Author: The Geek Decoder

Stress Test CentOS with Stress

July 26, 2018 The Geek Decoder No Comments Administration

First, you need to download the file using Wget and then install it using RPM on your system to enable the EPEL repository.

RHEL/CentOS 7 64 Bit


# wget http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
# rpm -ivh epel-release-latest-7.noarch.rpm

## RHEL/CentOS 6 64-Bit ##


# wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
# rpm -ivh epel-release-6-8.noarch.rpm

Check the installation

# yum repolist
*epel/x86_64 Extra Packages for Enterprise Linux 7 - x86_64

Now, install stress

# yum install stress

To test, first run the uptime command and note down the load average. Next, run the stress command to spawn 8 workers spinning on sqrt() with a timeout of 20 seconds. After running stress, again run the uptime command and compare the load average.

# uptime
16:39:03 up 1 day, 18:32,  1 user,  load average: 0.15, 0.24, 0.14

sudo stress --cpu  8 --timeout 20
stress: info: [65429] dispatching hogs: 8 cpu, 0 io, 0 vm, 0 hdd
stress: info: [65429] successful run completed in 20s

Now uptime again

# uptime
 16:40:18 up 1 day, 18:34,  1 user,  load average: 1.35, 0.59, 0.27

Spawn 8 workers spinning on sqrt() with a timeout of 30 seconds

]# uptime
16:41:52 up 1 day, 18:35, 1 user, load average: 0.28, 0.43, 0.24
[root@server rogerp]# sudo stress –cpu 8 -v –timeout 30s
stress: info: [65654] dispatching hogs: 8 cpu, 0 io, 0 vm, 0 hdd
stress: dbug: [65654] using backoff sleep of 24000us
stress: dbug: [65654] setting timeout to 30s
stress: dbug: [65654] –> hogcpu worker 8 [65655] forked
stress: dbug: [65654] using backoff sleep of 21000us
stress: dbug: [65654] setting timeout to 30s
stress: dbug: [65654] –> hogcpu worker 7 [65656] forked
stress: dbug: [65654] using backoff sleep of 18000us
stress: dbug: [65654] setting timeout to 30s
stress: dbug: [65654] –> hogcpu worker 6 [65657] forked
stress: dbug: [65654] using backoff sleep of 15000us
stress: dbug: [65654] setting timeout to 30s
stress: dbug: [65654] –> hogcpu worker 5 [65658] forked
stress: dbug: [65654] using backoff sleep of 12000us
stress: dbug: [65654] setting timeout to 30s
stress: dbug: [65654] –> hogcpu worker 4 [65659] forked
stress: dbug: [65654] using backoff sleep of 9000us
stress: dbug: [65654] setting timeout to 30s
stress: dbug: [65654] –> hogcpu worker 3 [65660] forked
stress: dbug: [65654] using backoff sleep of 6000us
stress: dbug: [65654] setting timeout to 30s
stress: dbug: [65654] –> hogcpu worker 2 [65661] forked
stress: dbug: [65654] using backoff sleep of 3000us
stress: dbug: [65654] setting timeout to 30s
stress: dbug: [65654] –> hogcpu worker 1 [65662] forked
stress: dbug: [65654] <-- worker 65659 signalled normally stress: dbug: [65654] <-- worker 65658 signalled normally stress: dbug: [65654] <-- worker 65660 signalled normally stress: dbug: [65654] <-- worker 65656 signalled normally stress: dbug: [65654] <-- worker 65655 signalled normally stress: dbug: [65654] <-- worker 65657 signalled normally stress: dbug: [65654] <-- worker 65662 signalled normally stress: dbug: [65654] <-- worker 65661 signalled normally stress: info: [65654] successful run completed in 30s [root@server rogerp]# uptime 16:43:10 up 1 day, 18:37, 1 user, load average: 1.87, 1.06, 0.49 [/bash]

Set up Sendgrid on Plesk

July 25, 2018 The Geek Decoder No Comments Plesk

This is used to set up Sendgrid in Plesk for Azure email functionality.

  1. Set up a sendgrid account and set up the first email:
  2.  Ssh to the Azure server and make the following modifications:

Find your Postfix config file, typically /etc/postfix/main.cf, and add the following:

smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous
smtp_tls_security_level = encrypt
header_size_limit = 4096000
relayhost = [smtp.sendgrid.net]:587

Now you need to specify your credentials (optionally, use apikey as username and an API Key as password) in the separate file /etc/postfix/sasl_passwd (you’ll likely need to create it):

[smtp.sendgrid.net]:587 yourSendGridUsername:yourSendGridPassword

Next, make sure the file has restricted read and write access only for root, and use the postmap command to update Postfix’s hashtables to use this new file:

$ sudo chmod 600 /etc/postfix/sasl_passwd
$ sudo postmap /etc/postfix/sasl_passwd

Finally, restart Postfix:

$ sudo systemctl restart postfix

Send your email and then verify in sendgrid.

If you are getting no mechanism available error messages it generally indicates that you are missing some SASL authentication libraries.

Install the missing module dependency using apt-get (i.e., Debian, Ubuntu):

$ apt-get install libsasl2-modules

Or using a yum (i.e., RedHat, Fedora, CentOS):

$ yum install cyrus-sasl-plain

Troubleshooting
If port 587 is not working for you please try 2525 in your postfix config. You may also need to edit /etc/postfix/master.cf to remove # from

#tlsmgr unix - - n 1000? 1 tlsmgr

Other integrations with MTA’a – https://sendgrid.com/docs/Integrate/Mail_Servers/postfix.html

Check CPU Type

July 23, 2018 The Geek Decoder No Comments Knowledge Base

Here is how to check the CPU type in CentOS:

# dmidecode --type processor

Output:

# dmidecode 2.12
SMBIOS 2.7 present.

Handle 0x0004, DMI type 4, 42 bytes
Processor Information
	Socket Designation: CPU 1
	Type: Central Processor
	Family: Xeon
	Manufacturer: Intel
	ID: D7 06 02 00 FF FB EB BF
	Signature: Type 0, Family 6, Model 45, Stepping 7
	Flags:
		FPU (Floating-point unit on-chip)
		VME (Virtual mode extension)
		DE (Debugging extension)
		PSE (Page size extension)
		TSC (Time stamp counter)
		MSR (Model specific registers)
		PAE (Physical address extension)
		MCE (Machine check exception)
		CX8 (CMPXCHG8 instruction supported)
		APIC (On-chip APIC hardware supported)
		SEP (Fast system call)
		MTRR (Memory type range registers)
		PGE (Page global enable)
		MCA (Machine check architecture)
		CMOV (Conditional move instruction supported)
		PAT (Page attribute table)
		PSE-36 (36-bit page size extension)
		CLFSH (CLFLUSH instruction supported)
		DS (Debug store)
		ACPI (ACPI supported)
		MMX (MMX technology supported)
		FXSR (FXSAVE and FXSTOR instructions supported)
		SSE (Streaming SIMD extensions)
		SSE2 (Streaming SIMD extensions 2)
		SS (Self-snoop)
		HTT (Multi-threading)
		TM (Thermal monitor supported)
		PBE (Pending break enabled)
	Version: Intel(R) Xeon(R) CPU E5-2620 0 @ 2.00GHz
	Voltage: 0.0 V
	External Clock: 100 MHz
	Max Speed: 4000 MHz
	Current Speed: 2000 MHz
	Status: Populated, Enabled
	Upgrade: Socket LGA2011
	L1 Cache Handle: 0x0005
	L2 Cache Handle: 0x0006
	L3 Cache Handle: 0x0007
	Serial Number: Not Specified
	Asset Tag: Not Specified
	Part Number: Not Specified
	Core Count: 6
	Core Enabled: 1
	Thread Count: 12
	Characteristics:
		64-bit capable
		Multi-Core
		Hardware Thread
		Execute Protection
		Enhanced Virtualization
		Power/Performance Control

Handle 0x0008, DMI type 4, 42 bytes
Processor Information
	Socket Designation: CPU 2
	Type: Central Processor
	Family: Xeon
	Manufacturer: Intel
	ID: D7 06 02 00 FF FB EB BF
	Signature: Type 0, Family 6, Model 45, Stepping 7
	Flags:
		FPU (Floating-point unit on-chip)
		VME (Virtual mode extension)
		DE (Debugging extension)
		PSE (Page size extension)
		TSC (Time stamp counter)
		MSR (Model specific registers)
		PAE (Physical address extension)
		MCE (Machine check exception)
		CX8 (CMPXCHG8 instruction supported)
		APIC (On-chip APIC hardware supported)
		SEP (Fast system call)
		MTRR (Memory type range registers)
		PGE (Page global enable)
		MCA (Machine check architecture)
		CMOV (Conditional move instruction supported)
		PAT (Page attribute table)
		PSE-36 (36-bit page size extension)
		CLFSH (CLFLUSH instruction supported)
		DS (Debug store)
		ACPI (ACPI supported)
		MMX (MMX technology supported)
		FXSR (FXSAVE and FXSTOR instructions supported)
		SSE (Streaming SIMD extensions)
		SSE2 (Streaming SIMD extensions 2)
		SS (Self-snoop)
		HTT (Multi-threading)
		TM (Thermal monitor supported)
		PBE (Pending break enabled)
	Version: Intel(R) Xeon(R) CPU E5-2620 0 @ 2.00GHz
	Voltage: 0.0 V
	External Clock: 100 MHz
	Max Speed: 4000 MHz
	Current Speed: 2000 MHz
	Status: Populated, Enabled
	Upgrade: Socket LGA2011
	L1 Cache Handle: 0x0009
	L2 Cache Handle: 0x000A
	L3 Cache Handle: 0x000B
	Serial Number: Not Specified
	Asset Tag: Not Specified
	Part Number: Not Specified
	Core Count: 6
	Core Enabled: 1
	Thread Count: 12
	Characteristics:
		64-bit capable
		Multi-Core
		Hardware Thread
		Execute Protection
		Enhanced Virtualization
		Power/Performance Control

Check if a Package is Installed

June 21, 2018 The Geek Decoder No Comments Administration

One of the most common requests and inquirys is “Do I have the …xyz package or program installed?” Here is how to check.

Ubuntu/Debian

List all packages

# dpkg -l | less


# dpkg -s apache-perl

To check whether a package is installed or not:


dpkg -l | grep vlc

Use file /var/lib/dpkg/available to find out all package names available to you. Or use following command (list all packages in /var/lib/dpkg/status):


# dpkg-query -l

You can also try to match package name using wild cards:


# dpkg-query -l 'libc6*'

Use the following command to get exact status (whether it is installed or not):

# dpkg-query -W -f='${Status} ${Version}\n' apache-perl

CentOS and RPM based Distros

Under Red Hat/Fedora/CentOS/Suse Linux use the rpm command:

# rpm -qa | grep {package-name}

For example find out package mutt installed or not:

# rpm -qa | grep mutt

On a CentOS/RHEL use the following yum command to tell whether a package named htop is installed:


# yum list installed {PACKAGE_NAME_HERE}

[/bash]

# yum list installed htop

Enable TLS version 1.2 on Plesk

June 18, 2018 The Geek Decoder No Comments Plesk

Enabling TLS 1.2 and disabling other versions on Plesk.

In order to use the steps outlined below, you will need to upgrade Plesk to it’s most recent version. You can do so within the System Overview section of the Home screen in Plesk Panel or by running 

# /usr/local/psa/admin/bin/autoinstaller

Once you have completed the upgrade you can run the command in the link below to enable TLS1.2 and disable older versions of TLS.

https://support.plesk.com/hc/en-us/articles/115000422229-How-to-enable-disable-particular-TLS-version-in-Plesk-on-Linux-

Nginx fails to start when Centos/Plesk migrated to Azure

June 15, 2018 The Geek Decoder No Comments Azure, Nginx

There is a small issue where a Plesk/CentOS 7 system is migrated to Azure and nginx fails to start.
This is the error in the nginx log


# cat /var/log/nginx/error.log
2018/06/14 22:11:41 [emerg] 9341#0: bind() to 10.144.114.11:443 failed (99: Cannot assign requested address)

If so then to edit:


# /etc/sysctl.conf

And add:


# net.ipv4.ip_nonlocal_bind = 1

Then Run:


# sysctl -p /etc/sysctl.conf

start Nginx:


#service nginx start

Installation for Proxmox

June 11, 2018 The Geek Decoder No Comments Proxmox

Install 3 nodes. Each node specs:

Since our host acts as a router we have to make sure it’s kernel has all IP packet forwarding features activated. Take a look at ‘/etc/sysctl.conf’ and make sure that the following two lines aren’t commented out:


net.ipv4.ip_forward=1
net.ipv6.conf.all.forwarding=1

Lastly make sure your host won’t send ICPM “redirect” messages to guests, telling them to find the gateway by themselves. This won’t work with our particular network setup. Add the following to ‘/etc/sysctl.conf’:


net.ipv4.conf.all.send_redirects=0

Reboot

Networking for nodes Incomplete – this is not currently working):
Set up 3 NIC’s

ens192 – primary for Public IP. This is the public IP for the installation.
ens224 – proxmox VE Cluster Network
ens256 – Ceph Install

Once installed, edit /etc/network/interfaces on all 3 nodes. Change the IP addresses accordingly. Remeber to backup the files before editing.
Example /etc/network/interfaces for px1 node 1.

auto lo
iface lo inet loopback

auto ens192
iface ens192 inet static
        address  216.55.xxx.xxx
        netmask  255.255.255.0
        gateway  216.xx.xxx.1
        post-up echo 1 &gt; /proc/sys/net/ipv4/conf/ens192/proxy_arp
#Public IP

auto vmbr0
iface vmbr0 inet static
        address  192.168.1.151
        netmask  255.255.255.0
        bridge_ports none
        bridge_stp off
        bridge_fd 0
	post-up echo 1 &gt; /proc/sys/net/ipv4/ip_forward
        post-up iptables -t nat -A POSTROUTING -s '192.168.1.0/24' -o ens192 -j MASQUERADE
        post-down iptables -t nat -D POSTROUTING -s '192.168.1.0/24' -o ens192 -j MASQUERADE

#Private Network for VM Creation

auto ens224
iface ens224 inet static
        address  10.0.0.151
        netmask  255.255.255.0
#Proxmox VE Cluster Network

auto ens256
iface ens256 inet static
  address  10.10.10.151
  netmask  255.255.255.0
#ceph network

Setting up the cluster

Hosts file edits. Backup hosts file and change to this on all nodes. This is not the hostname but an identifier.

# corosync network hosts
10.0.0.151 one-corosync.geekdecoder.com one-corosync
10.0.0.152 two-corosync.geekdecoder.com two-corosync
10.0.0.153 three-corosync.geekdecoder.com three-corosync

Adding Nodes With Separated Cluster Network
When adding a node to a cluster with a separated cluster network you need to use the ringX_addr parameters to set the nodes address on those networks:

pvecm add IP-ADDRESS-CLUSTER -ring0_addr IP-ADDRESS-RING0
If you want to use the Redundant Ring Protocol you will also want to pass the ring1_addr parameter.

Creating the cluster after network and host file setup. Log into node 1.

node1# pvecm create clustername -bindnet0_addr 10.0.0.151 -ring0_addr one-corosync

Output

Corosync Cluster Engine Authentication key generator.
Gathering 1024 bits for key from /dev/urandom.
Writing corosync key to /etc/corosync/authkey.
Writing corosync config to /etc/pve/corosync.conf
Restart corosync and cluster filesystem

Reboot

# reboot

Adding nodes.

From man corosync.conf

ringnumber – This specifies the ring number for the interface. When using the redundant ring protocol, each interface should specify separate ring numbers to uniquely identify to the membership protocol which interface to use for which redundant ring. The ringnumber must start at 0.

Adding nodes. Login to a node you want to add, node2, node3, node4, etc. In this example, login to node 2 (10.0.0.152)and the IP for node1 is 10.0.0.151.
Run the following where”

node2# pvecm add 10.0.0.151 -ring0_addr 10.0.0.152

Status

 pvecm status
Quorum information
------------------
Date:             Tue Jun 12 15:17:10 2018
Quorum provider:  corosync_votequorum
Nodes:            2
Node ID:          0x00000001
Ring ID:          1/12
Quorate:          Yes

Votequorum information
----------------------
Expected votes:   2
Highest expected: 2
Total votes:      2
Quorum:           2
Flags:            Quorate

Membership information
----------------------
    Nodeid      Votes Name
0x00000001          1 10.0.0.151 (local)
0x00000002          1 10.0.0.152

Nodes

 pvecm nodes

Membership information
----------------------
    Nodeid      Votes Name
         1          1 one-corosync (local)
         2          1 10.0.0.152
         3          1 10.0.0.153

log into the node 1 web GUI.

Installation of Ceph packages

Login to each node and run:

~# pveceph install --version luminous
update available package list
Reading package lists... Done
Building dependency tree
Reading state information... Done
gdisk is already the newest version (1.0.1-1).
The following additional packages will be installed:
  binutils ceph-base ceph-mgr ceph-mon ceph-osd cryptsetup-bin libcephfs2 libcurl3 libgoogle-perftools4 libjs-jquery
  libjs-sphinxdoc libjs-underscore libleveldb1v5 liblttng-ust-ctl2 liblttng-ust0 libparted2 librados2 libradosstriper1
  librbd1 librgw2 libtcmalloc-minimal4 libunwind8 parted python-bs4 python-cephfs python-cffi-backend python-cherrypy3
  python-click python-colorama python-cryptography python-dnspython python-enum34 python-flask python-formencode
  python-idna python-ipaddress python-itsdangerous python-jinja2 python-logutils python-mako python-markupsafe
  python-openssl python-paste python-pastedeploy python-pastedeploy-tpl python-pecan python-prettytable python-pyasn1
  python-rados python-rbd python-repoze.lru python-rgw python-routes python-setuptools python-simplegeneric
  python-singledispatch python-tempita python-waitress python-webob python-webtest python-werkzeug
Suggested packages:
  binutils-doc ceph-mds libparted-dev libparted-i18n parted-doc python-cryptography-doc python-cryptography-vectors
  python-enum34-doc python-flask-doc python-egenix-mxdatetime python-jinja2-doc python-beaker python-mako-doc
  python-openssl-doc python-openssl-dbg httpd-wsgi libapache2-mod-python libapache2-mod-scgi python-pastescript
  python-pastewebkit doc-base python-setuptools-doc python-waitress-doc python-webob-doc python-webtest-doc ipython
  python-genshi python-lxml python-greenlet python-redis python-pylibmc | python-memcache python-werkzeug-doc
Recommended packages:
  ceph-mds ntp | time-daemon javascript-common python-lxml | python-html5lib python-blinker python-simplejson
  libjs-mochikit python-openid python-scgi python-pastescript python-lxml python-pyquery python-pyinotify
The following NEW packages will be installed:
  binutils ceph ceph-base ceph-mgr ceph-mon ceph-osd cryptsetup-bin libcephfs2 libcurl3 libgoogle-perftools4 libjs-jquery
  libjs-sphinxdoc libjs-underscore libleveldb1v5 liblttng-ust-ctl2 liblttng-ust0 libparted2 libtcmalloc-minimal4
  libunwind8 parted python-bs4 python-cffi-backend python-cherrypy3 python-click python-colorama python-cryptography
  python-dnspython python-enum34 python-flask python-formencode python-idna python-ipaddress python-itsdangerous
  python-jinja2 python-logutils python-mako python-markupsafe python-openssl python-paste python-pastedeploy
  python-pastedeploy-tpl python-pecan python-prettytable python-pyasn1 python-repoze.lru python-rgw python-routes
  python-setuptools python-simplegeneric python-singledispatch python-tempita python-waitress python-webob python-webtest
  python-werkzeug
The following packages will be upgraded:
  ceph-common librados2 libradosstriper1 librbd1 librgw2 python-cephfs python-rados python-rbd
8 upgraded, 55 newly installed, 0 to remove and 27 not upgraded.
Need to get 54.5 MB of archives.
After this operation, 179 MB of additional disk space will be used.

Create initial Ceph configuration

node1# pveceph init --network 10.10.10.0/24

After that you can create the first Ceph monitor service using:

node1# pveceph createmon

Go to video or site to create other items.

Keyring

cd /etc/pve/priv
mkdir ceph
root@px1:/etc/pve/priv# cp /etc/ceph/ceph.client.admin.keyring ceph/ceph-vm.keyring
root@px1:/etc/pve/priv# cp /etc/ceph/ceph.client.admin.keyring ceph/ceph-lxc.keyring

Now visable.

Do some benchmark testing.
write performance

rados -p test3 bench 10 write --no-cleanup

read

rados -p test3 bench 10 seq

Add virtualization

Login to ESXi ssh.

go to your node vm directory with the .vmx file. In this case

/vmfs/volumes/5a70c7aa-560fd204-49b1-6805ca0a3085/px3

Add the following to the bottom of the file

 # vhv.enable = "TRUE"

Restart the VM.

Log into the node 1 and run the following

#egrep -c '(vmx|svm)' /proc/cpuinfo
1

1= ok
0 = no change

How To Install Proxmox Nested on VMware ESXi (Full Support OpenVZ & KVM)

Another option is to disable KVM virtualization on the VM

upload iso to local storage

scp to /var/lib/vz/template/iso

HA video – https://www.youtube.com/watch?v=JfLJO-IF0Eo

Windows Admin Prompt Greyed Out or Missing

June 8, 2018 The Geek Decoder No Comments Windows Desktop

If the Admin prompt has a greyed out or missing Yes button but no password entry box, use the Built-In Admin account in Safe mode to create two new Admin accounts.

https://answers.microsoft.com/en-us/windows/forum/windows_10-performance/if-the-admin-prompt-has-a-greyed-out-or-missing/21053df9-39fb-4395-be3c-7f1797dc145b

Mine was missing so I did this:
Boot into Safe mode by following this procedure. There is also an illustrated and well-explained procedure in Safe mode that you might prefer but it does not have all the steps and explanations that I have provided.

3.1 Prepare – Do you normally boot up to a logon screen

or have you bypassed that using netplwiz so that you boot up straight to your desktop without having to sign in every time

or {for local accounts only} you boot up straight to your desktop without having to sign in every time because you have never set a password for your day-to-day user account?

3.1.1 If you boot up to a logon screen, it eases getting into Safe mode

3.1.2 If you have bypassed the logon screen then attempt to reset it by entering netplwiz in a command prompt then, in the netplwiz window, selecting your Admin-level user account and setting the checkbox for Users must enter a username and password to use this computer. If you get an Admin challenge when running netplwiz [which would happen if you had set your UAC protection to its highest level] you will not be able to get around it and will need to take the additional step described in para 3.4 below.

3.1.3 If you have bypassed the logon screen because {for local accounts only} you have never set a password for that account you will need to take the additional step described in para 3.4 below.

3.2 Go to Settings, Update & security, Recovery then click on Advanced start-up – Restart now.

3.3 You’ll be taken to a blue menu. Select Troubleshoot, Advanced options, Startup settings, Restart.

3.4 You’ll be rebooted to another blue menu. Press the 4 key* to select Enable Safe mode. You will be taken to the Safe mode login screen.

* If you were unable [paras 3.1.2, 3.1.3 above] to turn off the attempt to boot straight into your day-to-day user account with no login screen appearing then, immediately after pressing the 4 key, press and hold down the Shift key until the login screen appears. If you are too slow then you will have to reboot normally [i.e. not into Safe mode] then repeat steps 3.2-4. I have tried this Shift key procedure repeatedly on a new Windows 10 computer & on a six year old Windows 10 computer upgraded from Windows 7 and it works every time but I have also tried in on an eleven year old Windows 10 computer that is almost-but-not-quite-fully Windows 10 compatible and cannot get it to work. If I was to lose of all my Admin-level accounts on this particular computer I would therefore have to reinstall Windows 10 or restore it from a recent system image.

3.5 Starting Safe mode in Windows 10 does not look like the Safe mode startup you might have seen in previous Windows versions. There is no long list of drivers & other Windows components whizzing up the screen.

3.6 The Safe mode login screen ought to have entries for your existing user accounts, entries for a couple of accounts created by Windows [DefaultAccount, Guest], possibly an entry for an account created by the computer OEM when setting the computer up before sale [such as defaultuser0] and an entry for an account with the username Administrator. Administrator is the username of the Built-In Administrator account**. If the username Administrator is not shown on the Safe mode login screen then you will probably have no choice but to reinstall Windows 10 because it would mean that, although you know that you have no functioning Admin-level accounts, Windows thinks you do. In this forum, we are not allowed to advise any course of action other than reinstallation in these circumstances.

** In the hope of avoiding too much confusion, I will use the term Administrator in full whenever I refer to the Built-In Administrator account and I will use the term Admin when referring to any Admin-level user accounts that you create.

3.7 Select the Administrator account and log in by clicking the login button or pressing the Enter/Return key – Administrator has no password so there is nothing to type in.

4 Use the Administrator account to fix the problem

4.1 When you log in to Administrator in Safe mode you’ll be taken to a fairly normal-looking, albeit black, desktop. There is Windows version info at the top and the words Safe mode are shown in each corner. You’ll get a false warning [that you can simply dismiss out of hand or ignore] that the Get started app cannot be opened or that you’ll need to get a new app to open ms-get-started. This false warning** seems to be a bug that Microsoft have not addressed.

** Note that if you ever log in to Safe mode using any other user account, you will get a false warning [that you can simply dismiss out of hand or ignore] that the Tips app or another app cannot be opened “using the Built-In Admin” even though you are not using it.

Image

4.2 Create a new Admin account with a password. You can change the password later so you can just keep it simple for now as long as you do not go online until you have finished. You can call the new user account almost whatever you like as long as no existing account uses the same name so do not call it Administrator, DefaultAccount or Guest and do not use the name of any of your own user accounts. Avoid spaces in the name & password just to keep things simple, only use characters you can type on the keyboard and don’t use any symbols in either of them that File explorer would reject if you tried using them in a filename [so, for example, do not use these * : < > / \ | ” ?]. I use the username NewAdminPrimary with a password 12345 here by way of example.

Open a Command prompt – click on the Start button, scroll down & click on Windows system then select Command prompt.

Enter net user if you need to check the names used for your existing user accounts.

Enter net user /add NewAdminPrimary 12345

Enter net localgroup Administrators NewAdminPrimary /add

4.3 Repeat this to create another account NewAdminReserve so you have both a new Admin-level account to use and a spare one to rescue the situation if NewAdminPrimary is ever afflicted with user profile corruption.

4.4 The user accounts created this way are “local” user accounts. They exist only on this computer. They are not linked to any online accounts such as MSAccounts.

4.5 Log into at least one of the new accounts without rebooting [Start button, user icon] just to give you confidence that all is now well. This takes a while as Windows has to go through its We’re just setting things up for you & It’s taking a bit longer than usual, but it should be ready soon routines. Then reboot and log in to one of the new accounts.

4.6 Do something that you know generates an Admin challenge so that you can see that the account is working correctly. You could, for example, use File explorer to go to C:\Program files then right-click, hover over New and click on Folder because that always generates the Admin challenge.

See IP’s Accessing Website

June 7, 2018 The Geek Decoder No Comments Administration

Here is a way to see what IP’s are accessing the website domain.com. Find the location of the access logs.

In a cpanel account:


# cd /home/domain.com/access-logs

Now run the following on the access logs…

# cat domain.com | awk '{print $1}' | sort | uniq -c | sort -rn | head

Here is the readout:

 24 72.178.xxx.xx
 18 216.xx.xxx.161
 1 216.55.xxx.xx

If you do see excessive bots, try adding in a crawl rate/delay for the site with Bing Webmaster tools, Google Webmaster tools as well as setting that up in robots.txt ). Webcrawlers can carelessly crawl the site and hit it hard, just to index pages.

Set Up RDNS in Azure for a public IP

June 6, 2018 The Geek Decoder No Comments Azure

When setting up an Azure VM that will have mail functions, you may need to set up a rDNS record. The Azure portal at this time does not have that capability but you can set this up in with the Azure CLI or PowerShell.

Guide for creating Reverse DNS records:

https://docs.microsoft.com/en-us/azure/dns/dns-reverse-dns-for-azure-services
https://docs.microsoft.com/en-us/cli/azure/install-azure-cli?view=azure-cli-latest