Using PowerShell Version 3, How Do You Determine If a Port Is Open for a given IP Address?

Problem scenario
You are using Windows 7 and PowerShell version 3.  You want to test if a port is open to a given IP address.  (If you are using a modern version of PowerShell, use the Test-NetConnection command.)   How do you find out if a port of an IP address is open or not?

Solution
Use the PowerShell function Test-TCPPortConnection written by Jonathan Medd.  Every line of this code except the last line was taken from here.

function Test-TCPPortConnection {
<#
 .SYNOPSIS
 Test the response of a computer to a specific TCP port

 .DESCRIPTION
 Test the response of a computer to a specific TCP port

 .PARAMETER  ComputerName
 Name of the computer to test the response for

 .PARAMETER  Port
 TCP Port number(s) to test

.INPUTS
 System.String.
 System.Int.

.OUTPUTS
 None

 .EXAMPLE
 PS C:\> Test-TCPPortConnection -ComputerName Server01

 .EXAMPLE
 PS C:\> Get-Content Servers.txt | Test-TCPPortConnection -Port 22,443
#>
[CmdletBinding()][OutputType('System.Management.Automation.PSObject')]
param(
[Parameter(Position=0,Mandatory=$true,HelpMessage="Name of the computer to test",
 ValueFromPipeline=$True,ValueFromPipelineByPropertyName=$true)]
 [Alias('CN','__SERVER','IPAddress','Server')]
 [String[]]$ComputerName,
 [Parameter(Position=1)]
 [ValidateRange(1,65535)]
 [Int[]]$Port = 3389
 )
begin {
 $TCPObject = @()
 }
 process {
 foreach ($Computer in $ComputerName) {
foreach ($TCPPort in $Port) {
 $Connection = New-Object Net.Sockets.TcpClient
 try {
 $Connection.Connect($Computer,$TCPPort)
 if ($Connection.Connected) {
$Response = “Open"
 $Connection.Close()
 }
 }
 catch [System.Management.Automation.MethodInvocationException]
 {
 $Response = “Closed / Filtered"
 }
 $Connection = $null
 $hash = @{
 ComputerName = $Computer
 Port = $TCPPort
 Response = $Response
 }
 $Object = New-Object PSObject -Property $hash
 $TCPObject += $Object
 }
 }
 }
end {
Write-Output $TCPObject
 }
}
Test-TCPPortConnection -ComputerName x.x.x.x -Port 80  # End of code

Replace x.x.x.x with the IP address you want to test.  Replace 80 with the given port you want to test.  You do not have to save the file to run it in the PowerShell ISE application.  Run the code and examine the results.  You will see if a given port is open or not (closed or filtered).

How Do You Get Jenkins Running on Linux to Work With Windows Servers?

Problem scenario
You want your central Jenkins 1.651.1 server running on Linux to push down builds (or run jobs) on Windows servers.  When you try to connect Jenkins master to a slave server, you get an error message like this:

"ERROR: Access is denied. See http://wiki.jenkins-ci.org/display/JENKINS/Windows+slaves+fail+to+start+via+DCOM for more information about how to resolve this. org.jinterop.dcom.common.JIException: Message not found for errorCode: 0x00000005 at org.jinterop.dcom.core.JIComServer.init(JIComServer.java:"

You know the credentials and IP address are correct.  You want the Jenkins server (on Linux) to communicate with other Windows servers.  How do you do this without a permissions error like the one above?

Possible Solution #1
Prerequisites

  • You must use Jenkins version 1.x.  This solution will not work for Jenkins version 2.32.1 or higher.  It may not work for Jenkins 2.x at all. If you want to install Jenkins 1.651.1 see this posting
  • You must have a Windows server to be "managed node" of the Jenkins server running on Linux.  These directions below are of no use if you are not using a Windows server (to configure as a worker node of Jenkins).  If you want to deploy a Windows server in AWS, see this posting.

Procedures
1.  Make sure that JRE is installed on the Windows server.  You can download a standalone (offline) installer here:  https://java.com/en/download/manual.jsp

2.  On the Windows server, open a web browser and go to this URL (constructed with the directions in the sentence beneath it):

http://3.3.3.3:8080/computer/4.4.4.4/slave-agent.jnlp

Replace the 3.3.3.3 with the IP address of the Jenkins master server.  Replace the 4.4.4.4 with the IP address of the Windows server you want builds to run on (aka the Windows slave). 

Click "Run" to install the Java component (the Jenkins Remoting Agent) in the pop up.

If the above does not work, Open PowerShell as administrator and run this command.  The command will look like this (read the content beneath it to customize it properly):

javaws http://3.3.3.3:8080/hudson/computer/4.4.4.4/slave-agent.jnlp

Replace the 3.3.3.3 with the IP address of the Jenkins master server.  Replace the 4.4.4.4 with the IP address of the Windows server you want builds to run on (aka the Windows slave).  If the above does not work, you may need to put a copy of the jenkins-cli.jar file on the WIndows server.  Then you can execute java commands with the jenkins-cli.jar file if you initially pass username and password if your Jenkins instance requires it.

Opening PowerShell without being an administrator, or any sort of CMD prompt, and running the javaws command above will not allow Jenkins builds to work as robustly as you would normally want them to run.  Jenkins may appear to register successful build runs.  The console output (in Jenkins) may have an "Access Denied" message which would refer to the inability of Jenkins to write to certain folders on the Windows server.  

Opening PowerShell without being an administrator, or any sort of CMD prompt, and running the javaws command above can create problems with Jenkins runs that are difficult to troubleshoot.  Despite the improved security, the javaws command should only be run with these methods (e.g., a cmd prompt or PowerShell opened not as administrator) if you are certain you know what you are doing.

Related tip:  JNLP is powerful for managing servers in a heterogeneous environment from a Linux Jenkins instance.  Ensure your Jenkins server does not allow anonymous access.  If from a server you can open a web browser and type in the Jenkins URL and view Jenkins without being challenged for credentials, your Jenkins instance is not secure.

Possible Solution #2
There are no prerequisites. If you want to install Cygwin on the Linux server, the Windows server will act like a Linux server. You can use this posting to install Cygwin.

How Do You Troubleshoot Mounting a cifs File Share when You Get an Error about “wrong fs type, bad option, bad superblock”?

Problem scenario:  You run this command on a Linux CentOS server:

sudo mount -t cifs -o user=jdoe //172.33.44.55/contintshare /mnt/windows-share

But you get this error:  "mount: wrong fs type, bad option, bad superblock on //172.33.44.55/contintshare, missing codepage or helper program, or other error (for several file systems (e.g., nfs, cifs) you might need a /sbin/mount.<type> helper program)"

What do you do?

Solution

The error message is not clear or helpful.  Replace "user" with "username", and try the command again.  For example this command will work:

sudo mount -t cifs -o username=jdoe //172.33.44.55/contintshare /mnt/windows-share

How Can You Recursively Search Subdirectories in Linux For a File That Has a Specific Text Pattern?

Problem scenario:  How do you use the grep command to recursively search most subdirectories (excluding some directories) for a pattern?  You want to find a file with a string like this:

/var/lib/pgsql/data

You are not interested in the files in directory paths that have one or more parent (or any antecedent) directories named "proc" nor "sys".  You want to list files that have the above pattern.  You want the results that match the string above in a case-insensitive way.  What do you do?

Solution
Grepping for patterns with forward slashes don't require quotes around the patterns when using the grep command.  Searching for lower case patterns with the "-i" flag will return files that match the string's pattern in lower case or in upper case or in any combination thereof.  Knowing that you want to exclude any file that resides in a directory path having a directory with the name "proc" or "sys" can make the search quicker.  The "--exclude-dir=" flag allows you to exclude results with "proc" or "sys" directories.  These exclude-dir flags will exclude any directory path with "proc" or "sys" -- not just the root "proc" and "sys" directories.

Follow these steps:
1.  cd /
2.  grep -ir /var/lib/pgsql/data . --exclude-dir=proc --exclude-dir=sys

To clarify the step #2 command, it will return files with a string matching the pattern /var/lib/pgsql/data except those files that are in a path with a directory named "proc" or "sys".

How Do You Share Files Between an Oracle VirtualBox Linux Guest and a Windows Host without Using vboxsf?

Problem scenario:  You have Oracle VirtualBox running on a Windows 7 computer as the host.  You have a Linux CentOS guest supported by Oracle VirtualBox.  You want to have a file share that does not rely on vboxsf.  What do you do?

Solution
1.  On the Windows host desktop, create a folder.  For this example, we'll use "foobar" for the name.
2.  Right click this new folder,  go to "Properties" -> "Sharing" -> "Advanced Sharing..."
3.  Check the box for "Share this folder" then click "OK"
4.  Open a command prompt and run "ipconfig" to know the IP address.
5.  Go to the Linux guest, install the Samba client (as root, run this command: yum -y install samba-client).  
6.  Run this command:

smbclient //192.168.1.1/foobar -U jdoe

# This assumes that "foobar" is the name of the folder created in step #1.
# This assumes 192.168.1.1 is the IP address found in step #4.
# This assumes jdoe is a username of the Windows host.  
# Replace foobar, 192.168.1.1 and jdoe accordingly.

7.  Enter the password for the jdoe user.
8.  Now files you create in the folder in step #1 will be viewable in your Linux guest. 
9.  You are done.  This "step" simply provides basic usage tips of the smb prompt.  At the smb: prompt you can create directories that will appear on the Windows host.  You can use get foo.txt to retrieve from the Windows host a file named foo.txt (assuming it is in the folder that was created in step #1).  You can use put contint.txt to transfer a file named "contint.txt" from the Linux guest (assuming it exists in the directory you issued the command in step #6) to the Windows host (specifically to the folder that was created in step #1).

How Do You Give Internet Access to a Linux Guest of Oracle VirtualBox Running on a Windows Host?

Problem scenario:
You created a new Linux CentOS 7.x guest server using Oracle VirtualBox on a Windows host.  Your Windows machine has Internet access.  From the Linux Guest you try to ping a 8.8.8.8 but you get this message "connect: Network is unreachable."

How do you give the Linux guest Internet access?

Possible Solution #1
1.  Using the GUI of the Oracle VirtualBox guest server, go to Devices -> Network Settings.  If you see the drop down for "Attached to:" as "Internal Network" change it to "NAT."  If you just installed Oracle VirtualBox, this step (#1) is probably unnecessary.
2.  Back up this file: /etc/sysconfig/network-scripts/ifcfg-enp0s3
3.  Modify this file "/etc/sysconfig/network-scripts/ifcfg-enp0s3" so the "ONBOOT=no" stanza to says "yes."  For example this is the desired stanza:

ONBOOT=yes

4.  Once the file above has ONBOOT=yes, run this command:  service network restart
5.  Now your Linux guest should have Internet access.

Possible Solution #2
1. In Oracle VirtualBox's GUI for the VM, make sure the network setting for "Attached to:" is "NAT".
2. Run a command like this but replace "43" with the octet of your choice:
sudo ifconfig enp0s3 10.0.2.43 255.255.255.0

3. Run a command like this: sudo ip route add default via 10.0.2.2
4. Optional step: You may now use PuTTy to connect the guest machines if you use port forwarding. You can arbitrarily map IP addresses and ports to different IP addresses and ports on the guest VM. See this posting "How Do You Use Putty To Connect To A CentOS Server (A Guest VM running on Oracle VirtualBox on a Windows Host)?" for more information.

How Do You Install and Configure Postgresql on a Linux CentOS 7 Server?

Problem scenario:  You have a Linux Centos 7.3 server.  You want to get Postgresql to work on it.  What do you do?

Solution
To get Postgresql working on a CentOS 7.3 server, do the following four commands as the root user:

yum -y install postgresql-server postgresql-contrib

postgresql-setup initdb

systemctl start postgresql

systemctl enable postgresql

#  To issue SQL commands, run these two commands:

sudo -i -u postgres

psql

#  To exit the Postgres command prompt, type this followed by enter:

\q

How Do You Find The Default Gateway of Your Linux Server?

Problem scenarios:  Either you are using CentOS 7.x (and ifconfig is even not a command) or you are using ifconfig and different flags (like -v for verbose), but you cannot find the default gateway.  How do you know if you have a default gateway even configured on a Linux server?

Solution  The "ifconfig" command cannot show the default gateway.  To find the default gateway on your Linux server, there are three different commands:

​ip route
netstat -rn 
route -n

The "ip route" command will show the result by displaying "default via x.x.x.x..."  The x.x.x.x is the IP address of the default gateway.

How Do You Troubleshoot Chef’s Knife Command When You Get An Error About “Failed to read the private key”?

Problem scenario:  You are using knife commands and getting errors.  For example, you try to run this: knife client list
As a result, you get this error:

"WARN: Failed to read the private key /root/.chef/continual.pem: #<Errno::ENOENT: No such file or directory @ rb_sysopen - /root/.chef/continual.pem>
ERROR: Your private key could not be loaded from /root/.chef/continual.pem
Check your configuration file and ensure that your private key is readable"

What should you do?

Solution
Obtain a copy of the .pem file from the Chef server. Then place a copy on the Chef client.  Specifically place a copy in /root/.chef/ with the name continual.pem (assuming you were root when you ran the "knife client list" command).

If you were not root, make sure the user running the knife command has access to the copy of the .pem file.  The client.rb file should be configured to find the copy of the .pem file.  Custom locations are possible with the client.rb file.  As long as the .pem file is where the client.rb file is configured, you should not get errors unless there is a permissions problem.