UserParameters attribute of a user object in Active Directory messing up the event detail in Event Viewer in Windows Server 2012.

/0 Comments/in /by
In Active Directory, userParameters attribute of a user object is used to store the terminal profile setting for a user.  Turns out that the userparameters attribute stores the terminal profile data in binary format.
Yesterday, I was working on an application where there was a requirement to read the Windows Event log to get the audit data for changes in Active Directory.  So I open the Windows Server 2012 Event Viewer to see the log for Active Directory User updates. In Event Viewer screen, following error message is showing in details view of event Meta data. Reason for this error is that event viewer is unable to parse the userParameters blob data. But this problem is only happening with Windows Server 2012 not with Windows Server 2008.

In Active Directory, userParameters attribute of a user object is used to store the terminal profile setting for a user.  Turns out that the userparameters attribute stores the terminal profile data in binary format.  Yesterday, I was working on an application where there was a requirement to read the Windows Event log to get the audit data for changes in Active Directory.  So I open the Windows Server 2012 Event Viewer to see the log for Active Directory User updates. In Event Viewer screen, following error message is showing in details view of event Meta data. Reason for this error is that event viewer is unable to parse the userParameters blob data. But this problem is only happening with Windows Server 2012 not with Windows Server 2008.

Event Viewer of Windows Server 2012

CionSystems Products Are Not Vulnerable to The Heartbleed Bug

/0 Comments/in /by

CionSystems products are not vulnerable to the Heartbleed bug:

General Information
The “Heartbleed Bug” is a security flaw in OpenSSL’s TLS implementation.  SSL/TLS provide secure the transmission for private information. The bug is actually a memory leak exploit that can potentially lead to the exposure of server keys.  This can result disclosure of private computer memory and private information. It is indeed a very serious vulnerability.
How to diagnose if your systems are vulnerable:
To determine if your systems are vulnerable to the Heartbleed bug, see http://www.kb.cert.org/vuls/id/720951
How to fix systems that are vulnerable to Heartbleed *and* the potential loss of private keys:
If you find any of your systems vulnerable to the Heartbleed bug, the steps typically involved in fixing a system include:

  1. Patching vulnerable systems with OpenSSL 1.0.1g
  2. Regenerating new private keys
  3. Submitting new CSR to your CA
  4. Obtaining and install new signed certificate
  5. Revoking old certificates

Exercise caution when revoking certificates as some systems may become inaccessible.

How to set execution policy to execute PowerShell script on Windows 7

/0 Comments/in /by

If you have not previously configured PowerShell and try to run it, it may throw a nasty error in red font to scare you, but there is an easy fix for it.

PowerShell script error
PowerShell Script Error

PowerShell has a number of execution modes that define what type of code it is permitted to run, this is governed by a registry key that lives in the HKLM hive. There are 4 different execution modes, they are:

Restricted: Default execution policy, does not run scripts, interactive commands only.
All Signed: Runs scripts; all scripts and configuration files must be signed by a publisher that you trust; opens you to the risk of running signed (but malicious) scripts, after confirming that you trust the publisher.
Remote Signed: Local scripts run without signature. Any downloaded scripts need a digital signature, even a UNC path.
Unrestricted:Runs scripts; all scripts and configuration files downloaded from communication applications such as Microsoft Outlook, Internet Explorer, Outlook Express and Windows Messenger run after confirming that you understand the file originated from the Internet; no digital signature is required; opens you to the risk of running unsigned, malicious scripts downloaded from these applications

Restricted: Default execution policy, does not run scripts, interactive commands only.All Signed: Runs scripts; all scripts and configuration files must be signed by a publisher that you trust; opens you to the risk of running signed (but malicious) scripts, after confirming that you trust the publisher.Remote Signed: Local scripts run without signature. Any downloaded scripts need a digital signature, even a UNC path.Unrestricted:Runs scripts; all scripts and configuration files downloaded from communication applications such as Microsoft Outlook, Internet Explorer, Outlook Express and Windows Messenger run after confirming that you understand the file originated from the Internet; no digital signature is required; opens you to the risk of running unsigned, malicious scripts downloaded from these applications

The default execution policy of PowerShell is called Restricted. In this mode, PowerShell operates as an interactive shell only. It does not run scripts, and loads only configuration files signed by a publisher that you trust. If you are getting the nasty red error the most probable cause is that you are trying to run an unsigned script. The safest thing to do is to change the Execution Policy to unrestricted, run your script and then change it back to restricted.

To change it to unrestricted run the following command from an administrative PowerShell:

Set-ExecutionPolicy Unrestricted

You will be asked if you are sure that you want to change the Execution Policy hit the enter button again.

You can now run your downloaded scripts without a problem. However, it’s a serious security risk if you forget to set the Execution Policy back to Restricted mode. You could probably guess how to set it back to Restricted, but incase you don’t:

Set-ExecutionPolicy Restricted

Again you will be asked if you are sure that you want to change the execution mode, go ahead and hit enter.


GPO Manager version 3.0.0.0

/0 Comments/in /by

With the release of CionSystem’s GPO Manager  3.0.0.0 you know have workflow management, check in/check out, change control, backup/restore, reports and rollback- that is needed to effectively manage GPOs across the enterprise.

CionSystem’s GPOManager offers a mechanism to control this highly important component of Active Directory. GPOs, Scope of Management links, and WMI filters are backed up in a secure, distributed manner and then placed under version control.

CionSystem’s GPOmanager contains  following popular features

  • Version Comparisons: Quickly verify setting consistency and improve GPO auditing with advanced, side-by-side GPO version comparisons at different intervals.
  • Enhanced Group Policy Comparison and side-by-side two distinct GPO’S , two Versions and with Existing GPO with a Checkout copy GPO comparisons to verify setting consistency.
  • GPO history and Compare: to record all changes to GPO’s
  • Delete version history: to manage and reduce size of backup store
  • Undo GPO changes: Rolled back to previous versions.
  • Approval-based workflow: process to ensure that changes adhere to change management best practices before their deployment.
  • Configure workflow: to enable organizational requirements and set for specified users or groups on edit settings, cloak and uncloak and lock and unlock.
  • Workflow Commenting: Track the request, review and approval process with comments and e-mail notifications at any stage.
  • Scheduling: Enable approved changes to be implemented immediately or on a schedule.
  • Microsoft Group Policy Management Console (GPMC) for familiar look and feel.
  • Cloaking: Hidden pre-production GPS from all but selected administrators.
  • GPO check-in and check-out to prevent simultaneous editing conflicts.
  • GPO locking: to prevent unwanted changes to product GPOs.
  • Backup and Restore: Schedules the ALL GPO’s Backup or selected GPO’s to be taken at a specified date and time
  • Delegation and permissions management: Delegates or provide Read, Edit, Apply Permissions on GPO to Users
  • Day to Day task : Perform common GPO Actions/Tasks like Create , Edit, Delete, Link, Rename ,Backup, Import, Restore GPO, add comments to GPO, View, Enable, Disable
  • Manage security: Apply Filters to GPO
  • Copy /Paste : Create a duplicate GPO with same settings
  • Reports: Creates Report of all GPO’S at a specified Location.
  • Advance Categorizing: Easily find GPOS that are Linked , Unlinked, Orphaned, Disabled, Deleted etc.
  • Replication: To replicate the data among the Available domain controllers
  • Delegation: To grant Permission for Users to create GPO. To Apply WMI Filter.
  • Grant Permission on All GPO’s: To grant permission for users on all GPO’s to read, Edit ,delete.

Active Directory Manager Pro version 4.0.0.2

/0 Comments/in /by

With the release of CionSystems AD Manager Pro 4.0.0.2 you know have Web based access to PowerShell cmdlets without the need to install Powershell!  This lets users and  workflows invoke cmdlets to manage:

·         Active Directory

·         Exchange

·         Office 365

·         File Shares

·         Managed Service Accounts

·         Local computer accounts

CionSystems AD Manager Pro makes it easy to delegate access to cmdlets, while providing an audit trail and reporting that tracks all changes

We’ve also added full  lifecycle support for Managed Service Accounts.  Create, control, provision, de-provision, and delete Managed Service Accounts.  Full workflow, audit, notification, and delegation support.

Active Directory Manager Pro version 4.0.0.0

/0 Comments/in /by

With the release of CionSystems AD Manager Pro 4.0.0.0 you know have enhancements to many of the popular features such as