Azure SSO App registration

 1. Registration App go to Azure AD for full feature

2. Enter name

3. Select registration app

4. Go to overview and URLs

5.Config Redirect URLs

6.Config branding

7. Make update code

8. Return to Enterprises applications for add access user and group

Prevent users create Office 365 group

 Prevent users create group (Office365 and Microsoft Teams)

1.Make Sure that install only AzureADPreview

    Get-InstalledModule -Name "AzureAD*"

    Uninstall-Module AzureAD

    Uninstall-Module AzureADPreview

2.Install Module

    Install-Module AzureADPreview

3.Import Module

    Import-Module AzureADPreview

4. Connect username and pwd

    Connect-AzureAD

5.Let check paramiter 

    (Get-AzureADDirectorySetting).Values

            GroupCreationAllowedGroupId = null

            EnableGroupCreation = True

6.Create Security Group on Office365

    Get-AzureADGroup -SearchString "Client_Adm"

7.run_Script

$Setting = Get-AzureADDirectorySetting -Id (Get-AzureADDirectorySetting | where -Property DisplayName -Value "Group.Unified" -EQ).id

$Setting["EnableGroupCreation"] = $False

$Setting["GroupCreationAllowedGroupId"] = (Get-AzureADGroup -SearchString "Client_Adm").objectid

Set-AzureADDirectorySetting -Id (Get-AzureADDirectorySetting | where -Property DisplayName -Value "Group.Unified" -EQ).id -DirectorySetting $Setting

8.Let check

    (Get-AzureADDirectorySetting).Values

=Revert=

https://blog.djurasovic.com/step-by-steps-instruction-how-to-disable-creation-of-office-365-groups/

Linux_Node-RED

Node-red: Install node-red on Ubuntu 20.04

Node-red: Open firewall port ufw allow 1880

sudo apt update Node-red:current version or set version curl -fsSL https://deb.nodesource.com/setup_current.x | sudo -E bash - curl -sL https://deb.nodesource.com/setup_14.x | sudo bash -

cat /etc/apt/sources.list.d/nodesource.list

sudo apt -y install nodejs Node-red: if error

sudo dpkg -i --force-overwrite

node -v

npm -v

sudo npm install -g --unsafe-perm node-red

node-red -v

Node-red: Upgrade for new version

sudo npm install -g --unsafe-perm node-red

**----------------------------------------------

Node-red admin: add new user for startup service

useradd -s /bin/bash -d /home/pm2/ -m -G sudo pm2

passwd pm2

su - pm2

Node-red admin: Installation

npm install -g --unsafe-perm node-red-admin

Node-red admin: get hash admin password

node-red admin hash-pw

Node-red admin: find config path (/home/pm2/.node-red/settings.js)

node-red --settings

CTRL+C Node-red admin: Build "admin" password:

sudo node-red admin hash-pw

Node-red admin: Edit config file from path

vi /home/pm2/.node-red/settings.js

Node-red admin: line adminAuth: and remove //

Node-red admin: Insert Certificate:

ค้นหา //https: { // key: require("fs").readFileSync('privkey.pem'), // cert: require("fs").readFileSync('cert.pem') //}, แก้เป็น

ค้นหา //requireHttps: true, แก้เป็น

**-----------------------------------------------

pm2: Install process management for node-red

su - pm2

sudo npm install -g pm2

pm2: Get path

which node-red

pm2: Create script for boot

vi app.json

[

   {

      "script"    : "/usr/local/bin/node-red",

      "name"      : "node-red:1880"

   },

   {

      "script"    : "/usr/local/bin/node-red",

      "args"      : "/home/pm2/.node-red/api1.json -p 1881",

      "name"      : "node-red api1:1881"

   },

   {

      "script"    : "/usr/local/bin/node-red",

      "args"      : "/home/pm2/.node-red/api2.json -p 1882",

      "name"      : "node-red api2:1881"

   }

]

pm2: run background process

pm2 start api.json -- -v

pm2: run background process
pm2 start /usr/local/bin/node-red -- -v

pm2: config start on boot

pm2 save pm2 startup pm2: copy & past

sudo env PATH=$PATH:/usr/bin /usr/local/lib/node_modules/pm2/bin/pm2 startup systemd -u pm2 --hp /home/pm2/

pm2 Stop/start Service:

pm2 list pm2 list --sort name:desc pm2 show 0

pm2 stop "all" pm2 start 0 pm2 restart 0 1

pm2 delete 1

pm2: view information

pm2 info node-red

pm2: Log install

pm2 install pm2-logrotate pm2 set pm2-logrotate:rotateInterval '00 00 * * 6' [every sunday 12.00 pm]

pm2 conf

pm2: Log read

pm2 logs node-red pm2 logs 0 pm2 flush

pm2 monit

sudo ps -ef | grep node-red

sudo lsof -i :1880e-red

wServer_sFTP

 

https://creodias.eu/-/how-to-install-openssh-on-windows-server-2016-vm-

Cloud_AWS-EC2

 #AWS-EC

https://882261083059.signin.aws.amazon.com/console

1. Launch Instant

2.

3.

4.

5.

Linux_sFTP

SFTP  

#C7254E

#F9F2F4

::add_user 

$ usermod -l newuser userA

$ useradd newuser

$ useradd -d /home/newuser -m -G sftponly newuser

::add_group

$ groupmod -n sftponly sftp

$ groupadd sftponly

$ grep 'sftponly' /etc/group

::add_member_to_group

$ usermod -a -G sftponly newuser

$ usermod -d /home/newuser newuser

::SFTP

$ chmod 755 /home/newuser

$ chown root:root /home/newuser

$ chmod 700 /home/newuser/upload

$ chown newuser:newuser /home/newuser/upload

OR

$ chmod 777 /home/newuser/upload

$ chown root:root /home/newuser/upload

$ vi /etc/ssh/sshd_config

#Subsystem sftp /usr/lib/openssh/sftp-server
#PasswordAuthentication yes

Subsystem sftp internal-sftp
#Match Group *,!sudo
Match Group sftponly
ForceCommand internal-sftp -d /upload
PasswordAuthentication yes
ChrootDirectory %h
AllowTcpForwarding no
X11Forwarding no

$ systemctl restart sshd

Ubuntu 22 LTS

 Ubuntu 22 LTS

::VM-Tool install

$ mount /dev/cdrom /media

$ tar xzvf /media/VMwareTools-x.x.x-xxxx.tar.gz -C /tmp/

$ cd /tmp/vmware-tools-distrib/

$ ./vmware-install.pl

$ ./vmware-install.pl -d default

$ umount /media

$ rm /tmp/VMwareTools-x.x.x-xxxx.tar.gz
$ rm -rf /tmp/vmware-tools-distrib

::Upgrade 

$ apt update 

$ apt upgrade -y

$ apt-get install -f 

::Check version

$ lsb_release -a 

::SET Regional

$ timedatectl

$ unlink /etc/localtime

$ ln -s /usr/share/zoneinfo/Asia/Bangkok /etc/localtime

$ timedatectl 

::SET Hostname

$ vi /etc/hostname

::Host file

$ vi /etc/hosts

127.0.0.1 localhost
127.0.1.1 apitms
10.90.8.37 apitms apitms.sher.com
10.50.2.102 sap sap.sher.com
10.50.2.102 sapprd sapprd.sher.com
10.50.2.104 saprqa saprqa.sher.com
10.30.2.104 sapdev sapdev.sher.com

# The following lines are desirable for IPv6 capable hosts
::1     ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

::Network-mon

$ ip r

$ ip a 

$ resolvectl status 

--

$ netplan apply

$ netplan --debug apply



::Network-Config

$ vi /etc/netplan/xx-xx-xx.yaml

# This is the network config written by 'subiquity'
network:
  ethernets:
    ens32:
      addresses:
      - 10.61.10.30/24
      nameservers:
        addresses:
        - 10.90.8.28
        search:
        - shera.com
      routes:
      - to: default
        via: 10.61.10.254
  version: 2

::DISABLE_IPv6

$ ip a | grep inet6

$ vi /etc/default/grub

GRUB_CMDLINE_LINUX_DEFAULT="ipv6.disable=1"

$ update-grub

$ vi /etc/sysctl.conf

net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1

$ sysctl -p

$ cat /proc/sys/net/ipv6/conf/eth0/disable_ipv6

$ ip a | grep inet6

::Add_New user and grant root privilege 

$ useradd -s /bin/bash -d /home/newuser/ -m -G sudo newuser 

$ passwd newuser

   or

usermod -aG sudo newuser

::verify

$ su - newuser

$ grep '^sudo' /etc/group

::Add root users

$ useradd -s /bin/bash -d /home/newuser/ -m -ou 0 -g 0 newuser 

$ passwd newuser

$ grep newuser /etc/passwd

::Return Root empty pass

$ passwd -dl root  

::verify

$ su - newuser

$ vi ~/.bash_profile

cd /

::History_Clear 

$ history -c