Wednesday, June 30, 2021

How to fix crontab scripts that won't run on Ubuntu 20.04

I've setup what I like to call WOLS (Wake on Lan & Shutdown) servers for a while now; 10 years to be exact.  They are very handy and require little to no system resources; I usually set them up on Hyper-V systems but have also done it on KVM and VMware.  It is very handy if your wanting to schedule systems for auto on and off without buying a commercial server or software.  You also don't have to have it connected to your domain if you don't want it to be.  

I setup a new server on Ubuntu 20.04 for managing the WOL/Shutdown for a remote location and set it up just as I have done in the past; but something was wrong.  It wasn't working.  The system was not turning on or shutting off the systems it was suppose to be.

For the purposes of this post lets say we are going to run all of our scripts out of /scripts/cron

You can use crontab -e or sudo crontab -e to edit cron, I prefer to modify the /etc/crontab file myself.  So when I build my WOLS server and modify the crontab file it usually looks something like this.

After I install the the required tools, WOL, samba tools, etc I white list the, WOL ports, SAMBA and remote desktop/Remote Access ports access though the firewall on both the client and the server. You can also disable the firewalls, though I don't recommend that.

The Startup Script is a shell script called startup.sh and it looks like this


I have found that if I don't put it in the arp cache I tend to have problems if the system has been off for a while.

sudo arp -i -s $IPADDRESS $MACADDRESS #COMMENT

example:

sudo arp -i -s $192.168.0.6 #FF:CC:DD:33:22:00

Then send the WOL Packets

sudo -i -u $SERVERUSER -p $PASSWORD wakeonlan -i $IPADDRESS $MACADDRESS #COMMENT

example:

sudo -i -u serveradm -p password wakeonlan -i 192.168.0.6 #FF:CC:DD:33:22:00

so you use the server usename and password to run the wakeonlan to the ipaddress with the specified mac address. The same is true with the shutdown script but you are using net rpc and you put in the windows client username and password behind the -U in quotes with a % separating the username and password as shown below.

The shutdown script is also a shell script called shutdown.sh and looks like this


sudo -i -u $SERVERUSER -p $PASSWORD net rpc shutdown -I $ipaddress -U "windowsclientusername%password" -t -1 -f 
sudo -i -u serveradm -p password net rpc shutdown -I 192.168.0.6 -U "joedirt%mopboy5" -t 1 -f
With that done, then adding execute permissions to the files and call it a day, as all the scripts worked when I manually executed them. Unfortunately that wasn't the case.  Something changed in Ubuntu 16 that caused files with extensions to not execute.

After troubleshooting and doing some Googling, I found this post with a similar issue to what I was having.  When I did a ls you can see the scripts in the folder.


With my files definitely having execute permission I tried the run-part command 
run-part --test /scripts/cron 
and got the following result


Nothing.  Absolutely nothing listed in the test.  So I did as Pete Fretag suggested and copied my startup.sh and shutdown.sh with out an extension.


Now the startup and shutdown scripts show up in the test.


When I run the scripts using sudo run-part /scripts/cron they also execute where they did not before.

Tuesday, June 29, 2021

How to add and remove persistent routes in windows

So at one of my organizations satellite locations we changed the VPN connection for about a half dozen clients, which were accessible from my workstation for remote access/system administration.  This changed caused this access to break.

So to update and fix my access for this systems I had to reset my routing for the satellite networks.  I setup this access using persistent routes (as I wanted to keep access after a reboot).

I used route print to verify the connections that need to be purged before I add the new ones.

To do this user powershell or the cmd prompt and type the following 

route print

and press enter

You will see your Interface List then Active routes then Persistent routes.

Interface List

Active Routes

Persistent Routes

The persistent route I want to remove is the third line shown below, we will say the network is 192.168.1.0


So to remove the route In Powershell or CMD Prompt I type 

route delete 192.168.1.0


Then to add the new route there are few things I need to know before I add the new persistent route.  I will need to know my network and gateway, that the firewall has a VPN connection with pass rules for the network and the VPN's network.  So for this post let's say the firewall is configured properly but is not routing traffic automatically.  For this post lets say that my IP is 192.168.20.87 and my gateway is 192.168.20.1.  The VPN network I want to connect to is 192.168.8.1

So I type the following in the same prompt

route -p ADD 192.168.8.0 MASK 255.255.255.0 192.168.20.1


The -p will make the connection stay after a reboot, if you don't want it to stay remove the -p and you should be able to access the other network from the VPN.


Source 

https://www.howtogeek.com/howto/windows/adding-a-tcpip-route-to-the-windows-routing-table/

Modifying Network SMB (Samba) Passwords

I had an issue with papercut where a SMB connection path was saved with the wrong username and password allowing higher then wanted privileges.  To change the user to one with lower privileges you can use the Manage Network Passwords from control panel.

 Type Manage Passwords in the windows 10 search



When open select the credential you want to modify.  In my case the second one highlighted in green.  Hit the dropdown to edit the settings.



When you hit edit, you will get a dialog with the name/ip of the server and then you can update the username/password as shown below.


Then hit save.  Once you do that if you put your $username and $password in properly, and try to access the network resource over SMB in explorer \\$server\ you should have full access (according to the user permissions that are granted to you by the server) as shown below




Photoshop ippcvm7.dll Error on Hyper-V

Downsizing systems can be hard but to make space virtualization is a great way to go, however sometimes you encounter issues when virtualizi...