Saturday, September 25, 2010

Windows 7 Activation Error 0x8007232B

If you get the error 0x8007232B when you try to activate Windows 7 installed from volume licensed media you can run the following from an elevated powershell window:
slmgr.vbs –ipk [product key]
slmgr.vbs –ato

I installed the Elevation PowerToys for Windows Vista to simplify getting an elevated powershell window. Unfortunately, the powertoys didn't seem to work with Win7 so I had to start powershell by ctrl-right-clicking the link and selecting run as Administrator.

Tuesday, September 21, 2010

Offline spelunking of Active Directory - setup

Needed to extract some historical information from Active Directory (AD) backups stored in NTBackup BKF files.  First challenge was extracting the NTDS.DIT from the BKF.  How do I get that snapshot loaded up so I can query the backup?  I didn’t find a way to directly query for results from the NTDS.DIT without loading it into a running Domain Controller (DC) instance.

  My approach is loosely modeled on the technique outlined at technet to “mount” a snapshot in VMWare Workstation on a server configured as a DC that closely models the forest structure of the targeted AD backup.  I’d prefer to use a clone or image from the actual DCs but I can not disturb the online production environment.

I set up a VMWare team consisting of a Win 2008 R2 x64 server configured as a DC and a Vista x86 32-bit Workstation with Windows Server 2008 Remote Server Administration Tools; Active Directory Explorer and some custom/hand built ADSI based tools.  I’ll be pushing tests of the custom tools from Visual Studio on the host to the virtualized Vista box in the team because I don’t want to directly mess with the virtualized DC.  Now to get the directory backup loaded so I can do some offline spelunking.

Lightweight Portable Security – access .mil portal from public computer

SPI has put out a bootable live Linux ISO with CAC support.  It’s called “Lightweight Portable Security”. Very nice (in my opinion) if you need to get onto a .mil portal like the AF Portal from a public computer.  Downloading it now to setup in a virtual machine and USB CAC reader.  Hopefully it works out.

Monday, September 20, 2010

General Robotics, Automation, Sensing and Perception (GRASP) Laboratory

Recommend surfing the  very cool robotics research from the GRASP lab.

MP3 tagging - foobar2000

Just noticed how jacked up my MP3 tags were when I copied some mp3s over to my phone.  Lifehacker had some recommendations for MP3 tagging for Windows boxes.  I ended up going with foobar2000.

Sunday, September 19, 2010

Install MySQL Connector/J for use from Eclipse

I already had a JDK, Eclipse, and MySQL installed but I needed to install the MySQL Connector/J so I could use it with the Eclipse SQL Explorer plugin to access the database with JDBC instead of the JDCB-ODBC bridge.  There are many ways to get the job done.  Here is what I did:

First I downloaded MySQL Connector/J; created a directory “C:\Devel\Java\JRE\ext”; extracted the binary jar for the driver from the download and copied the  mysql-connector-java-3.1.14-bin file into “C:\Devel\Java\JRE\ext”.

Started Eclipse; in the preferences dialog edited the settings for the Installed JREs.


Specifically, I used the “Add External JARs…” to add the MySQL connector I put in C:\Devel\Java\JRE\ext.

First select the installed JRE you want to edit.


Next “Add External JARS…”clip_image006

Then you should see the driver show up in the “JRE system libraries” list.


Now I have a working MySQL Connector/J JDBC driver ready for use with Eclipse projects. Yay!

Friday, September 17, 2010

Clear resume state from a paused VMWare VM

Had a team that I copied from another location with saved resume state that was not compatible with the new host workstation.  As mentioned here I deleted the *.vmem and *.vmss files while VMWare was off then resumed the team on the new host.

bkfjtools hack and slash for english

I needed a quick way to extract some files out of an NTbackup “BKF” file and didn’t have time to go buy a tool.  A couple seconds of googling revealed the bkfjtools program.  Unfortunately, I don’t read Japanese that well.  So I did a quick hack and slash conversion to English using google translate on the strings for the bkfexp tool.  Source is here.  Probably should clean it up for real language support and commit back.  Probably won’t happen due to time constraints.

Should have googled more than two seconds….Another technique to use NTBackup on Win Vista/7 is described here.  But what’s the fun in that?

Google Code Blog: Google Relaunches Instantiations Developer Tools -...

This looks like a good add on for Eclipse:

Google Code Blog: Google Relaunches Instantiations Developer Tools -...: "(Cross-posted from the Google Web Toolkit blog) In early August, Google acquired Instantiations, a company known for its focus on Eclipse J..."

Thursday, September 16, 2010

Flame Tornado!

Flame Tornado!  That is just cool.  Or maybe hot.

Monday, September 6, 2010

Live View – no Virtual Server 2.x support

Wanted to use Live View to check out a couple of dd images from a set of workstations.  Primary goal was to extract VHD files from the workstations dd images for a separate analysis task but also needed to check some “live” system behavior.

I’m using Windows Vista x64 at the moment and it requires digitally signed drivers.  Unfortunately, this means Virtual Server 1.x series will not function correctly on my workstation because the 1.x series does not include signed drivers for all necessary virtualized devices.  No network and/or no USB device. 

Being to lazy to build a 32-bit box I decided to see if I could get Live View to work with Virtual Server 2.x series.  Actually, it wasn’t really laziness (piles of spare parts just don’t want to build a box right now) so much as I don’t have a USB KVM and my desk is already loaded up with monitors.  A little bit of research on the Live View forums indicated that the 2.x series is not supported at this time.  Unfortunately, Virtual Server and Workstation can not co-exist on the same workstation and I need Virtual Server for another piece of the analysis workflow. Bummer for me, no Virtual Server 2.x goodness for this project unless I want to start code spelunking Live View or go the VMWare Workstation route on a separate workstation.

  “Summon Laptop”.   So I downloaded and installed the following: VMWare Workstation 7.x;  Virtual Disk Development Kit (VDDK); Live View Public installer.  And now I have Live View installed on a separate workstation.  Next step in the plan was to use this install of Live View to copy dd  images on external drive to vmdk files on an external drive.  Then plug that drive into the workstation with Virtual Server for actual artifact extraction and analysis.  We’ll see how that works out in a  bit.

The User Profile Service failed the logon. User profile cannot be loaded – or – Working for the Computer instead of the Computer working for me (yet again).

I really hate it when I end up working for the computer instead of the computer working for me.  Not 100% sure about the root cause, suspect the operator – me;  but I got a “The User Profile Service failed the logon. User profile cannot be loaded” error when logging in on a Windows Vista x64 box. 
Googled a bit and came across MS KB 947215.  It includes a Fix-It that did not work for me so I moved on to a manual process.  I’m working for the computer yet again. 
I made a copy of the “corrupted” User profile to an external drive before deleting it.  The profile was about 250 Gig so the copy process did not seem responsive.   
Was going to kill the copy it but happened to check the disk space on the external drive and it was slowly getting filled up by the copy of the “corrupted” User profile.  That was about 11.5 hours with the “Copy to dialog” not responding.
Next went to clean up some of the mess left on the %UserProfiles% before re-creating the profile.  There were several temporary files that couldn’t be deleted due to permissions so got a Recovery Disk.  Booted up the recovery disk and got a command window up to delete the stubborn temp files. Renamed the profile directory; and finally rebooted so I could recreate the profile and fix up the permissions on files.  New SID means permissions are still a bit hosed.  I'll need to go back and fix those later.

What a pain.  Finally back up and running.

Edith Sitwell

Eccentricity is not, as dull people would have us believe, a form of madness. It is often a kind of innocent pride, and the man of genius and the aristocrat are frequently regarded as eccentrics because genius and aristocrat are entirely unafraid of and uninfluenced by the opinions and vagaries of the crowd.

Edith Sitwell
English biographer, critic, novelist, & poet (1887 - 1964)

I’m no genius and I’m no aristocrat but that is a keen observation.  Kind of a bummer when people you’d like to meet are already dead.

Sunday, September 5, 2010

Setting up IIS on Windows Vista x64 for VMWare Server 2.x install

I had originally configured IIS to use Client Certificate Mapping Authentication (or IIS Client Certificate Mapping Authentication).  Unless your authentication provider is set up for certificates you won’t need this mapping on.  I’m working on a standalone workstation in a workgroup so I’m not set up for certificates in this case.  This post discusses ISS authentication and certificate mapping in a bit more detail. 
I used the following process to turn Client Certificate mapping off:
Access “Uninstall or change a program”.
Access the “Turn Windows features on or off” Using the “Control Panel -> Programs and Features”
Uncheck the  "Client Certificate Mapping Authentication" and "IIS Client Certificate Mapping Authentication" if they are selected. Then apply your settings (press “OK”).
You’ll get the following dialog:
Warning: Make sure that you wait for the configuration settings process to complete!
  This took about 10 to 15 minutes on my workstation.  It’s also likely that you’ll need to reboot after making your changes. First time around I got impatient and rebooted before the changes were completely applied which led to a whole slew of problems (User profile got trashed, but that’s another story).
I did generate a self-signed certificate for the Default Site after turning off the Certificate Mapping so I could access the site through https but not require a client certificate.

Friday, September 3, 2010

Disk2vhd – migrate a “real” Windows box to virtual

I won’t hash out the details which are available elsewhere but Disk2vhd looks like a solid way to migrate a running Windows box to a Virtual PC or VirtualBox.

Might also work to grab an image of a running box for offline analysis.  With Windows 7 you can mount a VHD using built in features.  Otherwise you’ll probably need something like Gizmo Drive.

Building 32-bit MySQL clients with 64-bit MySQL install

Had to build a 32-bit MySQL client (MySQL-python) on a 64-bit Windows Vista hosted install of 64-bit MySQL. 
I used setuptools to get the initial download of MySQL-python. “easy_install –b temp mysql-python”.  But installation failed due to 64-bit MySQL libraries (and the registry setting in site.cfg).
  1. First, I downloaded the no-install 32-bit version of MySQL extracted it out and copied the libraries directory to “C:\Program Files\MySQL\lib32”. Now I have the 32-bit libraries in “C:\Program Files\MySQL\lib32” and the 64-bit libraries in “C:\Program Files\MySQL\lib”.
  2. Then tweaked the MySQL-python site.cfg so the registry_key was correct (registry_key = SOFTWARE\MySQL AB\MySQL Server 5.1) .
  3. Next tweaked the so it would use lib32 instead of the 64-bit libraries (library_dirs = [ os.path.join(mysql_root, r'lib32\opt') ]
  4. Finally, it was a simple run of “python clean”; “python install” to get MySQL-python installed.
Purely a hack but it got the job done.

Thursday, September 2, 2010

Virtual Drive Software for Vista

I’ve used VirtualCloneDrive for mounting ISO images but needed to mount some Virtual PC virtual hard drive (VHD) images which it unfortunately does not do.  I’m using Vista on the moment so I don’t have the cool VHD mounting feature in Windows 7. So after about 2 minutes of googling came across a post describing a process that uses Gizmo Drive to mount VHDs.  Going to work with that for the moment.