$theTitle=wp_title(" - ", false); if($theTitle != "") { ?>
About Virtualization, VDI, SBC, Application Compatibility and anything else I feel like
27 Jun // php the_time('Y') ?>
In my previous post I wrote about a problem I had with duplicate RID Allocation pools.
But how do we get more insight into these RID Allocation pools?
The DCDIAG tool can display this information per domain controleler using the following syntax
1 | dcdiag /s:server /v /test:ridmanager |
Example output:
But where in Active Directory is this information stored and can we display it for all Domain Controllers at once for larger environments?
27 May // php the_time('Y') ?>
I just read an answer on StackOverflow with this code:
1 2 3 4 5 6 7 8 9 10 11 12 | var eu:DWORD; begin asm mov eax,[fs:$4] mov ebx,[fs:$8] sub eax,ebx mov eu,eax end; ShowMessage(IntToStr(eu)); end; |
Unfortunately it lacked explanation, so what does this code do?
It reads offset $4 from the Thread Information Block (the top of stack) into eax and then offset $8 (stack base) into ebx.
Then it substracts the two and moves that into variable eu, that’s all!
18 May // php the_time('Y') ?>
Again an old war story, this time about timezone handling in Outlook/Exchange.
I am not sure which year it was but I had just started to work for a new company and inherited an Exchange 5.5 Server.
The mail had been migrated from an earlier version and calendar data was migrated from Schedule+.
On the first change to Daylight Savings (DTS) all recurring appointments where shown one hour later (or earlier can’t remember) in Outlook. A manual change was not an option: there were over 2000 mailboxes each with a lot of appointments.
We first tried a workaround by disabling DTS on the the workstations and then manually change the time when changing from and to DTS.
But this influenced the timestamps on externals mails and of course appointments with external parties.
After a lot of (and I really mean a lot) of researching I found that Outlook stores all times in an appointment as relative (UTC) time.
Upon display it uses an undocumented TimeZone descriptor field to convert to Local Time.
18 May // php the_time('Y') ?>
I just found a very old backup file containing old source code for a few tools I wrote ages ago.
This was in 1997 on my first job for a company called PTT Telecom (the Dutch Telecoms) and I wrote some tools to make life easier.
They were all written in Turbo Pascal and supported Long Filenames when running under Windows ’95 (there was a trick to do that under DOS).
The first tool was called Retreive Tool, it parsed a backup file from a private branch exchange (PBX) and could make reports about Licensing, the hardware in the PBX, Extension numbers and their hardware positions and so on.
3 Mar // php the_time('Y') ?>
In the previous parts (part 1 part 2) i’ve described the theoretical part and implementation problems. So, now we can write the code:
1) In case we login the user, we just call LsaLogonUser to get the token:
(more…)
2 Mar // php the_time('Y') ?>
In part 1 I’ve described the theoretical parts needed for a custom autologon application implementation.
But there are some practical problems which I will describe here.
1) I use the LsaLogonUser function to log in the user. However, if I do not pass not null for the LocalGroups parameter, msgina.dll fails to process the logon.
Why? Because it looks for the SE_GROUP_LOGON_ID SID and treat it as logon SID. So we have to add the logon SID manually:
(more…)
28 Feb // php the_time('Y') ?>
Windows XP introduced the ability to use Fast User Switching (FUS from here on), which is implemented using Terminal Services.
But in some cases (i.e. when FUS is not enabled, or when you connect to the console in Windows 2003 server), the Winlogon process in an RDP session needs to transfer credentials to Session 0.
Although not documented in MSDN, the process of transferring credentials is described by Keith Brown in the June 2005 issue of MSDN magazine: Customizing GINA, Part 2.
WlxQueryConsoleSwitchCredentials and WlxGetConsoleSwitchCredentials are used in the transfer with the semi-documented WLX_SAS_TYPE_AUTHENTICATED SAS code constant.
Internally, winlogon.exe uses a Named Pipe, \\.\Pipe\TerminalServer\AutoReconnect, to implement both of these functions.
The pipe format is described in this structure:
(more…)
29 Jan // php the_time('Y') ?>
If you want to obtain a user’s token in a Terminal Server or Citrix session (eg to launch a process in a session) you can call the WTSQueryUserToken function.
On the x64 versions of Windows XP and Server 2003 this function fails however and returns ERROR_INSUFFICIENT_BUFFER (“The data area passed to a system call is too small.”) when called from a 32 bit process.
Internally WTSQueryUserToken calls the undocumented function WinstationQueryInformationW with the WinStationUserToken class (14) and passing a WINSTATIONUSERTOKEN struct, filled with caller ProcessId and ThreadId.
But on x64 Windows the size of this structure is 24 bytes, while on 32 bit Windows the size of the structure is 12 bytes!
20 Jan // php the_time('Y') ?>
As you may know, you can enumerate processes of a specific Terminal Server or Citrix session using the NtQuerySystemInformation function.
On x86 system the code below works fine:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 | var Status : NTSTATUS; RetLength : DWORD; SessionInfo : SYSTEM_SESSION_PROCESS_INFORMATION; CurrentProcess : PSystemProcesses; begin SessionInfo.SessionId := SessionId; SessionInfo.Buffer := nil; SessionInfo.SizeOfBuf := 0; Status := NtQuerySystemInformation(SystemSessionProcessesInformation, @SessionInfo, SizeOf(SessionInfo), @RetLength); while (Status = STATUS_INFO_LENGTH_MISMATCH) do begin SessionInfo.SizeOfBuf := RetLength; SessionInfo.Buffer := GetMemory(RetLength); try Status := NtQuerySystemInformation(SystemSessionProcessesInformation, @SessionInfo, SizeOf(SessionInfo), @RetLength); if NT_SUCCESS(Status) then begin CurrentProcess := SessionInfo.Buffer; while True do begin // Your code here if (CurrentProcess^.NextEntryDelta = 0) then Break; Cardinal(CurrentProcess) := Cardinal(CurrentProcess) + CurrentProcess^.NextEntryDelta; end; Exit; end; finally FreeMemory(SessionInfo.Buffer); end; end; SetLastError(RtlNtStatusToDosError(Status)); RaiseLastOSError; end; |
While this works fine on Windows XP and 2003 x86, it fails to work correctly on the x64 versions of Windows XP and 2003 (or maybe even higher).
The problem is that RetLength is always SizeOf(SYSTEM_SESSION_PROCESS_INFORMATION) and thus we are in an endless loop!
19 Jan // php the_time('Y') ?>
I just recorded a SasLibEx Screencast, it shows some of the very powerfull features of SasLibEx.
The following features are shown: