Brad Rutkowski's Blog

Using invoke-command to launch a script on a remote computer which connects to network resources.

First, I found the details here. Second, things can change as this is being done with the CTP for Powershell 2.0 Third, if you don’t know about remoting in 2.0 watch this 5 minute video. Then read this. Whew. Backstory: You might find yourself in a situation where you want to…

Kernel stack not resident (Using .pagein)

You might find yourself debugging an issue and a thread you are interested in is paged out. Here’s the steps to use to page in the stack for the kernel side and user side… Be careful when doing this on a live machine that you want to release after debugging as paging in certain section…

What do you say you DO here?

Just noticed the AD jigsaw poster has been updated for 2k8. So next time your boss asks you “What do say you do here?”, don’t reply with I’m a people person! Do the following: 1) Download one of the jigsaw posters from http://www.microsoft.com/downloads/details.aspx?FamilyID=c2b9e44e-0bbd-47cb-bc09-b3d48be7f867&DisplayLang=en 2) Print out on plotter 3) Give to boss 4) Ask for…

These are a few of my favorite things… (Part 1)

Just wanted to list out some of the tools I use on a daily basis and some of the more common parameters I use with each. I’ve been doing enterprise wide administrative support for a while so these should come in handy to someone in the same role. EventcombMT.exeDownload eventcomb here. This tool has some…

Solution for: A security package specific error occurred

For me the issue was happening with Powershell and Get-Winevent, but it could happen with any number of actions. In my instance the problem occurs when we were using a cross-forest single sign-on account to manage multiple Active Directory forests. In this case if there are multiple computer accounts with the same name in play and one of those…

Some useful debugging commands

All of these are for kernel mode, these are just commands I use often that don’t troubleshoot a particular problem, but are helpful in getting a general picture of the system. If you have a specific issue you’re trying to understand, drop a note and I’ll see if there is a command to help you…

Stuff to check out for Windows 2008

Just got released yesterday: X86: http://www.microsoft.com/downloads/details.aspx?FamilyID=9ff6e897-23ce-4a36-b7fc-d52065de9960&DisplayLang=en X64: http://www.microsoft.com/downloads/details.aspx?FamilyID=d647a60b-63fd-4ac5-9243-bd3c497d2bc5&DisplayLang=en Overview Microsoft Remote Server Administration Tools (RSAT) enables IT administrators to remotely manage roles and features in Windows Server 2008 from a computer running Windows Vista with SP1. It includes support for remote management of computers running either a Server Core installation or the full installation option…

2 things: Tell if a server is server core remotely. Tell if a server is a VM remotely. (C#)

I’ve been messing around over the last week making a tool that will frisk a remote machine. It’s been a fun project, a couple of items I got hung up on were if the machine was server core and if it was a VM. I mean who would knowingly TS to a server if…

Unable to remotely manage a Server Core machine (MMC, WMI, Device Manager)

I’ve been seeing a lot of churn internally and externally about installing a role on a server core machine and then trying to connect to it remotely only to find that the remote server core machine won’t allow you to connect. Remote Management: To allow remote management of a server core machine run this locally on the…

Taking a circular netmon capture from the command prompt

You’ve probably heard that netmon3.1 is out, but you might not know that you can easily launch a capture at the command prompt. I find this useful when we’re waiting on a repro, we want a capture, but we don’t know when that’s going to happen. Sure you could set this up in the GUI…

Follow Us