If you ever need to clear the cache for a specific website, you’ll just need to enact the “Empty Cache Hard Reload” function in Chrome.
On a website you want to clear the cache from, click F12 to bring up the Developer Tools which will appear on the right side of the page.
Next, Right-Click on the Refresh Icon and you’ll have additional refresh options. Select Empty Cache and Hard Reload.
Emptying your browser’s cache and performing a hard reload forces the browser to download every resource for a page, including new scripts, styles, and features. This can help if a web page isn’t loading correctly
Attempted to setup AD authentication to Sophos Firewall, and kept getting the following error: Test connection failed as server is down or unreachable
The connection would work successfully when using Plaintext, but fail when using SSL/TLS or STARTTLS.
The root issue was that the Domain Controller I was trying to connect to, did not have an SSL certificate associated with it. You could go out and purchase an SSL cert that matched the FQDN, or setup an internal CA service, but if you need a quick and dirty solution, you can just generate a self-signed cert and add it as a trusted CA.
Open Powershell as Administrator
Type in the following command to create a self-signed cert: New-SelfSignedCertificate -CertStoreLocation Cert:\LocalMachine\My -DnsName “fqdn-of-server” -FriendlyName “Server Cert” -NotAfter (Get-Date).AddYears(10)
Next, copy the generated cert which will reside under the Personal\Certificates store to the Trusted Root Certification Authorities\Certificates Store
Now you should be able to test using any of the other connection security methods successfully.
I was attempting to move a VM from one host to another, and received the fallowing error: “Host does not support the virtual hardware configuration of virtual machine. The IO Filters(s) XXXX configured on the VM’s disk are not installed on the destination host.“
At one point, I was using a VM accelerator solution that was not cleanly removed. It took me awhile to figure out how to remove the IO filter from the VM, so hopefully this guide will save you some time.
Part 1 – Remove setting from the VM
After searching the config files of the VM, I came across the VM’s VMDK descriptor file. This is not the storage VMDK file itself, but the 1KB sized descriptor file which I had to edit.
There are two lines that contain configurations for the IO filter, and both need to be removed. These are the ddb.iofilters and ddb.sidecars settings. Both lines can just be removed and the file saved.
Upon trying to migrate the VM after removing these lines, I received the same error as before. I needed to make the host aware of these changes somehow. This was achieved by right-clicking the VM –> VM Policies –> Edit VM Storage Policies..
I didn’t have to change anything, but just needed to click OK.
After doing those tasks, I was able to successfully migrate the VM!
Part 2 – Remove setting from the Host
Although I probably could have done this first, I was in a hurry and didn’t want to impact production VMs. The process to remove the IO filter from the host is fairly quick and easy, but will require the host to be in maintenance mode, and a reboot is probably useful afterwards.
Put the host into maintenance mode. SSH into the host. Run “esxcli software vib list” to view a list of all installed filters. Run “esxcli software vib remove -n filtername” (replacing filter name) to remove the filter. While a reboot isnt required, it is suggested.
When attempting to enable Bitlocker on computers remotely, using an RMM tool, here are some PS commands that will assist in this process.
View the current status of Bitlocker on a machine. manage-bde c: -status
Add a key protector so the machine can be encrypted. This is useful on some OEM machines that come with Bitlocker enabled, but no key can be retrieved from the machine. manage-bde c: -protectors -add -rp
Backup the Bitlocker keys to Active Directory manage-bde -protectors -adbackup c: -id “{3500023E-381E-449B-878B-0CD1067DCD79}”
Notice, the ID will be the unique ID shown from the manage-bde c: -protectors -add -rp command. You will need to add parenthesis before and after the brackets.
Lastly, if you need to require a user to login to the machine with a PIN, you can use the following command, in addition to those above: manage-bde -protectors -add c: -TPMAndPIN
From there, you will enter the desired PIN and test by rebooting the machine.
I have a client who requires security event logs be kept. They enabled archive log retention on the Security Event Logs, but it kept filling up their C: drive.
To remedy this, I created a PowerShell script that moves these files when they are 7 days old to another location, and then used Task Schedule to automate the process. Here are the steps to do that.
The source folder where these logs are stored: C:\Windows\System32\winevt\Logs The destination folder where they want the logs moved to: E:\Windows-System32-winevt-Logs
Created a PowerShell script for this process: get-childitem -Path “c:\windows\system32\winevt\logs” Archive-Security*.evtx |where-object {$_.LastWriteTime -lt (get-date).AddDays(-7)} | move-item -destination “E:\Windows-System32-winevt-Logs” -Verbose
Created a new Task Scheduler task called AutoMove Security Logs Its Actions are set to run PowerShell and execute the following: -ExecutionPolicy Bypass C:\support\AutoMove_SecurityLogs.ps1
When using Sophos Mobile or any other MDM solutions, putting a device is Supervised mode unlocks additional management capabilities.
Requirements for putting a device in Supervised Mode: – Apple Mac Computer running the Apple Configurator App – iOS or iPad OS device will need to connect to that computer via USB cable – This process will require the device to be wiped. All settings and content will be erased.
Step by Step Process
On the Mac computer, download and install the Apple Configurator App
2. In the Configurator App, select Account and login with the Apple Business Manager account. Select the appropriate Location: This is the Business that the IOS device will be deployed to.
3. Connect your device to the computer using a USB cable and select Trust when prompted on your iPad. Turn off Find My iPad by tapping Settings, Apple ID, then iCloud.
4. In the Configurator App, right-click the device and select Prepare.
5. Prepare with Manual Configuration and select both Supervise devices and Allow devices to pair with other computers.
6. In the next section, select Do not enroll in MDM.
7. Select the appropriate location
8. Leave All Steps selected and click Prepare. It will ask to Erase the device to Continue, which you will agree to.
9. If you got into Settings App, you should see that the device is now in Supervised Mode
Veeam has been shipping with SQL 2012 which is end of life, and newer patches of Veeam does not upgrade SQL during the patching process. It is on the end-user to upgrade their instance of SQL, which is pretty easy to do.
Before you Upgrade
You will want to do a few things before you start the upgrade process: – Disabled all Veeam jobs in Veeam – Stop and Disable all Veeam Services on Windows, making sure you notate the original Startup state (Automatic vs Automatic Delayed Start). – If Veeam is running on a VM, please snapshot the VM – Backup the databases manually using SQL Studio
On to the Upgrade Process
Download SQL 2019 Express from Microsoft. The download links always seem to change, so you will need to snag a copy yourself.
Run the executable and select Custom as the Installation Type.
Choose a location to save the files that will be downloaded for the install. The default path is fine.
When the Installation Center window appears, choose Upgrade from a Previous Version of SQL Server.
5. Choose the SQL instance you would like to upgrade. For a reference of which build numbers equal which version of SQL, see this Microsoft Doc here:
6. The installation will then start.
I ran into an issue where SQL Upgrade was looking for a Microsoft OLE DB Driver from source installation. I tried to download this driver from Microsoft and point the installer there, but that did not work.
To remedy this, I uninstalled this driver, rebooted the server, and restarted the installation, and it upgraded the Database Engine Services which failed the first time, but was successful now.
Verify Upgrade Success
You can view the upgrade build status by opening the database in SQL Studio Manager and going to properties of the instance. Refer to the version build numbers link I posted earlier in this post.
You can also view this info by going to properties of the SQL service, and reference the path to the executable.
Post Upgrade
Now that the upgrade is complete, enable the Veeam services and Veeam jobs.
Veeam One Issue
After the upgrade, Veeam Backup worked great, but I noticed I could not get into Veeam One, and would receive the following error: “Veeam One monitoring service cannot access its database“
This was resolved by opening the Veeam One Settings application (C:\Program Files\Common Files\Veeam\Veeam ONE Settings\VeeamOneSettings.exe) and testing the connection. All the settings looked good, but it would fail the connection test. I clicked Browse by Server Name and selected the server again, and this time it tested successfully and I could use Veeam One again.
Having a dozen Raspberry Pi’s around the house is nice for random projects, but I would like to consolidate as much as I can into jails on FreeNAS/TrueNAS. Unfortunately, running Pi-Hole on a jail isn’t really supported at this point, with previous attempts being abandoned by the community. Deploying it as a VM is the next best thing.
Requirements
Ubuntu Server 21.x VM with a minimum 1 vCPU, 512MB vRAM, and 10GB Drive
Create a new VM in TrueNAS, using whatever values you prefer. Guest Operating System should be Linux Boot Method should be UEFI Bind should be the primary IP of your TrueNAS
Operating System
Configure desired system requirements The minimum requirements were listed above, but I would add another vCPU core and some additional RAM
VM CPU and Memory
Configure VM Disks Create new Disk Image and make sure to select AHCI as disk type. Select a Zvol location on your NAS I used a 12 GB Drive, which is probably overkill for this
Disks
Network Interfaces and Installation Media You can take the defaults on Network Interfaces On Installation Media, upload the Ubuntu ISO you downloaded earlier, or select it from your TrueNAS if you have already copied it to a share.
Installation Media
Install Ubuntu OS After saving the VM settings, power on and run through a default setup of Ubuntu. Make sure to set the IP address of this VM with a static IP on your network, as this will be your new PiHole DNS Server. Also, install OpenSSH during the install if you wish to SSH to Pi-Hole. After installing Ubuntu, update the Ubuntu OS
sudo apt update sudo apt upgrade
Install Pi-Hole Run the following command in an SSH or Console session on the Ubuntu VM
sudo curl -sSL https://install.pi-hole.net | bash
Follow the Pi-Hole Wizard to configure additional settings Choose your DNS provider (I used OpenDNS) Take the defaults on the rest of the items unless you have specific reasons otherwise.
I have been using dual displays with my Surface Dock and Surface Dock 2 for awhile now, but recently the second external display would just go to sleep and not display anything no matter what I tried. The solution was found in a Microsoft forum.
