Wednesday, August 26, 2015

Compile Zabbix from source for Raspberry Pi

This is tested on fresh Raspbian 2015-05-05!

Create new user zabbix and add this user to zabbix group:
sudo groupadd zabbix
sudo useradd -g zabbix zabbix
Download LTS version of zabbix source:
wget http://vorboss.dl.sourceforge.net/project/zabbix/ZABBIX%20Latest%20Stable/2.2.10/zabbix-2.2.10.tar.gz -O ~/zabbix-2.2.10.tar.gz
Extract archive:
tar -vzxf zabbix-2.2.10.tar.gz
Move to the extracted content:
cd zabbix-2.2.10
Prepare installation only as zabbix client:
./configure --enable-agent
This will show output similar to this:
Configuration:

  Detected OS:           linux-gnueabihf
  Install path:          /usr/local
  Compilation arch:      linux

  Compiler:              gcc
  Compiler flags:        -g -O2

  Enable server:         no

  Enable proxy:          no

  Enable agent:          yes
  Agent details:
    Linker flags:          -rdynamic
    Libraries:             -lm -ldl -lrt  -lresolv

  Enable Java gateway:   no

  LDAP support:          no
  IPv6 support:          no

***********************************************************
*            Now run 'make install'                       *
*                                                         *
*            Thank you for using Zabbix!                  *
*              <http://www.zabbix.com>                    *
***********************************************************
Lets try to configure zabbix server with postgresql database with all commmon futures:
./configure --enable-server --enable-agent --with-postgresql --with-libcurl --with-libxml2 --with-ssh2 --with-net-snmp --with-openipmi --with-jabber
This will output:

configure: error: PostgreSQL library not found

sudo apt-get install libpq-dev -y

configure: error: LIBXML2 library not found

sudo apt-get install libxml2-dev -y

configure: error: Invalid Net-SNMP directory - unable to find net-snmp-config

sudo apt-get install snmp -y

configure: error: Not found Net-SNMP library

sudo apt-get install libsnmp-dev -y

configure: error: SSH2 library not found

sudo apt-get install libssh2-1-dev -y

configure: error: Not found Curl library

sudo apt-get install libcurl4-openssl-dev -y

configure: error: Invalid OPENIPMI directory - unable to find ipmiif.h

sudo apt-get install libopenipmi-dev -y

configure: error: Jabber library not found

sudo apt-get install libiksemel-dev -y
So all packages together:
sudo apt-get install libpq-dev libxml2-dev snmp libsnmp-dev libssh2-1-dev libcurl4-openssl-dev libopenipmi-dev libiksemel-dev postgresql -y
At the end we got:
Configuration:

  Detected OS:           linux-gnueabihf
  Install path:          /usr/local
  Compilation arch:      linux

  Compiler:              gcc
  Compiler flags:        -g -O2    -I/usr/include/postgresql   -I/usr/include/libxml2   -I/usr/local/include -I/usr/lib/perl/5.14/CORE -I. -I/usr/include -I/usr/include -I/usr/include

  Enable server:         yes
  Server details:
    With database:         PostgreSQL
    WEB Monitoring:        cURL
    Native Jabber:         yes
    SNMP:                  yes
    IPMI:                  yes
    SSH:                   yes
    ODBC:                  no
    Linker flags:          -rdynamic       -L/usr/lib    -L/usr/lib   -L/usr/lib -L/usr/lib -L/usr/lib   -L/usr/lib/arm-linux-gnueabihf
    Libraries:             -lm -ldl -lrt  -lresolv      -lpq  -liksemel -lxml2    -lnetsnmp -lssh2 -lOpenIPMI -lOpenIPMIposix   -lcurl

  Enable proxy:          no

  Enable agent:          yes
  Agent details:
    Linker flags:          -rdynamic      -L/usr/lib/arm-linux-gnueabihf
    Libraries:             -lm -ldl -lrt  -lresolv     -lcurl

  Enable Java gateway:   no

  LDAP support:          no
  IPv6 support:          no

***********************************************************
*            Now run 'make install'                       *
*                                                         *
*            Thank you for using Zabbix!                  *
*              <http://www.zabbix.com>                    *
***********************************************************
Install all:
sudo make install
Source:
https://www.zabbix.com/documentation/2.2/manual/installation/install

Tuesday, August 25, 2015

Port forwarding, RouterOS 6, MikroTik, ssh example

Go to IP and select Firewall. Select second tab NAT

Set Chain to dstnat
Select Protocol to 6 (tcp)
Choose your random port for example 4321
Set In.interface to ether1-gateway

Scroll a little bit down side.
Set action to dst-nat
Write down your To Address
For ssh example To Port must be 22

Scroll back to top and save configuration with OK

All done. Now you have rule configured. It will work instantly.
If you want to modify the rule - just click on middle of line.
To disable - click on [D]
To remove - click on [-]

Monday, August 24, 2015

Create IP address reservation, Router OS 6, MikroTik

Open web browser on go for http://192.168.88.1/

Default username is admin without any password.

Open IP section and select DHCP server, select tab Leases
Click on line which do not have "D" on second column:

Click Make static to make the address static. Click Close to close this dialog:

Now the "D" has disapier. Click again on the same line to set the custom IP address:

Write your IP address you want and click OK:

Friday, August 21, 2015

Install KB890830, FirstRun, online mode, Windows 7

KB890830 is periodical month update which release new version every month.
Use Internet Explorer and olick on this link:
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB890830

When you download these update files usualy you retrieve two exe files for each architecture:
Windows Malicious Software Removal Tool - August 2015 (KB890830)
Windows Malicious Software Removal Tool x64 - August 2015 (KB890830)
Each directory includes two files - the full installer and the delta package between previous month. You can remove delta file cause it is the first time when you install then you need only full package.

Create x64 and x86 direcotry.
Move Windows Malicious Software Removal Tool - August 2015 (KB890830) to x86.
Move Windows Malicious Software Removal Tool x64 - August 2015 (KB890830) to x64 direcotry.


Create FirstRun.bat with content:
@echo off
setlocal EnableDelayedExpansion
set path=%path%;%~dp0
if not "%ProgramFiles(x86)%"=="" (
set u=%~dp0x64
) else set u=%~dp0x86
echo sorting updates..
for /f "tokens=*" %%i in ('^
dir /b "%u%" ^|
sed "s/^.*KB\|^.*kb//g;s/).*$//g" ^|
sed "s/[ \t]*$//" ^|
gnusort -n ^|
sed "/^$/d"') do (
for /f "tokens=*" %%d in ('dir /b "%u%" ^| grep "%%i"') do (
echo installing KB%%i
for /f "tokens=*" %%z in ('dir /b "%u%\%%d\*.msu" "%u%\%%d\*.exe"') do (
echo %%z | grep "890830" > nul 2>&1
if !errorlevel!==0 (
start /wait "" "%u%\%%d\%%z" /Q /F:Y
) else (
echo %%z | grep "\.exe" > nul 2>&1
if !errorlevel!==0 start /wait "" "%u%\%%d\%%z" /passive /norestart
if not !errorlevel!==0 echo %%z returns !errorlevel!
)
echo %%z | grep "\.msu" > nul 2>&1
if !errorlevel!==0 %systemroot%\system32\wusa.exe "%u%\%%d\%%z" /quiet /norestart
if not !errorlevel!==0 echo %%z returns !errorlevel!
)
)
)
endlocal

net stop wuauserv
rd %systemroot%\SoftwareDistribution /Q /S
SC sdshow wuauserv
SC sdset wuauserv D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
wuauclt.exe /detectnow

%systemroot%\system32\shutdown.exe -r -t 60
Note:
With no modification to the script you can also install KB3045557, KB3083186, KB2533552 and KB2952664 in online mode. Just use Internet Explorer, go to the http://catalog.update.microsoft.com/ and download all files to x64 or x86 direcotry.

Thursday, August 20, 2015

autounattend.xml for Windows 10 Pro

This autounattend.xml will work for x86 and x64 system at the same time.

Use Windows 10 from:
https://www.microsoft.com/en-us/software-download/windows10

License key is used from:
https://technet.microsoft.com/en-us/jj612867.aspx

All partition will be deleted without prompting so it really does zero touch.

For first run script you have to creade file:
%dvdroot%\sources\$OEM$\$$\Setup\Scripts\FirstRun.cmd with content:
for %%i in (b c d e f g h i j k l m n o p q r s t u v w x y z) do (
if exist %%i:\FirstRun\FirstRun.bat %%i:\FirstRun\FirstRun.bat
)

Put on DVD root:
autounattend.xml with content:
<?xml version="1.0" encoding="utf-8"?>
<unattend xmlns="urn:schemas-microsoft-com:unattend">
    <settings pass="windowsPE">
        <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <SetupUILanguage>
                <UILanguage>en-US</UILanguage>
            </SetupUILanguage>
            <InputLocale>en-US</InputLocale>
            <SystemLocale>en-US</SystemLocale>
            <UILanguage>en-US</UILanguage>
            <UserLocale>en-US</UserLocale>
        </component>
        <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <SetupUILanguage>
                <UILanguage>en-US</UILanguage>
            </SetupUILanguage>
            <InputLocale>en-US</InputLocale>
            <SystemLocale>en-US</SystemLocale>
            <UILanguage>en-US</UILanguage>
            <UserLocale>en-US</UserLocale>
        </component>
        <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <DiskConfiguration>
                <Disk wcm:action="add">
                    <CreatePartitions>
                        <CreatePartition wcm:action="add">
                            <Order>1</Order>
                            <Type>Primary</Type>
                            <Extend>true</Extend>
                        </CreatePartition>
                    </CreatePartitions>
                    <ModifyPartitions>
                        <ModifyPartition wcm:action="add">
                            <Extend>false</Extend>
                            <Format>NTFS</Format>
                            <Letter>C</Letter>
                            <Order>1</Order>
                            <PartitionID>1</PartitionID>
                            <Label>System</Label>
                        </ModifyPartition>
                    </ModifyPartitions>
                    <DiskID>0</DiskID>
                    <WillWipeDisk>true</WillWipeDisk>
                </Disk>
                <WillShowUI>OnError</WillShowUI>
            </DiskConfiguration>
            <ImageInstall>
                <OSImage>
                    <InstallTo>
                        <DiskID>0</DiskID>
                        <PartitionID>1</PartitionID>
                    </InstallTo>
                </OSImage>
            </ImageInstall>
            <UserData>
                <ProductKey>
                    <WillShowUI>OnError</WillShowUI>
                    <Key>W269N-WFGWX-YVC9B-4J6C9-T83GX</Key>
                </ProductKey>
                <AcceptEula>true</AcceptEula>
            </UserData>
        </component>
        <component name="Microsoft-Windows-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <DiskConfiguration>
                <Disk wcm:action="add">
                    <CreatePartitions>
                        <CreatePartition wcm:action="add">
                            <Order>1</Order>
                            <Type>Primary</Type>
                            <Extend>true</Extend>
                        </CreatePartition>
                    </CreatePartitions>
                    <ModifyPartitions>
                        <ModifyPartition wcm:action="add">
                            <Extend>false</Extend>
                            <Format>NTFS</Format>
                            <Letter>C</Letter>
                            <Order>1</Order>
                            <PartitionID>1</PartitionID>
                            <Label>System</Label>
                        </ModifyPartition>
                    </ModifyPartitions>
                    <DiskID>0</DiskID>
                    <WillWipeDisk>true</WillWipeDisk>
                </Disk>
                <WillShowUI>OnError</WillShowUI>
            </DiskConfiguration>
            <ImageInstall>
                <OSImage>
                    <InstallTo>
                        <DiskID>0</DiskID>
                        <PartitionID>1</PartitionID>
                    </InstallTo>
                </OSImage>
            </ImageInstall>
            <UserData>
                <ProductKey>
                    <WillShowUI>OnError</WillShowUI>
                    <Key>W269N-WFGWX-YVC9B-4J6C9-T83GX</Key>
                </ProductKey>
                <AcceptEula>true</AcceptEula>
            </UserData>
        </component>
    </settings>
    <settings pass="oobeSystem">
        <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <UserAccounts>
                <AdministratorPassword>
                    <Value></Value>
                    <PlainText>true</PlainText>
                </AdministratorPassword>
                <LocalAccounts>
                    <LocalAccount wcm:action="add">
                        <Password>
                            <Value>perfect</Value>
                            <PlainText>true</PlainText>
                        </Password>
                        <Description>perfect user</Description>
                        <DisplayName>perfect</DisplayName>
                        <Group>administrators</Group>
                        <Name>perfect</Name>
                    </LocalAccount>
                </LocalAccounts>
            </UserAccounts>
            <OOBE>
                <HideEULAPage>true</HideEULAPage>
                <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
                <NetworkLocation>Work</NetworkLocation>
                <ProtectYourPC>1</ProtectYourPC>
                <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
                <HideLocalAccountScreen>true</HideLocalAccountScreen>
                <SkipUserOOBE>true</SkipUserOOBE>
                <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
            </OOBE>
            <AutoLogon>
                <Password>
                    <Value></Value>
                    <PlainText>true</PlainText>
                </Password>
                <Username>administrator</Username>
                <Enabled>true</Enabled>
            </AutoLogon>
            <FirstLogonCommands>
                <SynchronousCommand wcm:action="add">
                    <Order>1</Order>
                    <Description>Run FirstRun.cmd</Description>
                    <CommandLine>%WINDIR%\Setup\Scripts\FirstRun.cmd</CommandLine>
                </SynchronousCommand>
            </FirstLogonCommands>
            <ShowWindowsLive>false</ShowWindowsLive>
        </component>
        <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <UserAccounts>
                <AdministratorPassword>
                    <Value></Value>
                    <PlainText>true</PlainText>
                </AdministratorPassword>
                <LocalAccounts>
                    <LocalAccount wcm:action="add">
                        <Password>
                            <Value>perfect</Value>
                            <PlainText>true</PlainText>
                        </Password>
                        <Description>perfect user</Description>
                        <DisplayName>perfect</DisplayName>
                        <Group>administrators</Group>
                        <Name>perfect</Name>
                    </LocalAccount>
                </LocalAccounts>
            </UserAccounts>
            <OOBE>
                <HideEULAPage>true</HideEULAPage>
                <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
                <NetworkLocation>Work</NetworkLocation>
                <ProtectYourPC>1</ProtectYourPC>
                <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
                <HideLocalAccountScreen>true</HideLocalAccountScreen>
                <SkipUserOOBE>true</SkipUserOOBE>
                <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
            </OOBE>
            <AutoLogon>
                <Password>
                    <Value></Value>
                    <PlainText>true</PlainText>
                </Password>
                <Username>administrator</Username>
                <Enabled>true</Enabled>
            </AutoLogon>
            <FirstLogonCommands>
                <SynchronousCommand wcm:action="add">
                    <Order>1</Order>
                    <Description>Run FirstRun.cmd</Description>
                    <CommandLine>%WINDIR%\Setup\Scripts\FirstRun.cmd</CommandLine>
                </SynchronousCommand>
            </FirstLogonCommands>
            <ShowWindowsLive>false</ShowWindowsLive>
        </component>
    </settings>
    <settings pass="specialize">
        <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
            <OEMInformation>
                <HelpCustomized>false</HelpCustomized>
            </OEMInformation>
            <ComputerName />
            <TimeZone>Pacific Standard Time</TimeZone>
            <RegisteredOwner></RegisteredOwner>
        </component>
        <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
            <OEMInformation>
                <HelpCustomized>false</HelpCustomized>
            </OEMInformation>
            <ComputerName />
            <TimeZone>Pacific Standard Time</TimeZone>
            <RegisteredOwner></RegisteredOwner>
        </component>
        <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <SkipAutoActivation>true</SkipAutoActivation>
        </component>
        <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <SkipAutoActivation>true</SkipAutoActivation>
        </component>
    </settings>
</unattend>

Wednesday, August 19, 2015

The specified image in the specified wim is already mounted, 0xc1420127

Deployment Image Servicing and Management tool
Version: 6.3.9600.17029

Error: 0xc1420127

The specified image in the specified wim is already mounted for read/write access.

The DISM log file can be found at C:\WINDOWS\Logs\DISM\dism.log
To solve this case please run "Deployment and Imaging Tools Environment" in "Run as administrator" mode and enter:
DISM.exe /Unmount-Wim /MountDir:C:\path\to\offline\directory /discard

Monday, August 17, 2015

Force Software Update Deployment Evaluation Cycle

On Configuration Manager you can modify these settings under:
Administration -> Overview -> Site Configuration -> Client Settings ->
Default Client Settings -> Software Updates -> Software update scan schedule:

You can force to receive updates on client side by selecting "Software Update Deployment Evaluation Cycle" and click "Run Now":

For command line execution launch:
WMIC /namespace:\\root\ccm path sms_client CALL TriggerSchedule "{00000000-0000-0000-0000-000000000113}" /NOINTERACTIVE
The output of this command will be similar to this:
C:\WINDOWS\system32>WMIC /namespace:\\root\ccm path sms_client CALL TriggerSchedule "{00000000-0000-0000-0000-000000000113}" /NOINTERACTIVE
Executing (sms_client)->TriggerSchedule()
Method execution successful.
Out Parameters:[abstract]
class __PARAMETERS
{
        [out] uint32 ReturnValue;
};

C:\WINDOWS\system32>
If you run this command with not enough privileges you will receive Access denied error:
C:\Users>WMIC /namespace:\\root\ccm path sms_client CALL TriggerSchedule "{00000000-0000-0000-0000-000000000113}" /NOINTERACTIVE
Executing (sms_client)->TriggerSchedule()
ERROR:
Description = Access denied

C:\Users>
Make sure you run the command in "Run as administrator" mode.

After the commanand has been succesfuly launched you can see instant log changes on:
C:\Windows\CCM\Logs\UpdatesStore.log
For remote usage save using psexec.exe:
psexec /accepteula \\%1 WMIC /namespace:\\root\ccm path sms_client CALL TriggerSchedule "{00000000-0000-0000-0000-000000000113}" /NOINTERACTIVE
Replace %1 with remote computer name.

It is highly recommended to update policy before you launch any update:
WMIC /namespace:\\root\ccm path sms_client CALL TriggerSchedule "{00000000-0000-0000-0000-000000000021}" /NOINTERACTIVE
WMIC /namespace:\\root\ccm path sms_client CALL TriggerSchedule "{00000000-0000-0000-0000-000000000022}" /NOINTERACTIVE
Source:
http://www.systemcenterdudes.com/configuration-manager-2012-client-command-list/
http://blogs.technet.com/b/configmgrdogs/archive/2014/06/30/configmgr-2012-windows-update-client-process.aspx

Friday, August 14, 2015

The trust relationship between this workstation and the primary domain failed


I was wondering why this message sometimes appears in huge organization.
Today i found one of the possible reasons.

This happens when you join computer into domain with name which already exists.
You are supposed to recieve message about duplicate computer on network but you don't. So the new comnputer replaces old one and the old one are no longer valid.

To solve this situation you have to delete computer object from active directory and log into this computer with locol acount (not domain).

If recieve this message:

Your account has been disabled. Please see your system administrator.


Then insert Hirens Boot CD and select "Offline NT/2000/XP/Vista/7 Password Changer":

Select disk where windows installation is:

Select path and registry files:

Select password reset:

Enable and clear local administrator account:

Save changes to disk:

Thursday, August 13, 2015

Lazy driver installation for Windows

At first you must get dpinst.exe
Open a3e6d952abf6ea4c57299ff3ea47fac9.cab and extract file
filcb0a623f1cb2e585129c132d4a73d3df and rename it to dpinst_x64.exe
Open d2303186aad40bc4d581da29ff1e5074.cab and extract file
fil9dd9b108fd699bcc7d615ea929c126af and rename it to dpinst_x86.exe

Create config file dpinst.xml:
<?xml version="1.0" ?>
<dpinst>

<search>
<subDirectory>*</subDirectory>
</search>
<enableNotListedLanguages/>
<suppressEulaPage/>
<suppressAddRemovePrograms/>
<quietInstall/>

<!-- Only install drivers for online hardware -->
<scanHardware/>

<!-- No driver signature required -->
<legacyMode/>

</dpinst>
Basic install file - installdrv.cmd:
@echo off

Title Driver Package Installer

echo  Installing: Driver deployment...
echo  ====================================

if exist "%SystemRoot%\SysWOW64" (goto :x64) else (goto :x86)

:x86
echo.
echo  Installing..
"%~dp0dpinst_x86.exe" /c
goto Finish

:x64
echo.
echo  Installing..
"%~dp0dpinst_x64.exe" /c
goto Finish

:Finish
echo.
echo  Installed.
echo.
echo.

REM The /c parameter simply indicates that all output should go to the console instead of a log file.
 
rem notepad %systemroot%\DPINST.LOG
From network share you have to create run-from-network-share.cmd:
@echo off
if exist q: net use q: /delete /yes
net use q: \\path\to\drivers
q:
installdrv.cmd
Every file are suposed to run in "Run as administrator" mode.

Wednesday, August 12, 2015

SCCM Windows Update troubleshooting

"SMS Agent Host" is Microsoft Windows Configuration Manager service. The binary of this service is called ccmexec:

This service is responsible about plenty of stuff:

If you want to work properly with windows updates on client side you have to be properly configured windows update recieving rules. Latest configuration status you can found by runing rsop command which stands for "Result Set of Policy". Here you can see all custom policy settings about windows update:

Also you can temporary delete all settings with:
reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate" /f
net stop wuauserv
rd %systemroot%\SoftwareDistribution /Q /S
SC sdshow wuauserv
SC sdset wuauserv D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
wuauclt.exe /detectnow
Once you have deleteD WUServer and WUStatusServer under:
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate
Now the only way to access updates is via proxy server:

It is really interesting that SCCM can not delivery updates if the windows update service do are not properly configured. You can configure a lot of options. Make sure you have set right chouse under "Specify intranet Microsoft update service location":

Tuesday, August 11, 2015

Starting httpd: AH00526, DocumentRoot must be a directory

Starting httpd: AH00526: Syntax error on line 121 of /etc/httpd/conf/httpd.conf:
DocumentRoot must be a directory
Check what exactly says the line in config:
cat /etc/httpd/conf/httpd.conf | awk 'NR==121'
This can output something like:
DocumentRoot "/var/www/html"
Check a little bit of range of this line:
cat /etc/httpd/conf/httpd.conf | awk 'NR>=101&&NR<=141'
For CentOS please try change file SELinux security context:
chcon -R -h -t httpd_sys_content_t /var/www/html
Start again httpd daemon:
cd /etc/init.d
./httpd start
Source:
https://stackoverflow.com/questions/14786881/apache-restart-causes-documentroot-must-be-a-directory-even-though-it-is-a-dire

Monday, August 10, 2015

Friday, August 7, 2015

Zabbix, Apache, detect status running, CentOS

Create new template:
httpd is running
Create item httpd.is.running with content:
system.run[service httpd status | grep "is running" | wc -l]
Create trigger Please start httpd!:
{httpd is running:system.run[service httpd status | grep "is running" | wc -l].last(0)}#1

Thursday, August 6, 2015

Acrobat Reader DC, {AC76BA86-7AD7-1033-7B44-AC0F074E4100}


Show existing Adobe Reader DC version

@echo off
setlocal EnableDelayedExpansion
set U=Microsoft\Windows\CurrentVersion\Uninstall
set v=DisplayVersion
set AR={AC76BA86-7AD7-1033-7B44-AC0F074E4100}
if "%ProgramFiles(x86)%"=="" (
set SW=HKLM\SOFTWARE
) else (
set SW=HKLM\SOFTWARE\Wow6432Node
)

reg query "%SW%\%U%\%AR%" > nul 2>&1
if !errorlevel!==0 (
reg query "%SW%\%U%\%AR%" /v %v% | findstr "%v%"
) else echo Adobe Reader DC not found!
endlocal
pause

Do some stuff if found Acrobat Reader DC

@echo off
setlocal EnableDelayedExpansion
set U=Microsoft\Windows\CurrentVersion\Uninstall
set v=DisplayVersion
set AR={AC76BA86-7AD7-1033-7B44-AC0F074E4100}
if "%ProgramFiles(x86)%"=="" (
set SW=HKLM\SOFTWARE
) else (
set SW=HKLM\SOFTWARE\Wow6432Node
)

reg query "%SW%\%U%\%AR%" > nul 2>&1
if !errorlevel!==0 (
echo found Adobe Reader DC. Skipping..
goto AdbRdrOK
)
echo here you can do other stuff..

:AdbRdrOK
endlocal
pause

Uninstall Acrobat Reader DC if found

@echo off
setlocal EnableDelayedExpansion
set U=Microsoft\Windows\CurrentVersion\Uninstall
set v=DisplayVersion
set AR={AC76BA86-7AD7-1033-7B44-AC0F074E4100}
if "%ProgramFiles(x86)%"=="" (
set SW=HKLM\SOFTWARE
) else (
set SW=HKLM\SOFTWARE\Wow6432Node
)

reg query "%SW%\%U%\%AR%" > nul 2>&1
if !errorlevel!==0 (
echo found version
reg query "%SW%\%U%\%AR%" /v %v% | findstr "%v%"
echo uninstalling..
%systemroot%\system32\msiexec.exe /X %AR% /qb
)
endlocal
pause

Check and apply patch for already existing Acrobat Reader DC

@echo off
setlocal EnableDelayedExpansion
set U=Microsoft\Windows\CurrentVersion\Uninstall
set v=DisplayVersion
set AR={AC76BA86-7AD7-1033-7B44-AC0F074E4100}
if "%ProgramFiles(x86)%"=="" (
set SW=HKLM\SOFTWARE
) else (
set SW=HKLM\SOFTWARE\Wow6432Node
)

reg query "%SW%\%U%\%AR%" > nul 2>&1
if !errorlevel!==0 (
reg query "%SW%\%U%\%AR%" /v %v% | findstr "15.007.20033"
if !errorlevel!==0 (
echo installing patch 15.008.20082
%systemroot%\system32\msiexec.exe ^
/p "%~dp0AcroRdrDCUpd1500820082.msp" /qb
)
echo now the version is:
reg query "%SW%\%U%\%AR%" /v %v% | findstr "%v%"
) else echo Adobe Reader DC not found!
endlocal
pause

If not exist then install Acrobat Reader DC and apply patch

@echo off
setlocal EnableDelayedExpansion
set U=Microsoft\Windows\CurrentVersion\Uninstall
set v=DisplayVersion
set AR={AC76BA86-7AD7-1033-7B44-AC0F074E4100}
if "%ProgramFiles(x86)%"=="" (
set SW=HKLM\SOFTWARE
) else (
set SW=HKLM\SOFTWARE\Wow6432Node
)

reg query "%SW%\%U%\%AR%" > nul 2>&1
if !errorlevel!==0 (
reg query "%SW%\%U%\%AR%" /v %v% | findstr "15.007.20033"
if !errorlevel!==0 (
echo installing patch 15.008.20082
%systemroot%\system32\msiexec.exe ^
/p "%~dp0AcroRdrDCUpd1500820082.msp" /qb
)
echo now the version is:
reg query "%SW%\%U%\%AR%" /v %v% | findstr "%v%"
goto AdbRdrOK
) else echo Adobe Reader DC not found!

start /wait "" %systemroot%\system32\msiexec.exe ^
/i "%~dp0AcroRdrDC1500720033_en_US.msi" ^
PATCH="%~dp0AcroRdrDCUpd1500820082.msp" ^
EULA_ACCEPT=YES /qn /norestart

:AdbRdrOK
endlocal
pause
Related files:
http://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1500720033/AcroRdrDC1500720033_en_US.msi
03602e4c6f342f6cf8253661c72c6638
d509f92d07774197ae044cd248ae9fd888b73bb1
http://ardownload.adobe.com/pub/adobe/reader/win/AcrobatDC/1500820082/AcroRdrDCUpd1500820082.msp
5c1a7a8bb44dbd7c1773af0fcab08a6b
20092bd13090c40bc4ed233ba99073374d87d7d1

Browse versions and latest patches:
ftp://ftp.adobe.com/pub/adobe/reader/win/AcrobatDC/

Wednesday, August 5, 2015

Mastering Wheezy Raspbian zero touch

sudo apt-get update && sudo apt-et upgrade -y is command i run first after i boot into fresh installed raspbian image. I am tired of doing that. As an little workaround i can clone my raspberry pi system after it is updated but since libraries can be updated every day it is not the best solution.

How about integrating these update commands into first boot?
Of course this is possible!
I just take the same template which will automatically set up wifi, enable ssh and automatically extend filesystem:

To integrate additional commands into First Run save these files at the boot partition:
http://rpi.catonrug.net/initrd.img
http://rpi.catonrug.net/setup.sh

Go to you boot partition and open existing file called config.txt. Add at the end:
initramfs initrd.img followkernel
setup.sh by defalt contains 68 lines.
You can simply add another commands at the end like:
apt-get update && apt-et upgrade -y
apt-get install midori qemu-system -y
poweroff
As you can see i like to power off my pi after job is done.

Everything you add in setup.sh will run only once.
You do not have to add sudo before any command - the script is runned with supper user by itself.
If you download something with wget then make sure you point exactly where to put the file for example:
wget http://distro.ibiblio.org/damnsmall/archive/dsl-3.4.9.iso -O /home/pi/dsl-3.4.9.iso

Tuesday, August 4, 2015

Go to random post after 5 minutes, blogger.com

Add before </head>:
<script type='text/javascript'>
//<![CDATA[
function showLucky(root){
    var feed = root.feed;
    var entries = feed.entry || [];
    var entry = feed.entry[0];
      for (var j = 0; j < entry.link.length; ++j) {
       if (entry.link[j].rel == "alternate") {
       window.location = entry.link[j].href;
       }
      }
   }

function fetchLuck(luck){
    script = document.createElement('script');
    script.src = '/feeds/posts/summary?start-index='+luck+'&max-results=1&alt=json-in-script&callback=showLucky';
    script.type = 'text/javascript';
    document.getElementsByTagName('head')[0].appendChild(script);
   }

function readLucky(root){
    var feed = root.feed;
    var total = parseInt(feed.openSearch$totalResults.$t,10);
    var luckyNumber = Math.floor(Math.random()*total);
    luckyNumber++;
    fetchLuck(luckyNumber);
    }

function feelingLucky(){
    var script = document.createElement('script');
    script.type = 'text/javascript';
    script.src = '/feeds/posts/summary?max-results=0&alt=json-in-script&callback=readLucky';
    document.getElementsByTagName('head')[0].appendChild(script);
    }

function pageScroll() {
     window.scrollBy(0,1); // horizontal and vertical scroll increments
     scrolldelay = setTimeout('pageScroll()',100); // scrolls every 100 milliseconds
}

//]]>
</script>
Add before </body>:
&lt;script type=&quot;text/javascript&quot;&gt;
setTimeout(&#39;feelingLucky()&#39;, 300000);
&lt;/script&gt;

Monday, August 3, 2015

CCmSetup failed with error code 0x80070307

This happens on Windows 10 when runnning sccm setup:

To solve this case run SCCM setup with /skipprereq:windowsupdateagent30-x64.exe:
ccmsetup.exe /skipprereq:windowsupdateagent30-x64.exe