Connecting to SMB DFS Share from non domain-joined Linux Machines

Please reference the Microsoft documentation on this, short names will not work:

Client computers must be members of a local or trusted domain before they can access a domain-based namespace by using the format \\NetbiosDomainName\RootName. If clients are members of a workgroup or an untrusted domain and can resolve DNS names, they can access domain-based namespaces by using the format \\DNSDomainName\RootName. For information about how clients determine the list of trusted domains, see “DFS Physical Structures and Caches on DFS Clients.”

Citrix Group Policy Not Applying

Eventvwr error: Windows could not record the Resultant Set of Policy (RSoP) information for the Group Policy extension <Citrix Group Policy>. Group Policy settings successfully applied to the computer or user; however, management tools may not report accurately.

Solution: Deleting all sub folders and files under C:\ProgramData\Citrix\GroupPolicy on the problematic XA server can resolve the above warning message.

Citrix Print Spooler Crash and Fixit 9829711

A corrupt Citrix print spooler keeps causing spoolsv.exe to crash.  A full reset of the spooler is required. Unfortunately, Fix It #9829711 is retired. Fortunately, gracious github user jdickson289 has created a powershell replacement for both the light and full options. This can be found here: Print-Reset-Tool.

Also zipped up here for convenience.

XenApp 6.5 on Server 2008 R2 does not allow RDP Connections after a Hard Reboot

I recently observed some strange behavior on a Citrix XenApp 6.5 application server. After some piece of software crashed on this server (still working on this, perhaps csrss.exe contention), I was not able to establish an RDP session to this box. While looking at this server from the Citrix AppCenter, I saw that all 35 sessions were listed as DISCONNECTED. I could not connect from the console or RDP, just the command line. Instead of trying to kill these existing disconnected sessions from the command line, I hard-rebooted this server.

This was a mistake. When the server came back up I could now connect at the console and with SCCM, however I could not RDP to the server. Every time I started an RDP session to the server, the mstsc client would authenticate then immediately close out. It would flash a correctly-sized RDP window momentarily than just disappear and close out.

After troubleshooting for a few hours, I noticed the output of the qwinsta command:

C:\Users\msp>qwinsta /counter
 SESSIONNAME       USERNAME                 ID  STATE   TYPE        DEVICE
 services                                    0  Disc
 console                                     1  Conn
 ica-tcp                                 65536  Listen
 rdp-tcp                                 65537  Listen
Total sessions created: 1
Total sessions disconnected: 6
Total sessions reconnected: 0

The “Total sessions disconnected” counter would increment every time I attempted to connect. At least now I knew the RDS services were not crashing, and were actually servicing my requests. I was also seeing various eventlog errors about Citrix HealthMon not allowing this server to accept new connections:

windows event vwr log showing citrix health mon errorAfter doing some more digging, I found this excellent article here. It looks like similar issues, which lead to me finding the Citrix ICA Session registry key (HKLM\Software\Citrix\ICA\Session):

regedit opened to citrx ICA Session keyFrom here, I could see all the disconnected sessions that existed on the server before it was hard-rebooted. Citrix did not have a chance to clean this up. I deleted and recreated the Session key. Make sure to re-add permissions for the NT SERVICE\TermService account to read and write to this key. After doing this, I was immediately able to RDP back into this server. It seems as though something in Citrix was still looking at this key to determine either some kind of load balancing or licensing and causing the sessions to disconnect. I believe that if I was able to manually force a high session number I would’ve been able to create a new RDP session.

Powershell for Parsing Logon and Logoff events from Windows Security Logs

$outputfile = @()
$ID = 4624,4634
Get-ChildItem -include *Security*.evtx, Archive*.evt, Archive*.evtx -Path C:\Windows\System32\winevt\Logs -recurse |
ForEach-Object {
"Parsing $($_.fullname)`r`n" >> .\Logging.txt
Get-WinEvent -FilterHashtable @{path=$_.fullname;logname='Security';ID=$ID; data='S-1-5-21-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXXXX-XXXXX'; ProviderName='Microsoft-Windows-Security-Auditing';} -EA Stop >> .\Logging.txt
Catch [System.Exception]
"No logon events in current log" >> .\Logging.txt

The code above will run through Windows Log directory (C:\Windows\System32\WinEvt\Logs\) and search Security logs for any Logon and Logoff Event IDs. This can easily be modified to search other evtx logs for any ID, just edit as necessary.

Precise Radio Scheduling with DD WRT

As many people know, the DD WRT firmware can turn your standard Linksys/Buffalo router into a powerful networking device. One of the advantages of running a Linux based firmware on your device is the ability to take advantage of the many programs that are provided in a Linux environment. The cron service will allow you to schedule the operation of the wireless radio with more options than the effective yet limited GUI system. The GUI system only allows you to turn the radio on and off on the hour, rather than 15 minutes to, or 10 minutes after. We can use the cron service to make up for this lack of granularity:

Step 1: Disable the web GUI’s radio scheduling (Wireless -> Advanced Settings -> Radio Time Restrictions)


Step 2: Next, move over to the Administration -> Commands tab, and paste your cron schedule into the text box. This configuration creates a schedule that turns the radio on and off at different times depending on the day of the week. From Monday to Thursday, the radio is active from 9:30AM to 8:45PM. On Fridays, it is active from 9:30AM to 5:45PM, on Saturdays it is active from 9:30AM to 4:45PM; it remains off on Sundays. This is useful for a public hotspot that you would like to restrict access to off hours. Note, this command ‘echoes’ the actual cron table into the cron directory. You must click the “Save Startup” button so these commands run everytime your router boots, otherwise the /tmp/ directory will be cleared out on every reboot and no crontab will exist.

echo '30 09 * * 1-4 root /usr/sbin/wl radio on' > /tmp/cron.d/wlanonoff
echo '45 20 * * 1-4 root /usr/sbin/wl radio off' >> /tmp/cron.d/wlanonoff
echo '30 09 * * 5 root /usr/sbin/wl radio on' >> /tmp/cron.d/wlanonoff
echo '45 17 * * 5 root /usr/sbin/wl radio off' >> /tmp/cron.d/wlanonoff
echo '30 09 * * 6 root /usr/sbin/wl radio on' >> /tmp/cron.d/wlanonoff
echo '45 16 * * 6 root /usr/sbin/wl radio off' >> /tmp/cron.d/wlanonoff

It seems necessary to power off the router for about 30 seconds and then reboot it, otherwise unexpected results may occur.

For more information on Cron and the DDWRT firmware, check out the DDWRT wiki’s cron article. For a list of available wireless radio commands, look here.

Enable GDM on OpenSUSE VNC

OpenSuSE as viewed from a Vista box
OpenSuSE as viewed from a Vista box

OpenSUSE is a different beast than the FreeBSD I know and love. It seems that in order to run the Desktop Environment of your choice, you do not edit the /home/.vnc/xstartup file. That would be too easy… It seems that Gnome runs its own implementation of VNC; it uses vino-server for remote desktop services. This is evident if you run a netstat -ap – check it out:


Anywho, it seems that the easiest way to configure this is to utilize the “Remote Desktop” applet included in SUSE’s application browser and Control Center. This will allow you to run a GDM desktop over VNC. It seems that this vino-server takes control over the gnome-session manager, and will not let other programs execute it. Good luck!

Finalizing BASH install on FreeBSD

So you’ve installed the BASH binaries, and set your shell to /usr/local/bin/bash, but still can’t seem to find the rc files for your beloved shell? If you are setting up a user to use the BASH shell, it will start up with default settings. You must:

  • Copy the .bashrc, .bash_profile, and .bash_logout files from /usr/compat/linux/etc/skel/ to the user’s home directory.
  • The skeleton .bashrc file looks for the bashrc script in /etc. You can copy a skeleton bashrc script from /usr/linux/compat/ to /etc, or wherever your heart desires, just make sure you modify the .bashrc script to look in the correct location!

Have fun!

After recently playing around with dial modem access, I came across the website. This website offers free UNIX shell accounts, which is nice, as you can play around with a real production UNIX system. Registration is simple; and breaking out of the menu system into a shell is easy as pie. The one thing I noticed is that a lot of users have not locked down their home directories, allowing almost anyone to read and execute the contents. Note the directory listings in the following picture:

arbor2Granted, most people wont be storing anything important on these accounts, and anyone with root access (which could be anyone) has your files. However, why risk it? Remember to run chmod 0700 on your home dir!