Category Archives: Geeky/Programming

iis8

Analyzing ADFS IIS Logs

If you are using Active Directory Federation and you want to see what users are logging in when to what external service, you can analyze the ADFS server IIS logs. It is pretty straightforward since it is just IIS.

First, get to your ADFS box, get to the IIS log directory, usually something like “C:\Windows\System32\LogFiles\W3SVC1″ and grab those logs.

Install LogParser on your machine.

Now, you can write sql type queries against your logs. For ADFS logs, we don’t care so much about many of the columns, but primarily username and date, maybe the URI for filtering, maybe the referrer or the user agent to see what browsers your users are using, but to get say, unique logins per day for a given service, we just need the date, username and URI.

Remember the date is probably UTC so you need to use a function to convert, or leave as is if you want, and everything is pretty much all relative depending on how accurate you want things to be. hint: TO_TIMESTAMP(date, time) AS utc-timestamp, TO_LOCALTIME(utc-timestamp) AS local-timestamp

Now, here is the LogParser query:

logparser "SELECT DISTINCT cs-username, date INTO FROM WHERE cs-username <> NULL and cs-uri-query LIKE '%your service%'"

Note in the statement the output path and your log path, change to what yours are. Also, the LIKE statement. For example, to query for Microsoft Dynamics CRM Online, I used

LIKE ‘%dynamicscrm%’

Run that query, then open the .csv you exported to. Format the data as a table, pivot it by user, pivot by date. Get the unique number of days using a date diff, analyze logins per day, logins per user. Tie to Active Directory (using Power Query) to add some dimension attributes like title or department and very quickly you can analyze what users, departments etc are using your service.



ipad

No Laptop for a Week

This past week I went to the PASS Summit 2012 in Seattle (more on that in a later post). But I did something that I haven’t done ever. I went to Seattle without my laptop.

Now, if you have ever been to a tech conference, first off the wifi and network in the hotels are slow because you have thousands of geeks doing the same thing. 3g/4g slow too, so you are already hampered by that fact.

Next, you are up early, to breakfast/conference sessions all day, usually till 6:30 pm, and you then have conference events every night till 9, 10, 11 whatever, so you aren’t in your hotel much, maybe to sleep, shower, drop your bag off.

I found that I could “get by” without my laptop, but there were things that weren’t easy, and things I couldn’t do easily when I wanted to.

First trial was an email sent to me with a PDF that asked “can you sign this and get it back today”. Ok, let’s see. Download a PDF signing app and do it in iOS. Works. Little hokey to get the file back and copied and back in the email, but works.

Then, a couple of days later, “go here and fill this web form out”.. well, let’s cross our fingers it works in mobile safari or chrome without issue. It was clunky but worked.

I would say the biggest gripe though I had was this: lack of keyboard. Now I know with iPad (and things like Surface with the touch cover) you can get a keyboard, but I don’t have one of those cases for my iPad so I was just winging it with the iPad.

With no keyboard, it is *very* hard to sit down and bang out paragraphs at any fast type of rate. Blog post? Not quickly. It is just a slow down without a physical keyboard to type on. Other things like emails, twitter, web, whatever, work fine with just the iPad. And of course consuming/reading content is great. Just that typing something like this post here, I waited till I was at my desktop at home to write it. I think I would pull my hair out just trying to use the soft keyboard on the iPad.

Overall it got me by like I said, but there are still some gaps, at least for me, in what I need to do that can’t be handled without a laptop or physical keyboard. Maybe next year :)



chrome logo

Search Google Drive and Gmail from Chrome Omnibox

If you are like me, and live in Google Chrome, you probably use other Google Services. I use Google Drive and Gmail extensively. I would love it if when I searched in the Google Chrome Address Bar Omnibox, that it could search other places.

Well, you kind of can. On the Omnibox..

Right click, Edit search engines..

The under “Other Search Engines”: add two entries..

Google Drive | drive.google.com | http://drive.google.com/?hl=en&tab=bo#search/%s

Gmail | gmail.com | https://mail.google.com/mail/ca/u/0/#apps/%s


then if you type drive.google.com and hit “tab” instead of enter, you can type in your search term, same with the gmail.com shortcut.



If you do all that, then you should be able to search Google Drive and Gmail straight from the Chrome Omnibox.



winpcap

Windows 8, WinPCap, Compatibility Mode.

I have been running Windows 8 since the 2011 BUILD conference, the dev preview, then the consumer preview, then the release preview. So RTM wasn’t much of a jump for me. I have it installed on my BUILD samsung tablet, as well as on my work laptop.

While I have seen a few things not work, that would be expected, one is WinPCap (packet capture) software , which is an integral part of Wireshark. Turns out it doesn’t really work in Windows 8, at least the installer doesn’t.

What I had to do was run the install in “Windows 7 Compatibility Mode” and it then installed and I could capture traffic.



tools

Tools You Should Use: Tasklist

Day to day we all use many different systems and tools. Windows, Mac, iOS, Android, Twitter, Facebook, Powershell, Visual Studio, Sublime Text, iTunes, and the list goes on and on. There are so many cool utilities and tools out there, and many people aren’t aware of the majority of them, but at one point or another, they could benefit from using them..

The first tool/utility I’d like to tell you about is: tasklist (http://technet.microsoft.com/en-us/library/bb491010.aspx)

tasklist is a cmd line utility built into windows that you can use to see running processes. With any utility, run “tasklist /?” to see options. You can
run it with /S and pass in a remote system name, pretty cool. Also authenticated using /U and /P. You can see many other options as well. Format, Verbose, etc.

You can use this to get the running processes on a remote system. Want an easy way to see who might be remoted (RDP) into a machine?

tasklist /s COMPUTERNAME /v /FI "ImageName eq Explorer.exe"

Pretty cool huh? Just think of the other possibilities. Log the running tasks to a csv and track over time with memory usage. Check remotely for a process running. tasklist should be able to help. And used in conjunction with other tools, you can do a lot of remote admin work.

I’m hoping to highlight on more utilities and turn those posts into a series, so stay tuned.



Screen Shot 2012-07-08 at 8.47.11 PM

Reset your “Lost” Password in Ubuntu

I have a few VM’s setup at home. One is Ubuntu. I haven’t been on it for a while. Figured I knew what the password was when I set it up months ago, but for some reason it wasn’t work. So how to change?

1. Reboot into “recovery mode”

Reboot, hold down shift and the boot menu will come up, choose the option with (recovery) at the end.

2. Mount as root

Once through that, choose the option to mount as root.

3. Reset Password

#passwd username (username is the username you want to reset)..

enter the password twice, and then

#reboot now

Bonus: If you get “Authentication token manipulation error” as I did, you need to remount your file system as read/write at the root prompt.

#mount -rw -o remount /

Bonus 2: Once you actually get into the system, it is going to probably complain about your keyrings password not matching. Goto your home folder (make sure you have all folders shown) and goto .gnome2/keyrings and delete and files and reboot.

Overall not that bad, but yeah, don’t lose your passwords. Keep them in a password manager! (I didn’t with this one of course, didn’t keep it in my head either!)



techedslides

#msteched TechEd 2012 Conference Highlights

Last week I was in Orlando at Microsoft TechEd 2012. It was a great conference, especially for me, since I am all over the place with technology. There was DBA, SysAdmin, Developer, etc sessions.

What did I take away? Here is a quick overview.

Azure. The cloud. It is here (well it already was) but now with IaaS and persistent VMs, the game is changed for Azure. Also with websites and media streaming and other stuff Azure is becoming *the* platform.

SQL 2012 - While I was away, the BI team upgraded to 2012 at work. While I have been playing with 2012 for a while, it just got real. BISM stuff and SharePoint/Kerberos stuff came to light this week. Good stuff

System Center while I didn’t focus much on this, System Center is where it is at. You can now monitor your Azure cloud, your on-prem VM (HyperV or VMWare) and do tons of other stuff. Sky is the limit with this product.

There is so much more but it was a great time. Good people, good sessions, smart presenters, and just information oozing out of every room. Orlando in early June is like a sauna though :)

I am really pumped to get back in the saddle and start implementing some of this stuff in day to day solutions. Was so excited I actually moved my blog to an Azure website this weekend. It moved fine and I had to do some MySQL stuff to get my content moved, but it is basically sitting there idle as I can’t change the DNS over without pay more than I am willing to. More to come in this arena though.

To the cloud! (and the Tabular cube, and the System Center, and so on and so forth)…



cisco anyconnect

Adding Computer to Windows Domain and Logging In with Domain Account over VPN

I have done this enough times, but just for documentation sake.

So, you get a cool new OS (Windows 8 Release Preview maybe?) and you repave your machine. You want to add to your domain over VPN and then login with your domain creds. Now, you must have an account that has access to add computers to the domain, of course, but this is what you do.

Why would you want to do this? Well, if you are telecommuter, it might be something you run into. If you want to redo your machine at night and not waste time during the workday, is another reason. If anything, it isn’t that complicated, but it could be confusing if you have never done it before. If you have a basic understanding of windows networking and Active Directory you should be able to get what is going on here.

1. Repave your machine!
2. Set up machine with new name
3. Install VPN, connect to your network.
4. Add your machine to your domain as you would when on the LAN network.
5. DO NOT REBOOT. I repeat, DO NOT REBOOT. Even though Windows wants you to!
6. Go to user management and add the domain user you want to login as to the local admin group.
7. Now, feel free to reboot.
8. Drink a beer.
9. When the login screen comes up, login as your local machine account that you setup when you repaved your machine.
10. Connect to VPN.
11. “Switch Account” back to login screen (VPN is still connected!)
12. Login as the domain account from step #6.
13. Profit.



ReportBuilder Icon

Dynamic Sorting Using Parameters in SSRS

The other day, someone requested that a report in SSRS be sorted differently by default. While that might make sense if everyone wants it that way, more than likely you might have people that want a report sorted differently by default. How to do it?

There are probably a few ways, but this is what I did.

First, I added two parameters. “SortByDefault” and “SortOrder”

The “SortByDefault” will be a drop down of your columns you want to sort by for your dataset (or group, or table/tablix)

The “SortOrder” is simply Asc (1 to N, A to Z) and Desc (N to 1, Z to A)

Now, here is how mine look:

SortByDefault (I have two columns I want to allow sorting by, PointsLeft and StackRank):

SortOrder:

Now comes the fun stuff: Making it work.

Make sure you remove any “ORDER BY” in your dataset (you don’t have to but this makes it easier).

I also have every column in the report set up for interactive sorting based on the column header/column it shows, but not sure that is necessary here, I just wanted to put that out there just in case

You want to get to your sorting options. So in my case, I have a tablix, so get to your tablix property window and the sorting option:

Now you can see, my “Sort By” and “Then By” are expressions. It is kind of weird here. Also you can’t set expressions for “Asc” or “Desc” so what I had to do was trick it somewhat.

the first is to handle the asc option:

=IIF(Parameters!SortOrder.Value=”Asc”,Fields(Parameters!SortByDefault.Value).Value,0)

the second is to handle the desc option

=IIF(Parameters!SortOrder.Value=”Desc”,Fields(Parameters!SortByDefault.Value).Value,0)

You can see, some magic. If the order by is XYZ then use the field, otherwise 0. If you notice from the screenshot, first one is A to Z (Asc) and the second one is Z to A (Desc). So we are basically telling SSRS to sort by the param or not based on the order by option and it chooses the right order by (ASC/DESC). I think this was easier in SQL 2000 SSRS :)

Well now you should be able to test your report and try to sort orders. What I did next is make my params hidden. The defaults are what I wanted for the existing report (Order By PointsLeft DESC), and what I did next is create a linked report and set the hidden parameters int he report options in Report Manager to (Order By Stack Rack, ASC)

Now I have one report, with hidden sorting params and I can create linked reports with different sort options without having to create a new report. I could add all columns to the choices, or even let users choose as parameters (but they already have interactive sorting in this case).

Happy Report Buildin’!