Posted on

Updating Nakivo Appliance in environment with Qnap nas

Nakivo Environment

In this environment we have a Nakivo Appliance and a Qnap nas, used as Nakivo backup repository. We need to update the Nakivo appliance that currently is at 10.6 version.

Updating Nakivo using web console

Enter in your Nakivo web interface, navigate to “Seetings” – “Software Update”. The procedure proposes to you the 10.7 version. Proceed. You’ll reice a warning that “remote transporters will not be updated automatically”. After this procedure the Nakivo will be at 10.7 version and not other updates will be avalaible. Indeed the web console signals that your qnap transporter is “out of the date”. So you need to update it to use it. And here there is the problem: we’ll sew that, using nakivo qnap site , you’ll be able to install only the version 10.9 of qnap trasporter that is newer than the currently Nakivo appliance version. So you first need to install the 10.9 version on your Nakivo appliance, but you need to do it manually

Updating Nakivo manually

Using Nakivo upadte site you have to download the “Virtual Appliance”. You”ll download the file

NAKIVO_Backup_Replication_v10.9.0.76010_Updater.sh

Using the application Winscp connect to your Nakivo appliance via ssh. Upload the sh file in the folder /opt/nakivo/updates.

To enter via ssh in a nakivo appliance the default credential are :

  • username : root
  • password : QExS-6b%3D

Now you have to follow this instruction to update the application : Nakivo manual.

Updating Nakivo Transporter in Qnap

In our environment , the Qnap has a Nakivo Transporter App version 10.6.0, compatible with the starting version of our Nakivo appliance. It’s not possible to update this version automatically via qnap, you need to downnload from Nakivo site the new transporter and update it via Qnap web console.

In Nakivo site , you have to choose between the intel or arm transporter package. You’ll download a opkg file.

So, enter in qnap web console and install it manually :

Unable to install Qnap Transporter because the digital sign is invalid

If you are unabled to install the Nakivo Trasporter package because you recive an error that report that the digital sign is invalid , yoiu need to allow installation of applications without a valid digital signature. Click the Settings icon in the top-right corner of the App Center. On the General tab, check the option “Allow installation of applications without a valid digital signature”.

Issue with Nakivo web interface 10.9 in web browser

Even if Nakivo siuggests to use chrome or Firefox to use properly its web interface, we had problem using Chrome. We solved it using Microsoft Edge.

Links

Posted on

auto-generate INSERT statements for a SQL Server table

  1. Right-click on the database and go to Tasks > Generate Scripts.
  2. Select the tables that you want to generate the script.
  3. Go to Set scripting options tab and click on the Advanced button.
  4. In the General category, go to Type of data to script
  5. There are 3 options: Schema OnlyData Only, and Schema and Data. Select the appropriate option and click on OK.

Posted on

Error from Filezilla Client to Microsoft IIS FTP Server

When you connect to ftp server create with Microsoft IIS using Filezilla Client you should have this error

GnuTLS error -48: Key usage violation in certificate has been detected. Could not connect to server

Your configuration settings are something like this :

  • Protocol: FTP – File Transfer Protocol
  • Encryption: Require explicit FTP over TLS

The problem is with self signed certificate on server side. This is a problem with the certificate generation of Microsoft IIS, as it does not allow the certificates to be used for digital signatures.

How to generate a valid certificate with IIS

This is a server-side issue, and it did not appear previously because earlier versions of FileZilla shipped with a GnuTLS version that didn’t make this check.

Quoting Tim Kosse’s post in the FileZilla forum thread:

In any case, the problem is with your server’s X.509 certificate chain: Either the server certificate itself or another certificate in the chain has a key usage restriction that is violated. For example a certificate with a key usage restriction to signing cannot be used to authenticate TLS connections. See section 4.2.1.3 of RFC 5280.

This is a problem with the certificate generation of Microsoft IIS (but may also happen if you incorrectly generated a certificate with another method), as it does not allow the certificates to be used for digital signatures. OpenSSL is much more relaxed about this and won’t fail because of it, so it may work with other apps.

On the client side, you can either disable TLS, downgrade to an earlier version of FileZilla (neither of these is recommended due to potential security risks), or use a different client which uses another library such as OpenSSL for now.

How to generate a valid certificate with IIS

This needs to be done on the server side, Yobviously.you can generate the certificate with PowerShell instead until the issue is fixed by Microsoft. Open PowerShell in admin mode.

The following powershell command will create our self-signed certificate for our binding and store it in the Personal Store (Note how I also store a reference to the certificate in a variable called $cert this will be needed further on):

$binding = "192.168.1.70"
$cert = New-SelfSignedCertificate -DnsName "$binding" -CertStoreLocation "cert:\LocalMachine\My"

However, this is not enough to make the certificate work for HTTPS in our browser. We need to add our newly created certificate to the Trusted Root Certificate store. To do this we take our $cert variable which references our created certificate and add it to our Trusted Root Certificate store like so:

$DestStore = new-object System.Security.Cryptography.X509Certificates.X509Store([System.Security.Cryptography.X509Certificates.StoreName]::Root,"localmachine")
$DestStore.Open([System.Security.Cryptography.X509Certificates.OpenFlags]::ReadWrite)
$DestStore.Add($cert)
$DestStore.Close()

Now you have to set the new certicate on your ftp site using IIS Admin.

Posted on

SQLSERVER – Backup on mapped drive

Scenario

You are trying to backup a sqlserver db on mapped network drive. You have already mapped the drive in Windows and you can see that drive in Windows Explorer. You are not able to see the drive which is mapped when you open the backup procedure using SqlServer Managment studio.

Solution

First of all you not need the previous mapped network drive created by Explorer. You have to create this drive using SqlServer, and you’ll not be able to see it using Exploer.

Enable xp_cmdshell

You need to execute below to enable xp_cmdshell as its disabled by default due to security reasons. (Please turn off again once you done with the work)

Using SSMS execute thesse commands :

EXEC sp_configure 'show advanced options', 1;
GO
RECONFIGURE;
GO
EXEC sp_configure 'xp_cmdshell',1
GO
RECONFIGURE
GO

After this you ‘ll have a positive reaction a this command that using SSMS you should use for testing previous operations :

EXEC XP_CMDSHELL 'Dir C:'

Map Network Drive

To map network drive you have to use the same command that you should use over Windows ysig command prompt :

'net use Z: \\networkShare\Test'

So, using SSMS you have to run the command

EXEC XP_CMDSHELL 'net use Z: \\networkShare\Test'

Now you should test this connection with the command

EXEC XP_CMDSHELL 'Dir Z:'

but, the most important goal, is tha you’ll be able to see teh drive Z during backup proceure over SSMS

Map Network Drive cmd – net use user password

The above command will work and completes successfully without asking the user to provide a username/password if the user has authorized access to this network share. If not, But the easy way is to use the “net use” command on the command prompt line explained above.

net use Z: \\networkShare\Test /u:domainname\username password

So, using SSMS you have to run the command

EXEC XP_CMDSHELL 'net use Z: \\networkShare\Test /u:domainname\username password'
Posted on

vmware workstation – unable to connect guest to my PCIe LPT port

Scenario

You are are using vmware workstation and you have mount on your computer a PCIe LPT card. You are unable to connect this LPT port to your guest vm.

Solution

Uninstall VM-Ware and to Reinstallit


Note