Category Archives: Uncategorized

Airwave Root

AirWave 8.2.10.0 CentOS7 install:

Re-Enable Root, Reset Password, and delete GRUB

Yes, you need to boot from a Live Distro, or mount the disk with another VM. Knppoix/Ubuntu/Backtrack are what I typically have on hand. If you use Ubuntu make sure you use

“Try without Installing” / Try Ubuntu and don’t install over your AMP server

– Shutdown the AirWave VM

– Add CD ROM to VM, and mount ISO to CD ROM.

– Edit VM Options, Boot Options, Force BIOS setup

              You may have Boot from EFI option with 6.7U3

– Save 

– Boot the AirWave VM

– In the vm BIOS got right to the Boot option

– Hightlight the CD-ROM option, and ++ to move it above Hard Drive

– Exit, Save Changes, Yes

– If Ubuntu use “Try Ubuntu” Option

– open terminal:

 Remove Grub Password

You probably don’t need this but here if you need to get into the boot loader:

sudo mount /dev/sda2 /mnt

sudo nano /mnt/grub/grub.conf

– delete the line that starts with password

– save file

umount /mnt

Enable Root Login

While you’re here go ahead and re-enable root login.

Mount the / drive:

sudo mount /dev/mapper/vg_system-lv_root /mnt

Change passwd file:

sudo nano /mnt/etc/passwd

change the root from nologon to /bin/bash

root:x:0:0:bin:/bin:/sbin/nologin  to  root:x:0:0:root:/root:/bin/bash

Set/Reset Root/Console Password

– set the root password / reset the ampadmin password

cd /mnt

sudo chroot /mnt

passwd ampadmin

passwd root

exit

Unmount the drive and reboot

cd /

sudo umount /mnt

Reboot Ubuntu/Linux and edit the VM setting to disconnect the CDROM and boot into AirWave. 

Airwave Upgrade for New Centos

Basic Crib

the OVA file contains the new version if used to build a new instance.  A hardware AW upgrade would be similar in process, but we would have to build it from scratch (install the OS first, then use the .iso file for the AW install) on the same box after copying off the backup file.

To upgrade CentOS for Airwave the process in the Release Notes is correct:

  1. First, upgrade your live AW to 8.2.10.0.  This upgrades the databases so they can be restored later in the steps.
  2. Backup this live AW and copy off this backup file somewhere
    1. (CLI) Backup > Backup Now. 
      1. (GUI) To grab the “nightly” or “weekly” backups – if you’ve waited long enough since the upgrade to 8.2.10.0 so they can run since your upgrade – go to System > Backups
    2. Command line for SCP from AW (don’t use Solarwinds SFTP/SCP Server as it doesn’t like the encryption ciphers… OpenSSH in Linux works well) (This step is the most difficult in terms of getting the SCP server running, reachable, and the syntax correct):
      1. If I had a “awbackupfolder” folder on my Linux box on the Desktop for a user named “username”, I would reference the existing folder as relatively from my login directory: Desktop/awbackupfolder/  (the trailing “/” is optional here)
      2. The CLI SCP syntax cannot take the “~” tilde character so reference the folder in another way
      3. username@192.168.21.21:Desktop/awbackupfolder/
    3. Power off the AW server (we’ll need the new box to have the same IP because AW licenses are tied to it)
  3. Build a new AW server with the right storage, cpu, and memory requirements.  This is a good opportunity to increase hard disk size if you’ve been holding off.
    1. Building from OVA file will install the CentOS 7 version.
    2. To login to the newly deployed box, use the default: user = root and password = admin
    3. Use the same basic startup-script info as before, keeping the same IPs
    4. You will need a complex password.  Store it somewhere safe: this is your CLI and your WebUI password for “admin” login
  4. Once the box is up, from the CLI copy over the backup file via SCP.
    1. Files > Upload
      1. username@192.168.21.21:Desktop/awbackupfolder/ampbackup_date_time.tar.gz
  5. Now restore from the backup.
    1. Backup > Restore > AMP Restore, select the file.  Sometimes the numbers don’t match what you type – I think due to hidden files (.digest files).  Make sure it is the right one (it should be the only one here)
    2. VisualRF backup file is already contained in the AW Backup file, so there isn’t a need to do that restore separately.
  6. Log in to the system after it is up with the new password.  Perform basic checks that information is still flowing correctly.
  7. Delete the old virtual machine once everything is running fine.
  8. Have a cup of coffee.

OWA Blank Page Fix

OWA Fix
Run Script Fix
At flashing cursor, type the following commands

If you are using Exchange 2010

1. CD “C:\Program Files\Microsoft\Exchange Server\V14\Bin” and then press <ENTER>
2. Subdirectory will change to the above.
3. updatecas.ps1, then press <ENTER>

If you are using Exchange 2007

1. CD “C:\Program Files\Microsoft\Exchange Server\Bin” and then press <ENTER>
2. Subdirectory will change to the above
3. UpdateOwa.ps1, and then press <ENTER>

The script will perform a number of different commands, and then simply complete by dropping you back to the DOS prompt
Type EXIT to close the Shell window

Generate UC Certificate

When generating a UC Certificate via the snap in i get this from the MMC:

Error:  “Certificate Request Processor The request contains no certificate template information. 0x80094801 (-2146875391) Denied by Policy Module 0x80094801 the request does not contain a certificate template extension or the Certificate Template request attribute”

Microsoft’s resolution: Generate the request some other way. yeah ok

J’s solution: certreq -submit -attrib “CertificateTemplate: WebServer” WebServerCertReq.txt

Error installing CA Web Enrollment after migrating or restoring a CA

Error:

Certification Authority Web Enrollment: Configuration Failed Active Directory Certificate Services setup failed with the following error:

The parameter is incorrect. 0x80070057 (WIN32: 87)

Cause The likely issue is that the value of SetupStatus at HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration is configured to hexidecimal 6003, but should be configured to hexidecimal 6001.

This is because 6003 indicates that CA Web Enrollment is already installed and 6001 indicates that it is not yet installed.

Fix:

Resolution Modify the registry SetupStatus to read 6001 and then install CA Web Enrollment. You can modify that registry setting with the following certutil command from Windows PowerShell or a command prompt run as Administrator: certutil -setreg config\setupstatus 0x6001

 

Lync Customer gets disconnected while trying to park or hold calls

Description: Lync Customer gets disconnect while trying to park or hold

Why: The mediation server is configured to use RTCP. After the gateway receives a=sendonly or a=inactive in the SDP, it doesn’t send any media traffic (no RTCP). The server ends the connection with RTCP timer is not disabled and Mediation Server encountered a gateway media stream timeout.

Resolution:

Set the mediation server setting with this switch to disable RTCPActiveCalls and RTCPCallsOnHold: Set-CsTrunkConfiguration -RTCPActiveCalls $false -RTCPCallsOnHold $false -EnableSessionTimer $True

More Info

 

RTCPActiveCalls

This parameter determines whether RTCP packets are sent from the PSTN gateway, IP-PBX, or SBC at the service provider for active calls. An active call in this context is a call where media is allowed to flow in at least one direction. If RTCPActiveCalls is set to True, the Mediation Server or Lync Server client can terminate a call if it does not receive RTCP packets for a period exceeding 30 seconds. Note that disabling the checks for received RTCP media for active calls in Lync Server elements removes an important safeguard for detecting a dropped peer and should be done only if necessary. The default is True.

RTCPCallsOnHold

This parameter determines whether RTCP packets continue to be sent across the trunk for calls that have been placed on hold and no media packets are expected to flow in either direction. If Music on Hold is enabled at either the Lync Server client or the trunk, the call will be considered to be active and this property will be ignored. In these circumstances use the RTCPActiveCalls parameter. Note that disabling the checks for received RTCP media for active calls in Lync Server elements removes an important safeguard for detecting a dropped peer and should be done only if necessary. The default is True.

EnableSessionTimer

This parameter specifies whether the session timer is enabled. Session timers are used to determine whether a particular session is still active. Note that even if this parameter is set to False, session timers can be applicable if the remote connection has session timer enabled. In such a case, the Mediation Server will reply to session timer probes from the remote entity. The default is False.

Office 2010 Documents dont open

After some research, our problem seems to be a security setting in Office 2010. You can resolve it by the following steps:

1. Open word (or excel or powerpoint)

2. Select File

3. Select Options

4. select Trust center

5. select Trust center settings

6. select Protected view

7. Deselect all 3 options:

Enable protected view for files originating from the internet

Enbable protected view for files located in potentially unsafe locations

Enable protected view for outlook attachments

8. Repeat these steps for excel and or powerpoint