Query disabled user in Active Directory

Some times we need to use programing to generate something more faster, especially if you handling more than 100 records of data.

This time i need to query user that are disabled in Active Directory. Sure you can see it by search in Active Directory control pane, but i need it to be exported in csv so i can handle it in excell format for futher processing.

So here are the script to know who is disabled in Active directory and save it to a csv file.

Const ADS_UF_ACCOUNTDISABLE = 2 
  
Set objConnection = CreateObject("ADODB.Connection") 
objConnection.Open "Provider=ADsDSOObject;" 
Set objCommand = CreateObject("ADODB.Command") 
objCommand.ActiveConnection = objConnection 
objCommand.CommandText = _ 
    ";(objectCategory=User)" & _ 
        ";userAccountControl,distinguishedName;subtree"   
Set objRecordSet = objCommand.Execute 
  
intCounter = 0 
Do Until objRecordset.EOF 
    intUAC=objRecordset.Fields("userAccountControl") 
    If intUAC AND ADS_UF_ACCOUNTDISABLE Then 
        content = objRecordset.Fields("distinguishedName") & ",disabled" 
        writeToFile(content)
        intCounter = intCounter + 1 
    End If 
    objRecordset.MoveNext 
Loop 
  
WScript.Echo VbCrLf & "A total of " & intCounter & " accounts are disabled." 
  
objConnection.Close 

Function writeToFile(content)
    Const ForAppending = 8 'for logging
    Dim objFSO, objLogFile 'for logging
    fname = "c:\users\masterUser\documents\disabledUser.csv"
 Set objFSO = CreateObject("Scripting.FileSystemObject")
 Set objLogFile = objFSO.OpenTextFile(fname, ForAppending, True)
 objLogfile.WriteLine content
 objLogFile.Close
 set objLogFile = Nothing
 set objFSO = Nothing
    writeToFile = "success"
End Function

So you should expect your file in c:\users\masterUser\documents\disabledUser.csv

Hope this help someone like me.

 

Read More

Options list with angular.ui bootstrap

I recently need to generate an options list, which is queried before from database.
This is common practice in web / application development, where system provide the value for the options which is created by admin of the application.

So in angularJS all purely javascript, we can use for loop, but takes time. We are smart developer right?
Here how I did this using angular.ui.bootstrap component .


We assume the data will be :

var categories = ['red','green','blue'];

The data will be generated from your database. How to generate it using REST, is out of the topic for now.

And in the view :

  <select name="label" id="label" data-ng-model="article.label" data-ng-options="cat for cat in categories"> </select>

This will generate the select options :

<select >

  <options value=0> red</options>

  <options value=1> green</options>

  <options value=2> blue</options> 

</select>

The hardwork done by the data-ng-options directive of angular.ui.bootstrap.

This save around 15 minutes of coding I think, with just 1 line of code to generate the options, and plus it done in client side, the BROWSER. Not in server anymore mamen. Welcome to the real thin client distributed computing a.k.a Browser apps.

Your server only handle the database operation via REST api for more scalability.

Go to the next level, see you on other articles.

Read More

Windows Domain controller Demotion

I have a windows 2003 Domain controller. I have 3 of the DC from previous installation. Now I need to remove this domain, and I think need to do some clean up with proper way, cannot just shutdown the Domain controller. This is because the Domain Controller have child domain and it getting harder to remove.

I documenting the process in here for reference.

First in windows 2003 Domain we can have 5 role in 1 server or it called FSMO role. We need to check it belongs to which server and make sure it transfered correctly to other server before it will be the last server to remove.

First to check the role server have run this command :

c:\>netdom query /domain:domain.com fsmo
Schema owner                      server1.domain.com

Domain role owner                server2.domain.com

PDC role                               server1.domain.com

RID pool manager                  server1.domain.com

Infrastructure owner               server2.domain.com

Then we need to demote the server using dcpromo command.

1. Run DCPromo
2. Select if this server is the last domain controller in the domain
3. Enter your administrator password
4. Then wait until complete
5. Restart the server
6. Now server will be member of the domain if not the last domain controller

Then after complete, confirm again the domain FMSO using netdom if the role all transfered to other domain controller server.

Read More

NodeJS application Deployment

NPM Logo

Recently I prepare to deploy a NodeJS application for server side application. There are some dependency and prerequisite software to be installed, like mongoose lib, ExpressJS lib, and other lib in NodeJS environment.

To make this deployment easy, NodeJS come with NPM, which can install all the needed library from a single file called package.json . We just list all the dependency needed by the application, in development and in production environment. This makes life easier for programmer like us.

Here are some example of the package.json :

{
  "name": "AwsomeFaqSite",
  "version": "0.0.0",
  "dependencies": {
    "express": "~3.1.0",
    "path": "~0.4.9",
    "mongoose": "~3.5.5",
    "passport": "~0.1.17",
    "passport-local": "~0.1.6",
    "connect-memcached": "~0.0.3",
    "helenus": "*",
    "node-uuid": "*"
   },
  "devDependencies": {
    "karma": "~0.8.6",
    "grunt": "~0.4.1",
    "grunt-contrib-copy": "~0.4.0",
    "grunt-contrib-concat": "~0.1.3",
    "grunt-contrib-coffee": "~0.6.4",
    "grunt-contrib-uglify": "~0.2.0",
    "grunt-contrib-compass": "~0.1.3",
    "grunt-contrib-jshint": "~0.3.0",
    "grunt-contrib-cssmin": "~0.5.0",
    "grunt-contrib-connect": "~0.2.0",
    "grunt-contrib-clean": "~0.4.0",
    "grunt-contrib-htmlmin": "~0.1.1",
    "grunt-contrib-imagemin": "~0.1.2",
    "grunt-contrib-livereload": "~0.1.2",
    "grunt-bower-requirejs": "~0.4.1",
    "grunt-usemin": "~0.1.10",
    "grunt-regarde": "~0.1.1",
    "grunt-rev": "~0.1.0",
    "grunt-karma": "~0.3.0",
    "grunt-open": "~0.2.0",
    "grunt-targethtml": "~0.2.4",
    "matchdep": "~0.1.1",
    "grunt-google-cdn": "~0.1.1",
    "grunt-ngmin": "~0.0.2"
  },
  "engines": {
    "node": ">=0.8.0"
  }
}

We define the package name of our application which is AwesomeFaqSite , version, and the dependencies of the application. Then we just install all in the new server with just running

  npm install

The npm will look for package.json for default, and install all the application defined in the package.json .
All the required lib will be installed under the same directory level under node_modules directory.

From my experience with other programming language, this npm method is the easy and fastest way to deploy new development or production environment.

Bravo NodeJS community and the Npm developer. in Python world there are pip install and pyenv which look like npm method.

Hope this help someone like you who read this post.

Leave a comment and let me notice your visit.

Read More

AngularJS and ExpressJS Basic Auth

So I have successfully implement the Basic Authentication method with AngularJS as frontend , and using ExpressJS as my REST service provider.

Lets dig in the specification first which are :

1. The client will have to sent the Basic authentication header in every XHR request
2. The XHR request will be using the factory $resource in AngularJS
3. The REST service will need to check the Authentication header in every request
4. If no authentication header available, it will response with 401 code
5. If the authentication header available, check against user database, if not match response with 401 code
6. If credential match, continue with next operation
7. The check will be implemented as a middleware to every request

 First, here are the angular code :

Here are the factory User in services/user.js :

'use strict';

angular.module('userServices', ['ngResource'])
  .factory('User', ['$resource','globalData',function ($resource,globalData) {
    // Service logic
    // ...
    // Public API here
    var url = globalData.getApiBaseUrl();
    return $resource(url + '/user/:id/',{id: '@_id'},
      {update: {method:'PUT'}

      }
    );
  }]);

Here are the globalServices, in services/globalData.js

angular.module('globalServices', [])
  .factory('globalData',['$cookieStore','$http', function ($cookieStore,$http) {
   getAuthToken: function () {
        var auth = window.btoa(this.getUser()+':'+this.getApikey()); //inject the user and password/apikey here
        $http.defaults.headers.common['Authorization'] = 'basic '+auth;
        return ;
      },

}]);

And in every controller you have call the method to inject the header. here are UserCtrl in controllers/user.js :

angular.module('myapp')

 .controller('UserCtrl',['globalData','User', function (globalData,User){

      var q = globalData.getAuthToken();

      $scope.user = User.query(q);
}

With this, everytime angular request data to REST server, there will be authentication header which you will get from login before or you have it in your config.

And now in the server , we process the request header in every request which we want to authenticate before processing.

In express, we use module for code organization, and we put it in authapi.js module :

var User = require('../models/users');

module.exports = {
  checkApiAuth: [
    /* This work as middleware , before all controller run this will run
     * will check the user & api query param to db
     * if they are correct, will be found in db
     * if not found, will send 401 / unauthorized
     * since 9 June 2013
     */
    function (req, res, next){
      var header=req.headers['authorization']||'',        // get the header
       token=header.split(/\s+/).pop()||'',            // and the encoded auth token
       auth=new Buffer(token, 'base64').toString(),    // convert from base64
       parts=auth.split(/:/),                          // split on colon
       username=parts[0],
       apikey=parts[1];
       console.log('headers :'+header+' : '+ username+':'+apikey);
       if (!username || !apikey){
        res.send(400);
      }
      else{
         //process to check the database info

            if (apikey === db.apikey){
              return next(); //here we will process next function called in routes module
            }else{
              res.send(401);
            }
      }
  }]
} 

And to use it in every request, add it in router module of your expressjs application.
Here are ./routes/user.js

/*
 * User Routes
 */

var userCtrl = require('../controllers/users');

module.exports = function(app, apiAuth ){
    //API exposed
    app.get('/api/user', apiAuth.checkApiAuth, userCtrl.getList);
    app.post('/api/user',  userCtrl.createWApi);
    app.put('/api/user/:id',apiAuth.checkApiAuth, userCtrl.update);
    app.get('/api/user/:id', apiAuth.checkApiAuth, userCtrl.read);
    app.delete('/api/user/:id', userCtrl.delete);
}

And in the app.js for expressJS initialization add :

  var apiAuth = require('./lib/authapi');

  require('./routes/user')(app,apiAuth);

Read More

Authentication in REST Service

Today I try to make authentication working in accessing REST services. I use ExpressJS to server the REST service, of course with NodeJS.

There are some options I found to be interesting and to be considered and I will share and Document it in here. Hope this will be useful for other programmers out there.

There are 2 options I explore to make authentication :

1. Include the authentication information in the query url.
   For example, http://api.myservice.com/api/v1/tweet/?user=themaster&apikey=9294023984987249
   This is the easiest way to generate in any application and is common in all web application
2. Include the authentication information in the HTTP request Header.
   With this method the credential will be available in the request header from client. This one need some digging and knowledge to generate the HTTP header. For example :
   

   1. Accept:
      application/json, text/plain, */*
   2. Accept-Encoding:
      gzip,deflate,sdch
   3. Accept-Language:
      en-US,en;q=0.8
   4. Authorization:
      basic bXVsaWFudG86YmEzMWRkNGNkZTRjNGNhMzRhMGMyODMyZDJjZDQxZTU1NmM0YWRiMg==
   5. Connection:
      keep-alive

With these options, there are some good and bad included in the implementation. Lets dig more into it and analyze it based on our needs.
First, consider caching by the public cache. If your url contain query parameter, it will not be cached. So the first options will be not benefit from public cache server which usually available near the user provided by the ISP provider or company infrastructure or local cache.
With the second option, there will be no query parameters in the url, so any HTTP Get operation will benefit from caching.

Second, consider the security, you must use HTTPS if you don't want any one who can analyze traffic get your credentials. If you got your REST service a HTTPS , then this is ok. no need to think about Man in The Middle attack.
Also with the second options, actually you still have security issue, because the authorization encoding only using Base64 method which can be generated back to plain text. But with this, at least your credentials not shown up in the URL wildly.

So with this finding, I consider to use the second options, which is using HTTP Request Header Basic Authentication. But I wont use the challange response method to the user requesting, because the request will come from a XHR ajax request. So just return 401 if the authorization header is not there or not match.

If you want your user input the credentials, just challange the request with WWW-Authenticate HTTP HEADER response.

And also we will got cleaner URL without the query parameter exposed to blind eye scanning the HTTP request.

Next I will post the code to do this basic authentication in server and in AngularJS application.

Stay Tuned.
 

Read More

Cassandra DB for High Availability

Cassandra DB Logo

I am looking for a database which will eliminate headache when the data growing and when need to scale the server. I want to be able do scaling Horizontal easily and with any size of physical server. Also want to have added capacity as I add new database node to the cluster. Is this possible with old school relational database like Oracle, MSSQL, MYSQL, PostgreSQL .

From my experience even using vendor supported database, the solution will be dump more money to your machine, which is add processor and bigger RAM. With increased data let say 4 years of working data, you will get performance hit when query data from your database. How much you can add to a physical machine.

I have testing some of database with the above mentioned options, like MonggoDB , CouchDB, Cassandra.
The one I have play with is MonggoDB which is easy to work , with javascript application like NodeJS , because the data output already in JSON, which common usage in javascript world.

I also test Cassandra, and quite need more effort to know because the concept is different, using Column value , as document database in MonggoDB.

What I need is a database that can easily to scale and can handle all the load when the demand are increasing. I tie the Database with REST API service as the backend interface to application. The Front End will be using Single App javascript using AngularJS.

With this, I separate the Data service with the front end. In the end the front end can be an mobile app consuming my REST API with Cassandra DB as persistence storage.

Later I will post my finding when using Cassandra DB as my notes here in development.

Read More

Using WMI In windows environment

In windows, there are some tools provided by Microsoft called Windows Management Instrumentation (WMI) . Its a service which included in windows server to access the magic in the server, like processor, disk status, network status, OS, software installed and other low level information to windows.

It is available in Windows XP, windows 7 , Windows server 2003 and up. But in windows server 2003 the WMI is not installed by default. You should install the WMI provider.
To install manually go to control panel >> add remove programs >> add/remove windows component >> management and monitoring tools >> WMI Windows Installer Provider

With the WMI installed, we can query the OS locally or from remote machine using VBScript. This is handy for network admin, system admin who want to know the status of their server automatically by script access.
Actually many monitoring application utilize this service. If you can do programming, you can build a product from the service.

I will give some example that i have to query the os and the application installed in the server. Here are scanner.vbs

strComputer = "server1"

Set objFSO = CreateObject("Scripting.FileSystemObject")

Set objWMIService = GetObject("winmgmts:" _
 & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")

Set colOSes = objWMIService.ExecQuery("Select * from Win32_OperatingSystem")
   
For Each objOS in colOSes
    strFileName ="c:\Microsoft_Installations\"& objOS.CSName & "_Microsoft_Installation.xls"
    hostname=objOS.CSName
    os=objOS.SerialNumber & " " & objOS.Caption & " " & objOS.Version & " " &       objOS.ServicePackMajorVersion & "." & objOS.ServicePackMinorVersion
    install_date=objOS.InstallDate

Next


Set objFilei = objFSO.CreateTextFile(strFilename, True)
objFilei.WriteLine os & vbtab & _
install_date

objFilei.Close

The script will create a file defined in strFileName and get a OS information with serial number and the OS Version.

Hope this help someone who need scripting with Windows WMI.

Read More

Do we need caching in AngularJS

Angular JS

Do we need caching in Angular JS ? Caching in a Web based application can dramatically improve the performance and application loading. But it also hard to to invalidation. With Ajax application like AngularJS, I thinking about do we need cache the ajax response from REST api backend.

After some reading and search about web caching, from Web Caching for the credits, I conclude that no need to do the cache in tha application logic. Why ? Because HTTP1.1 have caching method and cache invalidation, and every modern web browser comply to it. The only problem need to tackle is the REST server configuration to make the REST api cache friendly.

Base on HTTP1.1 draft , cache described as  A program's local store of response messages and the subsystem that controls its message storage, retrieval, and deletion. A cache stores cacheable responses in order to reduce the response time and network bandwidth consumption on future, equivalent requests. Any client or server may include a cache, though a cache cannot be used by a server that is acting as a tunnel.
Most developer want to use cache in the application logic is to improve the performance and spare the database server work, and also to save bandwidth use to request the data. Of course my aim to use Cache is to make performance improvement in the application loading and ease the server burden to process the same data again and again.

I test my AngularJS SPA web application which fully ajax, and request all data come from a backend API via REST service. The result is when the user first load the data, the request is served from the REST services. And after the second request, it served from the local client cache of the web browser. This of course satisfy the need to make application load faster and ease the server workload.

But, the web browser still need to make a connection to the REST api server to check the validity of the cache, and do some invalidation if needed. But no data transfer taken place, the response just 304 Not Modified , which means the data not changed and you can serve it from your local cache. This is valid for proxy server cache and other cache machine out there which comply with HTTP1.1 specification.

And for the invalidation, when I do POST method to the url, the GET method will be refreshed by the cache, so invalidation is done without single line of code. This is also work with DELETE and PUT method, as long as using the same URL resource , like http://www.myserver.com/api/article and use different method on it.The cache of a resource will be invalidated if there are POST method action to the same resource. This why also we need to follow RESTFULL standart for cache friendly API.

And the time needed to check the cache validity to server only takes about 50ms or more depend on your server. This is just a great way to leverage the cache infrastructure already deployed out there in the internet, especially the Web Browser technology. No need to add cache logic in your app and got mess with cache invalidation. Just let the browser and cache machine out there to handle the cache, as long as your server is cache friendly.

This is not the same with standart web application which reload every time user request a page, because the server need to generate the content again, like get from database, process the template and others job before request sent to web browser.

But doing caching inside an application is a not easy task. I have been there with PHP, and Django especially using Memcache. It is fast, but need to maintain the cache state.

So I will not to use caching in the angularJS code, just let the HTTP1.1 caching mechanism do it. I have try the $cacheFactory method, and can do the cache and not to check the API server for the validation, but the invalidation is just a more coding works. Maybe for other purpose will use these cache method.

Happy Coding.

Read More