Jason Day

Jun 262013

Turning CSV-Files into “Databases”

Let’s assume you have a CSV file with information that you need to frequently look up. For example, the CSV file may contain server names and certain configuration settings for them.

To easily look up items in your CSV file, you can turn it into a hash table. Let’s first create a test CSV file to play with:

# create
test CSV file




Year, ID, Description, Metric









Next, let’s turn this CSV file into a lookup table, using the column “Servername” as key column:

analyzing any CSV file content:



# listing
CSV file keys:



It works! Note how the code uses Group-Object to create the lookup table. Note also that its parameter -Property determines the CSV file column it uses to index the information. You just need to make sure that the information in this column is unique (has no duplicate entries).

Now it is very easy to lookup information from your CSV file data:

# looking
up individual server information:



# testing
whether a given server is contained in list:


Source: Powershell.com


Jun 212013

Getting the following Error messages in the Application Event for both Windows 2003 and 2008 Servers

Windows 2003 R2

EVENT LOG Application
SOURCE AutoEnrollment
DATE / TIME 6/21/2013 7:35:44 AM
MESSAGE Automatic certificate enrollment for local system failed to enroll for one Domain Controller Authentication certificate (0x80070005). Access is denied.

Windows 2008 R2


EVENT LOG Application
OPCODE Spooler Operation Succeeded
SOURCE Microsoft-Windows-CertificateServicesClient-CertEnroll
DATE / TIME 2013/06/21 11:26:44 AM
MESSAGE Certificate enrollment for Local system failed to enroll for a DirectoryEmailReplication certificate with request ID N/A from ????\????-CA (The RPC server is unavailable. 0x800706ba (WIN32: 1722)).


Checked the following on the CA server

  1. Ensure that “Authenticated Users” group is in the “Certificate Service DCOM Access” group.
  2. Check the DCOM Access Limit of “My Computer” of the DC
    •   On the server, run dcomcnfg.exe.
    • On the Component Services console, navigate to Component Services\Computers\My Computer.
    • Right-click My Computer, select Properties, verify that Enable Distributed COM on this computer is selected in the Default Properties tab.
    • Click the COM Security tab, Click Edit Limits in the Access Permission section and ensure that Everyone and Certificate Service DCOM Access has Local Access and Remote Access permissions.
    • Click Edit Limits in the Launch and Activation Permission section and ensure that Certificate Service DCOM Access group has Local Activation and Remote Activation permissions.
    • Click OK



Apr 052013

Microsoft Lync 2010 locking out Active Directory account

Had a users Active Directory account keep locking out each time logging onto machine or opening up Microsoft Lync 2010 client. This was on a Windows 7 Professional OS.

I ran the below procedure to resolve:

  1. Close all applications including Lync client
  2. Delete all files/folders from
    1. %userprofile%\AppData\Roaming\Microsoft\Communicator\
    2. %userprofile%\AppData\Local\Microsoft\Communicator\
  3. Delete the registry Key HKEY_CURRENT_USER\Software\Microsoft\Communicator
  4. Run from Command Prompt “Run as Adminsitrator”
    1. rundll32.exe keymgr.dll, KRShowKeyMgr
Apr 012013

The new Cisco Packet Tracer 6 looks pretty much the same as previous release 5.3.3, also still geared towards CCNA learning. I do still highly recommend using GNS3 which provides emulation instead of simulation.

Packet Tracer allows activity authoring for approximately 80% of the topics and skills required for CCNA Certification, and has relevance to CCNA-Security, CCNP, IT Essentials, and general TCP/IP courses as well. Although the program includes some sample activities, we strongly encourage you to share activities that you create with others in the CCNA teaching and learning community. In addition, integrated into the Discovery and Exploration courses are hundreds of already-written Packet Tracer activities.

The following have been highlighted as new from the previous version:

Protocol Improvements
Packet Tracer now models these new or improved features: HSRP for IPv4 and IPv6, IPv6 DHCP, IPv6 tunnel over IPv4, IPv6 DHCP binding, Send command for routers, ACL sequence numbers.

General Improvements

  •     Supports current LTS version of Ubuntu and stopped support for Fedora
  •     IOS 15
  •     HWIC-2T and HWIC-8A modules
  •     CAB-HD8-ASYNC cable
  •     IPv6 in IP Configuration under Desktop
  •     Terminal server for routers
  •     PC Firewall for IPv4 and IPv6
  •     Servers with 2 NICs
  •     Circling tool
  •     Improvements to Activity Wizard and Variable Manager


New Devices

  • Cisco 1941
  • Cisco 2901
  • Cisco 2911




Mar 182013

Samsung Galaxy S III versus S IV

Below table is a basic break down of the specifications difference between the Samsung Galaxy S III and S IV

CPU Exynos 4 Quad processor 1.4Ghz Exynos 5 Octa processor 4x 1.6GHz & 4x 1.2Ghz
Screen Size 4.8 inch 5 inch
Resolution 720×1280 1080×1920
Phone Size 136.6mm x 70.6mmx 8.6mm 136.6mm x 69.8mm 7.9mm
Weight 133g 130g
Storage 16GB, 32GB and 64GB models plus a microSD card slot Same
Camera 8Mp Rear / 1.9Mp Front 13Mp Rear / 2.1 Front @ Full HD
Feb 152013

Must have tool for VMWARE Administrators, and its free!

RVTools is a windows application to display information about your virtual machines and ESX hosts.

RVTools is able to list information about VMs, CPU, Memory, Disks, Partitions, Network, Floppy drives, CD drives, Snapshots, VMware tools, ESX hosts, HBAs, Nics, Switches, Ports, Distributed Switches, Distributed Ports, Service consoles, VM Kernels, Datastores and health checks.

With RVTools you can disconnect the cd-rom or floppy drives from the virtual machines and RVTools is able to update the VMware Tools installed inside each virtual machine to the latest version.

Get it here


Jan 232013

Checking System Uptime

In a previous tip we explained how you read date and time information from WMI and convert it into a regular date and time information. With this technique, you can then manipulate and calculate with the regular date and time functions. So, this piece of code returns the days a given system is running since the last reboot was done:





‘Your system is running for {0:0.0} days.’-f$days

from PowerShell

Jan 212013

When choosing between the MP4, MOV, FLV, WMV and AVI containers, MP4 is the best option.

Use MP4 with H.264 video codec and the AAC audio codec, for best compatibility and compressing your video.

H.264 video is supported by most players, browsers, plugins and devices available. It offers one of the best algorithms for compressing your video and being freely available.

I would recommend using VLC for playing your video and audit files.

For re-encoding video files I highly recommend HandBrake

Matrix of Best Video Output

Output size Filesize
320×240 pixels 400 kbps 3MB / minute
480×270 pixels 700 kbps 5MB / minute
1024 x 576 pixels 1500 kbps 11MB / minute
1280×720 pixels 2500 kbps 19MB / minute
1920×1080 pixels 4000 kbps 30MB / minute

Audio Output

Samplerate of 48 kHz for most of your videos or 22 kHZ if you are recording simple speech. Anything below 22.05 kHz will begin to degrade and distort low volume sounds such as breathing to the point where it is noticeable.

Bitrate In the end you will probably be looking at 96 – 164kbps for a stereo music tracks.  If you are once again dealing with speech only tracks you can probably even get comprehensible sound as low as 16 – 24 kbps.

Jan 092013

A variety of servers will need to get attention this month to correct vulnerabilities. Two are rated critical. MS13-001 corrects a print Spooler vulnerability. The remote attacker does not need to be authenticated. The workaround involves disabling the print spooler. Best practice is to disable all unnecessary services.

Vulnerabilities have been noted in XML Core Services with MS13-002 (the other bulletin for critical updates).

Microsoft indicates that SCOM 2007 servers are vulnerable to XSS attacks. It seems if users with access to the SCOM go to a malicious web site, the exploit is possible. It should be noted that SCOM 2007 SP1 has not patch at this time but there is a patch for SCOM 2007 R2.

MS13-004 will affect servers that run untrusted .net applications.

MS13-006 involves a security feature bypass vulnerability in which SSL version 3 or TLS which silently downgrades to SSL version 2 (a weak encryption technology).   The next two affect primarily workstations and Terminal servers .

MS13-005 indicates a vulnerability in the Windows kernel mode driver.

MS13-007 indicates a denial of service attack is possible but not likely with some versions of .net framework in the Open Data Protocol.

Bulletin Exploit Types
/Technologies Affected
System Types Affected Exploit
details public?
/ Being exploited?
MS severity rating Products Affected Notes Randy’s recommendation
MS13-0032748552 Privilege elevation Servers No/No No Important System Center Config Mgr 2007 Patch after testing
MS13-0022756145 Arbitrary code/ XML Core Services Workstations
Terminal Servers
No/No No Critical XP
Office 2003
Office 2007
Server 2003
Office Compatibility Pack
Server 2008
Expression Web
XML Core Services
Server 2008 R2
Windows 7
SharePoint Server 2007
Windows 8
Server 2012
Patch after testing
MS13-0042769324 Privilege elevation/ .Net Framework Workstations
Terminal Servers
No/No No Important XP
Server 2003
Server 2008
Server 2008 R2
Windows 7
Windows 8
Server 2012
Patch after testing
MS13-0072769327 Denial of service/ Open Data Protocol Workstations
No/No No Important XP
Server 2003
Server 2008
Server 2008 R2
Windows 7
Windows 8
Server 2012
MS13-0012769369 Arbitrary code/ Print Spooler Workstations
No/No Yes Critical Server 2008 R2
Windows 7
Restart Req’d Patch after testing
MS13-0052778930 Privilege elevation/ Windows kernel mode drivers Workstations
Terminal Servers
No/No No Important Vista
Server 2008
Server 2008 R2
Windows 7
Windows 8
Server 2012
Restart Req’d Patch after testing
MS13-0062785220 Security feature bypass/ SSL and TLS Workstations
No/No No Important Vista
Server 2008
Server 2008 R2
Windows 7
Windows 8
Server 2012
Restart Req’d Patch after testing


Want something better than WSUS, try Lumension Patch and Remediation

Jan 012013

Continental 185/60R15 84H Premium Contact 2

Bought these to replace two front tyres of my Toyota Yaris Spirit 2006

I would definitely recommend these tyres as driving has been very smooth and responsive.

Continental 18560R15 84H Premium Contact 2

The first three numbers in a typical size (225/45R17) are the tyre’s indicated section width in millimeters, measured from sidewall to sidewall.
The second pair of numbers (225/45R17) is the tyre’s aspect ratio or profile. This is a ratio of sidewall height to section width.
The last number (225/45R17) is the diameter of the wheel in inches.

The first two digits (84H) represent the tyre’s load index and are followed by a single letter (84H) identifying the tyre’s speed rating.


Load Index Kilograms Load Index Kilograms
71  345  91  615 L 120 km/h
72  355  92  630 M 130 km/h
73  365  93  650 N 140km/h
74  375  94  670 P 150 km/h
75  387  95  690 Q 160 km/h
76  400  96  710 R 170 km/h
77  412  97  730 S 180 km/h
78  425  98  750 T 190 km/h
79  437  99  775 U 200 km/h
80  450  100  800 H 210 km/h
81  462  101  825 V 240 km/h
82  475  102  850
83  487  103  875
84  500  104  900
85  515  105  925
86  530  106  950
87  545  107  975
88  560  108  1000
89  580  109  1030
90  600  110  1060



Continental 18560R15 84H Premium Contact 2 (2)
It is very important that you check your speed rating before buying your tyres. Choosing a tyre with a lower speed rating could invalidate your insurance.
Check the hand book that came with your vehicle for details or contact your local dealership.
Happy driving!