by TechiBee
on November 3, 2009
I came across a incident where I have to kill one of the running MMC(active directory users and computers) as it is not responding properly. I went to task manager and tried killing the process but in vain. I am sure this happens for many of the system administrations and they had to go to the processes tab and find-out the process and kill it. I thought of doing that but I have few more other important MMCs running which I don’t want to disturb. I looked around for a quick way to find out which MMC process belongs to my “Active Directory Users and Computers” MMC and resulted in this small and power{full | shell} script.
PS C:> Get-Process | where {$_.mainwindowtitle -match “active directory users and computers”}
And to stop/kill that process I used powershell only as it is straight forward from here.
PS C:> Get-Process | where {$_.mainwindowtitle -match “active directory users and computers”} | stop-process
I am done with my task 🙂
Happy Learning,
Sitaram Pamarthi
{ }
by TechiBee
on November 3, 2009
There are variety of ways and tools available for generating uptime of a windows XP/2003 machine. This post describes the procedure for generating uptime with powershell code. You can use this code in your powershell scripts without depending on third-party tools/utilities.
$os = Get-WmiObject -cl win32_operatingsystem
write-host ((Get-date) – $os.converttodatetime($os.lastbootuptime))”(DD.HH:MM:SS)” | fl
Copy and paste this to your powershell window and format the output like you want.
Happy Learning,
Sitaram Pamarthi
{ }
by TechiBee
on November 3, 2009
If you want to find-out the SID of a Domain(or local) user using powershell, here is the code.
Get the SID of domain User:
write-host (new-object System.Security.Principal.NTAccount “domainuser”).Translate([System.Security.Principal.SecurityIdentifier]) -b yellow -f red
Get the SID of local User:
write-host (new-object System.Security.Principal.NTAccount “administrator”).Translate([System.Security.Principal.SecurityIdentifier]) -b yellow -f red
If you are a programming geek and want to convert this into cmdlet(say get-sid), you can find some info here at http://www.clariusconsulting.net/blogs/pga/archive/2006/08/08/643.aspx
Happy Learning,
Sitaram Pamarthi
{ }
by TechiBee
on October 29, 2009
In this post I will take you through few LDAP queries which you might find useful in your day-to-day administration.
To query list of hidden mailboxes:
(&(objectCategory=person)(objectClass=user)(msExchHideFromAddressLists=TRUE))
To query list of GAL visible mailboxes:
(&(objectCategory=person)(objectClass=user)(!(msExchHideFromAddressLists=TRUE)))
To query list of hidden mailboxes whose user account is enabled:
(&(objectCategory=person)(objectClass=user)(!(userAccountControl:1.2.840.113556.1.4.803:=2))(msExchHideFromAddressLists=TRUE))
To query list of hidden mailboxes whose user account is disabled:
(&(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=2)(msExchHideFromAddressLists=TRUE))
Grab the query you want and paste it in “Saved queries” option in Active Directory users and computers MMC(dsa.msc) to view the results.
You can write in comments here if you are looking for a custom LDAP query for your requirements. I will help you when I find time.
Happy Learning…,
Sitaram Pamarthi.
{ }
by TechiBee
on October 28, 2009
Microsoft has released a handy tool for helping it’s customers who downloads windows 7 media from their stores. The ISO download format has to be written to a DVD using one of the image burning softwares. The Windows 7 USB/DVD Download tool allows you to create a copy of your Windows 7 ISO file on a USB flash drive or a DVD.
Usage…
- Download Windows 7 from Microsoft store
- Download Windows 7 USB/DVD tool
- Run the tool and follow the intrusions to prepare a bootable USB or DVD
- Insert the USB/DVD into system, boot from it and enjoy the Windows 7 Experience
Refer to this page for more details about the tool.
Happy Learnings..,
Sitaram Pamarthi
{ }
by TechiBee
on October 27, 2009
Microsoft Windows 2008 Active Directory Domain Services has many enhanced features in its GUI. The Active Directory Users and Computers, Sites and Services, and Domains and Trusts MMC snap-ins have always been adequate for managing Active Directory. In Windows Server 2008, the basic admin tools have been cleaned up and introduce a couple of nice new features. If you enable Advanced Features, the Properties dialog for each object displays an additional tab titled Attribute Editor. This is the same attribute editor tab used by ADSIEdit, which lets you inspect and edit all of the attributes of the object. The tab itself now offers better decoding of encoded attributes, such as the userAccountControl attribute. Attached image shows how seamlessly the attribute editor is integrated.
{ }
by TechiBee
on October 27, 2009
Windows 7 has very exiting features like Aero view and more rich GUIs. I will definitely enjoy these features if the laptop is connected to direct power but when I am in travel or away in a place where I don’t have power options, then I will give preference to battery backup.
Aerofoil is a tool developed to automatically off aero view and other UI power consuming settings when you are running on battery. It also enables you to choose/switch between power plans and configure your side bar too. It has quick hibernate button which takes your laptop to sleep.
Get a copy of this freeware and enjoy long hours of battery performance.
Happy Learning…,
Sitaram Pamarthi
{ }
by TechiBee
on October 27, 2009
Object deletion will be successful only when the following conditions are satisfied.
- Has appropriates rights for deleting objects in active directory
- The “DisAllow Delete” bit is not set in systemflags attribute of object
- The “IsCriticalSystemObject” attribute is not set to TRUE
After meeting above conditions, active directory starts the deletion operation by doing the following..
- Sets the “IsDelete” attribute of the object to TRUE
- Wipes out all attributes of object except below attributes. Refer to msdn for more details about attributes retained.
attributeID
attributeSyntax
distinguishedName
dNReferenceUpdate
flatName
governsID
groupType
instanceType
lDAPDisplayName
legacyExchangeDN
mS-DS-CreatorSID
mSMQOwnerID
name
nCName
objectClass
objectGUID
objectSid
oMSyntax
proxiedObjectName
replPropertyMetaData
sAMAccountName
securityIdentifier
subClassOf
systemFlags
trustAttributes
trustDirection
trustPartner
trustType
userAccountControl
uSNChanged
uSNCreated
whenCreated
- Moves the object to “Deleted Objects” container by renaming it.
Renaming is necessary here as the “deleted objects” container is flat. Object will be renamed to a format similar to “[OldRDN]�ADEL:[GUID]” where GUID is the Global Unique Identifier of object being deleted.
This completes the deletion process.
Note that deleted objects will still remain in active directory for some days. This time is called tombstone life time. This time is 60 days for forest that are built initially with windows 2000 or 2003 OS and for forests that are built with windows 2003 SP1 or above the tombstone lifetime is 180 days. If you want you can increase them to the value you want by modifying tombstoneLifetime attribute of CN=Directory Service,CN=Windows NT, CN=Services,CN=Configuration, DC=yourdomain, DC=COM object from adsiedit.msc.
After the tombstone period the object will be marked for permanent deletion. There is a process called “garbage collection” which runs every 12 hours in domain controllers and the job of this process is to collect objects which has exceeded tombstone lifetime and deleting them. So a deleted object in active directory will still stay in database for days mentioned in tombstone life time plus the no. of hours left for the garbage process to trigger after tombstone expiry.
Objects CAN NOT be retrieved using any mechanism after the deletion by garbage collection process.
In my next post I will take you through the different options available in active directory restoration.
{ }
by TechiBee
on October 21, 2009
Today in my blog post, I am not going to write anything technical, tips and tricks. But I am going share few information with other bloggers for whom this information is very important in computer security perspective.
This afternoon I got a short and sweet email from a mail ID asking me to write product review for one of their product and they provided me a link to the software. In return to my review they offered me a free license for the software on which I have to write the product review. Well, everything looks fine so far and I gave a confirmation in email that I will check it a bit later in day. I opened the link they provided me in email and it’s like a company which is selling their products online. As I haven’t received any confirmation from other side about the license part they promised me, I just did a brief search over internet with the email ID and landed in Sara’s blog. I have seen a professional way of spreading virus after reading the blog entry where sara also got email like me but luckily came out of that crap because of her good antivirus (that’s what she says in her blog!).
The actual story is that, few people over internet are targeting bloggers and asking them to write review for their products and offering % or free licenses in return. The links they are providing in emails are downloading virus into your computer which in turn suffer your system in many ways if you don’t have proper Antivirus software. I know, there are many companies which ask people to write review for their products to increase their sales, but for the first time I have seen people misusing this channel to spread virus. Now I am in dilemma whether to respond to such emails or not. If I skip, I might miss some good chances and if I accept I will waste my time in fixing AV issues.
I will find-out the precautions to be taken against these scams and come up with another blog post pretty soon.
Happy Learning…,
Sitaram Pamarthi
{ }
by TechiBee
on October 21, 2009
This post confirms my ownership of the site and that this site adheres to Google AdSense program policies and Terms and Conditions.
{ }
