Create Certificates in a Windows Environment
A quick reminder for a certreq.inf file
[NewRequest] Subject = "CN=name" KeyLength = 2048 Exportable = TRUE MachineKeySet = TRUE [RequestAttributes] CertificateTemplate = "Template Name"
Type
certreq.exe -new
and supply the above file in the open file dialog. Then, specify a file to save the request in. Take the request (base-64 – cut’n'paste will do) to a CA and submit it. Take the response certificate back to the machine (base-64 again) and type
certreq.exe -acceppt "response.cer"
You will the find a certificate in the machine store (MachineKeySet = TRUE). Of course, template and usage must match
UPDATE: Just found an article that relates to this one.
Cool commandline moves
FOR /L %f IN (1,1,254) DO ping -w 500 -n 1 192.168.1.%f | findstr /I reply >> %TEMP%\ping_results.txt
SMB/CIFS Download Manager
With this article we’re going back to the origins of the “Perimeterless Network“. If you (like us) are living the idea of the “Perimeterless Network” you sure can access your SMB / CIFS shares from anywhere in the world. Fo security reasons connections are protected with IPSec, right?
Now, for testing purposes I had to download a large DVD image from a remote file server and since I am accessing the Internet by WLAN and IPSec slows down the connection, too, I thought of using a download manager. The best choice would be a handy command line tool like wget. I did remember a tool called smbget I had used before which actually is part of the Samba Suite. But the only Windows binary I could find was at http://paully.com/smbget/ and on that page it says:
“For me it was very useful to transfer big files with size about 1 gigabyte over the our intranet through Samba from Germany to Belarus and from Belarus to Germany. If remote file is not available the application will try to download it until the job is done ”
OK, Belarus is not really what I’d call a democratic country so I was a little anxious about downloading a pre-compiled binary from such a source. Furthermore, I don’t know if Windows binaries are always larger than BeOS, BSD, and Linux ones but in this case the difference was huge. Anyway, if the source is not available anymore I am hosting the Windows Zip here.
Internet Explorer 8 (IE8) RC1 Inline Search
Some might remember my post quite some time ago about what is still missing in Internet Explorer. Major criticism was the antiquated search box. What can I say, finally someone chastened the IE developpers and they integrated an inline search that will fit most needs. Good job!
It took me a while to remember this new feature since I still had the IE Inline Search plug-in activated. But once I deactivated it I got enlightened.
So, who still needs Firefox and for what reason? Only speaking for Windows systems, of course. And leave me alone with Google Chrome, Apple Safari, and Opera.
T-SQL Simple Timestamp With Leading Zeros
I just had to create a simple string in MS T-SQL that would look like the following:
200812041613
or
yyyymmddhhmm
I solved it this way but I have no idea if this is a good solution (comments welcome):
DECLARE @timestamp AS varchar(12) -- Create Timestamp with leading zeros -- Year SET @timestamp = CONVERT( varchar(4), DATEPART(year, GETDATE() ) ) -- Month IF DATEPART( month, GETDATE() ) < 10 SET @timestamp = @timestamp + '0' + CONVERT( varchar, DATEPART( month, GETDATE() ) ) ELSE SET @timestamp = @timestamp + CONVERT(varchar(2), DATEPART( month, GETDATE() ) ) -- Day IF DATEPART( day, GETDATE() ) < 10 SET @timestamp = @timestamp + '0' + CONVERT(varchar, DATEPART( day, GETDATE() ) ) ELSE SET @timestamp = @timestamp + CONVERT(varchar(2), DATEPART( day, GETDATE() ) ) -- Hour IF DATEPART( hour, GETDATE() ) < 10 SET @timestamp = @timestamp + '0' + CONVERT(varchar, DATEPART( hour, GETDATE() ) ) ELSE SET @timestamp = @timestamp + CONVERT(varchar(2), DATEPART( hour, GETDATE() ) ) -- Minute IF DATEPART( minute, GETDATE() ) < 10 SET @timestamp = @timestamp + '0' + CONVERT(varchar, DATEPART( minute, GETDATE() ) ) ELSE SET @timestamp = @timestamp + CONVERT(varchar(2), DATEPART( minute, GETDATE() ) ) -- Done creating timestamp print N'' + @timestamp
The Bitlocker Odyssey or How I Killed Five Hours of my Time
(…and yours if you are going to read this )
My Windows Vista System had some strange side effects and so I decided to do a reinstall. After having postponed this action many times I finally started yesterday.
First I thought it would be nice to have SP1 slipstreamed into the installation sources but it seems as if Microsoft does not support this anymore. I think they provide slipstreamed sources themselves. Still, there exits two ways to do so: the manual and the vLite way. vLite is the Vista version of nLite. Both are tools to create custom Windows Installation Sources.
Since VLite ist pretty much straight forward I decided to go that way. Still, the process takes around two hours!!! So get a can of tea (I suggest a FTGFOP Darjeeling)…
Once, this process finished I needed a tool to burn the ISO image. I like InfraRecorder which is the first decent GUI to the open source cdrtools I’ve seen.
I did the first try with maximum speed and a second one with the lowest possible speed and both burning processes finished successfully. Still, when launching the installation process I always got the error that it “Cannot find the file D:\Sources\Install.wim. Error code 0×8007000” after I entered the license key. Well, I remember we had burn issues with Vista ISOs and the solution usually was to use a different burn software and to burn at single or double speed but I got pissed and so I continued using the RTM image w/o SP1 I had. Two hours later I had a fresh Vista installation and SP1 was applied manually. And guess what? Of course I didn’t do a backup of the slipstreamed ISO I created and so I couldn’t use it inside a virtual machine to at least test if the slipstreaming process was a success.
Anyway, during installation I left around 1.5 MB of unallocated space on my hard drive because I knew BitLocker would need this as an unencrypted boot partition. But it seemed as if I didn’t leave enough space because when I startet the BitLocker Drive Preparation Tool it said it would shrink my system partition. Since I didn’t want that I directly canceled the process and checked what was wrong. This turned out to be the worst thing I could have done because it left me with an unallocated hard drive space that wasn’t enough for the BitLocker boot partition and a system partition that Vista could not shrink anymore.
Exaleading around a little bit I tried the following:
- Disabled paging and delete pagefile.sys
- Disabled hibernation and deleted hiberfil.sys
- Used JKDefrag (supposed to be able to move the NTFS MFT file)
All the above didn’t work. If you want to try yourself maybe this link is of help.
So what else could I do. Use something like Partition Magic, of course. I used the open source live CD gparted before but this time I tried Parted Magic.
And I tell you it rocks, perfect hardware discovery and after two hours I had a NTFS partition resized with gparted.
Automatically Create IIS Application Pools
Here is the script for the AppPools
@ECHO OFF ECHO. FOR /F "eol=# delims=; tokens=1,2*" %%f in (apppools.txt) DO ( ECHO Creating AppPool "%%f" with user identity "%%g" CSCRIPT %SYSTEMDRIVE%\Inetpub\AdminScripts\ADSUTIL.VBS CREATE "w3svc/AppPools/%%f" IIsApplicationPool CSCRIPT %SYSTEMDRIVE%\Inetpub\AdminScripts\ADSUTIL.VBS SET "w3svc/AppPools/%%f/WamUserName" "%%g" CSCRIPT %SYSTEMDRIVE%\Inetpub\AdminScripts\ADSUTIL.VBS SET "w3svc/AppPools/%%f/WamUserPass" "%%h" CSCRIPT %SYSTEMDRIVE%\Inetpub\AdminScripts\ADSUTIL.VBS SET "w3svc/AppPools/%%f/AppPoolIdentityType" 3 ECHO. ) pause
And the correspondign text file:
# # ";"-delimited file to create application pools # Beware of strange characters in password, # though ; should work # Structure is # # AppPool Name ; User ; Password tmpAppPool;tmpUser;tmpPass
Automatically Create IIS Websites
I had to create quite a lot websites on a Microsoft IIS webserver and of course there is a nice scripting solution to it. Here is how I did it:
Batch code:
@ECHO OFF SET webRoot=D:\websites ECHO. ECHO Creating directories ECHO and websites ECHO. FOR /F "eol=# delims=; tokens=1,2*" %%f in (websites.txt) DO ( ECHO Creating Dir %webRoot%\%%f\%%g and website %%g in appPool %%h MD "%webRoot%\%%f\%%g" iisweb /create "%webRoot%\%%f\%%g" "%%g" /i 192.168.228.30 /d %%g.perimeterless.org /ap %%h ECHO. ) pause
and here is the text file that goes with it:
# # ";"-delimited file to create directory structure, # websites and application pools # # Structure is # # Subdirectory ; Sitename ; AppPool testing;test1;DefaultAppPool testing;test2;DefaultAppPool testing;test3;DefaultAppPool
Congratulations to the Internet Explorer 8 Developer Team
In the early beta phase of Microsoft Internet Explorer 7 I posted some improvement thoughts to the official developer newsgroup and never got any response or feedback.
One thing I find pretty important is the option to close only the current tab if you click on the global close ‘X’ in the top most right corner if you have more than one tab open. In IE7 it would only ask you if you really want to close all tabs. If you accidentally clicked on the global close icon but only wanted to close the current tab you had to say ‘No’ and then close the actual tab.
But hey, guess what it looks like in IE8 beta (Konqueror style, woohooo) :
Update:
Wow, we’re really getting somewhere here. Playing around with IE8 beta a little more I discovered that the search box in the upper right corner has a sort auf auto correct mechanism. For example you type ‘target audiecne‘ instead of ‘target audience‘ in the box with Google as your search provider and then Google offers you to correct your search with a link above all the results of your original search query.
If you would like to use the corrected search query in the search box you had to copy’n'paste in the pre IE8 era but now IE8 is doing it for you. I already love this browser.
Virtual PC 2007 VHD: Resize NTFS Windows System Partition
As you may have recognized reading my last post I sometimes use my blog as a Personal Knowledge Management System (PKMS). This post is filed under the same category.
Virtual PC 2007 is a free virtualization product from Microsoft. You can download many M$ Virtual Hard Disk (VHD) files from here
- Go to http://vmtoolkit.com and download the VHD Resizer (btw they also have a tool to convert VMware VMDK images to VHD files)
- Run the tool and open the VHD file you want to resize (make sure its not currently used by a running VM)
- Specify a new VHD file as destination with a type (fixed/dynamic) and a size and click on the button “Resize” (this may take a while so go and get a drink)
- Add the new resized harddisk image to your virtual machine as second/third HD and boot into it with the original small VHD as system disk.
- VERY IMPORTANT: Use “Computer Management” -> “Disk Management” to assign a drive letter to the second/third HD(otherwise
dispartwill not work)
- Now open a CMD console and type
diskpartto get into the interactive mode of the partition utlitiy. The tool is part of Windows XP / 2003 and later and may be downloaded for Win 2000 - type
list volumeto display the list of available volumes in your system - type
select [volume ID](where [volume ID] either is the drive letter or the number given by thelist volumecommand - type
extend
- Shutdown the system
- Use the extended HD as your primary VHD file in your virtual machine configuration and remove the original (small) VHD file from your setup
- Boot the virtual machine and download lots of movies in HD quality to fill up the new space
About
Originally this site was intended as a project site. The goal was to define standards for the perimeterless network using
open-source software. To be honest I simply do not have the time for such a thing. So what is left is a blog with sporadic
posts that are either helpful for myself or I think are helpful for others, too since I had a hard time finding information
on the Internet. Think of it as a knowledge base.
Ehm yes, somtimes I write down my two cents on any topic that may go through my mind at that point in time ;-)