blog.saalmink.nl

Very neat (freeware) piece of software to write an image to multiple usb sticks at the same time.

http://osforensics.c … rite-usb-images.html

Note the: /netonly

runas /netonly /user:domainusername “C:\Program Files (x86)\Microsoft\SQL Server\100\Tools\Binn\VSShell\Common7\IDES\sms.exe”

PS D:Usersxxx> (get-qaduser "myaccount").memberof.count
46

PS D:Usersxxx> (get-qaduser "myaccount").allmemberof.count
98

PS D:Usersxxx> (get-qaduser "myaccount").nestedmemberof.count
53

According to: http://msdn.microsof … ibrary/ms677943.aspx: “memberOf does not contain the user’s membership in domain local and global groups in other domains.”

Indeed, AllMemberOf shows these groups too (DomainLocal only in my example).

PS D:Usersxxx> $groups = (get-qaduser "myaccount").allmemberof

PS D:Usersxxx> foreach ($group in $groups)
{
  (get-qadgroup $group).GroupScope
}
Global
Global
Global
DomainLocal
Global

All those ways to get the size of directories with powershell are extremely slow. Especially on network shares.
e.g.

$colItems = (Get-ChildItem C:Scripts | Measure-Object -property length -sum)
"{0:N2}" -f ($colItems.sum / 1MB) + " MB"

Currently i’m harvesting through roughly 40TB of data and it’s taking me daaaaaaaaaays!
So i’m in desperate need of something faster.
Then i thought about robocopy. Robocopy gives great statistics. So if i do a “dry-run” (list-only, not really copy), i might get the information i need by parsing the output.

Choice of switches:

• /b = backup mode. Supposed to give me access to every file
• /l = list only/dry-run, not really doing the copy
• /mir = action what you would normally do when you would copy the data. This also dives into all subdirectories.
• /r:0 = no retries
• /w:0 = don’t wait on anything
• /ns /nc /nfl /ndl /njh = no logging of any kind. We only want the summary.

Then we get this piece of code (it could be a lot shorter, but i’m keeping it readable):

function get_size_of_dir_in_bytes_with_robocopy ($directory)
{
  write-host "- $directory" -foreground "GREEN"
  [string]$result = robocopy /b /l /mir "$directory" "c:\whatever" /r:0 /w:0 /ns /nc /nfl /ndl /njh /bytes
  if (!($lastexitcode -eq 16))
  {
    $pos = ($result).indexof("Bytes : ")
    $start = $pos + 8
    $length = $result.length
    $end = $length - $start
    $newstring = ($result).substring($start,$end)
    $newstring = $newstring.trim()
    echo $newstring.split()[0]
  }
  else
  {
    echo "CANNOT ACCESS"
  }
}

add the following lines to /etc/sysctl.conf

# IPv6
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1

… and reboot.
Or simply reload the settings:

sysctl -p

2019 update:
sysctl.conf still works, but it won’t be processed during boot.
Therefor recent Ubuntu’s need an extra grub parameter ipv6.disable=1. Like so:

GRUB_CMDLINE_LINUX_DEFAULT="splash quiet ipv6.disable=1"
GRUB_CMDLINE_LINUX="ipv6.disable=1"

Quick reference:

• wget http://downloads.linux.hp.com/SDR/downloads/bootstrap.sh
• chmod +x bootstrap.sh
• ./bootstrap.sh -v -r stable ProLiantSupportPack
• wget http://downloads.linux.hp.com/SDR/downloads/ProLiantSupportPack/GPG-KEY-ProLiantSupportPack
• apt-key add GPG-KEY-ProLiantSupportPack
• apt-get update
• apt-get install hpacucli

Too bad the hp software doesn’t support 3.x kernels, so you need to fool it a little.

setarch i686 --uname-2.6 hpacucli controller all show config

Because of my work, i come across a very common phenomen: the windows SMB protocol and how it relates to latency on your network. Office documents, even more than other types, seem to be affected.
I found a real nice whitepaper by Microsoft. It also contains a lot of (client side) fixes/suggestions.

Here’s a nice example and probably the main reason for the delay:

By default, your android calendar will synchronize:

• somewhere around 30-50 days in the past (i’m not exactly sure)
• all future items
• all recurring items

This means: when you start with a new phone or did a full wipe of your phone, you’ve lost all your history beyond 30-50 days. The only way to see these appointments is to log in to your web calendar.

To sync an old item, you could “refresh” the old items (say, edit some fields like location or time) but you don’t want to do that for thousands of items.

There is a way to “refresh” all your items at once:

1. Log in to Google Calendar via the web
2. Go to “Settings -> Calendar Settings” at the top
3. Go to the “Calendars” tab
4. at the bottom, next to “Create new calendar” you will find “Import Calendar” and “Export Calendars”
5. Export your calendar and save the .zip to some place on your harddisk
6. Unzip the .zip, you’ll get an .ics file
7. Now choose Import Calendar and select the .ics file
8. Your calendar will be overwritten with a backup of itself. No duplicates will be made (don’t worry)
9. Your phone will notice all the “new” items and will download your entire calendar

Hmm seems like $lastexitcode is a builtin variable. Nice!

robocopy "\\serverA\shareA" "\\serverB\shareB" /MIR /R:0 /W:0 /MT:4 /NP /LOG:"d:\logs\shareA_to_shareB.log" | out-null
interpret_robocopy_error $lastexitcode

and the function interpret_robocopy_error could be something quick’n'dirty like this:

function interpret_robocopy_error ([int]$errorlevel)
{
  if ($errorlevel -eq 16) { echo "   - Robocopy - ***SERIOUS FATAL ERROR*** "}
  if ($errorlevel -eq 15) { echo "   - Robocopy - OKCOPY + FAIL + MISMATCHES + XTRA "}
  if ($errorlevel -eq 14) { echo "   - Robocopy - FAIL + MISMATCHES + XTRA "}
  if ($errorlevel -eq 13) { echo "   - Robocopy - OKCOPY + FAIL + MISMATCHES "}
  if ($errorlevel -eq 12) { echo "   - Robocopy - FAIL + MISMATCHES "}
  if ($errorlevel -eq 11) { echo "   - Robocopy - OKCOPY + FAIL + XTRA "}
  if ($errorlevel -eq 10) { echo "   - Robocopy - FAIL + XTRA "}
  if ($errorlevel -eq 9) { echo "   - Robocopy - OKCOPY + FAIL "}
  if ($errorlevel -eq 8) { echo "   - Robocopy - FAIL "}
  if ($errorlevel -eq 7) { echo "   - Robocopy - OKCOPY + MISMATCHES + XTRA "}
  if ($errorlevel -eq 6) { echo "   - Robocopy - MISMATCHES + XTRA "}
  if ($errorlevel -eq 5) { echo "   - Robocopy - OKCOPY + MISMATCHES "}
  if ($errorlevel -eq 4) { echo "   - Robocopy - MISMATCHES "}
  if ($errorlevel -eq 3) { echo "   - Robocopy - OKCOPY + XTRA "}
  if ($errorlevel -eq 2) { echo "   - Robocopy - XTRA "}
  if ($errorlevel -eq 1) { echo "   - Robocopy - OKCOPY "}
  if ($errorlevel -eq 0) { echo "   - Robocopy - No Change "}
}

Start your Network and Sharing center from the Control Panel

1. Create a virtual wifi adapter. From an elevated dos prompt:

   netsh wlan set hostednetwork mode=allow ssid=mobile_hotspot key=password keyUsage=persistent

   In the Network and Sharing center, you’ll notice a new wireless connection, the default name will probably be “Wireless Network Connection 2”. Remember this, you’ll need it in step 2

2. Choose a network connection you want to share, e.g. your Local Area Network Connection. Choose properties, the Sharing tab and enable the “Allow other network users …”.
   Select the “Wireless Network Connection 2” (or something else from step 1) as Home networking connection.

3. Start the wifi hotspot. From an elevated dos prompt:

   netsh wlan start hostednetwork

Remember, the wifi hotspot will not start by default, so create a shortcut somewhere. Make sure you enable the “Run as administrator” in the shortcut property.