Ad-hoc fileshares

August 14th, 2009 No Comments

A little concept I’ve been working on every now and again is ad-hoc shares. The reasoning behind it is that committees and other short lived inter-department groups need something to share documents with that can be backed up. Email can be a hassle and quickly fills quotas, IT staff probably hates the idea of users starting shares on their machines (not to mention the backup issue), and a “public” share is way to…public.

A huge part of this idea came from drop.io, which allows anyone to create a place to share files as easily as letting the third parties know the location and password. By utilizing ActiveDirectory and Share and NTFS permissions, you can quickly create a place that people can access files and folders that only they have rights to.

With this script, users can create shares when they need them and limit who has access without having to know anything about share or NTFS permissions. Though at the moment, it would require them to know something about the command line and powershell. However a GUI could be created fairly easily that’s based off of the code below.

One thing that I haven’t finished yet is a culling script which would run on the server the main share is on, which is the reasoning behind the hidden xml file. It holds the info on when to delete the share.

adhocshares.ps1

param (
	$xml = $(throw "You must supply an XML (text not file) configuration!")
)

#
#	settings
#

$version = .2;
$rootdir = "c:\pbin\adhocshares\shares\";

$xmld = new-object system.xml.xmldocument;
$xmld.LoadXml($xml);

#some xml validation here?
$spec_check = $False;

$spec_check = $spec_check -and [bool]$xmld.root.share.dir
$spec_check = $spec_check -and [bool]$xmld.root.share.dir.name
$spec_check = $spec_check -and [bool]$xmld.root.share.dir.expires

$spec_check = $spec_check -and [bool]$xmld.root.share.acl
$spec_check = $spec_check -and [bool]$xmld.root.share.acl.user

if($xmld.root.version.number -ne $version -or $spec_check) {
	throw "XML should conform to the 0.2 version specs.";
}

#
#	Create share
#
$name = $xmld.root.share.dir.name
$newdir = "$($rootdir)$($name)";

##insert code for random name generation.

if(test-path $newdir) {
	throw "Error: Sorry, but that folder already exists. Please try another name.";
}

New-Item $newdir -type directory | out-null

$dacl = get-acl $newdir;
foreach($u in $xmld.root.share.acl.user) {
	"Adding: $($u.name) with $($u.rights) permissions.";
	$inher = ([System.Security.AccessControl.InheritanceFlags]::ContainerInherit, [System.Security.AccessControl.InheritanceFlags]::ObjectInherit) #[System.Security.AccessControl.InheritanceFlags]::none
	$prop = [System.Security.AccessControl.PropagationFlags]::none

	if($u.rights -eq "rw") {
		$new_rights = New-Object System.Security.AccessControl.FileSystemAccessRule(@("contoso\$($u.name)", "FullControl", $inher, $prop, "allow"));
		$dacl.AddAccessRule($new_rights);
	}
	if($u.rights -eq "ro") {
		$new_rights = New-Object System.Security.AccessControl.FileSystemAccessRule(@("contoso\$($u.name)", "ReadAndExecute", $inher, $prop, "allow"));
		$dacl.AddAccessRule($new_rights);
	}
}
set-acl -path $dacl.path -AclObject $dacl;

#Create the "settings" of the folder.
#Management script will delete folder if .ahs.settings.xml is not present.

$xml_text | out-file "$($newdir)\.ahs.settings.xml";
$t = gi "$($newdir)\.ahs.settings.xml";
$t.set_attributes("Hidden")
$t.set_IsReadOnly($True);

XML permissions

 <?xml version="1.0" encoding='ISO-8859-1'?>
 <!--
	VERSION:0.2
		version:	<version number="adhoc version" />
			Nothing special here other than to specify the parser version.

		share:	<share>
			Similar to "items" for RSS feeds. Meant to one day allow for multiple shares to be created from one xml file.

		dir:	<dir name="share name" expires="date the share will expire and can be deleted" />

		acl:	<acl>
			List of users that will have access to the folder.

		user: <user name="ActiveDirectory SAM account name" rights="(rw|ro)" />
 -->
 <root>
	<version number="0.2" />
	<share>
		<dir name="tmp1" expires="Friday, July 31, 2009 9:32:33 AM" />
		<acl>
			<user name="josherickson" rights="rw" />
			<user name="theboss" rights="ro" />
			<user name="coworker" rights="ro" />
		</acl>
	</share>
</root>
Read More »

Willmar Developers Guild?

August 12th, 2009 No Comments

Earlier this week I came across a developers guild for the Twin Cities area and it got me wondering if there was one around here Willmar. The only groups I think would be like this one are the clubs for certain Ridgewater courses or maybe the Willmar Lakes Area Young Professionals. While these groups are great resources, neither seem meant for IS professionals and the field in general.

So…developers and techies in and around Willmar, would you be interested in such a group?

Read More »

Export an Exchange 2007 mailbox with Powershell

August 7th, 2009 No Comments

Yesterday I was tasked with automating old employee mailboxes to PST files for archiving. I guess granting permissions and access the mail via GUI routes was just to cumbersome.

The code below is more like a macro and simply grants mailbox permissions to the running or specified user and then backs up the box and promptly removes the user. Since $env:username is usually populated with the running user, there should be little need to specify anything else.

#Export mailbox
param (
	$mailbox = $(throw "You must specify a mailbox!"),
	$pstLocation = $(throw "You must specify a location to save the PST to!"),
	$admin_user = $env:username
)

add-mailboxpermission -identity $mailbox -user $admin_user -accessright fullaccess -inheritancetype all
export-mailbox -identity $mailbox -PSTFolderPath $pst_path -Confirm:$False
remove-mailboxpermission -identity $mailbox -user $admin_user -accessright fullaccess -inheritancetype all -confirm:$False
Read More »

More Trouble in Little Willmar

July 28th, 2009 No Comments

Leo B. of Willmar wrote in a comment to the wctrib.com site for a recent article about McDonalds incident a few months ago.

Lori, Casey, and Jan what have these young man done to you for you to show this kinda of hate towards them? do know them personally? I do. Did everyone forget about all this even happend for?

Well, Leo, they haven’t done much to any of the people of me personally, but they have done stuff to people we know, which is just as good. Why are you trying to justify Cadena and gang’s actions by what was alleged to have happened at Walmart earlier that evening? If such a thing happened why does no one except for Cadena and gang know about it? Are you suggesting that no one in Walmart had a clue that someone’s hair was being lit on fire? That’s quite a strong accusation, so why it hasn’t been quantified yet? Probably because it never happened.

I myself attended the trial, and besides the family and friends of Cadena and the witnesses, I don’t recall anyone else. It just infuriates me how there are these comments on the Tribune site of people whole know nothing of the case but take sides anyway and then charge others with what is effectively racism.

Read More »

Simple Powershell Site Crawler

July 16th, 2009 No Comments

The following code is a mental recreation with improvements (and thus untested) of a quickly written powershell script from last night. This is simply an example of how to get started, and so it’s up to you to write your own code for finding what you want.

#Set the page you want to start at
$tree = @("http://example.com/");
$client = new-object system.net.webclient;

for($i = 0; $i -lt $tree.length + 1; $i++) {
	$page = $client.downloadString($tree[$i]);

	#Assumes that the site is valid html/xhtml
	$xmldocument = new-object system.xml.xmldocument
	$xmldocument.loadxml($page);

	#This filters the links to only anchors with href set and hasn't been captured already.
	#You could include additional filtering conditions in where{}
	#possiblities include only links that contains "/profile" or "/topics".
	$tree += ($xmldocument.getElementsByTagName("a") | where { $_.href -ne $null -and !($tree -contains $_.href.tolower()) } | foreach { $_.href.tolower() })
}
Read More »

New server!

July 15th, 2009 No Comments

Found out earlier this week that my server’s OS was way out of date. So for the last couple days I’ve been attempting to get the new place all nice a cozy. I ended up having to compile apache and php from scratch since the apt-get versions are a little behind and had a completely different configuration setup then I had been using (plus they lacked features I wanted).

I’ve also taken this opportunity to clean up my DNS mess. Before I was just using this server for all my DNS needs, but now, I have linode.com slaving off of me. This way, I should be able to provide uptime where it concerns the DNS. Additionally I’ve learned about something called a LOC Record, I’ve set mine to the Willmar latitude and longitude coordinates. Check out this site for a map (you’ll need to put in josherickson.org) or for the geeks this place.

Read More »

More chess

July 13th, 2009 No Comments

I’ve been finding myself thinking about my chess project from…a couple a years ago. Most of it’s been in how to better use OOP principles as well as make it more secure (like take out the eval call for starters).

I’ve yet to make it more secure, but I have added a method (movedSpaces()) that lists the board squares that were covered in the move, with the first and last array entries being the starting and end positions.

Probably the next biggest hurdle will be how keep track of the black pieces since the current code that is written for whites. While it would be easier to create two different class sets for black and white, it would mean more equations or methods that are way to specialized for very similar ideas. One idea I’ve had would be to treat white and black as the same in code, but than reverse the when checking for opposing pieces or for display.

Code:

Read More »

There is no duck

July 9th, 2009 No Comments

I’ll often hear about some crazy law that’s on the books like it being illegal to cross the Minnesota border with a duck on ones head. One thing though you never see with any of these postings is references to those laws.

In the case of the head duck, I looked myself and couldn’t find anything during my search of Minnesota Laws. I didn’t search the statutes, but a simple google search didn’t turn up anything either.

Read More »

SNMP.Cisco Engine

July 2nd, 2009 Comments Off
Wow, after starting to work on the database again I found that the SNMP.Cisco engine wasn't returning data on trunk port vlans, which is kind of a problem. I've finally nailed it after pouring over the Cisco MIB's and trying to find out how to find the info. Basically, I need to parse some HEX that tells you what VLAN is allowed on a trunk. The awesome thing about this is that this code/concept could be applied to access ports as well.
Read More »

SNMP.Cisco Engine

July 2nd, 2009 Comments Off
Wow, after starting to work on the database again I found that the SNMP.Cisco engine wasn't returning data on trunk port vlans, which is kind of a problem. I've finally nailed it after pouring over the Cisco MIB's and trying to find out how to find the info. Basically, I need to parse some HEX that tells you what VLAN is allowed on a trunk. The awesome thing about this is that this code/concept could be applied to access ports as well. (0 comments)
Read More »
« Older Entries
Newer Entries »
Subscribe to RSS Feed Follow or die!