Dwarfsoft [GPA]

Scripting

SYSTEM Account Permissions

by on May.25, 2010, under Novell, Scripting, Tweet, Work

Recently I have been working on some rather complicated projects preparing our SOE to move from Novell eDirectory to an Active Directory environment. One of the packages I built was required to run periodically and so I set up a Scheduled Task to accomplish this. Rather than introduce a security risk by creating a new Administrator Account I just created the scheduled task to run as the local SYSTEM account. It turns out that the SYSTEM account does not have as much access as I required, especially when managing user registry hives.

After quite some time looking in to how to achieve my goal I came up with a rather simple, yet ultimately hacky, solution. Give the SYSTEM Account Administrative Privileges.

(continue reading…)

2 Comments :, , , , , , , more...

Last Login Time

by on Apr.22, 2010, under Scripting, Tweet, Work

I have recently been having a look into determining the Last Login Time of a user for a BGInfo implementation. Firstly I had a look at the getCurrentUserLastLoginTime script suggested for use with BGInfo. The limitation of this script, however, is that it will reset the login time to the last time the Windows login box was Authenticated against, which also includes the time that the workstation was unlocked.

In order to maintain current BGInfo information the implementation is running periodically, so this is unnacceptable. Therefore I had to work to resolve the issue manually. As I have had a fair bit of experience with Windows Profiles recently (see the last blog post) I was familiar with the ProfileLoadTimeHigh and ProfileLoadTimeLow registry keys in the ProfileList. So I set out to determine how to actually use these to determine the login time. I first wrote some code to get the User SID based on the users “%userdomain%” and “%username%”:

(continue reading…)

Leave a Comment :, , , , , more...

Shared User Profiles – Staging Scripts

by on Mar.15, 2010, under Novell, Scripting, Tweet, Work

As promised, here are the scripts required for the Pre-staging of Domain User Profiles on the local machine. The first thing we need to do is Enumerate all the Local User Accounts.

Function StageAllUsers(DomainFQDN, strDomain)
   ' Enumerate all users that are Local and not built in accounts.
   strComputer = "."
   Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
   'Enumerate users where the User Domain is the Local Machine
   Set colItems = objWMIService.ExecQuery _
                  ("Select * from Win32_UserAccount " & _
                   "Where Domain = '" & GetComputerName & "' " & _
                   "And Disabled = FALSE And Name <> 'Administrator'")
   ' Stage each user
   For Each objItem In colItems
      ' Ensure the account actually has a profile (otherwise we can ignore it)
      If GetLocalUserProfile(objItem.Name) <> "" Then
         ret = StageUser(objItem.Name, DomainFQDN, strDomain)
      End If
   Next
End Function

The functions called here are GetComputerName, which returns the name of the local machine, and the other important ones are GetLocalUserProfile and Stage User. The first we can check is GetLocalUserProfile. (continue reading…)

9 Comments :, , , , , , , , , , more...

Shared User Profiles – Alternative to Migration

by on Mar.12, 2010, under Novell, Scripting, Tweet, Work

Well, I have been very slack in that I haven’t updated with my Group Policy investigations or the eDirectory VBScript classes I was working on, but what I have been involved in recently is working on Migrating Workstations from Novell eDirectory to Active Directory.

In this process I have come across an array of options in migrating accounts from a Local User account to Domain User account and transferring the profiles across to keep the user “look and feel” that they are accustomed to.

One problem: In this scenario it makes for a very manual rollback strategy, no matter how much scripting and automation is involved in the migration process. This boils down to Novells implementation of “Dynamic Local User” which effectively creates a Local User Account that is not really bound to a User Account in eDirectory for Authentication or mapping purposes (which you can see if you look at the account SIDs).

(continue reading…)

3 Comments :, , , , , , , , , more...

More GTD-PHP Work

by on Aug.20, 2009, under Authoring, Scripting, Tweet

I have updated my GTD-PHP Email Import Addon so that it now integrates with the current Subversion revision of the code. There is one bug left in it, in that it will not check that there is a mail server set before it tries to connect. I find that this error occurs the first time the session is established with the server, and from then on it works fine. By performing an error check against $server = “” I should be able to remove that bug as well.

The updated EmailImport Addon is now available for download from the GTD-PHP Trac wiki.

(continue reading…)

Leave a Comment :, , , , , , more...

GTD-PHP Import from POP3 Mail

by on Aug.04, 2009, under Home, Scripting, Tweet

I have been attempting to get a fully working system set up for David Allens Getting Things Done. To this end I have set up an install of GTD-PHP.

Being the kind of person who likes to adapt, change, and implement better solutions, particularly for myself, I created a list of features I would like to see in my GTD-PHP installation. One of the first problems I had with the existing system was that it does not support importing Inbox items from a real mail Inbox.

I did some research and came across an existing mail importer, however this required directly piping mail from SMTP into the php script, which I could not do on my host (or would prefer not to do).

(continue reading…)

Leave a Comment :, , , , , , more...

GroupWise Audit and Batch/Cmd Escaping

by on Jul.27, 2009, under Novell, Scripting, Tweet, Uncategorized, Work

I was required recently to audit passwords on all the Novell GroupWise accounts in the cluster. This was not too much of a problem using existing solutions, except that all the existing solutions limited searches to either Users, or to objects with the “NGW: Object ID” attribute.

The Solutions I found include Check GroupWise Users for Password – Batch and Check GroupWise Users for Password – Exe, both of which made use of GWSend. Being an avid scripting aficionado myself I opted for the first, so I could make changes.

First step was to export all User Objects with NGW: Object ID into an Excel sheet using DSReport. Then export all GroupWise External Entities with NGW: Object ID to a different Excel Sheet. Finally I needed to export all GroupWise Resources, which do not have an NGW: Object ID, but their CN is effectively the NGW: Object ID for which we can log in and try to send emails. Upon completing this I compiled a single list of Allusers.csv which had the NGW: ObjectID/CN in the first column, and the DN for the Object Name and Location within the tree. This makes it far easier to track down the location of generic accounts (Something that none of the scripts account for).

(continue reading…)

1 Comment :, , , , , more...

Back Behind the Keyboard

by on Jul.20, 2009, under Home, Scripting, Study, Uni, Work

It has again been some time since my last update. I have been quite busy getting used to balancing my new life with my daughter now nearly 3 months old. Fatherhood has obviously taken a lot of my time that I previously used for development, and learning.

The past few months have also seen my University Graduation 3 days after my Daughters Birth, Family Visits, Job Applications, Job Interviews, and finally Permanency in my Servers Position.

Aside from that I have been working with some friends on converting the old TA Server to the C# .Net/Python version (PyTA). I have also been busy in mapping out my development goals and objectives for the coming months and years.

(continue reading…)

Leave a Comment :, , , , , , , , , , , , , , , , , more...

Ini File Handler for VBScript

by on Feb.27, 2009, under Scripting, Work

I was recently working on an issue to do with managing .ini files in VBScript. I know what you are all going to say now: Why would you use an INI file when the registry is available for use?! Well, there is one instance that you may wish to use another form of configuration or information passing. In this instance we have an initiation of the Ghost Store method for the System Volume. To achieve a store on the system volume we require the PC to be rebooted and it then boots up into a BartPE environment to run the Ghost Store, and perform a few custom tasks. Therefore, the System Volumes Registry is not present (or requires mounting then reading, which has proven somewhat unreliable for me in the past).

So, the reason it came to developing the Ini file handler class is due to the need to provide some more controlled smarts into the store/restore system. Clusters, such as the one I work within, can be more proactive in their maintenance, and therefore require more advanced features than the corporate stock-standard release is likely to contain. As such the area in which I work is constantly involved in working towards a very automated maintenance process. My skills, lying within scripting, programming, and automation in particular, come in handy in this regard. I regularly disassemble the corporate releases to ensure that they will not break when released out into the wild of our corporate machines.

(continue reading…)

4 Comments :, , , , , more...

Becoming a Published Author

by on Feb.25, 2009, under Book Reviews, Novell, Scripting, Work

Beginning Game Programming: A GameDev.Net Collection

Beginning Game Programming: A GameDev.Net Collection

Well, as some of you may know, I was involved in writing a series of articles that started back in 2001 and continued until 2004 on some simple programming concepts using C++. An Introduction to Pointers, Structures and Linked Lists has now made a home for itself inside the new GameDev.Net book; Beginning Game Programming: A GameDev.Net Collection. This book is a collection of edited articles that have been posted to GameDev.Net over a period of years.

(continue reading…)

2 Comments more...

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!