windows start service without admin rights

You need not really administrator rights to restart a service.

You can find here many options for that

https://stackoverflow.com/questions/4436558/start-stop-a-windows-service-from-a-non-administrator-user-account

In this post on stackoverflow I found a very simple solution to do that.

This little tool are called Service Security Editor and works very well.

https://www.coretechnologies.com/products/ServiceSecurityEditor/

Create ISO file with powershell

Create a file with name createiso.ps1 and fill this code into it.

function New-IsoFile 
{  
  <# .Synopsis Creates a new .iso file .Description The New-IsoFile cmdlet creates a new .iso file containing content from chosen folders .Example New-IsoFile "c:\tools","c:Downloads\utils" This command creates a .iso file in $env:temp folder (default location) that contains c:\tools and c:\downloads\utils folders. The folders themselves are included at the root of the .iso image. .Example New-IsoFile -FromClipboard -Verbose Before running this command, select and copy (Ctrl-C) files/folders in Explorer first. .Example dir c:\WinPE | New-IsoFile -Path c:\temp\WinPE.iso -BootFile "${env:ProgramFiles(x86)}\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\Oscdimg\efisys.bin" -Media DVDPLUSR -Title "WinPE" This command creates a bootable .iso file containing the content from c:\WinPE folder, but the folder itself isn't included. Boot file etfsboot.com can be found in Windows ADK. Refer to IMAPI_MEDIA_PHYSICAL_TYPE enumeration for possible media types: http://msdn.microsoft.com/en-us/library/windows/desktop/aa366217(v=vs.85).aspx .Notes NAME: New-IsoFile AUTHOR: Chris Wu LASTEDIT: 03/23/2016 14:46:50 #> 
   
  [CmdletBinding(DefaultParameterSetName='Source')]Param( 
    [parameter(Position=1,Mandatory=$true,ValueFromPipeline=$true, ParameterSetName='Source')]$Source,  
    [parameter(Position=2)][string]$Path = "$env:temp\$((Get-Date).ToString('yyyyMMdd-HHmmss.ffff')).iso",  
    [ValidateScript({Test-Path -LiteralPath $_ -PathType Leaf})][string]$BootFile = $null, 
    [ValidateSet('CDR','CDRW','DVDRAM','DVDPLUSR','DVDPLUSRW','DVDPLUSR_DUALLAYER','DVDDASHR','DVDDASHRW','DVDDASHR_DUALLAYER','DISK','DVDPLUSRW_DUALLAYER','BDR','BDRE')][string] $Media = 'DVDPLUSRW_DUALLAYER', 
    [string]$Title = (Get-Date).ToString("yyyyMMdd-HHmmss.ffff"),  
    [switch]$Force, 
    [parameter(ParameterSetName='Clipboard')][switch]$FromClipboard 
  ) 
  
  Begin {  
    ($cp = new-object System.CodeDom.Compiler.CompilerParameters).CompilerOptions = '/unsafe' 
    if (!('ISOFile' -as [type])) {  
      Add-Type -CompilerParameters $cp -TypeDefinition @'
public class ISOFile  
{ 
  public unsafe static void Create(string Path, object Stream, int BlockSize, int TotalBlocks)  
  {  
    int bytes = 0;  
    byte[] buf = new byte[BlockSize];  
    var ptr = (System.IntPtr)(&bytes);  
    var o = System.IO.File.OpenWrite(Path);  
    var i = Stream as System.Runtime.InteropServices.ComTypes.IStream;  
   
    if (o != null) { 
      while (TotalBlocks-- > 0) {  
        i.Read(buf, BlockSize, ptr); o.Write(buf, 0, bytes);  
      }  
      o.Flush(); o.Close();  
    } 
  } 
}  
'@  
    } 
   
    if ($BootFile) { 
      if('BDR','BDRE' -contains $Media) { Write-Warning "Bootable image doesn't seem to work with media type $Media" } 
      ($Stream = New-Object -ComObject ADODB.Stream -Property @{Type=1}).Open()  # adFileTypeBinary 
      $Stream.LoadFromFile((Get-Item -LiteralPath $BootFile).Fullname) 
      ($Boot = New-Object -ComObject IMAPI2FS.BootOptions).AssignBootImage($Stream) 
    } 
  
    $MediaType = @('UNKNOWN','CDROM','CDR','CDRW','DVDROM','DVDRAM','DVDPLUSR','DVDPLUSRW','DVDPLUSR_DUALLAYER','DVDDASHR','DVDDASHRW','DVDDASHR_DUALLAYER','DISK','DVDPLUSRW_DUALLAYER','HDDVDROM','HDDVDR','HDDVDRAM','BDROM','BDR','BDRE') 
  
    Write-Verbose -Message "Selected media type is $Media with value $($MediaType.IndexOf($Media))"
    ($Image = New-Object -com IMAPI2FS.MsftFileSystemImage -Property @{VolumeName=$Title}).ChooseImageDefaultsForMediaType($MediaType.IndexOf($Media)) 
   
    if (!($Target = New-Item -Path $Path -ItemType File -Force:$Force -ErrorAction SilentlyContinue)) { Write-Error -Message "Cannot create file $Path. Use -Force parameter to overwrite if the target file already exists."; break } 
  }  
  
  Process { 
    if($FromClipboard) { 
      if($PSVersionTable.PSVersion.Major -lt 5) { Write-Error -Message 'The -FromClipboard parameter is only supported on PowerShell v5 or higher'; break } 
      $Source = Get-Clipboard -Format FileDropList 
    } 
  
    foreach($item in $Source) { 
      if($item -isnot [System.IO.FileInfo] -and $item -isnot [System.IO.DirectoryInfo]) { 
        $item = Get-Item -LiteralPath $item
      } 
  
      if($item) { 
        Write-Verbose -Message "Adding item to the target image: $($item.FullName)"
        try { $Image.Root.AddTree($item.FullName, $true) } catch { Write-Error -Message ($_.Exception.Message.Trim() + ' Try a different media type.') } 
      } 
    } 
  } 
  
  End {  
    if ($Boot) { $Image.BootImageOptions=$Boot }  
    $Result = $Image.CreateResultImage()  
    [ISOFile]::Create($Target.FullName,$Result.ImageStream,$Result.BlockSize,$Result.TotalBlocks) 
    Write-Verbose -Message "Target image ($($Target.FullName)) has been created"
    $Target
  } 
} 

After file creation, you must import this module to your open powershell session.

Import-Module .\createiso.ps1

Now you can define on powershell your source folder

$source_dir = "Z:\isofilel\"

We can create our ISO file
get-childitem "$source_dir" | New-ISOFile -path C:\iso\mydmz.iso

gitlab ci for puppet control-repo – a test suite

thewatertower.org

There’s lots of content already out there about puppet CI testing; this is what I initially came up with using GitLab CI, and with various other improvements such blogged about previously in posts tagged gitlab-runner such as:

  • Separate rake files. A lot of examples I found had very long complicated rake files to define different ‘subroutines’ that could then be called. For the beginner, a three line rake file that does one job is easier to understand and maintain.
  • Less litter in root of the git repo.

Running under a shell executor initially, this is my CI setup.

# ci/definition.yml before_script: - /bin/bundle install --gemfile=ci/Gemfile stages: - syntax - lint - git lint: stage: lint script: - BUNDLE_GEMFILE=ci/Gemfile /bin/bundle exec rake --rakefile ci/rakefile_lint lint syntax-manifests: stage: syntax script: - BUNDLE_GEMFILE=ci/Gemfile /bin/bundle exec rake --rakefile ci/rakefile_syntax syntax:manifests syntax-templates: stage: syntax script: - BUNDLE_GEMFILE=ci/Gemfile /bin/bundle exec rake --rakefile ci/rakefile_syntax syntax:templates syntax-hiera: stage:…

View original post 464 more words

Systemd display services as graphic

Systemd have loots of tools to analyses boot performance on your system. If you want this to display graphical then use this command.

We want to display the bluetooth stack.

systemd-analyze dot 'bluetooth*' | dot -Tsvg > blue.svg
Systemd bluetooth overview

If you want to see the complete boot sequence from systemd use this command.

systemd-analyze plot > complete_systemd_boot.svg

Twitch 4000 error on Suse Linux

What a heck. Installed a fresh Suse tumbleweed and Twitch is not running. All Browsers have an error 4000.

You must install some codecs. How it works?

openSUSE Tumbleweed:

sudo zypper addrepo -cfp 90 'https://ftp.gwdg.de/pub/linux/misc/packman/suse/openSUSE_Tumbleweed/' packman

openSUSE Leap:

sudo zypper addrepo -cfp 90 'https://ftp.gwdg.de/pub/linux/misc/packman/suse/openSUSE_Leap_$releasever/' packman
for all systems the same command

sudo zypper refresh
sudo zypper dist-upgrade --from packman --allow-vendor-change
sudo zypper install --from packman ffmpeg gstreamer-plugins-{good,bad,ugly,libav} libavcodec-full vlc-codecs

thats it

found here

Cisco VPN server alternative

You are tired from openvpn performance issues. You want to use more opensource software? You wan to replace your Cisco ASA but don’t want to give up annyconnect VPN client software?
You want a reliable VPN server for your business? I found a solution for your requirements.

OpenConnect VPN Server called OCSERV

https://ocserv.gitlab.io/www/

You can use the AnnyConnect client to dial in to OCSERV VPN server or openconnect VPN client.

On Debian/Ubuntu
apt install ocserv

You have installed the VPN Server but in Enterprise enviroments that is not enough for security. You want to use this for hundred or thousand of employees.

I want to show you my configuration of OCSERV and RADIUS integration with Privacyidea a two factor opensource solution.

If you want to use OCSERV with RADIUS please read this first

https://ocserv.gitlab.io/www/recipes-ocserv-authentication-radius-radcli.html

You have to compile radcli from source first without this you have no RADIUS functionality.

Look at https://github.com/radcli/radcli/releases for the latest version

How to compile
https://ocserv.gitlab.io/www/recipes-ocserv-radcli-installation.html

Fill the information for your radius server under

/etc/radcli/radiusclient.conf


nas-identifier fw01
authserver 10.10.10.50
acctserver 10.10.10.50
servers /etc/radcli/servers
dictionary /etc/radcli/dictionary
default_realm
radius_timeout 10
radius_retries 3
bindaddr *

cat /etc/radcli/servers

# Server Name or Client/Server pair            Key             
## ----------------                             ---------------
#
#portmaster.elemental.net                       hardlyasecret
#portmaster2.elemental.net                      donttellanyone
#
## uncomment the following line for simple testing of radlogin
## with freeradius-server
#
#localhost/localhost                            testing123
#
10.10.110.60 yourradiussecrectkey

After you have compile radcli on the system you can choose to install ocserv from the distribution repository or to compile it from source. I have use the repository from the distribution.

add following to the

ocserv.conf


auth = “radius[config=/etc/radcli/radiusclient.conf,groupconfig=true]”

Fixing some errors…

custom-header = “X-CSTP-Client-Bypass-Protocol: true”

Add your own certificate for your domain

server-cert =
server-key =

VPN Pool

ipv4-network = 10.10.100.128
ipv4-netmask = 255.255.255.128

Add route to network that you want to reach form the vpn server

route=

step by step Windows Server 2019 File Server clustering With powershell or GUI #Cluster #HA #Azure #WindowsAdminCenter #WindowsServer2019

Robert Smit MVP Blog


Next step is adding the File server Role to the Cluster and add the HA File Share.

In this case I have a fail over disk and I use the File Server for general use.

So when adding the Disk it is not showing the disk. This is The disk is added to the cluster but the disk isn’t formatted!

Keep in mind that formating the cluster disk while it is online is not possible. You need to set the disk in maintenance mode else the format will fail.

So after the disk format we will see the Disk appear and can be added to the File server

After this the File server is up and running. As you can see the setup is screen intense, building this with PowerShell is a lot faster.

Powershell

Next step is adding the file share.

go for the Quick setup

Pick the disk…

View original post 261 more words

Installing Linux into a 286 laptop from the year 1989

befinitiv

Ever wondered what useful things you could do with a 32 year old laptop? Well, this is one option:

In this project I added a Raspberry PI Zero to the insides of the laptop. Both are connected via a serial link and can exchange data via it. You could use this for several applications:

  • Using the 286 with a terminal emulator as an interface to the Linux of the Raspberry PI. This way you can do the typical Linux shell stuff on a retro machine. With this you are quite far up on the hipster level 🙂
  • Connecting the DOS on the 286 to the Internet
  • Transferring files to the DOS filesystem

Terminal emulator

On the 286 side you need to install MS-DOS Kermit: http://www.columbia.edu/kermit/mskermit.html

On the Raspberry side there is nothing to do. So this is really easy to setup.

Connecting DOS to the internet

The setup needed for…

View original post 86 more words