Category Archives: sysadmin

Fun with PXE, redux.

You may recall that I’m serving up not only Windows Deployment Services capture and deploy but also Acronis recovery media over PXE.

Well, now I’m also serving up Windows Defender Offline. When chosen from the PXE boot menu, it boots into Windows PE, automagically launches Defender, updates the definitions, and runs a full scan.  And then sits there and waits for you to see the results and hit reboot.

Here’s what I did.  This assumes you have Windows Deployment Services and the Windows Automated Installation Kit.

  1. Download Windows Defender Offline for your architecture.
  2. Run the tool to create an ISO (“to burn to CD/DVD later”).
  3. Mount the ISO with Virtual CloneDrive (or similar product).
  4. Fish boot.wim out of /sources on the virtual CD drive.
  5. Create a directory to mount the wim into if one doesn’t already exist.
  6. Mount boot.wim into that directory. Dism /Mount-Wim /WimFile:C:\temp\boot.wim /MountDir:C:\temp\wim /Index:1
  7. If you have a directory full of drivers for your environment, you can pre-emptively add them with: Dism /Image:C:\temp\wim /Add-Driver /Driver:c:\drivers /Recurse /ForceUnsigned. (If not, cross your fingers and carry on with the next step.)
  8. Copy mpam-fex64.exe (or similarly named file for x86)  into the top level of the wim from the top level of your virtual CD drive.
  9. Save and unmount the wim.  Dism /Unmount-Wim /MountDir:C:\temp\wim /Commit
  10. Upload the new wim to your WDS server and add it as a boot option.

I’ve also rewritten a lot of my batch scripts to be PowerShell, but I think that’s a post for another day.

Comments Off on Fun with PXE, redux.

Filed under sysadmin

Fun with PXE

At one of my previous positions, I was in charge of the PXE server.  I like PXE, so I set up a PXE server here, too.

It was a lot easier at my current place of employment, because I had access to the routers and the DHCP server.  It ended up being a straightforward Windows Deployment Services install.  I’m not only serving up boot and install images but also Acronis Recovery Media.  🙂

Alas, at the previous place, I was not allowed access to routers or DHCP.  This meant I had a lot of ‘splainin’ to do, and apparently it broke some of the network guys’ brains, so…

PXE uses DHCP (option 60). You can run PXE on a network with separate PXE and DHCP servers, but PXE does need to listen on DHCP.

It kind of goes like this:

PXE Client:  DHCPREQUEST, p.s. I'm a PXE Client.
DHCP Server:  DHCPACK, Here's your IP! p.s., PXE over there ->
PXE Server:  DHCPACK, Hello, I'll be your PXE server today. 

Note:  That second DHCPACK does not contain an IP number.  It only contains PXE information. (So, dude who kept demanding that I look at the scope of the IP addresses I was handing out?  You fail Reading/Listening Comprehension 101.)

So you’re going to need to make changes to the DHCP server (to specify to PXE clients where to get PXE services) and possibly the routers as well (to specify the PXE server as a DHCP helper).  You also need to make sure that the PXE server is answering on the DHCP ports (open them in the firewall).  If you have separate PXE and DHCP servers, the PXE server doesn’t need to serve up IP numbers, but it does need to answer (DHCPACK, option 60).

This is a pretty good description of how someone else got it working.

1 Comment

Filed under sysadmin

Fun with Exchange Management Shell

I’m really digging the Exchange Management Shell.  It’s FUN FOR THE WHOLE FAMILY!

Okay, maybe not the whole family.  😉

Short example:  someone wanted to know if I could tell them how many emails someone sent in a specific time period.  Short answer:

Get-MessageTrackingLog -Sender -EventID “send” -start ‘1/1/13’ -end ‘2/20/13’ -resultsize unlimited | select-object sender | Group-Object pattern | select count

I spent time playing with that command and checking out how many emails we’ve sent offsite since the start of the year and such.  Better than a water park, I’m telling you!

Comments Off on Fun with Exchange Management Shell

Filed under powershell, sysadmin

Your Halloween Scare

South Carolina Department of Revenue hacked:

South Carolina state officials announced Friday evening that the social security numbers of some 3.6 million state residents and 387,000 credit and debit card numbers were exposed in a data breach. The SSNs were stored unencrypted, and while most of the credit cards were encrypted, some 16,000 card numbers were not.

South Carolina Governor Nikki Haley sounds angry:

“I want this person slammed against the wall,” she said, referring to the attacker as “an international hacker.” “I want that man just brutalized,” Haley said.

Yes, well.  I want my SSN encrypted.

We come, alas, to a personal anecdote.

Once upon a time, I had a server that ran an application that stored card swipe numbers.  Most of them were numbers generated by my employer, but some of them–my coworkers’ cards–were SSNs.  This server was placed without my knowledge in an insecure location.  (The AC went out, so they tied the door open.)  When I found out, I tried to remove the server and was told I wasn’t allowed.  One of the things I did do was to quietly go in and delete my coworkers’ SSNs out of the database.  Including the SSN of the person I hold responsible for the situation.

You’re welcome, by the way. (I think this is the first time I ever told anyone I did that.)

I don’t blame Governor Haley for being angry.  I’d be angry if I were a South Carolina resident, too.  I would have been angry if someone messed with the server in the overheated, insecure location, but I would have blamed the people who told me to leave it there as much as the hacker.  Encrypting PII (Personally Identifiable Information) wouldn’t have been complete protection, but at least it would have made it harder.  Especially since people can’t opt out of paying their taxes on the grounds that they don’t trust the DOR to protect their data.

And, you know.  Not to single out South Carolina.  How secure is your state’s Department of Revenue?

Happy Halloween!  Sleep well!

Comments Off on Your Halloween Scare

Filed under sysadmin

Seekrit Message to a Friend

You didn’t get this from me.  You downloaded it off the internet.

In fact, why don’t I turn that bunch of scripts into a series of jobs and give it to you as one big lump?  (Download.)

How to use:

  1. Load file into SQL Server Management Studio.
  2. Replace all instances of BACKUP DATABASE [DBNAME] with the proper database name in the square brackets.
  3. Either create the directory f:\sql or edit the jobs that refer to it to go to a different path.
  4. Click execute.

And remember, I know nothing.  If I knew something, I’d have to charge.

Comments Off on Seekrit Message to a Friend

Filed under scripting, sysadmin

Happy Memorial Day!

Happy Memorial Day!  Plant is going to hold their annual George Forman Memorial Cookout in your server room this weekend.  Tom Limoncelli explains why here.

When your pager goes off and you call them to tell them the AC failed again this year, tell them the least they could do is save you a couple of burgers.

Comments Off on Happy Memorial Day!

Filed under sysadmin