Archiv der Kategorie: IT

Links for OpenLDAP as AD-Proxy, with Attribute hiding and allow only specific paths

https://doc.owncloud.org/server/10.0/admin_manual/configuration/ldap/ldap_proxy_cache_server_setup.html

http://www.drdobbs.com/the-openldap-proxy-server/199101839

http://www.openldap.org/doc/admin23/proxycache.html

https://www.openldap.org/lists/openldap-technical/201007/msg00074.html

https://www.openldap.org/doc/admin24/overlays.html

https://jpmens.net/pages/openldap-back-ldap-proxy-with-support-for-thunderbird-and-usercertificates/

https://uit.stanford.edu/service/directory/aclexamples

Windows Eventlog Forwarding

Bin grad über das Thema Windows Eventlog Forwarding gestolpert… Nix mehr mit Agenten verteilen, Updaten und Gedöns. Logserver definieren, GPO bauen, Einstellungen treffen und verlinken. Fertsch. Klingt gut – das wird demnächst ausprobiert.

Some hints from Microsoft, to help IDS with Windows Eventlog Forwarding:

https://docs.microsoft.com/de-de/windows/security/threat-protection/use-windows-event-forwarding-to-assist-in-intrusion-detection

A Walk-through, to get 2 scenarios up and running:

http://www.vkernel.ro/blog/how-to-configure-windows-event-log-forwarding

Cut down the collected eventsources to under about 20:
https://social.technet.microsoft.com/Forums/en-US/1706b5bb-6415-47ba-af95-3c13f97a197d/windows-event-forwarding-winrm-issues?forum=winservergen

Write-up of some common problems:
http://zenshaze.com/wp/?p=57

The Windows Event Forwarding Survival Guide:
https://hackernoon.com/the-windows-event-forwarding-survival-guide-2010db7a68c4

Write your forwarded logs to a specified log file:

https://blogs.technet.microsoft.com/russellt/2016/05/18/creating-custom-windows-event-forwarding-logs/

 

VMware Ressource Pools

Just a bunch of link s on this topic:

http://www.settlersoman.com/vmware-vsphere-basics-understanding-resource-pools/

http://pubs.vmware.com/vsphere-50/topic/com.vmware.ICbase/PDF/vsphere-esxi-vcenter-server-50-resource-management-guide.pdf

http://www.yellow-bricks.com/2010/02/22/the-resource-pool-priority-pie-paradox/

http://www.yellow-bricks.com/2010/12/14/shares-set-on-resource-pools/

http://www.yellow-bricks.com/2010/02/24/custom-shares-on-a-resource-pools-scripted/

http://www.settlersoman.com/vmware-vsphere-basics-understanding-resource-pools/

http://download3.vmware.com/vmworld/2012/top10/vsp1683.pdf

 

 

Microsoft SQL Server – Orphaned users ()

In short: If you restore a database – which was backed up on a different server – and want to create a server login and map it to your database user, you may get an error message. Reason: the user already exists in your database and cannot not be re-created. So you have to find the orphaned user in your database;

use YOURDBNAME;

GO;

EXEC sp_change_users_login ‚Report‘;

The result should be something like this:

UserName|UserSID dbo|0x6975A7DA42EE2440BDF292BF4D8D338F

You can now link the login to the db user or create a new Login with the resulted SID above (tested, and working):

CREATE LOGIN [YourSQLServerLogin] WITH PASSWORD = 0x02003A95B96423C3D260F29BE27C39B139426666AEA07E8B8EBA75FG8F4EABB7ACBEEAF9E5E3510A58735E396309ABF3E9DF047378352B8868A0FBDF0BD8EEFE66CAE6C14963 HASHED, SID = 0x6975A7DA42EE2450BDF222BC4D8D338F, DEFAULT_DATABASE = [master]

Link an existing Login to the db-user:

EXEC sp_change_users_login ‚update_one‘, ‚db_login1‘, ‚db_login1‘;

Unfortunatelly ‚dbo‘ is an unallowed argument to the procedure sp_change_users_login … – so i’ve done with creating a new user 🙂 Afterwards you can manage your Login like before via SQl-Statments and/ or SQL Server Management Studio. Additional Links:Understanding and dealing with orphaned users in a SQL Server database https://www.mssqltips.com/sqlservertip/1590/understanding-and-dealing-with-orphaned-users-in-a-sql-server-database/ http://www.codeproject.com/Articles/594134/How-to-Fix-Orphaned-SQL-Users https://msdn.microsoft.com/en-us/library/ms175475.aspx

Change the owner of the database:

SQL Server 2008 and earlier:

use somedb
go
sp_changedbowner [ @loginame = ] 'login'

SQL Server 2012 and alter:

use master
 go
 ALTER AUTHORIZATION
 ON database::[Test-DB]
 TO [someLogin]

Documentation on Alter Authorisation can be found here: https://msdn.microsoft.com/de-de/library/ms187359.aspx

ADFS

How To Install ADFS 2012 R2 For Office 365:

TechNet: ADFS 3.0

Creating a Claim-Aware enabled test-app: http://www.vankeyenberg.be/?p=1281

Setting up a ADFS 3.0 Test-Lab

https://technet.microsoft.com/en-us/library/dn280939.aspx#BKMK_13

https://technet.microsoft.com/en-us/library/dn280939.aspx#BKMK_5

Handy guide for OS- in this case Windows Server 2008 R2: http://nikpatel.net/2014/06/09/step-by-step-complete-guide-to-configure-adfs-2-0-integration-with-sharepoint-2013-on-windows-server-2008-r2/

Windows Identity Foundation Runtime fpr W2k8R2: http://www.microsoft.com/en-us/download/details.aspx?id=17331

Windows Identitiy Foundateion with Sample Apps and FedUtil.exe: Windows Identity Foundation

Microsoft PFE DeepDive:

https://blogs.technet.microsoft.com/askpfeplat/2015/03/01/adfs-deep-dive-onboarding-applications/

http://consulting.risualblogs.com/blog/2015/06/16/adfs-3-0-and-workday-single-sign-on/

ADFS 3.0 Debug Logging

SQL Server – Query to find a column in every table in all tables

Source: http://blog.sqlauthority.com/2008/08/06/sql-server-query-to-find-column-from-all-tables-of-database/

 

USE AdventureWorks
GO
SELECT t.name AS table_name,
SCHEMA_NAME(schema_id) AS schema_name,
c.name AS column_name
FROM sys.tables AS t
INNER JOIN sys.columns c ON t.OBJECT_ID = c.OBJECT_ID
WHERE c.name LIKE ‚%EmployeeID%‘
ORDER BY schema_name, table_name;