Jan 10

Dynamic Objects in Active Directory

Sometimes we need to create users/groups/computers in Active Directory that will be used temporary (by a contractor, for testing etc.). The typical workflow is: Create > Use for a while > Delete. The deletion is manual and often these objects are being forgotten which poses some security risks.

It is little known fact that we can create the so called Dynamic objects (DOs, a.k.a. temporary objects) that get deleted from AD automatically when the associated TTL expires. Microsoft added this capability in Windows Server 2003. In fact the “Dynamic object” is an auxiliary class (OID = When linked to an object it adds some new attributes like the entryTTL (Entry-TTL) and ms-DS-Entry-Time-To-Die attribute.

Continue reading

Jan 05

WinRM would not listen on port 5985

The WinRM was configured to allow remote administration via a GPO but it wouldn’t let us connect with Enter-PSSession. The firewall rule was there passing the traffic on TCP port 5985.

Checking WinRM config showed something strange:

Listener [Source=”GPO”]
Address = *
Transport = HTTP
Port = 5985
Enabled = true
URLPrefix = wsman
ListeningOn = null

So WinRM was actually configured but wasn’t listening on any network interface. Why?

Continue reading

Jan 03

What is Add-PrinterDriver actually used for?

As of Windows 8.1 / Server 2012 R2 there is one beautiful cmdlet -Add-PrinterDriver. It dramatically simplifies driver/printer installation.

Naturally you will be tempted to install a driver from an .inf file like this:

But you will be blamed:

So it does not work as you/we may think. Sigh… So then what it is used for?

Continue reading

Dec 30

Running Linux on Windows 10


Often developers and related OPs need to test stuff on Linux (web, cli, .NET Core etc.). The typical approach was to spin up a Virtual machine (VM), install and configure a Linux distro and play with it.

Main Cons include: you need a hyper-visor software, enough RAM, fast hard drive, to fight with basic operations like cope-paste text and files between machines etc.

Well, good news! As of the Anniversary Update Windows 10 supports the so called “Windows Subsystem for Linux” (WSL). It allows you to run natively* most of the non GUI Linux stuff**on Windows without the overhead of a virtual machine.

Continue reading