Latest Server related questions

Is there a way to disable Tamper Protection of Windows Defender on Windows 10 IoT Enterprise 21H2 during image deployment ?

I use unattend.xml file to deploy Windows 10 IoT and I would need to disable Tamper Protection in order to restrict as much as possible CPU/Memory usage to let my kiosk app run smoothly. Unfortunately I cannot disable most of Defender features cause of Tamper Protection. I know it ...

I want to redirect some URLs from an old domain to new versions on a new domain. The old domain uses the www. subdomain and SSL.

For example:

• olddomain.com/audi -> newdomain.com/cars/audi
• olddomain.com/bmw -> newdomain.com/cars/bmw

But there are also a lot of pages/URLs on the old domain with no new version of them. For these pages and all URLs with the www. subdomain I want to use a "catch all ...

I would like to install PHP 8.2 but keep all the packages and config changes from 8.1

In a perfect world I would run one script an this would work again for 8.3 next year.

Steps:

• Get all packages/extensions from PHP 8.1
• Change version to 8.2
• Install packages
• Copy config from /etc/php/8.1/{apache2,cli,fpm}/conf.d/*
• Get a diff with changes in php.ini files, maybe also fpm/pool.d/www.conf

I already g ...

+------------------------------+
| Host:                        |
|   enp2s0  : 192.168.1.50/24  |
|   wg0     : 172.31.0.6/24    |
|   uservlan: 172.30.0.6/24    |
| +------------------------+   |
| | NS1:                   |   |   
| |   eth0: 172.30.0.1/24  |   |    
| |                        |   |
| +------------------------+   |  
+------------------------------+

My host's routing table looks ...

With Active Directory I can manually create new users. Every time I do that, I use right click -> Copy on that user, then I modify some things like Name, Surname and SamAccountName. This process creates a new user with common properties with the copied user and also a home folder in our NAS (with path $NAS_path). I created a script to automate that and it works. The fundamental part of it is

$templa ...

Email send but not reached the receiver's mailbox, mainly for Google, Microsoft, and yahoo. Already checked blocklisted or not, but no blocked there. mail queue is mentioned below.

C6A02490A1 11809 Mon Jan 2 10:21:19 [email protected] (delivery temporarily suspended: connect to alt4.gmail-smtp-in.l.google.com[64.233.171.26]:25: Connection timed out) [email protected] ...

I already know the answer to my question, but I need to point to a reputable source to back up my claim, so I'm asking you to please describe what you think about the situation in simple terms.

My concrete question is not why the delivery fails, but what is the relation between [email protected] and [email protected]

This is the case:

When sending email to [email protected] after a few days you get back an ...

We have relocated our files to a new folder (from \\oldfolder\... to \\newfolder\...). I would like to know if on windows it is possible to redirect all the request to the new path (because we have a lot of word, excel, powerpoint, bat files that link to this folder).

PS I have no access to NAS/Server.

Edit: I have a solution with the hosts file of windows by adding:

"XX.XXX.XX.XXX oldfolder OLDFOLDER" ...

I'm not sure if this question is best suited for here, or StackOverflow. I'm trying to get autodiscover working for Windows 10 mail (just a standard IMAP/SMTP type - not Exchange). According to the documents, I need a /autodiscover/autodiscover.xml file on autodiscover.ultranerds.co.uk. So I have:

https://autodiscover.ultranerds.co.uk/autodiscover/autodiscover.xml

Which is:

<Autodiscover xmlns ...

I am trying to configure an iptables rule that finds a matching IP and deletes as many instances it finds in a one liner. I have the command and it works in a traditional shell environment with path variables.

This one is running without a shell terminal, its part of an openvpn client-disconnect script. I have a working solution using the following commands to fine --line-number, sort in rever ...

I have a network containing N managed switches. Each of them is configured as a DHCP server and should assign predefined IP addresses in a port-based manner:

• Switch 1 assigns 172.17.1.1 to the device at its port 1,
• Switch 2 assigns 172.17.2.1 to the device at its port 1,
• ...
• Switch N assigns 172.17.N.1 to the device at its port 1.

The devices attached to the ports 1 are configured to try PXE booting. ...

I am considering a setup with a primary DHCP server providing "IP data" (IP address, subnet mask, DNS, …), and a proxyDHCP server providing only PXE boot options. As it happens, my proxyDHCP server does not only provide the PXE options, but also the IP data (hence it's not really a proxyDHCP).

Using Wireshark, I now observe:

1. The client (PXE-ROM) sends an "extended" DHCPDISCOVER (asking for IP data an ...

I have the following scenario:

Server C and Server D can connect just fine to Server A and Server B , but Server B and Server A can not connect to Server C and Server D.

I found some people having the same problem, but not a fix for it.

This is my openvpn client config:

auth-nocache
ca /etc/openvpn/client/ca.crt
cert /etc/openvpn/client/client.crt
cipher AES-256-CBC
client
comp-lzo no
dev tun0
 ...

Recently I had an API Token that allowed me to access Terraform cloudflare_access_rule and cloudflare_list resources. That token expired, and to my surprise, it vanished from the UI, so I cannot see the configuration that was working before.

I managed to figure out that I need Account Firewall Access Rules:Edit for cloudflare_access_rule. But I still don't know what is needed for cloudflare_list. After  ...

Current system: CentOS 7.9, OpenLDAP 2.4

I would like to implement a "hook" into my LDAP operations so that when an ldapadd or ldapmodify operation takes place, a script is run in addition to the normal database operations. From my web searches, it appears that LDAP has a "socket overlay" mechanism that I've seen referred to as slapd-sock, slapo-sock, and back-sock. (Are all these the same thing, o ...

I'm running Jenkins on a RHEL 7.9 server, with OpenJDK 11.0.17. I recently updated Jenkins to version 2.361.4 from 2.346.3. After updating I went to the plugins manager page to see what plugins needed to be updated and I noticed the following:

If I click Check Now button nothing changes and the error message remains. I tried restarting services with no luck. The jenkins.log file in /var/log/jenkin ...

Request from appserver: https://webserver:443/web_1/

<VirtualHost *:443>
SSLProxyEngine On
ProxyRequests On
ProxyVia On
#ProxyPreserveHost On
ProxyRemote *  http://companyproxy:8080 
ProxyPass /web_1/ https://external.url.co.in/sc/request/
ProxyPassReverse /web_1/ https://external.url.co.in/sc/request/ 
</VirtualHost>

Above mentioned url https://external.url.co.in/sc/request/ is not ...

I've been writing a tool that can be added as a package for pfSense, and essentially the tool allows you to perform a DNS leak test on any of the interfaces on the firewall appliance.

One developer I spoke with said that DNS leak testing from a firewall is not valuable, and that the test should only be performed from the client side.

I disagree with this sentiment, because I feel that ensuring that  ...

I have setup a DNS server with centos 7 & powerDNS letest. All things are working fine. but I want to do a thing that will be share a A record for every domain which is no listed on this DNS server, that means when there are no cName or A record in this server.

As lke this DNS server: The DNS (162.214.41.44) server can answer any query with a default IP. See the example: Test1 on 162.214.41.4 ...

Under a 2012 AD, as usual, users cannot set date/time on their computers as this is managed by organization. For specific purposes, we need to let one of the users set date to past but options are greyed out. Through GPO we have granted permission to change date/time and timezone to that user. Policies are updated and seem correct as rsop.msc for that user shows that directive is correctly enabled... B ...

I installed Debian 11 from the iso onto a Hyper-V disk, it worked and booted fine. I wanted to use this as a parent disk for other installs, so I marked it as read-only and created a differencing disk. However, it can't find an OS on the differencing disk. This is the process I use for Windows without issue. Is there another step I'm missing? The original disk still works. I also get the same issue when ...

I'm trying to create an SSH tunnel using the -w flag. I have 3 devices, for the sake of this question, I'll call them cmp1, cmp2, and cmp3. cmp1 is the device I am using, cmp2 is the jump server, and cmp3 is the destination. This is the command I'm running:

ssh cmp2 -w cmp1[:cmp3]

when I run this I get the error "bad tun device". I'm sure it's just me misunderstanding how the command works, but I just d ...

Inherited system setup. Ubuntu using mutt and sendmail to send emails is currently using on-premise Exchange Sever that is scheduled to be phased out. I have to change it so that it uses a builtin mail-server on our firewall instead. How does one change this?

I have nginx proxy reverse on docker. On the host server I have service failover ip. I want to set each domain on nginx custom IP, because at the moment all domains are using the main IP of my server.

How can I do that?

Can someone please help with the same. Below is my code

This is probably an idiotic question, but I'll try and provide as much information as possible. If you need any extra details, then please let me know.

I have a Mac running Ventura and an AlmaLinux virtual machine running in VMWare Fusion Pro 13. AlmaLinux is version 9.1.

First I created my SSH keypair on macOS:

ssh-keygen -t ed25519 -f ~/.ssh/localdevonly

Then I made a config file in ~/.ssh/config ...

Searching for "administrative" in the manual of HaProxy results in very few matches, none of them much helpful.

I need to understand this because I had a server in maint state and ubuntu reloaded haproxy (maybe because of logrotate) and after it reloaded, the server I had in maint state was operational again.

I need a way to put a server in a maintenance-kind of state that persists between reloads of ha ...

The Shodan search tool, for some DNS servers, shows a Resolver name value for what it finds on UDP port 53. For example, 80.82.117.140 shows Resolver name: server402.xenserve.com and 103.81.27.118 reports Resolver name: smartway-h7.

I have searched the web as well as the man pages for dig and nslookup, as well as searching the output of dig @ip_of_dns_server, but I cannot figure out how to retrieve the ...

I have ubuntu and RHEL-8 machines in my work environment. I want to maintain one single local repo for updating packages. Is that possible or I need to maintain two local repos, one for ubuntu and another one for RHEL.

Thanks in Advance

I am on Ubuntu 22.04. I have a bit of a non-standard configuration, but I managed to have it running. However there is one thing that does not work: connecting Apache to php-fpm via socket. It works correctly when connecting via TCP/IP.

So this works:

# In pool.conf
listen = 127.0.0.1:11000

# In Apache vhost
ProxyPassMatch ^.*[.]php$ fcgi://127.0.0.1:11000/home/mypool/public

And this does not:

 ...

I have a .NET 6 Web API with SignalR. Everything works perfectly when connecting directly to the API - locally as well as via Endpoint IP:Port on AWS EKS. However, it's failing to connect specifically via the websocket transport method when I try to access it via the NGINX ingress URL (http://some.url.com). I get the following error:

Error: Failed to start the transport 'WebSockets': Error: WebSocket fail ...