You are currently browsing the category archive for the ‘Microsoft’ category.

If you followed my wmic post a while back you’ll have seen that wmic outputs a LARGE amount of data seperated by the | character, sort of like a CSV. This quickly becomes unusable as the first line is the column titles of the data and each following line is a result. So I wrote a small, very much ugly and not exactly rock solid, bit of python to dump wmic output into a Dictionary of Lists. What I mean is every column will be a key in the Dictionary and each value is a list of 1 or more values. So for instance a WMI query of HDDs will likely return 2+ (Your C Drive and a CD Drive), but say one for memory will only return one. Anyway this is pretty basic and doesn’t do much more than print the actual dictionary but it might help someone write a Cacti plugin or a Nagios plugin that can pull free disk space for example.

Here it is: pythonwmic (Yes Sorry it’s called .doc but wordpress doesn’t seem to like .py)

To use it just call the script (first modifying the win32User/Password variables) with one argument which is the IP address of the server you want to query. Bear in mind it’s fairly rough but hopefully enough to get you going. It doesn’t work for all WML queries but the Win32_PerfFormattedData_ ones seem to work nicely (Win32_OperatingSystem I’m looking at you inparticular with your extra | characters in the Name column !).

As an example of output I ran against one of my machines querying the Logical Disks:

{‘DiskBytesPersec’: [‘0’, ‘0’, ‘0’, ‘0’], ‘Frequency_Sys100NS’: [‘0’, ‘0’, ‘0’, ‘0’], ‘PercentDiskReadTime’: [‘0’, ‘0’, ‘0’, ‘0’], ‘Timestamp_Object’: [‘0’, ‘0’, ‘0’, ‘0’], ‘AvgDiskBytesPerTransfer’: [‘0’, ‘0’, ‘0’, ‘0’], ‘PercentIdleTime’: [‘100’, ‘100’, ‘100’, ‘100’], ‘AvgDiskBytesPerWrite’: [‘0’, ‘0’, ‘0’, ‘0’], ‘Description’: [‘(null)’, ‘(null)’, ‘(null)’, ‘(null)’], ‘DiskWriteBytesPersec’: [‘0’, ‘0’, ‘0’, ‘0’], ‘Timestamp_Sys100NS’: [‘0’, ‘0’, ‘0’, ‘0’], ‘DiskWritesPersec’: [‘0’, ‘0’, ‘0’, ‘0’], ‘PercentDiskTime’: [‘0’, ‘0’, ‘0’, ‘0’], ‘AvgDiskQueueLength’: [‘0’, ‘0’, ‘0’, ‘0’], ‘AvgDiskBytesPerRead’: [‘0’, ‘0’, ‘0’, ‘0’], ‘AvgDisksecPerRead’: [‘0’, ‘0’, ‘0’, ‘0’], ‘Timestamp_PerfTime’: [‘0’, ‘0’, ‘0’, ‘0’], ‘Name’: [‘C:’, ‘E:’, ‘F:’, ‘_Total’], ‘CurrentDiskQueueLength’: [‘0’, ‘0’, ‘0’, ‘0’], ‘AvgDisksecPerWrite’: [‘0’, ‘0’, ‘0’, ‘0’], ‘DiskReadBytesPersec’: [‘0’, ‘0’, ‘0’, ‘0’], ‘Caption’: [‘(null)’, ‘(null)’, ‘(null)’, ‘(null)’], ‘PercentDiskWriteTime’: [‘0’, ‘0’, ‘0’, ‘0’], ‘Frequency_Object’: [‘0’, ‘0’, ‘0’, ‘0’], ‘Frequency_PerfTime’: [‘0’, ‘0’, ‘0’, ‘0’], ‘SplitIOPerSec’: [‘0’, ‘0’, ‘0’, ‘0’], ‘AvgDiskReadQueueLength’: [‘0’, ‘0’, ‘0’, ‘0’], ‘FreeMegabytes’: [‘54155’, ‘127668’, ‘69809’, ‘251632’], ‘DiskReadsPersec’: [‘0’, ‘0’, ‘0’, ‘0’], ‘AvgDiskWriteQueueLength’: [‘0’, ‘0’, ‘0’, ‘0’], ‘AvgDisksecPerTransfer’: [‘0’, ‘0’, ‘0’, ‘0’], ‘PercentFreeSpace’: [’77’, ’91’, ’99’, ’90’], ‘DiskTransfersPersec’: [‘0’, ‘0’, ‘0’, ‘0’]}

Have fun, and please post comments, corrections or improvements ! I’m sure there’s better/more_pythonistic ways to build the Dictionary and I will at some stage build a better way to output key bits of data rather than just dump the dictionary as is possibly with a Cacti/Nagios plugin to utilise it.


Before I found out about adtool I was managing users using Windows own command line AD tools via the very cool winexe (Thanks to TMM for pointing me to it in the first place). Winexe is a very nice way to either avoid using pstools from another Windows machine or having to install cygwin SSH server, which to be honest is a bit of a pain unless you package it into your system imaging solution and have it on every machine by default. Winexe allows you full access to a terminal on a Windows or allows you to run commands remotely. It’s fairly easy to install (although it’s be nice if someone with better packaging skills than me got it into Ubuntu), the usual configure make dance. I had a bit of trouble with the tarball so I downloaded the latest SVN snapshot which worked perfectly.

Next on my todo list is a small project that I had already built in my last job where we were *stuck* on NT4. And as Samba 4 isn’t out yet it’s relevant to Samba 3 networks to, whereby certain machines can have different registry files applied against them to do things like switch of USB mass storage and all sorts of things you can do with GPOs if you have AD (and make sure OCS Inventory is on there too !). I already built fairly stable system whereby all these things were applied via domain logon scripts, but the horribleness that is scripting on Windows has spurred me on to write something properly in Python that can be run from a Samba PDC/Linux box on an NT4 network to apply all this stuff….

A simple example is:

winexe -U HOME/Administrator%Pass123 // “ipconfig /all”

There’s more on the site but you can just as simply log into the server entirly with:

winexe -U HOME/Administrator%Pass123 // “cmd”

With Samba 4 coming out *soon* it’s almost redundant but what are weekends for ! So hopefully I’ll get this written in a few hours and it’ll spur me on to get into Django and put an interface on it. It’s certinly getting very easy to manage Windows from Linux, fair play to the Samba team and the EU for badgering MS till they got the documents they needed. What OS you use is becoming less and less relevant.

Last week I found a truly excellent tool for adding, modifying and managing user in Active Directory from Linux. It’s in Ubuntu

sudo aptitude install adtool

For a better guide in setting it up Vide has a great one over at his site.

One thing that got me though, you have to make sure your /etc/ldap/ldap.conf file is set up correctly, which should have been obvious but it stumped me for a while (necessary to allow setting passwords etc.)

Make sure you have the following in your config:

BASE    dc=ad-servername,dc=example,dc=com
URI     ldaps://

This allows you to correctly receive the SSL certificate from the server, otherwise you’ll get an error like this:

bind: : Can’t contact LDAP server (-1)

And hey presto you can avoid using MMC to manage users. 🙂 And if you combine it with wmic ….. happy days !

sudo aptitude install wmi-client

Example of usage is;

wmic -U DOMAIN/administrator%password // “Select * from Win32_Service”

Lists all services, the first line it spits back is the fields which you can use this SQL like language  to filter, so to see only the names of the services installed we’d do:

wmic -U DOMAIN/administrator%password // “Select Name from Win32_Service”

Or Name and State:

wmic -U DOMAIN/administrator%password // “Select Name,State from Win32_Service”

Or for just one service in this case the UPS service:

wmic -U DOMAIN/administrator%password // “Select Name,State from Win32_Service where name=’UPS'”

The language for the queries is called WQL and a reference is available here over at MSDN.

Hope this helps, this is only in Hardy as far as I’m aware.

It’s my one year aniversary of not touching a Windows machine (I used to use them in work) but having started developing again I know get to work from home using my Linux machine… and I’m thankful for it ! I don’t fancy being part of either the Russian Mafia, Chinese Military or the soon to be US Air Force Botnet… Thanks guys but no.

Ask Not What Your Country Can Do For You.. But What Your Computer Can Do For Your Country

Bruce Schneier Chimes In : Unfortunalty it seems they do want to use public machine…I guess it’s a wait and see. Question will they team up with the AV vendors to allow it as a “legitimate” virus like what happened with Sony’s Rootkit.

Very much old news now, but the shenanigans with ISO certification of OOXML and the loading of ballots, corruption at the heart of a standards body and basic disregard for genuine fair play are very well summed up in this recent Groklaw Article HERE. As it happens, from my current country of adoption, France.

But they have also finally joined the Kerberos Consortium, a very good thing, and one very close to my heart/work at the moment. Back in 2000 they were very much under severe fire for what was seen then as a attempt to modify/adapt and cripple Kerberos interoperability with the main standard. But finally they have seen some sense and joined with all the other major players. Read it HERE.

If only all stories could be like the second rather than the first, it is to our own detriment if we do not force them to be, by lobbying our local governments to investigate other options and vote with our own wallets when we buy a PC (Take an EeePC or an Ubuntu Dell Machine).

Mono-cultures in nature and in IT ecosystems are similarly bad, when there is no choice the market/gene pool stagnates and we lose out.

Ooops – People under suspicion by the Police for criminal activity are probably not the best source for a Marketing campaign…

Nicely combined with this, which I have been at the rough end of in a previous job. It’s not fun, basically a case of prove yourself innocent rather than innocent till proven guilty. I even have FAST accreditation battle scars to prove it….