Get-ADDomain -Identity "DC=site,DC=ru" -Server "10.10.10.2" -Credential "site\userlogin"
[AD] проверить авторизационный данные в домене
by CTAPOMAK by CTAPOMAK [Ansible] vault ERROR! Unexpected Exception: Odd-length string
by CTAPOMAK ansible-vault view environments/prod/credentials.yml
ERROR! Unexpected Exception: Odd-length string
Решение: В файле неправильный перевод строки. Проверяем это:
file environments/prod/credentials.yml
credentials.yml : ASCII text, with CRLF line terminators
Должно быть:
credentials.yml : ASCII text
Пересохраняем в любом редакторе или
find . -type f -exec dos2unix {} \;
[Ansible] VAULT If this is not a script, remove the executable bit from the file.
by CTAPOMAK ansible-vault view environments/prod/credentials.yml
ERROR! Problem running vault password script / c y g d r i v e / c / g i t / qqqq/ v a u l t . k e y ([Errno 8] Exec format error). If this is not a script, remove the executable bit from the file.
Решение:
chmod 0600 vault.key
[Ansible] приоритет переменных
by CTAPOMAK role defaults
inventory vars
inventory group_vars
inventory host_vars
playbook group_vars
playbook host_vars
host facts
play vars
play vars_prompt
play vars_files
registered vars
set_facts
role and include vars
block vars (only for tasks in block)
task vars (only for the task)
extra vars (always win precedence)
[Ansible] service Interactive authentication required.
by CTAPOMAK При выполнении плейбука с
|
1 2 3 4 5 |
- name: Старт сервиса become: true service: name: httpd state: started |
Получаем ошибку: Failed to restart httpd.service: Interactive authentication required
Continue reading "[Ansible] service Interactive authentication required."
[ELK] filebeat json
by CTAPOMAK vim /etc/filebeat/filebeat.yml
|
1 2 3 4 5 6 7 8 9 10 11 12 |
- input_type: log paths: - /var/www/site.ru/htdocs/logs/logs.log document_type: elk-json json: # message_key: datetime keys_under_root: true json.add_error_key: true json.overwrite_keys: false # fields: # app: "site.ru - json" |
[ELK] filebeat multiline Tomcat
by CTAPOMAK vim /etc/filebeat/filebeat.yml
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 |
#================= Tomcat ================ - input_type: log paths: - /opt/tomcat/logs/catalina.*.log - /opt/tomcat/logs/localhost.*.log document_type: elk-tomcat fields_under_root: true fields.app: "tomcat" multiline: pattern: ^(\w{1,5} \d{1,2}, \d{4} \d{1,2}:\d{1,2}:\d{1,2} \w{1,2}) negate: true match: after - input_type: log paths: - /opt/tomcat/logs/localhost_access_log.*.txt document_type: elk-tomcat fields_under_root: true fields.app: "tomcat" multiline: pattern: (\d{1,3}\.\d{1,3}.\d{1,3}.\d{1,3} - - \[\d{1,2}\/\w{1,3}\/\d{1,4}:\d{1,2}:\d{1,2}:\d{1,2} \+\d) negate: true match: after #=============== Tomcat END ============== |
[PowerShell] Выполнение команд PowerShell из-под другого пользователя
by CTAPOMAK Start-Process powershell.exe -Credential "domain\user"
[AD] найти группу с помощью powershell
by CTAPOMAK get-adobject -Filter 'ObjectClass -eq "group"' | Select-String "GroupName"
--пользака
get-adobject -Filter 'ObjectClass -eq "user"' | Select-String "userName"
AD администрирование в PowerShell
by CTAPOMAK - Open Control Panel -> Programs and Features -> Turn On/Off Windows Features
- Find "Remote Server Administration Tools" and expand it
- Find "Role Administration Tools" and expand it
- Find "AD DS And AD LDS Tools" and expand it
- Check the box next to "Active Directory Module For Windows PowerShell".
- Click OK and allow Windows to install the feature
