Windows

Updated Windows Sudo

Recently I updated my Windows sudo program and added a command for Super Conduit, this is what I call some tweaks that you can make to a Windows Vista+ system. This allows someone to copy sudo.exe to a systems, system32 folder; then after running “sudo cmd” you can run “sudo /write” so add ls, ifconfig, and superc as a option in the command line.

Superc has options of enable, disable, and show. Making it easy to run. ūüôā

Newest build is always here https://github.com/daberkow/win_sudo/raw/master/sudo/sudo/bin/Release/sudo.exe

Super Conduit

Due to the high latency of the lines between my works offices, file transfers can be slow. There are settings in Windows Vista+ systems that can allow the TCP window to grow, and allow much higher utilization on these lines. I call it Super Conduit. This may be possible on *nix systems, but the way this tweak works is that it tells the other side it will be doing this tweak. That means that both sides have to be at least Windows Vista Kernel, (Server 2008 works) that also means that linux file servers will not work because them seem to be linux machines with SMB. This should be done over wired connections, because the packet loss on wireless hurts these connections more than anything else.

With the “autotuninglevel” change, I have seen speed changes from a 1megabit a second line go to 150-200 megabits a second.

WARNING: Windows Vista/7 IP stack can not handle changing this setting and using normal connections, meaning once this is done usually the internet stops working until the setting is reversed. Windows 8+ seems to have no problems with this setting, and the internet; it just makes Win 8/8.1 more awesome than it already is, which is pretty awesome.

  1. Login under a administrator account to the Windows machine
  2. Open ‘cmd’ as a administrator
    1. Title bar should be “Administrator: C:\Windows\System32\cmd.exe”
  3. “netsh interface tcp show global” will show the current settings of your machine
    1. Command Line Status
  4. “netsh interface tcp set global autotuninglevel=experimental” enables the majority of what you need for faster transfers, all you will get back in response is “Ok.”
    1. Image2
  5. Another setting I have used in the past is “netsh interface tcp set global ecncapability=enabled” this adds a flag to the packs that tells routers “I dont care if I get slowed down, please dont drop me completely”. The problem you run into with large TCP windowing is one dropped lowers the TCP window size a lot and slows the connection making it a lot more spiky. This command doesnt always help, but setting it hasnt hurt in the past.
    1. Image3
  6. The “rss” receive-side scaling state should be set to enabled, that should be the default. This allows the receiver to do these types of conenctions.
  7. When you are done your transfer just run¬†“netsh interface tcp set global autotuninglevel=normal”

 

Troubleshooting Notes:

Windows 7 seems to act oddly when starting to use this setting, so I would enable it then restart the machine. I believe that cached sessions already in progress do not take the new setting.

 

YAY MATH:

http://bradhedlund.com/2008/12/19/how-to-calculate-tcp-throughput-for-long-distance-links/

Default window size: 65536 bytes * 8 = 524288 bits

73ms latency between cross country offices, 524288 bits / 0.073 seconds = 7,182,027 Bits throughput, theoretically. 897,753 B/s, max.

This setting increases that window size to something larger, much larger, and thus gives better speeds. The only interesting downside is that since the TCP window is big, if a packet is then lost, TCP resizes the window to a much smaller setting; forcing the window to climb again.

That is a 1GB link going across the country.

That is a 1GB link going across the country.

Java Windows Shortcut Library (Parsing and Creating!)

Recently I have been working on a project that involves extracting a bunch of files from zips. The problem I faced was all the shortcuts within the zips were hard coded to locations, making it impossible for me to move the extracted zip data to wherever I may want. I wanted a native library that could read and modify Windows Shortcuts so I could drop my zip data anywhere; my project is in Java, and its instant cross compatibility was needed. I know all my clients have Java installed, so that made its dependency not a issue. After looking around on the internet and finding several options, including the popular¬†https://github.com/jimmc/jshortcut. Now the downside the this popular jShortcut library is you need a DLL, why you need a DLL to write a binary file, I am not sure. More specifically, you need a DLL for your PCs instruction set, ick! After searching the far reaches of github, and getting to the end of my rope I found¬†https://github.com/kactech/jshortcut, written 5 years ago, and not really popular on github I thought I would give it a try. IT’S AMAZING! With no dependencies, and just a single include, you can write, modify, and create new Windows Shortcuts! There is example code included, and it couldn’t be easier to use. I just wanted to make sure anyone who has had the same problem knows about this great library.

WQL, SQL Queries for Windows Backend (Part 1)

If you have been writing web apps for a while, or other apps you more than likely have used SQL. SQL allows you to query a database and interact with your applications data. Instead of trying to find a users profile, what if we wanted to find out what a user was printing on their local machine? If there was an easy interface for that, it could make programming for a platform like Windows a lot easier. Well Microsoft years ago added this ability to Windows; the technology is called WQL. This was added with the other components of WMI (Windows Management Instrumentation) at Windows ME. For Windows 9x and NT you can download the WMI core. This article will be a brief over view of what it can do and how you can play around with it.

First like when we looked at LDAP, we want a tool that will let us quickly play around with what is available, and then code that into our application. The tool I use is WMI Explorer,¬†http://www.ks-soft.net/hostmon.eng/wmi/, it provides a easy interface to look at all the data available. With the WMI core it works with everything back to Windows 95! You can download and run the program for free, no installation required. Once open, there is a upper portion of the window that lists all the spaces you can access, these would be the ‘tables’ in SQL. Depending on your version of Windows, there will be separate options available. I have used this interface before for network cards (6to4 Cleaner) and printers.

WMI Explorer

WMI Explorer

For this example I will go over to the Win32 framework and access the Win32_Printer ‘table’. I get a list of printers the machine has installed, as well as attributes to each of these printers. Any¬†administrator, or any program attempting to manager printers (I say attempting because printers can he a horrible experience) information – like what port the printer is using – is here, in addition what type of connection this machine has to the printer. At the bottom of the Window there is a Query that is building as you select different fields. This query can be moved into a application later to get the same data in code. WMI Explorer also allows for a user to write Queries directly without this interface; that is the second tab at the top of the window.

One downside I have found in using WMI is the setup process time, in C#/.NET using WMI is easy, but it takes time to start accepting queries. About a year or two ago I was working on querying network card information on Windows Vista. The first call could take a few seconds to respond, after that first call it would speed up, this is just something that has to be accounted for in the applications design. I found running WQL queries in a separate process, and starting them as soon as possible would allow the process to finish before the user needed the data.

I just wanted to get everyone started looking at what is available, in a later article I will go into more depth about programming with this and how you can interact with this data in a C#/.NET program.

LDAP Authentication RPI Tutorial (Part 1)

After writing about how to use CAS with PHP, I thought I would write a post about how to use LDAP(Lightweight Directory Access Protocol) at RPI but these methods can be used anywhere. LDAP is a protocol to query user databases, this is a protocol that can be sed along with Active Directory, or another directory system for computers and user accounts. This protocol is widely used to allow different applications to interact with your user database. Here I will be showing how to implement search with LDAP to a web application. This guide will be using LDAP with PHP, this requires the LDAP module to be enabled within PHP; that will be the purpose of this article, then the next one will discuss how to actually query LDAP.

LDAP Linux (Debian/Ubuntu) Install

Linux is easy to get LDAP working with PHP, as long as you have a standard installation of Apache, with PHP 5 working.

  1. Install the LDAP module onto the machine, using either aptitude or apt-get
    • “sudo aptitude install php5-ldap”
    • OR “sudo apt-get install php5-ldap”
  2. PHP should now be able to use LDAP, if it is not working yet, you will need to restart Apache.
    • “sudo service apache2 restart”

LDAP Windows (XAMPP) Install

Xampp for Windows comes with LDAP, but there is a bug in their implementation and a file needs to be copied before LDAP will work. I am going to use “C:\xampp”, the default directory for Xampp in this example.

  1. Go into the PHP folder, C:\xampp\php\
  2. Edit the file “php.ini” with any text editor
  3. Find the line “;extension=php_ldap.dll”, and remove the semi-colon. “extension=php_ldap.dll”
  4. Now if you were to reboot Apache it should be working, but its not! Why not? There is a missing DLL. You need to
    copy libsasl.dll from c:\xampp\php\libsasl.dll to C:\xampp\apache\bin\.
  5. Now restart Apache

LDAP Search

Now that PHP can search LDAP we are going to want to start creating queries in PHP; but it is much easier to tweak the search in the command line, and then put that query into PHP. The following are steps that can be taken on a Linux computer (again Ubuntu/Debian) to install and use a ldap command line search.

  1. First we need to install the OpenLDAP utilities that will give us the “ldapsearch” command
    • “sudo aptitude install openldap-utils”
    • OR “sudo apt-get install openldap-utils”
  2. Now we are making our query
    • First we add the command, then enter the host you are searching, tell the server to try simple¬†anonymous¬†authentication.¬†Next give the server a base to start the search (I am using RPI specific domain components), finally we have to give the heart of our search. I am looking for any Unique ID (username) that starts with “berk”, and ends with anything “*”.
    • ldapsearch -h “ldap.rpi.edu” -x -b “dc=rpi, dc=edu” “uid=berk*”
    • Now this gives one result, and this can be used to see what data will be returned from this server. You can also try “ldap1.server.rpi.edu” this returns a entirely different list of¬†variables, and sometimes more users.
    • If you are interested in researching this command more, die.net has a great¬†resource.¬†http://linux.die.net/man/1/ldapsearch
    • Troubleshooting: For those of you here at RPI trying to follow this guide specifically, if you¬†do not¬†get any results or a error connecting, RPI firewalls the LDAP servers heavily. I have found a lot of the time I have to be in the VCC to make this work, you can also VPN in, then your network connection is within the VCC and it will work. I have VPNed in, while on campus in the Union to get LDAP to work.

UPDATE: I added a little about what LDAP is

Recovering WIM Images

A user came in to helpdesk with a laptop that had a dying hard drive. A coworker was able to recover part of the LENOVO_RECOVERY partition to a new drive that was installed in the laptop, with a intact .WIM image, yet the partition would not boot. We tried rewriting the MBR, rebuilding BCD and other tricks but nothing would work. To make a very long story of us trying everything to get this drive to restore with no avail; we were able to manually make a partition then use GImageX to recover the image.

The new hard drive had the 10gb recovery partition we had copied over, and nothing else on it. So first using DiskPart, we made our new partition for windows.

  1. Boot from a Windows Vista, or 7, or later installation disc
  2. Go to Recovery Mode, and then get to the command prompt (dont do a system restore)
  3. Run diskpart
  4. “list disk” and then “select disk #” for the disk you want
  5. “list partition” will list what is on the hard drive, we then did “add” to make a new partition
  6. “select partition #” will select the new partition if you put the correct number in
  7. Finally “assign” will give the new drive a drive letter

Now that the new partition exists, we used¬†http://www.autoitscript.com/site/autoit-tools/gimagex/. This tool will recover the standard WIM windows images to a partition. To make life easy we copied it to a thumb drive and then launched it on the recovery disc. If your windows disc is 64 bit, you will need the 64 bit version of the app. Once we had the app it was just a matter of launching it and going to the second tab of “Apply” to install the image. The laptop we were working on had the recovery image hidden, in a folder called “FactoryRecovery”. By running “dir /AHS” the¬†computer¬†will list all files in a directory, including hidden and system files. While navigated to the directory you know the images are in, running “attrib -S -H /S /D” will remove system and hidden attributes from the files and folders. Now GImageX can see the image and recover it.

That was the end of a long recovery, if anyone has questions post a comment.

Windows Sudo

I am back at RPI, finishing up my degree. Recently I have been working on hour tracking software for several departments at RPI.

Recently I have run into a minor annoyance where I am in the command line in Windows and need to elevate a command or program so that I can do a administrative task. (Such as moving a file to the system32 folder), the normal solution is to right click command line short cut and “Run as Administrator”. While that works its not fast,¬†I’m¬†sure there are other solutions out there, but I wanted to quickly build on in .Net. I did this a while ago for Vista and called it elev, but never saved it and since I am trying to make the transition between Windows and Linux easier I called it sudo.

All you do is put this in your %windir%\system32\ folder, and then at the command line type “sudo cmd” or whatever¬†command¬†you want. Commands like “dir” are actually part of cmd not a¬†separate¬†file called so “sudo dir” wont show anything, it will output the .Net error.

Link to exe: https://github.com/daberkow/win_sudo/blob/master/sudo/sudo/bin/Release/sudo.exe

Link to project: https://github.com/daberkow/win_sudo