Recently I migrated core functionality from my home Windows 2000 Server to a new host running ESXi 4.0 with three Ubuntu Server 9.10 VMs. If you want to see a simple diagram on my set up, view my article on Linux Backup Shell Script. One of the core functionality that I migrated was my internal DNS services. Hence the title of this article, DNS Server with Bind9.

bind9

I am impressed, once again, with Linux and the services residing within this amazing operating system. The most amazing part about Linux services is that many of them have been around as long as I have — where have I been?

Before I begin rambling too much, let’s get started on creating DNS forward and reverse zones for your local network …

First ensure you have bind9 installed by running the following command:

whereis bind

If the results is blank, such as just “bind: “, then you will need to install bind9. On Ubuntu, I would imagine the command would look like this:

sudo apt-get install bind9

Forward Zones

We need to configure your DNS forward zones, which will provide name to address resolution in your internal network. As we progress the configuration, keep in mind that your specific configuration will be slightly different than mine; adapt as needed.

For simple networks, such as mine at home, there are only a few changes that you will need to make for Forward lookup zones. The first file is /etc/bind/db.local.

/etc/bind/db.local

The changes are fairly easy because we going to use most of what is provided in the original file. Change the Start of Authority (SOA) to be the domain environment for your network. My domain is dt.local and my primary DNS server is dtsfile.dt.local. Change the SOA to reflect your choices and also change the nameserver (NS) line to be your primary DNS server.

Also, you will want to add A records for your various servers/computers on the network. For this example, I added my Asterisk server:

dtsvoip.dt.local.	IN	A	192.168.0.11

The next file to change, which we will also make changes for reverse DNS at the same time, is the /etc/bind/named.conf.default-zones file.

/etc/bind/named.conf.default-zones

The line for the primary zone, which references the /etc/bind/db.local file must state your local domain in the quotes following the zone directive:

zone “dt.local” {
  type master;
  file “/etc/bind/db.local”;
};

As we have more changes in this file, leave it open and continue to the next section.

Reverse Lookup Zones

As you probably know, a reverse lookup provides a name to an IP address. In Windows you would find the name of 192.168.0.10 by typing “nslookup 192.168.0.10” from a command prompt. If you have configured reverse DNS properly, you will see output similar to this:

C:\>nslookup 192.168.0.10
Server:  dtsfile.dt.local
Address:  192.168.0.10

Name:    dtsfile.dt.local
Address:  192.168.0.10

You may be wondering why the entry appears twice. This is because the Server and the name that I am looking up is the same server. If I were to locate my Asterisk server, it would look like this:

C:\>nslookup 192.168.0.11
Server:  dtsfile.dt.local
Address:  192.168.0.10

Name:    dtsvoip.dt.local
Address:  192.168.0.11

On with the configuration…

/etc/bind/named.conf.default-zones

If you were paying attention in the previous section you would still have that file open. Regardless, let’s add another zone to the file that represents our reverse lookup for the IP subnet in your network. In my network I use 192.168.0.0/24 which is the same as saying 192.168.0.0 with a subnet of 255.255.255.0 (192.168.0.0 to 192.168.0.255).

Immediately after the zone directive for your domain, add the following text for your reverse lookup:

zone “0.168.192.in-addr.arpa” {
  type master;
  file “/etc/bind/db.0.168.192”;
};

If you’re sharp, you’ll immediately know that the file db.0.168.192 doesn’t exist. We’ll create it next. And yes, it’s backwards; in reverse DNS lookups the IP address is reversed as part of the requirements set in the RFC and obviously for functionality pointing back to the host name of the IP. Read more: http://en.wikipedia.org/wiki/Reverse_DNS_lookup

Save changes to named.conf.default-zones.

/etc/bind/db.0.168.192

Next we’ll create a new zone db file for our newly created reverse lookup. Start by copying db.0 into a new file named db.0.168.192 (or whatever your local subnet IP address is).

cp /etc/bind/db.0 /etc/bind/db.0.168.192

Just like in your db.local file, let’s change the SOA to reflect your domain and nameserver. This includes the NS line that should already exist in the file. Now let’s add pointer (PTR) records for your servers/computers on the network. I’ll use mine for examples:

10	IN	PTR	dtsfile.dt.local
11	IN	PTR	dtsvoip.dt.local

Save changes to db.0.168.192.

Forwarders

The last section, assuming you want to use this DNS server as your primary DNS on all computers, is to set up a forwarder for all names that are not a part of your network. You will need to edit /etc/bind/named.conf.options.

/etc/bind/named.conf.options

The change is really simple, uncomment the forwarders directive and modify the IP address within to be your local router or your ISP DNS servers. Mine is similar to the following:

forwarders {
  192.168.0.1;
};

Local Name Resolution

The final step is to change your /etc/resolv.conf file to point your DNS server and to set the domain and search realm. This is what mine looks like:

domain dt.local
search dt.local
nameserver 192.168.0.1

Restart the bind9 daemon

After making all of these changes, the final is to restart the bind9 daemon. Oh, one other step is to change your computers to use this DNS server as the primary.

Configuration Files Examples

/etc/bind directory listing

/etc/bind# ls -la
drwxr-sr-x   2 root bind  4096 2010-08-01 17:52 .
drwxr-xr-x 141 root root 12288 2010-08-01 17:54 ..
-rw-r--r--   1 root root   237 2009-08-19 15:00 db.0
-rw-r--r--   1 root root   271 2009-08-19 15:00 db.127
-rw-r--r--   1 root bind   295 2010-08-01 17:22 db.0.168.192
-rw-r--r--   1 root root   237 2009-08-19 15:00 db.255
-rw-r--r--   1 root root   353 2009-08-19 15:00 db.empty
-rw-r--r--   1 root root   316 2010-08-01 17:14 db.local
-rw-r--r--   1 root root  2940 2009-08-19 15:00 db.root
-rw-r--r--   1 root bind   463 2009-08-19 15:00 named.conf
-rw-r--r--   1 root bind   573 2010-08-01 16:50 named.conf.default-zones
-rw-r--r--   1 root bind   165 2009-08-19 15:00 named.conf.local
-rw-r--r--   1 root bind   570 2010-07-16 11:58 named.conf.options
-rw-r-----   1 bind bind    77 2010-01-30 11:50 rndc.key
-rw-r--r--   1 root root  1317 2009-08-19 15:00 zones.rfc1918

./db.0.168.192

;
; BIND reverse data file for broadcast zone
;
$TTL    604800
@       IN      SOA     dt.local. dtsfile.dt.local. (
        1         ; Serial
   604800         ; Refresh
    86400         ; Retry
  2419200         ; Expire
   604800 )       ; Negative Cache TTL
;
@       IN      NS      dt.local.
10     IN      PTR     dtsfile.dt.local.
11     IN      PTR     dtsvoip.dt.local.

./db.local

;
; BIND data file for local loopback interface
;
$TTL    604800
@       IN      SOA     dt.local. dtsfile.dt.local. (
        2         ; Serial
   604800         ; Refresh
    86400         ; Retry
  2419200         ; Expire
   604800 )       ; Negative Cache TTL
;
@       IN      NS      dtsfile.dt.local.
@       IN      A       127.0.0.1
@       IN      AAAA    ::1
dtsvoip.dt.local.       IN      A       192.168.0.11

./named.conf.default-zones

// prime the server with knowledge of the root servers
zone "." {
  type hint;
  file "/etc/bind/db.root";
};

// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912

zone "dt.local" {
  type master;
  file "/etc/bind/db.local";
};

zone "0.168.192.in-addr.arpa" {
  type master;
  file "/etc/bind/db.0.168.192";
};

zone "127.in-addr.arpa" {
  type master;
  file "/etc/bind/db.127";
};

zone "0.in-addr.arpa" {
  type master;
  file "/etc/bind/db.0";
};

zone "255.in-addr.arpa" {
  type master;
  file "/etc/bind/db.255";
};

./named.conf.options

options {
directory "/var/cache/bind";

// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk.  See http://www.kb.cert.org/vuls/id/800113

// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.

forwarders {
  192.168.0.1;
};

auth-nxdomain no;    # conform to RFC1035
  listen-on-v6 { any; };
};

/etc/resolv.conf

domain dt.local
search dt.local
nameserver 192.168.0.1

When I first started the project, I was hoping that my script would run prior to showing the desktop. This is important because if it runs while the user has access to the desktop, that user may start using files that would prevent the script from running correctly (file locks). I had no luck; if anyone has an idea on how to do this, let me know. Otherwise, I created a .NET application that covers the entire screen on the primary monitor (if more than 1 monitor, then the second one is still visible).

BlankScreen

The BlankScreen application is written in VisualStudio .NET 2008 using .NET Framework 2.0 if I remember correctly. There are some changes you may want to make on this application to tailor it for your environment. The first change would be to put your logo on the application form. The second change, and really the more important change, is to change the ProcessPath variable to point to the UNC path of where you plan on putting the desktop.vbs file. This application just runs the VBScript.

So you might be thinking, why would you have an application that is capable of much more advanced programming run a VBScript? Well, I wrote the script first and didn’t feel like porting it to VB.NET. If you feel like spending the time, go for it.

desktop.vbs

Enough chatter about the other stuff, on to the real product of this blog post, the VBScript.

The VBScript has four basic functions that it completes one after the other based on the success of the previous function. Step 1 is to get the username of the logged in user. Step 2 is to create the folders in the user’s My Documents location and copy the files into that new folders (nothing is moved). Step 3 is to update the registry for the Desktop and Favorites locations to the newly created folders. Step 4 renames the old folders in the C:\Documents and Settings\[user]\ folder to DesktopOLD and FavoritesOLD. I feared losing user files, so I did not make the script perform anything that couldn’t be reversed.

Just as you had to change a string variable in the BlankScreen application for your specific server, you also have to change the location of your user’s folder on the network. In my case it was \\fileserver\users\.

The migration will change the registry keys:

HKCR\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, Favorites
HKCR\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, Desktop
HKCR\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, Favorites
HKCR\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, Desktop

The new locations will look something like this:

Desktop: \\[server]\[share]\[username]\Desktop-[username]
Favorites: \\[server]\[share]\[username]\Favorites-[username]
e.g. \\fileserver\users\aaron\Desktop-aaron\ would be my desktop folder.

Conclusion

Implementing this solution is fairly easy. First modify the VB.NET application and compile it. Place the .exe file in a shared location that your login script for users has permissions. Place the VBScript file in a similar location, as you specified in the VB.NET application, and modify the serverpath variable and email variables. Test with your user account in your login script batch file using something similar to below:

if %USERNAME% == yourusername (
 rem lets make sure the user has a my documents folder prior to trying to migrate their desktop
 if exist "\\[server]\Users\%USERNAME%" (
  if exist "C:\Documents and Settings\%USERNAME%\Desktop" (
   rem lets make sure they have the 2.0 Framework installed.
   if exist "C:\Windows\Microsoft.Net\Framework\v2.0*" (
    start "Desktop Migration" "\\[server]\[share]\blankscreen.exe"
   )
  )
 )
)

As a disclaimer, the application AND script are provided without any warranty and is only for educational / informational purposes. If you choose to use it in your environment, production or not, the outcome is your responsibility.

desktop.vbs Code

On Error Resume Next

'alert user of what is happening...
MsgBox "Please click OK to begin the backup process for your Desktop and Internet Explorer Favorites.  This process could take a few minutes, please be patient and Do NOT Cancel anything, otherwise data could be lost!" & vbCrLf & vbCrLf & "If you have Administrator privileges, your computer will restart after all of your files have been copied!"

'get the current user
user = getUser()
'set the server location, the following \ is required!
serverpath = "\\[server]\Users\"
'if you have a helpdesk solution with email capability:
useemailnotify = 0
smtpfrom = "email@domain.com"
smtpto = "email@domain.com"
smtpserver = "smtp.domain.com"

'create folders
m_cf = createFolderscopyFiles(user)
If m_cf <> 1 Then
	'update the registry and reboot
	m_ur = updateRegistry(user)
	If m_ur <> 1 Then
		'rename the old folders so it does not use them anymore!
		m_rof = renameOldFolders(user)
		'reboot
		Set WSHShell = WScript.CreateObject("WScript.Shell")
		WshShell.Run "C:\WINDOWS\system32\shutdown.exe -r -t 0"
	End If
End If

Function getUser()
	'get the current user environment variable.
	Set oShell = CreateObject( "WScript.Shell" )
	user = oShell.ExpandEnvironmentStrings("%UserName%")

	If Err.Number <> 0 Then
		'we have failure!
		getUser = 1
		Err.Clear
	Else
		getUser = user
	End If
End Function

Function createFolderscopyFiles(user)
	Set objFSO = CreateObject("Scripting.FileSystemObject")

	'lets only do the folder create and file copy if that folder doesn't already exist. Otherwise, its just gonna set the registry and reboot.
	If Not objFSO.FolderExists(serverpath & user & "\Desktop-" & user) Then
		'Create the new Desktop and the Favorites folder.
		objFSO.CreateFolder(serverpath & user & "\Desktop-" & user)
		objFSO.CreateFolder(serverpath & user & "\Favorites-" & user)

		Set oSHApp = CreateObject("Shell.Application")

		'Copy the Desktop files
		Set fromDFolder = oSHApp.Namespace("C:\Documents and Settings\" & user & "\Desktop")
		Set toDFolder = oSHApp.Namespace(serverpath & user & "\Desktop-" & user)
		toDFolder.CopyHere fromDFolder.Items, 16+512

		'Copy the Favorites files
		Set fromFFolder = oSHApp.Namespace("C:\Documents and Settings\" & user & "\Favorites")
		Set toFFolder = oSHApp.Namespace(serverpath & user & "\Favorites-" & user)
		toFFolder.CopyHere fromFFolder.Items, 16+512
	End If

	If Err.Number <> 0 Then
		'we have failure!
		SendEmail user,"failed at createFolderscopyFiles",Err.Description
		createFolderscopyFiles = 1
		Err.Clear
	Else
		createFolderscopyFiles = 0
	End If
End Function

Function updateRegistry(user)
	'lets work on the registry now
	Const HKEY_CURRENT_USER = &H80000001
	Const HKEY_LOCAL_MACHINE = &H80000002

	'update the registry for Desktop and Favorites (User Shell Folders)
	'set Favorites
	Set oFReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & "." & "\root\default:StdRegProv")
	strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders"
	strValueName = "Favorites"
	strValue = serverpath & user & "\Favorites-" & user
	oFReg.SetExpandedStringValue HKEY_CURRENT_USER,strKeyPath,strValueName,strValue
	'set Desktop
	Set oDReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & "." & "\root\default:StdRegProv")
	strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders"
	strValueName = "Desktop"
	strValue = serverpath & user & "\Desktop-" & user
	oDReg.SetExpandedStringValue HKEY_CURRENT_USER,strKeyPath,strValueName,strValue

	'update the registry for Desktop and Favorites (Shell Folders)
	'set Favorites
	Set otFReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & "." & "\root\default:StdRegProv")
	strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders"
	strValueName = "Favorites"
	strValue = serverpath & user & "\Favorites-" & user
	otFReg.SetStringValue HKEY_CURRENT_USER,strKeyPath,strValueName,strValue
	'set Desktop
	Set otDReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & "." & "\root\default:StdRegProv")
	strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders"
	strValueName = "Desktop"
	strValue = serverpath & user & "\Desktop-" & user
	otDReg.SetStringValue HKEY_CURRENT_USER,strKeyPath,strValueName,strValue

	If Err.Number <> 0 Then
		'we have failure!
		SendEmail user,"failed at updating registry",Err.Description
		updateRegistry = 1
		Err.Clear
	Else
		updateRegistry = 0
	End If
End Function

Function renameOldFolders(user)
	Set objFSO = CreateObject("Scripting.FileSystemObject")
	objFSO.MoveFolder "C:\Documents and Settings\" & user & "\Desktop", "C:\Documents and Settings\" & user & "\DesktopOLD"
	objFSO.MoveFolder "C:\Documents and Settings\" & user & "\Favorites", "C:\Documents and Settings\" & user & "\FavoritesOLD"

	If Err.Number <> 0 Then
		'we have failure!
		SendEmail user,"failed at renaming old folders",Err.Description
		renameOldFolders = 1
		Err.Clear
	Else
		renameOldFolders = 0
	End If
End Function

Sub SendEmail(user,contnt,contntB)
	'if the setting is to send an email, then do it, otherwise...nada.
	If useemailnotify = 1 Then
		'send an email!!
		Set objEmail = CreateObject("CDO.Message")
		objEmail.From = smtpfrom
		objEmail.To = smtpto
		objEmail.Subject = "Desktop and Favorites Migration Issue for " & user
		objEmail.Textbody = "User had a Desktop files migration error." & vbCrLf & vbCrLf & contnt & vbCrLf & vbCrLf & contntB
		objEmail.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
		objEmail.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpserver") = smtpserver
		objEmail.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25
		objEmail.Configuration.Fields.Update
		objEmail.Send

		If Err.Number <> 0 Then
			'we have failure!
			MsgBox "Your Desktop migration didn't go very well."
			Err.Clear
		Else
			'YAY!
		End If
	End If
End Sub

Downloads

BlankScreen.zip – VB.NET application

desktop.zip – VBScript

So, why write this article? Well, we wanted to make sure that user data was not accessible by anyone in the organization except that user and the backup process. This required custom permissions for the user folder, permissions that are not typical.

We used the GPO settings for My Documents redirection, setting the My Documents location to %HOMEPATH%. Obviously this required that the home path must be set for each and every user in Active Directory. The common way to accomplish this is to modify the users and set the home path to the desired server path. This would create the folder automatically for each user and assign full permissions to the user. It also sets Administrators with full permission. Bah.

PowerShell is, well, powerful

The solution that we came up with was to write a PowerShell script that would accomplish the same task as adding a home path in Active Directory. The only difference is that the script sets the folder permissions that we wanted.

The script accomplishes three tasks based on only providing it an Active Directory account, such as domain\user. The first task is to create the user folder on the server defined in the script. The second sets the permissions on that folder, removing Administrators and then adding SYSTEM and the user as Full Control. It also adds the user as the Owner of the folder. Third, it updates Active Directory, modifying the user’s home path to the newly created folder on the server.

The Script

Before I share the script, it comes with a disclaimer. Use at your own risk, the script is merely for informational purposes. You are responsible for your own server and the files and folders on it, and therefore I am not responsible if this script causes any harm.

##################################################################################
#
#
#  Script name: SetHomeFolder.ps1
#  Author:      Aaron and John
#
#
##################################################################################

param ([string]$User, [switch]$help)

function GetHelp()
{
$HelpText = @"

DESCRIPTION:
NAME: SetHomeFolder.ps1
Creates folder and sets permissions for the specified user.
Creates folder if it does not exist. Removes "Administrators" default permission.

PARAMETERS:
-User            User to create folder for and who should have access (Required)
-help            Prints the HelpFile (Optional)

SYNTAX:
./SetHomeFolder.ps1 -User Domain\UserName

Creates \\[server]\Users\[UserName] and sets new permissions for that folder.

"@
$HelpText

[system.enum]::getnames([System.Security.AccessControl.FileSystemRights])
}

function CreateFolder ([string]$Path)
{
#check if the folder Exists
Write-Host "$Path..." -Foregroundcolor Green

if (Test-Path $Path) {
Write-Host "...Already Exists" -ForeGroundColor Yellow
} else {
Write-Host "...Created"
New-Item -Path $Path -type directory | Out-Null
}
}

function SetAcl ([string]$Path, [string]$User, [string]$Permission)
{
#this trap prevents ugly errors on the screen when attempting to update the ACL for the user.
trap [Exception]
{
write-host "  ERROR: $($_.Exception.Message)" -ForeGroundColor Magenta
continue
}

Write-Host "Setting Permissions..." -ForeGroundColor Green

#get ACL on folder and assign as object
$GetACL = Get-Acl $Path

#set up the access rules
$Allinherit = [system.security.accesscontrol.InheritanceFlags]"ContainerInherit, ObjectInherit"
$Allpropagation = [system.security.accesscontrol.PropagationFlags]"None"
$AccessRule = New-Object system.security.AccessControl.FileSystemAccessRule($User, $Permission, $AllInherit, $Allpropagation, "Allow")
$SystemAccessRule = New-Object system.security.AccessControl.FileSystemAccessRule("SYSTEM", "FullControl", $AllInherit, $Allpropagation, "Allow")
$AdminAccessRule = New-Object system.security.AccessControl.FileSystemAccessRule("Administrators", "ReadAndExecute", $AllInherit, $Allpropagation, "Allow")

#check if Access for Administrators already exists - and REMOVE
Write-Host "...Removing Permission For: Administrators" -ForeGroundColor DarkGray
$GetACL.RemoveAccessRuleAll($AdminAccessRule) | Out-Null
#end of Administrators permissions

#check if Access for User Already Exists - and ADD
if ($GetACL.Access | Where { $_.IdentityReference -eq $User}) {
Write-Host "...Modifying Permissions For: $User" -ForeGroundColor Yellow

$AccessModification = New-Object system.security.AccessControl.AccessControlModification
$AccessModification.value__ = 2
$Modification = $False
#modify the ACL rule
$GetACL.ModifyAccessRule($AccessModification, $AccessRule, [ref]$Modification) | Out-Null
} else {
Write-Host "...Adding Permission: $Permission For: $User"
# add the ACL rule
$GetACL.AddAccessRule($AccessRule)
}
#end of User permissions

#check if Access for SYSTEM already exists - and ADD
if ($GetACL.Access | Where { $_.IdentityReference -eq "SYSTEM"}) {
Write-Host "...Modifying Permissions For: SYSTEM" -ForeGroundColor Yellow

$SystemAccessModification = New-Object system.security.AccessControl.AccessControlModification
$SystemAccessModification.value__ = 2
$SystemModification = $False
# modify the ACL rule
$GetACL.ModifyAccessRule($SystemAccessModification, $SystemAccessRule, [ref]$SystemModification) | Out-Null
} else {
Write-Host "...Adding Permission: FullControl For: SYSTEM"
#add the ACL rule
$GetACL.AddAccessRule($SystemAccessRule)
}
#end of SYSTEM permissions

#set the owner of the folder to the specified user
$GetACL.SetOwner((new-object System.Security.Principal.NTAccount("$User")))

#this command performs the actual update using the objects as defined above
Set-Acl -aclobject $GetACL -Path $Path
}

function Get-ADUser( [string]$samid=$env:username)
{
#find the user object in active directory and returns the user object to the calling line
$searcher=New-Object DirectoryServices.DirectorySearcher
$searcher.Filter="(&(objectcategory=person)(objectclass=user)(sAMAccountname=$samid))"
$aduser=$searcher.FindOne()

if ($aduser -ne $null )
{
$aduser.getdirectoryentry()
}
}

if ($help)
{
#the user requested help, so let us display that help.
GetHelp
}

#set some global variables per our environment.
$Permission = "FullControl"
$username = $User.substring($User.indexof("\") + 1)
$Path = "\\[server]\Users\$username"

#LET'S BEGIN (sub Main()) - Process folder creation and security changes
if ($Path -AND $User -AND $Permission)
{
#1. create the folder
CreateFolder $Path

#2. set the ACL permissions and ownership for that folder
SetAcl $Path $User $Permission

#3. update active directory with the new path location
Write-Host "Updating Active Directory Home Folder..."
$aduser = Get-ADUser $username
$aduser.homeDirectory = "$Path"
$aduser.homeDrive = "P:"
$aduser.SetInfo()
Write-Host "...$username Updated with: $Path" -ForeGroundColor Green
}

I thought it was interesting how RIM describes the process for presenting using the BlackBerry Presenter is as easy as plugging it into a projector and selecting “Present”. That is like saying Lotus was as easy as counting 1, 2, and 3. Okay, the BlackBerry Presenter is not as difficult as Lotus 1-2-3, but it is not that simplistic to set it up. And then, once you have it set up properly, finding the “Present” button could be confusing.

So, what is the BlackBerry Presenter?

http://na.blackberry.com/eng/devices/accessories/presenter/

It is a little device, which is only slightly thicker than your BlackBerry, that enables you to display a PowerPoint presentation from your BlackBerry device to a projector or monitor. Your BlackBerry and the Presenter are connected via Bluetooth, similar to how you would connect your earpiece.

Installation

Although you may have better luck than I did, the web installer did not install the software on my BlackBerry. Now, in my opinion this really isn’t an issue because you can download the application and install it through the BlackBerry Desktop Manager. This was my method and it worked quite well.

The other software application you will need to download is the Presenter Manager, which really serves the primary purpose of updating the firmware on the Presenter device. Because this is a fairly new device, I would recommend trying to update the firmware.

Use

When I first got the device I manually paired it to my BlackBerry. After doing some testing, I figured out that you don’t need to take that step as the presenter application automatically tries to find BlackBerry presenters on the BlueTooth network when you select the Present option. The passcode for the BlueTooth device is display in the name.

Once you have the BlackBerry Presenter software on your BlackBerry, which you may find in the Downloads folder on your home screen, you will need a PowerPoint (.ppt file) presentation to display. Depending on your version of the BlackBerry Enterprise Server (BES), if you use one, you can open PowerPoint files in the Presenter software straight from your email.

Open the BlackBerry Presenter application on your BlackBerry, find a PowerPoint file, open it and choose “Present” from the menu. Use the wheel to scroll slides.

Comments

Where is the battery? It would be nice if the device was only slightly larger and had a good capacity battery.

Still isn’t as cool or quick as the iPhone and a Mac for presentations.

I have been looking for a solution to cleanly limit the output of a SharePoint list field. Most of the time I find solutions that I piece together to make my desired outcome. However, with FirstNWords and the StripHTML templates that Marc shared, there was nothing left to be desired.

For my implementation of his solution: at the beginning of my row template I added the xsl:variable tag, effectively stripping the HTML from the @SRDetails field and placing into $BodyText. Then where I wanted to display the output, I added the xsl:call-template tag for FirstNWords with the appropriate xsl:with-param values. The actual template code was placed directly below the row template, with the only changes being:

1. StripHTML: replace the < sign in the xsl:when to &lt; .
2. StripHTML: replace the other two signs (< and >) as Marc stated.
3. FirstNWords: replace the > signs in the first and second xsl:when to &gt; .

Awesome solution…thanks Marc.

-Aaron Gilbert

The Xerox LAN Fax Phonebook data is stored in the user’s My Documents folder. The file is named default.pb.

If you want to import into this address book, follow the link below:

http://www.office.xerox.com/support/dctips/dc00cc0114.pdf

-Aaron

So what is the solution? How about staging the files on the local hard drive prior to starting the installation? Your first thought might be a batch file or command script that uses xcopy – at least that was my first thought. However, xcopy assumes that your connection will not drop and that it is fairly fast. What happens when the user is remote and while copying the files the user disconnects from the Internet and Virtual Private Network (VPN)? The file copy process has to start over…

With robocopy, a Microsoft product, you can configure it to copy with resume capabilities. In addition, if you show the installation process to your users (different discussion), each file in the copy process displays its current transferred status (0-100%).

Getting RoboCopy

Robocopy is available for free from Microsoft as part of the Microsoft Windows Server 2003 Resource Kit Tools. The command line options are somewhat daunting, something you’d expect to see from the “grep –help” command in Linux. In this article we only use a small amount of the power that is Robocopy. For those that dislike command line tools, but still need the functionality of Robocopy, have a look at the GUI tools available for Robocopy.

• Utility Spotlight Robocopy GUI
• Utility Spotlight RichCopy

Simple Deployment Script (Adobe Reader)

Below is an example for deploying Adobe Reader to clients utilizing the Robocopy tool.

@ECHO OFF

rem Create log folder, just in case it does not exist
md C:\installer
md C:\installer\logs
md C:\installer\AdobeReader9.3.0

rem Bring down the files to the local drive
"\\installer\dist$\robocopy.exe" "\\installer\dist$\AdobeReader" "c:\installer\AdobeReader9.3.0" *.* /E /Z

rem begin installation
msiexec.exe /i c:\installer\AdobeReader9.3.0\AcroRead.msi TRANSFORMS=c:\installer\AdobeReader9.3.0\AcroRead.mst /qn /l*v C:\installer\logs\AdobeReader9.3.0.log

Robocopy Command Line Options

C:\>robocopy /?

-------------------------------------------------------------------------------
   ROBOCOPY     ::     Robust File Copy for Windows     ::     Version XP010
-------------------------------------------------------------------------------

  Started : Fri Feb 05 10:30:35 2010

              Usage :: ROBOCOPY source destination [file [file]...] [options]

             source :: Source Directory (drive:\path or \\server\share\path).
        destination :: Destination Dir  (drive:\path or \\server\share\path).
               file :: File(s) to copy  (names/wildcards: default is "*.*").

::
:: Copy options :
::
                 /S :: copy Subdirectories, but not empty ones.
                 /E :: copy subdirectories, including Empty ones.
             /LEV:n :: only copy the top n LEVels of the source directory tree.

                 /Z :: copy files in restartable mode.
                 /B :: copy files in Backup mode.
                /ZB :: use restartable mode; if access denied use Backup mode.

  /COPY:copyflag[s] :: what to COPY (default is /COPY:DAT).
                       (copyflags : D=Data, A=Attributes, T=Timestamps).
                       (S=Security=NTFS ACLs, O=Owner info, U=aUditing info).

               /SEC :: copy files with SECurity (equivalent to /COPY:DATS).
           /COPYALL :: COPY ALL file info (equivalent to /COPY:DATSOU).
            /NOCOPY :: COPY NO file info (useful with /PURGE).

             /PURGE :: delete dest files/dirs that no longer exist in source.
               /MIR :: MIRror a directory tree (equivalent to /E plus /PURGE).

               /MOV :: MOVe files (delete from source after copying).
              /MOVE :: MOVE files AND dirs (delete from source after copying).

       /A+:[RASHNT] :: add the given Attributes to copied files.
       /A-:[RASHNT] :: remove the given Attributes from copied files.

            /CREATE :: CREATE directory tree and zero-length files only.
               /FAT :: create destination files using 8.3 FAT file names only.
               /FFT :: assume FAT File Times (2-second granularity).
               /256 :: turn off very long path (> 256 characters) support.

             /MON:n :: MONitor source; run again when more than n changes seen.
             /MOT:m :: MOnitor source; run again in m minutes Time, if changed.

      /RH:hhmm-hhmm :: Run Hours - times when new copies may be started.
                /PF :: check run hours on a Per File (not per pass) basis.

             /IPG:n :: Inter-Packet Gap (ms), to free bandwidth on slow lines.

::
:: File Selection Options :
::
                 /A :: copy only files with the Archive attribute set.
                 /M :: copy only files with the Archive attribute and reset it.
    /IA:[RASHCNETO] :: Include only files with any of the given Attributes set.
    /XA:[RASHCNETO] :: eXclude files with any of the given Attributes set.

 /XF file [file]... :: eXclude Files matching given names/paths/wildcards.
 /XD dirs [dirs]... :: eXclude Directories matching given names/paths.

                /XC :: eXclude Changed files.
                /XN :: eXclude Newer files.
                /XO :: eXclude Older files.
                /XX :: eXclude eXtra files and directories.
                /XL :: eXclude Lonely files and directories.
                /IS :: Include Same files.
                /IT :: Include Tweaked files.

             /MAX:n :: MAXimum file size - exclude files bigger than n bytes.
             /MIN:n :: MINimum file size - exclude files smaller than n bytes.

          /MAXAGE:n :: MAXimum file AGE - exclude files older than n days/date.
          /MINAGE:n :: MINimum file AGE - exclude files newer than n days/date.
          /MAXLAD:n :: MAXimum Last Access Date - exclude files unused since n.
          /MINLAD:n :: MINimum Last Access Date - exclude files used since n.
                       (If n < 1900 then n = n days, else n = YYYYMMDD date).

                /XJ :: eXclude Junction points. (normally included by default).

::
:: Retry Options :
::
               /R:n :: number of Retries on failed copies: default 1 million.
               /W:n :: Wait time between retries: default is 30 seconds.

               /REG :: Save /R:n and /W:n in the Registry as default settings.

               /TBD :: wait for sharenames To Be Defined (retry error 67).

::
:: Logging Options :
::
                 /L :: List only - don't copy, timestamp or delete any files.
                 /X :: report all eXtra files, not just those selected.
                 /V :: produce Verbose output, showing skipped files.
                /TS :: include source file Time Stamps in the output.
                /FP :: include Full Pathname of files in the output.

                /NS :: No Size - don't log file sizes.
                /NC :: No Class - don't log file classes.
               /NFL :: No File List - don't log file names.
               /NDL :: No Directory List - don't log directory names.

                /NP :: No Progress - don't display % copied.
               /ETA :: show Estimated Time of Arrival of copied files.

          /LOG:file :: output status to LOG file (overwrite existing log).
         /LOG+:file :: output status to LOG file (append to existing log).

               /TEE :: output to console window, as well as the log file.

               /NJH :: No Job Header.
               /NJS :: No Job Summary.

::
:: Job Options :
::
       /JOB:jobname :: take parameters from the named JOB file.
      /SAVE:jobname :: SAVE parameters to the named job file
              /QUIT :: QUIT after processing command line (to view parameters).

              /NOSD :: NO Source Directory is specified.
              /NODD :: NO Destination Directory is specified.
                /IF :: Include the following Files.

Regardless, the 1.44MB limitation is irritating at minimum. Working with 1.44MB floppies today is almost as bad as working with old DOS programs in Windows 95 that can’t figure out how to use extended memory (above 640KB). It seems that many firmware updates are larger than a floppy, and if you try to fit it along with the bootable files, MSDOS.SYS et cetera, you’ll be quite unsuccessful. So, screw DOS boot disks – let’s make a Windows LiveCD!

BartPE

To ensure that everyone knows, Bart Lagerweij is the master mind, I am merely shareing my experiences with his exceptional work.

Go ahead and review Bart’s PE page. Download and install the latest PEBuilder application from that link. You should also review the licensing notice.

In this example we are going to create a Windows XP PE LiveCD. To get started you will need a Windows XP Professional non-OEM CD, which Bart’s pebuilder application will use to create the bootable LiveCD, and a blank CD for the final product.

Note: unless you have two CD drives, I would recommend copying the contents of your Windows XP cd to your hard drive.

Open Bart’s PE Builder and set the source to the location where the Windows XP files reside. Under media output, choose “Burn to CD/DVD”. Click on the Builder menu and choose “Build ISO/CD (F5)”.

Assuming you receive no errors during the build and burn process, you should now have a bootable Windows XP LiveCD.

-Aaron Gilbert

The script to accomplish this task ended up looking like this:

on adding folder items to this_folder after receiving added_items
  repeat with this_item in added_items
    set destpath to "/Volumes/[mount name]/[share]/" as string
    set datestring to ((year of (current date)) * 10000) + ((month of (current date) as integer) * 100) + (day of (current date)) as integer
    set destfilename to "thefile_" & datestring & ".pdf" as string
    set sourcepath to POSIX path of this_item
  end repeat
end adding folder items to

If you are familiar with Visual Basic, the “repeat with this_item in added_items” would be similar to “for each this_item in added_items”. This creates a single object (this_item) from the array of objects (added_items). The destpath is a variable of the location that we will write the final file, which in this case is a mounted server.

datestring

The date format was not as easy to accomplish as I would have expected, especially considering that AppleScript is supposed to simple to use with its English language type structure. To create a date of 20100101, I had to use traditional math starting with the current year multiplied by 10000, which would end up:

2010 * 10000 = 20100000

Next I needed to add the month in the appropriate location in the integer. This was accomplished by current month multiplied by 100, which would end up:

01 * 100 = 100

Add the month to the year integer and you have:

20100000 + 100 = 20100100

Finally, we need to add the day, which as you can imagine, needs no modification:

20100100 + 01 = 20100101

The final number is stored in the variable datestring.

sourcepath

After about 30 minutes of frustration, working with other avenues to accomplish the same task, I finally found an AppleScript example that used “POSIX path of”. Being that I am a native Windows guy, POSIX is fairly foreign to me, however, it is key to making sure the shell command, “mv”, works properly.

If you were to use:

set sourcepath to name of this_item

you  would get a path separated with colons, such as harddrive:Volumes:[mount name]:[share], which is clearly useless in a shell environment. So instead, we must request the POSIX path, which is the full path and file name of “this_item”:

set sourcepath to POSIX path of this_item

That is it…assign this script to a folder using the Folder Actions functionality of the Mac operating system.

-Aaron Gilbert

display dialog the [string variable]
  buttons {"Yes", "No"}
  default button 1
  with icon 1
  giving up after [(x) seconds]

To customize this, replace [string variable] with a string in quotes or a string variable name. The buttons array will let you define the text of each button, if you wanted only an “Ok” use {“Ok”}. The default button 1 defines which button is automatically selected. Giving up after (x) seconds will close the dialog automatically if the user does not respond.

set my_variable to text returned of (display dialog the [string variable]
  buttons {"Yes", "No"}
  default button 1
  with icon 1)

The above example allows you to use a “display dialog” as a user prompt, requiring some type of input that the remaining AppleScript can then process through logic, if, select, et cetera.

As you might have imagined, there are more options available for “display dialog”, including user input (text and multiple buttons). If you want more information on the “display dialog” method, check out this article on wikibooks.

-Aaron Gilbert