Restore an account from AD
Today I ran into a situation where someone accidentally deleted an account by mistake. It is pretty easy to solve something like that when you have the right tools.
For this recipe, you will need:
- adrestore, a great tool from our friend Mark
- Admin rights on AD, to perform what you have to do
For your sake, AD keeps deleted record for 30 days by default. If it was an important account, there are great chances you notice it is missing before the 30 days. Past those 30 days, you will need to use the "standard authoritative" AD backup method.
Your application using the deleted account will complain and a query on AD reveals it is not there. Not a problem, just follow the 4 easy steps below:
1. Restore the missing account
adrestore.exe -r MissingAccount
Enumerating domain deleted objects:
cn: MissingAccount
DEL:eab4d5e6-493b-4a64-aae8-360e730a5938
distinguishedName: CN=MissingAccount\0ADEL:eab4d5e6-493b-4a64-aae8-360e730a5938,CN=Deleted Objects,DC=rgare,DC=net
lastKnownParent: OU=Service Accounts,OU=Users,OU=Montreal (MTL),DC=COMPANY,DC=net
Do you want to restore this object (y/n)? y
Restore succeeded.
Found 1 item matching search criteria.
2. Query to check its existence
dsquery user -name MissingAccount
"CN=MissingAccount,OU=Service Accounts,OU=Users,OU=Montreal (MTL),DC=COMPANY,DC=net"
3. Reset Password as restored account comes back empty
net user /domain MissingAccount Password
4. Activate Account
dsquery user -name MissingAccount| dsmod user -disabled no
dsmod succeeded:CN=MissingAccount,OU=Service Accounts,OU=Users,OU=Montreal (MTL),DC=COMPANY,DC=net
At this point and under 3 minutes, the deleted account is restored and ready to be used. It even kept its SID but you will have to repopulate some of its attributes such as Description and so on.
checking out your Postini Message Center from Outlook
If you use Postini for your spam protection and Outlook as your email client, you may want to streamline your Postini use doing the following:
- In Outlook, Select View>Folder list
- Right-click on “Outlook Today” and select “New Folder”.
- Call the folder whatever you chose to name it or Spam for lack of imagination. When prompted add an Outlook shortcut to the shortcut list. The shortcut will be placed on “My Shortcuts” but can be moved to the other Shortcut lists as necessary.
- Right click the “Spam” folder, select “Properties”.
- Select the “Home Page” tab in the Properties window.
- In the address window type the following URL and select the checkbox labeled “Show home page by default for this folder”:
- http://login.postini.com
- Click “Apply” and “OK”.
- Click on the Spam folder, login to your Message Center and if desired, select “Remember my Address and Password”
- Close Outlook
The next time Outlook is opened and the Spam folder is selected, the Message Center should appear within Outlook.
Search for a file with Powershell
I am slowly converting my command line skills from the good old command prompt to powershell. It is quite different and somehow very powerfull.
I will probably be sharing a few basic tips for daily life using powershell on your computer.
Today is a substitute to the old:
dir /s *filename*
So if you are looking for a file or directory in your file system try something simple like this:
dir -recurse -filter *filename* | sort name | ft directory, name
In fact, dir doesn't even exist anymore, dir is an alias of get-childitem.
I am not sure I should debate about this feature as MSFT does that very well on technet.
Just to sum up it is in fact a very powerfull search tool.
Hive corruption Fix Access Restore Point using Recovery Console
A colleague came to me today with an interesting issue.
Windows XP would not start as some system hive was corrupt.
Windows XP could not start because the following file is missing or corrupt: \WINDOWS\SYSTEM32\CONFIG\SYSTEM
Stop: c0000218 {Registry File Failure} The registry cannot load the hive (file): \SystemRoot\System32\Config\SYSTEM or its log or alternate
CAUSE
This issue can occur if the System or Software hive for the Windows XP installation is missing or damaged.
Microsoft does describe the issue very well and it appears quite simple to fix. You want to check this KB for more info.
The fixing process is fairly easy and requires to use the recovery console to make a copy of the current corrupted system files (or not if they are totally missing) and replace them with a backup that windows does.
We are talking about files on c:\windows\system32\config to be replaced by copies.
Everything would have been easy and neat if everything was there as said. Yes, windows is to backup those up into the repair folder. But sometimes it happens.
I was interested in that SYSTEM file, but it was not there. The remaining option would have been to reinstall windows XP offer and have quick and dirty fix.
There had to be another way. Digging into my memory I though about other ways that Windows would have made another copy of those files. Restore Point snapshot was the answer!
Actually restore point are easily accessibly to the recovery console.
Booting from the XP CD. I started Windows Setup and press R to access the recovery console.
Just using the following command, you can get into the restore point files.
cd c:\
cd "system volume information\_resto~1"
dir
You'll see a list of restore point folders with names such as RP1, RP2 and so on. Pick the restore point you wish to use, using the folder date stamps to guide you. Enter the commands:
cd RPx (the restore point you chose)
cd snapshot
This takes you into the folder containing the restore point snapshot files. Then I could just copy what I needed to the target.
copy _Registry_machine_system C:\Windows\System32\Config\System
Sometimes, it is not because you don't see or if it is not where it is supposed to be that it is not there!
Make sure your PC is ready when you arrive in the office
You know you try to make your personal PC as efficient as it can be. In the office it is a different story especially when you have bunch of mandatory compliance stuff to load on startup. That's when regulatory compliance becomes a real pain. Well if it takes 20 minutes to load everything and you cannot do anything then you should try to use from technologies that are available around you.
1. My computer's BIOS supports autostartup, so I have it set to come on at 7:20AM every day (I arrive at the office at 8AM).
2. I use TweakUI to autologin to the computer, use kb315231 otherwise. This gets it starting and lets all the startup programs take however long they need to get going.
3. REMAIN COMPLIANT. I have a shortcut in my startup menu with a target of: %windir%\system32\rundll32.exe user32.dll, LockWorkStation, which locks the workstation. This way, if anyone tries to power up my computer when I'm not there, they can't do anything, remember you are an admin.
4. I have a batch program in my startup menu with this command shutdown -s -t 7200 -c "If I'm not here, this computer will shut itself down." -f, which will shut the PC down in 2 hours. That way, if I'm out sick, the PC isn't on all day. Of course, if I'm late, I have 'till 9:20 or so to make it to my desk and abort the destruct sequence with #5...
5. I have a subfolder of Startup called Abort Shutdown, with a batch file in it with the command shutdown -a, which will (duh) abort the shutdown when I click it. The folder is open when I arrive, and the batch file is sitting there, waiting to be clicked on.
So, in the 40 minutes before I arrive, everything gets rolling. While 40 minutes might seem excessive, they are other things you may want to have your computer do while waiting for you such as backup or other sync.
This also works well in the middle of the day when a restart is required. I can fire and forget -- go get a double-double or something, and I don't have to come back just to log in and wait some more. By the time I'm back, it's ready to rock and roll.
Twits
- I think that my neighbor speaks super loud on the phone so she can get an office. can I get earplugs? 4 days ago
- Waiting... (@ Toronto East General Hospital) http://t.co/F6JUyNig 1 week ago
- Not sure I like the noisy and crowdy ambiance but the food and service is just awesome... I must go ahead but not o... http://t.co/4u31XOfT 1 week ago
- Not sure why it used to be much better...it was not what we order trying to make veal as beef?! Services was not ev... http://t.co/vQIijnPi 1 week ago
- I'm at Future Bakery & Café (483 Bloor St W, at Brunswick Ave., Toronto) http://t.co/0IwmUxyF 1 week ago
ING Direct Referal
Blogroll
Follow me
Jp
- ののちゃんのDO科学
- dictionnaire-japonais
- Jetaa Toronto
- Nihongo Juku
- Pera Pera Penguin
- SmartImports
- SpeedAnki
- WhiteRabbit
- 大人の漢字クイズ
KitKatNeko