Page Not Found
Page not found. Your pixels are in another canvas.
A list of all the posts and pages found on the site. For you robots out there is an XML version available for digesting as well.
Page not found. Your pixels are in another canvas.
I got around to troubleshooting a Python process running in Docker that had some permission problems accessing Google Storage Reproing inside Python with goo...
I recently got to work on prototyping a small Django-based website that was somewhat like a message board. One of the features requested was allowing users t...
A team I work with is very happy with the k8s / ArgoCD setup we set up, and now wants to manage their experimental ML workloads in k8s as well. These workloa...
I recently ran into a friend that wanted some help with an app. Because the app is in super secret stealth mode, let’s pretend instead it’s “Pizza Advisor” -...
You’re an app developer now Let’s say you’re working on an app. The app helps you search for e-mail messages that relate to a certain topic. This works well ...
One of my projects involves communicating over SMS with cellular-connected IoT devices. The company already has a working infastructure for sending and recie...
I really like DuckDuckGo’s bangs, which basically directs your query elsewhere if you prefix it with !something. You could search the London zoo in gmaps by ...
Seems like I’m doing this setup once every 3 years, then forget about it until the next time it breaks. I hope this is the last time I’m rediscovering this.
One of my current projects is migrating a big Java project from Java 8 to a supported version. Since we’re doing small, stable steps, we started with Java 11...
Once, a long time ago, I used to have a consulting gig in some big enterprise-y company. It had a lot of unique challenges, being disconnected from the inter...
I’m working with a company that uses smart IoT devices produced far away. The main troubleshooting tool is a Java utility provided by the manufacturer. This ...
javax.mail:mail
1.4.7 is broken, and how to workaround
javax.mail and I One of the current tasks on my agenda involves the modernization of a project that is currently built on Java 8. Given that this project is ...
I have a friend who isn’t a developer and believes that coding is beyond their grasp. They work as a security analyst and prefer using Windows as their opera...
I recently discovered that I had over 100 PDFs in my “Downloads” directory and needed to determine which ones I wanted to keep. Instead of spending 10 minute...
One of the teams I worked with would do an “engineering pain-point” survey twice a year. During one of those surveys, the main complaint was that on-calls ha...
In my previous role, I supported a Java service that operated similarly to RDP or Citrix by enabling remote UI functionality. This service relied on sessions...
Upon receiving a notification from my NVidia Shield indicating that it was running low on storage space, I attempted to use the device’s interface to trouble...
Act 1, where I write Java In the past, I had the opportunity to assist a team in developing an Android application and a Java server. While my primary focus ...
Sapling (the Facebook-released SCM) is great, but the docs are not-great. I thought I’d list some commands it took me a while to undertand, for me and for ot...
I recently managed to use Docker Compose to launch a small app in Aamazon’s Elastic Container Services (ECS). Overall, the result is pretty incredible. I’m a...
I’m pretty new to Dockering in the wild, and I’m trying to use the new ECS integration to push all of my tiny app to the cloud.
Yesterday I installed updates and rebooted my Arch Linux rpi before going to sleep. First of all, this is a mistake because you shouldn’t install updates if ...
I’ve been working with some govermental data that is available as huge (>50G) CSV files. While there are workarounds to working with large files, I wanted...
Here are some things I learnt during my career in Facebook, and think could benefit someone new to the field. As an engineer in Facebook, you have a great de...
I have a friend who is working from home. This friend has a manager who’s way of measuring people’s productivity is ensuring said people are active on Slack....
I wanted to be able to switch between “listening to music” and “using the headphone’s microphone” easily. i3blocks allows me to write scripts emit a status l...
The Story One of my friends has some dealings with the Israeli courts. The noteworthy (and annoying) part of their digital documents is that these documents ...
I’ve created a dramatic big button, that actually sends key presses to the computer. It’s connected to the computer via USB, and programmable via the same co...
I recently had to edit a big XML file, and add a child elemnt to every element within. To simplify matters, say I had something like this: <?xml version="...
TL;DR: I switched from Juvia to Disqus after losing all of my blog’s comments
This is a small snippet I find extremely useful. You should have it in your ~/.bashrc: sortiq() { sort | uniq -c | sort -rn ; } It will count the instances ...
modus machinor - my adjustment of “modus operandi” for “engineering”
I had a graph living outside Pythonland (a commit tree with dependencies) and wanted to do graphy things to it. To do that, I first had to put the data into ...
My latest weekend-hack is a plugin that shows the magnet link for a torrent entry
Why I didn’t want sybols in my YAML
The Story Imagine this situtation: ```text THE WORLD / company.com | A s1.red.company.com A s2.red.company.com … A sN...
The story Today I wrote some HTML page by hand (my new homepage). I then used this script to make the HTML code nicer:
The Problem I needed to run a mobile emulator on my laptop, in order to test some DNS server changes before releasing them. However, since the emulator had n...
A lot of people (>3) asked me in the last month or so about how to land a first job after leaving the army / graduating from university, so I thought I’d ...
The story I got a new game on Steam and got set to downloading it. For some reason, Steam and Windows have decided that it’s better to save some electricity ...
I wrote this little script to upload the current cookbook to the Chef Supermarket. It should be run from within the cookbook’s directory.
As I wrote some time ago, I started my own python cookbook for Chef because I didn’t like the direction the “default” one was going. I recently added a new f...
I’ve decided to share some code I use in Chef to pull some data and files from Jenkins
Today I told someone that a feature I’m missing in Bash is filtering. Then I thought about how much I miss it, so I went ahead and “implemented” it.
The Problem I’ve always disliked releasing cookbook versions manually. The process requires a lot of bureaucratic steps which are easy to forget and require ...
Similar to my Graphite dashboard migration script, I made a Grafana one. I’m targeting Grafana v2+. Note it’s using http for its HTTP calls. ```ruby old_serv...
The Story Like a lot of Chef users, I’m using Vagrant for testing my cookbooks. I’m also using Berkshelf for providing the Vagrant box with the cookbooks it ...
What’s wrong with the current Python cookbook Until now, we were using the Python cookbook. This worked well for a while, until I noticed these things:
The new Chef documentation for Custom Resources is pretty lackluster. This is probably because they’re too busy making awesome stuff, but I still needed to l...
The Story I never understood the AWS billing very well and happily left it to my CTO. A couple of days ago, however, my CTO secretly told me he’s mainly inte...
The problem
The Story I’ve been a Microsoft SysAdmin for a long time before switching for Linux. During which, I scripted a lot in PowerShell. PowerShell has several “ou...
The Story Our dev team is currently using a Snowflake-like ID generation scheme that looks like this: (Diagram by Elad Rosenhim, architect and companion at ...
The Problem Packer is a great tool for creating machine images, and I’m using it to create EC2 AMIs. My issue with it is that Packer is using JSON for input,...
As part of a compliance check for our company, I was required to print the name/version of all FOSS proejcts I’m using. Most of it was digging around Gemfile...
Guest post This is a post written by my former colleague, Ofri Sherf. I’ve been bugging her to upload her script and write how it works because it sounded in...
The Story HBase installations include a shell for running arbitrary commands. For instance, if you want to view all of your snapshots, you can do something l...
The Problem I have a pet Chef cookbook in charge of managing SELinux policies in Linux machines (Take a look). Until today I got along fine without testing, ...
The Story Some time ago, some colleague rebuilt several servers and reused their names (think sql1,sql2 etc). Obviously the new servers had different SSH ser...
The Story This post relates to my previous post. I was trying to create a script to amend my known_hosts file (where SSH keeps fingerprints of all of the ser...
The Problem One of the first things I noticed when starting to work with AWS is that security groups are very hard to maintain:
I thought I’d upload some interesting Chef-related snippets I accumulated.
I recently had an issue with use_inline_resources. This feature’s documentation is lackluster, and I learnt about its magic thanks to some scraps of informat...
Google Bait This post isn’t about the solution, but rather about the methodology. Anyway, to help people experiencing the same issue find this post:
I just made a small script to migrate dashboards between two graphite servers. Couldn’t find a similar one anywhere, so I thought I’d upload it. Note it’s us...
The Story I recently found out that some of our backend code suffers from memory-related ceashes, namely SIGSEGV (a program tries to access memory it doesn’t...
The Story I was trying to tinker with Abrt, a daemon in charge of collecting and diagnosing various crashes in RHEL (more on that in a different post). Becau...
The story Although HBase is a crucial component in our current stack, the monitoring for it was quite incomplete. We only had general “is it running?” monito...
The Story When installing SSL certificates for nginx, assuming you’re using certificate hierarchy (and not a self-signed ceritificate), you’re required to co...
The story I currently work with CentOS on Amazon EC2. As I previously written, The HVM version of the AMI is created with a partitioned disk, instead of havi...
The Story Some time ago, my PC wouldn’t boot. This was my fault, as I needed to resize some partition, and resizing in Linux really means deleting the partit...
The Story Since we tend to hold our AWS EC2 VMs for a long time, we usually reserve them. Reservations are like pre-buying instances - you pay AWS ahead of t...
I recently took over managing some config files from my dev colleagues. I was extremely annoyed to be reminded that Notepad (Windows’ text editor) does 2 maj...
As part of our HBase setup, we run Thrift servers. This is pretty simple, except for the init files. Since we’re running Thrift standalone (and not as part o...
Update 24-06-15 Thanks to this page, I fixed my script. It no longer requires root privillages. I also muted informational messages because they were not ver...
I recently bought a digital frame for some of my more elderly relatives. The frame’s firmware was quite retarded, and I had 2 issues with it:
I needed to create seperate Chef accounts for some utility program running in my Chef server. I was finally able to deprecate it today, but I saved those sni...
Update 19.02.15 After posting my script in the Jenkins mailing list, I was told about a simpler way for implmenting my authorization strategy. I’m leaving th...
Update 04.07.15 This method doesn’t work anymore because of some weird AWS restriction, which says you can’t connect the root device of a marketplace AMI (li...
The Story I recently wiped my CubieTruck (a single board computer, like RaspberryPi), and tried installing the root filesystem on a hard drive instead of the...
The Story I manage every one of my Chef cookbooks as a single git repository, complying with the BerkShelf paradigm. I keep them all as submodules in a “supe...
The Story I’ve been requested to recreate some spreadsheet for our execs. Being annoying as usual, I made it a point to only use scripting to build the table...
About StatsD StatsD is a tool developed by Etsy and Flickr (complicated story). Its main use is providing a middleman for Graphite, which is a real-time grap...
Update 28.01.16 I found some sites referring to this post. Below are the common complaints I saw, and my replies:
The Story I’m using Amazon’s EC2 for some of my VMs, which run CentOS. When viewing Block Device Mappings (mapping between the virtual storage - ebs, epheme...
Some Background
I recently reinstalled my laptop and had to reconfigure my git prompt. I use the git prompt script that is included in Ubuntu’s git package, and integrate it...
The Problem When configuring KeepaliveD using Puppet, sometimes an interface name has to be used. Imagine a server with 2 interfaces (eth0,eth1), where one i...
The Problem Part1 - Fault tolerence A common configuration of web servers is setting up multiple servers to serve the same content, with a load-balancing met...
Note: Although my experience is with Debian, I think this post helps anyone using some modern Linux distribution. What is TRIM? As a Windows sysadmin, I didn...
There are plenty of guides about apt pinning, but no one really explains the motivation to do so. It took me some time to understand that, so I thought I’d w...
In my previous post about pinning I talked about the reasons to configure apt pinning. This post details my logic about what and how to pin.
Sometime I want to inspect software repositories. However, I don’t want my machine to actually install anything from it. To do so, I made a small bash functi...
The Story For reasons unknown to me, Debian’s NTP daemon only works on udp port 123, even when operating as a client. This is a problem because my network c...
The Story Today I got annoyed that some puppet agent runs took me over 90 seconds to complete, even though they actually did nothing (no change was needed). ...
The Story I recently had a very annoying problem - some daemon failed, but ran fine when told to run at foreground (not daemonize). Running at foreground is ...
I’m using Firefox with NoScript, which is the AdBlock of scripts - allowing you to selectively block scripts according to various rules (e.g. block all scrip...
The default viewing experience, when visiting some Hebrew sites when using Firefox on Ubuntu, is quite unsightly. If we check Ynet.co.il, a news site, we’ll ...
Today I solved a problem that has been bothering me for a while - being unable to automatically “remount” my USB drive in case it disconnects and reconnects.
Update: I added this project as my first GitHub repo I have an ongoing project which I nickname my raspberrySeed, which is a Rasbperry Pi running Deluge. Wo...
I recently upgraded to Ubuntu 14.04 (beta2), and I got all of my “lenses” (searching additional items in the dash menu), that look like this:
Today I wanted to make sure I have SSH access to about 100 servers. Obviously, I wasn’t going to verify the list by hand, so I put all of the servers’ names ...
Note: I switched to inadyn on my home server eventually. I left this article because it’s still relevant
I found the script we were using to disable authenticode on our machines, a feature that causes great suffering (and dll-loading-delays) to workstations not ...
As part of a security audit, I was asked to help in finding all accounts marked with “Trusted for Delegation” What is “Trust for Delegation” You can try rea...
I recently had to improvise some network scanning using PowerShell. The security guys got somewhat excited, so I decided to upload these snippets. I think al...
After setting up my rPi TorrentBox, I wanted to let my family access the downloaded files. Since they use Windows (and I don’t want to bother their systems w...
Note: This is relevant to any ARM based device running Linux
I use this script to see all GP extensions that my computer can process:
I’m currently testing Prettify to replace SyntaxHighlighter as the syntax-highlighting solution in my blog. By the way, it’s nothing critical, but Blogger’s ...
Today I found out that the command I use to find duplicate SPNs, setspn -x is case sensitive, meaning that the following SPNs don’t count as duplicates: HOS...
The Story If you thought about deploying BitLocker in your enterprise, you probably came across the recovery issue - if you lose the encrypting smart card, c...
Whenever I use Remote Desktop to connect to an NT6+ (Windows Vista / Windows Server 2008 and later) machine, I use Network Level Authentication, meaning that...
###The Story I haven’t touched SharePoint in a while, but I’ve been asked by a friend to help him do something “the right way”. We were looking for a way to ...
The Story Since Event Log Subscription doesn’t have a module or a .NET class, interacting with its settings and status has to be done either via UI or the co...
Whenever I see a superseded update, I usually want to know which update supersedes it. Finding it from the console is easy enough:
When it comes to DST complexity, Israel has it worst (I think). We have our DST definition changed on a yearly basis, and consequently we have to repeat the ...
I recently had to deal with some network traffic issues, so naturally I turned to NetMon. My problem was with some TCP packets not reaching their destination...
I was approached by some colleagues building a new VM template for Windows Server 2012 who wanted some help with .NET framework 3.5. ###The .NET oddity As a...
Recently I was called to help some some friends who had an unusual problem: They demoted an old DC because they needed to raise the domain functional level, ...
Some time ago, we’ve come to the conclusion that the computer accounts in the domain are disorganized. After doing the tedious job of sorting existing accoun...
When I want to search for events in Windows Event Log, I can usually make do with searching / filtering through the Event Viewer. For instance, to see all 46...
I often get asked by some other IT guy “why does user XXXXX keep on getting locked out?”
Whenever I want to view the replication status in my domain, I use repadmin /replsum, which queries all of the DCs and gives me a summary of the replication ...
Today I saw some collector-initiated event log subscriptions that displayed a weird error, something like Windows Event Forward plugin can't read any event f...
I wanted to open some photos today (to add to my blog) on my Windows 8 workstation, and it kept opening the full-screen metro app instead of the normal pictu...
Yesterday I wanted to open the Group Policy editor (or “Group Policy Management Editor”) for a specific GP object through PowerShell, but there is no “Edit-G...
I recently discovered that when applying a GP object using loopback and user security filtering (allowing only specific users to apply the GP), the computer ...
I’ve been envying my *nix brethren for having Wget for a long time. To get the contents of a web page or download a file using http I had to use workarounds ...
I know this trick is widely known, but I thought it’s worth mentioning anyway. If you use PowerShell’s Copy-Item to copy files, you don’t get any progress re...
Ever since I got employed in my present company, I’ve been told that our NetApp Filer supports SMB2 when used as NAS. I was always skeptic of that (due to h...
I was recently asked by one of my teammates to add several NTFS permissions to the root folders of a bunch of shares. Seems easy, but I had two problems:
I just wrote a small script to copy permissions from one SharePoint list to the other. Things to consider
Today someone showed me a strange problem - he had servers that recently installed new updates from his WSUS server, but he couldn’t find them in the WSUS co...
Every SharePoint noob knows that one can create list lookup relationships, like specifying that a book belongs in a specific bookshelf. What I didn’t know un...
I recently looked over out DNS server settings, and I found out that more than one DNS server (DC in our case) was scavenging records. In order to put that r...
Our security team complained to me that they found a lot of users with trivial passwords simply by trying to log in as them. They asked me to write them a sc...
The Problem I was recently requested to make sure that our machine’s network interface cards (NICs) have their DNS queries pointed to “the correct servers”. ...
My SharePoint team and I wanted to move to SPWebConfigModification rather that just modifying the web.config file manually, but I was always worried that app...
Recently I decided I want to store physical discovery data (name, physical location, host if it’s a VM) on the machine’s account in Active Directory, because...
Recently I got to mess with SharePoint 2010’s People Picker - a control that emulates Windows’ “Directory Object Picker”, allowing the user to select securit...
I’ve recently implemented an enterprise-wide solution of event collection in our organization, using Windows’ built-in mechanism called the Windows Event Col...
I’ve recently implemented an enterprise-wide solution of event collection in our organization, using Windows’ built-in mechanism called the Windows Event Col...
Our company has an internet-isolated environment, and I was requested to create a WSUS infrastructure there. The most annoying thing about installing a disco...
As every average geek, I too download torrents (containing only legal, copyright-free material, of course), and most of the time the torrents contain multi-f...
We’ve started remotely monitoring our certificate stores on critical servers, and wanted the monitoring software to be able to remotely connect to our server...
Just a quick SQL script to get the rowcount and size data of every table in the current database: CREATE TABLE #sizeof ( name varchar (70), [rows] int, re...
I’m working on some sort of HTTP proxy (maybe more details about it later), and to test it I’ve created a short PowerShell script. Note it also performs basi...
Note: It’s fixed now. The project itself is still pretty cool
I found out that after creating my Yii Applications through Yiic.bat, I tend to modify the same things in all of them (adding .htaccess files for pretty urls...
Yii natively supports code recycling, by allowing you to store common code in modules, widgets etc. However, to share code between applications, you still ha...
Note: I’m no longer using this site, and might take it down. Let me know if you want the code.
I recently checked the option of handing out AD permissions through PowerShell scripts, and I found out that setting object-specific ACEs is not trivial scri...
A few days ago I wanted to make sure that my ACS (Audit Collection Server) is collecting events from all of my DCs. For those unfamiliar with ACS, it’s an ad...
I recently migrated a domain for a client, and did it like a noob (as in simply copying the db and files, making sure everything’s working, and then shutting...
I’ve recently started monitoring my new SharePoint 2010 farms on SCOM, and found the management pack’s documentation to be rather lacking in setup instructio...
Recently, one of my teammates installed ArcGis Server 9.3 on our fresh SharePoint 2010 box, causing all sites to respond with 503 Service Unavailable. A quic...
Recently our Exchange 2003 environment broke down when we demoted our last ancient DCs. We panicked and re-promoted them, but no avail. The Exchange servers ...
I recently had to lock down a Windows 2008R2 remote desktop server (terminal server) One of the requirements was to show only some control panel items, a set...
Hi. One of my clients asked me to be able to take manual backups of his DB, and because he wasn’t so technologically-inclined, using the hosting company’s in...
We recently had to manually set the dynamic RPC port range in our servers, mainly because Exchange 2010 sets the port range so wide that the firewall guys (r...
I’m working on a project involving Gallery 3, and one of my goals was tight Facebook integration. Today I’ve wanted to make sure that when someone shares a p...
Recently, one of the IT crowd informed me that he can’t delete some of his PTR records through the DNS management console (dnsmgmt.msc). The record would app...
I’m doing a little developing in PHP as a hobby, and I got some task involving free hosting in FreeHostingCloud.com. Since I’m just starting to learn PHP 5, ...
I’m going to keep it short, because there’s a lot of technical background. So, I’m assuming you know about:
According to this Technet article, to enable remote desktop remotely by using the registry you need to set the key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSe...
Hi there. Not a while ago, I’ve created a post about stsadm.exe / new SPSite() being slow in disconnected environments. Just wanted to point out that I’ve tr...
After learning how SPNs work (read my “Who? Why? Where” to learn what’s an SPN), I was frustrated to find out that I can’t implement my experience in the rea...
I got word that this script was useful for some other IT team, so it’s definitely blog-worthy! The Story I’ve inherited some AD forests with their schema ext...
I recently managed to solve a problem that bugged me for a ~ year - permissions on a specific group on AD would vanish, and the change won’t show up on the s...
Update: Get the script here The Story A couple of days ago, developer extraordinaire Itay Shakury was doing performance tuning on one of our SharePoint appli...
We’ve recently encountered an interesting problem: One of our applications had a service using .net remoting with impersonation turned on. Inside this servic...
I really like Powershell’s dynamic type system, which allows you to, among other things, view XML nodes really easily. For example, to view the connectionStr...
I was making an introduction to a new teammate about SharePoint infrastructure, and one of the things I had to teach her about was SPNs. I was surprised to k...
Last week MS’s PFE Moti Bani and me solved a problem that bugged me for ~ a year - since the day we’ve started deploying 2008 clusters in our production envi...
Note: This script is better than just ls -rec | measure, because measure measures only one field, and when iterating over many files and directories, every i...
When I installed my first WSUS server, I liked the idea of auto-assigning computers into different WSUS groups according to domains using the group policy’s ...
Before I had a chance to study Microsoft’s SQL Server Management Studio (SSMS)’s Powershell SnapIn, I needed to grab some data from an SQL DB. I ended up cre...
Hi. My name is Nitzan, and I’m a MS-IT guy. Whenever I run into a problem I can’t solve during my work, I almost always end up finding the answer in some blo...
Ever had GPO Version differences between the AD and the Sysvol? Sure, you might have a healthy FRS/DFSR architecture, but the replication takes time. It’s an...