Windows 2000 P2V blue screens

Posted on January 7, 2010 by brian.wuchner

I recently had two older model Compaq servers blue screen after a P2V conversion. In each case the physical machines had a diagnostic partition (without an assigned drive letter) on disk before the boot/C: partition. While using the VMware Converter this volume was de-selected and not migrated to the virtual machine. In each case the server blue screened with an error “INACCESSIBLE_BOOT_DEVICE” after the conversion.

At first I believed this error to be caused by that diagnostic partition. I tried to re-run the P2V several times and even tried including the diagnostic partition in my VM. The problem was persistent; no matter how I used the P2V the host (cold clone/block level agent/file level agent/with and without diagnostic partition) this error would occur.

After a couple of attempts I thought I was fighting a lost cause. Finally I stumbled across an article that suggested I had a bad version of scsiport.sys and suggested several methods to replace this file. Since I’m using virtual machines and already had a Windows 2000 VM template, I deployed a copy of my Windows 2000 template and attached my P2Ved C: drive as a second drive in the server. I copied the known working copy of SCSIPORT.SYS from C:\WINNT\System32\Drivers to my second drive (E:\WINNT\System32\Drivers\SCSIPORT.SYS). I then shutdown and removed the second drive from my temporary server and powered on the recently P2Ved guest. Problem solved.

Posted in Virtualization | 8 Comments

Active Directory Management with Active Administrator

Posted on December 15, 2009 by brian.wuchner

I had a need the other day to restore a deleted OU from a Windows 2003 Active Directory.  This used to be such a big deal; requiring the AD, Server and Backup guys all working together.  Authoritative restores are such a pain in the rear, but Active Administrator by Scriptlogic has made this a non-issue.  We can pick an OU from one of the scheduled backups and re-animate the object with ease.  It almost makes you want to delete stuff just so you can restore it.

The product is a little pricey, but it only takes one or two restores for it to pay for itself.  I would highly recommend this product to anyone responsible for managing active directory.

Here is a link to a case study I was interviewed for several months ago:

http://www.scriptlogic.com/CaseStudies/Download/state-of-indiana-case-study.pdf

Posted in Messaging | Leave a comment

Homegrown Dictionary/Rainbow Table Password Discovery

Posted on November 22, 2009 by brian.wuchner

Password_Shelby11

Sometimes it is really easy to figure out a user’s password.  Just check out that picture to the right.  Other times the password is less obvious but could come from a list of passwords you already know.  For example, if your helpdesk always resets passwords to the same few values, many users could be using one of those default passwords.  Here is a simple process for those who would like to audit your directory for such accounts.

Document: Homegrown Dictionary/Rainbow Table Password Discovery

Scripts: Homegrown Dictionary/Rainbow Table Password Discovery

Posted in Scripting | Leave a comment

Script to create 10,000 test users

Posted on November 22, 2009 by brian.wuchner

I thought I would share the script I made to create 10,000 test users in an NT 4.0 domain for my test lab.  I should note a couple of things:

  • When I first ran this script, my domain only had the default ‘guest’ and ‘administrator’ accounts.
  • I used Visual Basic Script (VBS) which does not require pre-defining of variables or variable types (adding ‘option explicit’ requirements would case the script to fail)
  • The script was ran from a command line as ‘cscript.exe CreateUsersWinNtObj.vbs’
  • No checking was performed to verify that the user ID was unique (in a ‘real’ domain this could cause a problem.
  • This script was not tested with Active Directory domains.  However, the code would most likely work — creating all 10,000 users in the default “cn=users” container.

If you have any questions please let me know.

Create10kTestUsers

Posted in Scripting | Leave a comment

Verify network translation

Posted on October 24, 2009 by brian.wuchner

Again, some earlier code.  I’m not sure how good this works…I had ran it for a few weeks awhile back.  However, my IP address changed and I received a lot of notifications before I had a chance to resolve it.  The script would be better if it contained some sort of logic so that it only sent one notification.

Monday, 08 October 2007

  • The purpose of this script is to:
  • lookup a domain name with nslookup, returning an IP address
  • find the external network address translation (NAT) using whatismyip.org
  • compare the two IP addresses
  • send a notification if they are not the same

This script was designed to run as a scheduled task and in my scenario it runs every 30 minutes.  The purpose is to work similiar to the www.no-ip.com service that will dynamically update DNS based on your external IP address.  Since I do not typically have a scripting interface into my hosted external DNS, I use a simple CDO email to let me know when DNS needs to be manually updated.


NatName = "publicnat.domainname.com"
NotifyContact = " scripting.user@domainname.com"
smtpserver = "smtp.domainname.com"

IP_in_DNS = DNSLookup(NatName)
IP_on_OutSide = ExternalIP()

If Not IP_in_DNS = IP_on_OutSide Then
SendEmail NotifyContact,NatName & " issue","The network address translation for " & NatName & " (IP_" & IP_in_DNS & ") does not match the current external address of IP_" & IP_on_OutSide & "."
End If

msgbox "Done."

Function DNSLookup(sDNSName)
On error resume next

Const OpenAsDefault = -2
Const FailIfNotExist = 0
Const ForReading = 1

Set oShell = CreateObject("WScript.Shell")
Set oFSO = CreateObject("Scripting.FileSystemObject")
sTemp = oShell.ExpandEnvironmentStrings("%TEMP%")
sTempFile = sTemp & "\" & oFSO.GetTempName

oShell.Run "%comspec% /c nslookup " & sDNSName & ">" & sTempFile, 0, True

Set fFile = oFSO.OpenTextFile(sTempFile, ForReading, FailIfNotExist, OpenAsDefault)
sResults = fFile.ReadAll
fFile.Close
oFSO.DeleteFile (sTempFile)

If InStr(sResults, "Address:") Then
aNameTemp = Split(sResults, "Address:")
aName = Split(Trim(aNameTemp(2)), Chr(13))
'aNameTemp(2) will be the second address listed; the first address is that of the DNS Server

DNSLookup = aName(0)
Else
DNSLookup = "Failed."
End If

Set oShell = Nothing
Set oFSO = Nothing
End Function

Function ExternalIP()
url = "http://whatismyip.org"
set xmlhttp = CreateObject("MSXML2.ServerXMLHTTP")
xmlhttp.open "GET", url, false
xmlhttp.send ""
ExternalIP = xmlhttp.responseText
set xmlhttp = Nothing
End Function

Sub SendEmail(strTo, strSubject, strBody)
Set objEmail = CreateObject("CDO.Message")
objEmail.From = NotifyContact
objEmail.To = strTo
objEmail.Subject = strSubject
objEmail.HTMLBody = strBody
'objEmail.AddAttachment (txtOutFile)
objEmail.Configuration.Fields.Item _
("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
objEmail.Configuration.Fields.Item _
("http://schemas.microsoft.com/cdo/configuration/smtpserver") = smtpserver
objEmail.Configuration.Fields.Item _
("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25
objEmail.Configuration.Fields.Update
objEmail.Send
End Sub

Posted in Scripting | Leave a comment