Convert install.esd to install.wim

I haven’t put up new post for quite some time, this is definitely worth keeping it.

Recently I started to look at creating a system image for Winodws 10, it will be used for the desktop/laptop deployment.  It is not funny that you have to do so much to get it to work when you don’t have SCCM in your environment.

One thing that was blocking my way, there is no more install.wim for creating the package, the latest build of Windows 10 download only comes with install.esd under the source directory.  Although you can ask Uncle Google, and there will be many software options to convert, extract, decrypt…etc many many terms, but I don’t like any of them as I don’t feel comfortable downloading a script or software that wasn’t verified, you just don’t know what it’s embedded.

I am luckily enough to find these information from a Technet article.

  1. you need to copy the install.esd file onto a local storage location.
  2. run cmd in elevated mode.
  3. execute this command – dism /Get-WimInfo /WimFile:install.esd (this should pointing to the physical path)
  4. note down the Index number for the operating system you would like to deploy
  5. then execute this command – dism /export-image /SourceImageFile:install.esd /SourceIndex:1 /DestinationImageFile:install.wim /Compress:max /CheckIntegrity
  6. if it ran ok, you will get install.wim extract in the same folder.  now you can use this to work with MDT.

Have fun!

Mac OSX needs to repair Library

Recently I have got one of the iMac upgraded with SSD and more RAM, the job was done by a local authorized service provider.  They migrated everything onto the new disk and I had it back next day, very happy.

When I first turn on the machine, I noticed one of the user account is no longer there.  I logged in with my account, I can see the user HOME folder is still there and the files are still there…kind of lucky.  I had a look online and found an article to recreate a new user with the same username, the system picked up the HOME folder and magic happened, the user login and all looking good.

Guess what!?  Next day morning all the settings for this user is gone, files are everywhere and can’t access any applications.  Time machine doesn’t work either, can’t revert back to anything.  It also keeps prompting says “Mac OSX needs to repair your Library to run applications. Type your password to allow this”, however no matter what username/password I put in, none of the work, it just doesn’t do anything.

At the end, I found an article from Apple Support Communities, thanks to Linc Davis.  The original link is https://discussions.apple.com/thread/5368156

Below is the solution copy and paste from the article

Back up all data. Don’t continue unless you’re sure you can restore from a backup, even if you’re unable to log in.

This procedure will unlock all your user files (not system files) and reset their ownership and access-control lists to the default. If you’ve set special values for those attributes on any of your files, they will be reverted. In that case, either stop here, or be prepared to recreate the settings if necessary. Do so only after verifying that those settings didn’t cause the problem. If none of this is meaningful to you, you don’t need to worry about it.

Step 1

If you have more than one user account, and the one in question is not an administrator account, then temporarily promote it to administrator status in the Users & Groups preference pane. To do that, unlock the preference pane using the credentials of an administrator, check the box markedAllow user to administer this computer, then reboot. You can demote the problem account back to standard status when this step has been completed.

Triple-click the following line on this page to select it. Copy the selected text to the Clipboard (command-C):

{ sudo chflags -R nouchg,nouappnd ~ $TMPDIR.. ; sudo chown -R $UID:staff ~ $_ ; sudo chmod -R u+rwX ~ $_ ; chmod -R -N ~ $_ ; } 2> /dev/null

Launch the Terminal application in any of the following ways:

? Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)

? In the Finder, select Go ? Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.

? Open LaunchPad. Click Utilities, then Terminal in the icon grid.

Paste into the Terminal window (command-V). You’ll be prompted for your login password. Nothing will be displayed when you type it. You may get a one-time warning to be careful. If you don’t have a login password, you’ll need to set one before you can run the command. If you see a message that your username “is not in the sudoers file,” then you’re not logged in as an administrator.

The command will take a noticeable amount of time to run. Wait for a new line ending in a dollar sign (“$”) to appear, then quit Terminal.

Step 2 (optional)

Take this step only if you have trouble with Step 1 or if it doesn’t solve the problem.

Boot into Recovery. When the OS X Utilities screen appears, select

Utilities ? Terminal

from the menu bar. A Terminal window will open.

In the Terminal window, type this:

res

Press the tab key. The partial command you typed will automatically be completed to this:

resetpassword

Press return. A Reset Password window will open. You’re not  going to reset a password.

Select your boot volume (“Macintosh HD,” unless you gave it a different name) if not already selected.

Select your username from the menu labeled Select the user account if not already selected.

Under Reset Home Directory Permissions and ACLs, click the Reset button.

Select

? ? Restart

from the menu bar.

command line copy files

I need to xcopy files from one drive to another, however I only want the files that are on or after a certain date. I found this handy command and it worked nicely.

Work best on Windows 7 and 8 computer.

c:\robocopy x:\ y:\ *.* /MAXAGE:20130101 /XO /E

Yes it basically uses “Robocopy”, and if you need more details on switches, checkout this link http://ss64.com/nt/robocopy.html

ESXi evaluation license renewal

For people who needs to extend their vSphere trial, try with the steps below.

1. Go to Licence and put a Free Licence from VMware Portal
2. service.sh restart
3. rm -r /etc/vmware/license.cfg
4. cp /etc/vmware/.#license.cfg /etc/vmware/license.cfg
5. /etc/init.d/vpxa restart
6. service.sh restart
7. Go to Licence and put back to Evaluate Mode for 60 new Days

ESXi-Customizer

I got really really stuck into creating a custom VMware boot image today, I bought a cheap Adaptec card recently and I want to install VMware vSphere Hypervisor on it, apparently this is the only option.

Cut the long story, the VMware ISO will not detect the card and drives (although it supports and certified by VMware), that is why I need to create a custom boot disc.  Instruction from Adaptec shows that I need to use PowerCLI, some scripts and a bit of time to do that.  I tried and it doesn’t work!!!!!!!

Pick up the phone, call up the Adaptec support, quickly explain the situation and my first response is “Oh no, don’t use that, waste your time and it’s too hard”.  WTH, that’s the instruction “Black/White” written in the installation guide, but the technician tells me wrong….arggggg…..

Anyway, he knows what to do, below is the software and instruction that he highly recommend.

2

below is the link to the instruction

Creating a VMware 5.5 install CD for Adaptec Series 6-7-8 controllers

I guess it will work with other situations, but this seem to be an easier and promising tool to use.

Connecting OwnCloud to Active Directory

I recently came across this open source “Dropbox” like application, it is truly something that our company has been dreaming for, so I quickly download a virtual appliance from Bitnami to try it out.

So far, it is all looking good except I am having difficulty to connect the application to LDAP, so I don’t need to recreate all the users again and they don’t need to remember another login account.  After trying very hard on Uncle Google, I found this excellent article which worked perfectly for me.

https://vorkbaard.nl/add-owncloud-6-0-to-active-directory-2012-r2/
Add ownCloud 6.0 to Active Directory 2012 R2 | Vorkbaard uit de toekomst

Connecting ownCloud to Active Directory

In Active Directory Users and Computers create a new user called owncloudaduser. It doesn’t have to be a member of any special groups. Give it a hard password and set it and the account to never expire. I created this user in the Users OU. This doesn’t really matter but keep it in mind when specifying the user’s DN in ownCloud.

ownCloud25

LDAP can be tricky. If your AD works you don’t have to deal with it but as soon as things start to disintegrate you will have to get your shovel and dig in the LDAP database. Windows Server 2012 provides a couple of tools; do some Googling.

Also it can be insightful to go into Active Directory Users and Computers, select your domain, click View and check ‘Advanced features’.

ownCloud26

Now Active Directory Users and Computers shows you a lot more information. Doubleclick a user and check out the new tabs. Especially handy is the Attribute Editor which tells you not only which attributes there are but also their exact values which can be very helpful when troubleshooting the connection between ownCloud and Active Directory.

ownCloud27

Right, back to ownCloud. Point your browser to http://192.168.77.130/owncloud and log in as ocadmin.

From the top right menu choose Users.

virtualbox_35

Note that there is only the one ocadmin user we created earlier. Normally this is where you would create ownCloud users.

Click on the ‘+ Apps’ icon bottom left.

virtualbox_30

In the apps list scroll down to ‘LDAP user and group backend’, click it and click Enable.

virtualbox_32

From the top right menu choose Admin.

virtualbox_33

Ignore the https security warning for now. Scroll down to the LDAP section. This is the section that has the Server, User Filter, etc. tab bar on top. Start out with the Server tab and fill out your own values. Remember you can find the DN of the client user in Active Directory Users and Computers.

virtualbox_36

The ‘Could not determine Base DN’ error is caused by a bug in ownCloud; don’t worry about it.

All values are instantly saved. Press F5 to reload the page and behold! You can now enter a Base DN.

virtualbox_37

Users.testnet.netwerk is the default (with your own AD of course) but you could just enter DC=testnet,DC=netwerk. This would give you all users in the AD, including system accounts that will never need ownCloud accounts.

Click the Expert tab and in the Internal Username Attribute field enter sAMAccountName. This way ownCloud’s internal usernames are identical to your AD usernames instead of the objectSid which is a long range of numbers.

virtualbox_39

Click the Save button on the bottom of the form after you change this.

Click the Advanced tab. Under Connection Settings check these options: Configuration Active; Case insensitive LDAP server (Windows); Turn off SSL certificate validation [for now]. Set ‘Cache Time-To-Live’ to 5 seconds for now. If you are done configuring change this back to 600 or so. You don’t want to wait ten minutes after every change to test if it is working.

virtualbox_38

Click the Save button.

Under Directory Settings enter these values:
User Display Name Field: displayName
Base User Tree: CN=Users,DC=testnet,DC=netwerk
Group Display Name Field: cn
Base Group Tree: DC=testnet,DC=netwerk (I’m not sure this makes any difference, I’ve never seen ownCloud pull non-system groups from LDAP)
Group-Member association: member (AD) (idem: this makes no difference but this is supposedly the correct setting)

virtualbox_43

Click Save, then click the Login Filter tab. You may now see a ‘Configuration incorrect’ message followed by a red square. Don’t worry about it; this is ownCloud being confused I guess.

Click the ‘Edit raw filter instead’ line and enter this text:
(&(memberOf:1.2.840.113556.1.4.1941:=cn=ocusers,dc=testnet,dc=netwerk)(sAMAccountName=%uid))
(I edited the screenshot a bit so it would show all text.)

virtualbox_41

The memberOf:1.2.840.113556.1.4.1941: key is interesting. It means “members of the following group, including indirect members due to group nesting”. This will include User4 even though User4 is not a member of the ocusers group.

sAMAccountName=%uid means “where the sAMAccountName value equals the string the user entered in the username field on the logon page.

The Login Filter tells ownCloud which users are allowed to log in and which LDAP attributes they are allowed to use for their usernames.

Clicking Continue will take you to the Group Filter tab and, if all went well, replace the error message by a happy ‘Configuration OK’ message followed by a green dot.

virtualbox_42

(Yes, I edited the screenshot so it would show all text.)

The Login Filter raw filter string you entered is very sensitive about changes in other places in the ownCloud administration web interface and even to reloads of the page itself. If you change anything check back here and fix the value if necessary. The fix may take but if you press F5 the default value is reset. I hope this will be fixed in future updates but for now it helps if you are aware of these… features.

Before continuing, check which users are listed in the User section (top right menu, Users). Note that there are too many.

Under the User Filter tab click ‘Edit raw filter instead’ and enter this text:

memberOf:1.2.840.113556.1.4.1941:=cn=ocusers,dc=testnet,dc=netwerk

Press Continue to save the value.

Check back in the top right menu under Users and verify that all intended users are present.

virtualbox_44

There’s a fair chance it won’t work the first time but it helps to know which values should work and once it works it keeps working.

Good luck and have fun!

Set Office365 user passwords to never expire

This is generally not recommended as it is a good idea to change your important password every so often, it will make hacker job more difficult.  However in some cases, it might be help.

Anyway, this post is referring back to a Microsoft article, so if you need more details information, use this link here Office Online

 

Set a password to never expire

The Use Windows PowerShell cmdlets to manage your Windows Azure AD tenant topic tells you how to install Windows Powershell and gives you more information about Windows Powershell and cmdlets.

  1. Connect to Windows PowerShell by using your company admin credentials. Run the following cmdlet:

Connect-MsolService

  1. Do one of the following:
    • To set the password of one user to never expire, run the following cmdlet by using the UPN or the user ID of the user:

      Set-MsolUser -UserPrincipalName <user ID> -PasswordNeverExpires $true

    • To set the passwords to never expire for all the users in an organization, run the following cmdlet:

      Get-MSOLUser | Set-MsolUser -PasswordNeverExpires $true

Check out Set a user’s password expiration policy to set user passwords to expire after a specified amount of time.

Find out whether a password is set to never expire

  1. Connect to Windows PowerShell by using your company admin credentials. Run the following cmdlet:

Connect-MsolService

  1. Do one of the following:
    • To see whether a single user’s password is set to never expire, run the following cmdlet by using the user principal name (UPN) (for example, april@contoso.onmicrosoft.com) or the user ID of the user you want to check:

      Get-MSOLUser -UserPrincipalName <user ID> | Select PasswordNeverExpires

    • To see the “Password never expires” setting for all users, run the following cmdlet:

      Get-MSOLUser | Select UserPrincipalName, PasswordNeverExpires

Activate VL key on evaluation edition (MS Server 2012 Standard)

I made a big mistake for using evaluation server software in production, I’m thinking that I can apply the proper license in a later stage, but I am absolutely wrong!!

Luckily I found an article from Technet that can upgrade an evaluation license to a full retail license, I tried this with my VL key and thank god it worked!!!!!!!!!

Here’s the link:  http://technet.microsoft.com/en-us/library/jj574204.aspx?Loc=zbtfz_zYFCz&prog=zEvalz&prod=zWSz

below is the key command.

From an elevated command prompt, determine the current edition name with the command DISM /online /Get-CurrentEdition. Make note of the edition ID, an abbreviated form of the edition name. Then run DISM /online /Set-Edition:<edition ID> /ProductKey:XXXXX-XXXXX-XXXXX-XXXXX-XXXXX /AcceptEula, providing the edition ID and a retail product key. The server will restart twice.

Excel not accumulating time field correct

When you need to add up hours in excel, you will find that it ignores the hours greater 24:00, one reason I found because of the “Time” format.  To workaround this, I found two ways of doing it.

1. If you change the “Total” cell format to “custom” with [h]:mm

2. If you change the “Total” cell format to “number”, and then multiply the total by 24

This is usually helpful when you need to do timesheet at work, especially the accountant usually deal with the labour hourly rate.