Monthly Archives: October 2011

Powershell Remove Unknown User Permission

Below is powershell code to remove unknown user permissions.  These permissions show up as a SID in the file or folder’s ACL.  These are created when a user is deleted but the users permissions remain as a SID in the ACLs.  This code is designed to recursively remove them.

$location = "\\server\share";
#Search recursivly through location defined;
get-childitem -r $location | foreach{
     $tempLocation = $_.FullName;
     #Get ACL for tempLocation;
     $acl = get-acl $tempLocation;
     #Get SID of unknown user from ACL;
     $acl.Access | where{
          $_.IdentityReference -like "*S-1*" -and $_.isinherited -like $false} | foreach{
          #Foreach SID purge the SID from the ACL;
          $acl.purgeaccessrules($_.IdentityReference);
          #Reapply ACL to file or folder with out SID;
          Set-Acl -AclObject $acl -path $tempLocation;
     }
}

Advertisements

PS Script Pull Event Log data

Below is a script I wrote to help identify computers that had a trust relationship issue with the Active Directory domain.  This script searches for an event on the domain controller that you run this on(please use caution).  It looks for an event that has an event ID of 5723, and that happened today.  Then it pulls the name of the computer identified in the event.  This script allows me to know and address the computers with issues before I get a support call.

#Get todays date;
$today = get-date -uformat "%m/%d/%Y"; 
#Create array for computers;
$cName = @();
#Pull events from system event log that are errors;
$events = Get-EventLog -log system -entrytype Error 
#Filter the events where eventID is 5723 and the time written is today;
$events = $events | where { 
 $_.eventID -eq 5723 -and $_.timewritten -like "$today*" 
}
#Select computer name property;
$events = $events | select ReplacementStrings;
#Add computer names to array;
$events | foreach { $cName += $_.replacementstrings[0];}; 
#Print array leaving out duplicates
$cName | select -uniq;

Schedule Task – Run batch file at Startup

Creating a scheduled task to run a batch file at startup is a very easy process, but if you miss a certain setting it can be very frustrating.  I have a quick how-to on creating a scheduled task that runs a batch file at startup, below.  This how-to was created using a Windows 2008 R2 Server, if you notice variations on other versions of Windows please comment to help others.  Thank you.

Type in a Name and Description and click “Next


Click the radio button for “When the computer starts” and click “Next

Make sure “Start a program” is marked and click “Next

Type in the location of the script under “Program/script” and the folder the script is in in the “Start in (optional):” textbox

Click “Next

Click “Finish


VMWare Workstation 8 on OpenSuse 11.4 64bit

First Download VMware Workstation 8 from VMWware.

Once downloaded open a terminal and switch to root (be careful)
su -

Change directory to the directory containing the installer

Now change permissions on the installer file so that it is executable
chmod 755 VMware-Workstation-Full-8.0.0-471780.x86_64.bundle

Now execute the installer
./VMware-Workstation-Full-8.0.0-471780.x86_64.bundle 

Once the installer finishes install gcc and Kernel-Desktop
zypper install gcc 
zypper install kernel-desktop 

Reboot your computer
Now open VMWare Workstation 8

Simple Powershell Ping Sweep

Below is code for a very simple powershell ping sweep.  I used this code to automate a process that needed to know which hosts were alive on a subnet.

 
$ping = New-Object System.Net.NetworkInformation.Ping

$IPScope = "192.168.1";

$IPNode = 1;

while ( $IPNode -le 255 ) {

 $IPtoPing = "$IPScope.$IPNode";
 $stat = $ping.send($IPtoPing) | select status;
 $result = "$IPtoPing $stat";
 $result;
 $IPNode = $IPNode + 1;

}

BackTrack 5 on Samsung Captivate

If you have a Samsung Captivate and you are geeky, putting BackTrack 5 Linux on it is a must.  I have posted a link below on the how-to I used to put it on my Samsung Captivate.  Putting BackTrack on your phone allows you to have a real linux terminal on your phone.  Plus you can do things like “nmap 192.168.1.0/24”.  I warn you though, you are going to need root access and some knowledge about your phone.  Enjoy.

http://www.backtrack-linux.org/forums/backtrack-5-how-tos/40719-installing-bt5-arm-samsung-galaxy-s-captivate.html


Redo Backup

I came across a pretty cool backup and restore tool and thought I would post it. I won’t post to much detail because you can find out all about it at their website(link below).

Tool: Redo Backup & Recovery
What is it: Live Linux distro with a backup and recovery tool
Link: http://redobackup.org/

To make a long story short, I downloaded the iso, burned it to a disk, and booted to the disk. Then, I hooked up my external hard drive and ran through the backup process.  Twenty minutes, later I had a backup.  Then, booted up normally and made changes.  I booted back to the disk and restored.  Twenty minutes or so later, life was good.

When comparing this tool to another free backup tool such as Clonezilla, Redo has a GUI which makes it much easier for even the most non technical user.  Redo also seems to be a much quicker process to getting your computer backed up than Clonezilla.  Granted I am speaking from a strictly backing up one computer situation, Clonezilla has other advanced features.

.