SFTP using Powershell POSH-SSH

Install POSH-SSH module in PowerShell using command: REFERENCE

iex (New-Object Net.WebClient).DownloadString("https://gist.github.com/darkoperator/6152630/raw/c67de4f7cd780ba367cccbc2593f38d18ce6df89/instposhsshdev")

Example Output:

000581

Script:

Import-Module Posh-SSH #Load the Posh-SSH module

#Set the credentials
$Password = ConvertTo-SecureString 'Password' -AsPlainText -Force
$Credential = New-Object System.Management.Automation.PSCredential ('user', $Password)

#Set local file path, SFTP path, and the backup location path which I assume is an SMB path
$FilePath = "C:\Sumit\SFTP.txt"
$SftpPath = '/home/user/SFTP-TEST/'

#Set the IP of the SFTP server
$SftpIp = '10.10.10.10'

#Establish the SFTP connection
New-SFTPSession -ComputerName $SftpIp -Credential $Credential

#Upload the file to the SFTP path
Set-SFTPFile -SessionId 0 -LocalFile $FilePath -RemotePath $SftpPath

#Disconnect SFTP session
(Get-SFTPSession -SessionId 0).Disconnect()

Example script:

000583

Another Example for authentication using Private Key:

# Define Serve Name
$ComputerName = "10.10.10.10"

# Define UserName
$UserName = "user"

#Define the Private Key file path
$KeyFile = "C:\Users\sumit\MyPrivateKeyRSA\Key"
$nopasswd = new-object System.Security.SecureString

#Set Credetials to connect to server
$Credential = New-Object System.Management.Automation.PSCredential ($UserName, $nopasswd)

# Set local file path, SFTP path, and the backup location path which I assume is an SMB path
$FilePath = "C:\Sumit\SFTP1.txt"
$SftpPath = 'data/'

#Command to connect to the server for SFTP
#New-SSHSession -ComputerName $ComputerName -Credential $Crendtial -KeyFile $KeyFile

# Establish the SFTP connection
$SFTPSession = New-SFTPSession -ComputerName $ComputerName -Credential $Credential -KeyFile $KeyFile

# Upload the file to the SFTP path
Set-SFTPFile -SessionId $SFTPSession.SessionID -LocalFile $FilePath -RemotePath $SftpPath

# Disconnect SFTP session
$SFTPSession.Disconnect()

The User Profile Service Failed The Sign-In. User Profile Cannot Be Loaded – Server 2012

While working on server 2012, someone messed with profiles folder and so nobody was able to login on server. Whenever we try to login on server we got this error:
0001

The User Profile Service service failed the sign-in. User profile cannot be loaded.

The solution worked for us:

  1. Try to access the server from another server as file shre to C$ and freeup some space to see if its a problem of disk space. If no success then proceed to step 2.
  2. Go to Computer management on another server and connect to problematic server management from Actions menu. Check the event Logs and you must find an entry in Application logs as:

0000
Now, Make the local system account an owner of the v15 sub directory listed in the above error, and then apply to all child sub directories and files and then Enable inheritance on the V15 sub directory, and then delete all non inherited permissions on V15 and it’s child sub directories and files.

If the problem still remains same then continue the troubleshooting steps:

3. Delete all the profiles from REGEDIT ( HKLMSOFTWAREMicrosoftWindows NTCurrent VersionProfileList) EXCEPT for the system related ones.

Thats all. It should normally fix the problem. If not, then post your results in comment and we would like to assist you.

Thanks.

 

Check WMI Problem on SQL Cluster server

On SQL cluster, sometimes the fialover cluster manager stopped working because of WMI issue and we receive following errors:

0060

Or

0061

 

But we cannot say its defining the WMI problem.. We can check by running below command on each node of the Cluster.

Get-WmiObject -namespace "rootmscluster" -class MSCluster_Resource

Also, there is a script taken from the Technet  The script can be run on one of the nodes that will connect to all the other nodes and check to see if the namespace is present.  If it is, it will succeed.  If the namespace does not exist, it will fail.

Set-ExecutionPolicy unrestricted

cls

If(import-module failoverclusters)
{

Write-Host "Imported Cluster module"

}

Write-Host "Getting the cluster nodes..." -NoNewline
$nodes = Get-ClusterNode
Write-host "Found the below nodes "
Write-host " "
$nodes
Write-host ""
Write-host "Running the WMI query...."
Write-host " "
ForEach ($Node in $nodes)
{
Write-Host -NoNewline $node

if($Node.State -eq "Down")
{

Write-Host -ForegroundColor White    " : Node down skipping"
}

else
{

Try
{
#success

$result = (get-wmiobject -class "MSCluster_CLUSTER" -namespace "rootMSCluster" -authentication PacketPrivacy               -computername $Node -erroraction stop).__SERVER
Write-host -ForegroundColor Green      " : WMI query succeeded "
}
Catch
{

#Failure

Write-host -ForegroundColor Red -NoNewline  " : WMI Query failed "
Write-host  "//"$_.Exception.Message
}
}

}

In the below example, you can see that one of the nodes failed.

0062

 

To correct the problem, you would need to run the below from an administrative command prompt on the “failed” node(s).

cd c:windowssystem32wbem
mofcomp.exe cluswmi.mof

Once the Cluster WMI has been added back, you can successfully open Failover Cluster Management.  There is no restart of the machine or the Cluster Service needed.

If nothing works, Then proceed to restart the server is not a bad option.

DFS Replication issue on Primary and Read-Only nodes

Scenario:

When you have issue with DFS replication in Read-Only mode.

Action:

Following are the steps that we followed to fix the no replication issue.

First check if both the nodes Primary and read-only are healthy however in this scenario Primary server had a Dirty shutdown issue and we were getting event 2213 for Volume: X

Since we had to ensure that Primary server: XXX becomes primary we had to disable the membership of Secondary server.

Once the Primary server was recovered from the error state using the wmic command provided in the 2213 event itself then we enabled the membership of the Secondary server. Also created services time out registry to ensure that DFSR service gets more time when we do shutdown or restart of the server or the DFSR service.

https://social.technet.microsoft.com/Forums/windowsserver/en-US/ed52b8ca-f884-43a1-bcec-0ef24ea9ce63/servicespipetimeout-in-windows-2008-r2

Also we increased the value of WaittoKillservicestimeout registry.

Disabled offloads on the srevers using the below commands:

Disabled offload using commands on both the servers.

Pass these commands on both servers:

netsh int tcp set global chimney=disabled

netsh int tcp set global rss=disabled

netsh int ip set global taskoffload=disabled

netsh int tcp set global autotuninglevel=disabled

netsh int tcp set global congestionprovider=none

netsh int tcp set global ecncapability=disabled

netsh int tcp set global timestamps=disabled

netsh advf set allp state off

created performance registry keys as both the servers are 2008 R2

http://blogs.technet.com/b/askds/archive/2010/03/31/tuning-replication-performance-in-dfsr-especially-on-win2008-r2.aspx

Understanding DFSR Dirty (Unexpected) Shutdown Recovery: http://blogs.technet.com/b/filecab/archive/2012/07/23/understanding-dfsr-dirty-unexpected-shutdown-recovery.aspx

once we got state 4 on the Primary server then we enabled the secondary RO server membership.

Since the Primary server has lots of data and users are also making change at the same time so Secondary server will take lot of time to complete the sync.

Case# Windows 8 – permanent change compatibility of IE10 to IE9

Is it possible to uninstall IE10 from Windows 8 or to permanent change IE10 to Always run in IE9 compability mode?

Answer:

You can tweak your registry to force IE to open in IE9 mode. Run>regedit
Look for:

HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerMainFeatureControlFEATUR_BROWSER_EMULATION

Create a DWORD as iexplore.exe and give value 9999. (decimal value)
Restart your IE and it will open in IE9 mode

I checked this in my windows8 on IE10, its working fine for me.

Case# Exclude an Email account from Send/Receive in Outlook

How do I exclude an Email account from Send/Receive without deleting the account.  I could do it in earlier versions.

Answer:

To do this you have to go into the send/receive settings.

1. Click on tools
2. Send/Receive
3. Send/Receive Settings
4. Define Send/Receive Groups ( Ctrl + Alt + S ) Is the shortcut
5. Edit.
6. Select the e-mail account that you dont want outlook to check automatically.
7. Untick the “Include the selected account in this group box at the top left corner.
8. Then click ok. And close.

Case# Netlogon folders missing on second domain controller

Problem: After you install Active Directory Domain Services on a new full or read-only Windows Server 2008-based domain controller in an existing domain, the SYSVOL share is present. However, the NETLOGON share is not present on the new domain controller.

Solution:

To work around this issue, set the SysvolReady Flag registry value to “0” and then back to “1” in the registry. To do this, follow these steps:

  1. Click Start, click Run, type regedit, and then click OK.
  2. Locate the following subkey in Registry Editor:
    HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesNetlogonParameters
  3. In the details pane, right-click the SysvolReady flag, and then click Modify.
  4. In the Value data box, type 0, and then click OK.
  5. Again in the details pane, right-click the SysvolReady flag, and then click Modify.
  6. In the Value data box, type 1, and then click OK.

Note This will cause Netlogon to share out SYSVOL, and the scripts folder will be present.