#Unable detect Wireless after disjoined domain

 Issue:

Computer unable to detect any wireless after disjoined domain. Wireless network policies applied in GPO.

Solution:

To resolve the issue, delete the deny wireless filter from CMD.

netsh wlan delete filter denyall infrastructure

netsh wlan delete filter denyall adhoc

#Windows CA - the requested certificate is not supported by this ca

Certificate template does not show in certificate enrollment.

Error: The requested certificate template is not supported by this CA.

A valid certification authority (CA) configured to issue certificates based on this template cannot be located, or the CA does not support this operation, or the CA is not trusted.

Solution: Enable the certificate template.

1. Go to certification Authority.

2. Right click on certificate template, click on New, select Certificate Template to Issue.

3. Select your certificate template and click OK.

Gophish - Windows installation and configuration (phishing email)

Download link:

Gophish: Releases · gophish/gophish · GitHub

NSSM: NSSM - the Non-Sucking Service Manager

Copy and extract downloaded files

1. Extract the Gophish and NSSM files.

Edit the configuration

1. 

Use NSSM to install Gophish.exe as Windows services

1. Run CMD as administrator.

2. Navigate to nssm.exe. (nssm install gophish)

3. NSSM service installer will launch. 

4. From Application Path, navigate and select Gophish.exe.

5. Select install service.

6. From Windows services, start the gophish service.

#VMware vCenter - log storage disk space full

Method 1: Increase disk space

1. Increase VCSA's virtual disk size.

2. Run the following command in VCSA. (Alt + F1 to enter shell)

For VCSA ver. 6.0

vpxd_servicecfg storage lvm autogrow

For VCSA ver. 6.5 or 6.7

/usr/lib/applmgmt/support/scripts/autogrow.sh

Method 2: Clean up disk space

1. To list file system disk space:

To list all disk space: df -h

or

To list disk exceed 75%: df -h | awk '0+$5 >=75 {print}'

2. Remove the catalina*log and localhost_access* from following paths.

/storage/log/vmware/sso/tomcat

/storage/log/vmware/eam/web

/storage/log/vmware/lookupsvc/tomcat    (for ver 7.0 only)

To list:

ls -lha catalina*log

ls -lha localhost_access*

To remove:

rm catalina*log

rm localhost_access*

Using OPEN SSL to convert a certificate from the .PFX format to the .PEM format

1.  From command prompt run following command:

openssl pkcs12 -in <import .pfx cert from where> -out <export .pem file to where> -nodes

openssl pkcs12 -in c:\openssl\SSLcert.pfx -out c:\openssl\servercert.pem -nodes

2. Enter SSL cert pricate key password.

3. If MAC verified OK show, mean .pem cert successful exported. 

#Install OPEN SSL for Windows

Download source: https://sourceforge.net/projects/openssl/files/openssl-1.0.2j-fips-x86_64/

1. After download, extract the zip file. (example: c:\)

2. Go to system properties (or from RUN enter sysdm.cpl)

3. Go to Advanced > Environment Variables.

4. In Environment Variables, select Path, click Edit.

5. In Edit environment variable, select New and enter the extracted directory.

    (example: c:\OpenSSL\bin). Click OK.

6. In Environment Variables, click New.

7. Enter value below:

Variable name: OPENSSL_CONF

Variable value: c:\OpenSSL\bin\openssl.cnf

8. Restart computer.

9. Run Open SSL in cmd. Type openssl version

 

Fortigate - Block all PING/ICMP and allow PING/ICMP from a specific IP only

Step 1:

Create new addresses or addresses group. (In this example is Trusted PING)

Step 2:

Configure local-in-policy

Edit 1 is to allow ping only for specific IP in addresses group.

Edit 2 is to deny all IP addresses.

From CLI

# config firewall local-in-policy

# edit 1

# set intf "wan1"

# set srcaddr "Trusted PING"

# set dstaddr "all"

# set action "accept"

# set service "ALL_ICMP"

# set schedule "always"

# next

# edit 2

# set intf "wan1"

# set srcaddr "all"

# set dstaddr "all"

# set service "ALL_ICMP"

# set schedule "always"

# next

# end

SAMPLE: