Windows Internals

How to install all roles and features of one server on another

Posted by on Jun 13, 2017 in Powershell, Roles and Features | 0 comments

Ever wanted to install all the roles and features that are installed on one server on another server? Easy. Just copy and paste the following command into an elevated powershell on the server where the roles and features are installed. Then copy the output and paste it into an elevated powershell on the other server: Get-WindowsFeature | ? { $_.Installed } | Select Name | ForEach-Object { "Install-WindowsFeature $($_.Name)"...

Read More

How to recover data from a deleted, BitLocker enabled partition? – 2017 Edition

Posted by on Jan 7, 2017 in BitLocker, Featured | 0 comments

How to recover data from a deleted, BitLocker enabled partition? – 2017 Edition

In the mid of 2013 I wrote a post about recovering a deleted, BitLocker enabled Partition using Windows Server 2012. Back then the state of the art encryption method was AES 128. Now that we got Windows 10 and XTS-AES 256 encryption some people seem to have problems running through the steps of the old article. That’s why I decided to spend some time to try this on a modern OS with modern encryption. So this time, to save me some time, I used a 5GB VHD file lying on a bunch of SSDs. In real life the whole process may take several hours to several days, depending on your machine, the size and...

Read More

How to purge Kerberos tickets of the system account

Posted by on Mar 30, 2016 in Active Directory, Environment | 0 comments

How to purge Kerberos tickets of the system account

… or: How to update group membership information of the computer account. When updating Active Directory group membership of your users you usally ask them to logoff and logon again. You don’t tell them why, you just tell them to do so. What happens? When logging on again the group membership information of a user (within their kerberos tickets) gets updated and they can access the ressources they have access to. You can check which tickets a user has by using the klist command: But how about the system / computer account. You can’t logoff and logon the system account. You...

Read More

Ambiguous Name Resolution (ANR) for LDAP

Posted by on Dec 7, 2013 in Active Directory | 0 comments

Ambiguous Name Resolution (ANR) for LDAP

What is ANR? Ambiguous Name Resolution (ANR) is an efficient search algorithm associated with Lightweight Directory Access Protocol (LDAP) clients that allows for objects to be bound without complex search filters. ANR is useful when you are locating objects and attributes that may or may not be known by the client. A common use for ANR, for example, is in a situation in which a building name is known by the requesting client, but not the associated number. In this case, the physicalDeliveryOfficeName attribute may have a value of “Building 40” and a client might search for...

Read More

How to get some information on Bitlocker using Visual Basic and WMI?

Posted by on Nov 29, 2013 in BitLocker, VB, WMI | 0 comments

How to get some information on Bitlocker using Visual Basic and WMI?

I have been asked on my post about How to get some information on Bitlocker using VBScript and WMI? if I could provide a solution using Visual Basic. Here it is: Imports System.Management 'Need to add System.Management reference to solution Module Module1 Sub Main() Dim arEncryptionMethod = {"None", "AES 128 With Diffuser", "AES 256 With Diffuser", "AES 128", "AES 256"} Dim arProtectionStatus = {"Protection Off", "Protection On", "Protection Unknown"} Dim arConversionStatus = {"Fully Decrypted",...

Read More

How to recover data from a deleted, BitLocker enabled partition?

Posted by on Jul 25, 2013 in BitLocker, Featured | 23 comments

How to recover data from a deleted, BitLocker enabled partition?

Since I ran across this problem some time ago and I couldn’t find some good information about the topic I decided to write this how to. We’ll start with a 20GB partition on one of my drives. I moved some data there, about 450MB, just so we have actually data on it. You can see information from Disk Management MMC and the folder structure in the next 2 screenshots: The next screenshot shows the BitLocker status for that partition. Please take note of the 48 digit recovery key separated by dashes into 6 groups – you’ll need that one later. In enterprise environments...

Read More