Product:
Microsoft Windows 2022 server

Issue:

List users who have access to a folder from script?

Solution:

Start a powershell window and enter something like this:

$path = "C:\Your\Folder\Path"
(Get-Acl $path).Access |
    Select-Object IdentityReference, FileSystemRights, AccessControlType, IsInherited |
    Format-Table -AutoSize

Product:
FileBeat 8.19.3

Microsoft Windows 2022 server

Issue:

Have installed filebeat service in windows, to collect logs files to elastic, but it does not read any files. And when i try to stop the services it hangs.

After you stop the filebeat service with Task Manager, you need to erase the lock file in folder C:\ProgramData\filebeat\ to make it to read the yml file at next start of the service.

Solution:

Check the filebeat.yml file. The JSON format is sensitive to spaces and other formats.

In this case there was a row:
ignore_older: ‘7d’
that made the filebeat service to stop.

It only supports minutes and hours, so you need to enter like this:
ignore_older: ‘168h’

The ignore_older: ‘168h’ function will check the timestamp of the file, and not read files that was created more than 7 days ago.

The filebeat.yml file is in folder C:\Program Files\Filebeat on windows.

Below a example of a filebeat.yml file for use with TM1 logs files – you need to add spaces in the beginning of every line to get it to work.

# ============================== Filebeat inputs ===============================
filebeat.inputs:
- type: filestream
id: tm1server
enabled: true

paths:
- D:/TM1 folder/Logs/tm1server.log
fields_under_root: true
fields:
event:
dataset: audit.plain

- type: filestream
id: tm1s2
enabled: true
ignore_older: '168h'
paths:
- D:/TM1 folder/Logs/tm1s2*.log
exclude_lines:
- '^#'
include_lines:
- 'AD'
fields_under_root: true
fields:
event:
dataset: audit.plain

# ---------------------- beats state ----------------------
- type: filestream
id: beats-logs
enabled: true
paths:
- C:/ProgramData/filebeat/logs/filebeat*.ndjson
include_lines:
- 'Non-zero metrics in the last 30s'
fields_under_root: true
fields:
event:
dataset: beats.state
processors:
- dissect:
tokenizer: '%{}"@timestamp":"%{event.start}"'
field: message
target_prefix: ""
ignore_failure: true
setup.template.settings:
index.number_of_shards: 1
fields:
system:
env: prod
id: SystemTM1
fields_under_root: true
max_procs: 1
processors:
- add_host_metadata:
when.not.contains.tags: forwarded
- add_cloud_metadata: ~
output.logstash:
hosts: ["elasticservername.domain.com:9999"]
ssl.enabled: true
ttl: 5m
pipelining: 0

More Information:

Filebeat sends log files to Logstash or directly to Elasticsearch.

## Getting Started

To get started with Filebeat, you need to set up Elasticsearch on
your localhost first. After that, start Filebeat with:

./filebeat -c filebeat.yml -e

This will start Filebeat and send the data to your Elasticsearch
instance. To load the dashboards for Filebeat into Kibana, run:

./filebeat setup -e

For further steps visit the (https://www.elastic.co/guide/en/beats/filebeat/8.19/filebeat-installation-configuration.html) guide.

## Documentation

Visit (https://www.elastic.co/guide/en/beats/filebeat/8.19/index.html) for the full Filebeat documentation.

## Release notes

https://www.elastic.co/guide/en/beats/libbeat/8.19/release-notes-8.19.3.html

https://www.elastic.co/beats/filebeat

https://www.elastic.co/downloads/beats/filebeat

https://github.com/elastic/beats

Product:

Microsoft Power Bi dataflow

Issue:

Get a error on all dataflow, Error: An authentication problem is preventing the dataflow from being refreshed. Please have the owner of the dataflow sign out of Power BI and sign back in and try again.

or error message like  {“code”:”DMTS_OAuthTokenRefreshFailedError”,”details”:[{“code”:”DM_ErrorDetailNameCode_UnderlyingErrorMessage”,”detail”:{“type”:1,”value”:”AADSTS135010: UserPrincipal doesn’t have the key ID configured} from the dataset that use the dataflow.

Can happen if you change you windows pincode login from microsoft, and use the same account to run the dataflow with.

Solution:

Go to the dataflow in your workspace in https://app.powerbi.com/

Go to settings

Click on data source credentials

Click on edit credentials

If the value is correct, click Sign in without a change.

Confirm the login question you will get, from you company.

Go to the workspace.

Try to refresh the dataflow again.

More information:

• Re-authenticate Dataflow Credentials: The dataflow owner should go to the Power BI Service, locate the dataflow, go to Settings > Data source credentials, and click “Edit credentials” to re-authenticate.
• Sign Out/In: Sign out of app.powerbi.com completely, clear your browser cache/cookies, and sign back in to refresh token authentication.
• Check Data Source: If using a Gateway, ensure the credentials in the gateway settings are valid.
• Verify Permissions: Ensure the user who created the dataflow still has permissions to the underlying data sources (SQL, SharePoint, etc.).

https://www.fourmoo.com/2019/02/13/why-is-my-powerbi-dataflow-refresh-failing/ 

Product:

Power BI Dataflow

Issue:

After user account is changed (owner), the dataflow is not updated.  (this is only when you use a Power BI gateway to access SQL database on prem.)

Solution:

You have on the dataflow gone to settings, and change the owner to a other person. (by press the Take Over button)

On the dataflow tab go to EDIT

Click EDIT on one table.

You get a error message, that it can not contact SQL server.

Click on OPTIONS icon.

Click on project and data load, and change the data gateway to one in the dropdown list.

Click OK.

Now the table should be refreshed automatic, and you can save and close the dataflow.

More Information:

https://learn.microsoft.com/en-us/power-bi/transform-model/dataflows/dataflows-configure-consume

https://learn.microsoft.com/en-us/power-query/dataflows/data-sources?tabs=power-bi-service

https://data-marc.com/2022/08/02/what-you-must-know-when-building-power-bi-dataflows-routing-over-the-on-premises-data-gateway/ 

Product:

Power BI Workspace and dataflow

Issue:

New created Dataflow does not show up in PowerBi Desktop – when updating a connection.

Suggest solution:

The user credentials is not “refreshed” – you can not see the dataflow or you see the dataflow as a unique number only, instead of the name.

Go into PowerBI desktop – start Transform data.

Click on Data Source Settings.

See that dataflows are selected.
Click on Clear Permissions. Click OK to confirm.

Click on Edit Permissions.

Click on Edit button to login again against your company (active directory)

Click Save.

Click OK.

More information:

https://learn.microsoft.com/en-us/power-bi/connect-data/refresh-data

https://guide.streambim.com/hc/en-us/articles/11493683018140-Data-Sources-Credentials-and-Automatic-Refresh-in-Power-BI

https://www.activityinfo.org/support/docs/integrations/powerquery/updating-your-credentials-in-power-bi.html

Product:

Microsoft Windows 10

Issue:
What anti-virus software should i use on my old laptop?

Suggested solution:

Windows Defender is good, but when there are no more updates, you can consider to use a separate Anti-Virus software product.

You have to yourself decide what to use (and if you need it) as the software market for anti-virus program is lucrative, program that was good for 10 years ago is maybe not the best today.

Consider:

1. Is the software easy to understand for me? Can i setup schedule scans in a easy way?
2. What is the price the second year? Most software will give you a 50% discount the first year. Check if you can get a family price for 3-5 computers. Review sites have often links to good offers.
3. Does the software take a lot of CPU when running or does it do the scan in the “cloud” ?  Check more than one review to see if the program will slow down your PC.
4. Check more than one review of the software – most top teen listings are only trying to sell you a special anti-virus software where they get most money from.
5. Do you trust the company behind the program?  Check WIKI pages about what country the software comes from.

https://en.wikipedia.org/wiki/Malwarebytes 

https://en.wikipedia.org/wiki/VIPRE

https://en.wikipedia.org/wiki/Bitdefender

https://en.wikipedia.org/wiki/ZoneAlarm

As of January 2006, ZoneAlarm was reportedly^[6] sending data to the company’s servers in a covert fashion. A developer dismissed allegations that ZoneAlarm was spying on its clients, saying that it was an issue related to software updates and that it would be fixed.^[7]

In December 2007, a browser toolbar was shipped with ZoneAlarm as an opt-out, which was not well received.^[8] This was removed in later versions of the software.

On September 2, 2010, the free version of ZoneAlarm started showing a “Global Virus Alert” popup as a scareware tactic to get users to switch to their paid security suite.^[9] The popup was turned off by ZoneAlarm marketing team after an uproar from disgruntled users, many of whom uninstalled the software.^[10][11]

These program have a free version (that you can test):

https://www.bitdefender.com/en-us/consumer/free-antivirus 

https://www.malwarebytes.com/solutions/virus-scanner 

https://www.zonealarm.com/software/free-antivirus

the free version is maybe not the same program as the full version of the program. Check what engine is inside the anti-virus program.

You can also try the more expensive ones:

https://vipre.com/home/vipre-antivirus-plus/ 

https://www.gdatasoftware.com/antivirus-windows

We tested the Bitdefender windows version on Windows 10.

We run a deep scan, and it found things in old TM1 files, version 2.1.5, Trojan.GenericKD is Windows-only malware, as far as I know, so it’s highly likely that these detection’s are false positives, as it looks like many anti-virus software can find them in different files.

If there where issues, this are solved now. IBM sends out updates regularly. We checked the latest version PAL 2.1.14, and there where no issues there.

https://www.ibm.com/support/pages/node/7246602 

https://www.ibm.com/support/pages/security-bulletin-ibm-planning-analytics-workspace-affected-vulnerabilities 

(It looks like the Bit-defender can not scan ZIP files larger than 2 GB)

We upgrade Bitdefender to PLUS version in hope the firewall should be part of that deal.

But firewall was not part of the PLUS version. We got the VPN function, but you can not choose what country you will be using. We need to upgrade again to get firewall…

The company change the offering every year, so the package you have the first year may be something different the next year. If you stop your automatic subscription, then the bitdefender program stops working when the subscription ends. Malwarebytes have a different solution.

Passwords manager is better to use separate program like:

https://keepass.info/ 

https://bitwarden.com/pricing/

https://en.wikipedia.org/wiki/KeePass 

More information:

https://en.wikipedia.org/wiki/Antivirus_software 

https://www.bitdefender.com/consumer/support/answer/106172/ 

https://www.bitdefender.com/pages/consumer/se/new/cl-offer-premium-dlp?irclickid=QTEWqQW9ixycTh7zFWyZ4WU4Ukpy7-3HHW8nTc0&im_rewards=&irgwc=1&MPid=1271102&cid=aff%7Cc%7CIR%7CSafetyDetectives&locale=sv-SE&vcampaign=NDLP25V2 

https://www.bitdefender.com/consumer/support/prevention/ 

Before you decide, search the internet for zonealarm issues…

Product:

Microsoft Power BI service
Issue:

When click on refresh for a dataset (sematic model) in https://app.powerbi.com/ you get a error like:

Data source error: {“error”:{“code”:”DMTS_OAuthTokenRefreshFailedError”,”pbi.error”:{“code”:”DMTS_OAuthTokenRefreshFailedError”,”details”:[{“code”:”DM_ErrorDetailNameCode_UnderlyingErrorMessage”,”detail”:{“type”:1,”value”:”AADSTS700082: The refresh token has expired due to inactivity. The token was issued on 2024-11-19T10:55:36.9381120Z and was inactive for 90.00:00:00.

Solution:

Wait and try again later or go into your PowerBI report and update all credentials to different data sources you have used in your report.

In the dataset – go to settings – take over as owner –  go to data source credentials

click on edit the credentials and update with your account information. This should refresh the token.

This issue can happen when the OAuth refresh token used by Power BI Service to authenticate with the data source has expired. The error message shows that your token has been inactive for 90 days, which is the default expiration period for Azure Active Directory (AAD) refresh tokens.

Here are a few suggestions you can check:

1. Re-authenticate the Data Source in Power BI Service

• Go to Power BI Service (app.powerbi.com).
• Navigate to Settings > Manage Connections and Gateways.
• Locate the data source for your dataset.
• Click Edit Credentials and sign in again using your credentials.
• Choose the correct authentication method (usually OAuth2 for Analysis Services).
• Save and retry the refresh.

2. Check and Update Permissions

• If your credentials were updated or your permissions changed, you may need to reassign them.
• Ensure that your account has read permissions on the Analysis Services data source.
• If your organization uses Conditional Access Policies, check with your IT team to ensure Power BI can maintain an active connection.

3. Remove and Reconnect the Dataset

• If the issue persists, try removing the dataset from Power BI Service and republishing it from Power BI Desktop.

4. Ensure Your Token Doesn’t Expire Again

• If you’re using service accounts, consider setting up a refresh schedule to keep the token active.
• Work with your IT admin to adjust AAD token lifetime policies to extend the refresh token validity.

5. Try a Personal Gateway (If Applicable)

• If you’re using a Personal Mode gateway, restarting or reinstalling it might help.

More Information:

https://learn.microsoft.com/en-us/power-bi/connect-data/refresh-troubleshooting-refresh-scenarios 

https://www.c-sharpcorner.com/article/how-to-handle-power-bi-data-refresh-error-refresh-token-expired/

https://www.vuepilot.com/support/article/microsoft-power-bi-authentication-information/ 

https://www.beringer.net/beringerblog/power-automate-connection-reference-failures/ 

Product:

Microsoft Azure Blob Storage

Issue:

When you run ETL script to send files to your BLOB storage you get a error like this:

HTTP Status Code: 403 HTTP Reason Phrase: Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.

Signature not valid in the specified time frame:

Possible Solution:

Please check if the SAS KEY you use in your script have expired.

Create a new SAS KEY and insert that in your script to upload files, to solve the issue.

More Information:

https://learn.microsoft.com/en-us/azure/storage/common/storage-sas-overview 

https://learn.microsoft.com/en-us/azure/storage/common/storage-account-keys-manage?tabs=azure-portal

https://markheath.net/post/upload-azure-blob-storage-sas

https://community.boomi.com/s/article/How-to-Create-a-Azure-Blob-Shared-Access-Signature-Token

Product:

Microsoft SQL server 2022

Issue:

When on the server try to login with a SQL account in SSMS you get a error:

TITLE: Connect to Server
ADDITIONAL INFORMATION:

A connection was successfully established with the server, but then an error occurred during the login process. (provider: SSL Provider, error: 0 – The certificate chain was issued by an authority that is not trusted.) (Microsoft SQL Server, Error: -2146893019)

For help, click: https://docs.microsoft.com/sql/relational-databases/errors-events/mssqlserver–2146893019-database-engine-error

The certificate chain was issued by an authority that is not trusted

Solution:

Mark Trust Server Certificate and click connect.

More Information:

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0109476

https://blog.netnerds.net/2023/03/new-defaults-for-sql-server-connections-encryption-trust-certificate/

https://www.mssqltips.com/sqlservertip/3299/how-to-configure-ssl-encryption-in-sql-server/

https://help.akana.com/content/current/sp/platform_install/install_db_mssql.htm

How to Use a Query to Check an SSL Certificate in SQL Server

Product:

Microsoft SQL azure

Issue:

In a view, we want to exclude all text in column “konto” after character ” – ”

Solution:

In the select statement use something like this:

IIF (SUBSTRING ([Konto],1, CHARINDEX (' - ',[Konto])) ='', [Konto] ,SUBSTRING ([Konto],1, CHARINDEX (' - ',[Konto]))) as [Konto]

Substring extract text in column konto from first position to where we find the – character, this position is given with charindex, and then we check if the result is empty. In case the string does not contain a -, then we get a empty value. Then we show the orginal value – otherwise we show the substring without all text after – in the field.

SUBSTRING(string, start, length)

CHARINDEX(substring, string, start)

IIF(condition, value_if_true, value_if_false)

More Information:

SUBSTRING, PATINDEX and CHARINDEX string functions in SQL queries

https://www.w3schools.com/sql/sql_isnull.asp

https://www.geeksforgeeks.org/sql/sql-statement-to-remove-part-of-a-string/

https://help.zebrabi.com/kb/power-bi/sort-a-hierarchy-by-custom-sort-logic/

https://www.w3schools.com/sql/func_sqlserver_substring.asp

https://www.w3schools.com/sql/func_sqlserver_iif.asp