Archives for the Month of September, 2010

PowerShell Cookbook Scripts Available Everywhere

If you’ve been looking for the sample scripts from the PowerShell Cookbook, you might have had trouble finding them on the book’s main landing page. It turns out that September and October are very busy publishing periods, so was some delay getting them live.

Fortunately, a delay is just that… a delay 🙂 O’Reilly recently published the PowerShell Cookbook sample scripts and code samples to the main page, so you can now just click on the ‘Examples’ link from the main landing page to download them.

In other exciting news, as recently announced by Jaykul, O’Reilly has been very gracious in letting me put all of the scripts from the PowerShell Cookbook onto PoshCode.org – PowerShell’s largest community script repository.

If you want ‘em, now you’ve got them. Even if you don’t have the PowerShell Cookbook, you can still download them and reap their benefits!

Adjusting Token Privileges in PowerShell

One thing you sometimes run into when it comes to some management tasks is the concept of ‘Token Privileges’. Now these aren’t just privileges that Windows gives you to make you feel better - those are Token Compliments.

Token Privileges are aspects of the things your user account can do, but you often don’t need that power enabled by default. For example, anybody can restart a computer, but windows doesn’t enable that privilege by default:

[C:\Users\leeholm]
PS:112 > whoami /priv

PRIVILEGES INFORMATION
----------------------

Privilege Name                Description                          State
============================= ==================================== ========
SeShutdownPrivilege           Shut down the system                 Disabled
SeChangeNotifyPrivilege       Bypass traverse checking             Enabled
SeUndockPrivilege             Remove computer from docking station Disabled
SeIncreaseWorkingSetPrivilege Increase a process working set       Disabled

When you try to run a command without a privilege enabled, you’ll usually get an ‘Access is Denied’ error. This doesn’t mean that you can’t do it – just that you need to enable the privilege before doing it.

However, if you’ve found this post, you probably know all of this 🙂

PowerShell doesn’t ship a cmdlet to adjust token privileges by default, but Add-Type makes it very reasonable. Here is Set-TokenPrivilege.ps1 in all its glory:

 

001

002003

004

005

006

007

008

009

010

011

012

013

014

015

016

017

018

019

020

021

022

023

024

025

026

027

028

029

030

031

032

033

034

035

036

037

038

039

040

041

042

043

044

045

046

047

048

049

050

051

052

053

054

055

056

057

058

059

060

061

062

063

064

065

066

067

068

069

070

071

072

073

074

075

076

077

078

079

080

081

082

083

084

 

param(    ## The privilege to adjust. This set is taken from

    ## http://msdn.microsoft.com/en-us/library/bb530716(VS.85).aspx

    [ValidateSet(

        "SeAssignPrimaryTokenPrivilege", "SeAuditPrivilege", "SeBackupPrivilege",

        "SeChangeNotifyPrivilege", "SeCreateGlobalPrivilege", "SeCreatePagefilePrivilege",

        "SeCreatePermanentPrivilege", "SeCreateSymbolicLinkPrivilege", "SeCreateTokenPrivilege",

        "SeDebugPrivilege", "SeEnableDelegationPrivilege", "SeImpersonatePrivilege", "SeIncreaseBasePriorityPrivilege",

        "SeIncreaseQuotaPrivilege", "SeIncreaseWorkingSetPrivilege", "SeLoadDriverPrivilege",

        "SeLockMemoryPrivilege", "SeMachineAccountPrivilege", "SeManageVolumePrivilege",

        "SeProfileSingleProcessPrivilege", "SeRelabelPrivilege", "SeRemoteShutdownPrivilege",

        "SeRestorePrivilege", "SeSecurityPrivilege", "SeShutdownPrivilege", "SeSyncAgentPrivilege",

        "SeSystemEnvironmentPrivilege", "SeSystemProfilePrivilege", "SeSystemtimePrivilege",

        "SeTakeOwnershipPrivilege", "SeTcbPrivilege", "SeTimeZonePrivilege", "SeTrustedCredManAccessPrivilege",

        "SeUndockPrivilege", "SeUnsolicitedInputPrivilege")]

    $Privilege,

    ## The process on which to adjust the privilege. Defaults to the current process.

    $ProcessId = $pid,

    ## Switch to disable the privilege, rather than enable it.

    [Switch] $Disable

)

## Taken from P/Invoke.NET with minor adjustments.

$definition = @'

using System;

using System.Runtime.InteropServices;
public class AdjPriv

{

[DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)]

internal static extern bool AdjustTokenPrivileges(IntPtr htok, bool disall,

ref TokPriv1Luid newst, int len, IntPtr prev, IntPtr relen);
[DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)]

internal static extern bool OpenProcessToken(IntPtr h, int acc, ref IntPtr phtok);
[DllImport("advapi32.dll", SetLastError = true)]

internal static extern bool LookupPrivilegeValue(string host, string name, ref long pluid);
[StructLayout(LayoutKind.Sequential, Pack = 1)]

internal struct TokPriv1Luid

{

public int Count;

public long Luid;

public int Attr;

}
internal const int SE_PRIVILEGE_ENABLED = 0x00000002;

internal const int SE_PRIVILEGE_DISABLED = 0x00000000;

internal const int TOKEN_QUERY = 0x00000008;

internal const int TOKEN_ADJUST_PRIVILEGES = 0x00000020;
public static bool EnablePrivilege(long processHandle, string privilege, bool disable)

{

bool retVal;

TokPriv1Luid tp;

IntPtr hproc = new IntPtr(processHandle);

IntPtr htok = IntPtr.Zero;

retVal = OpenProcessToken(hproc, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, ref htok);

tp.Count = 1;

tp.Luid = 0;
if(disable)

{

tp.Attr = SE_PRIVILEGE_DISABLED;

}

else

{

tp.Attr = SE_PRIVILEGE_ENABLED;

}
retVal = LookupPrivilegeValue(null, privilege, ref tp.Luid);

retVal = AdjustTokenPrivileges(htok, false, ref tp, 0, IntPtr.Zero, IntPtr.Zero);

return retVal;

}

}

'@

$processHandle = (Get-Process -id $ProcessId).Handle

$type = Add-Type $definition -PassThru

$type[0]::EnablePrivilege($processHandle, $Privilege, $Disable)

Interview on the PowerScripting Podcast

Last week the fine PowerScripting Podcast had me on the show. We had a great wide-reaching chat about usability in PowerShell, the Windows Product Cycle, system administration, automating yourself into a higher-paying job, and of course the recently released PowerShell Cookbook.

They posted the interview today, so take a look! http://powerscripting.wordpress.com/2010/09/13/episode-125-cooking-up-some-powershell-with-lee-holmes/

And the Winner is… Arvixe

If you’ve been wondering why this blog has been flaky lately, perhaps this report explains a bit:

DAILY UPTIME AND PERFORMANCE SUMMARY

www.leeholmes.com
----------------------------------------------------------------------
date          uptime       dns   connect   request      ttfb      ttlb

2010-09-07     58.88     0.097     0.120     0.120     0.240     0.287
2010-09-06     92.93     0.101     0.214     0.214     0.530     0.574
2010-09-05     74.04     0.153     0.292     0.292     0.471     0.508
2010-09-04     42.15     0.210     0.233     0.233     0.191     0.203
2010-09-03     41.53     0.173     0.197     0.197     0.148     0.173
2010-09-02     70.00     0.034     0.058     0.058     0.150     0.171
2010-09-01     67.27     0.084     0.108     0.108     0.135     0.172
2010-08-31     70.87     0.051     0.073     0.073     0.184     0.221
2010-08-30     52.00     0.027     0.050     0.050     0.070     0.088

----------------------------------------------------------------------
minimum        41.53     0.027     0.050     0.050     0.070     0.088
maximum        92.93     0.210     0.292     0.292     0.530     0.574
average        63.30     0.103     0.149     0.149     0.236     0.266
----------------------------------------------------------------------

I’ve hosted my domain for the last five years with a host called WebHost4Life. They used to provide great service, uptime, and at a reasonable cost. I’ve been experiencing issues in the last few months after a “platform migration”, and initially gave them a pass since they built up 5+ years of Hosting Cred with me.

Here’s my current ticket – it’s been open for 2+ weeks:

Date Type
08/24/2010 7:14 PM EDT Ticket Created
08/24/2010 7:14 PM EDT Lee Holmes contacted WebHost4Life
Subject:

Issues loading http://leeholmes.com/blog

Customer Quote:

I've been having frequent issues loading my blog, at http://www.leeholmes.com/blog. My readers are letting me know about it frequently, and the uptime has been unacceptable.

I opened a ticked a few months ago, and was told this was a temporary ("few weeks") issue due to some server re-balancing. The issue has not yet been resolved.

I've been with WebHost4Life for years, and service quality has never been a problem except for the last few moths. I would be really disappointed if we can't pinpoint the problem, as I can't handle reliability that has this many problems.

Thanks,

Lee

08/24/2010 7:17 PM EDT Updated Ticket: Work in Progress
08/24/2010 9:04 PM EDT WebHost4Life contacted Lee Holmes
Subject:

[P07403743000000000] Issues loading http://leeholmes.com/blog

Comment:

Hello Lee,

Thank you for contacting Support.

We apologize for any inconvenience this may have caused you. I have tried to access the web page: http://leeholmes.com/blog and I was able to duplicate the issue. I have asked a technical specialist of our team who specializes in this issue to review your account. You should be hearing from this specialist within 24-48 hours. If you have any questions in the meantime, please let us know and be sure to refer to the link http://www.webhost4life.com/member/sconsole for the quickest service.

While reviewing your account, I have noticed that you have not set the Security Question. Security Question is an alternative way to authenticate you as owner of the account. In order to set the Security Question, please refer the steps given below:

1. Log into the control panel with your account username and password.

2. Click on the link 'Set Security Question' under 'Account Information' section.

3. Click on the radio button 'New Profile'.

4. Enter the First Name, Last Name, and set the Security Question and the Security Answer.

5. Click on the 'Save' button.

Thank you for choosing WebHost4Life, we appreciate your support.

Sincerely,

Adolph Urey

Customer Support

08/24/2010 9:05 PM EDT Updated Ticket: Work in Progress
08/26/2010 11:12 AM EDT Updated Ticket: Work in Progress
08/26/2010 1:00 PM EDT WebHost4Life contacted Lee Holmes (Resolved)
Comment:

Hello,

Thank you for your patience.

We apologize that it has taken longer than usual to get back to you. I've resolved the slowness issue with your blog at: http://leeholmes.com/blog/ from my end. Please check its functionality using different ISPs.

If you have any further questions, please update the Support Console.

Sincerely,

Rodolfo Keller

Technical Specialist

08/26/2010 1:23 PM EDT Lee Holmes contacted WebHost4Life
Customer Quote:

Thanks, Rodolfo. What did you do to fix it? This has been going on for months, and I'd like to be sure this is a long-term fix (not restarting IIS or something like that.)

08/26/2010 1:53 PM EDT WebHost4Life contacted Lee Holmes (Resolved)
Comment:

Hello,

Thank you for your reply.

I've recycled the application pool of your account through our backend tools. If you experience slowness issue while accessing your website in the future, please feel free to contact us at any time.

If you have any further questions, please update the Support Console.

Sincerely,

Rodolfo Keller

Technical Specialist

08/26/2010 1:55 PM EDT Lee Holmes contacted WebHost4Life
Customer Quote:

It's slow again.

As I mentioned, I've been with WebHost4Life for years. This has only started causing issues recently, and I've made no changes to my site.

I can't be opening a new support ticket every few days to have the app pool on my site recycled.

08/26/2010 1:59 PM EDT Updated Ticket: Work in Progress
08/26/2010 2:08 PM EDT WebHost4Life contacted Lee Holmes (Resolved)
Comment:

Hello,

Thank you for your reply.

The blog website at http://leeholmes.com/blog/ is coming up fine now. Please check it from your end. If the issue persists, please get back to us with the following information:

1.The browser type and the full version number (Example: IE :6.0.2800.0116).

2. The geographical location from where the site is inaccessible and the ISP you are using.

3.The operating system you are using and its version (The service pack version if you have any).

4.The internet connection you are having.

Do a tracert for your domain name and get back to us with the results.

To find the tracert result, please follow the steps given below:

a) Go to the 'Start' Menu-> 'Run'

b) Type 'cmd' or ‘command’. This will open up a DOS window.

c) In the window, type the command: tracert stlsprout.com and press Enter key.

If you have any further questions, please update the Support Console.

Sincerely,

Reuvena Macklin

Technical Specialist

08/26/2010 4:40 PM EDT Lee Holmes contacted WebHost4Life
Customer Quote:

This has been happening for months, over different ISPs, different times of days, different computers, different operating systems, different countries, etc.

I've got probably 10 or 15 mails from co-workers, readers of my blog, and readers of my book that have pointed this out.

08/29/2010 12:45 PM EDT Updated Ticket: Work in Progress
08/29/2010 2:47 PM EDT Resolved
08/29/2010 2:49 PM EDT Updated Ticket: Work in Progress
08/29/2010 3:00 PM EDT WebHost4Life contacted Lee Holmes (Resolved)
Comment:

Hello,

We have verified your issue with the functionality of the website and the website is loading fine within a reasonable interval of time at http://leeholmes.com/blog/ without any delay. Could you please check the functionality of the website once again from your end?

If you have any further questions, please update the Support Console.

Sincerely,

Nick Brown

Technical Specialist

08/30/2010 2:46 PM EDT Lee Holmes contacted WebHost4Life
Customer Quote:

It's down again.

Please address my question: What can you do so that I don't have to create a support ticket every day or two?

This is a relatively recent problem, as I've pointed out several times in this ticket.

08/30/2010 3:56 PM EDT WebHost4Life contacted Lee Holmes (Resolved)
Comment:

Hello,

I have verified your issue with the functionality of the website and the website is loading fine within a reasonable interval of time at http://leeholmes.com/blog/ without any delay. Could you please clear the cache/cookies of your browser and then check the functionality of the website once or else please check the functionality of the website in different machines/network from your end?

If the issue still persists, please get back to us with the tracert result of the website when it will be down and also with the exact time with time zone. So that, I can investigate and assist you further to resolve the issue.

If you have any further questions, please update the Support Console.

Sincerely,

Nick Brown

Technical Specialist

08/30/2010 4:14 PM EDT Lee Holmes contacted WebHost4Life
Customer Quote:

Here's the results I'm getting right now, from two different computers;

PS:106 > tracert www.leeholmes.com

Tracing route to www.leeholmes.com [66.96.146.81]

over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms cusred043c6n02-vl2.network.microsoft.com [157.59.184.1]

2 cusred043c6n02-vl2.network.microsoft.com [157.59.184.1] reports: Destination host unreachable.

Trace complete.

Second computer;

PS:101 > tracert leeholmes.com

Tracing route to leeholmes.com [66.96.146.81]

over a maximum of 30 hops:

1 1 ms <1 ms <1 ms 81.146.96.66.static.eigbox.net [66.96.146.81]

2 * * * Request timed out.

3 8 ms 11 ms 9 ms 68.87.205.209

4 9 ms 8 ms 10 ms te-9-3-ur02.burien.wa.seattle.comcast.net [68.86.96.122]

5 11 ms 11 ms 17 ms te-0-1-0-0-ar01.seattle.wa.seattle.comcast.net [68.86.96.25]

6 12 ms 17 ms 21 ms pos-1-4-0-0-cr01.seattle.wa.ibone.comcast.net [68.86.90.209]

7 13 ms 13 ms 27 ms pos-0-10-0-0-cr01.portland.or.ibone.comcast.net [68.86.85.106]

8 27 ms 35 ms 26 ms pos-1-14-0-0-cr01.sacramento.ca.ibone.comcast.net [68.86.85.201]

9 35 ms 29 ms 29 ms pos-0-4-0-0-cr01.sanjose.ca.ibone.comcast.net [68.86.85.50]

10 29 ms * 34 ms te3-3.mpd01.sjc04.atlas.cogentco.com [154.54.11.105]

11 33 ms 31 ms 31 ms te9-1.ccr02.sfo01.atlas.cogentco.com [154.54.0.177]

12 78 ms 82 ms 78 ms te0-1-0-2.ccr22.mci01.atlas.cogentco.com [154.54.30.70]

13 72 ms 73 ms 74 ms te0-0-0-3.ccr22.ord01.atlas.cogentco.com [154.54.30.102]

14 113 ms 112 ms 114 ms te7-3.ccr02.bos01.atlas.cogentco.com [154.54.24.57]

15 114 ms 113 ms 113 ms endurance-international-group.demarc.cogentco.com [38.97.106.34]

16 * * * Request timed out.

17 111 ms 114 ms 114 ms 81.146.96.66.static.eigbox.net [66.96.146.81]

Trace complete.

I've also set up an uptime monitor at another place, and it's been reporting the site going up and down.

08/30/2010 4:14 PM EDT Lee Holmes contacted WebHost4Life
Customer Quote:

It's now up again, after being down for the last half-hour or so.

08/30/2010 4:39 PM EDT Lee Holmes contacted WebHost4Life
Customer Quote:

It's down again. Here's a screen cap from InternetSupervision.com, as requested: http://cid-7874cfd565b38d4b.office.live.com/self.aspx/Shared/Temp/leeholmes%5E_blog%5E_timeout.png

08/30/2010 5:37 PM EDT Updated Ticket: Work in Progress
08/31/2010 2:16 AM EDT Updated Ticket: Work in Progress
08/31/2010 2:30 AM EDT Resolved
08/31/2010 2:32 AM EDT Updated Ticket: Work in Progress
08/31/2010 2:38 AM EDT WebHost4Life contacted Lee Holmes (Resolved)
Comment:

Hello,

Thank you for your patience. The website http://leeholmes.com/blog loading fine without any slowness. We have tested it using InternetSupervision.com , you can check the screenshot at http://leeholme.webhost4life.com/blog.bmp . It appears that issue with your end. Please check the website from different network.

If you have any further questions, please update the Support Console.

Thank you!

Vincent Baker

Technical Specialist

08/31/2010 2:43 AM EDT Lee Holmes contacted WebHost4Life
Customer Quote:

I linked to a screen capture that showed it was down in 5 countries around the world. What else can I do?

Here's a log of my uptimes this afternoon. The "Time" column is response times, in milliseconds. There was an outage from about 2:30 to 3:30, and from 5:00 to 8:00.

Date Time

---- ----

8/30/2010 1:35:15 PM -1

8/30/2010 1:46:55 PM -1

8/30/2010 1:56:58 PM 2184.5335

8/30/2010 2:08:38 PM -1

8/30/2010 2:18:40 PM 2095.882

8/30/2010 2:30:20 PM -1

8/30/2010 2:42:00 PM -1

8/30/2010 2:53:40 PM -1

8/30/2010 3:05:20 PM -1

8/30/2010 3:17:00 PM -1

8/30/2010 3:28:40 PM -1

8/30/2010 3:40:20 PM -1

8/30/2010 3:50:22 PM 2102.3454

8/30/2010 4:00:24 PM 1775.0439

8/30/2010 4:10:26 PM 2070.5566

8/30/2010 4:22:06 PM -1

8/30/2010 4:32:08 PM 2213.9927

8/30/2010 4:43:48 PM -1

8/30/2010 4:55:28 PM -1

8/30/2010 5:05:31 PM 2908.32

8/30/2010 5:17:11 PM -1

8/30/2010 5:28:51 PM -1

8/30/2010 5:40:31 PM -1

8/30/2010 5:52:11 PM -1

8/30/2010 6:03:51 PM -1

8/30/2010 6:15:31 PM -1

8/30/2010 6:27:11 PM -1

8/30/2010 6:38:51 PM -1

8/30/2010 6:50:31 PM -1

8/30/2010 7:02:11 PM -1

8/30/2010 7:13:51 PM -1

8/30/2010 7:25:31 PM -1

8/30/2010 7:37:12 PM -1

8/30/2010 7:48:52 PM -1

8/30/2010 8:00:32 PM -1

8/30/2010 8:10:34 PM 2265.4839

8/30/2010 8:20:36 PM 1854.1699

8/30/2010 8:30:38 PM 2061.0892

8/30/2010 8:40:40 PM 2616.7317

8/30/2010 8:50:43 PM 2263.1027

8/30/2010 9:00:44 PM 1790.517

8/30/2010 9:10:46 PM 1773.6829

8/30/2010 9:20:49 PM 2394.6573

8/30/2010 9:30:51 PM 2365.4524

8/30/2010 9:40:53 PM 1993.6091

8/30/2010 9:50:56 PM 3248.6801

8/30/2010 10:00:58 PM 2169.8177

8/30/2010 10:11:01 PM 2246.9487

8/30/2010 10:21:03 PM 2383.3689

8/30/2010 10:31:05 PM 2393.0847

8/30/2010 10:41:08 PM 2423.3041

8/30/2010 10:51:10 PM 2408.9562

8/30/2010 11:01:11 PM 1088.584

8/30/2010 11:11:14 PM 2219.8152

8/30/2010 11:21:16 PM 2410.9568

8/30/2010 11:31:18 PM 2278.4904

8/30/2010 11:41:21 PM 909.6085

It's working now, but will stop working again soon.

09/01/2010 2:22 AM EDT WebHost4Life contacted Lee Holmes (Resolved)
Comment:

Hello,

Thank you for your patience. I have checked the website http://leeholmes.com/blog in different interval of time and it is loading fine. Due to high load on our servers and heavy traffic, some of the websites hosted on those servers may experience some temporary issue. Our network operation team are monitoring the Windows pools and stabilizing the load on the servers. We will be adding more hardware to improve the performance.

If you have any further questions, please update the Support Console.

Thank you!

Vincent Baker

Technical Specialist

09/01/2010 12:09 PM EDT Lee Holmes contacted WebHost4Life
Customer Quote:

I've got a script testing this site every 10 minutes, starting from 1:35 PST on 8/30. The uptime has been 65%!!!!

09/02/2010 11:11 AM EDT Lee Holmes contacted WebHost4Life
Customer Quote:

My site is down again.

09/05/2010 12:25 PM EDT Updated Ticket: Work in Progress
09/05/2010 9:38 PM EDT Updated Ticket: Work in Progress
09/06/2010 1:14 AM EDT Resolved
09/06/2010 1:14 AM EDT Updated Ticket: Work in Progress
09/06/2010 1:18 AM EDT Resolved
09/06/2010 1:19 AM EDT Updated Ticket: Work in Progress
09/06/2010 1:19 AM EDT WebHost4Life contacted Lee Holmes (Resolved)
Comment:

I have checked the site and it is all loading withing a reasonable timeframe. Please check this from your end and let me know if you run into any problems. If you have any questions or concerns, please do not hesitate to ask.

Thank you and have an excellent day.

Sincerely,

Abelicio P.

Tier 2 Technical Support

During this, I opened my eyes and realized that it is now a wasteland of a hosting provider. It looks like it’s been sold to a parent company that got rid of anybody with talent, and moved to over-subscribed garbage hardware. My blog’s average uptime has been 65%!

There are a lot of others stumbling onto this realization: http://blogsearch.google.com/blogsearch?hl=en&ie=UTF-8&q=webhost4life.

It’s not just bloggers picking this up, either. Many hosting companies are running internet search ads trying to pick up the mass of customers running away from WebHost4Life. I mentioned it on Twitter, and a few companies approached me suggesting I look at their service – a very cool and proactive approach. After a bunch of digging and investigation, I ended up at Arvixe.com.

While I was at it, I took the opportunity to move to WordPress from DasBlog – if all goes well, you should be able to read this post and be none the wiser!