Related
Running initdb looks pretty straightforward from the docs.
I created the data directory, checked the permisions on the folder, ran initdb as the postgres user, and entered the password.
It returns immediately.
C:\Program Files\PostgreSQL\12>runas /user:pgUser#domain "bin\initdb.exe -k -D \"C:\Program Files\PostgreSQL\12\data\""
Enter the password for pgUser#domain:
Attempting to start bin\initdb.exe -k -D "C:\Program Files\PostgreSQL\12\data" as user "pgUser#domain" ...
C:\Program Files\PostgreSQL\12>
Results:
The data dir is still empty, no errors in the event log, and the service won't start.
I expected it to populate data with the base directories, create the postgres and template databases, and be able to start the database engine as a service.
The resolution was three-fold.
First, as suspected, runas starts another process to run the command.
Redirecting, as such
runas /user:pgUser#domain "cmd" > output.txt
only redirects the output of runas.
To capture the output of the cmd, you need to redirect inside that process.
runas /user:pgUser#domain "cmd > output.txt 2>&1"
Second, installing postgres on windows includes initdb.
So, uninstalling and re-installing accomplished that.
Third, one of the things that I wanted to accomplish with the reset was enabling checksums and something I read said that you could only set that flag using initdb. But that's not true. You can enable checksums on an existing cluster.
So I didn't need to run initdb at all. In spite of so many recommendations to start with a freshly "initdb'd" installation.
I've been trying to write a powershell script that automates my windows workspace setup and configuration and am currently stuck trying to redirect input to WSL when executing it for the first time. The core of the problem is that Ubuntu's first launch prompts for a username and password, then logs in to a bash shell. I tried writing down the input lines into a text file like so:
Username
Password
Password
exit
Then, I tried redirecting the input of wsl to the file:
Start-Process ubuntu2004.exe -RedirectStandardInput stdin.txt -NoNewWindow -Wait
The above didn't work as executing WSL just starts spamming Enter new UNIX username: adduser: only one or two names allowed. I tried doing same in CMD with the < input redirection, but the result is the same.
This is not exactly the answer to your question, but in my opinion, ansible is better suited for such a task.
I myself recently became interested in assembling a workspace in wsl and ansible seemed to me the best solution.
Before starting the build, you will need to perform minimal steps (create a user and install several packages, all this can be placed in the readme), but then there will be no restrictions.
You can find several ready-made examples of wsl assembly via ansible on github.
A few ideas for setting the username/password in a new Ubuntu WSL instance:
First, a "PowerShell sendkeys" via COM or Interop might work for this. It's probably the closest in behavior to what you are actually asking.
Second, and perhaps most promising, I just tried this with a new Debian WSL installed from the Store (since I didn't want to mess with my Ubuntu install).
When running debian.exe (like ubuntu2004.exe), I let it run the install, then I Ctrl+C'd out of it when it started asking for the default username/password. At that point, the WSL instance is installed, but with only root. I assume that your script can let the command run for a certain period of time, then kill the process to replicate this.
From your script, you should then be able to run wsl -u root useradd --create-home --user-group --groups adm,dialout,cdrom,floppy,sudo,audio,dip,video,plugdev,netdev --password "encryptedPassword" username (see here for creating the encrypted password). I think that will get you a stock Ubuntu user the way that WSL sets it up.
You'll then need to either create a /etc/wsl.conf file (instructions) letting the instance know that that user is the default, or LxRunOffline lists this as one of its features.
But I'd also throw in that you might just want to keep a "backup" of an existing WSL instance that you start from. Do a wsl --export <distroname> <imagename.tgz>, then you can import it when setting up the new Windows host by copying the tgz over and doing a wsl --import <DistroName> <DirectoryWhereYouwantItToLive> <imagename.tgz>.
If you want, you can keep this image up to date with your desired WSL configuration, so that you don't have to recreate it when you rebuild the Windows hosts. That said, this is where I do follow #Mystic's suggestion of using Ansible to store my WSL "configuration as code". It allows me to not only recreate my WSL instances, but also that same configuration when I set (or reset) a Linode host or another Linux system.
I need to write a script that transfers files from a folder onto another server (Linux), but the script that's transferring files is on windows, and I was wondering if there was an alternative to scp for PowerShell (or if there was another way of doing this)
There is a handy little tool that comes with Putty called pscp.exe that will do this and can be called in powershell easily.
Example below copies from windows to a CentOS box (logging in as the usercode "bill") and you use the -pw switch in pscp to pass in a password (otherwise the command window that is spawned will prompt for the Linux password):
Start-Process 'C:\Program Files (x86)\PuTTY\pscp.exe' -ArgumentList ("-scp -pw password C:\Document.rtf bill#192.168.0.28:/home/bill/")
PuTTY Secure Copy client
Release 0.62
Usage: pscp [options] [user#]host:source target
pscp [options] source [source...] [user#]host:target
pscp [options] -ls [user#]host:filespec
Options:
-V print version information and exit
-pgpfp print PGP key fingerprints and exit
-p preserve file attributes
-q quiet, don't show statistics
-r copy directories recursively
-v show verbose messages
-load sessname Load settings from saved session
-P port connect to specified port
-l user connect with specified username
-pw passw login with specified password
-1 -2 force use of particular SSH protocol version
-4 -6 force use of IPv4 or IPv6
-C enable compression
-i key private key file for authentication
-noagent disable use of Pageant
-agent enable use of Pageant
-batch disable all interactive prompts
-unsafe allow server-side wildcards (DANGEROUS)
-sftp force use of SFTP protocol
-scp force use of SCP protocol
pscp.exe is a viable option, but I have been using a library from Rebex for a couple years now for SFTP and FTPS transfers in both C# apps and PowerShell scripts with great success. Their package also includes an SCP object but I haven't personally used it.
It does cost money vs. pscp being free. Before selecting the Rebex package, I had considered going the PuTTY route but my team decided that having a library we could easily roll into any app/script was worthwhile in the long term.
You can use WinSCP .NET assembly from PowerShell for SCP transfers.
For example see http://winscp.net/eng/docs/library_powershell#example
The example uses SFTP protocol. To use SCP, just modify it to:
$sessionOptions.Protocol = [WinSCP.Protocol]::Scp
Though if your server support SCP protocol, it's likely it also supports SFTP. SFTP is better choice, if you have the option.
Why use an alternative to SCP when you can use SCP?
Windows has OpenSSH (which includes SCP) as an optional component these days, so you could just use that. It first appeared in the Autumn 2018 version of Windows 10. It's nearly identical to the command you find in most Linux distributions, as it's derived from the same code base. Microsoft just made one or two minor tweaks to make it work on windows.
It is simple to install just go to Start->Settings->Apps->Optional Features->View Features enter in OpenSSH in the search box and check the OpenSSH client and click next. See OpenSSH in Windows for more detailed instructions on how to set it up. For a more PowerShell way of installing it run this from an elevated PowerShell prompt:
Add-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0
You can use this command to check if there is a newer version and whether you already have it installed:
Get-WindowsCapability -Online | Where Name -Like '*ssh*'
Once installed, you call scp from PowerShell just like you would any other executable command.
scp file.dat user.name#example.com:/target/path
If you really don't want to use SCP use Copy-Item
This requires PowerShell to be installed on your server. Yes you can install PowerShell on Linux. Just call Copy-Item with the -ToSession parameter passed an SSH connected session, I've never actually tried it though. It requires a recent version of PowerShell and some setting up see PowerShell remoting over SSH. Something like this:
Copy-Item C:\localPath\*.* ~\remotePath\ -ToSession (New-PSSession -HostName UserA#LinuxServer01:22 -KeyFilePath c:\\userAKey_rsa)
If both machines are Windows machines you can use the same -ToSession parameter to copy files over WinRM. But both machines have to be domain joined or there is the possibility of security issues.
There is also a ".NET friendly" way:
you can use the SharpSSH dll to execute ssh commands, and do scp/sftp tranfers.
For example:
[Reflection.Assembly]::LoadFrom((Resolve-Path .\Tamir.SharpSSH.dll))
$ssh = New-Object Tamir.SharpSsh.Sftp("server","user","password")
$ssh.Connect()
$ssh.Put("C:\localfile","distantfile")
$ssh.Close()
There is the SSH.Net library, too, it does approximatively the same things.
I had this in my Windows services:
C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N "postgresql-8.4" -D "D:/PostgreSQL/8.4/data" -w
It never finishes executing. But if I did this on the dos shell:
C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe start -N "postgresql-8.4" -D "D:/PostgreSQL/8.4/data" -w
Notice that I only changed the "runservice" to "start" and it works just fine.
Any idea?
The command runservice can only be executed by the service manager
in order to fix my localhost windows 7 to start postgres as a service
i used the following command to start the data
pg_ctl -D "C:\Program Files\PostgreSQL\9.1\data" start
Then checked the status for errors
pg_ctl -D "C:\Program Files\PostgreSQL\9.1\data" status
if you get error 1063 , its more than likely permissions, i executed the following command
cacls "C:\Program Files\PostgreSQL\9.1\data" /E /T /C /G postgres:F
then reran the start/status, it showed everything fine, but still service manager would not start the service
So, in Services->postgresql->options->logon i set the log on as the Local system account instead of the postgres user, and voila it worked
this happened to me because i set my data directory to be somewhere the postgres windows user account didn't have access to.
I had this problem in Windows after a system crash. Running the first command showed invalid data in C:\Program Files\PostgreSQL\9.1\data\postmaster.pid. Deleting that file did the trick. Reference.
I faced the same issue after moving manually the database data files (PG_DATA directory) without recreating all the necessary permissions.
Here is how I solved my issue:
1. Check permissions on old PG_DATA directory:
cacls "c:\path\to\old\pgdata\dir"
2. Check permissions on new PG_DATA directory:
cacls "d:\path\to\NEW\pgdata\dir"
3. Compare outputs from 1. and 2.
Find the differences between users and/or permissions then synchronize them.
Nota: I found it easier to use explorer for the synchronization step rather than using cacls directly from the command line.
If you changed pg_hba.conf , maybe you missed somewhere in file. For example there must be CIDR after IP in that file. It must be like 192.168.1.100/32
If you forgot to put 32, then server doesnt restart.
Investigation of startup logs could be a clue. For the case problem is in the pg_hba.conf you could see something like this:
2018-11-13 00:39:34.841 PST [8284] FATAL: could not load pg_hba.conf
2018-11-13 00:39:34.842 PST [8284] LOG: database system is shut down
You need to check your logfiles and the windows eventlog for some hint of what the problem is. If there is nothing at all there, you need to break out something like Process Monitor and get a stacktrace of where it's hung.
I have had this issue in the past, and it was that the installer did not set up the permissions correctly for the user that the service was to run as.
I've also ran into this problem with postgresql throwing and error after trying to initialize the database cluster. After analyzing the log files and running command line scripts for 4 hours I've got the solution to anyone running into this problem for Windows Versions.
This is not a detailed description as to why its happening. I've installed odoo 10, 11, 12 and 13 numerous times on countless client servers and windows systems and this is the first time I've ever ran into this problem. I cant say if its because I have MS VS Enterprise installed and Android Studio on this machine or what. But Below is the easy answer on how to fix it and initialize the cluster and create the database files in the data folder.
Open the data folder for postgresql. - For Odoo installs it will normally be "C:\Program Files (x86)\Odoo 13.0\PostgreSQL" Unless you chose another location when installing.
Remove any or all files from this folder - If not you will get an error when running initdb.exe
Right click the data folder and open up the properties for it. Click on the Security tab and then click the advanced button on the bottom.
You need to change the owner of this folder to openpgsvc. Click Change and type in openpgsvc and click ok. Once done click the check box below saying that you want this change to affect containers with this container as well.
Then on the Permissions tab click the add button on the bottom. You need to add openpgsvc as a user and give this user full rights. Click apply and and ok to close out of all the folder properties.
Now you need to open cmd.exe - Once open we are going to call initdb.exe and pass some values to it as well.
First run chdir and change the working directory to the location of initdb.exe. For me, running odoo 13 on a windows 10 machine the location is this..
"C:\Program Files (x86)\Odoo 13.0\PostgreSQL\bin"
There is one variable that need to be passed as well to make this work here is the list. NEEDS TO BE INCLUDED IN THE CALL TO initdb.exe
Postgres Data Dir: "C:\Program Files (x86)\Odoo 13.0\PostgreSQL\data"
The End Result with the parameter would look like this for my installation:
"C:\Program Files (x86)\Odoo 13.0\PostgreSQL\bin\initdb.exe" -D "C:\Program Files (x86)\Odoo 13.0\PostgreSQL\data"
Hit Enter and let it rip. The output of this command should look like this below.
Cmd.exe running initdb.exe script
Make sure there is no buggy empty file Program at C:\ like C:\Program
In this case, explorer will warn whenever you log on into Windows.
File Name Warning
-----------------
There is a file or folder on your computer called "C:\Program" which
could cause certain applications to not function correctly. Renaming it
to "C:\Program1" would solve this problem. Would you like to rename
it now?
Installing PostgreSQL 10 On Windows 7 (yes the clock is ticking...). I first tried the latest version 11 which completely failed to install... not a good sign for Windows users. Anyway.
Quick answer: Change the account in the Windows Services panel from Network to Local.
Details of my case
During installation I created/selected a data folder in the user profile folder, because obviously the folder suggested by default, within the program folder, wouldn't work, and if it worked it would be a very idea to put data here (I don't know whether it's usual to do that on Unix/Linux, but for Windows it's it's not allowed for a long time).
At the end (when populating the data cluster) I received an error:
Failed to load SQL Modules into database Cluster
but the installation was able to complete. I found two pages about previous error, here and here, but they didn't seem relevant to my case, so I just started pgAdmin and, on the left "browser", saw the server wasn't active.
I tried to start it from here (had to type the main password), but it went inactive immediately again. So I tried to use the Windows services panel to start "postgresql-x64-10", no joy. I copied the command from this panel and pasted it into a Windows console (cmd.exe) where I finally received this
error 1063.
Searching I found this related question, and was convinced the problem was about permissions.
Solution working for my case
In the services panel I changed the account used to start the service from Network Service to Local System as suggested in a comment by #AlexanderRios.
sc create "postgresql-9.2" binPath= "\"C:/Program Files (x86)/PostgreSQL/9.2/bin/pg_ctl.exe\" runservice -N \"postgresql-9.2\" -D \"C:/Program Files (x86)/PostgreSQL/9.2/data\" -w" DisplayName= "postgresql-9.2" start= auto
Try this on CMD run as Administrator
(Add your parameters depend on your version)
Stop all postgres processes
Go to the postgres data folder (C:\Program Files\PostgreSQL\9.6\data)
Delete the postmaster.opts and postmaster.pid files
From the control panel, in administrative
tools and the services console start the postgres service
open pgAdmin III and then in right pane find server then just right click and connect, enter the password. after connected go to the browser and refresh ODOO. Problem solved.
See image to get better understanding
While I'm using PSEXEC.exe getting 'Access denied' error for remote systems.
Any idea about how to solve this?
Hi i am placing here a summary from many sources online for various solutions to "access is denied" :
most information can be found here (including requirements needed) - sysinternal help
as someone mentioned add this reg key, and then restart the computer :
reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\system
/v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1 /f
Read this knowledge base article to learn what this does and why it is
needed
Disable firewall (note - this will leave you with out any firewall
protection)
netsh advfirewall set allprofiles state off
if target user has a blank PW and you dont want to add one, run on target:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"LimitBlankPasswordUse"=dword:00000000
This didnt work for me, but i have read it did for others in a few places,
on target execute:
Start -> Run -> secpol.msc -> Local Policies -> Security Options -> Network Access: Sharing > and security model for local accounts > Classic – local users authenticate as themselves
if already in 'Classic':
move to "Guest only - .." run from elevated command prompt gpupdate \force
move back to 'Classic - .." again run from elevated command prompt gpupdate \force
This one solved my issue:
run on target from elevated command prompt "net use" look at ouput chart and for shares listed in remote column there (i only deleted the disconnected ones - you can try them all) run "net use [remote path from before list] /delete" then run 'net use \target\Admin$ /user:[user name]' enter prompt password request (if empty PW just press enter), viola should work.
I just solved an identical symptom, by creating the registry value HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\system\LocalAccountTokenFilterPolicy and setting it to 1. More details are available here.
This helped in my case:
cmdkey.exe /add:<targetname> /user:<username> /pass:<password>
psexec.exe \\<targetname> <remote_command>
PsExec has whatever access rights its launcher has. It runs under regular Windows access control. This means whoever launched PsExec (be it either you, the scheduler, a service etc.) does not have sufficient rights on the target machine, or the target machine is not configured correctly. The first things to do are:
Make sure the launcher of PsExec is familiar to the target machine, either via the domain or by having the same user and password defined locally on both machines.
Use command line arguments to specify a user that is known to the target machine (-u user -p password)
If this did not solve your problem, make sure the target machine meets the minimum requirements, specified here.
You can try the command
net use \\computername\ipc$ /user:adminname password
to get admin permissions on remote PC before use psexec.
I had the same problem. And after a hard work, I found a easy and full solution:
I use runas to run the script in a admin account
I use the -s parameter in psExec to run in a system account
Inside the PsExec, I login again with a admin account
You can use & to run multiples commands
Remember to replace [USERNAME], [PASSWORD], [COMPUTERNAME], [COMMAND1] and [COMMAND2] with the real values
The code looks like this:
runas /user:[USERNAME] "psexec -e -h -s -u [USERNAME] -p [PASSWORD] \\[COMPUTERNAME] cmd /C [COMMAND1] & [COMMAND2]"
If you whant to debug your script in the another machine, run the following template:
runas /user:[USERNAME] "psexec -i -e -h -s -u [USERNAME] -p [PASSWORD] \\[COMPUTERNAME] cmd /C [COMMAND1] & [COMMAND2] & pause"
Try setting this key on the target (remote) machine, and restart the machine:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
"LocalAccountTokenFilterPolicy"=dword:00000001
See: http://forum.sysinternals.com/topic10924.html and http://www.brandonmartinez.com/2013/04/24/resolve-access-is-denied-using-psexec-with-a-local-admin-account/
I just added "-с" parameter. It makes Psexec copy executable to remote machine. So it works without access errors.
I found Sophos kept placing psexec.exe into the Quarantine section. Once I authorized it, it ran fine.
I still use psexec, even on win 10. Replace the psexec.exe in the Windows 10's win32 folder with the older version to work -> I use version 2.11.0.0. The Windows 10 version I was using would only run .bat files as background/hidden process on the remote computer. Took a whole day to figure this out.
Adding the registry key from above to the remote computer helps as well:
reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\system /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1 /f
I found another reason PSEXEC (and other PS tools) fail - If something (...say, a virus or trojan) hides the Windows folder and/or its files, then PSEXEC will fail with an "Access is Denied" error, PSLIST will give the error "Processor performance object not found on " and you'll be left in the dark as to the reason.
You can RDP in; You can access the admin$ share; You can view the drive contents remotely, etc. etc., but there's no indication that file(s) or folder(s) being hidden is the reason.
I'll be posting this information on several pages that i was perusing yesterday while trying to determine the cause of this odd problem, so you might see this elsewhere verbatim - just thought I'd put the word out before anyone else pulled their hair out by the roots trying to understand why the performance counter has anything to do with PSEXEC running.
I had a case where AV was quarantining Psexec - had to disable On-access scanning
For anybody who may stumble upon this. There is a recent (Dec 2013) Security Update from Microsoft Windows on Windows 7 that is preventing remote execution.
See http://support.microsoft.com/kb/2893294/en-us
I uninstalled the Security Update by going to Control Panel\Programs\Programs and Features\Installed Updates
It worked right after that.
The following worked, but only after I upgraded PSEXEC to 2.1 from Microsoft.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
"LocalAccountTokenFilterPolicy"=dword:00000001 See:
http://forum.sysinternals.com/topic10924.html
I had a slightly older version that didn't work. I used it to do some USMT work via Dell kace, worked a treat :)
On Windows Server 2012 R2 I had trouble to run from user account
psexec -u administrator -p password \\machinename -h -s -d -accepteula cmd.exe
But it works fine if you run without parameters -h -s. That's why I use this to solve my trouble:
psexec -accepteula -u administrator -p password \\machinename %PathToLocalUtils%\psexec.exe -h -s -d cmd.exe
I couldn't get access to remote machines unless I had UAC disabled.
That has to be done locally, either from control panel or running the following through cmd:
reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f
While UAC is enabled, make sure you run cmd as administrator.
For a different command I decided to change the network from public to work.
After trying to use the psexec command again it worked again.
So to get psexec to work try to change your network type from public to work or home.
I tried a lot of way but I could not use psexec. It gives "Access denied". After I change the target user account type from Standard to Admin, I connected the machine via psexec.
I researched the reason why admin type account is required then I found this answer.
You can change target machine user account this way: Control Panel -> User Accounts -> Change Account Type. You must enter an admin account and password to change that account if you logged in standard account.
After that I logged in with this command: psexec \\remotepcname -u remoteusername -p remotepassword cmd
Tried all suggestions above, but still was unable to resolve the error. Finally once I made the below change, I could successfully run the PSexec command.
Turns out that when you have UAC enabled psexec does not work as supposed. We need to set HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA to 0 then psexec starts working as expected.