These are just random notes and programs that may have incomplete descriptions. Any scripts or programs use at your risk
Tuesday, September 20, 2011
bit for bit copy of usb flash drive free utiltiy
Found this free utility to create a bit by bit copy of a flash drive
http://www.osforensics.com/tools/write-usb-images.html
ImageUSB is a free utility which lets you write an image concurrently to multiple USB Flash Drives. Capable of creating exact bit-level copies of USB Flash Drive (UFDs), ImageUSB is an extremely effective tool for the mass duplication of UFDs. ImageUSB also supports writing of an ISO file byte by byte directly to an USB drive, useful in conversion of bootable CD/DVD iso to a bootable USB drive. ImageUSB can also be used to install OSFClone to a USB Drive for use with PassMark OSForensics™.
Download Link
http://www.osforensics.com/downloads/imageusb.zip
Download link if site is down
http://dl.dropbox.com/u/24077962/imageusb.zip
Friday, September 16, 2011
Shell ipconfig the lazy way Visual Basic 2010
Shell("cmd /c ipconfig /all | findstr ""IPv4 Subnet Gateway"" > c:\support\ipconfig.txt", AppWinStyle.Hide, True)
lblIPConfig.Text = My.Computer.FileSystem.ReadAllText("c:\support\ipconfig.txt")
Tuesday, September 6, 2011
Managing AD objects
3 Ways to Move AD Objects
1. Open ADUC and drag and drop object
2. Context Menu - right click
3. DSMove - Command line
Example
To move user tunger from the users container to the sales users ou under corp users ou here is the command
dsmove "cn=tunger,cn=users,dc=tonyunger,dc=com" -newparent "ou=sales users,ou=corp users,dc=tonyunger,dc=com"
3 Ways to Delete Objects
1. Highlight object and hit delete button on keyboard
2. context Menu - right click and choose delete
3. DSRM - command line
Delete User:
DSRM "cn=tunger,cn=users,dc=tonyunger,dc=com"
Delete OU:
Remove an ou named sales users and all objects under the ou
DSRM -subtree - nopromp -c "ou=sales users,ou=corp users,dc=tonyunger,dc=com"
To remove all objects under an OU named sales, but leave the ou intact
DSRM - subtree -exclude -noprompt -c "ou=sales users,ou=corp users,dc=tonyunger,dc=com"
Add a user
dsadd user "cn=tunger,cn=users,dc=tonyunger,dc=com" -fn Tony -ln Unger -pwd 1234 -mustchpwd yes
1. Open ADUC and drag and drop object
2. Context Menu - right click
3. DSMove - Command line
Example
To move user tunger from the users container to the sales users ou under corp users ou here is the command
dsmove "cn=tunger,cn=users,dc=tonyunger,dc=com" -newparent "ou=sales users,ou=corp users,dc=tonyunger,dc=com"
3 Ways to Delete Objects
1. Highlight object and hit delete button on keyboard
2. context Menu - right click and choose delete
3. DSRM - command line
Delete User:
DSRM "cn=tunger,cn=users,dc=tonyunger,dc=com"
Delete OU:
Remove an ou named sales users and all objects under the ou
DSRM -subtree - nopromp -c "ou=sales users,ou=corp users,dc=tonyunger,dc=com"
To remove all objects under an OU named sales, but leave the ou intact
DSRM - subtree -exclude -noprompt -c "ou=sales users,ou=corp users,dc=tonyunger,dc=com"
Add a user
dsadd user "cn=tunger,cn=users,dc=tonyunger,dc=com" -fn Tony -ln Unger -pwd 1234 -mustchpwd yes
Shadow Groups
http://trycatch.be/blogs/roggenk/archive/2007/07/18/active-directory-domain-services-fine-grained-password-policies.aspx
A shadow group is a global security group that is logically mapped to an OU to enforce a fine-grained password policy. You add users of the OU as members of the newly created shadow group and then apply the fine-grained password policy to this shadow group. You can create additional shadow groups for other OUs as needed
More information:
http://technet.microsoft.com/en-us/library/cc770394(WS.10).aspx
A shadow group is a global security group that is logically mapped to an OU to enforce a fine-grained password policy. You add users of the OU as members of the newly created shadow group and then apply the fine-grained password policy to this shadow group. You can create additional shadow groups for other OUs as needed
More information:
http://technet.microsoft.com/en-us/library/cc770394(WS.10).aspx
Monday, September 5, 2011
Active Directory Service command-line tools
High overview
dsadd adding objects.
dsget displaying objects.
dsmod modifying objects.
dsmove moving objects.
dsquery finding objects matching search criteria.
dsrm deleting objects.
dsadd adding objects.
dsget displaying objects.
dsmod modifying objects.
dsmove moving objects.
dsquery finding objects matching search criteria.
dsrm deleting objects.
Friday, September 2, 2011
From http://www.symantec.com/connect/articles/readyfsmo-roles-active-directory-windows-2008-server
Flexibility Schema Operations Master FSOP
1. Forest Roles
Schema Master - As name suggests, the changes that are made while creation of any object in AD or changes in attributes will be made by single domain controller and then it will be replicated to another domain controllers that are present in your environment. There is no corruption of AD schema if all the domain controllers try to make changes. This is one of the very important roles in FSMO roles infrastructure.
Domain Naming Master - This role is not used very often, only when you add/remove any domain controllers. This role ensures that there is a unique name of domain controllers in environment.
2. Domain Roles
Infrastructure Master - This role checks domain for changes to any objects. If any changes are found then it will replicate to another domain controller.
RID Master - This role is responsible for making sure each security principle has a different identifier.
PDC emulator - This role is responsible for Account policies such as client password changes and time synchronization in the domain
Where these roles are configured?
Domain wide roles are configured in Active Directory users and computers. Right click and select domain and here option is operations master.
Forest roles Domain Naming master is configured in active directory domain and trust right click and select operations master. It will let you know the roles.
(c)Forest roles Schema Master is not accessible from any tool as they want to prevent this. Editing schema can create serious problem in active directory environment. To gain access you need to create snap-in and register dll file by regsvr32 schmmgmt.dll.
Seizing of Roles
In case of failures of any server you need to seize the roles. This is how it can be done:
For Schema Master:
Go to cmd prompt and type ntdsutil
Ntdsutil: prompt type roles to enter fsmo maintenance.
Fsmo maintenance: prompt type connections to enter server connections.
Server connections: prompt, type connect to server domain controller, where
Domain controller is the name of the domain controller to which you are going to transfer the role
Server connections: prompt, type quit to enter fsmo maintenance.
Fsmo maintenance: prompt, type seize schema master.
After you have Seize the role, type quit to exit NTDSUtil.
For Domain Naming Master:
Go to cmd prompt and type ntdsutil
Ntdsutil: prompt type roles to enter fsmo maintenance.
Fsmo maintenance: prompt type connections to enter server connections.
Server connections: prompt, type connect to server domain controller, where
Domain controller is the name of the domain controller to which you are going to transfer the role
Server connections: prompt, type quit to enter fsmo maintenance.
Fsmo maintenance: prompt, type seize domain naming master.
After you have Seize the role, type quit to exit NTDSUtil.
For Infrastructure Master Role:
Go to cmd prompt and type ntdsutil
Ntdsutil: prompt type roles to enter fsmo maintenance.
Fsmo maintenance: prompt type connections to enter server connections.
Server connections: prompt, type connect to server domain controller, where
Domain controller is the name of the domain controller to which you are going to transfer the role
Server connections: prompt, type quit to enter fsmo maintenance.
Fsmo maintenance: prompt, type seize infrastructure master.
After you have Seize the role, type quit to exit NTDSUtil.
For RID Master Role:
Go to cmd prompt and type ntdsutil
Ntdsutil: prompt type roles to enter fsmo maintenance.
Fsmo maintenance: prompt type connections to enter server connections.
Server connections: prompt, type connect to server domain controller, where
Domain controller is the name of the domain controller to which you are going to transfer the role
Server connections: prompt, type quit to enter fsmo maintenance.
Fsmo maintenance: prompt, type seize RID master.
After you have Seize the role, type quit to exit NTDSUtil.
For PDC Emulator Role:
Go to cmd prompt and type ntdsutil
Ntdsutil: prompt type roles to enter fsmo maintenance.
Fsmo maintenance: prompt type connections to enter server connections.
Server connections: prompt, type connect to server domain controller, where
Domain controller is the name of the domain controller to which you are going to transfer the role
Server connections: prompt, type quit to enter fsmo maintenance.
Fsmo maintenance: prompt, type seize PDC.
After you have Seize the role, type quit to exit NTDSUtil.
Flexibility Schema Operations Master FSOP
1. Forest Roles
Schema Master - As name suggests, the changes that are made while creation of any object in AD or changes in attributes will be made by single domain controller and then it will be replicated to another domain controllers that are present in your environment. There is no corruption of AD schema if all the domain controllers try to make changes. This is one of the very important roles in FSMO roles infrastructure.
Domain Naming Master - This role is not used very often, only when you add/remove any domain controllers. This role ensures that there is a unique name of domain controllers in environment.
2. Domain Roles
Infrastructure Master - This role checks domain for changes to any objects. If any changes are found then it will replicate to another domain controller.
RID Master - This role is responsible for making sure each security principle has a different identifier.
PDC emulator - This role is responsible for Account policies such as client password changes and time synchronization in the domain
Where these roles are configured?
Domain wide roles are configured in Active Directory users and computers. Right click and select domain and here option is operations master.
Forest roles Domain Naming master is configured in active directory domain and trust right click and select operations master. It will let you know the roles.
(c)Forest roles Schema Master is not accessible from any tool as they want to prevent this. Editing schema can create serious problem in active directory environment. To gain access you need to create snap-in and register dll file by regsvr32 schmmgmt.dll.
Seizing of Roles
In case of failures of any server you need to seize the roles. This is how it can be done:
For Schema Master:
Go to cmd prompt and type ntdsutil
Ntdsutil: prompt type roles to enter fsmo maintenance.
Fsmo maintenance: prompt type connections to enter server connections.
Server connections: prompt, type connect to server domain controller, where
Domain controller is the name of the domain controller to which you are going to transfer the role
Server connections: prompt, type quit to enter fsmo maintenance.
Fsmo maintenance: prompt, type seize schema master.
After you have Seize the role, type quit to exit NTDSUtil.
For Domain Naming Master:
Go to cmd prompt and type ntdsutil
Ntdsutil: prompt type roles to enter fsmo maintenance.
Fsmo maintenance: prompt type connections to enter server connections.
Server connections: prompt, type connect to server domain controller, where
Domain controller is the name of the domain controller to which you are going to transfer the role
Server connections: prompt, type quit to enter fsmo maintenance.
Fsmo maintenance: prompt, type seize domain naming master.
After you have Seize the role, type quit to exit NTDSUtil.
For Infrastructure Master Role:
Go to cmd prompt and type ntdsutil
Ntdsutil: prompt type roles to enter fsmo maintenance.
Fsmo maintenance: prompt type connections to enter server connections.
Server connections: prompt, type connect to server domain controller, where
Domain controller is the name of the domain controller to which you are going to transfer the role
Server connections: prompt, type quit to enter fsmo maintenance.
Fsmo maintenance: prompt, type seize infrastructure master.
After you have Seize the role, type quit to exit NTDSUtil.
For RID Master Role:
Go to cmd prompt and type ntdsutil
Ntdsutil: prompt type roles to enter fsmo maintenance.
Fsmo maintenance: prompt type connections to enter server connections.
Server connections: prompt, type connect to server domain controller, where
Domain controller is the name of the domain controller to which you are going to transfer the role
Server connections: prompt, type quit to enter fsmo maintenance.
Fsmo maintenance: prompt, type seize RID master.
After you have Seize the role, type quit to exit NTDSUtil.
For PDC Emulator Role:
Go to cmd prompt and type ntdsutil
Ntdsutil: prompt type roles to enter fsmo maintenance.
Fsmo maintenance: prompt type connections to enter server connections.
Server connections: prompt, type connect to server domain controller, where
Domain controller is the name of the domain controller to which you are going to transfer the role
Server connections: prompt, type quit to enter fsmo maintenance.
Fsmo maintenance: prompt, type seize PDC.
After you have Seize the role, type quit to exit NTDSUtil.
Thursday, September 1, 2011
Lan Wan Speed Test Iperf
Iperf is a tool i use to determine tcp or udf performance on a network.
The following commands are to be ran on the client(machine connecting from) and servers(Machine connecting to)
Client:
iperf.exe -c 192.168.1.51
Server:
iperf.exe -s
Iperf is opensource.
Download links
Linux
http://code.google.com/p/iperf/
http://sourceforge.net/projects/iperf/
Windows
https://nocweboldcst.ucf.edu/files/iperf.exe - old
http://www.mayoxide.com/iperf/ - newer build fork.
The following commands are to be ran on the client(machine connecting from) and servers(Machine connecting to)
Client:
iperf.exe -c 192.168.1.51
Server:
iperf.exe -s
Iperf is opensource.
Download links
Linux
http://code.google.com/p/iperf/
http://sourceforge.net/projects/iperf/
Windows
https://nocweboldcst.ucf.edu/files/iperf.exe - old
http://www.mayoxide.com/iperf/ - newer build fork.
Subscribe to:
Posts (Atom)
-
Running solidcore you may run into a problem where you have to disable it with out using epo or the local CLI Here are the steps. ...
-
Here is an excel document I created that will ping a list of nodes in column A and give results in column B. There are much better tools th...
-
#reads event logs for filter and exports to $Date = (Get-Date).AddMinutes(-30) $LogName = 'Security' $ProviderName = "Microsof...