Author Archive | jbmurphy

Azure: Failed to save configuration changes to local network gateway

Seems you can’t remove a subnet from a local network with the Azure portal. Error: “Failed to save configuration changes to local network gateway”

To get around this, I had to delete and recreate the local network via PowerShell. Obviously leave out the subnet you don’t want!

Get-AzureRmLocalNetworkGateway -Name "HomeOffice" -ResourceGroupName "WestUS"
$localNetworkGw=Get-AzureRmLocalNetworkGateway -Name "HomeOffice" -ResourceGroupName "WestUS"
$addressPrefixes ="192.168.0.0/24","192.168.1.0/24","192.168.2.0/24","192.168.4.0/24"
Set-AzureRmLocalNetworkGateway -LocalNetworkGateway $localNetworkGw -AddressPrefix $addressPrefixes -Verbose

PowerShell to download and install most recent Azure PowerShell cmdlets

This script will pull down the most recent Azure PowerShell cmdlets from github. This script assumes that Microsoft has not renamed the installer file, and the most recent is at the top.

JBM-INSTALL-AzurePowerShell{
((Invoke-WebRequest https://github.com/Azure/azure-powershell/releases).Links).href | where {$_ -like "https*azure-powershell*msi*"} | Select-Object -first 1| foreach {
Invoke-WebRequest $_ -OutFile "./$([System.IO.Path]::GetFileName($_))"
start-process "./$([System.IO.Path]::GetFileName($_))"
}
}

hope that helps someone.

PowerShell script to recreate Azure Network Security Groups (NSGs)

I developed a habit when I was working with ACLs on a Cisco ASA firewall. I would keep a master list for each ACL, and when I needed to make a change, I would remove the entire ACL from the device and then recreate it each time I made a modification. For example I would run the following, and keep adding new rules when needed.

clear configure access-list dmz_acl
access-list dmz_acl extended permit tcp host 1.1.1.1 object-group DCs eq 389
. . . .

Add one line, look at the logs and if traffic is still being blocked then modify and try again.

I wanted the ability to do the same thing with Azure Network Security Groups. I wrote a PowerShell script that would look at the NSGs, dump the settings, and would display the commands to recreate them. here is the script I wrote. I hope it helps some one.

function JBM-AZURE-GetNetworkSecurityGroupRules{
 param(
    [String]$Name ,
    [Switch]$ShowCommands
    )
$Groups=$(Get-AzureNetworkSecurityGroup -Detailed)
If(!$Name){
  Write-Host
  Write-host "Select the number of the NSG"
  $NSGNumb = $(Read-Host -prompt "$($(for($i=0;$i-le $Groups.Count-1;$i++){$AllGroups=$AllGroups+"$i $($Groups[$i].Name)`n"});$AllGroups)" )
  $Name=$Groups[$NSGNumb].Name
}

$NSG=$Groups | where {$_.Name -eq $Name}
If ($NSG){
    $InboundRules=$NSG.Rules | where {$_.Type -eq "Inbound"}
    $OutBoundRules=$NSG.Rules | where {$_.Type -eq "Outbound"}
    Write-Output ""
    Write-Output "Inbound Rules"
    Write-Output $InboundRules | FT
    Write-Output "Outbound Rules"
    Write-Output $OutBoundRules | FT
    if ($ShowCommands){
    Write-Output "New-AzureNetworkSecurityGroup -Name ""$($NSG.Name)"" -Location ""$($NSG.Location)"""
    Write-Output ""
    foreach ($Rule in $($InboundRules | where {$_.Priority -lt 65000})){
        write-Output "Get-AzureNetworkSecurityGroup -Name ""$($NSG.Name)"" | Set-AzureNetworkSecurityRule -Name ""$($Rule.Name)"" -Type ""$($Rule.Type)"" -Priority ""$($Rule.Priority)"" -Action ""$($Rule.Action)"" -SourceAddressPrefix ""$($Rule.SourceAddressPrefix)"" -SourcePortRange ""$($Rule.SourcePortRange)"" -DestinationAddressPrefix ""$($Rule.DestinationAddressPrefix)"" -DestinationPortRange ""$($Rule.DestinationPortRange)"" -Protocol ""$($Rule.Protocol)"""
        Write-Output ""
    }
    foreach ($Rule in $($OutBoundRules | where {$_.Priority -lt 65000})){
        write-Output "Get-AzureNetworkSecurityGroup -Name ""$($NSG.Name)"" | Set-AzureNetworkSecurityRule -Name ""$($Rule.Name)"" -Type ""$($Rule.Type)"" -Priority ""$($Rule.Priority)"" -Action ""$($Rule.Action)"" -SourceAddressPrefix ""$($Rule.SourceAddressPrefix)"" -SourcePortRange ""$($Rule.SourcePortRange)"" -DestinationAddressPrefix ""$($Rule.DestinationAddressPrefix)"" -DestinationPortRange ""$($Rule.DestinationPortRange)"" -Protocol ""$($Rule.Protocol)"""
        Write-Output ""
    }
    }
}
Else {
Write-Host "Can't find a NSG with that name"
}
}

Raspberry Pi, Raspbian Jessie (based on Debian Jessie) disable AutoLogin GUI & Console

I did NOT want my Raspbian Jessie install to automatically boot into the GUI, and I did Not want it to autologin.

I know I can run raspi-config to change it, but I like to script things! I finally tracked down the code for the new raspi-config that supports systemd. It can be found here .

Here are the commands to change what used to be the run level.

Console

systemctl set-default multi-user.target
ln -fs /lib/systemd/system/[email protected] /etc/systemd/system/getty.target.wants/[email protected]

Console Autologin

systemctl set-default multi-user.target
ln -fs /etc/systemd/system/[email protected] /etc/systemd/system/getty.target.wants/[email protected]

Desktop

systemctl set-default graphical.target
ln -fs /lib/systemd/system/[email protected] /etc/systemd/system/getty.target.wants/[email protected]
sed /etc/lightdm/lightdm.conf -i -e "s/^autologin-user=pi/#autologin-user=/"

Desktop AutoLogin

systemctl set-default graphical.target
ln -fs /etc/systemd/system/[email protected] /etc/systemd/system/getty.target.wants/[email protected]
sed /etc/lightdm/lightdm.conf -i -e "s/^#autologin-user=.*/autologin-user=pi/"

 

Hope that helps someone.

BASH script to change the Security Keys and SALTs in a wp-config.php file

I wanted to automatically change the Security Keys/SALTS when provisioning a new WordPress site. WordPress.com has a service that spits back random values. (https://api.wordpress.org/secret-key/1.1/salt/). The script below CURLs the values and then modifies a wp-config.php file with the new random values.

SALTS=$(curl -s https://api.wordpress.org/secret-key/1.1/salt/)
while read -r SALT; do
SEARCH="define('$(echo "$SALT" | cut -d "'" -f 2)"
REPLACE=$(echo "$SALT" | cut -d "'" -f 4)
echo "... $SEARCH ... $SEARCH ..."
sed -i "/^$SEARCH/s/put your unique phrase here/$(echo $REPLACE | sed -e 's/\\/\\\\/g' -e 's/\//\\\//g' -e 's/&/\\\&/g')/" /Path/To/Your/wp-config.php
done <<< "$SALTS"

Don’t remember where I got the pieces of this, but here it is, I have been using it for a while and it seems to work well.
Hope that helps someone.

Windows 10 PinToTaskbar does not work

More Windows 10 fun. Trying to get a nice customized image for deployment. In the past I have used the verb “taskbarpin” and a RunOnce script to put icons on the users Task Bar.
For example:

$ShellApplication = New-Object -ComObject Shell.Application
$result=$ShellApplication.Namespace("C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office").ParseName("Microsoft Outlook 2010.lnk").InvokeVerb("taskbarpin")
$result=$ShellApplication.Namespace("C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office").ParseName("Microsoft Word 2010.lnk").InvokeVerb("taskbarpin")
$result=$ShellApplication.Namespace("C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office").ParseName("Microsoft Excel 2010.lnk").InvokeVerb("taskbarpin")
$result=$ShellApplication.Namespace("C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office").ParseName("Microsoft PowerPoint 2010.lnk").InvokeVerb("taskbarpin")

Well, with the current build/set of patches, it no longer works. That was a waste of a day!

Here is the bug filed with Microsoft Connect:

Pint To Taskbar no longer working

Hope that helps someone.

Windows 10 ignores Internet Explorer when using Import-Startlayout

More Windows 10 inconsistencies. Clearly, I have Internet Explorer in my start screen layout xml (Line 10):

<LayoutModificationTemplate Version="1" xmlns="http://schemas.microsoft.com/Start/2014/LayoutModification">
  <DefaultLayoutOverride>
    <StartLayoutCollection>
      <defaultlayout:StartLayout GroupCellWidth="6" xmlns:defaultlayout="http://schemas.microsoft.com/Start/2014/FullDefaultLayout">
        <start:Group Name="Office" xmlns:start="http://schemas.microsoft.com/Start/2014/StartLayout">
          <start:DesktopApplicationTile Size="2x2" Column="0" Row="0" DesktopApplicationID="{6D809377-6AF0-444B-8957-A3773F02200E}\Microsoft Office\Office14\OUTLOOK.EXE" />
          <start:DesktopApplicationTile Size="2x2" Column="0" Row="2" DesktopApplicationID="{6D809377-6AF0-444B-8957-A3773F02200E}\Microsoft Office\Office14\EXCEL.EXE" />
          <start:DesktopApplicationTile Size="2x2" Column="4" Row="0" DesktopApplicationID="{6D809377-6AF0-444B-8957-A3773F02200E}\Microsoft Office\Office14\POWERPNT.EXE" />
          <start:DesktopApplicationTile Size="2x2" Column="2" Row="0" DesktopApplicationID="{6D809377-6AF0-444B-8957-A3773F02200E}\Microsoft Office\Office14\WINWORD.EXE" />
          <start:DesktopApplicationTile Size="2x2" Column="2" Row="0" DesktopApplicationID="Microsoft.InternetExplorer.Default" />
        </start:Group>
        <start:Group Name="Play and explore" xmlns:start="http://schemas.microsoft.com/Start/2014/StartLayout">
          <start:Tile Size="4x2" Column="0" Row="0" AppUserModelID="Microsoft.BingFinance_8wekyb3d8bbwe!AppexFinance" />
          <start:Tile Size="4x2" Column="0" Row="2" AppUserModelID="Microsoft.BingNews_8wekyb3d8bbwe!AppexNews" />
          <start:Tile Size="2x2" Column="4" Row="0" AppUserModelID="Microsoft.BingWeather_8wekyb3d8bbwe!App" />
          <start:Tile Size="2x2" Column="4" Row="2" AppUserModelID="Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI" />
        </start:Group>
      </defaultlayout:StartLayout>
    </StartLayoutCollection>
  </DefaultLayoutOverride>
</LayoutModificationTemplate>

And when I log in for the first time, I.E. isn’t in the start menu.
Others are having this issue too!

Powered by WordPress. Designed by WooThemes