Friday, April 24, 2015

Manually Applying Updates to Trend IMSVA

Whenever Trend issues an update for these virtual machines the GUI interface isn't always able to apply the patches to the VM.

 This is where a bit of time and patience have to come in to get them updated. Below is how I get it done quickly without much headache to keep these VMs current.

1. Download the patch or hot fix to your computer (Ex:

2. Extract the file.  You'll see a couple of files extracted such as readme_en.txt and imsva_90_en_criticalpatch1560.tar.gz listed.

3.  Use a program to upload the files to the IMSVA virtual machine.  I choose to use WinSCP.  Upload the file to the /tmp folder.

4.  Login to the IMSVA using root privilege using Putty or another program via SSH.  NOTE: You have to use SCP on WinSCP as the protocol and the root account for the VM.  If not it won't connect with the standard "admin" and password the web browser login uses.

5.  Run the following commands:

   # tar -zxvf /tmp/imsva_90_en_criticalpatch15160.tar.gz -C /tmp
   # cd /tmp/imsva_90_en_criticalpatch15160
   # ./imssinst

6.  Allow the installation to run and when the install completes you'll see something similar to this:

   Installation is complete and related services are started.

Just a note when you are done you can delete both the *.tar.gz file and the folder it created off of the IMSVA virtual machine to save space.

Login to the web interface and verify with the "About" option the new build version of your IMSVA.

I have found that not every hot fix or patch raises the build level in the web interface but if you try to apply it again to the IMSVA you'll find out it has already been installed.

For those of you that are not great in the Linux/Unix world I hope these instructions help you keep your critical infrastructure system patched and up to date.

It's Friday afternoon now so I hope you all have a great weekend.

Thursday, April 23, 2015

Managing FSMO roles with PowerShell in Server 2012 R2

Powershell was released some time ago but it feels to me like it was just yesterday.  Part of that is because as time moves on Microsoft is adding more and more features.  With Windows Server 2012 R2 now in full effect and quite stable, it's clear PowerShell is taking over as the primary Windows scripting language of choice.

I am a firm believer that everything in Windows Server 2012 R2 that can be done in the GUI can also be done in PowerShell.  Case in point, I just upgraded one of our network Domain Controllers from Windows Server 2012 to Windows Server 2012 R2.

Since this server was a DC the first thing I needed to do before the upgrade was to ensure the server was not running any of the five FSMO roles on our network.  To do this I ran the following command in PS on the server.
netdom query FSMO
This will return which DC or DCs on your network contain the FSMO roles.  Since the server I was upgrading had none then I had none to move before the upgrade.  Once the upgrade had completed I now wanted to make sure the newest DC on the network had the roles while others were being upgraded.

To transfer all five roles you can simply run this command in PS:
Move-ADDirectoryServerOperationMasterRole -Identity “Target_DC_name” –OperationMasterRole 0,1,2,3,4
For reference the command line syntax replaces the role number for the full name of the FSMO role.
  • PDC Emulator = 0
  • RID Master = 1
  • Infrastructure Master = 2
  • Schema Master = 3
  • Domain Naming Master = 4
If you find yourself in a situation where the DC you want to transfer roles from is offline and cannot be brought back then you'll need to seize the roles.  Here's the command for that:
Move-ADDirectoryServerOperationMasterRole -Identity “Target_DC_name” –OperationMasterRole 0,1,2,3,4 - Force
 Finally to transfer or seize just one role you would run the exact same command and just use the number of the role you need to move.  These commands work on Server 2008 R2 and up or Windows 7 with the RSAT (Remote Server Administration Tools) installed.

I don't find myself moving FSMO roles often but when I need to this is much easier than using the GUI.  A great reference on PowerShell is Learn Windows PowerShell 3 in a Month of Lunches.  It's a great read and has tons of great PowerShell information.

Good luck.