Using PowerShell to Resolve SIDs to Friendly Names

Time and time again I run into an issue that presents me with a SID which I need to resolve.  I’ve used a number of tools and scripts over the years to address this issue.  I think I have the best and easiest method for me to solve this issue that always seems to pop up.

If you’re new to PowerShell you will want to make sure you have it installed if you want to use this script…and yes it is a script not a command.  I do this by opening a text file and renaming it from a .txt file to a .ps1 file.  When you try to open a .ps1 file it may open in your text editor but for this you will want to Right Click it and select Edit which will open up whatever you have as your PowerShell editor.  Copy the following code into the Script Pane:

$objSID = New-Object System.Security.Principal.SecurityIdentifier
    ("S-1-5-21-768745588-123456789-987654321-500")
$objUser = $objSID.Translate( [System.Security.Principal.NTAccount])
$objUser.Value

Now just save this file and you can run it to return the results of the SID that you place in there.  The one thing that will change is the actual SID.  In this example i’m using S-1-5-21-768745588-123456789-987654321-500 which is the Well Known SID for the domain Administrator.  My results should show me the friendly name.  Anytime you change the SID you will have to resave the file but then just Run the script and it will show you the results.

I’m sure there is a way I could make this into an application but I”ll leave that fun for those looking to take this to the next step.

Windows 7 Aero and Microsoft Live Meeting

I do a lot meetings and training via Live Meeting.  One thing that has irked me for sometime has been that when I share my desktop it goes into a Basic display mode and disables all the cool Aero features.

I’ve figured out a workaround to this.  After you share your screen go the start menu and paste the following into the search box – Find and fix problems with transparency and other visual effects.  If you have UAC on it will prompt you to click Yes.  The next screen that pops up is a troubleshooter wizard shown below.

image

If you click next it will go through a process where it checks features and HW to see if Aero can run.  If it worked prior to sharing in Live Meeting it should now work after you run it.

I haven’t found a method to save this theme or settings but each time I need it I run this tool and it gives me the ability to run Aero features!

Posted in Windows 7. No Comments »

Disable Windows 7 Shake

I’m a huge fan of Windows 7.  I love just about everything with it.  There is one feature that I seem to always fight with and that is Windows Shake.  Take a look here if you are not familiar with this feature.  Most people like it, perhaps I just shake a bit to much!  If you’re like me and you want to disable this feature follow the steps below to edit the registry to do so.

  1. From the Start Menu Search or Run dialog box type Regedit (depending on your UAC configuration you may have click Yes to open it)
  2. Navigate to the following key – HKEY_CURRENT_USERSoftwarePoliciesMicrosoftWindows
  3. Right-click on Windows key and create a new key called Explorerimage
  4. Right-Click on the Explorer folder you just created and create a new DWORD (32-bit) Value key (even if you have installed the 64bit version of Win7)
  5. Name the DWORD – NoWindowMinimizingShortcuts
  6. Assign it a value of 1
  7. Close Regedit
  8. Log off and log back on to have the key take affect.
Posted in Windows 7. No Comments »

Lock Your Workstation

I’m sure you are like me when it comes to locking your desktop.  You ALWAYS do it.  Most if not all corporations today have a group policy in place that at least sets the Screen Saver on after a certain amount of time and requires a password for security reasons (User Configuration – Administrative Templates – Control Panel – Personalization – Password protect the screen saver).

You know as well as I do that there is always that one person that seems to always forget to lock their workstation.  Sure the group policy will kick in…eventually.  During that time the system is unlocked and the data vulnerable.

Since i’m such a huge fan of shortcuts I have two for the price of one today.  I will show you two methods to lock your workstation…even for those very forgetful people.

Method 1 (and what I think is the easiest)

By pressing the Windows key and L on the keyboard you effectively lock the system.  I use this one ALL the time.  It is the quickest method that I know.  However some people are not so keyboard shortcut friendly.

Method 2

For the people that prefer to use their mouse here are several steps to create a desktop shortcut.  This method is very similar to the post I had on creating a shortcut for the Network Properties in Server 2008.

1. From where ever you want the shortcut create, Right click and select New –> Shortcut  (I recommend the Desktop)

 

2. Put the following path into location rundll32.exe user32.dll,LockWorkStation



3. Click Next and type whatever you would like the name of the Shortcut Icon to appear as and click Finish.



4. Time to change the way the Icon looks – Right Click on the newly created Shortcut and select Properties

 

5. Click the Change Icon… button and change the path to %SystemRoot%system32SHELL32.dll and now pick whichever Icon you prefer.

 

6. We finally have an icon available to lock the workstation on the Desktop.

 

I personally love when people at work leave their workstations unlocked.  Like a lot of you i’m sure you like to teach that person a lesson.  Perhaps mess with the background…a nice screensaver message on how much they look up to me!

How Active Directory PowerShell CMDLETS find a DC running Active Directory Web Services

If you have been playing with the the AD PowerShell cmdlets you know that it requires a few things to run, first Windows Server 2008 R2 or Windows 7, the .NET Framework 3.5.1 and of course if you want to manage an AD domain you need Active Directory Web Services (ADWS) installed on at least one domain controller. 

By the way ADWS requires TCP port 9389

So how in the world does a Windows 7 system know how to find a DC running ADWS?  Well your client running PowerShell will use the normal DC locator process.  First the client will determine which site it is in nltest /dsgetsite and then it will determine the closest DC nltest /dsgetdc:<FQDN Domain>.  It is looking at the DC for the following flag:

DS_WEB_SERVICE_REQUIRED

More info on that flag can be found here.

Now what if you don’t have Server 2008 R2 DCs?  With Server 2003 and Server 2008 a problem occurs because the Net Logon service of those domain controllers does not recognize the DS_WEB_SERVICE_REQUIRED flag.  There are two hotfixes (one for what ever version of AD you are running) available to fix that in those environments.  Server 2003 and Server 2008

After you install this hotfix the AD PowerShell module and Active Directory Administrative Center will be able to locate DCs that have Active Directory Management Gateway Service installed, similar to Active Directory Web Services (ADWS) on a Windows Server 2008 R2-based computer.

Windows 7 Finally Gets LDS

UPDATE – Microsoft appears to have taken this download down.  No word why or when it will be back up.


Looks like Microsoft just make the Windows 7 LDS (Lightweight Directory Services) client available.  You can find both 32 and 64 bit clients here.


For those that aren”t familiar with LDS, it is the Server 2008 replacement for ADAM, otherwise known as Active Directory Application Mode.  While i”m no developer LDS is a good platform that applications that require directory storage and access.  Have most of the components of Active Directory without the complete infrastructure needed for Active Directory.

PowerShell and the Event Viewer

With PowerShell 2.0 being released with Windows 7 and Server 2008 R2 there are plenty of fun stuff to do.  Although what I”m about to show you is not specific to PoSh 2.0 but it a great way to pull info from the Event Viewer.

When I’m presented with a problem on a server one of the first place I go is the Event Viewer.  Sure there are ways to filter it but I’d always wanted a way to dump that filter into another file to review later on another system.  PowerShell gives you a great method for displaying events as well as saving those results to a file.

The Event Log has several cmdlets available which can be seen here:

Get-EventLog
Clear-EventLog
Write-EventLog
Limit-EventLog
Show-EventLog
New-EventLog
Remove-EventLog

As you can see you can read an write to the Event Viewer here.  The Get-EventLog cmdlet is a favorite of mine.  With it you specify which Event Log to view and off you go.  Below is an example of using that command and showing how to only list the first 20 events.

Get-Eventlog -Logname System -Newest 20

Now if you want to save that you have several options.  You can save it as a text, htm or csv file.  Realize it may take awhile to build the whole file.  Below show the commands needed to output the files.

Get-Eventlog System | Out-file c:Tempsystem.txt
Get-Eventlog System | ConvertTo-html | Out-file c:Tempsystem.htm
Get-Eventlog System | ConvertTo-csv| Out-file c:Tempsystem.csv

The great thing is you don’t have to show everything.  If you want you can filter by the Event ID by using the –instanceid switch.  Below is an example.

Get-Eventlog System -instanceid 4 | Out-file c:TempEventID4.txt

As you can see PowerShell is really handy when it comes to EventLog management.  The best part is I haven’t even talked about Remoting.  You can use PowerShell to remote into other machines in your environment running PowerShell 2.  But that is another story…

Windows 7 Intro and Cool Features

Unless you’ve been living under a rock for the last year, I’m sure you’ve heard that Microsoft has released its new client operating system Windows 7. Not only have they released Windows 7 but they have done so with great fanfare. I haven’t heard and read this much good news about a Microsoft operating system in…well to be honest never. Sure Microsoft has had success in the past but they really seem to have hit the mark with this one. In this article I’d like to discuss some of the new features from Windows XP & Vista.

Being a member of the Windows 7 TAP (Technology Adoption Program) and Beta I’ve been using Windows 7 at home and work for over 9 months now. Although there have been some issues (most of my experience has been with beta and release candidate software) my overall impression has been very positive. Right off the bat Windows 7 feels like a modern operating system. You can tell that Microsoft spent a lot of time making things easier for users. In fact if you have experience using Windows Vista you won’t find Windows 7’s navigation that much different. I’m not saying Windows 7 is like Windows Vista, for one it is much more responsive than its predecessor. Microsoft has fine-tuned the kernel of Windows 7 to deal with memory much better than Vista and has limited the number of background services to help reduce the resource footprint needed to run the operating system.

With every new operating system come new advancements within the capability set delivered, and Windows 7 delivers. I’m going to be spending most of my time comparing Windows 7 to Windows XP. The biggest change you will see is what you see. Windows 7’s interface is different than Windows XP but not so much that you will be lost. First you will no longer find the comforting Start Button in the bottom left hand corner as it has been replaced by a Windows logo that performs the same function. Once clicked on you will see a much improved menu over the Windows XP start menu. Directly over the Windows logo is a search box that can be used to type in not only names of applications but also locally stored files. The menu will start to auto-populate with your results and is a great shortcut to open applications that you would normally have to search all over for. This search field also can be used as a replacement for the Run Dialog but although it is not a replacement and the Run option can be added back using the advanced settings. Directly above the search box is where you will find the All Programs option. Once clicked on it will display your installed applications much like previous versions of Windows did. Windows 7 is all about shortcuts to common tasks and you will find the most commonly used applications will also be listed on this menu screen. You will find shortcuts to common areas like My Computer or Control Panel on the right of this menu. I really like the feel of the new Menu as it allows me to access the apps and data I need much quicker and easier.

Speaking of making things easier, there are four features I’d like to share with you that are really cool and designed to make your life easier.

1. Windows Taskbar – The Windows Taskbar has been improved to allow for easy navigation between open windows and quick easy access to commonly used applications. First you have the ability to right click an application and “Pin to Taskbar”. This will give you quick access to that application or Explorer Windows (perhaps My Videos). Once you do that you can hover your mouse over the item and if the windows or application is open it will show you a preview of the open window. It even shows the video while it is playing!

clip_image001

I can tell you this is a life saver when you have multiple emails or Word documents open. Instead of Alt-Tab’ing through them I can now just hover over the icon on the task bar and view all the open windows.

clip_image002

2. Jump Lists – Jump lists are quick easy ways to open a recent document, picture, song or website. All you have to do is right click on the icon that is either opened on the task bar (picture below) or some apps will expand this out via the Start Menu.

clip_image003

3. Snap – Snap is a nifty little way to resize open windows by dragging them to the edges of your screen. All you do is drag an open window to the left of your screen and it will Snap to that side and take up half the screen. You can take another open window and Snap it to the right to be able to view both those windows side-by-side. Here is a look at the before and after when using Snap.

clip_image004

clip_image005

Another option I like in snap is to drag a window to the top of the screen and it will open in full screen.

4. Windows Search – Windows 7 has several ways to make finding what you’re looking for much easier. On any folder that you open up you have the ability to perform a search by typing in the name of the item you are looking for. It actually starts displaying results as you type in information. You even have the ability to filter by other attributes such as size, author, date etc…

clip_image006

Windows 7 is going to be a big change for people adopting from XP. The interface is drastically different than some people are used to using. However Microsoft has done an excellent job in its design to make it more user friendly. Microsoft has also included a ton of new features that are intended to make common tasks very simply

Posted in Windows 7. 1 Comment »

Windows 7 Editions

Just heard word from Microsoft that they have released the official SKUs for Windows 7.  Nothing mind blowing here and it looks an awful lot like Windows Vista SKUs.  The first two 7 Starter and 7 Home Basic will not be offered in the US.  I”ve also heard that the upgrade from one edition to the next is going to be only a few minutes and not a total reinstall.  Now that would be a welcome relief!
Windows 7 Starter Windows 7 Home Basic Windows 7 Home Premium Windows 7 Professional Windows 7 Enterprise and Ultimate
Key Feature list · Broad app and device compatibility with up to 3 concurrent applications · Safe, reliable, and supported · Ability to join a Home Group · Improved taskbar and JumpLists · All Starter features · Unlimited applications · Live Thumbnail Previews & enhanced visual experience · Advanced networking support (ad-hoc wireless networks and internet connection sharing) · Mobility Center · All Home Basic features · Unlimited applications · Aero Glass & advanced windows navigation · Easy networking & sharing across all your PCs & devices · Improved media format support, enhancements to Windows Media Center and media streaming, including Play To · Multi-touch and improved handwriting recognition · All Professional features · Unlimited applications · Ability to join a managed network with Domain Join · Protect  data with advanced network backup and Encrypting File System · Print to the right printer at home or work with Location Aware Printing · All Professional features · Unlimited applications · BitLocker data protection on internal and external drives · DirectAccess provides seamless connectivity to your corporate network.  (requires Windows Server 2008 R2) · Decrease time branch office workers wait to open file across the network with BranchCache. (requires Windows Server 2008 R2) · Prevent unauthorized software from running with AppLocker Note: Ultimate includes all Enterprise and all Home Premium features, including multi-language packs. –  Windows 7 Enterprise is available only through Microsoft Volume Licensing
Posted in Windows 7. No Comments »