Autohotkey is an invaluable tool for automating tasks we perform hundreds of times per day without even thinking of it.  The tasks many only take a few seconds each, but added up over the course of a year or more, it really adds up!  One such common task involves switching between applications in Windows.  Sure, you can click the application you want on the task bar or use Alt-Tab. But what happens when you have a ton of programs and tabs open?

You have to hunt.

Wouldn’t it be great if you could just press a keyboard shortcut to launch/resume any application?  This is where Autohotkey excels.  You can configure it for example to toggle between applications based on their window title.  But what if you can’t use the window title?  This post shows you how to toggle between an application where the title constantly changes and you otherwise have nothing consistent about the application with which to configure Autohotkey to use.

Continue reading

I have a treat for you today.  I have finally solved something that has been a pain in my side for years now.  Have you ever been in the following situation?

You are reviewing log files and discover that a remote computer (perhaps a virtual machine running on shared storage) is running wild and hammering on the disk.  You need to figure out what exactly what processes and files are causing that disk IO.  However perhaps that computer is always in use and you simply can’t log in locally to launch resource monitor or process monitor.  You need ultimately to run Process Monitor remotely.  Unfortunately you google this and discover that it’s not possible due to the amount of data that process monitor generates and can’t pass it all over the wire.  So what do you do?

I found myself in this exact situation yet again today and finally decided to sit down and solve it once and for all.  My googling revealed a suggestion in some forum to use psexec to run procmon.exe on the remote machine and then copy over the PML file to your machine for analysis.  I’m afraid I couldn’t find that blog post so I can’t give credit to the original author of the idea.  But there is a world of difference between an idea and a practical implementation and that’s what I have to share with you today.

Below is a PowerShell script that includes a function called Get-ProcMonData.  It accepts just two parameters, a -ComputerName for the name of the remote computer you wish to connect to and -Duration for how long procmon will run for on the remote system.  Note that the script is hardcoded to limit you to a maximum of 100 seconds as I discovered the hard way that Procmon generates an enormous amount of data and you can easily fill the remote drive if you’re not careful.

Continue reading

Credit where credit is due, this is taken directory from the blog below and is documented here only so I can easily find it again in the future.

Source: https://deployhappiness.com/quick-tip-add-computer-to-group-gpupdate-without-restart

Let’s say you add a computer to a group but you want that computer to gain that membership but can’t restart the system.  What do you do?

From an administrator command prompt type: klist –li 0x3e7 purge followed by gpupdate /force

This will clear the Kerberos ticket and request a new one which will force new group enumeration.

A handy trick to be sure!

This HOWTO is a proof of concept to demonstrate a way to take an Active Directory environment on one server and restore it to a different server on an entirely different network.  The scenario in this example is we have a domain controller which has a number of other third party applications installed and we wish to migrate just the AD portion to a new dedicated Active Directory server in a separate environment.  Once completed, the old server will be permanently powered off.

We will have two systems, one called PRODDC1.  This is our production system hosting Active Directory and all of our other applications.  The second system is called initially NEWDC1.  This is a fresh copy of Windows 2012 R2 with no configuration of any kind, not even a hostname or IP assigned.  Crucially, these two systems are on isolated networks and cannot see each other.

On PRODDC1

• From Server Manager, installed the Windows Server Backup Feature
• Once installed, run Windows Server Backup and from the left menu choose Backup Once
• Choose Custom and select only System State

Continue reading

Webroot has recently released a new REST API that allows us as administrators to pull detailed endpoint data programmatically. What this effectively means is that all of the information that is presented to us in the Webroot Global Site Manager can now be extracted directly and integrated into other processes. I very much wanted a script that would be able be able to run on a scheduled task and compare all the systems in Active Directory with those registered in Webroot and then report on those AD systems that either do not have Webroot installed or haven’t checked in for more than a week.

It took some reading and trial and error but I managed to create a PowerShell script that can connect to Webroot and pull all of the details for every endpoint for a given keycode into an object which you can then do whatever you want with. I figured I’d save you the frustration of figuring out how to make this. Of course this code is presented as is. It’s working for me but your mileage may vary.

Here’s how it works:

Continue reading

Do you use VMware Workstation on Windows?  Do you run more than a handful of VMs?  Have you ever had your host CPU pinned by one of the instances of vmware-vmx.exe but the only way you could figure out which VM was the issue was by logging into each one and checking CPU usage there?  I found myself in this situation and figured there had to be a better way.  I realized that each VM runs as its own separate vmware-vmx.exe process.  I further figured out that the .VMX file that includes the name of the running VM is part of the command line arguments used to call it.  Putting this information together, I wrote a simple PowerShell script that is intended to be run on the Windows Host that will show all running VMs and their current CPU usage.  Note that the totals are for each VM, not of the host.  This is why multiple VMs can show 100% usage.

Continue reading

I have previously discussed how to use a Windows based computer to write in Japanese and Chinese.  The time has come to tackle the next of the Asian languages, Vietnamese.  As before, the same disclaimer applies.  The information below is what I was able to figure out based on information primary from Google and Wikipedia.  Some or perhaps even much of it may be incomplete but it does appear to at least be logically consistent.  At first I thought typing in Vietnamese would be considerably easier since the language at first blush appeared to use the Roman alphabet, just as English does.  Therefore, I expected it to be as simple as “Select the Vietnamese keyboard and start typing”.  As I started researching however, I found this was not the case at all.

There are a couple of important things to be aware of when trying to write Vietnamese on an English keyboard.  Let’s assume you’ve used the “Language” Control panel applet and added the “Vietnamese” language already.  Once installed, you press the “Preview” button to see what the keyboard looks like this:

The first thing that will probably jump out at you is that all of the numeric digits on the keyboard have been replaced with special characters along with the open and closed square brackets, dash and equals keys.  Why is that?  To understand this, we’ll have to look at how the Vietnamese alphabet is constructed.

Continue reading

Are you interested in Office 365 and ADFS but are intimidated by it and not sure where to begin?  If that’s the case, you’ve come to the right place.  I have been studying to write my 70-346 (Managing Office 365 Identities Exam) and realized that I was still really weak on ADFS and how all the pieces work together.  I decided I wanted to build a fully fleshed out ADFS environment in my own lab complete with a new Office 365 tenant and ADFS configured in high availability with the recommended 4 servers (redundant federation and redundant proxy servers). So that’s what I did and I’m going to walk you through the entire setup, starting from the very beginning.

Prerequisites 

All the links download are free for testing purposes. To follow along with this HOWTO you will need:

Credit where credit is due.  This HOWTO is based on basic ADFS deployment documentation found here: :
http://nolabnoparty.com/en/adfs-3-0-setup-upn-suffix-for-office-365-sso-pt-1/

Continue reading

I recently upgraded my laptop from the now four year old Lenovo W530 to a shiny new Lenovo P50 complete with a Xeon 2.8Ghz CPU, 64GB of RAM and an NVME M.2 boot drive.  Not only did I upgrade the hardware but I also switched from Windows 8.1 to Windows 10.  So far so good.

Being that I’ve always owned laptops, I always try to take precautions against data loss through theft via full disk encryption.  With the release of BitLocker, this has been an remarkably seamless security improvement and I’ve used Bitlocker transparently for years.  So far so good.

Continue reading

This is a quick fun little HOWTO.  The was an article on CollegeHumor today that looked like this:

01010100 01101000 01100101 00100000 01110010 01101111 01100010 01101111 01110100 01110011 00100000 01100001 01110010 01100101 00100000 01100001 01101101 01101111 01101110 01100111 00100000 01110101 01110011 00100000 01100001 01101110 01100100 00100000 01110111 01100101 00100000 01100001 01110010 01100101 00100000 01100001 01101100 01101100 00100000 01101001 01101110 00100000 01100100 01100001 01101110 01100111 01100101 01110010 00101110 00100000 01001000 01100101 01101100 01110000 00100000 01110101 01110011 00101100 00100000 01000111 01101111 01100100 00101110

I was of course curious what the message above actually said so I wondered how quickly I could figure that out with PowerShell.  The answer?  Pretty gosh darn quick.

((gc c:\temp\binary.txt) -split " " | % { [char]([convert]::ToInt32("$_",2)) }) -join ""

Continue reading