Misc.
Azure Mask Browser Extension
Reading Time: 2 minutesI often find myself having to do a lot of editing of both video and screenshots when using the Azure Portal and I wanted to write a short blog post about this very handy extension I’ve been using recently. The Azure Mask Extension is an open source tool written by Brian Clark, it works by masking sensitive data as you navigate the Azure Portal which is helpful for presentations, screen sharing, and content creation. Take a look below at how to install and use it.
First, browse the extension settings in your chromium-based browser. Due to naming issues, the extension had to be renamed and has been “pending review” for over a year now (3/16/21) as noted by the Github repo. In light of this, the extension can’t currently be installed from the store, and must be manually loaded. Once you’re on this screen, you’ll need to toggle “Developer Mode” once you download the extension from the Github repo use the “Load Unpacked” button to upload the extension file.
Once the extension is installed, you will see it show up on the extensions setting screen. You will then click the Azure Mask extension button in the task bar and move the slider to “Toggle All Masks”.
Next, head over to the Azure Portal and check out the masking features of this extension!
Short and sweet blog post, but this extension has saved me a lot of time when sharing my screen, presenting at conferences, recording video, and taking screenshots for blogs. If you have any questions, comments, or suggestions for future blog posts please feel free to comment blow, or reach out on LinkedIn or Twitter. I hope I’ve made your day a little bit easier!
Powershell Script to Test SMTP
Reading Time: < 1 minuteThis one is going to be short and sweet, I’ve been testing SMTP with and without encryption and wanted a good script for that.
Here are the lines that you’ll want to look at configuring:
- Line 5: “$smtpServer =”InsertYourSmtpServerHere”
- Line 12: Change the $false value to $true if you want to encrypt your SMTP with SSL
- Line 13: If you’re using a non-default SMTP port, change the “25” to whatever you’re using
- Line 15: Only change this if you need to enter credentials for authentication
- Line 18/19: Change these to who you want to say the email is from, and to whom it is being delivered.
- Line 21: Change this to whatever you want your email title to be
- Line 25: Change this to say whatever you want the body of the email to say
There are also some write-host’s in there to let you know the values that are being run and whether or not they were successful, which will print to the powershell console.
https://gallery.technet.microsoft.com/Powershell-SMTP-Test-Tool-621b07ae
How to mount your OneDrive as a local mapped drive: Part 2
Reading Time: 2 minutesA while back I wrote a blog post about how to map your OneDrive as a local drive (network drive) and it has been hugely popular (contrary to anything I could have imagined)
I’ve even seen it referred to in the Microsoft Community Forums. So I decided to share something that I played with, starting to write a tool to automate this otherwise lengthy process. Granted at this point it’s still at something of a Version 0.1, but I’ll share it anyways.
There are three things you need to have to make this tool do it’s magic.
- Your Microsoft CID
- Your Email
- Your Password
As long as you have those things the tool will do the rest!
The only thing here that you need to do is have your Microsoft CID, which isn’t too hard to do. Let’s help you grab that real quick!
- Go login at https://www.onedrive.com
- Click “Files” once you’ve logged in
- Copy the CID in the top URL bar
Once you have this ID copied, you’re all set! You can download the poweshell script here. Right click, and run with powershell! *Note* Accessing OneDrive this way is NOT supported and may act sluggish at times.
In some free time I’ll be working on using the Windows Live APIs to automatically pull the CID in the next version of this application. I hope I’ve made your day a little bit easier!
PAL (Performance Analysis of Logs) Tool, you need to use this!
Reading Time: 6 minutesWe all have performance issues at one time or another, and the majority of what I hear admins doing is the age old “Turn it off and back on again” or some variation thereof depending on the situation.
This isn’t always the fix, so we move on to the logs — right? Well you should anyways. Depending on what OS you’re in you look at Task Manager, PerfMon, Resource Monitor, a third-party application or something at an abstracted level if the machine in question is virtualized. If you’re using built-in tools like a PerfMon capture or a Data Collection Set (DCS), they can be helpful but sometimes just hard to understand if you’re looking for something other than am I using too much RAM or CPU %. This is where PAL comes in, it does the analysis of the logs for you and writes them to an HTML page with easy(er) to read and understand output and statistics.
The PAL tool is a powerful tool that reads in a performance monitor counter log and analyzes it using known thresholds. It is written by Performance SME Clint Huffman who is a Premier Field Engineer for Microsoft.
Features:
- Common built-in thresholds for many major Microsoft products such as IIS, MOSS, SQL, BizTalk, Exchange, and Active Directory.
- An easy “click-next” GUI that makes running these reports extremely simple.
- A GUI that allows you to edit, or create your own thresholds.
- Creates an HTML with an optional XML report.
- Analyzes performance counters for thresholds that vary based on the criteria entered by the user specifying the machines role and hardware specifications.
Let’s walk through a basic use of PAL.
First, you’re going to go to pal.codeplex.com to download the PAL setup .zip file.
You’re then going to unzip the folder and run setup.exe, when you do you will most likely get this message.
Click yes, and it will take you to the download page of the .NET Chart Controls page where you can download and install them real quick.
Then Run setup.exe again and you should be good to go. Next, Next Next and it’s installed, now let’s run this!
Click next to, and it will take you to the “Counter Log” tab. On this page you select your .blg, .csv, or .tsv performance log files that you’ve created already. PAL comes with a sample log that I’ll be using for this demonstration. Note that if you don’t want to process the whole log you can select a date range to process.
If you click Next, you’ll be taken to the “Threshold File” tab. Here you can select which threshold you’d like to use. If you’re just looking at SQL, or Exchange, or whatever performance logs you’ve captured, you can select that here to include those specific thresholds. If you’re just looking at general system overall performance the “System Overview” file works, which is what we will be using here since that’s what the sample log file is based on.
If you know exactly what you’re looking for and want to make your own file, you’re able to do that as well! Choose a basic file and click “Edit” and you’ll be taken to a GUI that allows you to edit the threshold file in an environment that resembles PerfMon.
Click next and you’re taken to the “Questions” tab. Here you select the OS, PhysicalMemory and UserVa (which is only for 32-bit machine log files). The thresholds chosen on the previous screen are modified based on the information you put in here.
Click Next again and you’re taken to the “Output Options” tab. Here you have two options to modify if you wish. First is the Analysis Interval, that allows you to choose the interval in seconds that the log is split into. By default, it takes the total time span of the file and splits it 30 times. You can then choose to process every single counter in the log file if you want to be extremely detailed. Note that changing either of these can have a huge impact on the performance of the system that is running them and how long it will take to process.
Click next and you’re taken to the “File Ouptut” tab. Here you can select where your output goes. *Note* there will be an html document as well as a folder that holds the images in the html document, so if you’re sending the data to someone you will have to grab both pieces.
Click next and you’re taken to the Queue tab and the Execute tab. These shows what powershell code you’ve generated thus far in the process, if you have more than one file to process you can queue them up and run them all under the same instance of PAL. This is also where you choose how much CPU you’re going to delicate to the processing of the logs. I am going to tell you that this program pulls the ENTIRE log file into memory and processes it there. Keep that in mind when your working here, if you only have 4GB of RAM on your laptop and are running a 7GB SQL performance log — well…kiss your disk good bye because you’re going to be running 3GB of that out of page file. Also note that this is a VERY intensive process and if you give it all of your CPU cores it WILL use them as you will note in a screenshot I took below.
Click finish and it will kick off the process, as I said — take a look at that CPU!
Once it’s finished it will look like this. *Note* that the sample log I pulled here was 504Kb with only 787 instances and it still ran at 100% CPU for a little over 4 minutes. I have a dedicated VM in my development environment that I give 32GB RAM and 16 cores to eat through these and still sometimes with SQL it may take a few hours.
It then opens up the web page that it created, I’ve added a few snips of what it looks like here. It starts with a table of contents, and then lays out everything it just processed in nice tables and graphs.
You can download a full zip file of the web page, and the folder that contains the images below.
http://matthansen.me/SamplePerfmonLog_PAL_ANALYSIS_2014-10-01_08-51-54.zip
This tool has been extremely helpful to me, and I hope I’ve just made your day at least a little bit easier by sharing it with you!
Varying “File name too long” Issues
Reading Time: 2 minutesThis question has been posed to be multiple times before, “It says the file name is too long, why can’t I delete it?” or some variation of the same issue. There is a multitude of forum postings scrawled all over the internet and it’s endless wonder telling people to go download all these programs to fix it, which either end up costing money or giving you malware and in the end they don’t even work. There are two quick and easy things to check to fix any issue pertaining to any variation of “file name too long” errors.
- Check for Illegal Characters
No file name, or path can have any illegal (reserved) characters which are as follows.
\ / ? : * ” > < |
If none of these exist, you’re good to move on.
2. Make sure the path name hasn’t exceeded the maximum length
Windows limits a single path to 260 characters. This is why you might get an error when copying a file with a very long file/path name to a location that has a longer path than the file’s original location. This is most often the culprit. I’ve seen it most frequently when you download some sort of compressed container or files such as a .zip or a .iso such as I’ve done here below.
I downloaded this .iso, and used 7zip to extract it, it then created a folder with the iso’s name then duplicated it inside of itself causing my file path to be extremely long, more than the allowed 260 maximum characters in a file path.
When then attempting to delete the tree from C:\Users\Administrator\Downloads\ I was unable to and received the aforementioned dreaded errors.
I then went in and replaced the “en_expression_studio_4_ultimate_x86_msdnaa_dvd_537046” with just “en” and was able to dramatically reduce the file path length.
Now that the file path length was inside the legal character limit, I was able to successfully delete the entire tree from the C:\Users\Administrator\Downloads\ folder successfully. Bada-Bing Bada-Boom.
There you go. I hope I’ve made your day at least a little bit easier.
Do you even Kerberos?
Reading Time: 3 minutesAs IT Professionals we all know the word kerberos. We all know the protocol kerberos. We all know that it does…things. How much do most of us really know though? Let’s talk about that.
Here are a few facts you should probably know for IT water cooler-type talk.
- Kerberos is a network authentication protocol that works on a client-server model utilizing a trusted third-party certificate server and is an integral part of a Microsoft-product driven network ie. Active Directory.
- Kerberos is NOT a Microsoft proprietary protocol nor is it only used for Microsoft environments. It was developed by MIT in the 1980s.
- If Kerberos stops working, us sysadmins would probably lose our jobs.
( Link will be provided at the bottom of this post for more detailed information about kerberos)
Here is the quick and dirty way to demystify how kerberos works as shown above.
- Client needs to talk to server –> sends service ticket to KDC to authenticate him and encrypts the service ticket with his password.
- Server receives service request from client and verifies credentials using its’ Active Directory. If authentication is successful, the server sends a ticket-granting ticket (TGT) back to the client encrypted with the KDCs’ password.
- The client sends the TGT back to the KDC and requests that he have a ticket to open a kerberos authenticated session with the server. The KDC then validates the clients TGT, and creates a session key encrypted with the destination servers’ password.
- The client sends that session key to the server and the server decrypts it with his own password and verifies the authentication that the KDC gave the client.
- A kerberos authenticated session is now initiated between the client and the server.
A very good troubleshooting tool that can be used for kerberos is called kerbtray.exe. It unfortunately has not been updated to run on anything newer than Server 2003, but it will still run ok (just ignore the errors). A link will be provided at the bottom of the post for the download location.
After running the program, it will populate itself to the system tray, where you right click it for information. You can do one of two things — List or Purge.
Clicking Purge here will purge all kerberos tickets so that new ones may be obtained. Clicking list will show the following.
Here you can see what tickets you have, when they were obtained, when they expire, what flags they have, and what encryption type they’re using. This tool can be very useful for troubleshooting — if nothing else, it’s just cool to see.
Links:
Learn more about Kerberos:
http://www.upenn.edu/computing/pennkey/docs/kerbpres/siframes.htm
http://web.mit.edu/kerberos/
http://en.wikipedia.org/wiki/Kerberos_(protocol)
Download for KerbTray:
http://www.microsoft.com/en-us/download/details.aspx?id=17657