Category Archives: Uncategorized

Scheduled Task “The task image is corrupt or has been tampered with”

When opening task scheduler I was faced with the error “Task User_Feed_Synchronization-{20EECAD6-F054-4C21-B0F6-EC6DA-99BD2C8}: The task image is corrupt or has been tampered with.”

clip_image002

and

“Task ServerCeipAssistant: The task image is corrupt or has been tampered with.”

clip_image002[5]

There are a number of locations the corrupt task can be stored:

C:\windows\system32\tasks\

And

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft

Looking at the data stored in these two locations it should be enough information to delete and recreate the task.

Reference:

https://www.ghacks.net/2011/07/28/fix-the-task-image-is-corrupt-or-has-been-tampered-with-errors/

Allow non admins to manage RDS connection

I had a server 2016 RDS server using a combination of Terminal Servers and remoteapps, and we had a user that wanted the ability to log users off.  The user in question was not a local admin on the server, so I created an AD group, added her and ran the following command from an elevated prompt on the RDS Server:

wmic /namespace:\\root\CIMV2\TerminalServices PATH Win32_TSPermissionsSetting WHERE (TerminalName=”RDP-Tcp”) CALL AddAccount “anonit\USR-SEC-AllowRDSLogoff”,2

Where anonit\USR-SEC_AllowRDSLogoff is the group that would have permission to logoff users.

 

This ONLY takes affect once the accounts have logged in.  eg:  User1 is the kicker and User2 is the kickee.  Once I’ve modified the server, User1 doesn’t have permission to log User2 out until User2 has initiated a new logon session.

 

References:

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc753032(v=ws.11)?redirectedfrom=MSDN

https://social.technet.microsoft.com/Forums/en-US/0d119172-1100-4f9d-accd-e2504e5f4908/rds-2012-configure-permissions-for-remote-desktop-services-connections?forum=winserverTS

https://docs.microsoft.com/en-us/troubleshoot/windows-server/remote/add-user-services-rdp-permissions

https://docs.microsoft.com/en-us/windows/win32/termserv/win32-tspermissionssetting

https://docs.microsoft.com/en-us/windows/win32/termserv/win32-tspermissionssetting-addaccount (explains the magic number 2)

 

MAC OS X 10.3 user password reset

I recently picked up a Powermac G4, running Mac OS X 10.3, and it had an account on it with unknown credentials.  I needed to reset the account.

Boot into single user mode (reboot, at the grey Apple screen press Command-S (or Windows-S))

I typed the commands:

Mount –uw /

cd /var/db

rm .AppleSetupDome

reboot

On boot, the new mac wizard ran.  I was able to create a new account and remove the old one.

Old Servers listed in DHCP Server list

When opening a DHCP console on domain that had been in operation since 2008, and gone through a number of upgrades, migrations and repairs, a number of old servers were still listed.

To remove these, as a domain administrator, verify the data by running:

netsh dhcp show server

To remove the servers, use the command:

netsh dhcp delete server %FQDN% %IPADDRESS%

eg:

netsh dhcp delete server dc03.anonit.local 192.168.168.3

If the response is

Deleting server with dc03.anonit.local, 192.168.168.3
The specified servers are not present in the directory service.

Open adsiedit.msc and navigate to Configuration / CN=Configuration / CN=Services / CN=NetServices

In this container, depending on what you see is how you proceed:

In the example above, the DhcpRoot container DHCPServers attribute was empty, and we needed to remove one of the extra entries (the bottom one on the list).  Once deleted, the output from netsh dhcp show server was correct, and there were no more extra servers showing up in the list.

References:

https://blogs.technet.microsoft.com/networking/2009/02/27/old-dhcp-servers-appear-in-the-list-of-authorized-servers-after-a-domain-rename/

Synology exFAT support

I had a Synology DS418 NAS drive, and needed to attach a USB drive to get some data off it as a one off operation.  I found the drive formatted as a exFAT drive, and out of the box, Synology doesn’t support that.  They have an add on in their store for $3, but given the amount of money I paid for the unit, and I knew it ran linux, and this was a one off operation, I thought I’d do some digging to see if I can bypass that restriction, and learn something in the process.

Requires:

A Synology NAS;

A linux PC (a Raspberry pi was used in this example);

(A Windows PC was used to download the files and transfer them via winscp).

Download the relevant exfat-fuse file for the NAS architecture from https://packages.debian.org/stretch/armel/exfat-fuse/download (In this example I used exfat-fuse_1.2.5-2_arm64.deb)

Transfer this file to the Linux PC if necessary (it can’t be extracted on the NAS itself).

Extract the files:

$ dpkg –extract exfat-fuse_1.1.0-2_armel.deb .

(Note the full stop at the end of the line)

In the control panel of the NAS web UI, enable SSH, and login via SSH.

Copy the extracted file /sbin/mount.exfat-fuse to the NAS placing in the /opt/sbin/ directory.

Without the USB drive attached to the NAS, run an ls /dev/, then connect the usb drive, and do the same.  Look for differences in the directory, this will be the USB drive.  In my case it was listed as sdq, and the partition I wanted was sdq2.

Run the commands:

$ mkdir /mnt/exfatusb
$ ./mount.exfat-fuse /dev/sdq2 /mnt/exfatusb

to mount the USB drive.  You can then copy the files to the required directory and unmount the drive:

$ cp -av /mnt/exfatusb /volume1/retroPIE
$ umount /mnt/exfatusb

From the above command you may also be able to work out a project I am currently working on!

I have attached the relevant files here:

Synology exFAT support

References:

https://forum.synology.com/enu/viewtopic.php?t=62473&start=90#p390456

Create a temporary folder in powershell

I needed to create a temporary folder. I modified the code found here https://stackoverflow.com/questions/34559553/create-a-temporary-directory-in-powershell. One issue in the original code was the chance (albeit extremely slight) of having a name collision with an existing folder. The script below checks and tries 5 times before failing. It isn’t neat, and is somewhat of a brute force method of getting around the issue, but it gets the job done. You can see the modified code here https://pastebin.com/DPfj3iT7

Install Unifi Controller on Rasperry PI

Install pi
enable ssh
connect to wifi
change password
sudo apt-get install rpi-update && echo Y | sudo rpi-update
sudo apt-get update && sudo apt-get upgrade -y
sudo apt-get -y install oracle-java8-jdk
https://help.ubnt.com/hc/en-us/articles/115015026968-UniFi-Supported-Java-JRE-Version

Add unifi to sources list
echo ‘deb http://www.ubnt.com/downloads/unifi/debian stable ubiquiti’ | sudo tee -a /etc/apt/sources.list.d/100-ubnt.list > /dev/null

sudo apt-get -y install dirmngr
Add key to our raspberry pi
sudo apt-key adv –keyserver keyserver.ubuntu.com –recv 06E85760C0A52C50
sudo apt-get update
sudo apt-get install unifi -y
sudo systemctl stop mongodb
sudo systemctl disable mongodb
sudo reboot
logon to website: https://%controllerIP%:8443

References: https://community.ubnt.com/t5/UniFi-Wireless/UniFi-Controller-5-5-on-Raspberry-Pi/td-p/2045751

Delete declined updates in WSUS

We have all seen poorly maintained WSUS servers.  This script can assist by deleting declined updates.  Combine this with a number of other methods of housekeeping on WSUS servers.

Additionally using the script we can see all the objects returned by the command $wsus.getupdates() | get-member | select name

Name
----
AcceptLicenseAgreement
Approve
ApproveForOptionalInstall
CancelDownload
CreateObjRef
Decline
Equals
ExpirePackage
ExportPackageMetadata
GetChangesFromPreviousRevision
GetHashCode
GetInstallableItems
GetLicenseAgreement
GetLifetimeService
GetRelatedUpdates
GetSummary
GetSummaryForComputerTargetGroup
GetSummaryPerComputerTargetGroup
GetSupportedUpdateLanguages
GetType
GetUpdateApprovals
GetUpdateCategories
GetUpdateClassification
GetUpdateEventHistory
GetUpdateInstallationInfoPerComputerTarget
InitializeLifetimeService
PurgeAssociatedReportingEvents
Refresh
RefreshUpdateApprovals
ResumeDownload
ToString
AdditionalInformationUrls
ArrivalDate
CompanyTitles
CreationDate
DefaultPropertiesLanguage
Description
HasEarlierRevision
HasLicenseAgreement
HasStaleUpdateApprovals
HasSupersededUpdates
Id
InstallationBehavior
IsApproved
IsBeta
IsDeclined
IsEditable
IsLatestRevision
IsSuperseded
IsWsusInfrastructureUpdate
KnowledgebaseArticles
LegacyName
MsrcSeverity
ProductFamilyTitles
ProductTitles
PublicationState
ReleaseNotes
RequiresLicenseAgreementAcceptance
SecurityBulletins
Size
State
Title
UninstallationBehavior
UpdateClassificationTitle
UpdateServer
UpdateSource
UpdateType