!NSFW

Find locked AD user accounts

admin — Tue, 19 Apr 2011 18:58:21 +0000

To get a quick list of users in AD whose accounts are locked, you can use Quest Software’s free ActiveRoles Management Shell for Active Directory PS-Snapin. This snap-in simplifies a lot of the AD related functions through Powershell, finding locked user accounts is just one of them.

get-QADUser -Locked

extract & untar

admin — Thu, 03 Mar 2011 23:17:10 +0000

This is a one step command to extract and untar a tar.gz file.

tar zxvf filename.tar.gz

z = Gunzip(uncompress) it before extracting, used on file ending in .tar.gz or .tgz
x = Extract the contents of the TAR file
v = Verbose – display contents as it is tarring or extracting
f = Filename to follow

Note: If the file does not have “.gz” extension that means its already uncompressed and one has to just extract it using “tar xvf” command.

This is a two step command to extract and untar the file.

gunzip filename.tar.gz

tar xvf filename.tar

SSH tunnels

admin — Thu, 03 Feb 2011 19:24:58 +0000

Everyone knows you can use SSH to tunnel traffic through a remote host running an SSH server. This can allow you to use the web, for instance, as if you were at that remote host. You do this by creating a SOCKS proxy and then setting your local browser to use this proxy.

$ssh -D 8888 username@remotesshserver

This command tells your machine to create a tunnel to the remote ssh server and create a proxy on your local machine at port 8888 for you to use.

Now all you need to do is configure your browser to use this proxy.

Server: localhost or 127.0.0.1 Port: 8888

Although using this proxy through firefox will secure your web traffic, it will not hide your DNS queries. With SOCKS 5 in Firefox you can specify which side of the proxy handles DNS lookups. This can be done by setting network.proxy.socks_remote_dns = true in about:config.

Anatomy of an ISDN call

admin — Wed, 02 Feb 2011 17:02:16 +0000

This is high-level overview of an ISDN call.

Call Setup

993697mS ISDNL3Tx: v=0 peb=5
            ISDN Layer3 Pcol=08(Q931) Reflen=2 ref=0011(Remote)
            Message Type = Setup
                InformationElement = BearerCapability
             0000 04 03 80 90 a2
                InformationElement = CHI
             0000 18 03 a9 83 97
            InformationElement = CallingPartyNumber
             0000 6c 0c 00 80 33 30 33 35 35 35 31 32 30 34
                InformationElement = CalledPartyNumber
             0000 70 0b 80 37 32 30 34 34 34 35 32 33 37

Call Handling Information

993737mS ISDNL3Rx: v=0 peb=5
            ISDN Layer3 Pcol=08(Q931) Reflen=2 ref=0011(Local)
            Message Type = CallProceeding
                InformationElement = CHI
            0000 18 03 a9 83 97= use B channel 23

Phone rings on the other side

993746mS ISDNL3Rx: v=0 peb=5
            ISDN Layer3 Pcol=08(Q931) Reflen=2 ref=0011(Local)
            Message Type = Alerting

The other side answers the call

1005111mS ISDNL3Rx: v=0 peb=5
            ISDN Layer3 Pcol=08(Q931) Reflen=2 ref=0011(Local)
            Message Type = Connect
                InformationElement = PI
            0000 1e 02 81 82
                InformationElement = Shift 6
                InformationElement = ??(28)
            0000 28 0e 31 73 74 20 32 20 77 69 72 73 20 44 43 50

Speech path established

 1005112mS ISDNL3Tx: v=0 peb=5
            ISDN Layer3 Pcol=08(Q931) Reflen=2 ref=0011(Remote)
            Message Type = ConnectAck

Call disconnected

 1007058mS ISDNL3Rx: v=0 peb=5
            ISDN Layer3 Pcol=08(Q931) Reflen=2 ref=0011(Local)
            Message Type = Disconnect
                InformationElement =
            0000 08 02 81 90=Cause code 90=Normal call clearing

Channel Released by provider

 1007059mS ISDNL3Tx: v=0 peb=5
            ISDN Layer3 Pcol=08(Q931) Reflen=2 ref=0011(Remote)
            Message Type = Release

Channel free for new use

 1007077mS ISDNL3Rx: v=0 peb=5
            ISDN Layer3 Pcol=08(Q931) Reflen=2 ref=0011(Local)
            Message Type = ReleaseComplete

Quest ActiveRoles Management Shell for Active Directory

admin — Mon, 29 Nov 2010 22:08:27 +0000

Quest Software’s free ActiveRoles Management Shell for Active Directory PS-Snapin simplifies a lot of the AD related functions through Powershell. Following is a list of some commonly used user related actions.

Finding non-expiring passwords
get-QADUser -PasswordNeverExpires

Finding disabled accounts
get-qaduser -disabled

Enabling disabled accounts
enabled-qaduser -identity

Remote management of Exchange 2010 using PowerShell

admin — Tue, 09 Nov 2010 16:57:09 +0000

You can run powershell commands on your Exchange 2010 server from machines whether or not they have the Exchange Management Tools installed using implicit remoting.

Even when you run the Exchange Management Shell on your exchange server, you’re essentially creating a powershell remoting session. The following steps take place in the background when you click the EMS icon:

Load the Microsoft.Exchange.Management.PowerShell.E2010 snap-in gets loaded

The RemoteExchange.ps1 script is dot sourced

The Connect-ExchangeServer function is executed

You can set up implicit remoting from any maching using powershell v2. This imports the commands from your exchange server to your local powershell session so you don’t need any Exchange tools installed.

First we create a session using the New-PSSession cmdlet:

$s = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http:///PowerShell/ -Authentication Kerberos

Then, import the session using the Import-PSSession cmdlet:

Import-PSSession $s

The Exchange Management Shell commands are now imported into the local PowerShell session.

You could use the same method to setup a scheduled task from your machine to run a commands on your exchange server.

[source: ]

Active Directory integration in CentOS using SAMBA

admin — Wed, 20 Oct 2010 21:22:04 +0000

This is perhaps the best tutorial on how to set up Active Directory integration in CentOS.

http://www.linuxmail.info/active-directory-integration-samba-centos-5/

Update:
A related link on setting up Kerberos
http://www.howtoforge.com/samba_ads_security_mode

Fixing corrupt system files in Windows

admin — Tue, 05 Oct 2010 16:38:56 +0000

The sfc /scannow command (System File Checker) scans the integrity of all protected Windows 7 (XP or Vista as well) system files and replaces incorrect corrupted, changed, or damaged versions with the correct versions if possible.

Running the command requires an elevated command prompt. A log file of the entire operation is created at C:\WINDOWS\LOGS\CBS\CBS.LOG.

The following command extracts the ‘fixes’ from the log and places it in a file called sfcdetails.txt.

findstr /c:"[SR]" %windir%\logs\cbs\cbs.log > sfcdetails.txt

How to tell what distro you are running?

admin — Tue, 03 Aug 2010 22:09:04 +0000

So you inherit a box running linux and you have no idea which flavor of linux it is. How do you find out?

If all you need the kernel version you can try
uname -a

This outputs something like this

Linux localhost.localdomain 2.4.20-31.9 #1 Tue Apr 13 18:04:23 EDT 2004 i686 i686 i386 GNU/Linux

If you need the actual distro name you can try
cat /etc/*release

In Ubuntu it shows up as

DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=9.04
DISTRIB_CODENAME=jaunty
DISTRIB_DESCRIPTION=”Ubuntu 9.04″

Or even
cat /etc/issue

which spits out the following on Ubuntu

Ubuntu 9.04 \n \l

You can combine all three to get the following
uname -a && cat /etc/*release && cat /etc/issue

Update:
Another one to add to the list
cat /proc/version

Batch editing Dial-up or VPN access settings in Active Directory

admin — Tue, 27 Apr 2010 17:00:00 +0000

Active Directory doesn’t let you edit the Dial-up of VPN access policies for multiple users at once through the GUI. You have to edit this setting one at a time for each user. This can be painstaking if you a lot of users. Luckily there is a VB script available like for almost everything else in AD.
Dim aConnection, aCommand, aResult, strLDAPPath, user, objUser Const ADS_PROPERTY_CLEAR = 1 strLDAPPath = InputBox("Please enter the LDAP path of the OU:") WScript.Echo strLDAPPath Set aConnection = CreateObject("ADODB.Connection") Set aCommand = CreateObject("ADODB.Command") aConnection.Provider = "ADsDSOObject" aConnection.Open aCommand.ActiveConnection = aConnection aCommand.CommandText=";(&(objectCategory=Person)(objectClass=User));distinguishedName;subTree" Set aResult = aCommand.Execute() Do While Not aResult.EOF strDN = aResult.Fields("distinguishedName") WScript.Echo strDN Set objUser = GetObject("LDAP://" & strDN) ' Comment the following line to manage connection through Remote Access Policy objUser.Put "msNPAllowDialin", FALSE ' Uncomment the following line to manage connection through Remote Access Policy ' objUser.PutEx ADS_PROPERTY_CLEAR, "msNPAllowDialin", 0 objUser.SetInfo aResult.MoveNext Loop

This script will update the access settings for a group of users in a particular OU. Once you run the script, a dialog box will ask you for this OU. Once this is set all users in that OU will be updated.

The AD property this script modifies is ‘msNPAllowDialin’. This property is accepts boolean values. So the three options are

TRUE (to allow access)

FALSE (to deny access)

To manage access via the Remote Access Policy, comment out the
objUser.Put "msNPAllowDialin", FALSE
and uncomment the
' objUser.PutEx ADS_PROPERTY_CLEAR, "msNPAllowDialin", 0
line.