By default, when a user is suspended/locked by CyberArk the system do not Auto Unlock the user. This post demonstrates how to config CyberArk to Auto Unlock the user. Please noted, manual unlock is recommended since CyberArk managed privilege accounts. 01. Change “UserLockoutPeriodInMinutes” value in dbparm.ini to your chose. If you change it to 10,… Continue reading How to config CyberArk automatic unlock suspend account
Paloalto firewall ssh authentication with public key
It’s common that administrator login to ssh server with key to avoid typing password all day. This post demonstrates how to config Paloalto firewall to use ssh key authentication. 01. Go to Device>Administrators, select the user name you want to add ssh key authentication. 02. Check “Use Public Key Authentication(SSH)” 03. Import your ssh public… Continue reading Paloalto firewall ssh authentication with public key
Factory Reset Palo Alto Firewall without admin password
This post demonstrate how to perform factory reset if you don’t have admin password. For this to work, you need a console connection to firewall. 01. Reboot firewall by unplug the power cable and then plug it back in. 02. From console output, select “PANOS (main-sysroot1)”. Please noted, this selection only show up around 5… Continue reading Factory Reset Palo Alto Firewall without admin password
Test remote port open on Windows
It’s important to know how to test if a remote port is available or not. Here is how to test a port on windows machine. Simply run below command in powershell. or shorten version Here is a sample of a success. Here is a sample of a fail. Sometimes powershell get stuck, just hit Enter… Continue reading Test remote port open on Windows
Cyberark Disable show password on PVWA
Step 01 Login to PVWA with administrative privileges and click on Master Policy. Step02 Select Allow EPV transparent connections, then click Edit Settings Step03 Change Allow users to view passwords to inactive
Cisco Switch authentication with radius(AD NPS)
Step 1. login to Cisco switch with console cable and go into configuration mode Step 2. config authentication method to radius Step 3. Give your radius server a name Step 4. config radius server information Step 5. config radius pre-share key Step 6. Open Network Policy Server(NPS) Step 7. Add a new radius client Step… Continue reading Cisco Switch authentication with radius(AD NPS)
import you own function in python
I’m not a good coder, so every time I need some new script for automation I just copy old code from the old script. It occurs to me that I should write my script in a more reusable way to avoid constantly copy and paste . This post will give a simple example for writing… Continue reading import you own function in python
Cyberark with RDCMan
RDCMan is a powerful tool that allow system administrator to mange multiple window server easily. This post will introduce how to integrate this tool with Cyberark’s PAM solution. 01. From top menu, select Edit>Add server or use short cut Ctrl+A 02. In the pop up windows, select Server settings. Enter PSM IP or FQDN in… Continue reading Cyberark with RDCMan
Factory reset Cisco switch
It’s simple to factory reset a Cisco switch. 01. Use a console cable to connect to the Cisco switch 02. Go to enable mode either with en or enable 03. Input write erase in the console and when prompted confirm(hit enter) 04. Input delete flash:vlan.dat and when prompted confirm(hit enter) 05. Reload the Cisco switch,… Continue reading Factory reset Cisco switch
Use cellular data as “wan” connection
Here is a simple diagram of the lab. PC1 has 2 connection, one with cell phone(wifi) and the other is a ethernet cable connect to PC2. PC2 only has 1 connection which connects to PC1. We want to let PC2 access to Internet through wifi connection of PC1. 01 Enable IP ForwardingWe have to edit… Continue reading Use cellular data as “wan” connection