Archive for the ‘Windows’ Category

sshd service stopped, exist status 255

Friday, April 20th, 2018

I had one server with an sshd service which would terminate right after starting.

The event log would have the following error:

The description for Event ID 0 from source sshd cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.

If the event originated on another computer, the display information had to be saved with the event.

The following information was included with the event:

sshd: PID 9960: `sshd' service stopped, exit status: 255

Not too helpful of a message.

I decided to re-run the setup with an elevated Cygwin terminal.

ssh-host-config

*** Info: Generating missing SSH host keys
*** Query: Overwrite existing /etc/ssh_config file? (yes/no) yes
*** Info: Creating default /etc/ssh_config file
*** Query: Overwrite existing /etc/sshd_config file? (yes/no) yes
*** Info: Creating default /etc/sshd_config file

*** Info: StrictModes is set to 'yes' by default.
*** Info: This is the recommended setting, but it requires that the POSIX
*** Info: permissions of the user's home directory, the user's .ssh
*** Info: directory, and the user's ssh key files are tight so that
*** Info: only the user has write permissions.
*** Info: On the other hand, StrictModes don't work well with default
*** Info: Windows permissions of a home directory mounted with the
*** Info: 'noacl' option, and they don't work at all if the home
*** Info: directory is on a FAT or FAT32 partition.
*** Query: Should StrictModes be used? (yes/no) yes

*** Info: Privilege separation is set to 'sandbox' by default since
*** Info: OpenSSH 6.1. This is unsupported by Cygwin and has to be set
*** Info: to 'yes' or 'no'.
*** Info: However, using privilege separation requires a non-privileged account
*** Info: called 'sshd'.
*** Info: For more info on privilege separation read /usr/share/doc/openssh/README.privsep.
*** Query: Should privilege separation be used? (yes/no) yes
*** Info: Note that creating a new user requires that the current account have
*** Info: Administrator privileges. Should this script attempt to create a
*** Query: new local account 'sshd'? (yes/no) no
*** ERROR: Couldn't create user 'sshd'!
*** ERROR: Privilege separation set to 'no' again!
*** ERROR: Check your /etc/sshd_config file!
*** Info: Updating /etc/sshd_config file

*** Info: Sshd service is already installed.




*** Warning: Host configuration exited with 1 errors or warnings!
*** Warning: Make sure that all problems reported are fixed,
*** Warning: then re-run ssh-host-config.

After that.  The service stayed up.

Make sure you verify the access.  This particular server had sshd configured for one login and of course I didn’t have the password.

 

 

Advertisements

Skip first line with import-csv

Friday, October 20th, 2017

I have a data file which generates with a header line. I have check script which uses the file and I wanted to skip it but I am using a foreach loop and did not want to add an if/then.

The problem line:

Import-Csv $file -header("fullname","email", "notification","version") foreach {

I remembered the select -first option and I wondered if there was a skip option?

I made a quick change and added a pipe with select -skip 1

Import-Csv $file -header("fullname","email", "notification","version") | select -skip 1 | foreach {

Tested the script and sure enough the first line was skipped.

 

Telephone activation is no longer supported

Thursday, April 27th, 2017

I have a secured cluster where there is no Net access. The users had licenses for Office 2013 and wanted to use them inside the cluster.

Office likes to activate itself.  It tried and gave an error.  I restarted Word and it gave the options for Internet and telephone activation.  I selected telephone and I selected my location and was rewarded with:

Telephone activation is no longer supported for your product

Oooooookay.  No Net and no telephone…….

Luckily this is just a “feature.”

I went through the telephone process and activated the installation.  The only problem now are templates which appear to be downloaded from the Net.  But, I will take care of that if they complain.

Failed to download this file. Error code 0x800C0008

Friday, January 6th, 2017

One of our services gave an odd error. External user would attempt to access it and they would get an error about a configuration file not downloading.

The part of the error message that interested me was:

Failed to download this file. Error code 0x800C0008

What was odd was the service worked inside the firewall.

I thought it was browser related and checked the Net.

I tried the suggested registry change:

  1. Start Registry Editor.
  2. For a per-user setting, locate the following registry key:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings

    For a per-computer setting, locate the following registry key:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
  3. On the Edit menu, click Add Value, and then add the following value:
    BypassSSLNoCacheCheck“=Dword:00000001
  4. Exit Registry Editor.

This did not need a reboot and the change worked.

To add more “oddness” the service started working before the affected users made the change.

Hmmmmmm?  Network people or Security people?

Mouse selecting many things

Wednesday, January 4th, 2017

Minor odd issue.  For some reason my mouse was selecting all virtual machines in XenCenter.

Problem was simply a stuck shift key.  Banged it a couple times and the problem went away.

 

Adblock Plus now sells ads?

Tuesday, September 13th, 2016

This used to be an add blocker but they have been positioning themselves as an advertiser preaching the nonsense of acceptable ads. It’s an old approach.  Present a new “service” and then start doing what was done before but you have people paying for it.  When cable TV first appeared, the big selling point was “ad free.” Once the base was established; it changed we are going to introduce ads so we don’t have to charge more. Now we pay for the privileged of getting ads.

Adblock at the moment doesn’t charge but in time there will be paid levels to “reduce” ads or better control them.

I am dumping them.

Look into uBlock origin. They have a link for an iOS 9 product and I know they have addons for Chrome and Firefox.

Souce.

 

Use a KMS outside of the domain

Tuesday, May 10th, 2016

I had an issue where we needed a small domain to register it’s Windows 2012 virtual machines to the main KMS of the company.

The problem was the small domain had it’s own IP range and it’s own DNS. I attempted to activate the virtual machines and received a message reporting the KMS was not resolvable in DNS.

Since this was a tiny domain and the DNS would not be managed, I needed another way to activate the virtual machines.

Looking at the options of the slmgr script, I found what I needed.

slmgr.vbs /skms <ip address>:<port number>

This tells the system where to look for the KMS and what port to use.

After the “OK” message, I simply attempted activation via:

slmgr.vbs /ato

The virtual machines activated.

 

 

The Group Policy Client service failed the logon. Access denied

Thursday, March 17th, 2016

I had a user complaint over not being able to access a terminal server. He would attempt access and receive an error message:

The Group Policy Client service failed the logon. Access denied.

Since it was a terminal server; I renamed his profile and he was able to access it.

Deleting the previous Windows 10 Install

Wednesday, March 9th, 2016

Windows 10 has been an adventure. I decided to “suffer for my art” and join the Windows 10 insider testing cycle. To add to my suffering I decided to join the fast cycle which meant more releases then normal.

If you are testing many things, you can run out of disk space and like most people there isn’t time to really go through and clean. What would be nice would be a fast recovery of space.

This is possible if you want to delete the previous install of Windows 10. On average, it was about 10 gig for me.

If you are happy with the current install and will not roll back to the previous release, you can delete the previous install.

Search for Settings and open it.

  • Click on System
  • Click Storage
  • Click “This PC (C:)
  • Scroll down and Click “Temporary Files

Here you will see your Temporary file usage and at the bottom of the list is “Previous version of Windows

Simple click “Delete previous versions” and start the process.

You can do other things while the cleanup runs.

As mentioned this is useful if you need space and don’t have time to do a proper cleanup. Don’t forget to look at your downloads.  People forget to check that all the time.  I had 27 gig  *coughs*

 

Command line to start task scheduler?

Wednesday, December 9th, 2015

I was cleaning task scheduler jobs and found a 2012 server which would not display the task scheduler or scheduled tasks. As I was on a time table and could not review this system; I needed the command line.

To start the GUI for the task scheduler; simple enter:

taskschd.msc