Finding Human Logins in Windows – Part 2

nbeam published 2 weeks ago in Authentication, Information Security, Log Management, Microsoft, Network Security, Server 2012, Server 2012R2, Windows Administration. Tags: , , , , ,

0

The Event Viewer is a very useful tool however, like any log management solution, the biggest hurdle can be filtering out the noise and returning only the meaningful log data that you care about.

This is a follow-up on a previous article which can be viewed here: Finding Human Logins in the Windows Event Viewer – Suppressing Everything Else

One of the most common requests is seeing who has been in and out of a box. To that end, I want to expand a bit more and talk about how to filter on the following three things… Username, Event ID, and Logon Type.
(more…)

Manually Set the RDS Target Licensing Server for an RDS Session Host in Powershell

nbeam published 2 weeks ago in Microsoft, Powershell, Server 2012R2, Windows Administration. Tags: , , ,

0

This is a quick snippet for all of you working with RDS in Server 2012+… and bemoaning the fact that Microsoft took something relatively simple and made it horribly convoluted…

In Powershell you can manually set a Session Host Server to use a specific licensing server and mode. To do so you run the following on the session host server.

$obj = gwmi -namespace "Root/CIMV2/TerminalServices" Win32_TerminalServiceSetting
$obj.SetSpecifiedLicenseServerList("servername.contoso.local")

$obj = gwmi -namespace "Root/CIMV2/TerminalServices" Win32_TerminalServiceSetting
$obj.ChangeMode(VALUE)

First two commands specify the licensing server you want. Hence change servername.contoso.local to your environment. That’s only the first half though. You then need to set the licensing mode and that is what the second two commands do. Where it says VALUE you can enter in either a “2” or a “4” depending on the type of licensing you have.

2 = Per Device
4 = Per User

Hope this saves someone else some headache… I think the MS approved way to do this is probably to use group policy but this is a quick and dirty method if you just need to get a machine working quickly.

Remove PBIS on Ubuntu Server – Quick note for Self

nbeam published 1 month ago in Authentication, Domain Administration, Information Security, Linux, Microsoft, Ubuntu. Tags: , , ,

0

I have written articles on how to start using RealmD and SSSD for integrating ubuntu into a windows network. However, prior to that I wrote an article on using PBIS. RealmD and SSSD is, by far, the superior method IMHO and experience, so for all of those folks that want to switch, you probably want to get rid of PBIS on a bunch of servers. To that end, I just wanted to drop a line (for myself and anyone else that needs it) on how to remove an existing PBIS install on a server.

Thankfully, PBIS did make it pretty easy, the two following commands will get you there:

sudo /opt/pbis/bin/domainjoin-cli leave
sudo /opt/pbis/bin/uninstall.sh uninstall

The first command disconnects/unjoins your server from the domain. The second command removes PBIS.

There is probably some additional cleanup that can and should be done as well but I think that the above will at least clear the way for working with SSSD and RealmD.

Cheers!

Reference:
http://stackoverflow.com/questions/35916591/ubuntu-how-uninstall-powerbroker-identity-services

Powershell Snippet for getting all Sites hosted on an IIS Server in a CSV File

nbeam published 2 months ago in IIS, Microsoft, Powershell, Web Administration. Tags: , ,

0

I work with a lot of IIS servers. Keeping track of what sites are present on which servers can sometimes be a daunting task. Heretofore I have been dealing with the rather obnoxious and time consuming process of checking sites and bindings by looking at each one in the IIS console. The other day I thought to myself, surely there must be a more effecient way to do this from the CLI via PowerShell… There is… I quickly found the following code on Stack Overflow after a Google search: (more…)

BASH – Two Methods for Job Control – Simple Lock Files and FLOCK

nbeam published 3 months ago in Development, Linux, Programming, Shell Scripting. Tags: , , , , ,

0

A lot of my bash scripting experience has been, in one sense, relatively simple. I have several scripts that span several hundred lines and do fairly complex things across multiple systems. From that perspective they aren’t necessarily simple. However it wasn’t until recently that I had to really starting thinking about managing when scripts run and particularly keeping them from “stepping all over each other” when multiple instances of the same script must be run… enter the topic of “Job Control” or “Controlled Execution.”

A common scenario is that your bash script is written to access some shared resource. A few examples of such shared resources:
-An executable file that can only have one running instance at any given time
-A log file that must be written to in a certain order
-Sensitive system files (such as the interfaces file).

What happens if a bash script gets executed once, and then before the first instance finishes running a second instance is fired off? The short answer is typically unexpected/bad stuff that tends to break things.

So the solution is to introduce some job control logic into your scripts. And to that end I want to talk about two methods of controlling job execution that I have started to employ heavily for one of my projects: Simple Lock Files, and the more involved FLOCK application built into most newer Linux distributions. For reference, most of this article is based on a system running Debian Jessie. (more…)