Puppet – Join machine to the Windows AD Domain


install powershell module

puppet module installpuppetlabs-powershell
Under modules/module name/manifests folder create manifest file,password is encrypted with Hiera,after machine is joined to domain, it will be rebooted.
class domain_membership (
  $domain = 'ad.contoso.com',
  $username = 'administrator',
  $password = lookup('password'),
  $secure_password = false,
  $machine_ou      = 'OU=test,DC=ad,DC=contoso,DC=com',

$code = " 
$secStr=ConvertTo-SecureString '${password}' -AsPlainText -Force; 
if (-not $?) { 
write-error 'Error: Unable to convert password string to a secure string'; 
exit 10; 
$creds=New-Object System.Management.Automation.PSCredential( '${username}', $secStr ); 
if (-not $?) { 
write-error 'Error: Unable to create PSCredential object'; 
exit 20; 
Add-Computer -DomainName ${domain} -OUPath $_machine_ou -Restart -Force -Cred $creds; 
if (-not $?) { 
write-error 'Error: Unable to join domain'; 
exit 30; 
exit 0"

# Use the Josh Cooper PowerShell provider
exec { 'join_domain':

command => $code,
provider => powershell,
logoutput => true,
unless => "if ((Get-WMIObject Win32_ComputerSystem).Domain -ne '${domain}') { exit 1 }",


View original post

How to increase disk size of Trend Micro IWSVA (InterScan Web Security Virtual Appliance)


Trend Micro IWSVA is a web proxy that has lots of security feature such as antivirus, antimalware, but it is also a web filter, similar to WebSense Web Filter where URL categories can be blocked to protect the end users, and of course to avoid browsing non-productive web sites inside the company. However, if you download the VMware image, the disk image is quite small and could get full easily if your environment has lots of user and HTTP traffic to process, and of course, logs as well.

Below is a procedure to increase the disk size in a VMware vSphere environment.

1. Check first the partition disk size usage using the command: df -lh

The most common partition that becomes full is: /dev/mapper/IWSVA-app_data

2. Check the directory sizes that are mounted on /dev/mapper/IWSVA-app_data such as:

* /var
* /var/iwss/tmp/tmpfs
* /var/iwss/tmp/v_tmpfs

The most common directory inside /var that becomes…

View original post 327 more words

Best practices for DNS settings on DC and domain members.


The following information explains the Best practices for DNS client settings on Domain Controller and Domain Member.

Domain controller with DNS installed:
On a domain controller that also acts as a DNS server, recommended that you configure the domain controller’s DNS client settings according to these specifications:

IP configuration on domain controller:

  • In single DC/DNS in a domain environment,  DC / DNS server points to its private IP address (not to loopback 127.x.x.) as preferred DNS server in TCP/IP property.
  • If multiple DCs that’s the DNS servers are in a domain environment, recommendation to have all DCs point to ANOTHER/REMOTE DC’s IP address as preferred DNS and then point to it’s private IP address as an alternate DNS.
  • Each DC has just one IP address and one network adapter is enabled (disable unused NICs).
  • IPv6 should not be disabled on DC’s NIC card. Set it to “obtain IPV6 address automatically” and “obtain…

View original post 186 more words