Wednesday, 23 January 2013

Powershel User SID




Domain User to SID

This will give you a Domain User's SID

$objUser = New-Object System.Security.Principal.NTAccount("DOMAIN_NAME", "USER_NAME")
$strSID = $objUser.Translate([System.Security.Principal.SecurityIdentifier])
$strSID.Value

2.
SID to Domain User

This will allow you to enter a SID and find the Domain User

$objSID = New-Object System.Security.Principal.SecurityIdentifier `
("ENTER-SID-HERE")
$objUser = $objSID.Translate( [System.Security.Principal.NTAccount])
$objUser.Value


LOCAL USER to SID

$objUser = New-Object System.Security.Principal.NTAccount("LOCAL_USER_NAME")
$strSID = $objUser.Translate([System.Security.Principal.SecurityIdentifier])
$strSID.Value







Remote assistance is unavailable for the current user account

The message "remote assistance is unavailable for the current user account" may be seen when attempting to assist a user with a Mandatory Profile. If they have previously had a mandatory profile set and this is no longer required then the following key may be changed

Hive HKEY_LOCAL_MACHINE
Key path SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\%LogonUserSid%
Value name State
Value type REG_DWORD
Value data 0x0 (0)

Unable to browse mapped drives when doing File > Open

If you are unable to browse to a mapped drive from within an application and the drive seems to be functional within Explorer then there are likely 2 causes
  • Software vendor is using a custom "Browse" dialog box rather than the Microsoft API
  • The executable is running in compatability mode or with admin rights.

Change the app properties or set the following reg key

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
EnableLinkedConnections =(dword)1

Sunday, 20 January 2013

Find which machine is locking your NT account out

Sometimes (usually after a password change) your account gets locked out fairly regularly. This is often caused by being RDP'd on to one server or another and not logged off since the password change.
To find out which machine is locking the account connect to the event viewer of the domain controller that you authenticate to and search for event 4070.

A user account was locked out.
Subject:
   Security ID:  SYSTEM
   Account Name:  Workstation$
   Account Domain:  MyDomain
   Logon ID:  0x3e7

Account That Was Locked Out:
   Security ID:  Workstation\Account1    
Account Name:  Account1
Additional Information:
   Caller Computer Name: Workstation

Powershell GUI



Basic template for when I want to make a Powershell XAML GUI.


    <#
        .SYNOPSIS
        .DESCRIPTION
        .PARAMETER
        .EXAMPLE
        .NOTES
            FunctionName :
            by   : administrator
            Date Coded   : 03/09/2012 20:32:56
        .LINK
    #>

$RunSpace=[RunspaceFactory]::CreateRunspace()
$RunSpace.ApartmentState = "STA"
$RunSpace.ThreadOptions = "ReuseThread"
$RunSpace.Open()
$PowerShellRunSpace = [PowerShell]::Create()
$PowerShellRunSpace.Runspace = $RunSpace
$PowerShellRunSpace.Runspace.SessionStateProxy.SetVariable("pwd",$pwd)
$handle = $PowerShellRunSpace.AddScript({

    Add-Type -AssemblyName Presentationframework
    [xml]$XAML = @'
<Window
    xmlns="http://schemas.microsoft.com/winfx/2006/xaml/presentation"
    xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml"
    Title="MainWindow" Height="350" Width="525">
    <Grid>
      
    </Grid>
</Window>

'@
    $reader=(New-Object System.Xml.XmlNodeReader $xaml)
    $Form=[Windows.Markup.XamlReader]::Load( $reader )

    #******
    #Interface declarations
    #******
    $Button1 = $Form.FindName("Button1")

    #******
    #Declare variables
    #******
    $Invocation = (Get-Variable MyInvocation -Scope 0).Value
    $ScriptPath = Split-Path $Invocation.MyCommand.Path
    $ScriptRoot = Split-Path $ScriptPath

    #******
    #Functions
    #******

    Function My-Function {
    }

    #******
    #On startup events
    #******


    #******
    #On Click events
    #******

    $Button1.add_Click({
    }) #end $Button1.add_Click


    #Show the form
    $Form.ShowDialog() | out-null

#End the runspace
}).BeginInvoke()

Setting a static IP in Raspbian



sudo nano /etc/network/interfaces
add:
auto eth0
iface eth0 inet static
address 192.168.2.200
netmask 255.255.255.0
gateway 192.168.2.1

Running the command prompt as the system account



This has got us out of a sticky situation in the past. These command will create a scheduled task that starts a CMD prompt running as localsystem so you can use it without local admin rights.


sc create testsvc binpath= "cmd /K start" type= own type= interact
sc start testsvc