I want to perform hardening in my Windows server 2016 which is hosted under a GCP account. Anyone has any Ansible or other scripts to perform CIS hardening level on the above spec?
Actually, I'm a newbie in this area and your recommendation would be grateful.
Awaiting expert commands?
Take a look at this Github posts, seems to be what you are looking for. HardeningKitty and Windows 10 Hardening. Even though the titel says windows 10, in the article there's a full list of "supported" systems including Windows Server 2016.
Related
Is it possible to deploy installers (for example Chrome browser .exe file) to install on Windows client computers across all office buildings using OpenLDAP? The OpenLDAP is installed on CentOS 8. If it is not possible can Active Directory Help Me?
Why would you use a directory service to store binary files? This might be possible but it's a terrible idea.
Active Directory is a broad suite of tools. AD Domain Services is basically the OpenLDAP equivalent https://social.technet.microsoft.com/wiki/contents/articles/699.active-directory-domain-services-ad-ds-overview.aspx and doesn't do what you want
AD GP (Group Policy) allows you to push software https://learn.microsoft.com/en-us/troubleshoot/windows-server/group-policy/use-group-policy-to-install-software but if you're only using it to push a Chrome installer, it's overkill to set it all up. It does work though!
You can also use SCCM (oh I guess it's called MECM now, haven't touched it in a hot minute).
After upgrading system to Windows 10 - os 1803 we are getting below issues while working with ClearCase 8.0.1.x/9.0.1.x
Unable to checkin/checkout.
Not able to create views.
Not able to add any file to source control.
The system hangs & crashes while performing any ClearCase operation.
There is no error message, but I have attached screenshot for reference.
Please let us know if there is any issue with the Windows 10 ver(1803), any security system enabled?
Or has ClearCase provided any fix?
We have tried 9.0.1.5 and issue still persists.
This is what we got from windows event log.
The computer has rebooted from a bugcheck.
The bugcheck was:
0x000000c2 (0x0000000000000004, 0x00000000535be990, 0x000000000004efd3, 0xfffff803e01848b1)
for most of them whoever has upgraded to windows 1803 ver :( for people who are still using ver1709 it is working perfectly fine
Then I would recommand contacting IBM support: only them can update their ClearCase 9/Windows 10 compatibility matrix and confirm if MVFS is supported on a more recent (1803) Windows 10 edition.
We also facing same problem and I have raised the case with IBM. Still not yet resolved. As IBM said there are some limitations to work ClearCase with windows 10 and windows 2016.
We tried all the options except Secure boot disable. If possible please do disable secure boot option in Windows 10 and try to checkin/checkout code from CleraCase
Note : It works for Snapshot views. That means the issue related to MVFS
I'm seconding #VonC's recommendation to open a ticket with IBM. When you do that, save a step and collect a clearbug2 and a kernel memory dump to send in as soon as the case is opened. It will save the turn-around time of us asking you for it. If the installed programs list doesn't list installed security software (DLP, Privilege management sw like Avecto, other endpoint security tools), please list those separately as well.
I would also love to know who # IBM told you there are "limitations" with Win10-1803.
There are a few issues with Windows 10 "version upgrades" breaking things, but they generally don't cause system crashes. Windows 10 upgrades are actually full OS installs that then (imperfectly) migrate application settings. Anything that uses custom network providers (ClearCase is one example) will find that the network providers will be broken or partially broken. Reinstalling is usually required. Again, that has not yet been reported as a cause of a BSOD.
If the upgrade/reinstall didn't fix view creation, please post a separate question on the view creation issue. There may be things we can do to the SMB 2 caches to allow view creation to work in cases where the view storage is not on the client host.
I noticed that the screen shot you posted is a Terminal Services disconnect screenshot. Does the issue only occur over a Terminal Services client connection or does it also happen on a local connection?
Are there any more cmdlets for Linux Azure Powershell apart from these?
Is there an official repository for Azure Powershell for Linux?
Is there a way for terminal to launch powershell on startup, not bash?
My google-fu is weak today :(
Your question is old but I'll still answer it. In hopes that you will receive my response via email, others seeking help in the future will see this, and to establish reputation on this damn site so I can actually start using it effectively.
Are there any more cmdlets for Linux Azure Powershell apart from these?
I assume you're specifically looking for Azure because of your title. AzureRM.Netcore has been released as of ~1 month ago. This supports 90% of the functionality you need to deploy to Azure.
https://www.powershellgallery.com/packages/AzureRM.Netcore/0.9.1
Unfortunately, I am finding that some older cmdlets are not supported yet though, since they are in an older module called Azure, which does not yet have a .NET Core implementation. See my recent post for more information on that.
Is there an official repository for Azure Powershell for Linux?
You can find all of that discussion on the official Powershell repository. It is cross-platform. Additionally Microsoft intends to build Powershell 6 on top of .NET Core 2.0 which was released yesterday. So it's likely that future development will heavily support Linux. This will be your best resource: https://github.com/Azure/azure-powershell
Is there a way for terminal to launch powershell on startup, not bash?
There is. But I wouldn't recommend doing that. That just sounds wrong. But I'm a pretentious Linux user with a bias towards Microsoft so take my opinion with a grain of salt. There are two methods you can use to accomplish that.
1) Most Linux distros come with a command called chsh just for that. Try chsh -s /usr/bin/powershell provide that is the location of your installed Powershell binary. If you are not sure where it is, you can use which to determine the installation location. which powershell. Do not execute this command with sudo as that will attempt to change the shell for your root user rather than your current user.
2) Alternatively you can manually edit the file /etc/passwd on Linux. Locate the line that contains your user account, go to the very end of it, and replace /bin/bash or whatever shell you use with /usr/bin/powershell, or the proper location of your Powershell Binary.
I'm a newbie in the open source world. Always used to paying i can't imagine we can get a whole OS for free!!! None the less from reputed companies like Oracle, i'm sold! OK so i got Oracle Linux server 6.1 installed and its running fine. I also checked all the boxes under webserver and MySQl during installation and i can see the Apache home page when i type localhost on the browser and i have started both the Apache & the MySql services.
My question: is there a GUI based admin tool like phpmyadmin to administer the MySql DB which is already installed? If not can someone point me to a step by step guide for the same. I have been trying since last 4 days and i just can't understand how to do this and what is required? I also saw some post saying something like Oracle Enterprise Manager is available through which we can administer the DB but i just can't find out how to get to the console? Is there a locahost url or something to get it to work?
Finally all i want to do is run Drupal on the Linux server and be able to administer the DB with phpmyadmin, if everything is complicated can i just install LAMP or XXAMP which will give me everything i need in one go. Although i feel since Apache & MySQL is already installed when i installed the OS not sure what will happen.
I know i'm all over the place, making the transition from Windows and am really new to this. Any help will be greatly appreciated.
Thanks,
KK
Oracle Enterprise Linux is based off of the Red Hat sources, just like CentOS.
Found a link on how to get it setup with CentOS 6, which should work for OEL.
I am running a webservice on server 2008 that needs access to a windows service and I need to give access to [the user that the web service is running as] via the command line.
(sorry if my wording is terrible, hopefully the brackets helped?).
I know there is a utility available with the windows 2000 resource kit (SUBINACL.exe), but is there one available in server 08 that doesn't require downloading a resource kit?
Thanks.
For everyone else wondering how to do this...
Microsoft offers a utility available for download called Subinacl.exe that allows you to do just this.
subinacl.exe /service <serviceName> /grant=Domain\AccountName=<AccessType>
For info on the different access types and on the utility in general...
subinacl.exe /help /full