When trying to mount a Windows NTFS partition on Linux, I got the following error message
root@vmi552968:~# mount -t ntfs /dev/sda1 /mnt
The disk contains an unclean file system (0, 0).
Metadata kept in Windows cache, refused to mount.
Falling back to read-only mount because the NTFS partition is in an
unsafe state. Please resume and shutdown Windows fully (no hibernation
or fast restarting.)
Could not mount read-write, trying read-only
root@vmi552968:~#
This is because Windows Machine is not properly shutdown. If you don’t have access to properly shutdown, for example, you lost password for windows, you can use the “ntfsfix” command to fix the warning.
ntfsfix /dev/sda1
Example
root@vmi552968:~# ntfsfix /dev/sda1
Mounting volume... The disk contains an unclean file system (0, 0).
Metadata kept in Windows cache, refused to mount.
FAILED
Attempting to correct errors...
Processing $MFT and $MFTMirr...
Reading $MFT... OK
Reading $MFTMirr... OK
Comparing $MFTMirr to $MFT... OK
Processing of $MFT and $MFTMirr completed successfully.
Setting required flags on partition... OK
Going to empty the journal ($LogFile)... OK
Checking the alternate boot sector... OK
NTFS volume version is 3.1.
NTFS partition /dev/sda1 was processed successfully.
root@vmi552968:~# mount -t ntfs /dev/sda1 /mnt
root@vmi552968:~#
If you lost your windows user password, you can boot into Linux Live CD or Rescue CD and reset your Windows password as follows. Most VPS and dedicated server providers have the option to boot your server into rescue mode.
Go to the directory where Windows Password is stored
cd /mnt/Windows/System32/config
To list available users, run
chntpw -l SAM
To reset the password for a user, run
chntpw -u USER_NAME_HERE SAM
Select option 1
1 - Clear (blank) user password
This will set the Windows password for the user to blank.
Next select option 2.
2 - Unlock and enable user account [probably locked now]
It will change to
(2 - Unlock and enable user account) [seems unlocked already]
Select option q to quit.
q - Quit editing user, back to user select
It will ask you to save changes, press “y” to save.
root@vmi1255071:/mnt/Windows/System32/config# chntpw -u Administrator SAM
chntpw version 1.00 140201, (c) Petter N Hagen
Hive name (from header): <\SystemRoot\System32\Config\SAM>
ROOT KEY at offset: 0x001020 * Subkey indexing type is: 666c
File size 262144 [40000] bytes, containing 7 pages (+ 1 headerpage)
Used for data: 298/26896 blocks/bytes, unused: 16/1552 blocks/bytes.
================= USER EDIT ====================
RID : 0500 [01f4]
Username: Administrator
fullname:
comment : Built-in account for administering the computer/domain
homedir :
00000220 = Administrators (which has 1 members)
Account bits: 0x0010 =
[ ] Disabled | [ ] Homedir req. | [ ] Passwd not req. |
[ ] Temp. duplicate | [X] Normal account | [ ] NMS account |
[ ] Domain trust ac | [ ] Wks trust act. | [ ] Srv trust act |
[ ] Pwd don't expir | [ ] Auto lockout | [ ] (unknown 0x08) |
[ ] (unknown 0x10) | [ ] (unknown 0x20) | [ ] (unknown 0x40) |
Failed login count: 19, while max tries is: 0
Total login count: 15
** No NT MD4 hash found. This user probably has a BLANK password!
** No LANMAN hash found either. Try login with no password!
- - - - User Edit Menu:
1 - Clear (blank) user password
2 - Unlock and enable user account [probably locked now]
3 - Promote user (make user an administrator)
4 - Add user to a group
5 - Remove user from a group
q - Quit editing user, back to user select
Select: [q] > 1
Password cleared!
================= USER EDIT ====================
RID : 0500 [01f4]
Username: Administrator
fullname:
comment : Built-in account for administering the computer/domain
homedir :
00000220 = Administrators (which has 1 members)
Account bits: 0x0010 =
[ ] Disabled | [ ] Homedir req. | [ ] Passwd not req. |
[ ] Temp. duplicate | [X] Normal account | [ ] NMS account |
[ ] Domain trust ac | [ ] Wks trust act. | [ ] Srv trust act |
[ ] Pwd don't expir | [ ] Auto lockout | [ ] (unknown 0x08) |
[ ] (unknown 0x10) | [ ] (unknown 0x20) | [ ] (unknown 0x40) |
Failed login count: 19, while max tries is: 0
Total login count: 15
** No NT MD4 hash found. This user probably has a BLANK password!
** No LANMAN hash found either. Try login with no password!
- - - - User Edit Menu:
1 - Clear (blank) user password
2 - Unlock and enable user account [probably locked now]
3 - Promote user (make user an administrator)
4 - Add user to a group
5 - Remove user from a group
q - Quit editing user, back to user select
Select: [q] > 2
Unlocked!
================= USER EDIT ====================
RID : 0500 [01f4]
Username: Administrator
fullname:
comment : Built-in account for administering the computer/domain
homedir :
00000220 = Administrators (which has 1 members)
Account bits: 0x0210 =
[ ] Disabled | [ ] Homedir req. | [ ] Passwd not req. |
[ ] Temp. duplicate | [X] Normal account | [ ] NMS account |
[ ] Domain trust ac | [ ] Wks trust act. | [ ] Srv trust act |
[X] Pwd don't expir | [ ] Auto lockout | [ ] (unknown 0x08) |
[ ] (unknown 0x10) | [ ] (unknown 0x20) | [ ] (unknown 0x40) |
Failed login count: 0, while max tries is: 0
Total login count: 15
** No NT MD4 hash found. This user probably has a BLANK password!
** No LANMAN hash found either. Try login with no password!
- - - - User Edit Menu:
1 - Clear (blank) user password
(2 - Unlock and enable user account) [seems unlocked already]
3 - Promote user (make user an administrator)
4 - Add user to a group
5 - Remove user from a group
q - Quit editing user, back to user select
Select: [q] > q
Hives that have changed:
# Name
0
Write hive files? (y/n) [n] : y
0 - OK
root@vmi1255071:/mnt/Windows/System32/config#
Now you need to log in to the server using the console, it won’t ask for any password. Once logged in, you can set a password for the user. You can’t log in using RDP with a blank password.
After the password reset, “chntpw -l SAM” will look like the following
root@vmi1255071:/mnt/Windows/System32/config# chntpw -l SAM
chntpw version 1.00 140201, (c) Petter N Hagen
Hive name (from header): <\SystemRoot\System32\Config\SAM>
ROOT KEY at offset: 0x001020 * Subkey indexing type is: 666c
File size 262144 [40000] bytes, containing 7 pages (+ 1 headerpage)
Used for data: 298/26896 blocks/bytes, unused: 16/1552 blocks/bytes.
| RID -|---------- Username ------------| Admin? |- Lock? --|
| 01f4 | Administrator | ADMIN | *BLANK* |
| 01f5 | Guest | | dis/lock |
root@vmi1255071:/mnt/Windows/System32/config#
If you are using a Windows Server, you may need to backup your data as storage devices can fail at any time. It is better to have a backup instead of worrying about lost data. Here is some software that can help with protecting data on your windows servers.
Paragon Backup & Recovery
PARAGON Backup & Recovery Community Edition is free backup software for personal use. If you are using it for commercial use, you may need to get paid version of the software. This software makes an image of your HD & so you can quickly restore the complete system should the disk fail.
Cobian Backup is a file-backup program that can be used to make automatic backups for your directories and files. Cobian Backup can be run as a service or as a regular application. It can backup to some other location in the same computer, to the network and even to an FTP server. The program supports compression and encryption.
MS SQL Server does not allow remote connection by default. To enable MS SQL remote connection, you need to open port 1433 in the firewall. After the port is open, you need to enable TCP/IP protocol in MS SQL Server.
Start SQL Server Management Studio, take the property of the server
Enable SQL Server and Windows Authentication mode
Under Connections, allow Allow Remote Connections
Start SQL Configuration Manager.
Go to
SQL Configuration Manager > SQL Server Network Configuration > Protocols for MSSQL SERVER
Enable TCP/IP
Now you need to restart MS SQL server, after that, you should be able to connect to MS SQL server remotely.
PuTTY is a very lightweight SSH Client software for the Windows Operating system. Sometimes you need to back up and restore Putty sessions (saved SSH connections) to another computer. Putty stores its settings and SSH sessions in Windows Registry.
To restart IIS from command line, click on start, search for “cmd”, right click on “Command Prompt” select run as Administrator. On the command prompt, run
Windows Server 2008 R2 come with IIS 7.5, latest supported TLS version is 1.1. Recently Google Chrome starting showing sites using TLS 1.0 and 1.1 as insecure.
To fix this, create a file tls12-enable.reg with following content
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client]
"DisabledByDefault"=dword:00000000
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server]
"DisabledByDefault"=dword:00000000
"Enabled"=dword:00000001
Now run a command promt (cmd.exe) as Administrator. Go to the folder where tls12-enable.reg is saved, run
reg import tls12-enable.reg
Now reboot your server. Once server is back online, check if server is supporting TLS 1.2 using
LetsEncrypt provide Free SSL with 90 day validity. You need to renew it every 90 days, there are software to do this. For windows some of the popular software are.
win-acme
This is a small exe file, it have command line interface (No GUI). You need to run this program ad Administrator (Run as Administrator), then only it will setup Scheduled Tasks needed for auto SSL renew.
It support auto SSL install on IIS and have option for custom SSL install.
