April 2013
4 posts
4 tags
line editing tricks and shortcuts for powershell →
I’ve been using PowerShell for a couple years now and I didn’t know hitting Esc cleared the current line…
3 tags
export and import ou's and users from ad →
Perfect for setting up a lab.
4 tags
install any version of vsphere client on win8 →
3 tags
change win7 explorer default view to my computer →
This always bugged me but it’s taken me this long to actually google how to fix it…
March 2013
9 posts
2 tags
change windows server edition with dism →
6 tags
spiceworks - free monitoring and alerting for... →
How am I just now discovering Spiceworks? This is amazing, can’t believe it’s free*.
*they do collect info/data but it’s supposedly anonymized
4 tags
change time zone for all computers in an ou with...
Here’s a little PowerShell script you can use to change the time zone for all computers in a certain OU.
Start-Transcript
Import-Module ActiveDirectory
$cred = Get-Credential
$arr = Get-ADComputer -SearchBase ‘OU=Servers,OU=example,dc=blah,dc=com’ -Filter ‘*’ | Select-Object -ExpandProperty Name
#for debugging - manually set the array for testing
#$arr =...
7 tags
vmware file level restores with netapp datastores →
Works great for Windows MBR disks, but not so much for GPT disks. Anyone have a solution for GPT disks?
5 tags
add users to a group based on an ad attribute
Props to TechNet forums user philldogger for this one. If you want to build a group in AD based on the value of an attribute that the users will have (e.g. make a DFS group based on Department) you can do this:
Import-Module ActiveDirectory
Get-ADUser -filter{department -like “Accounting”} | %{Add-ADGroupMember dfs_dept_Accounting $_.SamAccountName}
In this example I am...
3 tags
wpkg - free software deployment and management for... →
Haven’t tried it out yet but this looks really handy.
3 tags
deprecated linux commands and their replacements →
6 tags
the rosetta stone for unix - common equivalents... →
This is so god damn handy that anyone who works on any kind of *nix system should bookmark it.
2 tags
bginfo and group policy preferences
After you download BgInfo and get your configuration file created you can easily create a GPO using Group Policy Preferences to have it load on any computer on your domain.
Copy the BgInfo.exe and your config.bgi to \your.domain\NETLOGON share.
Create a new GPO and goto Computer > Preferences > Windows Settings > Files
Right and click and goto New > File
Under Action make...
February 2013
1 post
2 tags
how to use perfmon to checkout your server →
Great summary article on what to look for using a handful of useful counters in perfmon on a Windows server.
January 2013
3 posts
3 tags
various sccm 2012 device collection queries →
3 tags
my recent job interviewing experience
I’m happy to say that I’ve just accepted a position with a great company and will be relocating to Chicago for it. I started looking for a job pretty seriously about 8 months ago after having been with a previous employer over six years (my first job out of college). I actually accepted a new position about 3 months ago, and now I’m leaving it. Yes I know in the traditional...
4 tags
script to launch armitage teamserver quickly
Quickly launch an Armitage teamserver with the servers IP address (eth0 by default, modify the script accordingly) automatically detected and with a pre-set password:
#!/bin/bash
echo “launching multiplayer hacking ;)”
echo “…”
ipaddr=`ip addr show eth0 | grep -w “inet” | gawk ‘{ print $2 }’ | cut -f1 -d\/`
echo “IP is...
December 2012
5 posts
5 tags
adb driver for samsung galaxy s3 for windows →
4 tags
install adb driver for nexus 7 on windows
If you have a Nexus 7 and you are following the developer.android.com tutorial and trying to run your first Android app you may be wondering why ADT won’t see your device. Thanks to this helpful article I found the solution:
In ADT go to the ‘Window’ menu at the top and then select ‘Android SDK Manager’ from the dropdown. A new window should open and start loading...
3 tags
lunch at the hp cafeteria →
6 tags
sccm wmi queries (wql) for building collections...
If you want to build a collection in SCCM for “All Servers” or “All Workstations” here are two WMI queries you can use.
All Servers
select SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name,SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System inner join SMS_G_System_SYSTEM on...
4 tags
scom 2012 do not send closed alert if resolved... →
Over the last couple weeks I have learned that SCOM 2012 is utterly retarded. It’s way too noisy and creating overrides or disabling notifications is a confusing experience. Simple features like scheduling a reoccurring or granular (between such and such hours) maintenance mode and creating a group to exclude another existing group or OU are non-existent. The layout and UI are just...
November 2012
6 posts
3 tags
the god box: searching for the holy grail of... →
2 tags
vmware myths busted →
Is RDM performance better than VMFS? Does CBT cause significant overhead? Can Resource Pools actually harm your cluster?
3 tags
enable agent proxy in scom for multiple machines... →
2 tags
helpful scom 2012 links →
The Microsoft Virtual Academy videos are pretty decent.
3 tags
filtering out the noise in scom
I’ve decided to tackle SCOM 2012 at my new employer. It was installed by a previous SysAdmin but basically left out of the box with ALL alerts on EVERYTHING constantly spamming the inboxes of the rest of the team. I am very sick of these emails.
SCOM is interesting in that by default you really do get alerts for everything. Even stupid crap you don’t care about like an occasional...
5 tags
get the membership of a distribution list with...
Simple one that I’ve had to use time and again but always forget what the command is…
Get-DistributionGroup “listName” | Get-DistributionGroupMember | FT Name,PrimarySMTPAddress » “C:\blah\listMembers.txt”
Probably a nicer way to export it as a CSV, but if you just add | Export-CSV c:\path\blah.csv you get gibberish in the columns. I was too lazy...
October 2012
2 posts
5 tags
tegile: interesting new storage startup
A couple of the sales guys I worked with when I bought my Compellent last year contacted me the other day about the new company Tegile that they work for now. These guys were great to work with and the technical guy really knew his stuff, so I was immediately interested when I heard they had left Dell/Compellent. The Zebi platform looks very promising, especially as there is this new marketing...
4 tags
using powershell to generate a gpo report →
September 2012
1 post
4 tags
looking for ssl certs with keys less than 1024bits
On September 11, 2012 Microsoft released an update that will block SSL certificates that use RSA keys less than 1024bits. If you are looking for a way to discover if there are weak certificates in use on your network one tool you can use is good ol nmap. nmap has a handy dandy scripting engine that you can use to do things like look for certain vulnerabilities. Lucky for us their is a...
August 2012
3 posts
3 tags
Burp Suite Series: Efficient Use of Payload... →
6 tags
quick and easy fim r2 upgrade guide
As I pointed out in my last post, Microsoft has some conflicting documentation on TechNet. Here is a quick guide that should get you a safe upgrade:
Backup everything. Databases, configs, and bare metal/complete backup of your servers/VMs just incase. (Side note: Checkout PHD Virtual for good, cheap VMware backup software).
Make sure you are on build 3606 at the very least on both your FIM...
6 tags
botched fim r2 portal upgrade
Hooray for conflicting documentation from Microsoft. So I found this handy, simple checklist for upgrading FIM 2010 to R2. The problem is if you follow it you’re probably going to end up with a botched Portal/Service upgrade. Make sure you upgrade SharePoint to 2010 BEFORE you run the installer is the long and short of it. Even though it’s written for a test lab scenario, you are...
June 2012
2 posts
4 tags
salt - simple config management and remote... →
5 tags
installing oracle vm manager 3.1.1 with oracle...
I want to start off by saying I am not an Oracle guy and my expertise is with VMware. Anyone who has ever purchased an Oracle product will tell you their licensing is abysmal to say the least. Their licensing model for VMware isn’t any better and they basically force you to use their virtualization product, Oracle VM, unless you have money to blow.
With that said, I was recently tasked...
May 2012
4 posts
4 tags
device eth0 does not seem to be present
If you run into this error cloning a VM or changing the NIC on a VM just do the following:
Delete this file /etc/udev/rules.d/70-persistent-net.rules
Reboot
Run system-config-network and re-create
Assuming a RHEL or RHEL-like OS.
4 tags
do not use lockdown mode in vmware
PSA: Do not use Lockdown Mode on your ESXi servers. Yesterday I ran into a major headache. One of my ESXi 5 hosts went down and it happened to the be hosting my Virtual Center VM. My Host Isolation Response is set to Shutdown which should have gracefully powered off my Virtual Center server and started it up another host. Except that it didn’t; it stayed powered off. Being the security...
4 tags
0xabad1dea: Analyzing Binaries with Hopper's... →
abad1dea:
by abadidea - @0xabad1dea
No source code? No problem!
This is aimed at beginners in static analysis. The binary we examine is non-malicious and non-obfuscated, and is not run through the highest optimization settings of the compiler. We will start at line one and proceed linearly, just to…
4 tags
maximizing value in pentesting →
Great article by the Great Ed Skoudis over at the pen testing blog of SANS.org.
April 2012
2 posts
5 tags
remove or reinstall lync from os x →
Lync was crashing on startup for me endlessly and I couldn’t even get to Preferences to change anything. Use the link for info on how to rip it out completely and reinstall. Don’t forget Update 14.0.1 (or later) if you’re on Lion.
5 tags
convert rhel6 to centos6 →
March 2012
2 posts
4 tags
os x command line random password generator
If you want a quick little random password generator (uppercase, lowercase, and numbers) from the terminal in OS X you can add something like this to your .bashrc
randompass() {
LANG=C
local l=$1
[ “$l” == “” ] && l=12
tr -dc A-Za-z0-9_ < /dev/urandom | head -c ${l} | xargs
}
It defaults to 12 characters but takes any...
5 tags
block w00tw00t scans with fail2ban
Tired of seeing “/w00tw00t.at.blackhats.romanian.anti-sec:)”, and the other variations, in your logs? First install fail2ban if you don’t have it already (you will wish you’d known about this sooner). Create a new file in /etc/fail2ban/filter.d/ called “w00tw00t.conf”. Inside put:
#block w00tw00t scans of all variations
[Definition]
failregex =...
February 2012
1 post
5 tags
vcheck - vcenter monitoring/reporting script →
If you run VMware and vCenter you NEED vCheck. Kudos to the author!
January 2012
2 posts
4 tags
spf record creator wizard →
6 tags
rhel6 installing bind-chroot
Oh Red Hat, sometimes I don’t get you. So it seems the “recommended” way of installing BIND on RHEL6 is now to just install normally (e.g. “yum install bind”) and let SELinux handle the security. My beef with this is how frustrating SELinux can be. Honestly every time I have to troubleshoot an issue with it I’m down at least two hours of my time and it just...
November 2011
3 posts
6 tags
enable ldap over ssl or ldaps →
2 tags
disable forwarding in live@edu
The Lost and Found Identity blog has a great article on how to disable users from forwarding mail in Live@edu, but I just wanted to dumb down the steps a little bit. First make a remote PowerShell connection to Live@edu and then do the following:
Set-RemoteDomain Default -AutoForwardEnabled $false
New-ManagementRole -Parent MyBaseOptions_DefaultMailboxPlan -Name...
3 tags
a powershell walkthrough of the standard... →
