HPE ESXi throws errors after upgrade from 6.5 to 6.7.

Alarm 'Host error' on xxxxxx triggered by event 30413 'Issue detected on xxxxxx in OMC: (unsupported) Device 10fb does not support flow control autoneg

To fix - replace ixgben driver with ixgbe as per:

https://www.alihassanlive.com/e2k3/2018/3/29/10fb-does-not-support-flow-control-autoneg-vmware-esx-65
https://kb.vmware.com/s/article/1013413
https://kb.vmware.com/s/article/52044

1. Download the latest version of ixgbe driver from VMWare web site (I found 4.5.3)

2. Copy the .vib file to the ESXi host and install it:

# esxcli software vib install -v /tmp/bcrtc/net-ixgbe_4.5.3-1OEM.600.0.0.2494585.vib

3. Reboot

4. Enable the new ixgbe drive and disable the ixgben driver:

# esxcli system module set -e=true -m=ixgbe
# esxcli system module set -e=false -m=ixgben

5. Reboot

6. Check that the new driver is active:

# esxcfg-nics -l 

vmnic4  0000:04:00.0 ixgben      Up   10000Mbps  Full   5c:b9:01:8f:d0:9c 1500   Intel(R) Ethernet Controller X540-AT2
vmnic5  0000:04:00.1 ixgben      Up   10000Mbps  Full   5c:b9:01:8f:d0:9d 1500   Intel(R) Ethernet Controller X540-AT2
vmnic6  0000:05:00.0 ixgben      Up   10000Mbps  Full   00:11:0a:6c:7f:1c 1500   Intel(R) 82599 10 Gigabit Dual Port Network Connection

vmnic7  0000:05:00.1 ixgben      Up   10000Mbps  Full   00:11:0a:6c:7f:1d 1500   Intel(R) 82599 10 Gigabit Dual Port Network Connection

Tuesday, 13 March 2018

Jailbreak Windows certificate private key

Download from:

https://github.com/iSECPartners/jailbreak


Command to run:

jailbreak32 c:\windows\system32\mmc.exe c:\windows\system32\certlm.msc -32

Monday, 19 February 2018

Reinstall GRUB2 from Linux Mint Live CD

# mount /dev/sda1 /mnt
# for i in /dev /dev/pts /proc /sys; do sudo mount -B $i /mnt$i; done
# chroot /mnt
# update-grub

Monday, 22 January 2018

Friday, 27 October 2017

Exchange 2010, 2013, 2016 - Delete virus email from mailboxes using Search-Mailbox

http://markgossa.blogspot.ca/2015/10/exchange-20102013-delete-virus-email.html

Occasionally but hopefully not too often you may get a virus that bypasses your spam filters and ends up in end users' mailboxes. In this post, I'll demonstrate how to delete the email from users' mailboxes in one quick and easy command which you can have on hand to run quickly.

First, ensure you have the correct permissions:


  1. Log into the Exchange Admin Center using an account that is a member of the Organization Management AD Group
  2. Click on Permissions
  3. Double click on Discovery Management and add your user account as a member
  4. Open a new Exchange Management Shell
To delete the email from all users' mailboxes:

Run the below command on a single line:

Get-Mailbox -ResultSize Unlimited | Search-Mailbox -SearchQuery from:sales@sales.com,subject:invoice -DeleteContent -Force





Above, you can see a report where it shows that one email was deleted from the Administrator mailbox (ResultItemCount: 1). 

To delete an email from all mailboxes and copy the email to the Spam mailbox


Get-Mailbox -ResultSize unlimited | Search-Mailbox -SearchQuery from:sales@sales.com,subject:invoice -TargetMailbox Spam -TargetFolder DeletedMessages -DeleteContent

To delete an email according to the attachment file name


Get-Mailbox -ResultSize unlimited | Search-Mailbox -SearchQuery attachment:document_826321_pdf.zip -DeleteContent

Thursday, 14 September 2017

Reset ILO4 licence

Download the latest cpqlocfg.exe from:
http://h20564.www2.hpe.com/hpsc/swd/public/detail?swItemId=MTX_e9770d99a87541c39647f729f0

Create an xml file called license_deactivate.txt:


<RIBCL VERSION="2.0">
<LOGIN USER_LOGIN="administrator" PASSWORD="password">
<RIB_INFO MODE="write">
<LICENSE>
<DEACTIVATE/>
</LICENSE>
</RIB_INFO>
</LOGIN>
</RIBCL>

Run the following command:

cpqlocfg.exe -s <ILO-IP> -f license_deactivate.txt -u administrator -p password