travis' brain dump

Tech Stuff

Import DNS Files to Azure DNS

by on Jul.23, 2020, under Tech Stuff

Because I literally forgot how to do this and had to look it up and don’t want to suffer through a long MSFT document again in the future….

Super short version FTW:

  • Setup a new DNS zone in Azure. This is pretty easy, but in case you need it: https://docs.microsoft.com/en-us/azure/dns/dns-getstarted-portal
  • Gather your dns file…
    • Windows – C:\Windows\System32\dns
    • Bind – Wherever you specified to drop those things for named to pick up (usually somewhere in /etc/namedb/ or /usr/local/etc/namedb/)
  • Mod the file and pull out the NS records. Import doesn’t seem to like these despite what the doc’s say. 🙂
  • Start Azure CLI (Cloudshell/Bash). If you don’t know how to use this, check this link: https://docs.microsoft.com/en-us/azure/cloud-shell/overview
  • Upload your .dns file using the CloudShell console. I suggest you move the file into a working directory if you’d like to store it for later.
  • Execute Order 66… err… this command:
    • az network dns zone import -g domain-services -n domain.net -f domain.net.dns
  • Profit

You should see a message along the lines of ‘== 41/41 RECORDS IMPORTED SUCCESSFULLY: ‘domain.net’ ==’ when completed, however you may want to go in and recheck the import and maybe make a few mods to any records you want to modify TTLs on, etc. Any TTLs not explicitly defined will set to 3600 so make sure to cleanup what you need, where you need.

Leave a Comment more...

Retrieving iLO License Keys from iLO

by on Jun.26, 2020, under Tech Stuff

So, you want record that iLO key that you forgot to write down previously, right?

No problem.

  • Venture to https://support.hpe.com/hpesc/public/home and search for “HP Lights-Out Configuration Utility” and download the latest version.
  • Once downloaded & installed, you can find it under C:\Program Files (x86)\Hewlett Packard Enterprise\HP Lights-Out Configuration Utility.
  • Open your choice of text editors and paste the following into the file:
    <RIBCL VERSION=”2.0″>
    <LOGIN USER_LOGIN=”adminname” PASSWORD=”password”>
    <RIB_INFO MODE=”read”>
    <GET_ALL_LICENSES/>
    </RIB_INFO>
    </LOGIN>
    </RIBCL>
  • You can choose to edit the admin name & password here or pass it on the command line (which I will outline shortly). Save the file as ‘getlicenses.xml’ and close the file.
  • From a command prompt, navigate to the installation folder for the HPLOCU and execute the following:
    • .\HPQLOCFG.exe -s ip.of.ilo.srv -l .\logoutput.txt -f .\getlicenses.xml -u Administrator -p AdminPassword
  • You should receive an output similar to this:

 

 

Leave a Comment more...

Skype For Business: Invalid incoming HTTPS certificate

by on Dec.15, 2018, under Tech Stuff

Skype for Business Front End Server
Event ID 32042 – LS User Services – Invalid incoming HTTPS Certificate

I ran into this issue recently when someone thought it’d be cute to have the intermediate and root certs for a domain sitting in the same container (Trusted Root Certification Authorities). There’s a reason we have different containers folks. 🙂

Needless to say I was not amused after wasting an hour or so trying to figure out just why this error kept popping up in my event logs and the FE services wouldn’t come up. The worst part? I’d looked at the certificate objects and because these two certs looked almost identical in name, I missed them entirely during my search. 

So after doing a little digging around, I was pointed back towards a problem with a chain. There were a few examples of some Powershell to accomplish what I needed, but I liked this one the best. It allowed for me to see the list of my offenders easily. 

Get-ChildItem cert:\LocalMachine\root -Recurse | Where-Object {$_.Issuer -ne $_.Subject} |fl FriendlyName,Subject,Issuer

Once run, any certificate listed is going to be a cert you need to take a look at. You’ll most likely either move these certificates to the Intermediate or Personal containers. Just be careful where you move stuff so you don’t create new problems for yourself. 

Hopefully you can save yourself some time by having this handy. 

Leave a Comment more...

Migrating Windows DNS Server

by on Dec.09, 2018, under Tech Stuff

Ever needed to migrate a non-AD integrated Windows DNS Server to another instance of Windows? I found myself in the situation to do so this weekend so I figured I’d share the process for reference. 

From the source server: 

  1. Create a folder for storing the migration files. (ex. c:\temp\dnsgmig)
  2. From an elevated command prompt, execute the following commands:
    1. ‘reg export “HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Parameters” c:\temp\dnsmig\dns-params.reg
    2. ‘reg export “HKEY_LOCAL_MACHINE\System\CurrentVersion\DNS Server” c:\temp\dnsmig\dns-version.reg
  3. Modify dns-params.reg and change “PreviousLocalHostname” to the fqdn of your new DNS server. If you using the same name, skip this step. 
  4. Copy the folder c:\windows\system32\dns to c:\temp\dnsmig\

Copy the source folder (c:\temp\dnsmig) to the destination server. (example will use the same folder name)

  1. From an elevated command prompt, execute the following command: 
    1. Stop-Service DNS
  2. Click to import your two registry files, dns-params.reg and dns-version.reg. You’ll be prompted each time to confirm you want to import the information. Click ‘Yes’. 
  3. Copy all of the files from c:\temp\dnsmig\dns to c:\windows\system32\dns
  4. From an elevated command prompt, execute the following command:
    1. Start-Service DNS

You should now be up and running. 

Leave a Comment more...

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!