Updating VMware discovery info in Active Directory

Recently I decided I want to store physical discovery data (name, physical location, host if it's a VM) on the machine's account in Active Directory, because we have a lot of machines and during a crisis we sometimes forget where they are.
I started with our VMware infrastructure ...

more ...

Some Things I Didn't Know About People Picker

Recently I got to mess with SharePoint 2010's People Picker - a control that emulates Windows' "Directory Object Picker", allowing the user to select security principals

  • Active Directory's People Picker:
  • The SharePoint 2010 Variant:

After the Devs asked me to customize it for them, I went rummaging through the ...

more ...

Installing WSUS Prerequisites Easily in a Disconnected Server

Our company has an internet-isolated environment, and I was requested to create a WSUS infrastructure there.
The most annoying thing about installing a disconnected WSUS server is that you can't do it via the server manager (because it requires a working internet connection) but rather through an exe file ...

more ...

Automaticlly Extracting Downloaded Torrents

As every average geek, I too download torrents (containing only legal, copyright-free material, of course), and most of the time the torrents contain multi-file archives that contain the really juicy data.
A lot of times I return home and find some new torrent has completed downloading, but I have to ...

more ...

Remotely Viewing Machine Certificates With Minimal Permissions

We've started remotely monitoring our certificate stores on critical servers, and wanted the monitoring software to be able to remotely connect to our servers' personal certificate stores.
I quickly found a script to enumerate all certificates in a specific store on a remote computer:

function Get-Cert( $computer=$env:computername ...
more ...

Creating proxied http requests with PowerShell

I'm working on some sort of HTTP proxy (maybe more details about it later), and to test it I've created a short PowerShell script.
Note it also performs basic authentication voluntarily (without waiting for a server challenge) by injecting an Authorization header, because I was testing something extra ...

more ...

Active Directory's Object Specific ACEs and PowerShell

I recently checked the option of handing out AD permissions through PowerShell scripts, and I found out that setting object-specific ACEs is not trivial scriptwise.
Active Directory ACE (access control entries) are different from your regular ACEs (for example, NTFS), because they can be used to grant permissions only on ...

more ...

Making sure your Audit Collection Server is collecting

A few days ago I wanted to make sure that my ACS (Audit Collection Server) is collecting events from all of my DCs.
For those unfamiliar with ACS, it's an additional component to SCOM (System Center Configuration Manager) that allows you to collect events from the security log of ...

more ...

Lowercasing PTR records in DNS

Recently, one of the IT crowd informed me that he can't delete some of his PTR records through the DNS management console (dnsmgmt.msc). The record would appear to be deleted, but it'll still show up after refreshing.
After some quick Googling I found kb842127, which says that ...

more ...

Enabling Remote Desktop Remotely

According to this Technet article, to enable remote desktop remotely by using the registry you need to set the key

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server:fDenyTSConnections=0

and then reboot the server.
Rebooting is actually unnecessary - you can just restart the service TermService
If you'd like to script ...

more ...