Friday, December 20, 2013

Batchfile loginscript domain check

ping servername.domain.local -n 1 >NUL
  call \\servername.domain.local\share\Extra_Login_Stuff.bat

Tuesday, December 10, 2013

Powershell IP address computations

Very neat function for powershell ip computations:
source: technet

function Get-IPrange 
    Get the IP addresses in a range  
   Get-IPrange -start -end  
   Get-IPrange -ip -mask  
   Get-IPrange -ip -cidr 24  
  function IP-toINT64 () {  
    param ($ip)  
    $octets = $ip.split(".")  
    return [int64]([int64]$octets[0]*16777216 +[int64]$octets[1]*65536 +[int64]$octets[2]*256 +[int64]$octets[3])  
  function INT64-toIP() {  
    param ([int64]$int)  
    return (([math]::truncate($int/16777216)).tostring()+"."+([math]::truncate(($int%16777216)/65536)).tostring()+"."+([math]::truncate(($int%65536)/256)).tostring()+"."+([math]::truncate($int%256)).tostring() ) 
  if ($ip) {$ipaddr = [Net.IPAddress]::Parse($ip)}  
  if ($cidr) {$maskaddr = [Net.IPAddress]::Parse((INT64-toIP -int ([convert]::ToInt64(("1"*$cidr+"0"*(32-$cidr)),2)))) }  
  if ($mask) {$maskaddr = [Net.IPAddress]::Parse($mask)}  
  if ($ip) {$networkaddr = new-object net.ipaddress ($maskaddr.address -band $ipaddr.address)}  
  if ($ip) {$broadcastaddr = new-object net.ipaddress (([]::parse("").address -bxor $maskaddr.address -bor $networkaddr.address))}  
  if ($ip) {  
    $startaddr = IP-toINT64 -ip $networkaddr.ipaddresstostring  
    $endaddr = IP-toINT64 -ip $broadcastaddr.ipaddresstostring  
  } else {  
    $startaddr = IP-toINT64 -ip $start  
    $endaddr = IP-toINT64 -ip $end  
  for ($i = $startaddr; $i -le $endaddr; $i++)  
    INT64-toIP -int $i  

Thursday, November 7, 2013

linux force reboot

Saved my day today

echo 1 > /proc/sys/kernel/sysrq 
echo b > /proc/sysrq-trigger

Friday, November 1, 2013

Ubuntu homedir encryption and auto unmounting

Encrypting your homedirectory is generally not a bad idea.
With Ubuntu’s implementation it’s working out of the box.

However, if you are running processes from a “screen” and these processes require data from your homedirectory, they will fail whenever you log out from your ssh session.
It’s because your homedirectory will auto-unmount whenever you log out (eventhough the screen will continue to run).

To NOT auto-unmount your homedirectory, you can remove or rename the following file:


Friday, July 12, 2013

Ubuntu LTS and HP ProLiantSupportPack (pt2)

I’ve allready explained this before but some minor things changed.

Here’s how:

  • wget
  • chmod +x
  • ./ -v mcp

Not sure if this is still needed (it was allready present at my test system)

  • wget
  • apt-key add GPG-KEY-mcp

Followed by:

  • apt-get update
  • apt-get install hpacucli

Monday, May 13, 2013

Dump Exchange mailbox permissions

A complete script to first dump all exchange mailboxes to .csv and then enumerate all mailbox permissions.
It uses the Exchange 2010 management shell and Quest’s Active Directory Powershell modules.


  • Load the script in the ISE editor.
  • Set the two global parameters
  • Run the script
  • first execute: dump_mailboxes (this wil generate a .csv with all mailboxes)
  • then execuite: dump_all_mailbox_permission (this will generate a second .csv with all permissions. Open in Excel to filter)
echo "-"

$global_ad_domain = "AD.CUSTOMER.LOCAL"
$global_ad_short = "AD"

### Load Modules for Active Directory and Exchange 2010
  Add-PSSnapin Quest.ActiveRoles.ADManagement
  Set-QADPSSnapinSettings -DefaultSizeLimit 0

  $logged_on_to = $env:USERDNSDOMAIN
  if (!($logged_on_to -eq "$global_ad_domain"))
    $user = read-host "Enter username in adusername format"
    $pw = read-host "Enter password" -AsSecureString
    connect-QADService -service '$global_ad_domain' -ConnectionAccount $user -ConnectionPassword $pw
  Set-QADProgressPolicy -ShowProgress $false
  echo "quest loaded"

if ($EMS_loaded -eq $NULL)
  . 'C:\Program Files\Microsoft\Exchange Server\V14\bin\RemoteExchange.ps1'
  echo "- Exchange Management Shell Loaded"
  Connect-ExchangeServer -auto
  $EMS_loaded = $true
  echo "- Exchange Management Shell Connected"

### Functions

function dump_mailboxes
  $output_file = "d:\temp\mailboxes.csv"
  echo "Name`tAlias" >$output_file
  # $mailboxes = Get-Mailbox -RecipientTypeDetails SharedMailbox
  $mailboxes = Get-Mailbox -resultsize Unlimited
  foreach ($mailbox in $mailboxes)
    $Name = $mailbox.Name
    $Alias = $mailbox.Alias
    echo "$Name`t$Alias" >>$output_file

function dump_all_mailbox_permission
  $output_file = "d:\temp\mailbox_permissions.csv"
  $lijst = import-csv -delimiter "`t" d:\temp\mailboxes.csv
  $aantal = $lijst.count
  $teller = 0
  write-host "Aantal functionele mailboxen: $aantal"
  echo "Mailbox`tAuthType`tGroup`tSam`tType" >$output_file  
  foreach ($regel in $lijst)
    $Alias = $regel.alias
    write-host "$teller / $aantal -> $Alias"
    mailbox_permissions $Alias >>$output_file

function mailbox_permissions($mailbox)
  if ($perms = get-mailboxpermission -identity "$mailbox" | where {($_.isinherited -eq $false) -and ($_.User -like "$global_ad_short\*")})
    foreach ($perm in $perms)
      $usr = $perm.User.tostring()
      $typeusr = (get-qadobject -identity $usr -DontUseDefaultIncludedProperties).type
      $usr = $usr.replace("$global_ad_short","")
      $rights = $perm.AccessRights
      if ($typeusr -eq "group")
        $members = get-qadgroupmember -identity "$usr"
        foreach ($member in $members)
          $mbmrsam = $member.samaccountname
          echo "$mailbox`t$typeusr`t$usr`t$mbmrsam`t$rights"
        echo "$mailbox`t$typeusr`t`t$usr`t$rights"

echo "-"

Monday, January 21, 2013

reset domain administrator password on a win2k8r2 DC

Forgot your domain admin password? Whoops.

On a Win2k8r2 domain controller:

  • Boot with the installation media (or any other WinPE kind of media)
  • Go to the System32 directory
  • ren utilman.exe utilman.exe.bak
  • copy cmd.exe utilman.exe
  • Reboot the system
  • At the logon screen, press Windows Key + U. A command prompt will start.
  • net user Administrator "!mynewpass123"
  • Log in, start a command prompt.
  • del utilman.exe
  • copy utilman.exe.bak utilman.exe

done :-)

Friday, January 18, 2013

dns config on a domain controller (best practice)

Sometimes i tend to forget…

As a best practice on a domain controller, always add (locahost) as a DNS server, just not as the first entry!

Source: http://technet.micro … 807362(v=ws.10).aspx