I have been playing with Spideroak and I like the idea that they have a share nothing approach.
If you want to sign up use this link so I can get some free space.
https://spideroak.com/download/referral/847969fa8588154fc59282104ae415da
Sophos Duplicate IDs
I found my self in a large environment where someone decided to deploy an image with Sophos installed. This resulted in all the computers being seen as 1 single computer in the Sophos Enterprise Console.
This caused me to write the following scripts. sophosFindDuplicate.pl scan the IIS logs looking for duplicate GUIDs from computer. It will output the IPs of the machines. This command will let you remotely fix the machines.(Remeber to whitelist psexec in Sophos)
psexec @hosts.txt -u domain\user -p password -c batchfile.bat
sophosFixDuplicate.cmd
@echo off net stop "Sophos Message Router" net stop "Sophos Agent" net stop "Sophos AutoUpdate Service" echo y|del "C:\Program Files\Sophos\AutoUpdate\machine_ID.txt" echo y|del "C:\ProgramData\Sophos\AutoUpdate\machine_ID.txt" reg delete "HKLM\Software\Sophos\Messaging System\Router\Private" /v pkc /f reg delete "HKLM\Software\Sophos\Messaging System\Router\Private" /v pkp /f reg delete "HKLM\Software\Sophos\Remote Management System\ManagementAgent\Private" /v pkc /f reg delete "HKLM\Software\Sophos\Remote Management System\ManagementAgent\Private" /v pkp /f reg delete "HKLM\Software\Wow6432Node\Sophos\Messaging System\Router\Private" /v pkc /f reg delete "HKLM\Software\Wow6432Node\Sophos\Messaging System\Router\Private" /v pkp /f reg delete "HKLM\Software\Wow6432Node\Sophos\Remote Management System\ManagementAgent\Private" /v pkc /f reg delete "HKLM\Software\Wow6432Node\Sophos\Remote Management System\ManagementAgent\Private" /v pkp /f net start "Sophos Message Router" net start "Sophos Agent" net start "Sophos AutoUpdate Service"
sophosFindDuplicate.pl
#Stephen
#Check for Duplicates
use Data::Dumper;
$file = "\\\\sophos-c108-01\\W3SVC1\\u_ex110822.log";
my %hash = ();
my %hDup = ();
open FILE, $file or die $!;
while () {
@data = ($_ =~ /(\b143\.55\.\d{1,3}\.\d{1,3}\b).*?(\b143\.55\.\d{1,3}\.\d{1,3}\b).*?(\{{0,1}[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}\}{0,1})/);
#print $data[0] . "\n";
if ((exists $hash{$data[2]}) && ($hash{$data[2]} ne $data[1]))
{
if(not exists $hDup{$data[1]})
{
print $data[1] . "\n";
$hDup{$data[1]} = $data[1];
}
}
else
{
$hash{$data[2]} = $data[1];
}
}
close(FILE);
Windows 7 RDP Hack
This hack is two fold. If you have Home or Home Premium which does not include RDP, this will let you remote into your computer. Also, if you want RDP to behave more like a real terminal server where you can have concurrent logons.
http://andrewblock.net/2010/02/23/enable-remote-desktop-on-windows-7-home-premium-64-32-bit
Adobe Air Mobile
I wrote my first Adobe Air Mobile app yesterday. It took me a couple of hours to wrap my head around action script, but I think we have come to terms.
I will start posting action script code soon.
IMAP Copy to local file.
I had a mail server that only supported IMAP, but their webmail interface is horrible. So I decided to write a small script to grab the email from the imap server and save it locally. In my case the local directory is the mail directory in cpanel so I can use gmail to grab the emails via POP3 to use gmail. The mail flow is:
IMAP SERVER -> SCRIPT -> LOCAL POP3 -> GMAIL
imapscript
'; ?> Nmsgs}",0); foreach ($result as $overview) { echo "$overview->subject\n"; $mailfile = tempnam("/home/mth/mail/stephenjc.com/asa/cur/","EMAIL-"); $message = imap_fetchbody($srcstream,$overview->uid,"",FT_UID); $localmail = fopen($mailfile, "w"); fwrite($localmail,$message); fclose($localmail); imap_mail_move($srcstream,$overview->msgno,'Forwarded'); } imap_expunge($srcstream); imap_close($srcstream); echo "deleteing lock\n"; unlink($lockfile); echo ' ]]>
ReadyNAS Google Authenticator
I just finished configuration Google two-factor authentication on my ReadyNAS for ssh authentication. It works well so far.
You need to install the Root SSH Add-on from the forums so you can ssh into your readynas.
apt-get update
apt-get install mercurial make gcc apt-utils libc6-dev gdb libtag1-dev uuid-dev libpam0g-dev
The just follow these instructions
http://www.mnxsolutions.com/security/two-factor-ssh-with-google-authenticator.html
Macintosh Logon Scripts
Here is a set of Mac logon scripts I wrote for a Windows/AD environment. There are a set of plist files that launch perl scripts and different stages. The logon scripts are local and self-update from the sysvol directory.
edu.fitsuny.mac_logon_init.plist
Label edu.fitsuny.edu.mac_system_logon ProgramArguments /etc/etsscripts/mac_logon_init.pl RunAtLoad
edu.fitsuny.mac_user_logon.plist
Label edu.fitsuny.mac_user_logon ProgramArguments /etc/etsscripts/mac_user_logon.pl RunAtLoad
mac_system_logon.pl
#!/usr/bin/perl -l
#Please make your function a sub and then call it.
#FYI: an error here will break the entire script
open (LOG, '>>/tmp/logon_system.txt');
print LOG "Running System Hook V1.0 \n";
#remember with admitmac the username might be @fitsuny.edu
$username = $ARGV[0];
#updates the loader.pl just in case we make changes there.
updateloader();
sub updateloader
{
system('smbclient //fit-c108-01/netlogon Password -U mac_logon -c \'get \\Macintosh\\installer\\mac_logon_init.pl /etc/etsscripts/mac_logon_init.pl\'');
if ($? != 0)
{ #try dc 1
system('smbclient //fit-c108-02/netlogon Password -U mac_logon -c \'get \\Macintosh\\installer\\mac_logon_init.pl /etc/etsscripts/mac_logon_init.pl\'');
if ($? != 0)
{# failed again print error
print LOG 'SYSTEM: Cannot download loader.pl script\n';
}
chmod(0755,'/etc/etsscripts/mac_logon_init.pl');
}
}
#!/usr/bin/perl -l
#Please make your process a sub and then call it.
#FYI: an error here will break the entire script
#This runs at user the user profie is in ~/ || mkdir() does not understand ~/
#
open (LOG, '>/tmp/logon_user.txt');
print LOG "Running User Hook V1.0 \n";
#remember with admitmac the username might be @fitsuny.edu
my $username = $ENV{'USER'};
my $profiledir = $ENV{'HOME'};
if ( $username =~ m/[@]/ )
{
my @tmpusername = split(/@/,$username);
$username = $tmpusername[0];
}
print LOG "USER: username " . $username . "\n";
#system test script, an example of giving the user a GUI popup box from a perl script
#system('osascript -l AppleScript -e \'tell Application "Finder" to display dialog "Call Frank"\'');
#get Prirole once
$usertype = get_prirole();
print LOG "USER: using prirole " . $usertype . "\n";
disable_dsstore();
mount_winfs();
#emgmesg();
#their profile is in Users which means they are not using admit mac
if ($profiledir =~ m/\/Users\//)
{
mount_stanNDrive();
}
sub disable_dsstore
{
#this will disable .DS_STORE on network volumes
#This will stop some weird bugs
system('defaults write com.apple.desktopservices DSDontWriteNetworkStores true');
}
sub mount_stanNDrive
{
use Net::LDAP;
$ldap = Net::LDAP->new ('fit-c108-01') or die "$@";
$ad = $ldap->bind('cn=ldapsearch,ou=fitusers,dc=fitsuny,dc=edu', password => 'password);
$ad = $ldap->search (base => 'ou=FitUsers,dc=fitsuny,dc=edu',
filter => "(&(cn=" . $username . "))",
attrs => ['homeDirectory'],
);
$ad->code && die $ad->error;
$winHomeDir = $ad->entry->get_value('homeDirectory');
$ad = $ldap->unbind;
$winHomeDir =~ s/\\\\/smb:\/\//;
$winHomeDir =~ s/\\/\//g;
$osascript = qq[mount volume "$winHomeDir"];
system( "osascript -e '$osascript'");
}
sub mount_winfs
{
#check to make sure mount exists
#check pri-role to see what server they are on
my $pilot_user = shift;
my $servershare;
$servershare = 'fs-c108-03/student_home$/' if ifmember($username,'students') ;
$servershare = 'fs-c108-04/faculty_home$/' if ifmember($username,'faculty') ;
return unless $servershare; # Don't attempt mount if no Y: drive for user
my $winfs_path = '//' . $servershare . $username;
$mntfolder = $ENV{'HOME'} . '/Desktop/' . $username . '_CAMPUSFILES';
print LOG $servershare . "\n";
print LOG $mntfolder . "\n";
system('mkdir ' . $mntfolder);
system('mount_smbfs -o nobrowse ' . $winfs_path . ' ' . $mntfolder);
#get list of mounts
$mountlist = `mount`;
if ($mountlist =~ m/CAMPUSFILES/ix)
{# Successful mount
}
else
{# Match attempt failed
system('rm -dfr ' . $mntfolder);
}
}
sub get_prirole
{
my $ldapsearch = qq[ldapsearch -h ldap.fitsuny.edu -b "dc=fitsuny,dc=edu" -LLL -x "(uid=$username)" fitprirole];
my $usertype = `$ldapsearch`;
$usertype =~ s/^.*fitprirole:\s+(.*)$/$1/s;
return $usertype;
}
sub ifmember
{
#does not do nested groups.
$_username = shift;
$_group = shift;
use Net::LDAP;
$ldap = Net::LDAP->new ('fit-c108-01') or die "$@";
$ad = $ldap->bind('cn=ldapsearch,ou=fitusers,dc=fitsuny,dc=edu', password => 'password');
$ad = $ldap->search (base =>'ou=FiTUsers,dc=fitsuny,dc=edu',
filter => "(&(cn=" . $_username . ")(memberof=cn=" . $_group . ",ou=fitgroups,dc=fitsuny,dc=edu))",
#attrs => ['memberOf'],
);
$ad->code && $ad->error;
return $ad->count();
}
sub emgmesg
{
$message = "LOGIN TO MyFIT TO REGISTER FOR EMERGENCY MESSAGE NOTIFICATIONS
Get timely announcements in the event of a campus emergency or a weather-related closure of the college via text message, email, or voicemail.
Would you like to sign up now?";
#icons Types (stop, note, caution)
$icon = 'note';
#button types (ok, yesno)
$buttons = 'yesno';
#action
$action = 'http://myfit.fitnyc.edu';
if($icon eq 'stop')
{
$ic = '0';
}
elsif($icon eq 'note')
{
$ic = '1';
}
elsif($icon eq 'caution')
{
$ic = '2';
}
if($buttons eq 'ok')
{
$bu = '{"OK"}';
}
elsif($buttons eq 'yesno')
{
$bu = '{"YES","NO"}';
}
#mac way
$result = `/usr/bin/osascript <<-EOF
tell application "System Events"
activate
display dialog "$message" buttons $bu with icon $ic
end tell
EOF`;
chomp($result);
if (($buttons eq 'yesno') && ($result eq 'button returned:YES'))
{
system('open ' . $action);
}
}
Knowledgetree Metadata Perl
Knowledgetree metadata has been a pain to interface with. Below is an example of posting metadata to Knowledgetree document. Sending SOAP::Data->type(‘xml’ => $xml) will populate the Date on Document and Notes. I am in the process of incorporating it into my ktdrop.pl script. It is true that you cannot send an array via a HTTP post as said in some forums, but in SOAP there is an array.
$xml = ''; $r = $session->add_document_with_metadata($ktsessionid,$dropboxid,$uploadRes->{name},$uploadRes->{name},$ktDocumenttype,$uploadRes->{filename}, SOAP::Data->type('xml' => $xml), '' );
BT Install on Mac
This was a old installer i wrote to install the bluetooth drivers when running Windows on a Macintosh before bootcamp.
This is dead, but i still get incoming 404’s to the file.
Network Shares Migration Script
Some times its just easier to use command line tools then using WMI. This simple script migrates out shared folder system into the new structure that is the teachers name with two folders underneath it.
migrate.vbs
Set fso = CreateObject("Scripting.FileSystemObject")
Set objShell = CreateObject("Wscript.Shell")
Set folder = fso.GetFolder("f:\shares\")
rcopy = "robocopy /e /zb /move /r:1 /w:1 "
For each folderIdx In folder.SubFolders
objshell.run "net share " & folderIdx.Name & " \\servername /delete", 1 , true
if instr(1,folderIdx.Name,"_drop",1) <> 0 then
fteacher = replace(folderIdx.Name,"_drop","",1,-1,1)
objshell.run rcopy & folderIdx.path & " f:\transportshare\" & fteacher & "_transport\DropBox\", 1, true
elseif instr(1,folderIdx.Name,"_ffs",1) <> 0 then
fteacher = replace(folderIdx.Name,"_ffs","",1,-1,1)
objshell.run rcopy & folderIdx.path & " f:\transportshare\" & fteacher & "_transport\FFS\", 1, true
end if
Next