Security – 10 Tipps zu sicheren Passwörtern

  1. Das Sicherste Kennwort benötigen Sie für Ihren Mailaccount da dort alle anderen Services zurückgesetzt werden können.
  2. Nutzen Sie “sinnlose” Zeichenfolgen (Hacker nutzen gerne existierende Worte bei Attacken)
  3. Passwörter länger 16 Zeichen erhöhen die Sicherheit dieser enorm.
  4. Verwende keine logischen Zeichenketten wie z.B. 1234567890 oder Geburtsdaten.
  5. Sonderzeichen erhöhen die Sicherheit z.B. 03’10#19?90 – Ein Datum mit Sonderzeichen einfach zu merken.
  6. Grundsaetzlich sind Passwörter nur so lange Sicher bis Sie es jemandem sagen.
  7. Glauben Sie nicht das Ihre Konten/Accounts nicht für andere Personen uninteressant sind. 
  8. Verwenden Sie JEDES PASSWORT nur ein mal pro DIENST
  9. Nutzen Sie keine Worte aus Ihrem direkten Umfeld oder besser gar keine Worte.
  10. Nutzen Sie Password Safes und vorgeschlagene kryptische Passwörter

Permission setup commands

Here are a few useful commands to setup Windows file permissions.

Take Ownership of a folder(including files and subfolders)
Takeown /f foldername /r /d y

Reset Permission of folder(including all files and subfolders) to Inherit
Icacls folder /reset /T

disable inheritance for a
icacls Folder/inheritance:d

Set read permission for AD group on folder and subfolder
Icalcs Folder /grant domain\Groupname:(OI)(CI)RX /T

Set modify permission for AD group on folder and subfolder
Icalcs Folder /grant domain\Groupname:(OI)(CI)M /T

Set listing permission to this folder only
Icacls Folder /grant domain\group:(X,RD)

Remove Permission from Folder and subfolder
Icacls folder /remove domain\group

Mac OS – Repair volume and disks via command line (terminal app)

To Repair the volumes and disks via command line there are a few easy to use commands:
Open the Terminal App.

  1. Volumes
    1. Verify volumes
      1. check all volumes: diskutil verifyvolume / 
      2. check a specific volume: diskutil verifyvolume /volumes/[volume name]   example diskutil verifyvolume /volumes/macos
    2. repair disks
      1. repair all volumes: diskutil repairvolume /
      2. repair a specific volume: diskutil repairvolume /volumes/[volume name] example diskutil repairvolume /volumes/macos
  2. Disks
    1. Verify the disks
      1. check all disks: diskutil verifydisk /
      2. check a specific disk: diskutil verifydisk /dev/[disk number] example diskutil verifydisk /dev/disk0
    2. Repair disks
      1. repair all disks: diskutil repairdisk /
      2. repair a specific disk: diskutil repairdisk /dev/[disk number] example diskutil repairdisk /dev/disk0

With these simple commands you can check the health status of your volumes and disks and if needed repair them.
These commands also work in the recovery mode.
But you have to use sudo in front of it to get access to the disks or volumes

Windows – Supportscript for needed IT infos

For my job its important to get fast informations from users.
Most of them are always the same.
What is your actual IP address, whats your Hostname, do you have local admin rights, which networkprinters are connected and so on.
To get these Information fast and without explain the user every time how to get these Informations, I build a script for it.
This script will be added via GPO to every user’s startmenu.
This should work on all clients with PowerShell 3 installed.
This is what I build with Powershell.
First I added some variables for the actual date:
$vdate = get-date -Format d
After that I added a varibale for the path of the logfile and check if the file exists and if it exists to telete it:
$FileName = "C:\Users\" + [Environment]::UserName + "\Desktop\" + [Environment]::UserName +"_" + $vdate + ".txt"
if (Test-Path $FileName) {
Remove-Item $FileName
If you use DELL devices in your company, it’s important to have the Serial (ServiceTag) and the Express Service Code.
To get the Express Service Code (will be calculated from the Service Tag Value) I added a function to my script:
Function Get-ExpressServiceCode {
Param
(
$ServiceTag = (Get-WMIObject -Class Win32_Bios).serialnumber
)
$Base = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ"
$Length = $ServiceTag.Length
For ($CurrentChar = $Length; $CurrentChar -ge 0; $CurrentChar--) {
$Out = $Out + [int64](([Math]::Pow(36, ($CurrentChar - 1)))*($Base.IndexOf($ServiceTag[($Length - $CurrentChar)])))
}
$Out
}
Now I added the Powershell command to receive the Hostname and write it to the Logfile:
$CN = "01. Hostname: "
$CN += get-content env:computername
$CN >> $FileName
Next, I added a script to check the local active IPv4 addresses and check if one of these is an IP out of our VPN range (change xxx.xxx to your IP Range):
$ip=get-WmiObject Win32_NetworkAdapterConfiguration|Where {$_.Ipaddress.length -gt 1}
$d = $ip.ipaddress[0]
$ip |foreach {
if($ip.VALUE -like "xxx.xxx*")
{ $d = $ip.VALUE}
}
$ip = "02. IP-Address: "
$ip += $d
$ip >> $FileName

Now I added a script that checks if the User which is logged on have local admin rights and write the result in the logfile:
$LA ="03. Local Adminrights: no"
if(([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator"))
{$LA ="03. Local Adminrights: yes"}
$LA >> $FileName
Next step is to check the Vendor, the Model, ServiceTag and Express Service Code of your Client:
$vendor = "04. Vendor: "
$vendor += (Get-WMIObject -Class Win32_Bios).Manufacturer
$vendor >> $FileName
$vModel = "05. Model: "
$vModel += (Get-WmiObject -Class:Win32_ComputerSystem).Model
$vModel >> $FileName
$Service = "06. Service tag: "
$Service += (Get-WMIObject -Class Win32_Bios).serialnumber
$Service >> $FileName
$vESCode = "07. Express Service Code: "
$vESCode += (Get-ExpressServiceCode)
$vESCode >> $FileName
After that we add some code to get our actual BIOS Version:
$Bios = "08. Bios Version: "
$Bios += (Get-WMIObject -Class Win32_Bios).SMBIOSBIOSVersion
$Bios >> $FileName
The next Script will show the connected Printers including the Servername and the UNC Path of the Printer:
"09. connected network printers" >> $FileName
$Printer = Get-WMIObject -Class Win32_Printer| where {$_.Location.length -gt 1}
$Printer |foreach {
$prnName = "Name: "
$prnName += $_.ShareName
$prnName >> $FileName
$prnServer = "Printserver: "
$prnServer += $_.SystemName
$prnServer >> $FileName
$linkprn = "Link: "
$linkprn += $_.SystemName + "\" + $_.ShareName
$linkprn >> $FileName
" " >> $FileName
}

Now we have to theck the connected network shares:
"10. connected networkshares" >> $FileName
$vitns = Get-WmiObject -class "Win32_MappedLogicalDisk"
$vitns | foreach {
$vitnsnp = $_.Name + " " + $_.ProviderName
$vitnsnp >> $FileName
}
" " >> $FileName

The last script we add is a list of users and groups who are members of the local admin Group.
I added this one because I want to see all members too and a separate entry for the local user.
"11. members of local administrators group" >> $FileName
net localgroup administrators | where {$_ -AND $_ -notmatch "command completed successfully"} | select -skip 4 >> $FileName
$Delete = Get-Content $Filename
$del = "Der Befehl wurde erfolgreich ausgefhrt."
$Delete = $Delete | Where {$_ -ne $del}
$Delete | Out-File $FileName -Force
To Open the file, we just add the invoke-item command to the script:
Invoke-Item $FileName
Youre done.
The Result of this is good for our support.
Maybe you can use some of these scripts for yours 🙂

01. Hostname: NB0815
02. IP-Address: 10.xxx.xxx.xxx
03. Local Adminrights: yes
04. Vendor: Dell Inc.
05. Model: Latitude E7440
06. Service tag: xxxx
07. Express Service Code: 123456789
08. Bios Version: A10
09. connected network printers
Name: PRN1234
Printserver: \\SRV0001
Link: \\SRV0001\PRN1234
Name: PRN456
Printserver: \\SRV0001
Link: \\SRV0001\PRN456
10. connected networkshares
H: \\Domain.local\dfs$\Data
U: \\Domain.local\dfs$\home\username
11. members of local administrators group
Administrator
domain.local\Domain Admins
domain.local\SysAdmins

I think I will add some more options for this in the future.
Have fun with it…

OSX – Force shutdown of a MacBook Air or Retina

To force shutdown a MacBook without the eject Key, you can use the following keys:
Command + Control + Option + Power button
After a few seconds, your MacBook will shutdown and you can restart it with pressing the power button.
A force shutdown could be helpful if your MacBook won’t work after falling into sleepmode.
Before you do this, you should try to force quit applications by pushing this keys:
Command + Option + Esc

Windows – Permission commands

Here are a few useful commands to setup Windows file permissions.
take ownership of a folder(including files and subfolders)
Takeown /f foldername /r /d y
reset permission of folder (including all files and subfolders) to inherit
Icacls folder /reset /T
disable inheritance for a folder
icacls Folder/inheritance:d
Set read permission for AD group on folder and subfolder
Icalcs Folder /grant domain\Groupname:(OI)(CI)RX /T
Set modify permission for AD group on folder and subfolder
Icalcs Folder /grant domain\Groupname:(OI)(CI)M /T
Set listing permission for AD group to this folder only
Icacls Folder /grant domain\group:(X,RD)
Remove Permission from Folder and subfolder
Icacls folder /remove domain\group

Powershell Scripts for IT Support

I just started a new project at work.
Finding and creating useful Powershell scripts for IT Support.
My Problem is to find good sources who explain this for me.
So I bought me two books for self study.

I will start with some easy scripts and continue with more powerful ones.

Actually I have a problem to create scripts for Windows 7 and PS 2.0 .
It’s so much easier to create PS 3.0 scripts but most of the clients are actually Windows 7.

So if I finished some of these scripts, you will find them in the tutorials section.

If you have good sources for PowerShell Scripts or selfstudy websites, please leave me a comment.