Create Certificate Request in IIS

Problem

You need to create a certificate request to get a get a certificate from Microsoft Active Directory Certificate Services.

Assumptions

  1. Running on Windows
  2. Using IIS

Solution

    1. Go to the server where the certificate will be used
    2. Open IIS
    3. Click Server Certificates

IIS_Server_Certificates_2018-06-29_10-48-42

    1. Click Create Server Request

IIS_Create_Certificate_Request_2018-06-29_10-56-49

  1.  Fill out the information
  2. The Common Name(CN) must match the url or host name to work.
  3. Click Next

IIS_Certificate_Request_Distinguished_Name_Properties_2018-06-29_11-02-25

  1. Choose your Cryptographic Service Provider
  2. Choose your bit length
  3. Click Next

Request_Certificate_Cryptographic_Service_Provider_2018-06-29_11-10-27

  1. Choose the filename where the request should be stored
  2. Click Finish

Request_Certificate_Filename_2018-06-29_13-22-57

Now you have your certificate request ready to upload to Microsoft Active Directory Certificate Services.

Advertisements

SQL Server Check Backups

Problem

It’s easy to assume that backups are happening on you SQL Server DBs. But assuming can be dangerous! It’s nice to know backups are created and when the last one was. Yet asking your DBA’s when the most recent backup was taken isn’t the most engaging question. That conversation would be better spent talking about how your teams can work together.

Solution

  1. Open SQL Server Management Studio
  2. Connect to your SQL Server
  3. Click View
  4. Click Object Explorer Details
  5. SQL_Server_Management_Studio_Object_Explorer_Details_2018-10-06_22-54-09
  6. In the Object Explorer, Select the database you’re interested in
  7. On the right after you scroll, you’ll see a line stating Last Backup Date
  8. SQL_Server_Management_Studio_Last_Backup_Date_2018-10-06_22-56-38
  9. Now you can check the Last Backup Date on your own!

Moving Jenkins Home

Problem

Jenkins and building software tends to generate a lot of files. If you used the default install directory for windows, those files went to C:\Program Files (x86)\Jenkins . This is all well and good until the C drive starts running out of space. We can move the Jenkins HOME directory.

Solution

          1. Backup using ThinBackup
          2. Stop Jenkins service
          3. Stop_Jenkins_Service_2018-10-05_15-10-19
          4. Create new directory (e.g. E:\Jenkins)
          5. Copy existing folder(by default C:\Program Files (x86)\Jenkins) to the new directory
          6. Diff the original and new to see if it worked
          7. Uninstall Jenkins service using jenkins.exe uninstall
          8. Open System Properties -> Advanced Tab
          9. System_Properties_Environment_Variables_2018-10-05_15-14-53
          10. Click Environment Variables...
          11. set JENKINS_HOME environment variable system wide
          12. Set_Jenkins_Home_2018-10-05_15-13-08
          13. Log out
          14. Log back in
          15. Verify that the environment variable was set with set | find "JENKINS_HOME"
          16. Confirming_Jenkins_HOME_Environment_Variable_2018-10-07_2-18-40
          17. Re-install the Jenkins windows service with jenkins.exe install
          18. Start the Jenkins service

     

References

  1. StackOverflow: Relocating JENKINS_HOME on Windows when installed as service

Jenkins Run NUnit Tests

Problem

You’ve worked hard creating unit tests using NUnit. That’s a great start. This doesn’t mean you’re finished though.

  1. How do you know that the tests are being run?

Solution

Running the tests

Jenkins makes this part easy. There are two different types of builds that you can choose from. I’ll share how to do run unit tests with NUnit for both types.

Below you can see how it is configured in a FreeStyle Project. I am assuming the build will run on a Windows node or master.

Nunit_Test_Run_Freestyle_Build_2018-06-06_13-05-55

Below you can see how it is configured in a Pipeline Project. I am assuming the build will run on a Windows node or master.

 

Aside: I used the NUnit.ConsoleRunner package explicitly rather than depending on the Jenkins node to have this dependency. If the version is updated, this will break. However it makes it easier to scale Jenkins nodes horizontally.

Aside: I highly recommend using the NUnit Test Adapter if you are using .NET to simplify your setup.

 

RabbitMQ: Add Windows Node

Purpose

Install RabbitMQ on a windows server as a node within a cluster

Prerequisites

  1. Follow my Install Guide or another install guide
  2. Have a working RabbitMQ cluster

Instructions

  1. Stop the node if it is running with the command rabbitmq-service stop
  2. Copy the erlang cookie from the cluster to your downloads folder
  3. Run the following as Administrator
    1. copy /Y %userprofile%\Downloads\.erlang.cookie %userprofile%
    2. copy /Y %userprofile%\Downloads\.erlang.cookie %WINDIR%
    3. copy /Y %userprofile%\Downloads\.erlang.cookie %WINDIR%\System32\config\systemprofile
    4. I personally do all 3 just to be safe, but I believe it uses the home directory
    5. If you get Access Denied, try deleting the existing file manually
  4. Run these commands from the RabbitMQ Command prompt
    1. This removes the version from the path
    2. Hopefully helps them be useful in the future
  5. Start the node with the command rabbitmq-service start
  6. Stop the app to join the cluster rabbitmqctl stop_app
    1. You will see Stopping rabbit application on node rabbit@machinename
  7. rabbitmqctl join_cluster rabbit@RABBIT01
    1. This is the cluster you have already created
    2. If the cluster name is rabbit@RABBIT01.my.domain use only rabbit@RABBIT01
    3. The cluster name rabbit@RABBIT01 value will be found in the upper right in the web management page
  8. Start the applciation rabbitmqctl start_app
  9. Enable the web management plugin rabbitmq-plugins enable rabbitmq_management

Resources

  1. Clustering RabbitMQ on Windows
  2. How to determine if a port is open on a Windows server?
  3. In Windows, using the command line, how do you check if a remote port is open?
  4. RabbitMQ Erlang Version Requirements
  5. https://www.rabbitmq.com/management.html

RabbitMQ: Install Guide

    1. Set the environment variable RABBITMQ_BASE= to the desired directory. By default it goes to C:\Users\{user}\AppData\Roaming\RabbitMQ for the user that installed it not the current user.
    2. Set_RabbitMQ_Base_2018-08-27_13-14-40
    3. Log out and log back in.
      1. This makes sure the environment variable above is set
    4. Check it by running set | find "RABBITMQ_BASE" in the command prompt
    5. RabbitMQ_Set_Base_Dir_2018-08-09_14-31-09
    6. Download the latest RabbitMQ binary. You can use any version as long as it is within the same feature version as the rest of the cluster/nodes.
    7. Install the downloaded version
    8. You may have to install Erlang as part of the process. Make sure that you install the correct version for your RabbitMQ version.
    9. Follow the prompts if necessary
    10. Click Start
    11. Type cmd
    12. Select the RabbitMQ Command Prompt
    13. Type rabbitmqctl environment
    14. Click Enter
    15. This will show you all the config files, log files and other RabbitMQ files reside within the base directory above

References

  1. https://www.rabbitmq.com/install-windows-manual.html
  2. https://stackoverflow.com/a/5327531/299327
  3. https://groups.google.com/forum/#!topic/rabbitmq-users/vDRdzJn6sLg
  4. https://github.com/rabbitmq/rabbitmq-server/issues/626#issuecomment-359933219

SSIS Load Dll without GAC

Problem

SSIS isn’t always the easiest tool to debug or troubleshoot. It can be especially challenging to use script tasks and components due to their limited support of C#. By limited support I mean:

  1. Not being able to leverage NuGet
  2. Generating and Tearing down projects on the fly
  3. Limited to using the version of Visual Studio(VS) that aligns with the SQL Server version running the SSIS package

With this in mind, it can be very helpful to relegate all the additional work to a dll and leverage that over the a blend of SSIS and script tasks/components.

The standard recommendation is to load dll’s into the GAC. I personally don’t like this due to the fact that it’s shared at the machine level. This means you’re deployment could ruin my packages by upgrading/downgrading one of my dll’s. I’ve found a way to load assemblies not in the GAC online.

I have a few contentions with this solution

  1. Every dll must be explicitly added
  2. There is no logging
    • file not found
    • dll not included
    • permissions
    • etc.

I’d like to propose my own solution below.

Solution

This solution provides some notable benefits.

  1. You don’t need to explicitly state every dll
  2. You can setup a common location for the dll’s
  3. You can pass the dll’s in as a readonly parameter
  4. Any loaded or missing dll will get logged

Unfortunately this will only work for script tasks and not script components.

PCF Provision from AD Group

Problem

Provisioning environments and access isn’t something that I enjoy, but it’s really important. People may not be able to work or be as productive as they could be without their environments. People join and leave teams all the time.

Solution

This script pulls all the users from a given AD Group. It grants them OrgAuditor access to the PCF Org.

Pre-requisites

  1. PCF CLI
  2. PowerShell Active Directory module

Splunk HEC Gotcha

Problem

You’ve got Splunk installed and configured. You setup an HTTP Event Collector(HEC) and its appropriate index(es). You try to use the following to post to it,

but get the following response.

Solution

I was able to correct the issue by switching off the Enable indexer acknowledgement for that HTTP Event Collector Token.

  1. Go to Settings -> Data -> Data Inputs
  2. Splunk_HEC_Gotcha_Settings
  3. Click HTTP Event Collector
  4. Splunk_HEC_Gotcha_HTTP_Event_Collector
  5. Find the correct HTTP Event Collector
  6. Splunk_HEC_Gotcha_HTTP_Event_Collector_Edit
  7. Click Edit
  8. HEC_Enable_Indexer_Acknowledgement
  9. Uncheck Enable indexer acknowledgmenet
  10. Click Save
  11. Then you’ll get the below successful response

You can read more about this issue on Splunk Answers.

Configuring NuGet.Server

I wrote in a previous article about how to setup NuGet.Server for yourself. Here are some additions to the web.config file that I would recommend.

  1. requireApiKey makes sure that only trusted uploaders can contribute packages. While your private instance may be self-hosted and only internal, it’s still a best practice to restrict who can contribute packages.
  2. apiKey simply allows you to define the desired key that will be shared with NuGet package contributors.
  3. allowOverrideExistingPackageOnPush​ prevents an updated package overwriting an existing package. I am very against this, because it breaks the contract with the consumer. As the consumer, I should be able to count on the fact that once a NuGet package is published as a particular version, it won’t change.