Dec 31, 2020 For security and auditing reasons, some passwords that we store in PasswordState require a user to check-out the password and then check it back in before others can check it out. As part of this process, users are required to supply a reason why they require access to a specific password, which is very, very useful from an auditing perspective. The problem, however, is that sometimes users accidentally forget to check the password back in, and unfortunately, there doesn’t appear to be any administrative GUI option to check a password back in on another user’s behalf. ...
Oct 4, 2020 The following is a simple powershell script which takes advantage of PsExec to fetch event log backups from remote systems (defined in the $servers array) and store them into the specified$targetLocation. You can bypass PsExec and just use Get-WMIObject with the -ComputerName, but I had some issues doing this with a few DCs where PsExec worked perfectly. Once you’ve run this against all of your DCs, you can simply run Microsoft’s recommended PowerShell script against this path to identify any occurrences of event IDs related to CVE-2020-1472. ...
Sep 26, 2020 The following powershell script can be used to automatically generate a self-signed SSL certificate, and configure WinRM to accept connections over HTTPS. Tip: If using Windows Admin Center, you’ll need to import this certificate into the Trusted Root Certification Store on each of your Gateway servers, before you can connect to them. If you have an internal CA, you might like to use it to generate a trusted certificate with the Request-Certificate powershell module, and substitute its thumbprint into the winrm create command below. ...
Aug 8, 2020 In API development, end-to-end encryption with TLS is a very important, fundamental protection mechanism used to prevent the request/response from being tampered with (and even inspected), in-transit. Sometimes, however, you might also want to add API-level validation checks to ensure that the request has not been tampered with. This is useful in scenarios where transport-layer security is not used for whatever reason (and the request payload does not contain sensitive content), but in-transit manipulation of the request payload could result in unwanted changes - such as the deletion of a different record than what was intended. ...
Jul 11, 2020 My WiFi drivers fail from time-to-time, usually after a Kernel upgrade. For future reference, this is the series of commands I run to fix them. Source: https://gitlab.com/emrose/xps13-7390_debian/-/issues/5#note_240886447 git clone https://chromium.googlesource.com/chromiumos/third_party/linux-firmware chromiumos-linux-firmware cd chromiumos-linux-firmware sudo cp iwlwifi-* /lib/firmware/ cd /lib/firmware sudo ln -s iwlwifi-Qu-c0-hr-b0-50.ucode iwlwifi-Qu-b0-hr-b0-50.ucode
May 24, 2020 I’m currently working on writing a sync application to migrate Group calendars from Google G Suite to MS O365, and after reading up on a lot of APIs etc, I thought I’d post a short summary of my findings below. Unfortunately, Google’s Calendar API isn’t as flexible as I’d like it to be, so this is a much more complex process than it arguably should be. The following are some caveats/“gotchas” that I’ve come across so far. ...
Feb 13, 2019 The following is a useful powershell snippet to list all IP addresses within Active Directory DNS that match a specific subnet. PS > Get-ADComputer -Filter * -Properties ipv4Address | Where-Object IPv4Address -Match "^192.168.0.*" | Sort-Object -Property IPv4Address | Format-List name, ipv4*
Nov 27, 2018 To view audit logs on an EMC Isilon storage cluster, you can use the following command. isi_audit_viewer -h e.g: isi_audit_viewer -s '2018-01-01 00:00:00' -e '2018-01-31 00:00:00' -t protocol | grep '\\\\ifs\\\\ZoneName\\\\path\\\\to\\\\folder' Note that we need to escape backslashes when calling grep, so \\ will become \\\\. To make things more efficient for when re-reviewing the same audit log data, or when building your search expression for grep, you can simply pipe the output from isi_audit_viewer to a file, and then process that file. ...
Nov 17, 2018 Update (4/12/2018): The master branch of Patjak’s bcwc_pcie repository is not compatible with Linux kernel 4.19.2+. Thankfully, the mainline branch is compatible. The code below has been updated, but if you experience issues please try switching back to the master branch by changing the repository_branch variable at the top of the script. When upgrading the Kernel on a Fedora workstation running on a Late 2015 MacBook Pro 13”, the Webcam ceases to function (as the drivers are compiled against the current kernel). ...
Aug 15, 2018 Although it is often a sign of code that needs to be refactored and is an anti-pattern, it is sometimes necessary to stub controller methods within RSpec when running integration/feature specs. To avoid needing to use RSpec-mock’s allow_any_instance_of method, which I prefer to avoid using, I tend to create a new controller instance, stub the required method against the new controller instance, and then stub the controller class’ .new method to return the stubbed controller. ...
Aug 2, 2018 The following are some useful docker commands that I haven’t yet committed to memory. Delete all containers $(echo docker ps -aq) | while read -r line; do docker rm "${line}"; done Delete ALL docker-related data (images, containers, etc) WARNING: As with rm -rf on Linux, this action is not reversible. Take care when using this command. docker system prune -a -f Fix DNS issues on some Ubuntu 18. ...
Jun 22, 2018 Every once in a while, I encounter random freezing/hanging when developing Ruby applications and often find myself having to Google to find the correct gdb commands to use to debug these sorts of issues. To make life easier for myself (and hopefully for others out there), I’ve decided to document them here for future reference. I will (hopefully!) add to this page as I come across new strategies for debugging these sorts of issues. ...
Jun 19, 2018 Recently, I was tasked with designing and setting up a simple, cost-effective, touchscreen-based self-service Kiosk which users can intuitively use to navigate a predefined website (and nothing else). After spending some time researching the options (and realising just how expensive commercial touchscreens are!), I settled on the Dell P2418HT 24” touchscreen monitor and a Raspberry Pi. At a total cost of under $600 per Kiosk, it was a bargain when compared to the other options I’d come across ($1,200+ for the display alone)! ...