krypted.com

Tiny Deathstars of Foulness

Hyperion Enterprise is still a 32-bit app. So to get it to run in IIS, you’ll need to make sure that 32 bit apps can run in those containers. To enable 32-bit apps in IIS, run the following command (assuming that IIS is installed in the default location and that your Windows directory is C:\Windows:

C:\Windows\system32\inetsrv\appcmd set config - section:applicationPools - applicationPoolDefaults.enable32BitAppOnWin64:true

If you need to undo this for any reason, simply run the following from a Windows command prompt:

C:\Windows\system32\inetsrv\appcmd set config - section:applicationPools - applicationPoolDefaults.enable32BitAppOnWin64:true

Note: You’ll obviously need to be an admin (or elevate your privileges) to run these commands.

March 12th, 2015

Posted In: Windows Server

Tags: ,

In Windows 10, Microsoft has finally baked a package manager called OneGet into Windows. It works similarly to apt-get and other package managers that have been around for decades in the Linux world; just works in PowerShell, rather than bash. So let’s take a quick peak. First, import it as a module from a PowerShell prompt:

Import-Module -Name OneGet

Next, use Get-Command to see the options for the OneGet Module:

Get-Command -Module OneGet

This will show you the following options:

Find-Package
Get-Package
Get-PackageProvider
Get-PackageSource
Install-Package
Register-PackageSource
Save-Package
Set-PackageSource
Uninstall-Package
Unregister-PackageSource

Next, look at the repositories of package sources you have:

Get-PackageSource

You can then add a repo to look at, using Register-PackageSource. Or, we’ll just fire away at locating our first package, Acrobat:

Find-Package -Name AdobeReader

Or you could pipe that output to the Install-Package option:

Find-Package -Name AdobeReader | Install-Package

Or Firefox, verbosely:

Install-Package -Name Firefox -Verbose

Or ASP.NET MVC silently (using -Force):

Install-Package Microsoft.AspNet.Mvc -Force

In some cases, you can also use the -Version option to define a specific version, which is why I ended up writing this in the first place – swapping between versions of asp has been a bit of a pain since the introduction of its first update, it seems…
PowerShell logo

February 26th, 2015

Posted In: Windows Server, Windows XP

Tags: , , , , , , , , , , , , , ,

You can gracefully stop Windows processes using the Stop-Process command let. For example, to stop Chrome:

Stop-Process -Name Chrome

Or to stop it by ID. To locate the ID of a process, use get-process:

get-process Chrome

You can then use the -ID operator to stop the process:

Stop-Process -ID 6969

Kill is a command that all Mac and Unix admins know. It’s similar to Stop-Process, except it’s anything but graceful. And you use the -processname option to stop a process:

kill -processname calc

January 12th, 2015

Posted In: Active Directory, Windows Server, Windows XP

Tags: , , , , , ,

There are 3 registry keys that admins in the Windows world use to enable automatic logins, often required for deployments that require a logged in user to setup user environments, such as configuring app deployments as part of a mass deployment.

The required keys in the registry are:
(more…)

December 8th, 2014

Posted In: Active Directory, Mass Deployment, Microsoft Exchange Server, VMware, Windows Server, Windows XP

You can get the currently logged in user from a powershell script by using
$env:username. But most deployment scripts use elevated privileges. Therefore, you need to be a tad bit craftier.

(more…)

December 7th, 2014

Posted In: Programming, Windows Server, Windows XP

A few people have hit me up about issues getting Windows machines to play nice with the SMB built into Yosemite Server and Windows. Basically, the authentication dialog keeps coming up even when a Mac can connect. So there are two potential issues that you might run into here. The first is that the authentication method is not supported. Here, you want to enable only the one(s) required. NTLMv2 should be enabled by default, so try ntlm:

sudo serveradmin settings smb:ntlm auth = "yes"

If that doesn’t work (older and by older I mean old as hell versions of Windows), try Lanman:

sudo serveradmin settings smb:lanman auth = “yes"

The second is that the authentication string (can be seen in wireshark) doesn’t include the workgroup/domain. To resolve this, simply include the Server name or workgroup in the beginning of the username followed by a backslash(\). So you might do this as a username if your NetBios name were kryptedserver:

kryptedserver\charles

To get that exact name, use serveradmin again, to look at the smb:NetBIOSName attribute:

smb:NetBIOSName = "kryptedserver"

November 4th, 2014

Posted In: Mac OS X Server, Windows Server, Windows XP

Tags: , , , , , , , , ,

I work with a lot of network storage and video world stuff. While most in the editorial world prefer FinalCut, Avid, Adobe and other tools for video management, I do see the occasional task done in iMovie. By default, iMovie doesn’t support using assets stored on network volumes. However, you can make it. To do so, just use defaults to write com.apple.iMovieApp with a boolean allowNV key marked as true:

defaults write com.apple.iMovieApp allowNV -bool TRUE

imovie

April 25th, 2014

Posted In: Mac OS X, Mac OS X Server, Mac Security, Mass Deployment, Unix, Windows Server, Xsan

Tags: , , , , ,

There are times in a Citrix environment where you might have servers pointing to different data stores. You then might get confused about what box is pointing to what datastore location. To find out, open Powershell on the Citrix server and run the following command:

cat "c:\program files\citrix\independent mananagement architecture\nf20.dsn"

image

April 24th, 2014

Posted In: Windows Server

Tags: , , ,

The default logs in Windows Server can be tweaked to provide a little better information. This is really helpful, for example, if you’re dumping your logs to a syslog server. Here’s a script that can make it happen with a few little tweaks to how we interpret data (to be run per host, just paste into a Powershell interface as an administrator):

auditpol /set /subcategory:"Security State Change" /success:enable /failure:enable
auditpol /set /subcategory:"Security System Extension" /success:enable /failure:enable
auditpol /set /subcategory:"System Integrity" /success:enable /failure:enable
auditpol /set /subcategory:"IPsec Driver" /success:disable /failure:disable
auditpol /set /subcategory:"Other System Events" /success:disable /failure:enable
auditpol /set /subcategory:"Logon" /success:enable /failure:enable
auditpol /set /subcategory:"Logoff" /success:enable /failure:enable
auditpol /set /subcategory:"Account Lockout" /success:enable /failure:enable
auditpol /set /subcategory:"IPsec Main Mode" /success:disable /failure:disable
auditpol /set /subcategory:"IPsec Quick Mode" /success:disable /failure:disable
auditpol /set /subcategory:"IPsec Extended Mode" /success:disable /failure:disable
auditpol /set /subcategory:"Special Logon" /success:enable /failure:enable
auditpol /set /subcategory:"Other Logon/Logoff Events" /success:enable /failure:enable
auditpol /set /subcategory:"Network Policy Server" /success:enable /failure:enable
auditpol /set /subcategory:"File System" /success:enable /failure:enable
auditpol /set /subcategory:"Registry" /success:enable /failure:enable
auditpol /set /subcategory:"Kernel Object" /success:enable /failure:enable
auditpol /set /subcategory:"SAM" /success:disable /failure:disable
auditpol /set /subcategory:"Certification Services" /success:enable /failure:enable
auditpol /set /subcategory:"Application Generated" /success:enable /failure:enable
auditpol /set /subcategory:"Handle Manipulation" /success:disable /failure:disable
auditpol /set /subcategory:"File Share" /success:enable /failure:enable
auditpol /set /subcategory:"Filtering Platform Packet Drop" /success:disable /failure:disable
auditpol /set /subcategory:"Filtering Platform Connection" /success:disable /failure:disable
auditpol /set /subcategory:"Other Object Access Events" /success:disable /failure:disable
auditpol /set /subcategory:"Sensitive Privilege Use" /success:disable /failure:disable
auditpol /set /subcategory:"Non Sensitive Privilege Use" /success:disable /failure:disable
auditpol /set /subcategory:"Other Privilege Use Events" /success:disable /failure:disable
auditpol /set /subcategory:"Process Creation" /success:enable /failure:enable
auditpol /set /subcategory:"Process Termination" /success:enable /failure:enable
auditpol /set /subcategory:"DPAPI Activity" /success:disable /failure:disable
auditpol /set /subcategory:"RPC Events" /success:enable /failure:enable
auditpol /set /subcategory:"Audit Policy Change" /success:enable /failure:enable
auditpol /set /subcategory:"Authentication Policy Change" /success:enable /failure:enable
auditpol /set /subcategory:"Authorization Policy Change" /success:enable /failure:enable
auditpol /set /subcategory:"MPSSVC Rule-Level Policy Change" /success:disable /failure:disable
auditpol /set /subcategory:"Filtering Platform Policy Change" /success:disable /failure:disable
auditpol /set /subcategory:"Other Policy Change Events" /success:disable /failure:enable
auditpol /set /subcategory:"User Account Management" /success:enable /failure:enable
auditpol /set /subcategory:"Computer Account Management" /success:enable /failure:enable
auditpol /set /subcategory:"Security Group Management" /success:enable /failure:enable
auditpol /set /subcategory:"Distribution Group Management" /success:enable /failure:enable
auditpol /set /subcategory:"Application Group Management" /success:enable /failure:enable
auditpol /set /subcategory:"Other Account Management Events" /success:enable /failure:enable
auditpol /set /subcategory:"Directory Service Access" /success:enable /failure:enable
auditpol /set /subcategory:"Directory Service Changes" /success:enable /failure:enable
auditpol /set /subcategory:"Directory Service Replication" /success:disable /failure:disable
auditpol /set /subcategory:"Detailed Directory Service Replication" /success:disable /failure:disable
auditpol /set /subcategory:"Credential Validation" /success:enable /failure:enable
auditpol /set /subcategory:"Kerberos Service Ticket Operations" /success:enable /failure:enable
auditpol /set /subcategory:"Other Account Logon Events" /success:enable /failure:enable
auditpol /set /subcategory:"Kerberos Authentication Service" /success:enable /failure:enable

eventviewer

April 23rd, 2014

Posted In: Windows Server

Tags: , , , , , , , , , , ,

Next Page »