How Do You Find You out the AWS Instance ID from inside the OS of a Server?

Problem scenario
You are using AWS via web browser while using multiple Putty sessions are you logged into several AWS servers (aka AWS instances).  You can find the host names and internal IP addresses of the servers when you are logged into via the command line of the OS itself.  From the AWS console you can find external IP addresses and external FQDNs.  You do not know how to correlate these instances (as the information readily available in Putty at the OS level is independent of the information available via the AWS console).  You want to terminate one instance.  You want to know which instance ID (in the AWS console) corresponds to which OS you are using.  How do you find out which server is which?  

Solution
This solution does not require you to install the wget utility.  From a command prompt in Linux, run this command:

curl http://169.254.169.254/latest/meta-data/instance-id

The result of the above command will provide the instance ID.  This is readily available in the AWS console. Yes, it looks unusual to use a specific IP address in a URL. We believe the command should always work on an EC-2 instance -- regardless of your Security Group.

How Do You Fix the Ansible Problem “Failed to connect to the host via ssh: percent_expand: unknown key %C\r\n”, “unreachable”: true”?

Problem scenario 
When you run an Ansible playbook on the control node that is not running on a Mac (e.g., you are running Ansible on RedHat, Ubuntu or SUSE), you get this error: "Failed to connect to the host via ssh: percent_expand: unknown key %C\r\n", "unreachable": true".   How do you debug your playbook to get it to run?

Root cause
​The problem may not be in the playbook.   It may be in the ansible.cfg file if the ansible.cfg file was created for Ansible to work on a Mac OS. 

Solution
Find the ansible.cfg file.  Back it up.  Comment out the stanza with "ansible-ssh-%%C". This stanza is appropriate for Mac OS deployments of Ansible. 

How Do You View Files on a Flash Drive with Your Android Phone or Tablet Computer?

Problem scenario
You attached a USB stick to your Android tablet with a cable like this (male micro USB plug to female USB port).  The USB drive has files on it that you want to view.  How do you view these files?

Solution
1.  In Android, go to Settings -> Storage -> Mount USB Storage.

2.  Next, go to Click the Google Apps Icon (six squares in a circle).  It should take you to Apps/Widgets.  Go to File Manager -> All files -> USB Storage.  

3.  Now you can browse to the files you wish.

How Do You Install Sikulix on a Windows Server?

Problem scenario
You want to leverage the power of image recognition and automation without an expensive license for software that has no API exposed.  In other words you want a free version of Robotic Process Automation software on your Windows server.   What do you do?

Solution
Prerequisites
Install Java version 8.  If you do not know how, see this posting.  We tested these directions on a Windows 2016 Server with 2 vCPUs and 4 GB of RAM.  The performance was fine.

Procedures
1.a.  If you are not using I.E., go to step #2.  If you have the recommended I.E. browser settings, you will need to do the following substeps.

1.b. Open I.E.  If you are prompted, you may want to accept the recommended settings.

1.c.  Go to the gear icon in the upper righthand corner.  Go to "Internet Options."

1.d.  Go to Security tab and then click on "Trusted Sites."

1.e.  Click on the "Sites" button.

1.f.  Enter this text with no quotes "https://launchpadlibrarian.net" and click "Add".  

2.  Download this file:  https://launchpad.net/sikuli/sikulix/1.1.1/+download/sikulixsetup-1.1.1.jar

3.  Create a folder called "Sikulix" in C:\.

4.  Transfer the downloaded .jar file to c:\Sikulix\

5.  Double click the .jar file

6.  Click "Yes" to the first window.

7.  Unless you have a reason to change the default settings, check the box for "Pack1".

8.  Click "Setup Now."

9.  To the question about "The following file(s) will be downloaded..." click "Yes".

10.  To the prompt about Jython version2 2.7.0, choose "Yes".

11.  To the last window that says "Have fun!" click "Ok".

12.  Now to open Sikulix, double click the "runsikulix" (Windows Command Script) in C:\Sikulix.  (You may want to remove the Trusted Site you added in I.E. if you did step #1.)

Remember
Sikulix is straight-forward and intuitive to use after it has been installed. If you use a web browser with your Skiluix automated sequences, be aware of one thing.  Some web browsers have an "auto-fill" or suggestion feature.  The browser may dynamically and quickly display text  that could interfere with picture recognition.  You may want to add a step in Sikulix to click into another field that is not affected or obfuscated by the suggested text to make such text disappear for the next step in the Sikulix program to execute without a problem.  This dropping-down text will usually disappear if an irrelevant text field is clicked on.

If you want step-by-step directions on how to use Sikulix as an example for the first time, see this posting.

In Windows How Do You Search the Contents of Files in a Folder and Recursively the Files in the Folder’s Subdirectories for a Specific Pattern?

Problem scenario
You want to find an .html, .txt, or .rtf file that has the pattern "cool" in it.  You do not need to search for .doc or .docx files. How do you write a PowerShell command to search the contents of files and subdirectories of a given folder to see if they have a text string that matches the word "cool"?

Solution
Run these two commands:

cd c:\to\the\folder\you\want\

Get-ChildItem -recurse | Select-String -pattern "cool"

How Do You Install npm on a CentOS/RedHat/Fedora Server?

Problem scenario
You enter the command "npm -v" but get an error about the command not being found or recognized.  How do you install npm on a RedHat derivative Linux server?

Solution
(You may want to see these directions instead if you want to use a script that will work on any distribution of Linux (including RHEL, Debian or SUSE distributions).  These other directions may also be of interest to you.) 

Run these two commands:

sudo su -
yum -y install npm nodejs epel-release

How Do You Install Puppet Master on a Linux SUSE Server (an AWS Instance)?

Problem scenario
You want to install Puppet Master on SUSE 12.x running in AWS.  You only have five minutes to complete this task.  How do you install Puppet Master immediately?

Solution
1.  Create this file: /etc/zypp/repos.d/puppet.repo

2.  The content of the above file should be the following:

[systemsmanagement_puppet]
name=A network tool for managing many disparate systems (SLE_12)
type=rpm-md
baseurl=http://download.opensuse.org/repositories/systemsmanagement:/puppet/SLE_12/
gpgcheck=1
gpgkey=http://download.opensuse.org/repositories/systemsmanagement:/puppet/SLE_12/repodata/rep0md.xml.key
enabled=1

3. As root, run this command: zypper install puppetmaster

You'll get this prompt:  "Do you want to reject the key, trust temporarily, or trust always? [r/t/a/? shows all options] (r): "

Respond with "t" and press "Enter."

You'll then get this prompt:  
"Overall download size: 4.9 MiB. Already cached: 0 B. After the operation, additional 9.8 MiB will be used."

Respond with "y" and press "Enter."

4.  Start it like this:  puppet master start

How Do You Install Vagrant on an AWS Instance of SUSE?

Problem scenario
You are using a Linux SUSE server in AWS.  You want to install Vagrant. What do you do?

Solution
Run these commands:
cd /tmp
sudo curl https://releases.hashicorp.com/vagrant/1.8.1/vagrant_1.8.1_x86_64.rpm > vagrant_1.8.1_x86_64.rpm 
sudo zypper -n install vagrant_1.8.1_x86_64.rpm
To verify the installation, run this command: vagrant version

How Do You Use JEA (Just Enough Administration) to Give Users the Rights to Perform Select PowerShell Tasks?

Problem scenario
You want to empower non-administrator users to perform a subset of Windows administrator-level functions.  Specifically you want to give a user with limited privileges the ability to check the local software firewall rules.  This user needs to validate if they are configured appropriately.  This user account will otherwise have limited privileges.  You want to adhere to the recommended practice of least privileges.  You want to use JEA (Just Enough Administration) to enhance the user's privileges.  What do you do to give a limited scope of privileges to a user without elevating them to Windows server administrators?

Solution

Prerequisuites
This assumes you have a local user with limited privileges including the ability to log in remotely.  If you do not know how to create a local user with limited privileges see this posting.  If you do not know how to give the user access to log in remotely see this posting.

Procedures
Steps 1 through 3 are optional.  Doing them will help you see what JEA does. 

1.  Start a PowerShell session with this user (e.g., from another server on the same workgroup or domain).  It could be from the same server when you are logged in as an administrator.  Run a command like this, but replace "coolhn" with the server name and replace "jane" with the local username:

$pss = New-PSSession -ConfigurationName Microsoft.PowerShell -ConnectionUri http://coolhn:5985/wsman -Credential jane

2.  Run this command:  Enter-PSsession $pss

3.  Try out some commands to prove the limited access:  show-netfirewallrule
# You should see access is denied.  If you do not, the user is not limited.  You may not need JEA for this user.

4.  Now set up JEA.  Open a PowerShell Window as an Administrator.  Run these commands (remember you can replace "sample" with a word of your choice as long as you are consistent):

cd c:\
mkdir tempb
mkdir .\tempb\transcript
cd tempb
New-PSRoleCapabilityFile -Path c:\tempb\sample.psrc

5.  Modify the file above (c:\tempb\sample.psrc) in the following way. Underneath the stanza with "# VisibleCmdlets"
place this single line:
VisibleCmdlets = 'Show-NetFirewallRule', 'Get-EventLog', 'Write-EventLog'
# Save the this file with a new name.  Back up the original to a different name too.  

6.  Change the modified version with back to the original name; in this case the file would be called sample.psrc.  We suggest using a PowerShell command if Notepad and Windows inadvertently associated the new file with a .txt extension. Here is an example:
mv samplenew.psrc.txt sample.psrc

7.  Run this command: New-PSSessionConfigurationFile -Path c:\tempb\sample.pssc -Full

8.a.  Open c:\tempb\sample.pssc (the file created above).  Make the following changes:
8.b. Insert this stanza underneath the commented out "# TranscriptDirectory" line:
TranscriptDirectory = 'C:\tempb\transcript\'
8.c.*  Insert a line like this underneath the commented out "# RoleDefinitions " line:
RoleDefinitions = @{'coolhn\jane' = @{ VisibleCmdlets = 'Show-NetFirewallRule', 'Get-EventLog', 'Write-EventLog' }}

# Do not include this comment about the line above.  Do change "coolhn" to the hostname of your server. Change "jane" to the desired username.

8.d.  Uncomment the phrase "RunAsVirtualAccount = $true" by removing the "#". Remove the leading space before the letter "R".
8.e. The stanza "SessionType = " should be changed. Set it to "RestrictedRemoteServer".  It should look like this:
SessionType = 'RestrictedRemoteServer'

8.f. Save it as a new name.  Back up the original file to a different name so the file with the original name is no longer in the directory.  

8.g.  Change the modified version of the file back to the original name now that no file with that name is in the directory; in this case the file would be called sample.pssc.  We suggest using a PowerShell command if Notepad and Windows inadvertently associated the new file with a .txt extension.  Here is an example:
mv samplenew.pssc.txt sample.pssc

8.h.  Run this command:
Register-PSSessionConfiguration -Name sample -Path 'C:\tempb\sample.pssc'

8.i.  Run this command:  Restart-Service WinRM

8.j.  Run this command but replace "coolhn" with the hostname of your server and "jane" with the username with limited privileges:

Enter-PSSession -ComputerName coolhn -ConfigurationName sample -Credential jane

# Enter the password to the "jane" user.

8.k.  Ignore the error pop-up about "Failed to refresh.  'The term 'Get-Module' is not recognized..."  Just click "OK".

8.l.  Use this command as a test (to compare it to step #3):  show-netfirewallrule
You are done.