Author Archives: Kaven Gagnon

avatar

About Kaven Gagnon

System Engineer / Network Administrator

JunOS : Upgrade bank is empty or corrupted for FPC 0, please do standard upgrade sequence

Experiencing the following alarm event log on your Juniper EX switch?

Alarm time Class Description
2016-01-20 07:12:04 UTC Major Upgrade bank is empty or corrupted for FPC 0, please do standard upgrade sequence

This is likely because your switch was running an inferior JunOS version than 10.4r3 and it was upgraded to a greater version, which require the new jLoader.

(This is actually documented by Juniper on the technical support note referenced as TSB15524)

IMPORTANT : I would suggest looking at your running software version to ensure this is your case, I never tried running an inferior JunOS version than the one intended to be supported by this newer jLoader – I would expect your switch to fail at boot!)

To upgrade jLoader, follow the following steps :

1. Download jLoader 12.1r3 from Juniper (make sure you select the right one for your platform, failing to do so will brick your switch!) As example, here is the link for either EX3200 or EX4200

2. Upload/download the package to a temporary location on the switch filesystem (such as /var/tmp) or load it on a MSDOSfs formatted USB memory (and connect on the switch).

3. Upgrade jLoader (example) :

request system software add validate /var/tmp/jloader-ex-3242-11.3I20110326_0802_hmerge-signed.tgz

4. Reboot the switch upon successful output :

request system restart

Your switch should now boot on the new jLoader.

Windows : How To get the members of a group in Active Directory using PowerShell

Here is some useful commands to list the members of a group in Active Directory using PowerShell.

Get members of a group :

Get members of a group, recursively (to list all members of sub-groups members of that group) :

NOTE : Replace “Group Name” (keeping the double quotes) with the desired Group Name in your AD.

Linux : Finding your public IP from the command line

You are probably used to all these “get my IP” or “find my IP” kind of site, which show your external / Internet IP on a Web page.

However you might be facing some challenge if you are on a CLI only kind of machine. Fortunately there is a few ways to find your public IP from the console, here are two easy ones :

1. Use cURL toward our simple IP page :

2. Use the “DIG” DNS utility if it is present on your system, by querying OpenDNS servers :

NOTE : DIG is usually a part of “dns-utils” package on modern Linux systems.

Linux : R1Soft The following signatures couldn’t be verified because the public key is not available

Getting this error from the R1Soft repo lately trying to run a “apt-get update” on Debian Linux?

Ign http://repo.r1soft.com stable Release
W: GPG error: http://repo.r1soft.com stable Release: The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY 39A4965166BD1D82

Simply do the following to import the new key and get rid of this error :

Windows : File Explorer don’t refresh

I had this strange issue on Windows 8/10 where changes such as file/folder renaming or deletion not appearing after a modification. A manual “Refresh” from the contextual menu (right click + Refresh) was required to show the last modification.

It seem that some Windows core components were corrupted and needed to be repaired/restored.

First of all, I would suggest to look at the Event Viewer (under Control Panel > Administrative Tools) to see if any disk or NTFS related errors show up. If you have a unhealthy disk about to die, cloning the disk and replacing would be the first step to do prior doing the procedure.

To resolve this matter, open the Command Prompt with elevated privileges and do the following, one after the other upon completion of each commands :

Reboot your computer once completed, this should have resolved the issue.

 

Windows : Error 404 File or directory not found with IIS but file exist

Encountering an error 404 file or directory not found with IIS but the file actually exist?

This is because IIS won’t serve unknown MIME type/file extension, when encountered, it return that the file does not exist even though it is actually present on the Web server’s file system.

To resolve this matter, do the following procedure :

1. Open the IIS management console

2. Click on the server name on the left pane tree

3. Double click on the right pane, under IIS the “MIME Types” icon

4. On the right “Actions” pane, click on Add…

5. Enter the “File name extension” and also the “MIME Type” (it could potentially be “application/octet-stream”)

Linux : Package package-name.rpm is not signed

Having the following error trying to install a unsigned package from Yum repository on CentOS/RHEL?

Unless you get an officially signed package(s), you will need to override/accept the installation of unsigned package (if you trust the source/issuer, of course).

If installing a locally located rpm file(s), you may use the command “rpm -ivh package-name.rpm“.

If installing from a repository, you will need to edit  /etc/yum.conf and locate the following parameter :

And change it for :

Then run Yum again to install the desired package. I suggest then to change it back to “gpgcheck=1” once you are done.

Windows : Outlook search results may be incomplete because items are still being indexed

Running into a endless loop of “Search results may be incomplete because items are still being indexed” issue while searching within a folder in Outlook and missing elements in the results?

This is an occasional behavior that I have particularly noticed with Windows 7 and Office 2010, but not limited to this software version combination. The issue is in fact with the Windows indexing service that just give up at some point indexing content (please don’t ask me why, it just does and nothing is logged into the Event Viewer, so who knows!)

The workaround I have found to resolve this is to disable and re-enable “Windows Search”, here is the procedure below :

1. Save all your work and close all applications (yes, you will need to reboot soon!)

2. Open the Control Panel

3. Click on Programs and Features

4. On the left pane, click on Turn Windows features on or off

5. Un-check the box for Windows Search item

6. Reboot

7. Startover the steps above from #2 to #4

8. Check the box for Windows Search item

9. Reboot

Once your computer will restart, it may be a bit slower for a little while during the re-indexing process. Search functionality should return all results in Outlook from now.

Windows : RDP An authentication error has occurred. The function requested is not supported

Since the latest Windows Updates, you might be encountering the following error when you RDP to another computer or server :

An authentication error has occurred.
The function requested is not supported

Remote computer:
This could be due to CredSSP encryption oracle remediation.
For more information, see https://goomicrosoft.com/fwlink/?linkid=866660

This is basically due to the fact that your client machine have latest updates installed and the remote computer or server does not. Your client refuse to connect because the target computer use weaker settings.

The right solution, in an ideal world would be updating the remote machine with latest updates, but it is not always possible in the immediate or you might need to actually be able to connect to it to do so!

You can workaround this issue by modifying the settings in the registry of your client machine as followed :

NOTE : The following steps can be easily achieved running the HotFix registry script provided below. It should be executed with the administrative privileges (right click, Run as administrator). Right click on the link, and then “save as”. Your security software might complain about downloading a “.reg” file and are totally right about it! Those scripts should be run only if you trust the issuer.

https://www.itechlounge.net/ITechHotFix/ITechHotFix-RDP-CredSSP-10052018.reg

Else, here are the steps to do the same thing below :

1. Open the registry editor :

2. Browse to the following :

HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Policies \ System

3. Create the following keys :

CredSSP \ Parameters

4. Add the following DWORD (32-bit) value :

And set the value to :

5. Reboot your computer, you should be able to connect once rebooted. Please remember to remove that fix once all your remote computers are updated.

Web : SSL error NET::ERR_CERT_SYMANTEC_LEGACY

Since April 2018, I have noticed the following SSL error with Google Chrome and Safari’s latest versions :

NET::ERR_CERT_SYMANTEC_LEGACY

All Symantec SSL/TLS certificates issued prior June 1st 2016 will output this warning from now on since the latest updates.

Web user, nothing is wrong on your side, the site owner must re-issue his certificate, even though the expiration date isn’t reached yet to workaround this issue. Symantec will offer re-issue for free if the certificate isn’t expired.

You may use their verification tool here if any doubt :

https://www.websecurity.symantec.com/support/ssl-checker

NOTE : As this post is being written (April 30th, 2018), this issue is not visible with Firefox v59.0.2. If you trust the source and need to access the blocked content (and accepting the certificate does not work for you), you still can use FF, for now.