Where in the blue hell is sysprep?

Are you trying to sysprep a Windows Server 2012 R2 box but can’t find sysprep.exe? Have you dropped to an administrative command prompt, typed sysprep /… like you have done for years and years only to be spanked with a

sysprep is not recognized as an internal or external command, operable program or batch file.

Did you fear that Microsoft pulled the utility that you have used for generations? Me too, on all counts. I both Binged, and then broke down and Googled and could not find anyone who pointed out what is obvious in retrospect. The sysprep utility is now in its own subdirectory, and therefore no longer in your path.

From your admin cmd prompt, cd into C:\Windows\system32\Sysprep and you will find what you’re looking for.

Oh look, there it is! c:\windows\system32\sysprep

howto://upgrade Active Directory to 2012R2

Alternate title, DCPROMO is dead! Long live some little yellow triangle! 

It being past time for me to upgrade Active Directory at home to DCs running 2012R2, I wanted to put together this little walkthrough for others looking for a procedure doc to cover schema and perms, or maybe even where the hell dcpromo went! If you’d like a 20K foot overview of what you need to do in order to add a 2012R2 DC to your domain, here’s what you need to know. Continue reading “howto://upgrade Active Directory to 2012R2”

howto://fix the hardware on the destination computer is not compatible

I’m in the middle of upgrading my Hyper-V servers at home from 2012 to 2012R2. To keep things up and running, I live migrated (shared NOTHING) the VMs from the first server to be rebuilt to the second. That worked just fine. I flattened the first server, installed 2012R2, added the Hyper-V role, and tried to move a VM back to it, only to be spanked with Continue reading “howto://fix the hardware on the destination computer is not compatible”

howto://register the schema dll in 2012r2

As a follow up to upgrading AD to 2012R2, I wanted to transfer all the roles off the legacy DC. When I went to register the schema management.dll using regsvr32 in a run dialog box, like this…

regsvr32.exe schmmgmt.dll

I got spanked with this.

image

The module “schmmgmt.dll” was loaded but the call to DllRegisterServer failed with error code 0x80040201.

User Account Control (UAC) doesn’t let us do this directly from a run dialog. To do this and get it to work, you need to run this from an administrative command prompt.

Running the same command this way

image

gets this

image

and more to the point, lets you run the Active Directory Schema Management console.

howto://USE a REGEX to match everything up to the @

regex2

I use PSPAD as my default text editor. It’s been my favourite such application for years because it can do so much. Recently I was handed a CSV that contained email addresses for 25,000 users. I needed to pull out just the SMTP suffixes for some manipulation. PSPAD can do global search and replace with a REGEX and it seemed like just what I needed. The only challenge was to figure out what pattern matches everything in an email address up to and including the @ sign. Here’s the pattern I used.

^([^@]+)@

That says to start at the beginning of the line, match any number of alphanumeric characters up to, and including the @. Easy.

2018-01-29 edit-since I am copying from Archive.org and am too lazy to try to recreate all the great comments, I am adding this one from my former boss, Jim Palic of ONLC, which is an even easier way to do this.

Another easy way to do that would be to use the negation operator inside the square brackets. e.g. ^([^@]+)@ Meaning match everything that is not an @.

howto://map caps lock to windows-key

I have a little no-name Bluetooth keyboard that I like to use when travelling. It has a joystick mouse with scroll, all the important keys for editing and cursor navigation, function keys, a/v keys…the only thing it’s really missing is a Windows key. CTRL+ESC is not a substitute for the Windows key, since it doesn’t work with any WIN+ shortcuts. I really wanted a Windows key. I did some digging around on the interwebz and figured out how to map the caps lock key to the Windows key.

In other words, I made this

caps-lock-key[1]

into this!

187303_windows_button[1]

If you want to do the same thing for some older keyboard you want to use, here’s what you need to do.

1. Launch regedit.exe.

2. Browse to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Keyboard Layout.

3. Export that key and save it as undokeyboard.reg in case you want to go back, screw something up, etc.

4. Create a text file and copy the following into it.

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Keyboard Layout]
"Scancode Map"=hex:00,00,00,00,00,00,00,00,02,00,00,00,5c,e0,3a,00,00,00,00,00

5. Save as WINning.reg.

6. Double click it to import the settings into your Registry.

7. Reboot.

8. (Optional) Use a silver Sharpie marker to draw in the Windows logo.

Once you reboot, the CAPS LOCK key on any and every keyboard you use will be your WIN key. Of course, that may cut down on shouting, extra emphasis, license key entries, etc…but your SHIFT key is probably a little lonely anyway. Keep that undo file just in case you find yourself really needing a CAPS LOCK key. See what I did there?

 

howto://disable hibernation in Windows 8

2018-01-29 edit-this works just the same and as well in Windows 10!

Getting ready for my Windows 8.1 upgrade, I wanted to get some things cleaned up, and that included moving some VMs from my laptop to one of my Hyper-V servers. The Exchange server alone is about 100GB so I wanted to fire it up to delete some of the test accounts/mailboxes to trim it down to size before moving it. Unfortunately, it looks like my tendency to save everything had just about run me out of space. The VMs would not start!

image

Checking on things, I found myself with only a few hundred MB of free space. I started deleting ISOs and other large files that I have multiple copies of, but was only able to free up a few GB of space. My disk was still code red!

image

Looking for more things I could get rid of, I realized that I had a 13GB hibernation file sitting on the C: drive. Since I hate hibernation, I figured losing this would free up enough space to do what I needed to.

 

image

To disable hibernation in Windows 8, do this.

  1. Open an administrative command prompt.
  2. Enter the following command:
    powercfg /hibernate off [enter]image
  3. Check to see you have more space freed up!

image

Yes, I am still code red. I’m a hoarder (of data, anyway.) I don’t have any specific reason why I don’t hibernate…I just don’t. I may have had a bad experience in the past that I have suppressed, or maybe I just want the disk space back. Whatever the reason, I don’t mind telling my computer to go the <bleep> to sleep. When I do, I always hear myself doing it in Samuel L. Jackson’s voice.

howto://get upns for a list of sams

ps

I often find the need to have a list of UPNs when the only thing the customer provides me is a list of sAMAccountNames. Far too often users’ SAM and UPN don’t match, so it’s not as simple as tacking the UPN suffix onto the SAM and calling it a day. If you have a list of SAMs and you need to get UPNs, here’s two ways to do it. This assumes you have admin rights in AD, and a workstation on which you also have admin rights.

Single domain

The first way works well if you have a single domain, or just need to search a single domain.

1. Install the RSAT tools if they are not already in place. You will need the AD specific pieces.

2. Create a text file with one sAMAccountName per line. Name it users.txt.

3. Launch PowerShell and cd to the folder containing users.txt

4. Import the AD Module using this command
import-module activedirectory

5. Run this command
get-content users.txt | get-aduser | ft samaccountname, userprincipalname >userslist.txt

6. If you need to search a different domain, add the -searchscope “dc=sub,dc=example,dc=com” to the get-aduser command to specify the domain.

Entire Forest

If you want to quickly and easily search the entire forest, it’s a little more complicated.

You can do it the “low and slow” way using this. Substitute the servername for a GC in your environment, and your forest root where appropriate. This will take a LOOONGGG time to complete, but gets you there in a one liner.

$list | % {write-verbose $_ -verbose; get-aduser -ldapfilter "(samaccountname=$_)" -server gc-server1:3268
-searchbase "dc=sub,dc=example,dc=com"} | select samaccountname, userprincipalname  | export-csv .\upns.csv

Or if you are in a hurry and want to also use Excel, you can do this.

1. Run this command to just get EVERYBODY’s data.
get-aduser -ldapfilter "(samaccountname=*)" -server siladdc01:3268 -searchbase "dc=dir,dc=labor, dc=gov" | export-csv c:\scratch\allusers.csv

2. Import the data into Excel. Delete every column except the sAMAccountName and UPN, and delete all the header rows.

3. Create a new worksheet in Excel.

4. Import your source list into that.

5. Create the following formula in the next column of your second worksheet.

=VLOOKUP(A1,allusers!A:B,2,FALSE)

That will compare the sAMAccountNames in your source file to the full dump, and where it finds an exact match in column A, it will put in the UPN from column B.

howto://dump a list of users with email address and upn

I needed to dump a list of all users in a forest so that I could compare their UPN to their email address. I came up with this PS command that will connect to a GC, enumerate all users in the forest, and output a CSV that lists their displayname, emailAddress, and UPN. It will skip users with blank email or display, or accounts that are disabled.

The scriptlet assumes whoever runs it has administrative rights, and has the RSAT tools for AD installed on the machine they are using so the AD module exists. It doesn’t require anything else.

import-module activedirectory

get-aduser -filter {(EmailAddress -like “*”) -and (DisplayName -like “*”) -and (Enabled “True”)} -searchscope subtree -searchbase ‘dc=yourdomain,dc=tld‘ -properties DisplayName, EmailAddress, UserPrincipalName, proxyAddresses -server yourgc.yourdomain.tld:3268 | select-object displayname, emailaddress, userprincipalname | export-csv c:\scratch\users.csv

Make sure you change the variables in italics to match your environment. Hope this helps someone out.

The eleven best antiheroes on television today

What is it about antiheroes that draws us to them? Is it that they play by their own rules, or that they fly in the face of social norms? Maybe it’s simply that living in darker times, we identify more readily, even if only on a subconscious level, with those who are flawed, much as we perceive ourselves and the world around us. Whatever the reason, portraying the protagonist as an antihero seems to work very well in the modern day television and cinema. Dark heroes abound, exhibiting a range of character flaws, and carrying enough emotional baggage to bankrupt a frequent flyer.

In our first RetroNomads post , we are going to take a look at the eleven best antiheroes of modern television; who they are and what makes them so great, why they are flawed and yet still our heroes. To call this a rogues gallery may be too generous…let’s just say they are all great scoundrels and make for riveting television. We’re sticking to contemporaries here and focusing on series you can still catch on TV, but there will be a nod at the end towards the great ones from the recent past.

Continue reading “The eleven best antiheroes on television today”