Category: Security

Keeping your managed PC from locking all the time

I know you shouldn’t try and subvert your companies internal security policies, but sometimes the security department just don’t seem to understand the consequences of what they do…especially when using multiple computers simultaneously!

The following script essentially presses the inaccessible F15 key at regular time intervals to ensure the screen timeout is reset and you avoid locking out.

Continue reading “Keeping your managed PC from locking all the time”

How to connect to an AD Domain Secured SQL Server from a non-domain PC

The following are instructions for setting up a connection to an Active Directory (AD) Domain secured SQL Server using either SQL Server Management Studio or Visual Studio. This is especially applicable when not using a domain attached PC.

Step-by-step guide

Continue reading “How to connect to an AD Domain Secured SQL Server from a non-domain PC”

Azure Active Directory Graph API Wrapper to help make it a bit easier!

I have recently been trying to program against the Azure Active Directory (AAD) using the Microsoft.Azure.ActiveDirectory.GraphClient library. Unfortunately this library literally has no useful comments to assist understanding  or clarify parameters etc.. Let alone how best to use or implement objects and methods or what and why exception may occur.

Equally the MSDN documentation seems to be lacking in any examples and really has minimal comments (although I see it’s getting a bit better…I think).

To this end I have created a ‘wrapper / handler’ to simplify all sorts of AAD interactions called AADGraphHandler. It effectively will help manage the creation of the ActiveDirectoryClient and a bunch of it’s operations. You can find this on GitHub at https://github.com/nrogoff/AADGraphHandler

You can get access to the ActiveDirectoryClient directly, and so any methods not covered yet. (e.g. Adding and removing roles to a user. Just not needed it yet!)

Continue reading “Azure Active Directory Graph API Wrapper to help make it a bit easier!”

Getting IE to remember your login again, when you previously said don’t!

It’s very frustrating that IE will never prompt you again for saving details to a website once you have said ‘No’ in this prompt (in IE 9 it’s a bar along the bottom on the window!)

 

The easiest, but most destruction method of fixing this is to wipe all you form data using the options in IE.

However, I have found two good blogs that explain why and how to fix it without loosing all your other login details etc..

Firstly , a manual registry fix is explained here at watchingthenet.com. Using the registry editor you can do a three stage process to fix just the one website you have the problem with.

Secondly, there is this one by Eric Law that explains why it’s a bit tricky to resolve due to the secure storing of the form data and settings. Most importantly is that he has very kindly made a little utility that help you fix it for just one website at a time.

You need to put in the actual page address, not the domain. Best to go to the offending login page that is refusing to remember and copy the address directly.

Easy guide to configuring Windows 2008 Firewall for SQL 2008 R2

After installing SQL Server 2008 R2 on a Windows 2008 server you will need to configure the firewall (if it’s turned on!) to allow access to the SQL server. Here is the simple method using the interface and assumes the following:

  • The SQL Instance is the default (first installed)
  • The ports have not been manually configured
  • Nothing too exotic like database mirroring is required.
  1. Open the Firewall either from the Control panel

    or by running WF.msc
  2. There are 3 default firewall profiles. One or more can be active depending on what and how you have configured your NICs. You will need to ensure you are editing the correct profile. Here you can see that mine is on a domain, so my Domain Profile is Active.
  3. Select ‘Inbound Rules’ in the left hand pane.
  4. Click on ‘New Rule…’ in the right actions pane.
  5. select Port Rule Type and click Next>
  6. Set TCP and Specific local Ports to 1433 and click Next>
  7. Leave the default of ‘Allow the connection’ and click Next>
  8. If you don’t ever want SQL to be directly accessible on a Public network (assuming you are going to ever connect your SQL server directly to the internet for some reason!!) then un-check the ‘Public’. Otherwise just click Next>
  9. Name it SQLPort and give it a description and click Finish.

That will enable inbound connections to your SQL Server. If you are also enabling SQL Browser Service then you will need to add UDP Port 1434 too another inbound rule.

If you have more than one instance of SQL then you will need to set the port and create rules for them.

For full details on ports and setting it up go to http://msdn.microsoft.com/en-us/library/cc646023(v=SQL.105).aspx

How to bulk unblock files in Windows 7 or Server 2008

In Windows 7 (actually any of the latest Windows releases) you will find that files copied to your local drives are not trusted until you right-click on them and in the properties click the ‘Unblock’ button. This is all very well for one or two files, but gets extremely tedious with more. It turns out to be related to NTFS’s ability to allow alternate data streams.

So here is a simple method of mass or bulk unblocking files.

  1. Download the Sysinternals Streams.exe from http://technet.microsoft.com/en-us/sysinternals/bb897440.aspx
  2. I find Sysinternals so useful I create a ‘SysInternals’ folder on my C: drive and then put this into my ‘path’ environment variable so that I can run them from anywhere. However, if this is too much then the easiest is to copy the streams.exe to the root folder you wish to have files unblocked.
  3. In a command windows (with Admin privileges), use ‘cd’ to navigate to your folder.
  4. Type the command ‘streams –s –d subfoldername’ and press enter.