office365: purge an inactive mailbox

i encountered a scenario where an employee returned to the organization after their office365 persona was past the 30 day soft-delete limit. normally, that is no big deal; they’d just end up with a new mailbox. however, in this case i believe since a litigation hold was enabled on the mailbox, the mailbox was retained as a deleted mailbox past the 30 day marker in exchange online. the mailbox would not reattached to the reenabled AD user and i could not manually recover the inactive mailbox in exchange online because this was a federated user. microsoft has instructions on how to recover an inactive mailbox here: https://technet.microsoft.com/en-us/library/dn894100(v=exchg.150).aspx, but they do not work on a federated user. there’s a very convoluted workaround described here: https://blogs.technet.microsoft.com/exovoice/2016/11/21/how-to-restore-an-inactive-mailbox-for-a-federated-user-in-an-exchange-hybrid-deployment/

additional info:
https://technet.microsoft.com/en-us/library/dn186233(v=exchg.150).aspx
https://technet.microsoft.com/en-us/library/dn144876(v=exchg.150).aspx

for starters:
get-mailbox -inactivemailboxonly -identity [UPN]

then you have to remove the litigation hold to be able to do anything with the mailbox, like so:
set-mailbox -inactivemailbox -identity [alias] -litigationholdenabled $false
source: https://technet.microsoft.com/en-us/library/dn890381(v=exchg.150).aspx

the following all resulted in “The operation couldn’t be performed because ‘user’ matches multiple entries.”:
remove-mailbox -identity [alias] -permanentlydelete
remove-mailbox -identity [upn] -permanentlydelete
remove-mailbox -identity [“display name”] – permanentlydelete
get-mailbox [alias] -includeinactivemailbox | remove-mailbox -permanentlydelete

i then ran “get-mailbox [alias] -includeinactivemailbox | fl” and retrieved a unique SamAccountName”
and followed up with:
remove-mailbox -identity [SamAccountName] -permanentlydelete
this time the error was “This mailbox cannot be permanently deleted since there is a user associated with this mailbox in Azure Active Directory”.
finally some progress…

i then unsynced the local AD user and forced the deletion of the O365 account with the usual tactic of:
get-msoluser -returndeletedusers -userprincipalname [UPN] | remove-msoluser -removefromrecyclebin -force
then after a minute or so i was able to run the remove-mailbox command above successfully

Posted in: IT by resinblade Comments Off on office365: purge an inactive mailbox

destiny (xbox one)

i originally played the destiny beta on the xbox 360. i had fun with it. i wasn’t really that compelled by any of the story elements, but the gameplay, loot grabs, & leveling had me hooked. so i eventually bought destiny pretty late in it’s life cycle (like right before rise of iron came out). i understand that were lots of complaints about the initial release like boss battles that went on for an hour, bad loot drops, etc. at this point in destiny’s lifecycle i don’t have any such complaints.

the star of the game is by far the gameplay. the gameplay is just as tight and smooth as the halo games. the graphics are also great. all of the levels look fantastic and run incredibly smooth. my favorite environment is venus because it has the most interesting visuals and isn’t as monotonous looking as the other planets. my least favorite area was earth, just because i believe they really overdid the rust tones. rust is all you see practically and it’s visually grating to me.

i didn’t fully understand the story as it’s presented. it seems very convoluted just like halo 3 was. i think bungie lost out on a really cool opportunity to make different alien species seem authentic and interact appropriately. instead, what you get is just a bunch of random spawns of various alien troopers from different species. sometimes they’ll fight each other, but this and the random spawns just seem so artificial. none of it makes me feel like i’m in the middle of a real battle (such as like how i felt in the halo games) or that these aliens are behaving in believable manners.

the taken king…
i really hate a lot of the levels in taken king because some level designer got the bright idea to introduce platforming in an FPS. who plays FPS’s to do platforming? certainly not me. there were elements of it in house of wolves that i didn’t mind as much. the taken king expands on the concept greatly. it doesn’t even add any difficulty to the game it’s just an irritation. to prove my point there are new taken enemies that exist primarily to knock you off ledges. several of these enemies will be strategically placed to accomplish just that. gotcha! there’s also invisible and vanishing platforms to add to the fun. it’s all so dumb because it does nothing to really add difficulty it just simply stalls you and makes you respawn. in other words…it just pisses you off.

Posted in: Games by resinblade Comments Off on destiny (xbox one)

canvas: installation on ubuntu

quick start method:
https://github.com/instructure/canvas-lms/wiki/Quick-Start
i had to run the following to get ./CODES.sh –full setup to successfully complete:
gem list bundler
sudo gem uninstall bundler
sudo gem install bundler -v 1.12.5

production method:
https://github.com/instructure/canvas-lms/wiki/Production-Start
i had to uninstall some other versions of ruby and standardize on ruby2.3.
check ruby version with: ruby -v
after the ruby cleanup i needed to run: sudo gem update –system
to alter the postgres password for the “canvas” user i ran:
sudo -u postgres psql postgres
\password canvas

Posted in: IT by resinblade Comments Off on canvas: installation on ubuntu

netcat

in ubuntu, uninstall the netcat-openbsd version by running:
sudo apt-get remove –purge netcat-openbsd

then run:
sudo apt-get install netcat-traditional

verify the traditional netcat version is installed by running:
nc -h
if the -e option is listed then traditional is installed

port scanning:
nc -v -w 1 192.168.1.10 -z 1-1000
mirabox.local [192.168.1.10] 53 (domain) open
mirabox.local [192.168.1.10] 22 (ssh) open
^the 1-1000 portion indicates the port range

banner grabbing:
nc 192.168.1.1 80
HTTP/1.1 200
HTTP/1.0 400 Bad Request
Server: httpd/2.0

nc -nv 10.0.2.7 80
(UNKNOWN) [10.0.2.7] 80 (http) open
HTTP/1.1 200
Apache/2.4.23 (Win32) OpenSSL/1.0.2h PHP/5.6.28

nc -nv 10.0.2.7 21
(UNKNOWN) [10.0.2.7] 21 (ftp) open
220-FileZilla Server version 0.9.41 beta

nc 192.168.1.10 22
SSH-2.0-OpenSSH_6.0p1 Debian-4+deb7u4

nc -nv 10.0.2.7 143
(UNKNOWN) [10.0.2.7] 143 (imap2) open
* OK localhost IMAP4rev1 Mercury/32 v4.62 server ready.

transferring a file:
nc -v -w 30 -p 3333 -l < mytext.txt (sending)
nc -v -w 2 192.168.1.50 3333 > mytext.txt (receiving)
-or-
nc -nv 10.0.2.7 3333 < mytext.txt
nc -nlvp 3333 > mytext.txt

server/client chat:
nc -nlvp 4000 (server)
listening on [any] 4000 …
connect to [10.0.2.7] from (UNKNOWN) [10.0.2.8] 44010
test
test2

nc -nv 10.0.2.7 4000 (client)
(UNKNOWN) [10.0.2.7] 4000 (?) open
test
test2

Posted in: IT by resinblade Comments Off on netcat

NDMP backups

this is something i’ve been mulling over for the past few months. most enterprise NAS devices support NDMP backups which is nice. what’s not nice is that most backup software vendor want a fortune (practically) to use the NDMP functionality.

this made me research freeware and open source NDMP backup solutions. the big open source names like bacula and amanda also charge for NDMP functionality. i also found ndmpcopy, but it didn’t seem very straight forward from the docs i found.

the most promising thing i found was “bareos” which seems to be a not so amicable fork of bacula that includes NDMP functionality free of charge.

bareos info:
http://doc.bareos.org/master/html/bareos-manual-main-reference.html
https://github.com/bareos/bareos/blob/master/README.NDMP
http://www.admin-magazine.com/Articles/Free-Enterprise-Backup-with-Bareos

***update 12/16/2016***
forget the above information, i’ve found a method of backing up NAS presented shares with netbackup without incurring additional licensing costs. the netbackup server itself can directly back up SMB shares. the process is detailed in the support article “How to back up CIFS shares on Windows with Netbackup” – https://www.veritas.com/support/en_US/article.TECH198175

Posted in: IT by resinblade Comments Off on NDMP backups

linux: disk wiping methods

my goto utility for disk wiping is usually DBAN, but at least in the past i’ve always encountered some problems with getting DBAN to detect external disks i.e. connected via USB. this may no longer be an issue with the latest versions but i didn’t feel like repeating old mistakes. so i started looking at utilities that could be ran directly from the host OS.

at first i tried the eraser utility in windows but it kept crashing during the wipe process. i believe i’ve always had some stability issues with this application.

next, i decided to research the available options in linux. like everything in linux it appeared that were a million ways to skin this cat. from some very basic research these methods seem to be the easiest and relatively secure:
dd if=/dev/urandom of=/dev/sdb bs=1M
scrub /dev/sdb
scrub -p dod /dev/sdb
shred -v /dev/sdb

the “scrub -p dod” option seems to be the most secure. note: in ubuntu i had to install the package for scrub.

Posted in: IT by resinblade Comments Off on linux: disk wiping methods

security certifications 2016

i’ve been looking into the security certifications to take one in early 2017. here’s the info i gathered so far:

cert cost duration questions notes
SSCP $250 3 hours 125 multiple choice?
CASP $414 165 min 90 multiple choice/simulation 1st and 2nd retakes without wait period
CCNA CyberOps ? 90 min each 60 each 2 exams
CEH $500 4 hours 125 multiple choice 30 days application/approval process prior to taking the exam ($100 fee)

1st retake without wait period, 2nd retake 14 days wait period

Posted in: IT by resinblade Comments Off on security certifications 2016

ubuntu 16.04: vnc (vino)

i haven’t messed around with vnc in ages so i was a little bit lost on how to set it up on a modern linux system. after some googling and trial and error i figured out the following… in ubuntu 16.04, vnc is built into the system as desktop sharing (just use the dash to search for this phrase). ubuntu help about this here: https://help.ubuntu.com/16.04/ubuntu-help/sharing-desktop.html

desktop sharing is actually just gnome’s vnc implementation vino. everything appeared straight forward at this point, but i could not connect to the vino server from a windows machine using tigervnc. i kept receiving a “no matching security types” error when attempting to connect. additionally, the vino server log listed “advertising security type 18” during start up. a quick search indicated that encryption needed to be disabled.

i ran into issues thinking that i could disable vino encryption globally (via root) and everything would be fine. apparently, the setting is per user. to alter the setting install dconf and run dconf-editor and change /org/gnome/desktop/remote-access/require-encryption to false.

Posted in: IT by resinblade Comments Off on ubuntu 16.04: vnc (vino)

mirabox: reflashing

i was applying some updates to my mirabox recently (which was running debian wheezy) and i decided hey why don’t i see if i can upgrade this thing to debian jessie. this ended up being a big mistake. jessie installs a version of udev that requires a newer kernel than supplied by the mirabox. i forced a new ARM kernel package on the mirabox and was 98% sure that the system would not come up after a reboot.

my suspicions were correct and i had an unbootable mirabox. after doing some digging i found it was possible to create a microSD rescue disk (download link: https://docs.google.com/file/d/0B0imSF-34b8dZEc0SFo3N1Fzb0E/edit). create a 100MB fat16 partition on a microSD card and then create another partition that consumes the rest of the space as ext3. copy the mirabox file to the fat16 partition and extract the rootfs.tgz file to the ext3 partition.

next interrupt the boot process over a usb-serial connection to get into the uboot mode. with the microSD card inserted into the mirabox run:
usb start
set bootcmd ‘usb start; fatload usb 1 0x6400000 mirabox; bootm 0x6400000’
set bootargs ‘console=ttyS0,115200 root=/dev/sdb2 rootwait’
boot

i ran “usb start” first because it appears that the microSD (MMC) access relies on the usb/mass storage subsystem.

the mirabox will now boot from the microSD rescue disk. on first boot the system seemed to infinitely hang at eth0 becoming available. to get around this i plugged eth0 into a spare wireless router port and tried the boot once more. this time it went much better and i was able to get to a login and use the root/nosoup4u credentials.

i then plugged in a usb stick that i had copied a rootfs_mira_debian7_v5_v7_arm8766.img file to (download location: https://code.google.com/archive/p/mirabox/downloads). i then went to the directory where the usb stick auto-mounted. it ended up being /media/usb2 in my case.

i then ran:
ubiformat /dev/mtd2 –flash-image=rootfs_mira_debian7_v5_v7_arm8766.img
sync
reboot

and removed the microSD card and usb stick.

sources:

Reflashing GlobalScale Mirabox filesystem


https://www.newit.co.uk/forum/index.php?topic=3880.0

Posted in: IT by resinblade Comments Off on mirabox: reflashing

epcot food and wine festival 2015

for some reason i waited a whole year to write about this.

highlights:
Buttered chicken with micro cilantro (africa)
“Le Cellier” wild mushroom beef filet mignon (canada)
Frozen Dominican piña colada (dom. republic)
Lechón asado: Roasted pork with mangú (dom. republic)
Kielbasa and potato pierogi (poland)
Coconut Porter Float (desserts/champagne)
Tacos de camarón (mexico)
Frozen S’mores featuring Monin® (desserts/champagne)
Beer flights (brewers collection, craft beers)
Grilled sweet and spicy bush berry shrimp (australia)

decent:
Roasted pork lettuce wrap with kimchi slaw (south korea)
Pork Spareribs with red wine (sustainable chew) – really small portion though

okay, but probably wouldn’t get again:
Teriyaki gyoza bun (japan)
Grilled lamb chop with mint pesto and potato crunchies (australia)

disappointments:
Ice Pop Pomme (france) – just tasted like pure alcohol
Loaded mac n’ cheese with Nueske’s® pepper (farm fresh) – this had a great taste, but were overloaded with pepper
New York strip, parsnip silk, balsamic glaze (chew labs) – unimpressive and really small portion size
All of the coffee liquors (ireland, belgium) – despite the fancy names, they were all tiny cups of baileys and way overpriced

passed on the following (maybe next time):
Tzatziki martini (greece)
Roast bratwurst in a pretzel roll (germany)
Tuna poke with seaweed salad and lotus root chips (hawaii) – tiny, and tuna seemed thawed out from being frozen?
Berbere-style beef tenderloin tips (africa) – too vinegary from pickled jalapenos

Posted in: Food by resinblade Comments Off on epcot food and wine festival 2015