Stoppt die Vorratsdatenspeicherung! Jetzt klicken & handeln!Willst du auch bei der Aktion teilnehmen? Hier findest du alle relevanten Infos und Materialien:

six demon bag

Wind, fire, all that kind of thing!

2015-06-14

Querying DB2 Backups in TSM Fails with Return Code 106

On one of my servers a query for DB2 backups in TSM (db2adutl query full db DBNAME) failed with the following error:

Error: Initialize environment failed with TSM return code 106

As per dsmrc.h return code 106 indicates a permission problem:

#define DSM_RC_ACCESS_DENIED       106 /* denied due to improper permission */

which was weird, since the user in question is a member of the DB2ADMNS group that is supposed to have all required permissions.

See more ...

Posted 23:40 [permalink]

2015-01-18

Adding Group Members Across Domains

Normally when you add a member to an Active Directory group you'll simply use the Add-GroupMember cmdlet from the ActiveDirectory module. Except when you have to do it across domains/forests where the source domain is still running Windows Server 2008 (not R2). As in "no AD PowerShell cmdlets" and "no Active Directory Web Service (ADWS)". *sigh*

See more ...

Posted 18:25 [permalink]

2015-01-05

PowerShell Execution Policy Scopes

Sometimes when you try to change the PowerShell execution policy you'll get an error message that the setting was applied, but will be overridden by a setting in another scope:

Set-ExecutionPolicy : Windows PowerShell updated your execution policy successfully, but the setting is overridden by a policy defined at a more specific scope. Due to the override, your shell will retain its current effective execution policy of XXX. …

Execution policies can be defined in five different scopes, from LocalMachine (least specific) to MachinePolicy (most specific), where settings in more specific scopes take precedence over settings in less specific scopes. Use Get-ExecutionPolicy -List to see which scope has which setting.

See more ...

Posted 22:46 [permalink]

2014-02-16

Check the Last User Logon

As a system administrator you're sometimes tasked with finding out who the last person logged into a particular computer was, or when a particular person was last logged in on some computer(s).

Windows records this information in the Security eventlog when you enable auditing account logon events.

See more ...

Posted 16:03 [permalink]

2013-12-11

Some Useful DFS Commands

List DFS replication groups:

dfsradmin rg list

List replicated folders in a replication group:

dfsradmin rf list /rgname:<REPL_GROUP>

See more ...

Posted 15:16 [permalink]

2013-02-07

Auditing Windows File ACLs

Sometimes you run into a situation where you need to determine the permissions on some directory tree. Be it to document or clean up permissions on the subdirectories of a share, to troubleshoot permission issues due to deleted accounts or groups, or whatever. Manually analyzing permissions is quite tedious, even when using standard tools like cacls or xcacls. The output of XCACLS.vbs isn't any better, but since it's a script, I considered modifying it to suit my needs … until I took an actual look at the script. I abondoned the thought afterwards.

See more ...

Posted 20:14 [permalink]

2012-11-17

Importing VMs From external Hyper-V Hosts

I've been working on a project where I needed to migrate (clone actually, in order to maintain a fallback scenario) virtual machines from external (standalone) Hyper-V hosts to a Hyper-V cluster. The external hypervisors were not members of the same domain as the cluster nodes. The networks were separated by a firewall. A trust relationship between the domains was not desired.

System Center Virtual Machine Manager 2012 (SCVMM) supports this scenario, but there are several steps that must be performed to prepare for the migration.

See more ...

Posted 20:03 [permalink]

2010-05-30

Backscatter protection

What is backscatter?

When mail servers accept mail and later discover that for some reason they are unable to actually deliver it, RFC 821 specifies that a Non-Delivery Notification (NDN, also known as "bounce") must be sent to the originator of the mail.

However, the "From" address can be spoofed most easily, so there is no guarantee whatsoever that the mail actually originated from that address. In case of a spoofed address, the NDN will be sent to someone who hadn't sent the original mail to begin with. These bounces going back to someone else but the original sender are called "backscatter".

Why is that a problem?

Because spammers tend to send their bulk e-mails to anything that looks even remotely like an e-mail address, the "To" addresses usually include lots of invalid addresses. Therefore spam-runs can cause massive waves of backscatter flooding the mailboxes of those people whose addresses were spoofed in the "From" field. However, it's not sensible to simply block all incoming bounces, because there are legitimate bounces as well.

See more ...

Posted 22:41 [permalink]

2008-12-21

3D Simulation

Back in college, one of my software engineering classes was a project to develop a simple 3D engine without resorting to existing 3D routines. The implementation of my group was done in Java, because that way it was rather easy to implement the GUI, and the requirements were simple enough to be met by contemporary hardware. It's probably not really helpful to anyone, but it was fun to do, so I'm posting it anyway.

Run simulation
Project report (PDF, 307 kB, in German language)
Source code (Zip archive, 293 kB)

Posted 18:47 [permalink]