howto://dump a list of users with email address and upn

I needed to dump a list of all users in a forest so that I could compare their UPN to their email address. I came up with this PS command that will connect to a GC, enumerate all users in the forest, and output a CSV that lists their displayname, emailAddress, and UPN. It will skip users with blank email or display, or accounts that are disabled.

The scriptlet assumes whoever runs it has administrative rights, and has the RSAT tools for AD installed on the machine they are using so the AD module exists. It doesn’t require anything else.

import-module activedirectory

get-aduser -filter {(EmailAddress -like “*”) -and (DisplayName -like “*”) -and (Enabled “True”)} -searchscope subtree -searchbase ‘dc=yourdomain,dc=tld‘ -properties DisplayName, EmailAddress, UserPrincipalName, proxyAddresses -server yourgc.yourdomain.tld:3268 | select-object displayname, emailaddress, userprincipalname | export-csv c:\scratch\users.csv

Make sure you change the variables in italics to match your environment. Hope this helps someone out.

The eleven best antiheroes on television today

What is it about antiheroes that draws us to them? Is it that they play by their own rules, or that they fly in the face of social norms? Maybe it’s simply that living in darker times, we identify more readily, even if only on a subconscious level, with those who are flawed, much as we perceive ourselves and the world around us. Whatever the reason, portraying the protagonist as an antihero seems to work very well in the modern day television and cinema. Dark heroes abound, exhibiting a range of character flaws, and carrying enough emotional baggage to bankrupt a frequent flyer.

In our first RetroNomads post , we are going to take a look at the eleven best antiheroes of modern television; who they are and what makes them so great, why they are flawed and yet still our heroes. To call this a rogues gallery may be too generous…let’s just say they are all great scoundrels and make for riveting television. We’re sticking to contemporaries here and focusing on series you can still catch on TV, but there will be a nod at the end towards the great ones from the recent past.

Continue reading “The eleven best antiheroes on television today”


Mr. Robert Caiello,
Director of Marketing

Dear Bob,

Can I call you Bob? You’ve written to me so many times, I feel like I know you well enough to call you Bob. Hope you don’t mind. So listen Bob, here’s the thing. I cancelled my service with DirecTV over a year ago, October 2008 to be precise, and I don’t want to ‘come back.’ I thought I made it clear to your company at the time I cancelled that I was unsatisfied with the service, that a picture that fades out during light rains is not considered of acceptable quality, and a DVR that spontaneously deletes show is not, in fact, acting in my best interests by shielding me from inappropriate content.

The bi-monthly phone calls from your customer service centre, offering me fabulous prizes, peace, and contentment if only I would switch back were nice, I guess, but after the fifth time that I informed them that I was not interested, to please remove me from your calling list, and that I was going to file a complaint with the FCC as I am on the National Do Not Call Registry and am not a customer of DirecTV, they finally stopped.

But now, Bob, you are mailing me once a week. Once a week, Bob…what’s up with that? Do you really think that it is a wise investment of your advertising dollars to mail former customers weekly asking them to come back? Do you really see sufficient success with a nag campaign? Really? Because I mean, like, wow Bob, to me, this weekly mailing is less a strong-arm marketing plan and more like a global deforestation campaign. Think of the trees Bob. I’m sure Bobby Jr. likes to climb them, to swing from them, maybe even to breathe the air…do you really want him growing up knowing that his daddy is single-handedly responsible for the loss of 10 bazillion acres of woodland?

Come on Bob, think of the trees.

Come on now Bob, think of the trees.

Seriously Bob, the volume of your letters are approaching the likes of AOL CDs, save that I can at least take 10^6 of those (approximately three weeks worth during the blitz of ’96) and fashion a solar reflector to help combat global warming. What can I do with your letters? They aren’t even partially post-consumer content, and they use bleached paper! Bleached paper, Bob, bleached.

So come on now, Bob, do the right thing. I bet if you allocated just ten percent of your mailing budget to R&D, you could figure out how to make your satellite dishes three inches in diameter, or how to keep a light dusting of pollen from interfering with the signal. Take another ten percent, and you might be able to figure out how to make sucky programming seem better in HD. I know damn well you’d reduce the impact on the planet’s ecosystem to the point that we might just still be here in a couple of hundred years. Too much to hope for? Okay, I’ll settle for you just taking me off your damn list. That ought to save at least one tree a year, and it’s enough to make me feel a little better.

Hugs and kisses,

Zen and the Art of Naming Conventions-hostnames

I spent all weekend with a 6 second long sound bite stuck in my head. It’s from a song I used to love, that I’d played thousands of times, and probably haven’t thought of this century. I knew that the name of the group had something to do with Bangkok, or Tokyo, or some vaguely Asian location, and while I could hear the tune inside my head (at least when the voices gave it a rest) I could NOT come up with the name, or even enough of a lyric to let Google work it’s magic. I needed the name. And that got me thinking. I’ve worked on hundreds of networks, and I’ve seen just about every server naming scheme you could imagine; the good, the bad, and the ugly. Most fall into the cracks between good and bad; let’s call them the indifferent. You can almost classify the techno-geek maturity level of an IT organisation by their naming convention. (You like that? It just happened!) New orgs stick with the classics, like X-Men characters, mythological deities, chemicals, planets, etc. Orgs that are trying to ‘grow up’ err on the other extreme, trying to develop a naming convention that invokes the corporate name, or give as much detail as you would expect to find on the server list on SharePoint.

What’s in a name? That which we call a rose by any other name would smell as sweet.
-Romeo and Juliet, Act II Scene II. William Shakespeare

…see, a guy works a Shakespeare quote into a post, he must know something good.

But that which we call in a UNC path has to be easy to use and remember, and must be resolvable in our DNS. There are some common mistakes that I have encountered over time, and it was one such recent charlie-foxtrot that prompted me to pen this narrative.

Out in the real world, there are two main schools of incorrect thought on the subject of naming systems. I like to call them ‘the Hyphenators’ and ‘the Cryptics.’ In ages past, the forebears of the Hyphenators found out that they could put a hyphen (dash, minus sign, call it whatever you want, it looks like this – ) in computer names, so they did. What followed was years of needlessly breaking names up with countless dashes, and endless “Please check the name and try again” messages from telling users server names, while not saying the “dash” since “everyone should know it’s there” incidents. Actually, I think they eventually devolved into getting kickbacks from the keyboard manufacturing industry, because they put so damn many hyphens in their computer names that you’ll wear out the button on your keyboard!

All of the Cryptics descended from the single forsaken lovechild of a government bureaucrat from the Department of Acronyms, and Rainman. Reproducing asexually, they like to assign a specific, uniform designator to every facet of a machine, and concatenate that together with a location and a number and a department and a distinction between test and production and another between physical and virtual and another for the operating system and another for the version and….you get the point. They used to be called ‘the Run-Ons’ but the Hyphenators got pissed that the name had a hyphen in it. You can imagine what happened next. Well, maybe you can’t. In a fit of Capulet v Montague amour, two of them combined, and the world came to be burdened by hyphenated-cryptics! Many Shuvs and Zuuls knew what it was to be roasted in the depths of the Slor that day, I can tell you!

Before we discuss what makes a good naming convention, let’s discuss the things that govern what we can and cannot do. We’ve got four categories, which are summarised below.
•NetBIOS Names
NetBIOS names (as implemented by Microsoft) are still (even Windows 7 and Server 2008 R2) heavily used by Microsoft. We’ll likely never get away from them entirely. They are exactly 15 bytes in length, which provides for no more than 15 ASCII characters, null padded if necessary, plus a 16th hexadecimal service identifier, or primitive, that indicates the type of name (workstation, server, messenger, domain controller, etc.) While they can contain any letter or number, they cannot contain spaces, cannot consist only of numbers, and the only permitted punctuation characters are underscores and hyphens.
•Host (DNS) Names
Host names can exist alone, or are mapped into a DNS zone as fully qualified domain names. While an FQDN can contain up to 255 characters (plus a . to reference root), a single label can contain no more than 64 characters. Host names can contain any ASCII letter or number, or hyphens only, with periods separating levels of the hierarchical name and terminating the namespace.
Called “Choosing a name for your computer,” this RFC lays out some good guidelines to use when naming hosts. Highlights include favouring shorter names, avoiding words with alternate spellings, and not using digits at the beginning of names.
•(un)Common sense Names
Names should be easy to remember. They should convey useful information. They should not require different treatment based on use (encoding characters in HTTP, escaping characters in LDAP or scripting languages, etc.) They should make sense to the end users and the admins, and err on the side of the end user. Everyone knows where they work…you do not have to include the company’s identity in the server name!

So if we take all that into consideration, we want to shoot for names that are around eight characters long, are easy to remember, and tell users and admins both something useful about the system. We’ll avoid the use of hyphens and underscores completely. So taking all that into account, what do we do?

First, we’ll start the server name with an identifier for the location. Three letters works well here, so you just need to come up with a scheme that identifies all of your locations. The three letters should be easy for end users and IT to remember. Most muggles won’t know airport codes that don’t line up with real city names unless they fly there regularly, so don’t use them. The larger a company is, the more likely you will have cities with similar names, so try to come up with a list of all your locations early on, and vet it with the global team to make sure everyone can live with it. If you are an international team, check to be sure that the city abbreviation doesn’t say something naughty, especially when combined with a server function. I had a naming convention once that would have placed an EX (Exchange) server in BISmarck, ND…therefore Bismarck became BMK.

Next, we will use some standard abbreviations to identify the type of server. Here, understanding is more important than consistency, so some codes may be two letters, while others are three or more. Notice that some apps get full names, while others get abbreviations. The distinction is arbitrary, and you are welcome to modify it to fit your needs. What I have below works for me, and should be a good start for you. You could always leave a comment with more suggestions

server type code
 domain controller DC
 file server FS
 print server PS
 VMware ESX host ESX
 MS Hyper-V host HV
 web server WEB
 MS SQL server SQL
 Oracle server ORC
 generic application server APP
 accounting server ACCT
 human resources server HR
 media server MEDIA
 VPN concentrator VPN
 Internet Security and Acceleration server ISA
 Threat Management Gateway server TMG
 DNS server DNS
 DHCP server DHCP
 SharePoint server SP
 SolarWinds server SW
 Splunk server SPLUNK
 SNA server SNA
 VoIP server VOIP
 Call Manager server CM
 Unity server UNITY
 Cisco Emergency Responder server CER
 Exchange server EX
 Exchange mailbox server MB
 Exchange Client Access server CAS
 generic mail server MX
 Lotus Notes server CRAP

Finally, add a number. Start with 1, and increment up from there. The number is more to allow for redundancy than to indicate ancestry or lineage. Let go of the need to have certain servers always be referenced by the same name. That is what aliases are for, and in an upcoming post, we’ll discuss the common DNS aliases every company should use.

That’s all there is to it. Following the above, you will have server names between seven and eleven characters that are easy to remember, and to spell out to users. From the name you will be able to determine where the server is, and what it’s for. In a name, that is all you really require. If you want to know the operating system, the patch level, how much RAM, Disk, etc. it has, and whether it is physical or virtual, use bginfo to display this on the console, or consult your server list on SharePoint. Your domain controller in Orlando will be ORLDC1, your file server in Jacksonsville will be JAXFS1, the ESX host in your Miami datacenter will be MIAESX1, and your VoIP server in Chicago will be freezing I mean, CHIVOIP1.

Hopefully this will help someone out, and maybe give them the ammunition to convince some hyphenator to STFU and GBTW, and let the real geeks make the important decisions. Hopefully if you have to show this to your boss to convince them that easy is better…they’ll have a similar sense of humour to me! Hopefully, you care enough for my sanity that you wonder if I ever found the song. I did. It just came to me as I was finishing this post. Some bizarre association, or maybe my muse just wouldn’t give it up until I got another post done. Either way, maybe now I can get some sleep! It was Saigon Kick’s “Love is on the Way!”

Make bginfo a standard part of your Windows server deployments

If you are like most Windows admin’s, you find yourself accessing the console of various servers throughout the day. If you are using an rdp client like mstsc, or rdesktop, you may have several remote sessions open at the same time. And unless you just went through a major hardware refresh, you probably have a variety of different hardware platforms in production. If you are running multi-homed servers, or servers that for some reason cannot reliably resolve all required names through DNS, you probably have static route entries, and either a HOSTS file, an LMHOSTS file, or both, in use on your system. If you are like me, it gets kind of confusing trying to keep track of each system that you are on, and you might have wasted some time trying to troubleshoot a connectivity problem before realising that there was a static route, or an out of date ip.addr in the local file. Over time, I have come to make bginfo a standard part of every Windows server I stand up, and if I have to spend more than five minutes on someone else’s server and expect that I’ll have to come back later, odds are I will add it to that server too.

This tool was developed by the geniuses at Sysinternals, and though they are now a part of Microsoft, is still one of the free tools available here. When run, this tool will take whatever wallpaper you have, and overlay text information such as the system hostname, ip.addr information, cpu, ram, free disk space, or free form text. You can control the font, size, and colour of the information, and the placement on the desktop, and when you update, you can update the active desktop, terminal sessions, and even the wallpaper before login.

Here is a screenshot from one of my servers.

It is an ISA server, so there are both static routes, and the use of a HOSTS file. You can see that I feature that information prominently at the top of the page, along with the following standard information: hostname, boot time, ip.addr’s, cpu, ram, and free disk space.

As part of any server build, I use the following four files.
bginfo.exe-see the download link above
bginfo.cmd-a simple batch file to run at each login. You can also schedule it if you want more frequent updates without logging in. Here’s the contents of that file.
bginfo.exe c:\windows\config.bgi /timer:0
This is a binary file, so I cannot paste it here. The first time you run bginfo.exe, customise the basics as you want them, and save that as the default. This will create a %windir%\config.bgi file that you can copy to other hosts. The first time you run it, you will see all the available default fields. You can also define custom fields, or even insert images like the corporate logo if you want to.
This registry key can be imported into your registry, and sets up the RUN key so that the bginfo.cmd executes at each login. Here’s the contents of that file.

Windows Registry Editor Version 5.00 


Copy the first three to %windir%, and just double-click the reg file to import it into your registry. Now, each time someone logs onto the server, the cmd file will run and update the information on the wallpaper. You can of course manually run it from the cmd line or start, run. You will probably want to play around with the colours of the text and background, as well as the fields that are displayed, until you find the right mix for you and any other admins on your team who will have to deal with your servers. Once you do, you will find this to be a great addition to your standard deployment, and find yourself wondering how you lived without it.

More information is available from Microsoft’s website at

traceroute response codes

response meaning
!H Host unreachable
!N Network unreachable
!P Protocol unreachable
!S Source route not permitted
!F Fragmentation needed but DF bit is set
!X Communication administratively prohibited

subnet-wildcard values

CIDR SubnetMask     WildcardMask   HexSubNetMas
29 FF.FF.FF.F8
28 FF.FF.FF.F0
27 FF.FF.FF.E0
26 FF.FF.FF.C0
25 FF.FF.FF.80
24 FF.FF.FF.00
23 FF.FF.FE.00
22 FF.FF.FC.00
21 FF.FF.F8.00
20 FF.FF.F0.00
19 FF.FF.E0.00
18 FF.FF.C0.00
17 FF.FF.80.00
16 FF.FF.00.00
15 FF.FE.00.00
14 FF.FC.00.00
13 FF.F8.00.00
12 FF.F0.00.00
11 FF.E0.00.00
10 FF.C0.00.00
9 FF.80.00.00
8 FF.00.00.00
7 FE.00.00.00
6 FC.00.00.00
5 F8.00.00.00
4 F0.00.00.00
3 E0.00.00.00
2 C0.00.00.00


smtp response codes

code meaning                                                          
211 System status or system help reply
214 Help message
220 Service ready
221 Service closing transmission channel
250 Requested mail action okay
251 User not local will forward to
252 Cannot VRFY user but will take message and attempt delivery
253 messages pending for node started
354 Start mail input end with
355 Octet-offset is the transaction offset
421 Service not available
432 A password transition is needed
450 Requested mail action not taken: mailbox unavailable
451 Requested action aborted: local error in processing
452 Requested action not taken: insufficient system storage
453 You have no mail
454 TLS not available due to temporary reason
458 Unable to queue messages for node node
459 Node node not allowed: reason
500 Syntax error
501 Syntax error in parameters or arguments
502 Command not implemented
503 Bad sequence of commands
504 Command parameter not implemented
521 Machine does not accept mail
530 Must issue a STARTTLS command first
550 Requested action not taken: mailbox unavailable
551 User not local please try forwardpath
552 Requested mail action aborted: exceeded storage allocation
553 Requested action not taken: mailbox name not allowed
554 Transaction failed


Enhanced error codes

code meaning                                                                
x.1.0 Other address status
x.1.1 Bad destination mailbox address
x.1.2 Bad destination system address
x.1.3 Bad destination mailbox address syntax
x.1.4 Destination mailbox address ambiguous
x.1.5 Destination mailbox address valid
x.1.6 Mailbox has moved
x.1.7 Bad sender’s mailbox address syntax
x.1.8 Bad sender’s system address
x.2.0 Other or undefined mailbox status
x.2.1 Mailbox disabled, not accepting messages
x.2.2 Mailbox full
x.2.3 Message length exceeds administrative limit
x.3.0 Other or undefined mail system status
x.3.1 Mail system full
x.3.2 System not accepting network messages
x.3.3 System not capable of selected features
x.3.4 Message too big for system
x.4.0 Other or undefined network or routing status
x.4.1 No answer from host
x.4.2 Bad connection
x.4.3 Routing server failure
x.4.4 Unable to route
x.4.5 Network congestion
x.4.6 Routing loop detected
x.4.7 Delivery time expired
x.5.0 Other or undefined protocol status
x.5.1 Invalid command
x.5.2 Syntax error
x.5.3 Too many recipients
x.5.4 Invalid command arguments
x.5.5 Wrong protocol version
x.6.0 Other or undefined media error
x.6.1 Media not supported
x.6.2 Conversion required and prohibited
x.6.3 Conversion required but not supported
x.6.4 Conversion with loss performed
x.6.5 Conversion failed

netbios name types

code type meaning
0 U Workstation Service
0 G Domain Name
1 U Messenger Service
3 U Messenger Service
6 U RAS Server Service
1B U Domain Master Browser
1C G Domain Controllers
1D U Master Browser
1E G Browser Service Elections
1F U NetDDE Service
20 U Server Service
20 U DCA IrmaLan Server Service
21 U RAS Client Service
22 U Microsoft Exchange Interchange
23 U MS Exchange Store
24 U MS Exchange Directory
2B U Lotus Notes Server Service
2F G Lotus Notes
30 U Modem Sharing Server Service
31 U Modem Sharing Client Service
33 G Lotus Notes
43 U SMS Clients Remote Control
44 U SMS Administrators Remote Control
45 U SMS Clients Remote Chat
46 U SMS Clients Remote Transfer
4C U DEC Pathworks TCPIP Service
52 U DEC Pathworks TCPIP Service
6A U Microsoft Exchange IMC
87 U Microsoft Exchange MTA
BE U Network Monitor Agent
BF U Network Monitor Application
< \\–__MSBROWSE__> 01 G Master Browser

kerberos response codes

code message meaning
0x6 KDC_ERR_C_PRINCIPAL_UNKNOWN: Client not found in Kerberos
0x7 KDC_ERR_S_PRINCIPAL_UNKNOWN: Server not found in Kerberos
0x8 KDC_ERR_PRINCIPAL_NOT_UNIQUE: Multiple principal entries in
0xA KDC_ERR_CANNOT_POSTDATE: Ticket not eligible for postdating
0xC KDC_ERR_POLICY: KDC policy rejects request
0xD KDC_ERR_BADOPTION: KDC cannot accommodate
requested option
0xE KDC_ERR_ETYPE_NOTSUPP: KDC has no support for
encryption type
0xF KDC_ERR_SUMTYPE_NOSUPP: KDC has no support for
checksum type
0x12 KDC_ERR_CLIENT_REVOKED: Clients credentials have
been revoked
0x17 KDC_ERR_KEY_EXPIRED: Password has expired change
password to reset
0x19 KDC_ERR_PREAUTH_REQUIRED: Additional pre-authentication
0x1B KDC_ERR_MUST_USE_USER2USER: principal valid for
user2user only
0x1C KDC_ERR_PATH_NOT_ACCEPTED: KDC Policy rejects transited
0x1D KDC_ERR_SVC_UNAVAILABLE: A service is not available
0x1F KRB_AP_ERR_BAD_INTEGRITY: Integrity check on decrypted
field failed
0x20 KRB_AP_ERR_TKT_EXPIRED: Ticket expired
0x21 KRB_AP_ERR_TKT_NYV: Ticket not yet valid
0x22 KRB_AP_ERR_REPEAT: Request is a replay
0x23 KRB_AP_ERR_NOT_US: The ticket isn’t for us
0x24 KRB_AP_ERR_BADMATCH: Ticket and authenticator
don’t match
0x25 KRB_AP_ERR_SKEW: Clock skew too great
0x29 KRB_AP_ERR_MODIFIED: Message stream modified
0x34 KRB_ERR_RESPONSE_TOO_BIG: Response too big for UDP,
retry with TCP
0x3C KRB_ERR_GENERIC: Generic error