Windows Server 2008 r2 Domain Controller boots into Active Directory Repair

Problem!

My Windows 2008 R2 DC (the only one) boots into Active Directory Repair mode.
Now I can’t log in, because the Active Directory services aren’t started.
I can’t even restart the system correctly, running as a VMware virtual machine, because the VMware tools do not respond, bah.

Solution? [power off… eek hmz]
Boot into safe mode with command line (hey, now you can log in, because the AD services are started!)

type the following commands:

bcdedit /set safeboot dsrepair

bcdedit /deletevalue safeboot

shutdown -f -r -t 1

It is said it works for windows server 2012 as well.

If this doesn’t work, you probably have damaged something in AD, and you should dig a little deeper.
Perhaps even this ? http://distefano.biz/blog/index.php/2013/01/22/windows-server-2008domain-controller-failed-to-start/

I hope you are happy again.

Posted in Active Directory, Windows, Windows Server | Comments Off on Windows Server 2008 r2 Domain Controller boots into Active Directory Repair

Stacking some images with convert

Today I remembered I was reading on the web, somewhere I don’t remember, someone asked about stacking images that were grabbed from a webcam into one file, to create a kind of ghost effect.

Playing around with ffmpeg and convert I was able to create a little script that captures a frame from /dev/video0, save it as a file, and merge it into some kind of end result: a jpg picture ūüôā

# Example of catching a live feed with ffmpeg, and merging the captured images with convert

i=0;

# We start the loop 
while true; do

# Now we capture the image
ffmpeg -nostats -loglevel 0 -i /dev/video0 -vframes 1 -s 1024x768 -f mjpeg -y jpg-$i.jpg

((i++))

# We convert to an average 
convert *.jpg -evaluate-sequence mean a.jpg

# We're done, repeat
done

Ofcourse, convert will take longer and longer to process all the files, but I do this to create the best effect.
Maybe you can even use the convert cmd this way to create star trail pictures, I’ll have to try that one day.

You could keep it simpler, and just capture 2 files, and merge that into one new file, capture a new file it, merge that, etc., but then the ghost  effect dissipates quickly.

It is fun to play around with concepts like these using linux. It is very powerful do be able to do this kind of thing from the command line.

Next time I want to post something about video streams and how to use ffmpeg and ffserver, I’ll keep you posted.

Have fun!

Posted in convert, ffmpeg, linux | Comments Off on Stacking some images with convert

linux ssh access to Zyxel NSA 320

Thanks to the guys over at NAS-central, who document their stuff well, I can now use my Zyxel NSA 320 directly on the network, over secure shell.

In my case this is handy because I can now easily backup the home directory on my linux laptop directory to my home NAS over the wifi, using scp.

In order to achieve this I obtained a copy of this archive: http://downloads.zyxel.nas-central.org/Users/Mijzelf/zypkg-repo/NSA320/4.70/zypkg/ (Since I have an NSA320, with firmware 4.70). What I’ll do with these files follows later in this post.

I followed the instructions here to be able to log in as root: http://zyxel.nas-central.org/wiki/Telnet_backdoor so I created the link, and opened it, in my case something like:

http://nas/r41794,/adv,/cgi-bin/remote_help-cgi?type=backdoor

As a web page this does nothing, it launches an executable on the nas. So I could telnet in with

> telnet nas
login: admin
passwd: <the one that I set when I configured an admin account on the nas>

> /sbin/makekey
Got a passwd: jk4blabla
logged out of the telnet, and directly back in:
> telnet nas
login: NsaRescueAngel
passwd: jk4blabla

set a new password for root
> passwd root

I enabled the admin share to be able to use it remotely to remove and replace files. With e.g. Thunar, I opened the link:

smb://nas/admin/zy-pkgs/

made a new directory ‘old’ and moved all current files in that directory to the old directory (just in case I want it back).

I copied the obtained archive to the smb://nas/admin/zy-pkgs/ directory. Next I went in to the settings page, and went to nas/system settings/Firmware/Packages, then tab Package and hit the refresh button. I installed the packages Metarepository, Random tools and ffp. After reboot, ssh is enabled and you can log in as root or a user, generate ssh keys etc.

Now I have access with ssh, I can use scp to copy my files over the network.

Thank you guys over at NAS-central!

Have fun!

Posted in linux, NAS, ssh | Comments Off on linux ssh access to Zyxel NSA 320

Convert PDF using linux

Convert at it again.

I think I have posted something like this before, but ‘convert’ keeps being an amazing tool.

Today converting Pdf’s into png picture format with:

> convert -density <density in DPI> input.pdf -quality <quality ratio> output.png

E.g. > convert -density 300 *.pdf -quality 90 output.png

Found at http://askubuntu.com/questions/50170/how-to-convert-pdf-to-image

Posted in convert, linux, pdf | Comments Off on Convert PDF using linux

Looking for multimedia files [list of common multimedia files] -> solution? powershell!

Sometimes as system administrator, you find your file servers are cluttered with stuff you may want to decide to do something about, say, export to the final bin. However the case, you want to know what’s there. [and it is usually big stuff]. On windows you can ofcourse check manually, or make a list based on¬†file extension. That’s simply how it works. It took some sites to google, but there is an abundance of file extensions out there. Most of them aren’t used, but this is a list that may be found common for multimedia files: list-mmfiles

I’m going to use this to list all multimedia¬†files on the network now, when I miss files (by manual checking), i’ll update the list in this post.

Oh well, I skipped that, I just did :

Get-Childitem X:\ -Recurse -ErrorAction SilentlyContinue | Export-csv
-Path C:\all.csv -Encoding ascii

To get all files on the system, and sort it out later, using Excel.
You can then sort on file extension.. pff, sjah.. tssss. No file size info..

I quickly looked up through the file types that were actually on the file system and ran a script that adds up all the file sizes (it does this from the path you’re in):

$totalfs = 0
$files = Get-ChildItem -Recurse -Include *3gp,*asf,*avi,*bmp,*cda,*gif,*jpg,*m1v,*m4a,*m4v,*mov,*mp3,*mp4,*mpe,*mpg,*pcx,*png,*wma,*wmf,*wmv,*wmz
$totalfs = ($files | Measure-Object -Sum Length).Sum / 1GB
"{0:N0}" -f $totalfs

Update: Oh and by the way, this should also list the amount of files.
(I needed that to list all txt files, actually: cookies)

$totalfs = 0
$totalfsc = 0
$files = Get-ChildItem -Recurse -Include *txt
$totalfs = ($files | Measure-Object -Sum Length).Sum / 1GB
$totalfsc  = ($files | Measure-Object -Sum Length).Count
"{0:N0}" -f $totalfs
"{0:N0}" -f $totalfsc
Posted in News | Comments Off on Looking for multimedia files [list of common multimedia files] -> solution? powershell!

Nagios 3.4.1 Columns in status.cgi

That wasn’t nice.

Nagios has 3 columns as a default hard coded inside its status.cgi.
Today we have such wide screens to display things with…

In order to change this default behaviour of old code, in nagios, change the following:

(get a copy of the nagios source code, in my case 3.4.1)
unpack, ./configure it
in /yoursourcedir/nagios/cgi/ change status.c
int overview_columns = 3; into int overview_columns = 10;

then compile with:

make cgis

then you can copy the newly created cgi in place of the old one (for example.)

Be aware that you set the rights correctly.

Hope this helps you.

Posted in News | Comments Off on Nagios 3.4.1 Columns in status.cgi

LDAP Configuration for HP Printers and Active Directory

I had to figure out how to configure LDAP on these HP Color LaserJet Pro MFP M476 series with LDAP support.
The LDAP configuration was a tad bit different than I suspected.

For some reason the SSL function didn’t work, so I switched to normal, old-fashioned way of doing this on port 389.

LDAP Server: Fill in your Windows Domain Name.Extension
Server port: 389

verification: Simple

And here we go, username must be specified, not as username, but as user DN. so:

Username: cn=username,OU=Users, DC=Domain,DC=DomainExtension

The search path should be something like:
Path OU=Users,DC=DOMAIN,DC=DomainExtension
Match cn
e-mail mail

Note that you don’t use spaces in LDAP queries.

Now you can test your configuration.
Fill in some account that you know exists in your directory and hit the Test button.

Should work now.
Hope this helps you.

Posted in ldap, News | Comments Off on LDAP Configuration for HP Printers and Active Directory

OWA: Blocking Microsoft Internet Explorer

Internet explorer has a leak, and now you don’t trust it for people to logon to your OWA. (Outlook Web Access).
You may want to block OWA to be used with Internet Explorer.

To achieve this, I did the following:

I changed logon.aspx in the ClientAccess\Owa\auth diretory on the OWA server. I added these 5 lines as the first 5 lines of the logon.aspx page.

<script language="JavaScript" type="text/JavaScript">

if (navigator.appName == "Microsoft Internet Explorer") { 
  document.location = "https://webmail.yourdomain.com/owa/auth/ie_reject.aspx"; 
};

</script>

Basically, this points any browser that advertises itself as Microsoft Internet Explorer to the page: ie_reject.aspx (in the same directory ‘auth’ ).

This page has a picture on it called iewarning.jpg, that you also place in the same directory ‘auth’.

The page contains code that looks like this: ie_reject.aspx

The iewarning.jpg looked something like this.

example-owa

example-owa

People are given the chance to click the links and download and install a safer browser, while giving a feel of what used to be the normal OWA page.

For the looks I just slapped in the logo and text as an image for mozilla and chrome:

Hope this helps you.

Update:

IE 11 didn’t get detected, Microsoft has changed user agent string in IE11, so you should use the following javascript code instead:

( so, forget those 5 lines as the first 5 lines in logon.aspx, but put this on top there instead. )

<script type="text/JavaScript" language="JavaScript">
function getInternetExplorerVersion()
{
  var rv = -1;
  if (navigator.appName == 'Microsoft Internet Explorer')
  {
    var ua = navigator.userAgent;
    var re  = new RegExp("MSIE ([0-9]{1,}[\.0-9]{0,})");
    if (re.exec(ua) != null)
      rv = parseFloat( RegExp.$1 );
  }
  else if (navigator.appName == 'Netscape')
  {
    var ua = navigator.userAgent;
    var re  = new RegExp("Trident/.*rv:([0-9]{1,}[\.0-9]{0,})");
    if (re.exec(ua) != null)
      rv = parseFloat( RegExp.$1 );
  }
  return rv;
}
if (getInternetExplorerVersion() != -1) { document.location = "https://webmail.domain.com/owa/auth/ie_reject.aspx"; };
</script>
Posted in News, Windows | Comments Off on OWA: Blocking Microsoft Internet Explorer

Ricoh and LDAP with Active Directory

Ricoh Multifunctionals working with LDAP to an Active Directory are fun!

When it works.

I ran into a problem with Ricoh Multifunctionals and the connection to an LDAP server.

If you do too at some point run into trouble setting up these printer-scanner-fax-whatnots, make sure you check the following:

– Set a DNS server, better, set two.

– Create a domain, first entry is the descriptive name of the setting, second the ip address of a DC, third, the name of your windows domain.

Not setting a DNS server makes the check on LDAP fail for some reason, even if you connect to an IP address!

Under water this is due to the use of just the function gethostbyname() with no checking if gethostbyaddr() could have been used as well. Lazy programming.

Specify your LDAP location (where to search) in your Active Directory such that it looks like the following:

OU=Users,DC=DOMAIN,DC=COM

Don’t use “-marks.
Don’t use spaces.

Lastly, you may want to change the search setting ID from cn into displayName so it can look up names in the directory, it worked better in my case.

Something like this:

ricoh

ricoh

This should do. I hope that perhaps this helps you.

Posted in Configuration, ldap, News | Comments Off on Ricoh and LDAP with Active Directory

Windows, VMware virtualisation & networking hardware

When you’ve just virtualised a hardware server to a VMWare environment, and you have trouble getting networking to function again, try the following:

… This post has been moved to this page

Posted in News, VMware | Comments Off on Windows, VMware virtualisation & networking hardware

Convert is cool once more

Got some PDF’s from a customer today.
I need to convert these into¬†images, since the program I use for wifi measurement does not accept PDF’s.

Found the free solution of course, using linux.

convert -density 300 -trim test.pdf -quality 100 test.jpg

Always funny to see how … magical … the shear amount of options¬†is for¬†the cmd ‘convert’.

Found at http://stackoverflow.com/questions/6605006/convert-pdf-to-image-with-high-resolution

Thank you stackoverflow.com!

Posted in linux, News | Comments Off on Convert is cool once more

Using Raspi and MPD as home audio player

Today I installed a raspberrypi as home player using the Music Player Daemon [mpd] again, instead of that old laptop, I might save some power.

Here’s what I did.¬†[post moved to page]

Posted in Hardware, linux, raspi | Comments Off on Using Raspi and MPD as home audio player

Using mopidy on debian, playing your spotify premium account with your MPD client.

Nice, I play spotify premium streaming audio using mopidy on debian now ūüôā

I approximately did this:

I got debian debian-6.0.7-i386-netinst

[I have to add though that this configuration can almost be applied to ubuntu as well,
note that I use root access, so you may apply “sudo” where you like it, I can’t be bothered, as I will explain later, so read on]

Next I dumped that on a 4Gb USB apparatus that I had laying abouts, with the tool: unetbootin-windows-583

[Linux users can probably dump that using a default available tool that comes with their favourable installation, but do contemplate the fact that it is only a lengthy lot of 0 and 1 combinations. With this I mean the dumping of the iso contents as well as your favourable software installation you use on your computing device]

Installed that…. [read more (post moved) here]

Posted in linux, News | Comments Off on Using mopidy on debian, playing your spotify premium account with your MPD client.

Root your nas!

Finally got around to root my nas, I actually need a new one, that, and I removed the casing a long time ago for the odd reason to remove the blue led.

Failure was an option anyway.

It’s a LaCie Network disk, so with some help from NAS-central.com¬†I could easily root it.

First created the webshell and used utelnetd (set +x), placed that on an ext3 usb-key, uploaded that to /www/cgi-bin/admin using the backup mechanism that is supplied within the lacie web administration part of the on board software.

From there it’s as easy as performing http://nas/cgi-bin/admin/webshell?utelnetd to start the telnet daemon. By default these lacie boxes don’t have a password set for root.
Once that is set, I used the info on this site to install some ARM compiled packages.

I noticed there was a package available for gphoto2. It’s the software I’ve used before on the welcam project.¬†Who knows, this nas has one usb port, perhaps another camera project?

Posted in Update | Comments Off on Root your nas!