Page Comparison

Section

id	803643140

Section

id	803643151

Section

background-color	$lightGrayColor
id	803643139

Having trouble with your upgrade? Here are some solutions to common issues.

Table of Contents

maxLevel	3
minLevel	3

Section

id	803643141

Scheduler Not Running

Windows:

To test Windows Scheduler, run this command:

Code Block

theme	Midnight
firstline	1
linenumbers	true

Get-ScheduledTask -taskname SUPERVISOR_TASKS

Output Examples:

Task is enabled. This is a good state.

Code Block

theme	Midnight
firstline	1
linenumbers	true

C:\Users\Administrator> Get-ScheduledTask -taskname SUPERVISOR_TASKS

    TaskPath                                       TaskName                          State
    --------                                       --------                          -----
    \Armor Defense\                                SUPERVISOR_TASKS                  Ready

Task is disabled. This is a bad state.

Code Block

theme	Midnight
firstline	1
linenumbers	true

C:\Users\Administrator> Get-ScheduledTask -taskname SUPERVISOR_TASKS

    TaskPath                                       TaskName                          State
    --------                                       --------                          -----
    \Armor Defense\                                SUPERVISOR_TASKS                  Disabled

Task is missing. This is also a bad state.

Code Block

theme	Midnight
firstline	1
linenumbers	true

C:\Users\Administrator> Get-ScheduledTask -taskname SUPERVISOR_TASKS
    Get-ScheduledTask : No MSFT_ScheduledTask objects found with property 'TaskName' equal to 'SUPERVISOR_TASKS'.  Verify
    the value of the property and retry.
    At line:1 char:1
    + Get-ScheduledTask -taskname SUPERVISOR_TASKS
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : ObjectNotFound: (SUPERVISOR_TASKS:String) [Get-ScheduledTask], CimJobException
        + FullyQualifiedErrorId : CmdletizationQuery_NotFound_TaskName,Get-ScheduledTask

For bad states. Run this script.

Code Block

theme	Midnight
firstline	1
linenumbers	true

    $start = "00:{0}" -f [datetime]::Now.AddMinutes((3 + 15)).Minute.ToString("00");
    $interval = 15;
    $schedule = "MINUTE";
    $user = "NT AUTHORITY\SYSTEM";
    $taskName = "\Armor Defense\SUPERVISOR_TASKS";
    $taskRun = "c:\.armor\opt\armor-supervisor.exe get-tasks";
    $arguments = "/create /f /sc `"${schedule}`" /tn `"${taskName}`" /tr `"${taskRun}`" /np /st `"${start}`" /mo `"$interval`" /k /ru `"${user}`"";
    Start-Process -FilePath "schtasks.exe" -ArgumentList $arguments

Example:

Code Block

theme	Midnight
firstline	1
linenumbers	true

C:\Users\Administrator> $start = "00:{0}" -f [datetime]::Now.AddMinutes((3 + 15)).Minute.ToString("00");
C:\Users\Administrator> $interval = 15;
C:\Users\Administrator> $schedule = "MINUTE";
C:\Users\Administrator> $user = "NT AUTHORITY\SYSTEM";
C:\Users\Administrator> $taskName = "\Armor Defense\SUPERVISOR_TASKS";
C:\Users\Administrator> $taskRun = "c:\.armor\opt\armor-supervisor.exe get-tasks";
C:\Users\Administrator> $arguments = "/create /f /sc `"${schedule}`" /tn `"${taskName}`" /tr `"${taskRun}`" /np /st `"${start}`" /mo `"$interval`" /k /ru `"${user}`"";
C:\Users\Administrator> Start-Process -FilePath "schtasks.exe" -ArgumentList $arguments
C:\Users\Administrator> Get-ScheduledTask -taskname SUPERVISOR_TASKS

    TaskPath                                       TaskName                          State
    --------                                       --------                          -----
    \Armor Defense\                                SUPERVISOR_TASKS                  Ready

Linux:

Verify job exists in /etc/cron.d/armor-job-SUPERVISOR_TASKS

If not, run this script:

Code Block

theme	Midnight
firstline	1

SEED=$(( $RANDOM % 14 ))
CRON_EXPRESSION="${SEED},$((${SEED} + 15)),$((${SEED} + 30)),$((${SEED} + 45))"
CRON_FILE=/etc/cron.d/armor-job-SUPERVISOR_TASKS
echo -e "${CRON_EXPRESSION} * * * *\troot\t/opt/armor/armor-supervisor get-tasks" > ${CRON_FILE}

Output Examples:

Task is enabled. This is a good state.

Code Block

theme	Midnight
firstline	1
linenumbers	true

[root@myhost ~]# cat /etc/cron.d/armor-job-SUPERVISOR_TASKS
0,15,30,45 * * * * root /opt/armor/armor-supervisor get-tasks

Task is missing. This is a bad state.

Code Block

theme	Midnight
firstline	1
linenumbers	true

[root@myhost ~]# cat /etc/cron.d/armor-job-SUPERVISOR_TASKS
cat: /etc/cron.d/armor-job-SUPERVISOR_TASKS: No such file or directory
[root@myhost ~]#

Script. This will re-add the cron job.

Code Block

theme	Midnight
firstline	1
linenumbers	true

[root@myhost ~]# SEED=$(( $RANDOM % 14 ))
[root@myhost ~]# CRON_EXPRESSION="${SEED},$((${SEED} + 15)),$((${SEED} + 30)),$((${SEED} + 45))"
[root@myhost ~]# CRON_FILE=/etc/cron.d/armor-job-SUPERVISOR_TASKS
[root@myhost ~]# echo -e "${CRON_EXPRESSION} * * * *\troot\t/opt/armor/armor-supervisor get-tasks" > ${CRON_FILE}
[root@myhost ~]# cat /etc/cron.d/armor-job-SUPERVISOR_TASKS
8,23,38,53 * * * * root /opt/armor/armor-supervisor get-tasks

Grep cron log. This is a good state.

Code Block

theme	Midnight
firstline	1
linenumbers	true

[root@myhost ~]# grep "FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)" /var/log/cron

Grep cron log. This is a bad state. See commands for unexpiring.

Code Block

theme	Midnight
firstline	1
linenumbers	true

[root@myhost ~]# grep "FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)" /var/log/cron
Aug 12 23:00:00 myhost crond[9594]: (root) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)

Commands to check expired password. Good state.

Code Block

theme	Midnight
firstline	1
linenumbers	true

[root@myhost ~]# chage -l root
Last password change : Aug 17, 2020
Password expires : never
Password inactive : never
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 7

Commands to check expired password. Bad state. Reset password.

Code Block

theme	Midnight
firstline	1
linenumbers	true

[root@myhost ~]# chage -l root
Last password change : password must be changed
Password expires : password must be changed
Password inactive : password must be changed
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 7

Passwd reset

Code Block

theme	Midnight
firstline	1
linenumbers	true

[root@myhost ~]# passwd root
Changing password for user root.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.

Connectivity/Firewall

Ensure that your firewalls are opened to the hosts as noted in Firewall Rules section of the Pre-Installation guide.

Windows Test Connectivity

IP address and port for these commands will need to be entered and are found in the Firewall Rules section of the Pre-Installation guide.

Code Block

theme	Midnight
firstline	1

(New-Object System.Net.Sockets.TCPClient).BeginConnect("IP_ADDRESS",PORT,$null,$null).AsyncWaitHandle.WaitOne(1000,$false);

Windows connectivity test output should return a value of "true."
Windows connectivity test should not return a value of "false."
- If test returns "false," investigate firewall blockages.

Examples:

This is the command run and value returned when there is connectivity to the service.

Code Block

theme	Midnight
firstline	1
linenumbers	true

C:\Users\Administrator> (New-Object System.Net.Sockets.TCPClient).BeginConnect("8.8.8.8",443,$null,$null).AsyncWaitHandle.WaitOne(1000,$false);
True

This is the command run and value returned when there is no connectivity to the service and your firewalls need to be checked for blockages.

Code Block

theme	Midnight
firstline	1
linenumbers	true

C:\Users\Administrator> (New-Object System.Net.Sockets.TCPClient).BeginConnect("8.8.8.8",442,$null,$null).AsyncWaitHandle.WaitOne(1000,$false);
False

Linux Test Connectivity

IP address and port for these commands will need to be entered and are found in the Firewall Rules section of the Pre-Installation guide.

Code Block

theme	Midnight
firstline	1

timeout 5 bash -c "cat < /dev/null > /dev/tcp/IP_ADDRESS/PORT" && echo $?

Linux connectivity test output should return a value of "0."
- If test returns anything other than "0," investigate firewall blockages.

Examples:

This is the command run and value returned when there is connectivity to the service.

Code Block

theme	Midnight
firstline	1
linenumbers	true

root@myhost:~# timeout 5 bash -c "cat < /dev/null > /dev/tcp/8.8.8.8/443" && echo $?
0

This is the command run and value returned when there is no connectivity to the service and your firewalls need to be checked for blockages.

Code Block

theme	Midnight
firstline	1
linenumbers	true

root@myhost:~# timeout 5 bash -c "cat < /dev/null > /dev/tcp/8.8.8.8/442" && echo $?
124

Powershell Version

Following Microsoft's documentation, upgrade to at least PowerShell version 5.

You can get PowerShell version 5 from the Microsoft.

No TLS 1.2

You can follow this Microsoft KB in order to enable TLS 1.2.

Versions Compared

Old Version 23

New Version 24

Key

Scheduler Not Running

Connectivity/Firewall

Windows Test Connectivity

Linux Test Connectivity

Powershell Version

No TLS 1.2