Switching audio bluetooth profiles with a script
I wanted to be able to switch between “listening to music” and “using the headphone’s microphone” easily. i3blocks allows me to write scripts emit a status l...
Posts by Tag
- Scripts 81
- PowerShell 48
- Linux 44
- Security 33
- Active Directory 26
- Mysteries Solved 26
- Ruby 23
- Windows 18
- Ramblings 17
- Python 17
- Chef 14
- Bash 13
- Group Policy 12
- One-Liner 12
- SharePoint 11
- HTTP 9
- SQL 8
- Kerberos 8
- Registry 8
- Event Log 8
- AWS 8
- Java 8
- FileSystem 7
- Programming 7
- DNS 7
- PHP 6
- Performance 5
- HTML 5
- Raspberry Pi 5
- raspberrySeed 5
- Debian 5
- WSUS 4
- BitTorrent 4
- Virtualization 4
- Networking 4
- SSH 4
- Jenkins 4
- CentOS 4
- SCOM 3
- Terminal Server 3
- Facebook 3
- Firewall 3
- Office 3
- Yii 3
- Power Management 3
- Deluge 3
- Ubuntu 3
- Perl 3
- Apt 3
- linux 3
- scripts 3
- HBase 3
- PKI 2
- Exchange 2
- IIS 2
- Calendar 2
- NetApp 2
- SMB 2
- TCP 2
- DST 2
- Gargoyle 2
- Parallel 2
- Firefox 2
- Web 2
- curl 2
- git 2
- bash 2
- Troubleshooting 2
- StatsD 2
- Monitoring 2
- Graphite 2
- Vagrant 2
- Scripting 2
- Rambling 2
- Docker 2
- NTFRS 1
- Failover Cluster 1
- Internet Explorer 1
- Backups 1
- Apache 1
- Google 1
- ACS 1
- MySQL 1
- RSS 1
- iCal 1
- Proxy 1
- VMware 1
- ASP.net 1
- Web.Config 1
- CIFS 1
- WinRM 1
- Network Monitor 1
- WMI 1
- W32tm 1
- Regular Expressions 1
- BitLocker 1
- Prettify 1
- CSS 1
- Blog 1
- Samba 1
- Delegation 1
- .NET framework 1
- XML 1
- DDNS 1
- Unity 1
- udev 1
- Fonts 1
- Development 1
- NoScript 1
- gdb 1
- Debugging 1
- NTP 1
- Apt Pinning 1
- Puppet 1
- Regex 1
- CSV 1
- Spreadsheets 1
- LibreOffice 1
- chef 1
- Boot 1
- ARM 1
- Storage 1
- ImageMagick 1
- images 1
- SysVInit 1
- Script 1
- EC2 1
- Disk 1
- nginx 1
- security 1
- ssl 1
- ruby 1
- PYthon 1
- RPM 1
- RHEL 1
- Building 1
- Email 1
- SSL 1
- xbox 1
- ubuntu 1
- steam 1
- Piculet 1
- Testing 1
- ChefSpec 1
- Powershell 1
- Licensing 1
- Packer 1
- Mutex 1
- Lock 1
- Groovy 1
- Billing 1
- Grafana 1
- Shell 1
- Pip 1
- C 1
- BeautifulSoup 1
- Graphing 1
- Disqus 1
- XSLT 1
- arduino 1
- Arduino 1
- Israel 1
- Sapling 1
- Git 1
- Android 1
- JQ 1
- ops 1
- PDF 1
- WSL 1
- Microsoft 1
- Date 1
- OpenWRT 1
- Network 1
- UDP 1
- Search 1
- SMPP 1
- PostgreSQL 1
- kubernetes 1
- gpu 1
- k3s 1
- Django 1
- cloud 1
- google 1
Scripts
Extracting SGN files used by the Israeli Court System
The Story One of my friends has some dealings with the Israeli courts. The noteworthy (and annoying) part of their digital documents is that these documents ...
Populating a NetworkX graph with a scanner
I had a graph living outside Pythonland (a commit tree with dependencies) and wanted to do graphy things to it. To do that, I first had to put the data into ...
Getting Magent Links from Deluge
My latest weekend-hack is a plugin that shows the magnet link for a torrent entry
Stringify Hash Keys in Ruby
Why I didn’t want sybols in my YAML
Prettify HTML pages with BeautifulSoup
The story Today I wrote some HTML page by hand (my new homepage). I then used this script to make the HTML code nicer:
DNS Override for a Single Process
The Problem I needed to run a mobile emulator on my laptop, in order to test some DNS server changes before releasing them. However, since the emulator had n...
Keeping Windows Awake (with PowerShell)
The story I got a new game on Steam and got set to downloading it. For some reason, Steam and Windows have decided that it’s better to save some electricity ...
Chef “Share This” script
I wrote this little script to upload the current cookbook to the Chef Supermarket. It should be run from within the cookbook’s directory.
Dry Run for Python Pip
As I wrote some time ago, I started my own python cookbook for Chef because I didn’t like the direction the “default” one was going. I recently added a new f...
Filtering in Shell
Today I told someone that a feature I’m missing in Bash is filtering. Then I thought about how much I miss it, so I went ahead and “implemented” it.
Cookbook Versioning Script
The Problem I’ve always disliked releasing cookbook versions manually. The process requires a lot of bureaucratic steps which are easy to forget and require ...
Migrating Grafana’s Dashboards
Similar to my Graphite dashboard migration script, I made a Grafana one. I’m targeting Grafana v2+. Note it’s using http for its HTTP calls. ```ruby old_serv...
Chef Custom Resources - Missing Documentation
The new Chef documentation for Custom Resources is pretty lackluster. This is probably because they’re too busy making awesome stuff, but I still needed to l...
Parsing AWS billing
The Story I never understood the AWS billing very well and happily left it to my CTO. A couple of days ago, however, my CTO secretly told me he’s mainly inte...
Managing Jenkins API Tokens
The problem
Open-Gridview - the FOSS Out-Gridview
The Story I’ve been a Microsoft SysAdmin for a long time before switching for Linux. During which, I scripted a lot in PowerShell. PowerShell has several “ou...
Using a global lock in Chef
The Story Our dev team is currently using a Snowflake-like ID generation scheme that looks like this: (Diagram by Elad Rosenhim, architect and companion at ...
Enhancing Packer Templates with eRuby
The Problem Packer is a great tool for creating machine images, and I’m using it to create EC2 AMIs. My issue with it is that Packer is using JSON for input,...
Detecting Invalid External References in Group Policy Preferences
Guest post This is a post written by my former colleague, Ofri Sherf. I’ve been bugging her to upload her script and write how it works because it sounded in...
Running Inline DSL in ChefSpec
The Problem I have a pet Chef cookbook in charge of managing SELinux policies in Linux machines (Take a look). Until today I got along fine without testing, ...
Merging known_hosts files
The Story Some time ago, some colleague rebuilt several servers and reused their names (think sql1,sql2 etc). Obviously the new servers had different SSH ser...
Generating known_hosts file using Chef
The Story This post relates to my previous post. I was trying to create a script to amend my known_hosts file (where SSH keeps fingerprints of all of the ser...
Migrating Graphite’s Dashboards
I just made a small script to migrate dashboards between two graphite servers. Couldn’t find a similar one anywhere, so I thought I’d upload it. Note it’s us...
Sending mail on coredumps
The Story I recently found out that some of our backend code suffers from memory-related ceashes, namely SIGSEGV (a program tries to access memory it doesn’t...
Using RPMBuild - My Shortlist
The Story I was trying to tinker with Abrt, a daemon in charge of collecting and diagnosing various crashes in RHEL (more on that in a different post). Becau...
Sending HBase metrics to Graphite using Python
The story Although HBase is a crucial component in our current stack, the monitoring for it was quite incomplete. We only had general “is it running?” monito...
Managing EC2 reservations with Scripts
The Story Since we tend to hold our AWS EC2 VMs for a long time, we usually reserve them. Reservations are like pre-buying instances - you pay AWS ahead of t...
Scripting YUM provides search using Python
Update 24-06-15 Thanks to this page, I fixed my script. It no longer requires root privillages. I also muted informational messages because they were not ver...
Resizing AWS root EBS in CentOS HVM
Update 04.07.15 This method doesn’t work anymore because of some weird AWS restriction, which says you can’t connect the root device of a marketplace AMI (li...
AWS’s Block Device Mapping in CentOS
The Story I’m using Amazon’s EC2 for some of my VMs, which run CentOS. When viewing Block Device Mappings (mapping between the virtual storage - ebs, epheme...
Accessing a specific server in an HTTP cluster
The Problem Part1 - Fault tolerence A common configuration of web servers is setting up multiple servers to serve the same content, with a load-balancing met...
Adding Repositories for Inspection
Sometime I want to inspect software repositories. However, I don’t want my machine to actually install anything from it. To do so, I made a small bash functi...
Timing Execution By Output Lines
The Story Today I got annoyed that some puppet agent runs took me over 90 seconds to complete, even though they actually did nothing (no change was needed). ...
Hijacking a process’s i/o streams using gdb
The Story I recently had a very annoying problem - some daemon failed, but ran fine when told to run at foreground (not daemonize). Running at foreground is ...
Automatically Mounting USB drives and Surviving Reconnects
Today I solved a problem that has been bothering me for a while - being unable to automatically “remount” my USB drive in case it disconnects and reconnects.
Python Library for Deluge Torrent Maintenance
Update: I added this project as my first GitHub repo I have an ongoing project which I nickname my raspberrySeed, which is a Rasbperry Pi running Deluge. Wo...
Listing Unity’s Scopes and Originating Package
I recently upgraded to Ubuntu 14.04 (beta2), and I got all of my “lenses” (searching additional items in the dash menu), that look like this:
Mass-Checking SSH Connections using Parallel
Today I wanted to make sure I have SSH access to about 100 servers. Obviously, I wasn’t going to verify the list by hand, so I put all of the servers’ names ...
Fixing Dynamic DNS on Gargoyle
Note: I switched to inadyn on my home server eventually. I left this article because it’s still relevant
Disabling “generate Publisher Evidence” using scripts
I found the script we were using to disable authenticode on our machines, a feature that causes great suffering (and dll-loading-delays) to workstations not ...
Finding Accounts Trusted for Delegation
As part of a security audit, I was asked to help in finding all accounts marked with “Trusted for Delegation” What is “Trust for Delegation” You can try rea...
Some PowerShell Snippets for Network Scanning
I recently had to improvise some network scanning using PowerShell. The security guys got somewhat excited, so I decided to upload these snippets. I think al...
List all Group Policy Extensions Registered
I use this script to see all GP extensions that my computer can process:
setspn Duplicates and Case Sensitivity
Today I found out that the command I use to find duplicate SPNs, setspn -x is case sensitive, meaning that the following SPNs don’t count as duplicates: HOS...
Backing up BitLocker to ActiveDirectory - My Additions
The Story If you thought about deploying BitLocker in your enterprise, you probably came across the recovery issue - if you lose the encrypting smart card, c...
Adding SSL to a SharePoint 2010 Web Application, the Right Way
###The Story I haven’t touched SharePoint in a while, but I’ve been asked by a friend to help him do something “the right way”. We were looking for a way to ...
Parsing Event Log Subscription Runtime Status using PowerShell and Regex
The Story Since Event Log Subscription doesn’t have a module or a .NET class, interacting with its settings and status has to be done either via UI or the co...
Finding Superseding WSUS updates in PowerShell
Whenever I see a superseded update, I usually want to know which update supersedes it. Finding it from the console is easy enough:
Adding .net 3.5 to a Windows Server 2012 template
I was approached by some colleagues building a new VM template for Windows Server 2012 who wanted some help with .NET framework 3.5. ###The .NET oddity As a...
Preventing Users from Adding Computers to a Domain
Some time ago, we’ve come to the conclusion that the computer accounts in the domain are disorganized. After doing the tedious job of sorting existing accoun...
Filtering Windows Event Log using XPath
When I want to search for events in Windows Event Log, I can usually make do with searching / filtering through the Event Viewer. For instance, to see all 46...
Investigating Repeatedly Locked Out Users
I often get asked by some other IT guy “why does user XXXXX keep on getting locked out?”
Viewing detailed replication status using Repadmin and PowerShell
Whenever I want to view the replication status in my domain, I use repadmin /replsum, which queries all of the DCs and gives me a summary of the replication ...
Removing all Metro Apps from Windows 8
I wanted to open some photos today (to add to my blog) on my Windows 8 workstation, and it kept opening the full-screen metro app instead of the normal pictu...
Opening Group Policy Management Editor from the Command Line
Yesterday I wanted to open the Group Policy editor (or “Group Policy Management Editor”) for a specific GP object through PowerShell, but there is no “Edit-G...
Wget in PowerShell v3
I’ve been envying my *nix brethren for having Wget for a long time. To get the contents of a web page or download a file using http I had to use workarounds ...
Copying Files In PowerShell - Using Windows Explorer UI
I know this trick is widely known, but I thought it’s worth mentioning anyway. If you use PowerShell’s Copy-Item to copy files, you don’t get any progress re...
Testing actual SMB version
Ever since I got employed in my present company, I’ve been told that our NetApp Filer supports SMB2 when used as NAS. I was always skeptic of that (due to h...
Mass Setting Permissions on Remote Shares
I was recently asked by one of my teammates to add several NTFS permissions to the root folders of a bunch of shares. Seems easy, but I had two problems:
Copying List Permissions in SharePoint 2010
I just wrote a small script to copy permissions from one SharePoint list to the other. Things to consider
Finding WSUS Clients by SusClientId
Today someone showed me a strange problem - he had servers that recently installed new updates from his WSUS server, but he couldn’t find them in the WSUS co...
Making Sure Only Your PDC is Scavanging DNS Records
I recently looked over out DNS server settings, and I found out that more than one DNS server (DC in our case) was scavenging records. In order to put that r...
Brute Force Guessing for User Passwords
Our security team complained to me that they found a lot of users with trivial passwords simply by trying to log in as them. They asked me to write them a sc...
Automaticlly Updating DNS Server Addresses In A Domain Machine
The Problem I was recently requested to make sure that our machine’s network interface cards (NICs) have their DNS queries pointed to “the correct servers”. ...
Applying SPWebConfigModification objects safely
My SharePoint team and I wanted to move to SPWebConfigModification rather that just modifying the web.config file manually, but I was always worried that app...
Updating VMware discovery info in Active Directory
Recently I decided I want to store physical discovery data (name, physical location, host if it’s a VM) on the machine’s account in Active Directory, because...
Installing WSUS Prerequisites Easily in a Disconnected Server
Our company has an internet-isolated environment, and I was requested to create a WSUS infrastructure there. The most annoying thing about installing a disco...
Automaticlly Extracting Downloaded Torrents
As every average geek, I too download torrents (containing only legal, copyright-free material, of course), and most of the time the torrents contain multi-f...
Determining Size of all Tables in a Database
Just a quick SQL script to get the rowcount and size data of every table in the current database: CREATE TABLE #sizeof ( name varchar (70), [rows] int, re...
Creating proxied http requests with PowerShell
I’m working on some sort of HTTP proxy (maybe more details about it later), and to test it I’ve created a short PowerShell script. Note it also performs basi...
Active Directory’s Object Specific ACEs and PowerShell
I recently checked the option of handing out AD permissions through PowerShell scripts, and I found out that setting object-specific ACEs is not trivial scri...
Lowercasing PTR records in DNS
Recently, one of the IT crowd informed me that he can’t delete some of his PTR records through the DNS management console (dnsmgmt.msc). The record would app...
Event Log Permissions, With Scripts!
I’m going to keep it short, because there’s a lot of technical background. So, I’m assuming you know about:
Enabling Remote Desktop Remotely
According to this Technet article, to enable remote desktop remotely by using the registry you need to set the key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSe...
Checking for conflicting oIDs
I got word that this script was useful for some other IT team, so it’s definitely blog-worthy! The Story I’ve inherited some AD forests with their schema ext...
Stsadm / new SPSite is slow
Update: Get the script here The Story A couple of days ago, developer extraordinaire Itay Shakury was doing performance tuning on one of our SharePoint appli...
A few seconds about psbase
I really like Powershell’s dynamic type system, which allows you to, among other things, view XML nodes really easily. For example, to view the connectionStr...
Get-BigDirectories
Note: This script is better than just ls -rec | measure, because measure measures only one field, and when iterating over many files and directories, every i...
Auto-Sorting Computers in WSUS
When I installed my first WSUS server, I liked the idea of auto-assigning computers into different WSUS groups according to domains using the group policy’s ...
Querying SQL Servers
Before I had a chance to study Microsoft’s SQL Server Management Studio (SSMS)’s Powershell SnapIn, I needed to grab some data from an SQL DB. I ended up cre...
PowerShell
Keeping Windows Awake (with PowerShell)
The story I got a new game on Steam and got set to downloading it. For some reason, Steam and Windows have decided that it’s better to save some electricity ...
Open-Gridview - the FOSS Out-Gridview
The Story I’ve been a Microsoft SysAdmin for a long time before switching for Linux. During which, I scripted a lot in PowerShell. PowerShell has several “ou...
Accessing a specific server in an HTTP cluster
The Problem Part1 - Fault tolerence A common configuration of web servers is setting up multiple servers to serve the same content, with a load-balancing met...
Disabling “generate Publisher Evidence” using scripts
I found the script we were using to disable authenticode on our machines, a feature that causes great suffering (and dll-loading-delays) to workstations not ...
Finding Accounts Trusted for Delegation
As part of a security audit, I was asked to help in finding all accounts marked with “Trusted for Delegation” What is “Trust for Delegation” You can try rea...
Some PowerShell Snippets for Network Scanning
I recently had to improvise some network scanning using PowerShell. The security guys got somewhat excited, so I decided to upload these snippets. I think al...
List all Group Policy Extensions Registered
I use this script to see all GP extensions that my computer can process:
Backing up BitLocker to ActiveDirectory - My Additions
The Story If you thought about deploying BitLocker in your enterprise, you probably came across the recovery issue - if you lose the encrypting smart card, c...
Adding SSL to a SharePoint 2010 Web Application, the Right Way
###The Story I haven’t touched SharePoint in a while, but I’ve been asked by a friend to help him do something “the right way”. We were looking for a way to ...
Parsing Event Log Subscription Runtime Status using PowerShell and Regex
The Story Since Event Log Subscription doesn’t have a module or a .NET class, interacting with its settings and status has to be done either via UI or the co...
Finding Superseding WSUS updates in PowerShell
Whenever I see a superseded update, I usually want to know which update supersedes it. Finding it from the console is easy enough:
Reading Daylight Saving Time Data in Windows
When it comes to DST complexity, Israel has it worst (I think). We have our DST definition changed on a yearly basis, and consequently we have to repeat the ...
Adding .net 3.5 to a Windows Server 2012 template
I was approached by some colleagues building a new VM template for Windows Server 2012 who wanted some help with .NET framework 3.5. ###The .NET oddity As a...
Preventing Users from Adding Computers to a Domain
Some time ago, we’ve come to the conclusion that the computer accounts in the domain are disorganized. After doing the tedious job of sorting existing accoun...
Filtering Windows Event Log using XPath
When I want to search for events in Windows Event Log, I can usually make do with searching / filtering through the Event Viewer. For instance, to see all 46...
Investigating Repeatedly Locked Out Users
I often get asked by some other IT guy “why does user XXXXX keep on getting locked out?”
Viewing detailed replication status using Repadmin and PowerShell
Whenever I want to view the replication status in my domain, I use repadmin /replsum, which queries all of the DCs and gives me a summary of the replication ...
Removing all Metro Apps from Windows 8
I wanted to open some photos today (to add to my blog) on my Windows 8 workstation, and it kept opening the full-screen metro app instead of the normal pictu...
Opening Group Policy Management Editor from the Command Line
Yesterday I wanted to open the Group Policy editor (or “Group Policy Management Editor”) for a specific GP object through PowerShell, but there is no “Edit-G...
Wget in PowerShell v3
I’ve been envying my *nix brethren for having Wget for a long time. To get the contents of a web page or download a file using http I had to use workarounds ...
Copying Files In PowerShell - Using Windows Explorer UI
I know this trick is widely known, but I thought it’s worth mentioning anyway. If you use PowerShell’s Copy-Item to copy files, you don’t get any progress re...
Testing actual SMB version
Ever since I got employed in my present company, I’ve been told that our NetApp Filer supports SMB2 when used as NAS. I was always skeptic of that (due to h...
Mass Setting Permissions on Remote Shares
I was recently asked by one of my teammates to add several NTFS permissions to the root folders of a bunch of shares. Seems easy, but I had two problems:
Copying List Permissions in SharePoint 2010
I just wrote a small script to copy permissions from one SharePoint list to the other. Things to consider
Finding WSUS Clients by SusClientId
Today someone showed me a strange problem - he had servers that recently installed new updates from his WSUS server, but he couldn’t find them in the WSUS co...
Making Sure Only Your PDC is Scavanging DNS Records
I recently looked over out DNS server settings, and I found out that more than one DNS server (DC in our case) was scavenging records. In order to put that r...
Brute Force Guessing for User Passwords
Our security team complained to me that they found a lot of users with trivial passwords simply by trying to log in as them. They asked me to write them a sc...
Automaticlly Updating DNS Server Addresses In A Domain Machine
The Problem I was recently requested to make sure that our machine’s network interface cards (NICs) have their DNS queries pointed to “the correct servers”. ...
Applying SPWebConfigModification objects safely
My SharePoint team and I wanted to move to SPWebConfigModification rather that just modifying the web.config file manually, but I was always worried that app...
Updating VMware discovery info in Active Directory
Recently I decided I want to store physical discovery data (name, physical location, host if it’s a VM) on the machine’s account in Active Directory, because...
Some Things I Didn’t Know About People Picker
Recently I got to mess with SharePoint 2010’s People Picker - a control that emulates Windows’ “Directory Object Picker”, allowing the user to select securit...
Installing WSUS Prerequisites Easily in a Disconnected Server
Our company has an internet-isolated environment, and I was requested to create a WSUS infrastructure there. The most annoying thing about installing a disco...
Automaticlly Extracting Downloaded Torrents
As every average geek, I too download torrents (containing only legal, copyright-free material, of course), and most of the time the torrents contain multi-f...
Remotely Viewing Machine Certificates With Minimal Permissions
We’ve started remotely monitoring our certificate stores on critical servers, and wanted the monitoring software to be able to remotely connect to our server...
Creating proxied http requests with PowerShell
I’m working on some sort of HTTP proxy (maybe more details about it later), and to test it I’ve created a short PowerShell script. Note it also performs basi...
Active Directory’s Object Specific ACEs and PowerShell
I recently checked the option of handing out AD permissions through PowerShell scripts, and I found out that setting object-specific ACEs is not trivial scri...
Making sure your Audit Collection Server is collecting
A few days ago I wanted to make sure that my ACS (Audit Collection Server) is collecting events from all of my DCs. For those unfamiliar with ACS, it’s an ad...
Lowercasing PTR records in DNS
Recently, one of the IT crowd informed me that he can’t delete some of his PTR records through the DNS management console (dnsmgmt.msc). The record would app...
Event Log Permissions, With Scripts!
I’m going to keep it short, because there’s a lot of technical background. So, I’m assuming you know about:
Enabling Remote Desktop Remotely
According to this Technet article, to enable remote desktop remotely by using the registry you need to set the key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSe...
Checking for conflicting oIDs
I got word that this script was useful for some other IT team, so it’s definitely blog-worthy! The Story I’ve inherited some AD forests with their schema ext...
Stsadm / new SPSite is slow
Update: Get the script here The Story A couple of days ago, developer extraordinaire Itay Shakury was doing performance tuning on one of our SharePoint appli...
WindowsIdentity.GetCurrent and changing usernames
We’ve recently encountered an interesting problem: One of our applications had a service using .net remoting with impersonation turned on. Inside this servic...
A few seconds about psbase
I really like Powershell’s dynamic type system, which allows you to, among other things, view XML nodes really easily. For example, to view the connectionStr...
Get-BigDirectories
Note: This script is better than just ls -rec | measure, because measure measures only one field, and when iterating over many files and directories, every i...
Auto-Sorting Computers in WSUS
When I installed my first WSUS server, I liked the idea of auto-assigning computers into different WSUS groups according to domains using the group policy’s ...
Querying SQL Servers
Before I had a chance to study Microsoft’s SQL Server Management Studio (SSMS)’s Powershell SnapIn, I needed to grab some data from an SQL DB. I ended up cre...
Testing stranded group policies
Ever had GPO Version differences between the AD and the Sysvol? Sure, you might have a healthy FRS/DFSR architecture, but the replication takes time. It’s an...
Linux
WSL for non-programming security analysts
I have a friend who isn’t a developer and believes that coding is beyond their grasp. They work as a security analyst and prefer using Windows as their opera...
Bash “Keep or Delete” script for PDFs
I recently discovered that I had over 100 PDFs in my “Downloads” directory and needed to determine which ones I wanted to keep. Instead of spending 10 minute...
Get Android App Sizes with ADB
Upon receiving a notification from my NVidia Shield indicating that it was running low on storage space, I attempted to use the device’s interface to trouble...
Sapling Commands
Sapling (the Facebook-released SCM) is great, but the docs are not-great. I thought I’d list some commands it took me a while to undertand, for me and for ot...
Caddy is better than Nginx for Docker Compose on ECS
I recently managed to use Docker Compose to launch a small app in Aamazon’s Elastic Container Services (ECS). Overall, the result is pretty incredible. I’m a...
Quick Docker Compose commands for ECS
I’m pretty new to Dockering in the wild, and I’m trying to use the new ECS integration to push all of my tiny app to the cloud.
Arch Linux ARM ethernet card rename (eth0 to end0)
Yesterday I installed updates and rebooted my Arch Linux rpi before going to sleep. First of all, this is a mistake because you shouldn’t install updates if ...
Switching audio bluetooth profiles with a script
I wanted to be able to switch between “listening to music” and “using the headphone’s microphone” easily. i3blocks allows me to write scripts emit a status l...
Extracting SGN files used by the Israeli Court System
The Story One of my friends has some dealings with the Israeli courts. The noteworthy (and annoying) part of their digital documents is that these documents ...
Sortiq - sort, uniq, sort
This is a small snippet I find extremely useful. You should have it in your ~/.bashrc: sortiq() { sort | uniq -c | sort -rn ; } It will count the instances ...
DNS Override for a Single Process
The Problem I needed to run a mobile emulator on my laptop, in order to test some DNS server changes before releasing them. However, since the emulator had n...
Running external Ruby code from Vagrant
The Story Like a lot of Chef users, I’m using Vagrant for testing my cookbooks. I’m also using Berkshelf for providing the Vagrant box with the cookbooks it ...
How Chef’s use_inline_resources works
I recently had an issue with use_inline_resources. This feature’s documentation is lackluster, and I learnt about its magic thanks to some scraps of informat...
Troubleshooting story - Java HTTP client crashes on connections
Google Bait This post isn’t about the solution, but rather about the methodology. Anyway, to help people experiencing the same issue find this post:
Sending mail on coredumps
The Story I recently found out that some of our backend code suffers from memory-related ceashes, namely SIGSEGV (a program tries to access memory it doesn’t...
Using RPMBuild - My Shortlist
The Story I was trying to tinker with Abrt, a daemon in charge of collecting and diagnosing various crashes in RHEL (more on that in a different post). Becau...
Installing Growroot on CentOS
The story I currently work with CentOS on Amazon EC2. As I previously written, The HVM version of the AMI is created with a partitioned disk, instead of havi...
Chroot Snippet
The Story Some time ago, my PC wouldn’t boot. This was my fault, as I needed to resize some partition, and resizing in Linux really means deleting the partit...
Appending Newline to File Ends with Ruby
I recently took over managing some config files from my dev colleagues. I was extremely annoyed to be reminded that Notepad (Windows’ text editor) does 2 maj...
Init file for HBase Thrift Server
As part of our HBase setup, we run Thrift servers. This is pretty simple, except for the init files. Since we’re running Thrift standalone (and not as part o...
Scripting YUM provides search using Python
Update 24-06-15 Thanks to this page, I fixed my script. It no longer requires root privillages. I also muted informational messages because they were not ver...
Managing chef users with Chef
I needed to create seperate Chef accounts for some utility program running in my Chef server. I was finally able to deprecate it today, but I saved those sni...
Locking Down Jenkins’ Authentication
Update 19.02.15 After posting my script in the Jenkins mailing list, I was told about a simpler way for implmenting my authorization strategy. I’m leaving th...
Resizing AWS root EBS in CentOS HVM
Update 04.07.15 This method doesn’t work anymore because of some weird AWS restriction, which says you can’t connect the root device of a marketplace AMI (li...
Booting with UUID without initramfs
The Story I recently wiped my CubieTruck (a single board computer, like RaspberryPi), and tried installing the root filesystem on a hard drive instead of the...
Getting Git Submodule Detailed Status
The Story I manage every one of my Chef cookbooks as a single git repository, complying with the BerkShelf paradigm. I keep them all as submodules in a “supe...
CSV Tricks
The Story I’ve been requested to recreate some spreadsheet for our execs. Being annoying as usual, I made it a point to only use scripting to build the table...
Troubleshooting StatsD
About StatsD StatsD is a tool developed by Etsy and Flickr (complicated story). Its main use is providing a middleman for Graphite, which is a real-time grap...
SSH vs OpenVPN for Tunneling
Update 28.01.16 I found some sites referring to this post. Below are the common complaints I saw, and my replies:
AWS’s Block Device Mapping in CentOS
The Story I’m using Amazon’s EC2 for some of my VMs, which run CentOS. When viewing Block Device Mappings (mapping between the virtual storage - ebs, epheme...
Downloading Artifacts from Jenkins with Authentication
Some Background
Linux and SSDs - Should You TRIM?
Note: Although my experience is with Debian, I think this post helps anyone using some modern Linux distribution. What is TRIM? As a Windows sysadmin, I didn...
Why Pinning
There are plenty of guides about apt pinning, but no one really explains the motivation to do so. It took me some time to understand that, so I thought I’d w...
My Pinning Guidelines
In my previous post about pinning I talked about the reasons to configure apt pinning. This post details my logic about what and how to pin.
Adding Repositories for Inspection
Sometime I want to inspect software repositories. However, I don’t want my machine to actually install anything from it. To do so, I made a small bash functi...
Setting up Gargoyle as a Time Server
The Story For reasons unknown to me, Debian’s NTP daemon only works on udp port 123, even when operating as a client. This is a problem because my network c...
Timing Execution By Output Lines
The Story Today I got annoyed that some puppet agent runs took me over 90 seconds to complete, even though they actually did nothing (no change was needed). ...
Hijacking a process’s i/o streams using gdb
The Story I recently had a very annoying problem - some daemon failed, but ran fine when told to run at foreground (not daemonize). Running at foreground is ...
Fixing Ugly Hebrew on Ubuntu + Firefox
The default viewing experience, when visiting some Hebrew sites when using Firefox on Ubuntu, is quite unsightly. If we check Ynet.co.il, a news site, we’ll ...
Automatically Mounting USB drives and Surviving Reconnects
Today I solved a problem that has been bothering me for a while - being unable to automatically “remount” my USB drive in case it disconnects and reconnects.
Listing Unity’s Scopes and Originating Package
I recently upgraded to Ubuntu 14.04 (beta2), and I got all of my “lenses” (searching additional items in the dash menu), that look like this:
Fixing Dynamic DNS on Gargoyle
Note: I switched to inadyn on my home server eventually. I left this article because it’s still relevant
Setting Up Samba on Raspberry Pi
After setting up my rPi TorrentBox, I wanted to let my family access the downloaded files. Since they use Windows (and I don’t want to bother their systems w...
Raspberry Pi + Deluge = Segmentation Fault
Note: This is relevant to any ARM based device running Linux
Security
Managing Jenkins API Tokens
The problem
Managing AWS Security Groups with Piculet
The Problem One of the first things I noticed when starting to work with AWS is that security groups are very hard to maintain:
Managing chef users with Chef
I needed to create seperate Chef accounts for some utility program running in my Chef server. I was finally able to deprecate it today, but I saved those sni...
Locking Down Jenkins’ Authentication
Update 19.02.15 After posting my script in the Jenkins mailing list, I was told about a simpler way for implmenting my authorization strategy. I’m leaving th...
SSH vs OpenVPN for Tunneling
Update 28.01.16 I found some sites referring to this post. Below are the common complaints I saw, and my replies:
Downloading Artifacts from Jenkins with Authentication
Some Background
Why Pinning
There are plenty of guides about apt pinning, but no one really explains the motivation to do so. It took me some time to understand that, so I thought I’d w...
My Pinning Guidelines
In my previous post about pinning I talked about the reasons to configure apt pinning. This post details my logic about what and how to pin.
Testing Local Facebook Applications with ABE
I’m using Firefox with NoScript, which is the AdBlock of scripts - allowing you to selectively block scripts according to various rules (e.g. block all scrip...
Finding Accounts Trusted for Delegation
As part of a security audit, I was asked to help in finding all accounts marked with “Trusted for Delegation” What is “Trust for Delegation” You can try rea...
Some PowerShell Snippets for Network Scanning
I recently had to improvise some network scanning using PowerShell. The security guys got somewhat excited, so I decided to upload these snippets. I think al...
Setting Up Samba on Raspberry Pi
After setting up my rPi TorrentBox, I wanted to let my family access the downloaded files. Since they use Windows (and I don’t want to bother their systems w...
setspn Duplicates and Case Sensitivity
Today I found out that the command I use to find duplicate SPNs, setspn -x is case sensitive, meaning that the following SPNs don’t count as duplicates: HOS...
Backing up BitLocker to ActiveDirectory - My Additions
The Story If you thought about deploying BitLocker in your enterprise, you probably came across the recovery issue - if you lose the encrypting smart card, c...
Using Remote Desktop Client without Network Level Authentication
Whenever I use Remote Desktop to connect to an NT6+ (Windows Vista / Windows Server 2008 and later) machine, I use Network Level Authentication, meaning that...
Adding SSL to a SharePoint 2010 Web Application, the Right Way
###The Story I haven’t touched SharePoint in a while, but I’ve been asked by a friend to help him do something “the right way”. We were looking for a way to ...
Preventing Users from Adding Computers to a Domain
Some time ago, we’ve come to the conclusion that the computer accounts in the domain are disorganized. After doing the tedious job of sorting existing accoun...
Filtering Windows Event Log using XPath
When I want to search for events in Windows Event Log, I can usually make do with searching / filtering through the Event Viewer. For instance, to see all 46...
Investigating Repeatedly Locked Out Users
I often get asked by some other IT guy “why does user XXXXX keep on getting locked out?”
Solving Event Log Subscription Error “0x138C”
Today I saw some collector-initiated event log subscriptions that displayed a weird error, something like Windows Event Forward plugin can't read any event f...
Group Policy Security Filtering and Loopback
I recently discovered that when applying a GP object using loopback and user security filtering (allowing only specific users to apply the GP), the computer ...
Mass Setting Permissions on Remote Shares
I was recently asked by one of my teammates to add several NTFS permissions to the root folders of a bunch of shares. Seems easy, but I had two problems:
Brute Force Guessing for User Passwords
Our security team complained to me that they found a lot of users with trivial passwords simply by trying to log in as them. They asked me to write them a sc...
Windows Event Collection
I’ve recently implemented an enterprise-wide solution of event collection in our organization, using Windows’ built-in mechanism called the Windows Event Col...
Windows Event Collection
I’ve recently implemented an enterprise-wide solution of event collection in our organization, using Windows’ built-in mechanism called the Windows Event Col...
Remotely Viewing Machine Certificates With Minimal Permissions
We’ve started remotely monitoring our certificate stores on critical servers, and wanted the monitoring software to be able to remotely connect to our server...
Active Directory’s Object Specific ACEs and PowerShell
I recently checked the option of handing out AD permissions through PowerShell scripts, and I found out that setting object-specific ACEs is not trivial scri...
Event Log Permissions, With Scripts!
I’m going to keep it short, because there’s a lot of technical background. So, I’m assuming you know about:
Enabling Remote Desktop Remotely
According to this Technet article, to enable remote desktop remotely by using the registry you need to set the key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSe...
Vanishing permissions on AD objects
I recently managed to solve a problem that bugged me for a ~ year - permissions on a specific group on AD would vanish, and the change won’t show up on the s...
WindowsIdentity.GetCurrent and changing usernames
We’ve recently encountered an interesting problem: One of our applications had a service using .net remoting with impersonation turned on. Inside this servic...
SPNs - Who? Why? Where?
I was making an introduction to a new teammate about SharePoint infrastructure, and one of the things I had to teach her about was SPNs. I was surprised to k...
2008 Clusters can’t change password
Last week MS’s PFE Moti Bani and me solved a problem that bugged me for ~ a year - since the day we’ve started deploying 2008 clusters in our production envi...
Active Directory
Finding Accounts Trusted for Delegation
As part of a security audit, I was asked to help in finding all accounts marked with “Trusted for Delegation” What is “Trust for Delegation” You can try rea...
List all Group Policy Extensions Registered
I use this script to see all GP extensions that my computer can process:
setspn Duplicates and Case Sensitivity
Today I found out that the command I use to find duplicate SPNs, setspn -x is case sensitive, meaning that the following SPNs don’t count as duplicates: HOS...
Backing up BitLocker to ActiveDirectory - My Additions
The Story If you thought about deploying BitLocker in your enterprise, you probably came across the recovery issue - if you lose the encrypting smart card, c...
Remotely changing DNS server list through registry
Recently I was called to help some some friends who had an unusual problem: They demoted an old DC because they needed to raise the domain functional level, ...
Preventing Users from Adding Computers to a Domain
Some time ago, we’ve come to the conclusion that the computer accounts in the domain are disorganized. After doing the tedious job of sorting existing accoun...
Investigating Repeatedly Locked Out Users
I often get asked by some other IT guy “why does user XXXXX keep on getting locked out?”
Viewing detailed replication status using Repadmin and PowerShell
Whenever I want to view the replication status in my domain, I use repadmin /replsum, which queries all of the DCs and gives me a summary of the replication ...
Opening Group Policy Management Editor from the Command Line
Yesterday I wanted to open the Group Policy editor (or “Group Policy Management Editor”) for a specific GP object through PowerShell, but there is no “Edit-G...
Group Policy Security Filtering and Loopback
I recently discovered that when applying a GP object using loopback and user security filtering (allowing only specific users to apply the GP), the computer ...
Making Sure Only Your PDC is Scavanging DNS Records
I recently looked over out DNS server settings, and I found out that more than one DNS server (DC in our case) was scavenging records. In order to put that r...
Brute Force Guessing for User Passwords
Our security team complained to me that they found a lot of users with trivial passwords simply by trying to log in as them. They asked me to write them a sc...
Automaticlly Updating DNS Server Addresses In A Domain Machine
The Problem I was recently requested to make sure that our machine’s network interface cards (NICs) have their DNS queries pointed to “the correct servers”. ...
Updating VMware discovery info in Active Directory
Recently I decided I want to store physical discovery data (name, physical location, host if it’s a VM) on the machine’s account in Active Directory, because...
Some Things I Didn’t Know About People Picker
Recently I got to mess with SharePoint 2010’s People Picker - a control that emulates Windows’ “Directory Object Picker”, allowing the user to select securit...
Windows Event Collection
I’ve recently implemented an enterprise-wide solution of event collection in our organization, using Windows’ built-in mechanism called the Windows Event Col...
Windows Event Collection
I’ve recently implemented an enterprise-wide solution of event collection in our organization, using Windows’ built-in mechanism called the Windows Event Col...
Remotely Viewing Machine Certificates With Minimal Permissions
We’ve started remotely monitoring our certificate stores on critical servers, and wanted the monitoring software to be able to remotely connect to our server...
Active Directory’s Object Specific ACEs and PowerShell
I recently checked the option of handing out AD permissions through PowerShell scripts, and I found out that setting object-specific ACEs is not trivial scri...
Solving and preventing “Topology Discovery failed, error 0x80040a02”
Recently our Exchange 2003 environment broke down when we demoted our last ancient DCs. We panicked and re-promoted them, but no avail. The Exchange servers ...
Checking for conflicting oIDs
I got word that this script was useful for some other IT team, so it’s definitely blog-worthy! The Story I’ve inherited some AD forests with their schema ext...
Vanishing permissions on AD objects
I recently managed to solve a problem that bugged me for a ~ year - permissions on a specific group on AD would vanish, and the change won’t show up on the s...
WindowsIdentity.GetCurrent and changing usernames
We’ve recently encountered an interesting problem: One of our applications had a service using .net remoting with impersonation turned on. Inside this servic...
SPNs - Who? Why? Where?
I was making an introduction to a new teammate about SharePoint infrastructure, and one of the things I had to teach her about was SPNs. I was surprised to k...
2008 Clusters can’t change password
Last week MS’s PFE Moti Bani and me solved a problem that bugged me for ~ a year - since the day we’ve started deploying 2008 clusters in our production envi...
Testing stranded group policies
Ever had GPO Version differences between the AD and the Sysvol? Sure, you might have a healthy FRS/DFSR architecture, but the replication takes time. It’s an...
Mysteries Solved
Running external Ruby code from Vagrant
The Story Like a lot of Chef users, I’m using Vagrant for testing my cookbooks. I’m also using Berkshelf for providing the Vagrant box with the cookbooks it ...
Resizing AWS root EBS in CentOS HVM
Update 04.07.15 This method doesn’t work anymore because of some weird AWS restriction, which says you can’t connect the root device of a marketplace AMI (li...
Booting with UUID without initramfs
The Story I recently wiped my CubieTruck (a single board computer, like RaspberryPi), and tried installing the root filesystem on a hard drive instead of the...
SSH vs OpenVPN for Tunneling
Update 28.01.16 I found some sites referring to this post. Below are the common complaints I saw, and my replies:
AWS’s Block Device Mapping in CentOS
The Story I’m using Amazon’s EC2 for some of my VMs, which run CentOS. When viewing Block Device Mappings (mapping between the virtual storage - ebs, epheme...
Linux and SSDs - Should You TRIM?
Note: Although my experience is with Debian, I think this post helps anyone using some modern Linux distribution. What is TRIM? As a Windows sysadmin, I didn...
Setting up Gargoyle as a Time Server
The Story For reasons unknown to me, Debian’s NTP daemon only works on udp port 123, even when operating as a client. This is a problem because my network c...
Automatically Mounting USB drives and Surviving Reconnects
Today I solved a problem that has been bothering me for a while - being unable to automatically “remount” my USB drive in case it disconnects and reconnects.
Fixing Dynamic DNS on Gargoyle
Note: I switched to inadyn on my home server eventually. I left this article because it’s still relevant
Raspberry Pi + Deluge = Segmentation Fault
Note: This is relevant to any ARM based device running Linux
Network Monitor capture filter limitations
I recently had to deal with some network traffic issues, so naturally I turned to NetMon. My problem was with some TCP packets not reaching their destination...
Remotely changing DNS server list through registry
Recently I was called to help some some friends who had an unusual problem: They demoted an old DC because they needed to raise the domain functional level, ...
Preventing Users from Adding Computers to a Domain
Some time ago, we’ve come to the conclusion that the computer accounts in the domain are disorganized. After doing the tedious job of sorting existing accoun...
Investigating Repeatedly Locked Out Users
I often get asked by some other IT guy “why does user XXXXX keep on getting locked out?”
Group Policy Security Filtering and Loopback
I recently discovered that when applying a GP object using loopback and user security filtering (allowing only specific users to apply the GP), the computer ...
Testing actual SMB version
Ever since I got employed in my present company, I’ve been told that our NetApp Filer supports SMB2 when used as NAS. I was always skeptic of that (due to h...
Finding WSUS Clients by SusClientId
Today someone showed me a strange problem - he had servers that recently installed new updates from his WSUS server, but he couldn’t find them in the WSUS co...
Reverse Lookup in SharePoint 2010
Every SharePoint noob knows that one can create list lookup relationships, like specifying that a book belongs in a specific bookshelf. What I didn’t know un...
Remotely Viewing Machine Certificates With Minimal Permissions
We’ve started remotely monitoring our certificate stores on critical servers, and wanted the monitoring software to be able to remotely connect to our server...
Fixing Facebook to Google Calendar synchronization
Note: It’s fixed now. The project itself is still pretty cool
The module … owssvr.dll could not be loaded due to a configuration problem
Recently, one of my teammates installed ArcGis Server 9.3 on our fresh SharePoint 2010 box, causing all sites to respond with 503 Service Unavailable. A quic...
Internet Explorer and SPNs
After learning how SPNs work (read my “Who? Why? Where” to learn what’s an SPN), I was frustrated to find out that I can’t implement my experience in the rea...
Vanishing permissions on AD objects
I recently managed to solve a problem that bugged me for a ~ year - permissions on a specific group on AD would vanish, and the change won’t show up on the s...
Stsadm / new SPSite is slow
Update: Get the script here The Story A couple of days ago, developer extraordinaire Itay Shakury was doing performance tuning on one of our SharePoint appli...
2008 Clusters can’t change password
Last week MS’s PFE Moti Bani and me solved a problem that bugged me for ~ a year - since the day we’ve started deploying 2008 clusters in our production envi...
Ruby
Stringify Hash Keys in Ruby
Why I didn’t want sybols in my YAML
Chef “Share This” script
I wrote this little script to upload the current cookbook to the Chef Supermarket. It should be run from within the cookbook’s directory.
Cookbook Versioning Script
The Problem I’ve always disliked releasing cookbook versions manually. The process requires a lot of bureaucratic steps which are easy to forget and require ...
Migrating Grafana’s Dashboards
Similar to my Graphite dashboard migration script, I made a Grafana one. I’m targeting Grafana v2+. Note it’s using http for its HTTP calls. ```ruby old_serv...
Running external Ruby code from Vagrant
The Story Like a lot of Chef users, I’m using Vagrant for testing my cookbooks. I’m also using Berkshelf for providing the Vagrant box with the cookbooks it ...
Backslasher-Python: a simple Chef Python cookbook
What’s wrong with the current Python cookbook Until now, we were using the Python cookbook. This worked well for a while, until I noticed these things:
Chef Custom Resources - Missing Documentation
The new Chef documentation for Custom Resources is pretty lackluster. This is probably because they’re too busy making awesome stuff, but I still needed to l...
Using a global lock in Chef
The Story Our dev team is currently using a Snowflake-like ID generation scheme that looks like this: (Diagram by Elad Rosenhim, architect and companion at ...
Enhancing Packer Templates with eRuby
The Problem Packer is a great tool for creating machine images, and I’m using it to create EC2 AMIs. My issue with it is that Packer is using JSON for input,...
Listing Chef Cookbook Licenses
As part of a compliance check for our company, I was required to print the name/version of all FOSS proejcts I’m using. Most of it was digging around Gemfile...
Writing Complex Scripts in HBase Shell
The Story HBase installations include a shell for running arbitrary commands. For instance, if you want to view all of your snapshots, you can do something l...
Running Inline DSL in ChefSpec
The Problem I have a pet Chef cookbook in charge of managing SELinux policies in Linux machines (Take a look). Until today I got along fine without testing, ...
Generating known_hosts file using Chef
The Story This post relates to my previous post. I was trying to create a script to amend my known_hosts file (where SSH keeps fingerprints of all of the ser...
Managing AWS Security Groups with Piculet
The Problem One of the first things I noticed when starting to work with AWS is that security groups are very hard to maintain:
Chef Snippets
I thought I’d upload some interesting Chef-related snippets I accumulated.
How Chef’s use_inline_resources works
I recently had an issue with use_inline_resources. This feature’s documentation is lackluster, and I learnt about its magic thanks to some scraps of informat...
Migrating Graphite’s Dashboards
I just made a small script to migrate dashboards between two graphite servers. Couldn’t find a similar one anywhere, so I thought I’d upload it. Note it’s us...
Managing EC2 reservations with Scripts
The Story Since we tend to hold our AWS EC2 VMs for a long time, we usually reserve them. Reservations are like pre-buying instances - you pay AWS ahead of t...
Appending Newline to File Ends with Ruby
I recently took over managing some config files from my dev colleagues. I was extremely annoyed to be reminded that Notepad (Windows’ text editor) does 2 maj...
Managing chef users with Chef
I needed to create seperate Chef accounts for some utility program running in my Chef server. I was finally able to deprecate it today, but I saved those sni...
Resizing AWS root EBS in CentOS HVM
Update 04.07.15 This method doesn’t work anymore because of some weird AWS restriction, which says you can’t connect the root device of a marketplace AMI (li...
CSV Tricks
The Story I’ve been requested to recreate some spreadsheet for our execs. Being annoying as usual, I made it a point to only use scripting to build the table...
AWS’s Block Device Mapping in CentOS
The Story I’m using Amazon’s EC2 for some of my VMs, which run CentOS. When viewing Block Device Mappings (mapping between the virtual storage - ebs, epheme...
Windows
We don’t do DST at this company
Once, a long time ago, I used to have a consulting gig in some big enterprise-y company. It had a lot of unique challenges, being disconnected from the inter...
WSL for non-programming security analysts
I have a friend who isn’t a developer and believes that coding is beyond their grasp. They work as a security analyst and prefer using Windows as their opera...
Keeping Windows Awake (with PowerShell)
The story I got a new game on Steam and got set to downloading it. For some reason, Steam and Windows have decided that it’s better to save some electricity ...
Appending Newline to File Ends with Ruby
I recently took over managing some config files from my dev colleagues. I was extremely annoyed to be reminded that Notepad (Windows’ text editor) does 2 maj...
Disabling “generate Publisher Evidence” using scripts
I found the script we were using to disable authenticode on our machines, a feature that causes great suffering (and dll-loading-delays) to workstations not ...
Finding Accounts Trusted for Delegation
As part of a security audit, I was asked to help in finding all accounts marked with “Trusted for Delegation” What is “Trust for Delegation” You can try rea...
Some PowerShell Snippets for Network Scanning
I recently had to improvise some network scanning using PowerShell. The security guys got somewhat excited, so I decided to upload these snippets. I think al...
List all Group Policy Extensions Registered
I use this script to see all GP extensions that my computer can process:
setspn Duplicates and Case Sensitivity
Today I found out that the command I use to find duplicate SPNs, setspn -x is case sensitive, meaning that the following SPNs don’t count as duplicates: HOS...
Backing up BitLocker to ActiveDirectory - My Additions
The Story If you thought about deploying BitLocker in your enterprise, you probably came across the recovery issue - if you lose the encrypting smart card, c...
Using Remote Desktop Client without Network Level Authentication
Whenever I use Remote Desktop to connect to an NT6+ (Windows Vista / Windows Server 2008 and later) machine, I use Network Level Authentication, meaning that...
Parsing Event Log Subscription Runtime Status using PowerShell and Regex
The Story Since Event Log Subscription doesn’t have a module or a .NET class, interacting with its settings and status has to be done either via UI or the co...
Reading Daylight Saving Time Data in Windows
When it comes to DST complexity, Israel has it worst (I think). We have our DST definition changed on a yearly basis, and consequently we have to repeat the ...
Adding .net 3.5 to a Windows Server 2012 template
I was approached by some colleagues building a new VM template for Windows Server 2012 who wanted some help with .NET framework 3.5. ###The .NET oddity As a...
Filtering Windows Event Log using XPath
When I want to search for events in Windows Event Log, I can usually make do with searching / filtering through the Event Viewer. For instance, to see all 46...
Enabling Remote Desktop Remotely
According to this Technet article, to enable remote desktop remotely by using the registry you need to set the key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSe...
2008 Clusters can’t change password
Last week MS’s PFE Moti Bani and me solved a problem that bugged me for ~ a year - since the day we’ve started deploying 2008 clusters in our production envi...
Ramblings
Invalid number: Nov
One of my current projects is migrating a big Java project from Java 8 to a supported version. Since we’re doing small, stable steps, we started with Java 11...
Is this really an emergency?
One of the teams I worked with would do an “engineering pain-point” survey twice a year. During one of those surveys, the main complaint was that on-calls ha...
a 1.5GB string
In my previous role, I supported a Java service that operated similarly to RDP or Citrix by enabling remote UI functionality. This service relied on sessions...
Changed 3 lines of code, saved 760 server hours per month
Act 1, where I write Java In the past, I had the opportunity to assist a team in developing an Android application and a Java server. While my primary focus ...
Productivity tips for a FAANG engineer
Here are some things I learnt during my career in Facebook, and think could benefit someone new to the field. As an engineer in Facebook, you have a great de...
Driven by anger - my modus machinor
modus machinor - my adjustment of “modus operandi” for “engineering”
My tips on Getting a Job
A lot of people (>3) asked me in the last month or so about how to land a first job after leaving the army / graduating from university, so I thought I’d ...
Troubleshooting story - Java HTTP client crashes on connections
Google Bait This post isn’t about the solution, but rather about the methodology. Anyway, to help people experiencing the same issue find this post:
Linux and SSDs - Should You TRIM?
Note: Although my experience is with Debian, I think this post helps anyone using some modern Linux distribution. What is TRIM? As a Windows sysadmin, I didn...
Python Library for Deluge Torrent Maintenance
Update: I added this project as my first GitHub repo I have an ongoing project which I nickname my raspberrySeed, which is a Rasbperry Pi running Deluge. Wo...
Raspberry Pi + Deluge = Segmentation Fault
Note: This is relevant to any ARM based device running Linux
Backing up BitLocker to ActiveDirectory - My Additions
The Story If you thought about deploying BitLocker in your enterprise, you probably came across the recovery issue - if you lose the encrypting smart card, c...
Filtering Windows Event Log using XPath
When I want to search for events in Windows Event Log, I can usually make do with searching / filtering through the Event Viewer. For instance, to see all 46...
RssCache - An RSS Cache / Aggregator
Note: I’m no longer using this site, and might take it down. Let me know if you want the code.
Speed boosting disconnected environments
Hi there. Not a while ago, I’ve created a post about stsadm.exe / new SPSite() being slow in disconnected environments. Just wanted to point out that I’ve tr...
New blog… yay
Hi. My name is Nitzan, and I’m a MS-IT guy. Whenever I run into a problem I can’t solve during my work, I almost always end up finding the answer in some blo...
Python
Serving Images from the DB in Django
I recently got to work on prototyping a small Django-based website that was somewhat like a message board. One of the features requested was allowing users t...
Semantic caching with PSQL, Python, OpenAI
You’re an app developer now Let’s say you’re working on an app. The app helps you search for e-mail messages that relate to a certain topic. This works well ...
Patching a Java JAR
I’m working with a company that uses smart IoT devices produced far away. The main troubleshooting tool is a Java utility provided by the manufacturer. This ...
CSV to JSON stream converter in Python
I’ve been working with some govermental data that is available as huge (>50G) CSV files. While there are workarounds to working with large files, I wanted...
Populating a NetworkX graph with a scanner
I had a graph living outside Pythonland (a commit tree with dependencies) and wanted to do graphy things to it. To do that, I first had to put the data into ...
Getting Magent Links from Deluge
My latest weekend-hack is a plugin that shows the magnet link for a torrent entry
DNS Namesake - the DNS MitM
The Story Imagine this situtation: ```text THE WORLD / company.com | A s1.red.company.com A s2.red.company.com … A sN...
Prettify HTML pages with BeautifulSoup
The story Today I wrote some HTML page by hand (my new homepage). I then used this script to make the HTML code nicer:
Dry Run for Python Pip
As I wrote some time ago, I started my own python cookbook for Chef because I didn’t like the direction the “default” one was going. I recently added a new f...
Backslasher-Python: a simple Chef Python cookbook
What’s wrong with the current Python cookbook Until now, we were using the Python cookbook. This worked well for a while, until I noticed these things:
Parsing AWS billing
The Story I never understood the AWS billing very well and happily left it to my CTO. A couple of days ago, however, my CTO secretly told me he’s mainly inte...
Open-Gridview - the FOSS Out-Gridview
The Story I’ve been a Microsoft SysAdmin for a long time before switching for Linux. During which, I scripted a lot in PowerShell. PowerShell has several “ou...
Merging known_hosts files
The Story Some time ago, some colleague rebuilt several servers and reused their names (think sql1,sql2 etc). Obviously the new servers had different SSH ser...
Sending mail on coredumps
The Story I recently found out that some of our backend code suffers from memory-related ceashes, namely SIGSEGV (a program tries to access memory it doesn’t...
Scripting YUM provides search using Python
Update 24-06-15 Thanks to this page, I fixed my script. It no longer requires root privillages. I also muted informational messages because they were not ver...
Python Library for Deluge Torrent Maintenance
Update: I added this project as my first GitHub repo I have an ongoing project which I nickname my raspberrySeed, which is a Rasbperry Pi running Deluge. Wo...
Chef
Chef “Share This” script
I wrote this little script to upload the current cookbook to the Chef Supermarket. It should be run from within the cookbook’s directory.
Some Jenkins helpers for Chef
I’ve decided to share some code I use in Chef to pull some data and files from Jenkins
Cookbook Versioning Script
The Problem I’ve always disliked releasing cookbook versions manually. The process requires a lot of bureaucratic steps which are easy to forget and require ...
Running external Ruby code from Vagrant
The Story Like a lot of Chef users, I’m using Vagrant for testing my cookbooks. I’m also using Berkshelf for providing the Vagrant box with the cookbooks it ...
Backslasher-Python: a simple Chef Python cookbook
What’s wrong with the current Python cookbook Until now, we were using the Python cookbook. This worked well for a while, until I noticed these things:
Chef Custom Resources - Missing Documentation
The new Chef documentation for Custom Resources is pretty lackluster. This is probably because they’re too busy making awesome stuff, but I still needed to l...
Using a global lock in Chef
The Story Our dev team is currently using a Snowflake-like ID generation scheme that looks like this: (Diagram by Elad Rosenhim, architect and companion at ...
Listing Chef Cookbook Licenses
As part of a compliance check for our company, I was required to print the name/version of all FOSS proejcts I’m using. Most of it was digging around Gemfile...
Running Inline DSL in ChefSpec
The Problem I have a pet Chef cookbook in charge of managing SELinux policies in Linux machines (Take a look). Until today I got along fine without testing, ...
Generating known_hosts file using Chef
The Story This post relates to my previous post. I was trying to create a script to amend my known_hosts file (where SSH keeps fingerprints of all of the ser...
Chef Snippets
I thought I’d upload some interesting Chef-related snippets I accumulated.
How Chef’s use_inline_resources works
I recently had an issue with use_inline_resources. This feature’s documentation is lackluster, and I learnt about its magic thanks to some scraps of informat...
Managing chef users with Chef
I needed to create seperate Chef accounts for some utility program running in my Chef server. I was finally able to deprecate it today, but I saved those sni...
AWS’s Block Device Mapping in CentOS
The Story I’m using Amazon’s EC2 for some of my VMs, which run CentOS. When viewing Block Device Mappings (mapping between the virtual storage - ebs, epheme...
Bash
WSL for non-programming security analysts
I have a friend who isn’t a developer and believes that coding is beyond their grasp. They work as a security analyst and prefer using Windows as their opera...
Bash “Keep or Delete” script for PDFs
I recently discovered that I had over 100 PDFs in my “Downloads” directory and needed to determine which ones I wanted to keep. Instead of spending 10 minute...
Get Android App Sizes with ADB
Upon receiving a notification from my NVidia Shield indicating that it was running low on storage space, I attempted to use the device’s interface to trouble...
Sortiq - sort, uniq, sort
This is a small snippet I find extremely useful. You should have it in your ~/.bashrc: sortiq() { sort | uniq -c | sort -rn ; } It will count the instances ...
Filtering in Shell
Today I told someone that a feature I’m missing in Bash is filtering. Then I thought about how much I miss it, so I went ahead and “implemented” it.
Cookbook Versioning Script
The Problem I’ve always disliked releasing cookbook versions manually. The process requires a lot of bureaucratic steps which are easy to forget and require ...
Init file for HBase Thrift Server
As part of our HBase setup, we run Thrift servers. This is pretty simple, except for the init files. Since we’re running Thrift standalone (and not as part o...
Getting Git Submodule Detailed Status
The Story I manage every one of my Chef cookbooks as a single git repository, complying with the BerkShelf paradigm. I keep them all as submodules in a “supe...
Timing Execution By Output Lines
The Story Today I got annoyed that some puppet agent runs took me over 90 seconds to complete, even though they actually did nothing (no change was needed). ...
Hijacking a process’s i/o streams using gdb
The Story I recently had a very annoying problem - some daemon failed, but ran fine when told to run at foreground (not daemonize). Running at foreground is ...
Listing Unity’s Scopes and Originating Package
I recently upgraded to Ubuntu 14.04 (beta2), and I got all of my “lenses” (searching additional items in the dash menu), that look like this:
Mass-Checking SSH Connections using Parallel
Today I wanted to make sure I have SSH access to about 100 servers. Obviously, I wasn’t going to verify the list by hand, so I put all of the servers’ names ...
Fixing Dynamic DNS on Gargoyle
Note: I switched to inadyn on my home server eventually. I left this article because it’s still relevant
Group Policy
Detecting Invalid External References in Group Policy Preferences
Guest post This is a post written by my former colleague, Ofri Sherf. I’ve been bugging her to upload her script and write how it works because it sounded in...
List all Group Policy Extensions Registered
I use this script to see all GP extensions that my computer can process:
Preventing Users from Adding Computers to a Domain
Some time ago, we’ve come to the conclusion that the computer accounts in the domain are disorganized. After doing the tedious job of sorting existing accoun...
Opening Group Policy Management Editor from the Command Line
Yesterday I wanted to open the Group Policy editor (or “Group Policy Management Editor”) for a specific GP object through PowerShell, but there is no “Edit-G...
Group Policy Security Filtering and Loopback
I recently discovered that when applying a GP object using loopback and user security filtering (allowing only specific users to apply the GP), the computer ...
Windows Event Collection
I’ve recently implemented an enterprise-wide solution of event collection in our organization, using Windows’ built-in mechanism called the Windows Event Col...
Windows Event Collection
I’ve recently implemented an enterprise-wide solution of event collection in our organization, using Windows’ built-in mechanism called the Windows Event Col...
Solving and preventing “Topology Discovery failed, error 0x80040a02”
Recently our Exchange 2003 environment broke down when we demoted our last ancient DCs. We panicked and re-promoted them, but no avail. The Exchange servers ...
Showing “Mail” icon in control panel through Group Policy
I recently had to lock down a Windows 2008R2 remote desktop server (terminal server) One of the requirements was to show only some control panel items, a set...
Setting Dynamic RPC Port Ranges
We recently had to manually set the dynamic RPC port range in our servers, mainly because Exchange 2010 sets the port range so wide that the firewall guys (r...
Testing stranded group policies
Ever had GPO Version differences between the AD and the Sysvol? Sure, you might have a healthy FRS/DFSR architecture, but the replication takes time. It’s an...
One-Liner
Adding Repositories for Inspection
Sometime I want to inspect software repositories. However, I don’t want my machine to actually install anything from it. To do so, I made a small bash functi...
Timing Execution By Output Lines
The Story Today I got annoyed that some puppet agent runs took me over 90 seconds to complete, even though they actually did nothing (no change was needed). ...
Mass-Checking SSH Connections using Parallel
Today I wanted to make sure I have SSH access to about 100 servers. Obviously, I wasn’t going to verify the list by hand, so I put all of the servers’ names ...
Finding Accounts Trusted for Delegation
As part of a security audit, I was asked to help in finding all accounts marked with “Trusted for Delegation” What is “Trust for Delegation” You can try rea...
Some PowerShell Snippets for Network Scanning
I recently had to improvise some network scanning using PowerShell. The security guys got somewhat excited, so I decided to upload these snippets. I think al...
List all Group Policy Extensions Registered
I use this script to see all GP extensions that my computer can process:
setspn Duplicates and Case Sensitivity
Today I found out that the command I use to find duplicate SPNs, setspn -x is case sensitive, meaning that the following SPNs don’t count as duplicates: HOS...
Adding SSL to a SharePoint 2010 Web Application, the Right Way
###The Story I haven’t touched SharePoint in a while, but I’ve been asked by a friend to help him do something “the right way”. We were looking for a way to ...
Finding Superseding WSUS updates in PowerShell
Whenever I see a superseded update, I usually want to know which update supersedes it. Finding it from the console is easy enough:
Viewing detailed replication status using Repadmin and PowerShell
Whenever I want to view the replication status in my domain, I use repadmin /replsum, which queries all of the DCs and gives me a summary of the replication ...
Removing all Metro Apps from Windows 8
I wanted to open some photos today (to add to my blog) on my Windows 8 workstation, and it kept opening the full-screen metro app instead of the normal pictu...
Enabling Remote Desktop Remotely
According to this Technet article, to enable remote desktop remotely by using the registry you need to set the key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSe...
HTTP
Some Jenkins helpers for Chef
I’ve decided to share some code I use in Chef to pull some data and files from Jenkins
Troubleshooting story - Java HTTP client crashes on connections
Google Bait This post isn’t about the solution, but rather about the methodology. Anyway, to help people experiencing the same issue find this post:
Downloading Artifacts from Jenkins with Authentication
Some Background
Accessing a specific server in an HTTP cluster
The Problem Part1 - Fault tolerence A common configuration of web servers is setting up multiple servers to serve the same content, with a load-balancing met...
Testing Local Facebook Applications with ABE
I’m using Firefox with NoScript, which is the AdBlock of scripts - allowing you to selectively block scripts according to various rules (e.g. block all scrip...
Some PowerShell Snippets for Network Scanning
I recently had to improvise some network scanning using PowerShell. The security guys got somewhat excited, so I decided to upload these snippets. I think al...
Adding SSL to a SharePoint 2010 Web Application, the Right Way
###The Story I haven’t touched SharePoint in a while, but I’ve been asked by a friend to help him do something “the right way”. We were looking for a way to ...
Wget in PowerShell v3
I’ve been envying my *nix brethren for having Wget for a long time. To get the contents of a web page or download a file using http I had to use workarounds ...
Creating proxied http requests with PowerShell
I’m working on some sort of HTTP proxy (maybe more details about it later), and to test it I’ve created a short PowerShell script. Note it also performs basi...
SQL
Serving Images from the DB in Django
I recently got to work on prototyping a small Django-based website that was somewhat like a message board. One of the features requested was allowing users t...
Semantic caching with PSQL, Python, OpenAI
You’re an app developer now Let’s say you’re working on an app. The app helps you search for e-mail messages that relate to a certain topic. This works well ...
Determining Size of all Tables in a Database
Just a quick SQL script to get the rowcount and size data of every table in the current database: CREATE TABLE #sizeof ( name varchar (70), [rows] int, re...
RssCache - An RSS Cache / Aggregator
Note: I’m no longer using this site, and might take it down. Let me know if you want the code.
Making sure your Audit Collection Server is collecting
A few days ago I wanted to make sure that my ACS (Audit Collection Server) is collecting events from all of my DCs. For those unfamiliar with ACS, it’s an ad...
Dumping your MySQL db using PHP
Hi. One of my clients asked me to be able to take manual backups of his DB, and because he wasn’t so technologically-inclined, using the hosting company’s in...
Speed boosting disconnected environments
Hi there. Not a while ago, I’ve created a post about stsadm.exe / new SPSite() being slow in disconnected environments. Just wanted to point out that I’ve tr...
Querying SQL Servers
Before I had a chance to study Microsoft’s SQL Server Management Studio (SSMS)’s Powershell SnapIn, I needed to grab some data from an SQL DB. I ended up cre...
Kerberos
Finding Accounts Trusted for Delegation
As part of a security audit, I was asked to help in finding all accounts marked with “Trusted for Delegation” What is “Trust for Delegation” You can try rea...
setspn Duplicates and Case Sensitivity
Today I found out that the command I use to find duplicate SPNs, setspn -x is case sensitive, meaning that the following SPNs don’t count as duplicates: HOS...
Remotely changing DNS server list through registry
Recently I was called to help some some friends who had an unusual problem: They demoted an old DC because they needed to raise the domain functional level, ...
Investigating Repeatedly Locked Out Users
I often get asked by some other IT guy “why does user XXXXX keep on getting locked out?”
Windows Event Collection
I’ve recently implemented an enterprise-wide solution of event collection in our organization, using Windows’ built-in mechanism called the Windows Event Col...
Windows Event Collection
I’ve recently implemented an enterprise-wide solution of event collection in our organization, using Windows’ built-in mechanism called the Windows Event Col...
Internet Explorer and SPNs
After learning how SPNs work (read my “Who? Why? Where” to learn what’s an SPN), I was frustrated to find out that I can’t implement my experience in the rea...
SPNs - Who? Why? Where?
I was making an introduction to a new teammate about SharePoint infrastructure, and one of the things I had to teach her about was SPNs. I was surprised to k...
Registry
List all Group Policy Extensions Registered
I use this script to see all GP extensions that my computer can process:
Remotely changing DNS server list through registry
Recently I was called to help some some friends who had an unusual problem: They demoted an old DC because they needed to raise the domain functional level, ...
Solving Event Log Subscription Error “0x138C”
Today I saw some collector-initiated event log subscriptions that displayed a weird error, something like Windows Event Forward plugin can't read any event f...
Finding WSUS Clients by SusClientId
Today someone showed me a strange problem - he had servers that recently installed new updates from his WSUS server, but he couldn’t find them in the WSUS co...
Setting Dynamic RPC Port Ranges
We recently had to manually set the dynamic RPC port range in our servers, mainly because Exchange 2010 sets the port range so wide that the firewall guys (r...
Event Log Permissions, With Scripts!
I’m going to keep it short, because there’s a lot of technical background. So, I’m assuming you know about:
Enabling Remote Desktop Remotely
According to this Technet article, to enable remote desktop remotely by using the registry you need to set the key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSe...
Event Log
setspn Duplicates and Case Sensitivity
Today I found out that the command I use to find duplicate SPNs, setspn -x is case sensitive, meaning that the following SPNs don’t count as duplicates: HOS...
Parsing Event Log Subscription Runtime Status using PowerShell and Regex
The Story Since Event Log Subscription doesn’t have a module or a .NET class, interacting with its settings and status has to be done either via UI or the co...
Filtering Windows Event Log using XPath
When I want to search for events in Windows Event Log, I can usually make do with searching / filtering through the Event Viewer. For instance, to see all 46...
Investigating Repeatedly Locked Out Users
I often get asked by some other IT guy “why does user XXXXX keep on getting locked out?”
Solving Event Log Subscription Error “0x138C”
Today I saw some collector-initiated event log subscriptions that displayed a weird error, something like Windows Event Forward plugin can't read any event f...
Windows Event Collection
I’ve recently implemented an enterprise-wide solution of event collection in our organization, using Windows’ built-in mechanism called the Windows Event Col...
Windows Event Collection
I’ve recently implemented an enterprise-wide solution of event collection in our organization, using Windows’ built-in mechanism called the Windows Event Col...
Event Log Permissions, With Scripts!
I’m going to keep it short, because there’s a lot of technical background. So, I’m assuming you know about:
AWS
Caddy is better than Nginx for Docker Compose on ECS
I recently managed to use Docker Compose to launch a small app in Aamazon’s Elastic Container Services (ECS). Overall, the result is pretty incredible. I’m a...
Quick Docker Compose commands for ECS
I’m pretty new to Dockering in the wild, and I’m trying to use the new ECS integration to push all of my tiny app to the cloud.
Parsing AWS billing
The Story I never understood the AWS billing very well and happily left it to my CTO. A couple of days ago, however, my CTO secretly told me he’s mainly inte...
Managing AWS Security Groups with Piculet
The Problem One of the first things I noticed when starting to work with AWS is that security groups are very hard to maintain:
Installing Growroot on CentOS
The story I currently work with CentOS on Amazon EC2. As I previously written, The HVM version of the AMI is created with a partitioned disk, instead of havi...
Managing EC2 reservations with Scripts
The Story Since we tend to hold our AWS EC2 VMs for a long time, we usually reserve them. Reservations are like pre-buying instances - you pay AWS ahead of t...
Resizing AWS root EBS in CentOS HVM
Update 04.07.15 This method doesn’t work anymore because of some weird AWS restriction, which says you can’t connect the root device of a marketplace AMI (li...
AWS’s Block Device Mapping in CentOS
The Story I’m using Amazon’s EC2 for some of my VMs, which run CentOS. When viewing Block Device Mappings (mapping between the virtual storage - ebs, epheme...
Java
Java SMPP helper
One of my projects involves communicating over SMS with cellular-connected IoT devices. The company already has a working infastructure for sending and recie...
Invalid number: Nov
One of my current projects is migrating a big Java project from Java 8 to a supported version. Since we’re doing small, stable steps, we started with Java 11...
Patching a Java JAR
I’m working with a company that uses smart IoT devices produced far away. The main troubleshooting tool is a Java utility provided by the manufacturer. This ...
javax.mail:mail 1.4.7 is broken, and how to workaround
javax.mail and I One of the current tasks on my agenda involves the modernization of a project that is currently built on Java 8. Given that this project is ...
a 1.5GB string
In my previous role, I supported a Java service that operated similarly to RDP or Citrix by enabling remote UI functionality. This service relied on sessions...
Writing Complex Scripts in HBase Shell
The Story HBase installations include a shell for running arbitrary commands. For instance, if you want to view all of your snapshots, you can do something l...
Troubleshooting story - Java HTTP client crashes on connections
Google Bait This post isn’t about the solution, but rather about the methodology. Anyway, to help people experiencing the same issue find this post:
Locking Down Jenkins’ Authentication
Update 19.02.15 After posting my script in the Jenkins mailing list, I was told about a simpler way for implmenting my authorization strategy. I’m leaving th...
FileSystem
Linux and SSDs - Should You TRIM?
Note: Although my experience is with Debian, I think this post helps anyone using some modern Linux distribution. What is TRIM? As a Windows sysadmin, I didn...
Automatically Mounting USB drives and Surviving Reconnects
Today I solved a problem that has been bothering me for a while - being unable to automatically “remount” my USB drive in case it disconnects and reconnects.
Backing up BitLocker to ActiveDirectory - My Additions
The Story If you thought about deploying BitLocker in your enterprise, you probably came across the recovery issue - if you lose the encrypting smart card, c...
Copying Files In PowerShell - Using Windows Explorer UI
I know this trick is widely known, but I thought it’s worth mentioning anyway. If you use PowerShell’s Copy-Item to copy files, you don’t get any progress re...
Testing actual SMB version
Ever since I got employed in my present company, I’ve been told that our NetApp Filer supports SMB2 when used as NAS. I was always skeptic of that (due to h...
Mass Setting Permissions on Remote Shares
I was recently asked by one of my teammates to add several NTFS permissions to the root folders of a bunch of shares. Seems easy, but I had two problems:
Get-BigDirectories
Note: This script is better than just ls -rec | measure, because measure measures only one field, and when iterating over many files and directories, every i...
Programming
Timing Execution By Output Lines
The Story Today I got annoyed that some puppet agent runs took me over 90 seconds to complete, even though they actually did nothing (no change was needed). ...
Python Library for Deluge Torrent Maintenance
Update: I added this project as my first GitHub repo I have an ongoing project which I nickname my raspberrySeed, which is a Rasbperry Pi running Deluge. Wo...
Opening Group Policy Management Editor from the Command Line
Yesterday I wanted to open the Group Policy editor (or “Group Policy Management Editor”) for a specific GP object through PowerShell, but there is no “Edit-G...
RssCache - An RSS Cache / Aggregator
Note: I’m no longer using this site, and might take it down. Let me know if you want the code.
Changing php settings without .htaccess or php.ini
I’m doing a little developing in PHP as a hobby, and I got some task involving free hosting in FreeHostingCloud.com. Since I’m just starting to learn PHP 5, ...
Stsadm / new SPSite is slow
Update: Get the script here The Story A couple of days ago, developer extraordinaire Itay Shakury was doing performance tuning on one of our SharePoint appli...
WindowsIdentity.GetCurrent and changing usernames
We’ve recently encountered an interesting problem: One of our applications had a service using .net remoting with impersonation turned on. Inside this servic...
DNS
DNS Namesake - the DNS MitM
The Story Imagine this situtation: ```text THE WORLD / company.com | A s1.red.company.com A s2.red.company.com … A sN...
DNS Override for a Single Process
The Problem I needed to run a mobile emulator on my laptop, in order to test some DNS server changes before releasing them. However, since the emulator had n...
Fixing Dynamic DNS on Gargoyle
Note: I switched to inadyn on my home server eventually. I left this article because it’s still relevant
Remotely changing DNS server list through registry
Recently I was called to help some some friends who had an unusual problem: They demoted an old DC because they needed to raise the domain functional level, ...
Making Sure Only Your PDC is Scavanging DNS Records
I recently looked over out DNS server settings, and I found out that more than one DNS server (DC in our case) was scavenging records. In order to put that r...
Automaticlly Updating DNS Server Addresses In A Domain Machine
The Problem I was recently requested to make sure that our machine’s network interface cards (NICs) have their DNS queries pointed to “the correct servers”. ...
Lowercasing PTR records in DNS
Recently, one of the IT crowd informed me that he can’t delete some of his PTR records through the DNS management console (dnsmgmt.msc). The record would app...
PHP
Adding shortcuts to your search engine
I really like DuckDuckGo’s bangs, which basically directs your query elsewhere if you prefix it with !something. You could search the London zoo in gmaps by ...
Extending Yii’s Web Application Creation
I found out that after creating my Yii Applications through Yiic.bat, I tend to modify the same things in all of them (adding .htaccess files for pretty urls...
Creating a common Yii code directory
Yii natively supports code recycling, by allowing you to store common code in modules, widgets etc. However, to share code between applications, you still ha...
RssCache - An RSS Cache / Aggregator
Note: I’m no longer using this site, and might take it down. Let me know if you want the code.
Dumping your MySQL db using PHP
Hi. One of my clients asked me to be able to take manual backups of his DB, and because he wasn’t so technologically-inclined, using the hosting company’s in...
Changing php settings without .htaccess or php.ini
I’m doing a little developing in PHP as a hobby, and I got some task involving free hosting in FreeHostingCloud.com. Since I’m just starting to learn PHP 5, ...
Performance
Keeping Windows Awake (with PowerShell)
The story I got a new game on Steam and got set to downloading it. For some reason, Steam and Windows have decided that it’s better to save some electricity ...
Linux and SSDs - Should You TRIM?
Note: Although my experience is with Debian, I think this post helps anyone using some modern Linux distribution. What is TRIM? As a Windows sysadmin, I didn...
Testing actual SMB version
Ever since I got employed in my present company, I’ve been told that our NetApp Filer supports SMB2 when used as NAS. I was always skeptic of that (due to h...
Stsadm / new SPSite is slow
Update: Get the script here The Story A couple of days ago, developer extraordinaire Itay Shakury was doing performance tuning on one of our SharePoint appli...
HTML
Prettify HTML pages with BeautifulSoup
The story Today I wrote some HTML page by hand (my new homepage). I then used this script to make the HTML code nicer:
Fixing Ugly Hebrew on Ubuntu + Firefox
The default viewing experience, when visiting some Hebrew sites when using Firefox on Ubuntu, is quite unsightly. If we check Ynet.co.il, a news site, we’ll ...
Avoiding Text Overflow with Prettify on Blogger
I’m currently testing Prettify to replace SyntaxHighlighter as the syntax-highlighting solution in my blog. By the way, it’s nothing critical, but Blogger’s ...
Wget in PowerShell v3
I’ve been envying my *nix brethren for having Wget for a long time. To get the contents of a web page or download a file using http I had to use workarounds ...
Making your pages more Facebook shareable
I’m working on a project involving Gallery 3, and one of my goals was tight Facebook integration. Today I’ve wanted to make sure that when someone shares a p...
Raspberry Pi
Setting up Gargoyle as a Time Server
The Story For reasons unknown to me, Debian’s NTP daemon only works on udp port 123, even when operating as a client. This is a problem because my network c...
Automatically Mounting USB drives and Surviving Reconnects
Today I solved a problem that has been bothering me for a while - being unable to automatically “remount” my USB drive in case it disconnects and reconnects.
Python Library for Deluge Torrent Maintenance
Update: I added this project as my first GitHub repo I have an ongoing project which I nickname my raspberrySeed, which is a Rasbperry Pi running Deluge. Wo...
Setting Up Samba on Raspberry Pi
After setting up my rPi TorrentBox, I wanted to let my family access the downloaded files. Since they use Windows (and I don’t want to bother their systems w...
Raspberry Pi + Deluge = Segmentation Fault
Note: This is relevant to any ARM based device running Linux
raspberrySeed
Setting up Gargoyle as a Time Server
The Story For reasons unknown to me, Debian’s NTP daemon only works on udp port 123, even when operating as a client. This is a problem because my network c...
Automatically Mounting USB drives and Surviving Reconnects
Today I solved a problem that has been bothering me for a while - being unable to automatically “remount” my USB drive in case it disconnects and reconnects.
Python Library for Deluge Torrent Maintenance
Update: I added this project as my first GitHub repo I have an ongoing project which I nickname my raspberrySeed, which is a Rasbperry Pi running Deluge. Wo...
Setting Up Samba on Raspberry Pi
After setting up my rPi TorrentBox, I wanted to let my family access the downloaded files. Since they use Windows (and I don’t want to bother their systems w...
Raspberry Pi + Deluge = Segmentation Fault
Note: This is relevant to any ARM based device running Linux
Debian
Linux and SSDs - Should You TRIM?
Note: Although my experience is with Debian, I think this post helps anyone using some modern Linux distribution. What is TRIM? As a Windows sysadmin, I didn...
Why Pinning
There are plenty of guides about apt pinning, but no one really explains the motivation to do so. It took me some time to understand that, so I thought I’d w...
My Pinning Guidelines
In my previous post about pinning I talked about the reasons to configure apt pinning. This post details my logic about what and how to pin.
Adding Repositories for Inspection
Sometime I want to inspect software repositories. However, I don’t want my machine to actually install anything from it. To do so, I made a small bash functi...
Setting up Gargoyle as a Time Server
The Story For reasons unknown to me, Debian’s NTP daemon only works on udp port 123, even when operating as a client. This is a problem because my network c...
WSUS
Finding Superseding WSUS updates in PowerShell
Whenever I see a superseded update, I usually want to know which update supersedes it. Finding it from the console is easy enough:
Finding WSUS Clients by SusClientId
Today someone showed me a strange problem - he had servers that recently installed new updates from his WSUS server, but he couldn’t find them in the WSUS co...
Installing WSUS Prerequisites Easily in a Disconnected Server
Our company has an internet-isolated environment, and I was requested to create a WSUS infrastructure there. The most annoying thing about installing a disco...
Auto-Sorting Computers in WSUS
When I installed my first WSUS server, I liked the idea of auto-assigning computers into different WSUS groups according to domains using the group policy’s ...
BitTorrent
Getting Magent Links from Deluge
My latest weekend-hack is a plugin that shows the magnet link for a torrent entry
Raspberry Pi + Deluge = Segmentation Fault
Note: This is relevant to any ARM based device running Linux
Automaticlly Extracting Downloaded Torrents
As every average geek, I too download torrents (containing only legal, copyright-free material, of course), and most of the time the torrents contain multi-f...
RssCache - An RSS Cache / Aggregator
Note: I’m no longer using this site, and might take it down. Let me know if you want the code.
Virtualization
Installing Growroot on CentOS
The story I currently work with CentOS on Amazon EC2. As I previously written, The HVM version of the AMI is created with a partitioned disk, instead of havi...
Resizing AWS root EBS in CentOS HVM
Update 04.07.15 This method doesn’t work anymore because of some weird AWS restriction, which says you can’t connect the root device of a marketplace AMI (li...
AWS’s Block Device Mapping in CentOS
The Story I’m using Amazon’s EC2 for some of my VMs, which run CentOS. When viewing Block Device Mappings (mapping between the virtual storage - ebs, epheme...
Adding .net 3.5 to a Windows Server 2012 template
I was approached by some colleagues building a new VM template for Windows Server 2012 who wanted some help with .NET framework 3.5. ###The .NET oddity As a...
Networking
Troubleshooting StatsD
About StatsD StatsD is a tool developed by Etsy and Flickr (complicated story). Its main use is providing a middleman for Graphite, which is a real-time grap...
SSH vs OpenVPN for Tunneling
Update 28.01.16 I found some sites referring to this post. Below are the common complaints I saw, and my replies:
Validating network segments using Puppet
The Problem When configuring KeepaliveD using Puppet, sometimes an interface name has to be used. Imagine a server with 2 interfaces (eth0,eth1), where one i...
Fixing Dynamic DNS on Gargoyle
Note: I switched to inadyn on my home server eventually. I left this article because it’s still relevant
SSH
Merging known_hosts files
The Story Some time ago, some colleague rebuilt several servers and reused their names (think sql1,sql2 etc). Obviously the new servers had different SSH ser...
Generating known_hosts file using Chef
The Story This post relates to my previous post. I was trying to create a script to amend my known_hosts file (where SSH keeps fingerprints of all of the ser...
SSH vs OpenVPN for Tunneling
Update 28.01.16 I found some sites referring to this post. Below are the common complaints I saw, and my replies:
Mass-Checking SSH Connections using Parallel
Today I wanted to make sure I have SSH access to about 100 servers. Obviously, I wasn’t going to verify the list by hand, so I put all of the servers’ names ...
Jenkins
Some Jenkins helpers for Chef
I’ve decided to share some code I use in Chef to pull some data and files from Jenkins
Managing Jenkins API Tokens
The problem
Locking Down Jenkins’ Authentication
Update 19.02.15 After posting my script in the Jenkins mailing list, I was told about a simpler way for implmenting my authorization strategy. I’m leaving th...
Downloading Artifacts from Jenkins with Authentication
Some Background
CentOS
Troubleshooting story - Java HTTP client crashes on connections
Google Bait This post isn’t about the solution, but rather about the methodology. Anyway, to help people experiencing the same issue find this post:
Using RPMBuild - My Shortlist
The Story I was trying to tinker with Abrt, a daemon in charge of collecting and diagnosing various crashes in RHEL (more on that in a different post). Becau...
Installing Growroot on CentOS
The story I currently work with CentOS on Amazon EC2. As I previously written, The HVM version of the AMI is created with a partitioned disk, instead of havi...
Scripting YUM provides search using Python
Update 24-06-15 Thanks to this page, I fixed my script. It no longer requires root privillages. I also muted informational messages because they were not ver...
SCOM
Making sure your Audit Collection Server is collecting
A few days ago I wanted to make sure that my ACS (Audit Collection Server) is collecting events from all of my DCs. For those unfamiliar with ACS, it’s an ad...
Monitoring SharePoint 2010 on SCOM - Minimal Permissions
I’ve recently started monitoring my new SharePoint 2010 farms on SCOM, and found the management pack’s documentation to be rather lacking in setup instructio...
Speed boosting disconnected environments
Hi there. Not a while ago, I’ve created a post about stsadm.exe / new SPSite() being slow in disconnected environments. Just wanted to point out that I’ve tr...
Terminal Server
Using Remote Desktop Client without Network Level Authentication
Whenever I use Remote Desktop to connect to an NT6+ (Windows Vista / Windows Server 2008 and later) machine, I use Network Level Authentication, meaning that...
Showing “Mail” icon in control panel through Group Policy
I recently had to lock down a Windows 2008R2 remote desktop server (terminal server) One of the requirements was to show only some control panel items, a set...
Enabling Remote Desktop Remotely
According to this Technet article, to enable remote desktop remotely by using the registry you need to set the key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSe...
Testing Local Facebook Applications with ABE
I’m using Firefox with NoScript, which is the AdBlock of scripts - allowing you to selectively block scripts according to various rules (e.g. block all scrip...
Fixing Facebook to Google Calendar synchronization
Note: It’s fixed now. The project itself is still pretty cool
Making your pages more Facebook shareable
I’m working on a project involving Gallery 3, and one of my goals was tight Facebook integration. Today I’ve wanted to make sure that when someone shares a p...
Firewall
Managing AWS Security Groups with Piculet
The Problem One of the first things I noticed when starting to work with AWS is that security groups are very hard to maintain:
Network Monitor capture filter limitations
I recently had to deal with some network traffic issues, so naturally I turned to NetMon. My problem was with some TCP packets not reaching their destination...
Setting Dynamic RPC Port Ranges
We recently had to manually set the dynamic RPC port range in our servers, mainly because Exchange 2010 sets the port range so wide that the firewall guys (r...
Office
CSV Tricks
The Story I’ve been requested to recreate some spreadsheet for our execs. Being annoying as usual, I made it a point to only use scripting to build the table...
Reverse Lookup in SharePoint 2010
Every SharePoint noob knows that one can create list lookup relationships, like specifying that a book belongs in a specific bookshelf. What I didn’t know un...
Showing “Mail” icon in control panel through Group Policy
I recently had to lock down a Windows 2008R2 remote desktop server (terminal server) One of the requirements was to show only some control panel items, a set...
Yii
Fixing Facebook to Google Calendar synchronization
Note: It’s fixed now. The project itself is still pretty cool
Extending Yii’s Web Application Creation
I found out that after creating my Yii Applications through Yiic.bat, I tend to modify the same things in all of them (adding .htaccess files for pretty urls...
Creating a common Yii code directory
Yii natively supports code recycling, by allowing you to store common code in modules, widgets etc. However, to share code between applications, you still ha...
Power Management
Keeping Windows Awake (with PowerShell)
The story I got a new game on Steam and got set to downloading it. For some reason, Steam and Windows have decided that it’s better to save some electricity ...
setspn Duplicates and Case Sensitivity
Today I found out that the command I use to find duplicate SPNs, setspn -x is case sensitive, meaning that the following SPNs don’t count as duplicates: HOS...
Deluge
Getting Magent Links from Deluge
My latest weekend-hack is a plugin that shows the magnet link for a torrent entry
Python Library for Deluge Torrent Maintenance
Update: I added this project as my first GitHub repo I have an ongoing project which I nickname my raspberrySeed, which is a Rasbperry Pi running Deluge. Wo...
Raspberry Pi + Deluge = Segmentation Fault
Note: This is relevant to any ARM based device running Linux
Ubuntu
Linux and SSDs - Should You TRIM?
Note: Although my experience is with Debian, I think this post helps anyone using some modern Linux distribution. What is TRIM? As a Windows sysadmin, I didn...
Fixing Ugly Hebrew on Ubuntu + Firefox
The default viewing experience, when visiting some Hebrew sites when using Firefox on Ubuntu, is quite unsightly. If we check Ynet.co.il, a news site, we’ll ...
Listing Unity’s Scopes and Originating Package
I recently upgraded to Ubuntu 14.04 (beta2), and I got all of my “lenses” (searching additional items in the dash menu), that look like this:
Perl
Resizing AWS root EBS in CentOS HVM
Update 04.07.15 This method doesn’t work anymore because of some weird AWS restriction, which says you can’t connect the root device of a marketplace AMI (li...
AWS’s Block Device Mapping in CentOS
The Story I’m using Amazon’s EC2 for some of my VMs, which run CentOS. When viewing Block Device Mappings (mapping between the virtual storage - ebs, epheme...
Timing Execution By Output Lines
The Story Today I got annoyed that some puppet agent runs took me over 90 seconds to complete, even though they actually did nothing (no change was needed). ...
Apt
Why Pinning
There are plenty of guides about apt pinning, but no one really explains the motivation to do so. It took me some time to understand that, so I thought I’d w...
My Pinning Guidelines
In my previous post about pinning I talked about the reasons to configure apt pinning. This post details my logic about what and how to pin.
Adding Repositories for Inspection
Sometime I want to inspect software repositories. However, I don’t want my machine to actually install anything from it. To do so, I made a small bash functi...
linux
Running GPU workloads on K3S
A team I work with is very happy with the k8s / ArgoCD setup we set up, and now wants to manage their experimental ML workloads in k8s as well. These workloa...
The BIG BUTTON with Arduino
I’ve created a dramatic big button, that actually sends key presses to the computer. It’s connected to the computer via USB, and programmable via the same co...
Accessing a specific server in an HTTP cluster
The Problem Part1 - Fault tolerence A common configuration of web servers is setting up multiple servers to serve the same content, with a load-balancing met...
scripts
Adding a child element in XSLT
I recently had to edit a big XML file, and add a child elemnt to every element within. To simplify matters, say I had something like this: <?xml version="...
Preparing Certificate files for Nginx
The Story When installing SSL certificates for nginx, assuming you’re using certificate hierarchy (and not a self-signed ceritificate), you’re required to co...
Batch fitting pictures in ImageMagick
I recently bought a digital frame for some of my more elderly relatives. The frame’s firmware was quite retarded, and I had 2 issues with it:
HBase
Writing Complex Scripts in HBase Shell
The Story HBase installations include a shell for running arbitrary commands. For instance, if you want to view all of your snapshots, you can do something l...
Sending HBase metrics to Graphite using Python
The story Although HBase is a crucial component in our current stack, the monitoring for it was quite incomplete. We only had general “is it running?” monito...
Init file for HBase Thrift Server
As part of our HBase setup, we run Thrift servers. This is pretty simple, except for the init files. Since we’re running Thrift standalone (and not as part o...
PKI
Remotely Viewing Machine Certificates With Minimal Permissions
We’ve started remotely monitoring our certificate stores on critical servers, and wanted the monitoring software to be able to remotely connect to our server...
Stsadm / new SPSite is slow
Update: Get the script here The Story A couple of days ago, developer extraordinaire Itay Shakury was doing performance tuning on one of our SharePoint appli...
Exchange
Remotely changing DNS server list through registry
Recently I was called to help some some friends who had an unusual problem: They demoted an old DC because they needed to raise the domain functional level, ...
Solving and preventing “Topology Discovery failed, error 0x80040a02”
Recently our Exchange 2003 environment broke down when we demoted our last ancient DCs. We panicked and re-promoted them, but no avail. The Exchange servers ...
IIS
Adding SSL to a SharePoint 2010 Web Application, the Right Way
###The Story I haven’t touched SharePoint in a while, but I’ve been asked by a friend to help him do something “the right way”. We were looking for a way to ...
The module … owssvr.dll could not be loaded due to a configuration problem
Recently, one of my teammates installed ArcGis Server 9.3 on our fresh SharePoint 2010 box, causing all sites to respond with 503 Service Unavailable. A quic...
Calendar
Reading Daylight Saving Time Data in Windows
When it comes to DST complexity, Israel has it worst (I think). We have our DST definition changed on a yearly basis, and consequently we have to repeat the ...
Fixing Facebook to Google Calendar synchronization
Note: It’s fixed now. The project itself is still pretty cool
NetApp
Testing actual SMB version
Ever since I got employed in my present company, I’ve been told that our NetApp Filer supports SMB2 when used as NAS. I was always skeptic of that (due to h...
Mass Setting Permissions on Remote Shares
I was recently asked by one of my teammates to add several NTFS permissions to the root folders of a bunch of shares. Seems easy, but I had two problems:
SMB
Setting Up Samba on Raspberry Pi
After setting up my rPi TorrentBox, I wanted to let my family access the downloaded files. Since they use Windows (and I don’t want to bother their systems w...
Testing actual SMB version
Ever since I got employed in my present company, I’ve been told that our NetApp Filer supports SMB2 when used as NAS. I was always skeptic of that (due to h...
TCP
Some PowerShell Snippets for Network Scanning
I recently had to improvise some network scanning using PowerShell. The security guys got somewhat excited, so I decided to upload these snippets. I think al...
Network Monitor capture filter limitations
I recently had to deal with some network traffic issues, so naturally I turned to NetMon. My problem was with some TCP packets not reaching their destination...
DST
We don’t do DST at this company
Once, a long time ago, I used to have a consulting gig in some big enterprise-y company. It had a lot of unique challenges, being disconnected from the inter...
Reading Daylight Saving Time Data in Windows
When it comes to DST complexity, Israel has it worst (I think). We have our DST definition changed on a yearly basis, and consequently we have to repeat the ...
Gargoyle
Setting up Gargoyle as a Time Server
The Story For reasons unknown to me, Debian’s NTP daemon only works on udp port 123, even when operating as a client. This is a problem because my network c...
Fixing Dynamic DNS on Gargoyle
Note: I switched to inadyn on my home server eventually. I left this article because it’s still relevant
Parallel
Listing Unity’s Scopes and Originating Package
I recently upgraded to Ubuntu 14.04 (beta2), and I got all of my “lenses” (searching additional items in the dash menu), that look like this:
Mass-Checking SSH Connections using Parallel
Today I wanted to make sure I have SSH access to about 100 servers. Obviously, I wasn’t going to verify the list by hand, so I put all of the servers’ names ...
Firefox
Testing Local Facebook Applications with ABE
I’m using Firefox with NoScript, which is the AdBlock of scripts - allowing you to selectively block scripts according to various rules (e.g. block all scrip...
Fixing Ugly Hebrew on Ubuntu + Firefox
The default viewing experience, when visiting some Hebrew sites when using Firefox on Ubuntu, is quite unsightly. If we check Ynet.co.il, a news site, we’ll ...
Web
Serving Images from the DB in Django
I recently got to work on prototyping a small Django-based website that was somewhat like a message board. One of the features requested was allowing users t...
Accessing a specific server in an HTTP cluster
The Problem Part1 - Fault tolerence A common configuration of web servers is setting up multiple servers to serve the same content, with a load-balancing met...
curl
Google Storage using cURL
I got around to troubleshooting a Python process running in Docker that had some permission problems accessing Google Storage Reproing inside Python with goo...
Accessing a specific server in an HTTP cluster
The Problem Part1 - Fault tolerence A common configuration of web servers is setting up multiple servers to serve the same content, with a load-balancing met...
git
Getting Git Submodule Detailed Status
The Story I manage every one of my Chef cookbooks as a single git repository, complying with the BerkShelf paradigm. I keep them all as submodules in a “supe...
Git Prompt Variables
I recently reinstalled my laptop and had to reconfigure my git prompt. I use the git prompt script that is included in Ubuntu’s git package, and integrate it...
bash
Batch fitting pictures in ImageMagick
I recently bought a digital frame for some of my more elderly relatives. The frame’s firmware was quite retarded, and I had 2 issues with it:
Git Prompt Variables
I recently reinstalled my laptop and had to reconfigure my git prompt. I use the git prompt script that is included in Ubuntu’s git package, and integrate it...
Troubleshooting
Chroot Snippet
The Story Some time ago, my PC wouldn’t boot. This was my fault, as I needed to resize some partition, and resizing in Linux really means deleting the partit...
Troubleshooting StatsD
About StatsD StatsD is a tool developed by Etsy and Flickr (complicated story). Its main use is providing a middleman for Graphite, which is a real-time grap...
StatsD
Sending HBase metrics to Graphite using Python
The story Although HBase is a crucial component in our current stack, the monitoring for it was quite incomplete. We only had general “is it running?” monito...
Troubleshooting StatsD
About StatsD StatsD is a tool developed by Etsy and Flickr (complicated story). Its main use is providing a middleman for Graphite, which is a real-time grap...
Monitoring
Getting your toppings fast
I recently ran into a friend that wanted some help with an app. Because the app is in super secret stealth mode, let’s pretend instead it’s “Pizza Advisor” -...
Sending HBase metrics to Graphite using Python
The story Although HBase is a crucial component in our current stack, the monitoring for it was quite incomplete. We only had general “is it running?” monito...
Graphite
Migrating Graphite’s Dashboards
I just made a small script to migrate dashboards between two graphite servers. Couldn’t find a similar one anywhere, so I thought I’d upload it. Note it’s us...
Sending HBase metrics to Graphite using Python
The story Although HBase is a crucial component in our current stack, the monitoring for it was quite incomplete. We only had general “is it running?” monito...
Vagrant
Running external Ruby code from Vagrant
The Story Like a lot of Chef users, I’m using Vagrant for testing my cookbooks. I’m also using Berkshelf for providing the Vagrant box with the cookbooks it ...
Chef Snippets
I thought I’d upload some interesting Chef-related snippets I accumulated.
Scripting
Sortiq - sort, uniq, sort
This is a small snippet I find extremely useful. You should have it in your ~/.bashrc: sortiq() { sort | uniq -c | sort -rn ; } It will count the instances ...
Writing Complex Scripts in HBase Shell
The Story HBase installations include a shell for running arbitrary commands. For instance, if you want to view all of your snapshots, you can do something l...
Rambling
Getting your toppings fast
I recently ran into a friend that wanted some help with an app. Because the app is in super secret stealth mode, let’s pretend instead it’s “Pizza Advisor” -...
Disqus instead of Juvia
TL;DR: I switched from Juvia to Disqus after losing all of my blog’s comments
Docker
Caddy is better than Nginx for Docker Compose on ECS
I recently managed to use Docker Compose to launch a small app in Aamazon’s Elastic Container Services (ECS). Overall, the result is pretty incredible. I’m a...
Quick Docker Compose commands for ECS
I’m pretty new to Dockering in the wild, and I’m trying to use the new ECS integration to push all of my tiny app to the cloud.
NTFRS
Testing stranded group policies
Ever had GPO Version differences between the AD and the Sysvol? Sure, you might have a healthy FRS/DFSR architecture, but the replication takes time. It’s an...
Failover Cluster
2008 Clusters can’t change password
Last week MS’s PFE Moti Bani and me solved a problem that bugged me for ~ a year - since the day we’ve started deploying 2008 clusters in our production envi...
Internet Explorer
Internet Explorer and SPNs
After learning how SPNs work (read my “Who? Why? Where” to learn what’s an SPN), I was frustrated to find out that I can’t implement my experience in the rea...
Backups
Dumping your MySQL db using PHP
Hi. One of my clients asked me to be able to take manual backups of his DB, and because he wasn’t so technologically-inclined, using the hosting company’s in...
Apache
Google Friendly Apache Domain Migration
I recently migrated a domain for a client, and did it like a noob (as in simply copying the db and files, making sure everything’s working, and then shutting...
Google Friendly Apache Domain Migration
I recently migrated a domain for a client, and did it like a noob (as in simply copying the db and files, making sure everything’s working, and then shutting...
ACS
Making sure your Audit Collection Server is collecting
A few days ago I wanted to make sure that my ACS (Audit Collection Server) is collecting events from all of my DCs. For those unfamiliar with ACS, it’s an ad...
MySQL
RssCache - An RSS Cache / Aggregator
Note: I’m no longer using this site, and might take it down. Let me know if you want the code.
RSS
RssCache - An RSS Cache / Aggregator
Note: I’m no longer using this site, and might take it down. Let me know if you want the code.
iCal
Fixing Facebook to Google Calendar synchronization
Note: It’s fixed now. The project itself is still pretty cool
Proxy
Creating proxied http requests with PowerShell
I’m working on some sort of HTTP proxy (maybe more details about it later), and to test it I’ve created a short PowerShell script. Note it also performs basi...
VMware
Updating VMware discovery info in Active Directory
Recently I decided I want to store physical discovery data (name, physical location, host if it’s a VM) on the machine’s account in Active Directory, because...
ASP.net
Applying SPWebConfigModification objects safely
My SharePoint team and I wanted to move to SPWebConfigModification rather that just modifying the web.config file manually, but I was always worried that app...
Web.Config
Applying SPWebConfigModification objects safely
My SharePoint team and I wanted to move to SPWebConfigModification rather that just modifying the web.config file manually, but I was always worried that app...
CIFS
Testing actual SMB version
Ever since I got employed in my present company, I’ve been told that our NetApp Filer supports SMB2 when used as NAS. I was always skeptic of that (due to h...
WinRM
Solving Event Log Subscription Error “0x138C”
Today I saw some collector-initiated event log subscriptions that displayed a weird error, something like Windows Event Forward plugin can't read any event f...
Network Monitor
Network Monitor capture filter limitations
I recently had to deal with some network traffic issues, so naturally I turned to NetMon. My problem was with some TCP packets not reaching their destination...
WMI
Reading Daylight Saving Time Data in Windows
When it comes to DST complexity, Israel has it worst (I think). We have our DST definition changed on a yearly basis, and consequently we have to repeat the ...
W32tm
Reading Daylight Saving Time Data in Windows
When it comes to DST complexity, Israel has it worst (I think). We have our DST definition changed on a yearly basis, and consequently we have to repeat the ...
Regular Expressions
Parsing Event Log Subscription Runtime Status using PowerShell and Regex
The Story Since Event Log Subscription doesn’t have a module or a .NET class, interacting with its settings and status has to be done either via UI or the co...
BitLocker
Backing up BitLocker to ActiveDirectory - My Additions
The Story If you thought about deploying BitLocker in your enterprise, you probably came across the recovery issue - if you lose the encrypting smart card, c...
Prettify
Avoiding Text Overflow with Prettify on Blogger
I’m currently testing Prettify to replace SyntaxHighlighter as the syntax-highlighting solution in my blog. By the way, it’s nothing critical, but Blogger’s ...
CSS
Avoiding Text Overflow with Prettify on Blogger
I’m currently testing Prettify to replace SyntaxHighlighter as the syntax-highlighting solution in my blog. By the way, it’s nothing critical, but Blogger’s ...
Blog
Avoiding Text Overflow with Prettify on Blogger
I’m currently testing Prettify to replace SyntaxHighlighter as the syntax-highlighting solution in my blog. By the way, it’s nothing critical, but Blogger’s ...
Samba
Setting Up Samba on Raspberry Pi
After setting up my rPi TorrentBox, I wanted to let my family access the downloaded files. Since they use Windows (and I don’t want to bother their systems w...
Delegation
Finding Accounts Trusted for Delegation
As part of a security audit, I was asked to help in finding all accounts marked with “Trusted for Delegation” What is “Trust for Delegation” You can try rea...
.NET framework
Disabling “generate Publisher Evidence” using scripts
I found the script we were using to disable authenticode on our machines, a feature that causes great suffering (and dll-loading-delays) to workstations not ...
XML
Disabling “generate Publisher Evidence” using scripts
I found the script we were using to disable authenticode on our machines, a feature that causes great suffering (and dll-loading-delays) to workstations not ...
DDNS
Fixing Dynamic DNS on Gargoyle
Note: I switched to inadyn on my home server eventually. I left this article because it’s still relevant
Unity
Listing Unity’s Scopes and Originating Package
I recently upgraded to Ubuntu 14.04 (beta2), and I got all of my “lenses” (searching additional items in the dash menu), that look like this:
udev
Automatically Mounting USB drives and Surviving Reconnects
Today I solved a problem that has been bothering me for a while - being unable to automatically “remount” my USB drive in case it disconnects and reconnects.
Fonts
Fixing Ugly Hebrew on Ubuntu + Firefox
The default viewing experience, when visiting some Hebrew sites when using Firefox on Ubuntu, is quite unsightly. If we check Ynet.co.il, a news site, we’ll ...
Development
Testing Local Facebook Applications with ABE
I’m using Firefox with NoScript, which is the AdBlock of scripts - allowing you to selectively block scripts according to various rules (e.g. block all scrip...
NoScript
Testing Local Facebook Applications with ABE
I’m using Firefox with NoScript, which is the AdBlock of scripts - allowing you to selectively block scripts according to various rules (e.g. block all scrip...
gdb
Hijacking a process’s i/o streams using gdb
The Story I recently had a very annoying problem - some daemon failed, but ran fine when told to run at foreground (not daemonize). Running at foreground is ...
Debugging
Hijacking a process’s i/o streams using gdb
The Story I recently had a very annoying problem - some daemon failed, but ran fine when told to run at foreground (not daemonize). Running at foreground is ...
NTP
Setting up Gargoyle as a Time Server
The Story For reasons unknown to me, Debian’s NTP daemon only works on udp port 123, even when operating as a client. This is a problem because my network c...
Apt Pinning
Adding Repositories for Inspection
Sometime I want to inspect software repositories. However, I don’t want my machine to actually install anything from it. To do so, I made a small bash functi...
Puppet
Validating network segments using Puppet
The Problem When configuring KeepaliveD using Puppet, sometimes an interface name has to be used. Imagine a server with 2 interfaces (eth0,eth1), where one i...
Regex
Validating network segments using Puppet
The Problem When configuring KeepaliveD using Puppet, sometimes an interface name has to be used. Imagine a server with 2 interfaces (eth0,eth1), where one i...
CSV
CSV Tricks
The Story I’ve been requested to recreate some spreadsheet for our execs. Being annoying as usual, I made it a point to only use scripting to build the table...
Spreadsheets
CSV Tricks
The Story I’ve been requested to recreate some spreadsheet for our execs. Being annoying as usual, I made it a point to only use scripting to build the table...
LibreOffice
CSV Tricks
The Story I’ve been requested to recreate some spreadsheet for our execs. Being annoying as usual, I made it a point to only use scripting to build the table...
chef
Getting Git Submodule Detailed Status
The Story I manage every one of my Chef cookbooks as a single git repository, complying with the BerkShelf paradigm. I keep them all as submodules in a “supe...
Boot
Booting with UUID without initramfs
The Story I recently wiped my CubieTruck (a single board computer, like RaspberryPi), and tried installing the root filesystem on a hard drive instead of the...
ARM
Booting with UUID without initramfs
The Story I recently wiped my CubieTruck (a single board computer, like RaspberryPi), and tried installing the root filesystem on a hard drive instead of the...
Storage
Resizing AWS root EBS in CentOS HVM
Update 04.07.15 This method doesn’t work anymore because of some weird AWS restriction, which says you can’t connect the root device of a marketplace AMI (li...
ImageMagick
Batch fitting pictures in ImageMagick
I recently bought a digital frame for some of my more elderly relatives. The frame’s firmware was quite retarded, and I had 2 issues with it:
images
Batch fitting pictures in ImageMagick
I recently bought a digital frame for some of my more elderly relatives. The frame’s firmware was quite retarded, and I had 2 issues with it:
SysVInit
Init file for HBase Thrift Server
As part of our HBase setup, we run Thrift servers. This is pretty simple, except for the init files. Since we’re running Thrift standalone (and not as part o...
Script
Appending Newline to File Ends with Ruby
I recently took over managing some config files from my dev colleagues. I was extremely annoyed to be reminded that Notepad (Windows’ text editor) does 2 maj...
EC2
Managing EC2 reservations with Scripts
The Story Since we tend to hold our AWS EC2 VMs for a long time, we usually reserve them. Reservations are like pre-buying instances - you pay AWS ahead of t...
Disk
Installing Growroot on CentOS
The story I currently work with CentOS on Amazon EC2. As I previously written, The HVM version of the AMI is created with a partitioned disk, instead of havi...
nginx
Preparing Certificate files for Nginx
The Story When installing SSL certificates for nginx, assuming you’re using certificate hierarchy (and not a self-signed ceritificate), you’re required to co...
security
Preparing Certificate files for Nginx
The Story When installing SSL certificates for nginx, assuming you’re using certificate hierarchy (and not a self-signed ceritificate), you’re required to co...
ssl
Preparing Certificate files for Nginx
The Story When installing SSL certificates for nginx, assuming you’re using certificate hierarchy (and not a self-signed ceritificate), you’re required to co...
ruby
Preparing Certificate files for Nginx
The Story When installing SSL certificates for nginx, assuming you’re using certificate hierarchy (and not a self-signed ceritificate), you’re required to co...
PYthon
Sending HBase metrics to Graphite using Python
The story Although HBase is a crucial component in our current stack, the monitoring for it was quite incomplete. We only had general “is it running?” monito...
RPM
Using RPMBuild - My Shortlist
The Story I was trying to tinker with Abrt, a daemon in charge of collecting and diagnosing various crashes in RHEL (more on that in a different post). Becau...
RHEL
Using RPMBuild - My Shortlist
The Story I was trying to tinker with Abrt, a daemon in charge of collecting and diagnosing various crashes in RHEL (more on that in a different post). Becau...
Building
Using RPMBuild - My Shortlist
The Story I was trying to tinker with Abrt, a daemon in charge of collecting and diagnosing various crashes in RHEL (more on that in a different post). Becau...
Sending mail on coredumps
The Story I recently found out that some of our backend code suffers from memory-related ceashes, namely SIGSEGV (a program tries to access memory it doesn’t...
SSL
Troubleshooting story - Java HTTP client crashes on connections
Google Bait This post isn’t about the solution, but rather about the methodology. Anyway, to help people experiencing the same issue find this post:
xbox
Back to Top ↑ubuntu
Back to Top ↑steam
Back to Top ↑Piculet
Managing AWS Security Groups with Piculet
The Problem One of the first things I noticed when starting to work with AWS is that security groups are very hard to maintain:
Testing
Running Inline DSL in ChefSpec
The Problem I have a pet Chef cookbook in charge of managing SELinux policies in Linux machines (Take a look). Until today I got along fine without testing, ...
ChefSpec
Running Inline DSL in ChefSpec
The Problem I have a pet Chef cookbook in charge of managing SELinux policies in Linux machines (Take a look). Until today I got along fine without testing, ...
Powershell
Detecting Invalid External References in Group Policy Preferences
Guest post This is a post written by my former colleague, Ofri Sherf. I’ve been bugging her to upload her script and write how it works because it sounded in...
Licensing
Listing Chef Cookbook Licenses
As part of a compliance check for our company, I was required to print the name/version of all FOSS proejcts I’m using. Most of it was digging around Gemfile...
Packer
Enhancing Packer Templates with eRuby
The Problem Packer is a great tool for creating machine images, and I’m using it to create EC2 AMIs. My issue with it is that Packer is using JSON for input,...
Mutex
Using a global lock in Chef
The Story Our dev team is currently using a Snowflake-like ID generation scheme that looks like this: (Diagram by Elad Rosenhim, architect and companion at ...
Lock
Using a global lock in Chef
The Story Our dev team is currently using a Snowflake-like ID generation scheme that looks like this: (Diagram by Elad Rosenhim, architect and companion at ...
Groovy
Managing Jenkins API Tokens
The problem
Billing
Parsing AWS billing
The Story I never understood the AWS billing very well and happily left it to my CTO. A couple of days ago, however, my CTO secretly told me he’s mainly inte...
Grafana
Migrating Grafana’s Dashboards
Similar to my Graphite dashboard migration script, I made a Grafana one. I’m targeting Grafana v2+. Note it’s using http for its HTTP calls. ```ruby old_serv...
Shell
Filtering in Shell
Today I told someone that a feature I’m missing in Bash is filtering. Then I thought about how much I miss it, so I went ahead and “implemented” it.
Pip
Dry Run for Python Pip
As I wrote some time ago, I started my own python cookbook for Chef because I didn’t like the direction the “default” one was going. I recently added a new f...
C
DNS Override for a Single Process
The Problem I needed to run a mobile emulator on my laptop, in order to test some DNS server changes before releasing them. However, since the emulator had n...
BeautifulSoup
Prettify HTML pages with BeautifulSoup
The story Today I wrote some HTML page by hand (my new homepage). I then used this script to make the HTML code nicer:
Graphing
Populating a NetworkX graph with a scanner
I had a graph living outside Pythonland (a commit tree with dependencies) and wanted to do graphy things to it. To do that, I first had to put the data into ...
Disqus
Disqus instead of Juvia
TL;DR: I switched from Juvia to Disqus after losing all of my blog’s comments
XSLT
Adding a child element in XSLT
I recently had to edit a big XML file, and add a child elemnt to every element within. To simplify matters, say I had something like this: <?xml version="...
arduino
The BIG BUTTON with Arduino
I’ve created a dramatic big button, that actually sends key presses to the computer. It’s connected to the computer via USB, and programmable via the same co...
Arduino
Arduino Mouse Mover
I have a friend who is working from home. This friend has a manager who’s way of measuring people’s productivity is ensuring said people are active on Slack....
Israel
Back to Top ↑Sapling
Sapling Commands
Sapling (the Facebook-released SCM) is great, but the docs are not-great. I thought I’d list some commands it took me a while to undertand, for me and for ot...
Git
Sapling Commands
Sapling (the Facebook-released SCM) is great, but the docs are not-great. I thought I’d list some commands it took me a while to undertand, for me and for ot...
Android
Get Android App Sizes with ADB
Upon receiving a notification from my NVidia Shield indicating that it was running low on storage space, I attempted to use the device’s interface to trouble...
JQ
Get Android App Sizes with ADB
Upon receiving a notification from my NVidia Shield indicating that it was running low on storage space, I attempted to use the device’s interface to trouble...
ops
Is this really an emergency?
One of the teams I worked with would do an “engineering pain-point” survey twice a year. During one of those surveys, the main complaint was that on-calls ha...
Bash “Keep or Delete” script for PDFs
I recently discovered that I had over 100 PDFs in my “Downloads” directory and needed to determine which ones I wanted to keep. Instead of spending 10 minute...
WSL
WSL for non-programming security analysts
I have a friend who isn’t a developer and believes that coding is beyond their grasp. They work as a security analyst and prefer using Windows as their opera...
Microsoft
We don’t do DST at this company
Once, a long time ago, I used to have a consulting gig in some big enterprise-y company. It had a lot of unique challenges, being disconnected from the inter...
Date
Invalid number: Nov
One of my current projects is migrating a big Java project from Java 8 to a supported version. Since we’re doing small, stable steps, we started with Java 11...
OpenWRT
Bridging Switcher’s UDP over OpenWRT
Seems like I’m doing this setup once every 3 years, then forget about it until the next time it breaks. I hope this is the last time I’m rediscovering this.
Network
Bridging Switcher’s UDP over OpenWRT
Seems like I’m doing this setup once every 3 years, then forget about it until the next time it breaks. I hope this is the last time I’m rediscovering this.
UDP
Bridging Switcher’s UDP over OpenWRT
Seems like I’m doing this setup once every 3 years, then forget about it until the next time it breaks. I hope this is the last time I’m rediscovering this.
Search
Adding shortcuts to your search engine
I really like DuckDuckGo’s bangs, which basically directs your query elsewhere if you prefix it with !something. You could search the London zoo in gmaps by ...
SMPP
Java SMPP helper
One of my projects involves communicating over SMS with cellular-connected IoT devices. The company already has a working infastructure for sending and recie...
PostgreSQL
Semantic caching with PSQL, Python, OpenAI
You’re an app developer now Let’s say you’re working on an app. The app helps you search for e-mail messages that relate to a certain topic. This works well ...
kubernetes
Running GPU workloads on K3S
A team I work with is very happy with the k8s / ArgoCD setup we set up, and now wants to manage their experimental ML workloads in k8s as well. These workloa...
gpu
Running GPU workloads on K3S
A team I work with is very happy with the k8s / ArgoCD setup we set up, and now wants to manage their experimental ML workloads in k8s as well. These workloa...
k3s
Running GPU workloads on K3S
A team I work with is very happy with the k8s / ArgoCD setup we set up, and now wants to manage their experimental ML workloads in k8s as well. These workloa...
Django
Serving Images from the DB in Django
I recently got to work on prototyping a small Django-based website that was somewhat like a message board. One of the features requested was allowing users t...
cloud
Google Storage using cURL
I got around to troubleshooting a Python process running in Docker that had some permission problems accessing Google Storage Reproing inside Python with goo...
Google Storage using cURL
I got around to troubleshooting a Python process running in Docker that had some permission problems accessing Google Storage Reproing inside Python with goo...