This is a pretty cool review of the new Mechwarrior game along with some other commentary. This game looks way to good:

http://video.ign.com/dor/articles/961088/ign-rewind-theater/videos/mechwarrior_spc_rewindtheaterr_070809.html

Now I just need a date and a platform listing.

So I found this script on Microsoft’s site to query bitwise information out of AD.

Set oNSP = GetObject(”LDAP:///rootdse”)
Set oConfig = GetObject(”LDAP:///” & oNSP.get(”DefaultNamingContext”))

Set oConn = CreateObject(”ADODB.Connection”)
oConn.Provider = “ADSDSOObject”
oConn.Open “”

strQuery = “;(&(objectCategory=person)(objectClass=User)(userAccountControl:1.2.840.113556.1.4.803:=));name,objectClass;subtree”

Set oRS = oConn.Execute(strQuery)
While Not oRS.EOF
MsgBox oRS.Fields(”name”)
oRS.MoveNext
Wend

MsgBox “done”

Set oConn = Nothing
Set oRS = Nothing
Set oConfig = Nothing
Set oNSP = Nothing

I then found this list of Hex Codes to use to pull specific information:

SCRIPT 0×0001 1
ACCOUNTDISABLE 0×0002 2
HOMEDIR_REQUIRED 0×0008 8
LOCKOUT 0×0010 16
PASSWD_NOTREQD 0×0020 32
PASSWD_CANT_CHANGE
Note You cannot assign this permission by directly modifying the UserAccountControl attribute. For information about how to set the permission programmatically, see the “Property flag descriptions” section. 0×0040 64
ENCRYPTED_TEXT_PWD_ALLOWED 0×0080 128
TEMP_DUPLICATE_ACCOUNT 0×0100 256
NORMAL_ACCOUNT 0×0200 512
INTERDOMAIN_TRUST_ACCOUNT 0×0800 2048
WORKSTATION_TRUST_ACCOUNT 0×1000 4096
SERVER_TRUST_ACCOUNT 0×2000 8192
DONT_EXPIRE_PASSWORD 0×10000 65536
MNS_LOGON_ACCOUNT 0×20000 131072
SMARTCARD_REQUIRED 0×40000 262144
TRUSTED_FOR_DELEGATION 0×80000 524288
NOT_DELEGATED 0×100000 1048576
USE_DES_KEY_ONLY 0×200000 2097152
DONT_REQ_PREAUTH 0×400000 4194304
PASSWORD_EXPIRED 0×800000 8388608
TRUSTED_TO_AUTH_FOR_DELEGATION 0×1000000 16777216

The only issue that I found is that you can’t use PASSWD_CANT_CHANGE that one doesn’t pull back any information. Unfortunately that was what I was looking for, but I just decided to change everyone’s account to let them change their passwords.

So I had my first flight on Southwest in a while. I was flying for business
to North Carolina. It was rather interesting as they line you up like
cattle to the slaughter to get on the plane.
However once on the plane it was much nicer than my last few flights on US
Air or Delta. They offered me as many snacks and drinks as I wanted and I
got to take any seat. Although as I had a layover in phoenix as my flight
continued I wasn’t allowed to get off the plane.
Now if I can just get out NC as fast as possibe and make it back home I
will be very happy.

So I just had an AS/400 crash on me pretty hard today. The plastic coating had worn away from some of the cables and was leaving the metal underneath it bare. The cables were in the cable management however the arm of the cable management allowed the cables to get close to the metal of the rack and caused a short. Suddenly no AS/400. Luckily the 400 was resilient enough that it brought itself back up pretty quickly with few problems. Although now I have to swap cables tonight on a Friday night. I guess it is a good thing that I don’t have a life and that I didn’t have anything planned for tonight.

I did learn one valuable lesson though, even if your cables are in cable management make sure you are checking them and that you see if the plastic covering has been worn away.

Finally all of the HMC consoles have been upgraded to 7.3.3sp3. Of the 12 consoles that were done only one completely tanked on me and I had to ship out a replacement. What made this project so long and painful was the amount of paperwork the new management wanted from me. I spent more time doing paperwork that was never going to be looked at then I did actually doing the work. I have never fully understood the reason why management wants more work and more productivity but feels the need to insert themselves into every step of the process. Is it that they don’t trust their Senior Staff to manage their own time and do what they thing is right for the company? I am constantly told to not think like an hourly employee, but I have to account for my time down to the quarter hour. Not sure exactly where that makes sense, but it must to someone.

For those of us forced to use Extreme Networking Equipment on the Pacific Coast:

http://pwnextreme.multiply.com/

What the hell is Trend Micro telling me now? So I am getting this message as it tries to clean up some remnants of the virus. Doing some searches this is what I found:

Step 1:

Apply the Service Pack 1 of Officescan 8 to your Officescan Server. If you happened not to apply it yet, please apply the following in following order:

1st: Trend Micro OfficeScan 8.0 Critical Patch – Build 1257
2nd: Trend Micro OfficeScan 8.0 Service Pack 1 – Local Installation
3rd: Trend Micro OfficeScan 8.0 SP1 Critical Patch – Build 2311

You may download the said patches from the link below:

http://www.trendmicro.com/download/product.asp?productid=5

Step 2:

To configure and deploy scan action for “Generic” virus type to
OfficeScan clients, please do the following:

1. Open the “ofcscan.ini” file in the “\PCCSRV\” folder on the
OfficeScan installation directory.

2. Under the “[Global Setting]” section, add the following keys and
assign the appropriate value to each key.

[Global Setting]
1stActForGenericVirus={x}
2ndActForGenericVirus={y}

Where:
{x} is the first action
{y} is the second action

Replace {x} and {y} with the value corresponding to the scan
action you want to use:
0 – Pass (permanent)
1 – Rename
2 – Move
3 – Clean
4 – Delete
5 – Pass (temporary) – this is the default action in OfficeScan
8.0
Note: Recommended for x=3, y=4

3. Open the OfficeScan server Web console and go to “Networked
Computers > Global client settings” screen.

4. Click “Save” to deploy the setting to clients.

IMPORTANT: OfficeScan client users with the privilege to configure
scan actions must set the action to “Custom Action” and not
“ActiveAction” to make sure the scan action you configured deploys
to the client. “ActiveAction” has a higher priority and overrides
“Custom Action”.

So now I am running an enterprise wide scan to hopefully get rid of the “Potential Security Risks”. Dumb ass viruses, don’t people have better things to do with their time?

Trying to decide if I should spend the 10 bucks and upgrade my touch to 3.0 or just leave it where it is. The new iPhone is way more compelling of an upgrade, but I don’t have one anymore and probably won’t be getting one anytime soon. So I am looking at the features now to decide.

Movies, TV over wifi? Okay may be
stereo bluetooth? not really
peer to peer gaming? not so much
copy and paste? not so much
spotlight search? yeah
shake to shuffle? heck yeah
push notifications? okay yeah
Automatic wifi login? okay yeah

Alright so there are at least a few features I can take advantage of and want. So I guess I will need to get the update once I am able to download it.

I didn’t know most of them, but still a good read:

http://www.neatorama.com/2009/06/15/8-starship-enterprise-facts-every-trekker-should-know/

So I continue to fight the virus, it looks to have morphed a bit and is causing us the same problems just in a different way. I have had to decode some hex out of the registry and I have now provided that data to our Websense filter so that I can effectively block the outbound port 80 calls and get a very nice log of who still has the problem. The one advantage is that at least the Trend Micro console is easy to work with and provides several tools to allow us to track clients down. It works a heck of a lot better than some of the other AV solutions I have used. They have a particularly nice tool that will scan a range of ip addresses and then tell you who has av installed who doesn’t and what version of av they do have installed. I now have that running daily to make sure we catch every single one of the machines on our network that isn’t protected. Hopefully with the steps we have in place I won’t be getting any early morning calls saying something isn’t working correctly.