Schannel Fatal Alert 40… 70

This has to do with FIPS Compliant Algorithms group policy, but the policy was disabled. Microsoft’s documentation states that the GPO controls the reg key [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy]. This key was disabled (set to 1), I created a GPO at my workstation level and caused an update/replace entry [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] and set fipsalgorithmpolicy to 0. On the next reboot the machine should no longer cause the Schannel errors.

Default Passwords for San Gear and Others

Here is a collection of default passwords for EMC, HP, Cisco, Pure, VMware, TrendMicro and IBM hardware & software.

EMC Secure Remote Support (ESRS) Axeda Policy Manager Server:

Username: admin
Password: EMCPMAdm7n
EMC VNXe Unisphere (EMC VNXe Series Quick Start Guide, step 4):

Username: admin
Password: Password123#
EMC vVNX Unisphere:

Username: admin
Password: Password123#
NB You must change the administrator password during this first login.
EMC CloudArray Appliance:

Username: admin
Password: password
NB Upon first login you are prompted to change the password.
EMC CloudBoost Virtual Appliance:
https://:4444

Username: local\admin
Password: password
NB You must immediately change the admin password.
$ password
EMC Ionix Unified Infrastructure Manager/Provisioning (UIM/P):

Username: sysadmin
Password: sysadmin
EMC VNX Monitoring and Reporting:

Username: admin
Password: changeme
EMC RecoverPoint:

Username: admin
Password: admin
Username: boxmgmt
Password: boxmgmt
Username: security-admin
Password: security-admin
EMC XtremIO:

XtremIO Management Server (XMS)

Username: xmsadmin
password: 123456 (prior to v2.4)
password: Xtrem10 (v2.4+)
XtremIO Management Secure Upload

Username: xmsupload
Password: xmsupload
XtremIO Management Command Line Interface (XMCLI)

Username: tech
password: 123456 (prior to v2.4)
password: X10Tech! (v2.4+)
XtremIO Management Command Line Interface (XMCLI)

Username: admin
password: 123456 (prior to v2.4)
password: Xtrem10 (v2.4+)
XtremIO Graphical User Interface (XtremIO GUI)

Username: tech
password: 123456 (prior to v2.4)
password: X10Tech! (v2.4+)
XtremIO Graphical User Interface (XtremIO GUI)

Username: admin
password: 123456 (prior to v2.4)
password: Xtrem10 (v2.4+)
XtremIO Easy Installation Wizard (on storage controllers / nodes)

Username: xinstall
Password: xiofast1
XtremIO Easy Installation Wizard (on XMS)

Username: xinstall
Password: xiofast1
Basic Input/Output System (BIOS) for storage controllers / nodes

Password: emcbios
Basic Input/Output System (BIOS) for XMS

Password: emcbios
EMC ViPR Controller :
http://ViPR_virtual_ip (the ViPR public virtual IP address, also known as the network.vip)

Username: root
Password: ChangeMe
EMC ViPR Controller Reporting vApp:
http://:58080/APG/

Username: admin
Password: changeme
EMC Solutions Integration Service:
https://:5480

Username: root
Password: emc
EMC VSI for VMware vSphere Web Client:
https://:8443/vsi_usm/

Username: admin
Password: ChangeMe

Note:
After the Solutions Integration Service password is changed, it cannot be modified.
If the password is lost, you must redeploy the Solutions Integration Service and use the default login ID and password to log in.

EMC Avamar Backup Service

username: admin
password: changeme
openSSH key
ssh-agent bash
ssh-add ~admin/.ssh/admin_key
Password: P3t3rPan

Pure Storage Arrays

Username: pureuser
Password: pureuser
Cisco Integrated Management Controller (IMC) / CIMC / BMC:

Username: admin
Password: password
Cisco UCS Director:

Username: admin
Password: admin
Username: shelladmin
Username: changeme
Hewlett Packard P2000 StorageWorks MSA Array Systems:

Username: admin
Password: !admin (exclamation mark ! before admin)
Username: manage
Password: !manage (exclamation mark ! before manage)
IBM Security Access Manager Virtual Appliance:
Username: admin
Password: admin
VCE Vision:

Username: admin
Password: 7j@m4Qd+1L
Username: root
Password: V1rtu@1c3!
VMware vSphere Management Assistant (vMA):

Username: vi-admin
Password: vmware
VMware Data Recovery (VDR):

Username: root
Password: vmw@re (make sure you enter @ as Shift-2 as in US keyboard layout)
VMware vCenter Hyperic Server:
https://Server_Name_or_IP:5480/

Username: root
Password: hqadmin
https://Server_Name_or_IP:7080/

Username: hqadmin
Password: hqadmin
VMware vCenter Chargeback:
https://Server_Name_or_IP:8080/cbmui

Username: root
Password: vmware
VMware vCenter Server Appliance (VCSA) 5.5:
https://Server_Name_or_IP:5480

Username: root
Password: vmware
VMware vCenter Operations Manager (vCOPS):

Console access:

Username: root
Password: vmware
Manager:
https://Server_Name_or_IP

Username: admin
Password: admin
Administrator Panel:
https://Server_Name_or_IP/admin

Username: admin
Password: admin
Custom UI User Interface:
https://Server_Name_or_IP/vcops-custom

Username: admin
Password: admin
VMware vCenter Support Assistant:
http://Server_Name_or_IP

Username: root
Password: vmware
VMware vCenter / vRealize Infrastructure Navigator:
https://Server_Name_or_IP:5480

Username: root
Password: specified during OVA deployment
VMware ThinApp Factory:

Username: admin
Password: blank (no password)
VMware vSphere vCloud Director Appliance:

Username: root
Password: vmware
VMware vCenter Orchestrator :
https://Server_Name_or_IP:8281/vco – VMware vCenter Orchestrator
https://Server_Name_or_IP:8283 – VMware vCenter Orchestrator Configuration

Username: vmware
Password: vmware
VMware vCloud Connector Server (VCC) / Node (VCN):
https://Server_Name_or_IP:5480

Username: admin
Password: vmware
Username: root
Password: vmware
VMware vSphere Data Protection Appliance:

Username: root
Password: changeme
VMware HealthAnalyzer:

Username: root
Password: vmware
VMware vShield Manager:
https://Server_Name_or_IP

Username: admin
Password: default
type enable to enter Privileged Mode, password is ‘default’ as well
Teradici PCoIP Management Console:

The default password is blank
Trend Micro Deep Security Virtual Appliance (DS VA):

Login: dsva
password: dsva
Citrix Merchandising Server Administrator Console:

User name: root
password: C1trix321
VMTurbo Operations Manager:

User name: administrator
password: administrator
If DHCP is not enabled, configure a static address by logging in with these credentials:
User name: ipsetup
password: ipsetup
Console access:
User name: root
password: vmturbo

Check-MK Redhat Linux Agent Install

Following is the simple steps to install the CheckMK agent onto a Linux 6x OS.

yum -y install xinetd
cd /tmp
cp xinetd.conf /etc/xinetd.d/check_mk

(Above file is at this link.)
wget http://%checkmkurl%/check_mk/agents/check_mk_agent.linux
cp check_mk_agent.linux check_mk_agent
chmod 776 check_mk_agent
cp /tmp/check_mk_agent /usr/bin/check_mk_agent
mkdir /usr/lib/check_mk_agent
mkdir /usr/lib/check_mk_agent/plugins
cd /usr/lib/check_mk_agent/plugins
wget http://
%checkmkurl%/check_mk/agents/plugins/mk_inventory.linux
cp mk_inventory.linux mk_inventory.sh
chmod 776 mk_inventory.sh
/etc/init.d/xinetd restart

.

CheckMK Agent xinetd.d Config

# +——————————————————————+
# | ____ _ _ __ __ _ __ |
# | / ___| |__ ___ ___| | __ | \/ | |/ / |
# | | | | ‘_ \ / _ \/ __| |/ / | |\/| | ‘ / |
# | | |___| | | | __/ (__| < | | | | . \ |
# | \____|_| |_|\___|\___|_|\_\___|_| |_|_|\_\ |
# | |
# | Copyright Mathias Kettner 2014 mk@mathias-kettner.de |
# +——————————————————————+
#
# This file is part of Check_MK.
# The official homepage is at http://mathias-kettner.de/check_mk.
#
# check_mk is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by
# the Free Software Foundation in version 2. check_mk is distributed
# in the hope that it will be useful, but WITHOUT ANY WARRANTY; with-
# out even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE. See the GNU General Public License for more de-
# ails. You should have received a copy of the GNU General Public
# License along with GNU Make; see the file COPYING. If not, write
# to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor,
# Boston, MA 02110-1301 USA.

service check_mk
{
type = UNLISTED
port = 6556
socket_type = stream
protocol = tcp
wait = no
user = root
server = /usr/bin/check_mk_agent

# If you use fully redundant monitoring and poll the client
# from more then one monitoring servers in parallel you might
# want to use the agent cache wrapper:
#server = /usr/bin/check_mk_caching_agent

# configure the IP address(es) of your Nagios server here:
only_from = 127.0.0.1 %YOUR IP ADDRESSES HERE!!!%

# Don’t be too verbose. Don’t log every check. This might be
# commented out for debugging. If this option is commented out
# the default options will be used for this service.
log_on_success =

disable = no
}

MICROSOFT IIS: HOW TO DISABLE THE SSL V3 PROTOCOL

  1. Open the Registry Editor and run it as administrator.For example, in Windows 2012 or 2008r2:
    1. On the Start screen type regedit.exe.
    2. Right-click on regedit.exe and click Run as administrator.
  2. In the Registry Editor window, go to:HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProvidersSchannelProtocols
  3. In the navigation tree, right-click on Protocols, and in the pop-up menu, click New > Key.
  4. Name the key, SSL 3.0.
  5. In the navigation tree, right-click on the new SSL 3.0 key that you just created, and in the pop-up menu, click New > Key.
  6. Name the key, Client.
  7. In the navigation tree, right-click on the new SSL 3.0 key again, and in the pop-up menu, click New > Key.
  8. Name the key, Server.
  9. In the navigation tree, under SSL 3.0, right-click on Client, and in the pop-up menu, click New > DWORD (32-bit) Value.
  10. Name the value DisabledByDefault.
  11. In the navigation tree, under SSL 3.0, select Client and then, in the right pane, double-click the DisabledByDefault DWORD value.
  12. In the Edit DWORD (32-bit) Value window, in the Value Data box change the value to 1 and then, click OK.
  13. In the navigation tree, under SSL 3.0, right-click on Server, and in the pop-up menu, click New > DWORD (32-bit) Value.
  14. Name the value Enabled.
  15. In the navigation tree, under SSL 3.0, select Server and then, in the right pane, double-click the Enabled DWORD value.
  16. In the Edit DWORD (32-bit) Value window, in the Value Data box leave the value at 0 and then, click OK.
  17. Restart the server.
  18. You have successfully disabled the SSL v3 protocol.

Forgotten the Password for Your RSA SecureID SuperAdmin Account?

In order to reset the password for the Admin account, we could create a temporary superadmin account (i.e. tempAdmin).

Run the superadmin restoration utility via CLI/ serial console:

  1. Login using the account emcsrv and key in the password when prompted.
  1. Change to root and key in the password when prompted:

sudo su

  1. Navigate to the directory where the superadmin restoration utility resides to create the temporary superadmin account:

cd /usr/opt/rsa/am/utils

./rsautil restore-admin –u [tempadmin_name] –p [password]

[tempadmin_name] – the temporary superadmin account to be created

[password] – the password for the temporary superadmin account

Enter Master Password: **********

A temporary admin will be created with the user ID ‘tempAdmin’.

Are you sure you want to continue (Y/N): Y

Admin created successfully.

  1. Login to the Security Console using the created account tempAdmin.
  1. Go to Identity > Users > Manage Existing and search for the superadmin account whose password need to be reset.
  1. From the Context menu, select Edit and scroll to the section labelled as Password.
  1. Key in the desired password for this superadmin account and click Save.

Note that the temporary superadmin account created will expire in 24 hours.

Ohh Yeah,

I got it working, Installed JetPack on my WordPress site to integrate WordPress with FaceBook. – And Google+

Server’s Certificate cannot be Checked

When your Administration dashboard in VMware Horizon View 5.3 reports the error: Server’s certificate cannot be checked
View Administration dashboard displays Connection Server in red status.
View Administration dashboard displays Security Server in red status.
Clicking Connection Server in View Administration displays this error:

Connection Server certificate is not trusted

Clicking Security Server in View Administration displays this error:

Server’s certificate cannot be checked

You are able to connect externally through the Security Server.
The certificates on the server are valid.

This issue occurs if the Certificate Revocation List (CRL) includes a URL that cannot be accessed from the Connection Server paired to the Security Server.

Resolution
To resolve this issue, ensure that the Connection Servers that are paired with Security Servers are able to check the URL in the Certificate Revocation List (CRL), if your environment includes a proxy server that controls Internet access.

To work around this issue, create a CertificateRevocationCheckType registry string in Windows Registry.

Note: This procedure modifies the Windows registry. Before making any registry modifications, ensure that you have a current and valid backup of the registry and the virtual machine. For more information on backing up and restoring the registry, see the Microsoft article 136393.

To create a CertificateRevocationCheckType registry string in Windows Registry:

Note: If you are using multiple connection servers, you need to make this registry modification on all Connection Servers.

  • Navigate to HKEY_LOCAL_MACHINESoftwareVMware, Inc.VMware VDMSecurity in the View Connection Server. Caution: Ensure that you make changes in the Connection Server and not the Security Server.
  • Create the CertificateRevocationCheckType registry string (REG_SZ) and set its value to 1.

Configuring Kiosk Mode on Your Windows XP Computer

I know this is really, really old – but, I was asked this question the other day and wanted to bookmark it on my site for future reference.

Problem:

When I boot my Windows XP computer, I would like to always boot into a specific user account and I would like that user account to run an executable other than Windows Explorer (explorer.exe), such as a LabVIEW executable, otherwise known as Kiosk Mode. How can I accomplish this?

Solution:
Kiosk Mode is useful when you want to have a dedicated computer or user account to boot directly into a specific executable other than Windows Explorer (explorer.exe). This restricts the user’s access to other aspects of the computer.

To configure the computer to automatically log into a specific user account, you will need to modify the Windows Registry. Do this carefully by following these steps:

Click Start»Run.
Type the command regedit. Click OK.
Browse to the following registry key:HKEY_LOCAL_MACHINE»Software»Microsoft»Windows NT»CurrentVersion»Winlogon.
Double-click the DefaultUserName entry and enter in the name of the user account that you want to automatically log into. Click OK.
Double-click the DefaultPassword entry and enter in the password for the user account that you want to log into. Click OKIf there is not a DefaultPassword entry, create the value using the following steps:
Go to Edit»New»String Value.
Name the new value DefaultPassword and press Enter.
Double-click the newly created entry and enter in the password for the user account that you want to log into. Click OK.
NOTE: If no DefaultPassword string is specified, Windows XP automatically changes the value of the AutoAdminLogon registry key from 1 (true) to 0 (false) to turn off the AutoAdminLogonfeature.

Double click the AutoAdminLogon entry and enter in 1 for its Value Data. Click OK.If there is not an AutoAdminLogon entry, create the value using the following steps:
Go to Edit»New»String Value.
Name the new value AutoAdminLogon and press Enter.
Double-click the newly created entry and enter in 1 for its Value Data. Click OK.
Close the Registry Editor by going to File»Exit or by clicking the red X in the top right corner of the window.
Restart the computer by going to Start»Shutdown and then select Restart.

To configure a specific account to boot into Kiosk Mode, you will need to modify the Windows Registry. Do this carefully by following these steps:

Log into the user account that you wish to boot into Kiosk Mode.
Click Start»Run.
Type the command regedit. Click OK.
Browse toHKEY_CURRENT_USER»Software»Microsoft»Windows NT»CurrentVersion»Winlogon.
Add a new string value to this registry by going to Edit»New»String Value and name it Shell.
Double-click on this new string value and enter in the path to the executable you want to run instead of explorer.exe (e.g. C:LV StartupMyLabVIEWVI.exe).
Log out of the user account and log back in.
By combining these two configurations, you can set up your Windows XP machine to automatically bypass the user logon screen and boot into a specific user account that will run any executable you build instead of Windows Explorer (explorer.exe). You may want to customize the appearance of the executable by modifying its VI Properties. For example, you can have the executable maximize to fill the entire screen by changing the Position option is set to Maximized in the Window Run-Time Position category. You can also customize the Windows Appearance category so that user cannot close or resize the executable.

TIP: If you want to change the executable that is being run for a specific account, but are having trouble getting back to the Registry Editor because there is no longer a Start Menu, you can press Ctrl-Alt-Delete and select to run the Task Manager (if it not already running). Then select File»New Task (Run…) and type regedit in the box that pops up and click OK. This will run the Registry Editor.

Setting Up a New CRM Service, SuiteCRM

PHP Notice: Undefined index: custom in /var/www/html/themes/Suite7/css/colourSelector.php on line 95, referer:
PHP Notice: Undefined index: modlink in /var/www/html/themes/Suite7/css/colourSelector.php on line 70, referer:

I was getting these errors in my apache log, I am sure due to fact I changed colors in the theme, which I think is a real neat way of modifying the theme or this also happens when you use standard theme colors, which it probably does.

To get rid of this, i added to /var/www/html/config_override.php the following two lines:

$sugar_config['colourselector']['modlink'] = 'EEEEEE';
$sugar_config['colourselector']['custom'] = 'EEEEEE';