General

Hey there network administrators I don’t know if you know this but it is a VERY VERY bad thing to log into your workstations with your domain admin username and password. It is also VERY VERY bad to leave your servers logged into.

Are you logging in as a normal user? Are you logging out of your servers when you are finished with your work?

You should be…

Sure it makes stuff easier as you don’t have to authenticate over and over but it is also really really dangerous. If your session gets hijacked or your machine becomes infected guess what…

You just handed over the keys to the kingdom without a fight. Your whole network could be destroyed and compromised. What happens if your active directory objects are deleted?

If that happens lets look at a tool our friends at bauer-power.net used to recover deleted accounts. And while we are on that note does anyone know why schema changes would remove user objects in a 2008 native ad setup?

Today I walked into the office with a little bit of a shocker. One of the Help Desk users said that his, and another user’s active directory accounts on our parent company’s domain had miraculously vanished. WTF? The only changes to active directory the previous day was my co-worker was setting up OCS, and that require some schema changes. I am not sure why those schema changes would delete accounts, but whatever, this is the problem I was facing when I walked in (Still no coffee yet either).

Well it turned out to not be that huge of a deal because I found a really awesome free tool that easily finds deleted active directory objects, and with a click of the button restores them. The way active directory deletes objects is pretty cool, and it also makes it relatively easy to recover. According to Petri, “When an object is deleted from Active Directory, it is not immediately erased, but is marked for future deletion…The marker used to designate that an AD object scheduled to be destroyed is called "tombstone". A tombstone is an object whose IsDeleted property has be set to True, and it indicates that the object has been deleted but not removed from the directory, much like a deleted file is removed from the file allocation table but the data is not actually removed from the drive.”

The tool I used to recover the objects is called ADRestore.net. To use it you simply install it on one of your domain controllers, then click Enumerate Tombstones. Find the missing object (User, OU, Computer, Etc) click on it and hit restore. Easy as pie!

 

Yes! This works on 2008 Active Directory’s as well as 2003. How do I know? Because we are a 2008 native shop! Here is a list of the main features available:

    * Browsing the tombstones
    * Domain Controller targeting
    * Can be used with alternative credentials (convenient if you do not logon to your desktop as Domain Admin, which you should never do anyway)
    * User/Computer/OU/Container reanimation
    * Preview of tombstone attributes

Know of some other good, free tools for recovering deleted AD objects? Hit us up in the comments!

What do you guys think? What if the objects were modified instead of removed? How do you deal with that? Do you have to do  a restore from backup? Can you roll your AD back? Let’s here from you admins out there!

_TheAdAdmiN_

So apparently after some partnering up with Verizon, Skype has decided to temporarily pull its Windows Mobile client. Support says if  you have it and run it – it will work.

But you will not be able to download it. We found the link on their site is just disabled and you can get to the download page by going to http://www.skype.com/intl/en/download/skype/windowsmobile/ or we have uploaded the file to our server here as well for when it is gone all together!

_TheSkypedOutAdmiN_

You may have read this before as it was originally posted on the daily wtf around 2007 but, I HAD to share it with you as we had a similar situation around my office recently. Read through and prepare yourself for a laugh young admin!…

The early 90s were exciting. Tim Berners-Lee invented HTML and created the first of the many internets we have today. A bunch of dancing dudes in foil costumes built the first Pentium processor. And who can forget Eritrea gaining independence from Ethiopia? Well, I could, but I wasn’t following Ethiopian politics so much those days.

At the time, Chilton W. was working at a company that provided software that auto insurance companies used to keep track of users, policies, cars, etc. Things were going great, too. They had sold their software to one third of all auto insurance providers in the U.S.

The architecture consisted of a main system (which they owned) at each insurance provider’s location, physically linked to other systems on a local network. This didn’t work under the typical client/server model, though, it was a daisy-chained, peer-to-peer setup.

Often just one computer on the network could connect to the internet via dialup, so troubleshooting was a matter of dialing into the main system, checking for problems, then walking a user through the steps of testing each networked computer. It was usually the low man on the totem pole at the client’s site that would get tied up for a few hours, changing configuration settings and testing. It was a tremendously tedious process, and the answer was generally either a bad cable, bad software install, or a dead hard drive.

Chilton saw an opportunity to simplify the process by deploying a remote diagnostics application. Deployment was, in fact, pretty easy — a batch file could upload the utility to the insurance provider’s main system, then someone there could copy the utility to a floppy and manually get it out across all the other systems. Chilton still didn’t like that he’d have to explain to each user how to copy the utility, though, so he added the ability for the utility to replicate itself across the network.

Read the rest of this entry »

As many as 20 to 30 processes may be running invisibly, silently in the background on your PC. Some hog system resources, drastically slowing down your computer. Others are a threat to security and privacy. A few may be harmless.
The Windows Task Manager displays most of these processes but you have no information to learn and understand what is what.
Get the latest definitions and exhaustive advice on all the processes running on directly in the Windows Task Manager by downloading the QuickLink InfoBar from ProcessLibrary.com.

Check out this free and easy application from UniBlue. After a quick install you will have new information buttons next to each process within your Windows Task Manager like so:

I clicked next to Framework Services and got this web page:

Not too shabby! Grab the download here http://www.processlibrary.com/quicklink/.

_TheProccessExploringAdmiN_