six demon bag
Wind, fire, all that kind of thing!
Yesterday I came across a question on StackOverflow that turned out to be rather interesting. The person asking the question used code similar to the below snippet for validating user credentials:
$user = 'user' $pass = 'pass' $path = 'LDAP://' + ([ADSI]'').DistinguishedName New-Object DirectoryServices.DirectoryEntry ($path, $user, $pass)
which produces errors like this when the computer is not a member of a domain:
Posted 20:46 [permalink]
VSS writers are application-specific components for Microsoft's Volume Shadow Copy Service, which ensure the consistency of application data when a shadow copy is created. That's quite useful for creating consistent backups of a system. However, some of these writers go into error states more or less frequently. And Microsoft did not deem it necessary to document how to reset writers without rebooting the entire system (or at least I didn't manage to find that piece of information).
Posted 16:19 [permalink]
A while ago I had to take a couple hundred subnets (don't ask) of an Active Directory site in one domain and re-create them in another domain. Doing that manually would've been a real pain. But if you export the subnets to a file the list can easily be transferred to the other domain and imported there.
Posted 17:42 [permalink]
Normally when you add a member to an Active Directory group you'll simply use the
Add-GroupMember cmdlet from the
ActiveDirectory module. Except when you have to do it across domains/forests where the source domain is still running Windows Server 2008 (not R2). As in "no AD PowerShell cmdlets" and "no Active Directory Web Service (ADWS)". *sigh*
Posted 18:25 [permalink]
Sometimes when you try to change the PowerShell execution policy you'll get an error message that the setting was applied, but will be overridden by a setting in another scope:
Set-ExecutionPolicy : Windows PowerShell updated your execution policy successfully, but the setting is overridden by a policy defined at a more specific scope. Due to the override, your shell will retain its current effective execution policy of XXX. …
Execution policies can be defined in five different scopes, from
LocalMachine (least specific) to
MachinePolicy (most specific), where settings in more specific scopes take precedence over settings in less specific scopes. Use
Get-ExecutionPolicy -List to see which scope has which setting.
Posted 22:46 [permalink]
At work we're connecting to customer systems through a jump station. This creates the problem that for domain password changes on the customer systems I can't open the Windows Security dialog/screen via either Ctrl+Alt+Del (shows the one on the local computer) or Ctrl+Alt+End (shows the one on the jump station).
Posted 23:14 [permalink]
List DFS replication groups:
dfsradmin rg list
List replicated folders in a replication group:
dfsradmin rf list /rgname:<REPL_GROUP>
Posted 15:16 [permalink]
The VBScript language doesn't provide a feature for including other code files, so you can't easily build and import code libraries. However, the missing feature can be emulated using the
ExecuteGlobal statement in a custom
Posted 14:00 [permalink]
Although IBM doesn't officially support its TSM client on Linux distributions other than SLES and RHEL the client works quite nicely on Debian. With version 6.4 you need at least the following 4 packages on AMD64 systems:
Posted 00:46 [permalink]
For a customer project I had to create a couple dozen virtual machines on our Hyper-V cluster. The machines were to be installed via a 3rd party software deployment system (the customer doesn't use SCCM), so I had to assign static MAC addresses and enable PXE boot. The respective reservations on the DHCP server had to be created from the MAC addresses in a second step, because the customer domain is separated from the infrastructure domain.
Posted 11:09 [permalink]
I've been working on a project where I needed to migrate (clone actually, in order to maintain a fallback scenario) virtual machines from external (standalone) Hyper-V hosts to a Hyper-V cluster. The external hypervisors were not members of the same domain as the cluster nodes. The networks were separated by a firewall. A trust relationship between the domains was not desired.
System Center Virtual Machine Manager 2012 (SCVMM) supports this scenario, but there are several steps that must be performed to prepare for the migration.
Posted 20:03 [permalink]
When you inherit an existing (usually home-grown) Active Directory, it can be a real pain to figure out how the thing was actually configured by the previous admin(s). In a situation like that it's kinda nice to have a tool at hand that'll do the dirty work for you.
Of course there's pay-ware like ADscribe, but personally I find $99 kinda expensive for something you're going to use every other decade (or so). Microsoft's own Active Directory Topology Diagrammer is freeware (well, sort of, since it requires Visio), but it has to be installed, and the results weren't that convincing when I tried to run it from outside the target domain.
Posted 21:37 [permalink]
What is backscatter?
When mail servers accept mail and later discover that for some reason they are unable to actually deliver it, RFC 821 specifies that a Non-Delivery Notification (NDN, also known as "bounce") must be sent to the originator of the mail.
However, the "From" address can be spoofed most easily, so there is no guarantee whatsoever that the mail actually originated from that address. In case of a spoofed address, the NDN will be sent to someone who hadn't sent the original mail to begin with. These bounces going back to someone else but the original sender are called "backscatter".
Why is that a problem?
Because spammers tend to send their bulk e-mails to anything that looks even remotely like an e-mail address, the "To" addresses usually include lots of invalid addresses. Therefore spam-runs can cause massive waves of backscatter flooding the mailboxes of those people whose addresses were spoofed in the "From" field. However, it's not sensible to simply block all incoming bounces, because there are legitimate bounces as well.
Posted 22:41 [permalink]