WannaCrypt Malware

Of course you have heard about the new malware, which yesterday created a lot of problems in industry. Unfortunately it is not an unknown problem.
Microsoft released a patch for this type of vulnerability already in March, but it seems once again that administrators are not patching their systems.
So, if you haven’t patched your systems at least every month, if you haven’t patched your system from March, is time to do it. And don’t forget to have a good defense system (antivirus and other prevention mechanisms). Update them to!
You can find additional information in this link.

Here is a link to post how was neutralized and who did this.
Anyway, we have already a version 2.0; you can read about this version here.
Again, please patch your systems! This update will solve a vulnerability. And don’t forget: this is not the first malware who was written on known vulnerability – patch your systems constantly!
Additionally, please disable SMB1 protocol – it is not new that it is not secure. Here and here are some guidelines how to do it via GPO.

Export and import DHCP settings with netsh

Sometimes you will have to transfer DHCP settings via netsh command. This could be useful for a couple of reasons and it is fine to know how to approach it. Anyway, this is the quickest way to do a DHCP migration.
First you have to login to source server (it could be also a failover clustered DHCP service) and open CMD as Administrator. Then you have to enter in netsh mode with typing:
netsh
Now you have to select server with typing:
dns server \\servername
Where servername is the name of the old DHCP server or clustered service name. This will connect you to DHCP server and you are ready to export settings with this command:
export filename all        to export the entire configuration or
export filename 192.168.222.0    to export only a scope configuration (in my case 192.168.222.0)
Of course, you have to replace the filename with full path and name of the file where you want to save exported data. This file now must be transferred to target – new server and we are ready to import the configuration. Of course, priory you import the configuration, the new server has to be authorized in AD. To begin an import procedure, we have to do the same steps as on the old server; open command prompt, enter into netsh mode and select DHCP server. After this, we have just a step to import settings with this command:
Import filename all        to import all settings or
Import filename 192.168.222.0    to import just a scope
That’s all. Just be sure to double-check if the import did its job, disable and unautorize the old server (you can do it also with netsh: netsh dhcp delete server ServerIP). Of course, don’t forget to uninstall the service on the old computer.
You have finished. Good work!

Send mail on backup failure with Script

A lot of us, in small environment, is using Windows backup to backup all servers. To be honest, it is a good enough solution, but we have problems with reporting. For me, as an administrator, it is very important to know if a backup was successful or not. There is still another problem, that we have many small environments to check and it would be nice to receive reports thru mail.
As there I didn’t find a solution, I wrote a script, which runs as scheduled task (weekly or daily – as you prefer) and E-Mail me all errors on backup jobs in last X hours. It is working for me and now I am more secure that everything in the system is going in the right way. Be careful how you will use the script; it should be used on any server where you run Windows backup and if you are using Exchange for sending mails take care on authentication or create relay connector to allow the script to send an E-Mail.

Script could be downloaded here..

Many free tools for administrators

For any administrator, who want to use any kind of free tools to have better access or monitor some functionalities in Windows environments, here we have a list of many free tools. Just look which is usable for you and use it:
https://4sysops.com/best-free-windows-admin-tools/
And please, test it in test environment prior you use it in production. Many times tolls are not exactly the same as you expect..

Forgot ILO Password?

No problem. You can reset it via software from your operating system. It is possible to do it from almost any Windows server system and from Linux (from Linux I didn’t try).
To do this, you have to install HP Lights-Out Online Configuration Utility for the system that you are using. You can download it form HP web page, where the drivers are located.
After you have installed this software, you will need a XML file with this content:

<ribcl VERSION=”2.0″>
 <login USER_LOGIN=”Administrator” PASSWORD=”boguspassword”>
   <user_INFO MODE=”write”>
    <mod_USER USER_LOGIN=”Administrator”>
     <password value=”YourNewPassword”/>
    </mod_USER>
   </user_INFO>
 </login>
 </ribcl>

I know, that the login password (the old one) is not correct, but you don’t need to know it (scary…), it will work.
Save this file into the folder C:\Progam Files\HP\hponcfg and launch the command prompt as Administrator. Navigate to the folder and type:
Hponcfg /f YourFile.xml /l YourLogFile.txt
You will be noticed that script worked correctly. Now you have just to login into ILO with the new password.
Easy to do it. Maybe too easy.

More reading:
Export ILO configuration

ILO Scripting guide.