EventTriggers

http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/eventtriggers.mspx?mfr=true

• /create - is used to create an event trigger,
• /delete can be used to delete the trigger
• /eid - is the event id number you wish to track
• /tr - is the name you would like to give to the event trigger
• /ru - is the user name to run under userdomain or user@domain.com are both acceptable
• /rp - is the user password
• /tk - is the action you would like performed when triggered

• /query - a list of event triggers

How to set event log security locally or by using Group Policy in Windows Server 2003

http://support.microsoft.com/kb/323076/en-us
http://social.technet.microsoft.com/Forums/zh-TW/winserverzhcht/thread/eda758fa-8841-4d64-9edb-5b798d99600d/

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Security
對CustomSD點兩下後,在最後面加上下面一行

(A;; 0x1;;;UserSID)

A=Allow

D=Deny

1 = 讀取
2 = 寫入
3 = 讀取+寫入
4 = 清除

7 = 讀取+寫入+清除

LogParser -- (2)

How do I retrieve the event logs that have been logged in the past 10 minutes?

You need to use the SUB function to subtract 10 minutes from the current UTC timestamp returned by the SYSTEM_TIMESTAMP function, and convert this timestamp to local time using the TO_LOCALTIME function:

SELECT *
FROM System
WHERE TimeGenerated >= TO_LOCALTIME( SUB( SYSTEM_TIMESTAMP(), TIMESTAMP( '10', 'mm' ) ) )

LogParser -- (1)

logparser "SELECT * FROM Application.evt"
Task aborted.
Cannot open <from-entity>: Error opening event log "\\?\C:\Application.evt": The event log file is corrupted.

Statistics:
-----------
Elements processed: 0
Elements output:    0
Execution time:     0.61 seconds

Solution:

wevtutil epl application.evt application.evtx /lf:true

wevtutil export-log application.evt application.evtx /lf

wevtutil [{el | enum-logs}] [{gl | get-log} <Logname> [/f:<Format>]]
[{sl | set-log} <Logname> [/e:<Enabled>] [/i:<Isolation>] [/lfn:<Logpath>] [/rt:<Retention>] [/ab:<Auto>] [/ms:<Size>] [/l:<Level>] [/k:<Keywords>] [/ca:<Channel>] [/c:<Config>]] 
[{ep | enum-publishers}] 
[{gp | get-publisher} <Publishername> [/ge:<Metadata>] [/gm:<Message>] [/f:<Format>]] [{im | install-manifest} <Manifest>] 
[{um | uninstall-manifest} <Manifest>] [{qe | query-events} <Path> [/lf:<Logfile>] [/sq:<Structquery>] [/q:<Query>] [/bm:<Bookmark>] [/sbm:<Savebm>] [/rd:<Direction>] [/f:<Format>] [/l:<Locale>] [/c:<Count>] [/e:<Element>]] 
[{gli | get-loginfo} <Logname> [/lf:<Logfile>]] 
[{epl | export-log} <Path> <Exportfile> [/lf:<Logfile>] [/sq:<Structquery>] [/q:<Query>] [/ow:<Overwrite>]] 
[{al | archive-log} <Logpath> [/l:<Locale>]] 
[{cl | clear-log} <Logname> [/bu:<Backup>]] [/r:<Remote>] [/u:<Username>] [/p:<Password>] [/a:<Auth>] [/uni:<Unicode>]

Event Collector is managed with a command-line tool, Windows Event Collector Utility (Wecutil.exe).

How to move user Databases

The procedures in this topic require the Logic name of the database files. To obtain the name, query the name column in the "sys.master_files" catalog view.
>select * from sys.master_files

To move a data or log file as part of a planned relocation, follow these steps:

1. Run the following statement.
>ALTER DATABASE database_name SET OFFLINE;

2. Move the file or files to the new location.

3. For each file moved, run the following statement.
>ALTER DATABASE database_name MODIFY FILE ( NAME = logical_name, FILENAME = 'new_path\os_file_name' );

4. Run the following statement.
>ALTER DATABASE database_name SET ONLINE;

5. Verify the file change by running the following query.
>SELECT name, physical_name AS CurrentLocation, state_desc FROM sys.master_files
WHERE database_id = DB_ID(N'<database_name>');

mbralign options of NetApp

mbralign --sparse /vmfs/volume/"Datastore"/"Virtual Machine"/"Virtual Machine"-flat.vmdk

Options:

   --sparse                 The resulting file will be sparse.  This option is designed for NetApp NFS based datastor                            es.

   --force                  The default behavior is to skip properly aligned disks.

                            The --force option can be used to override this. (Useful for migrating and making sparse)                            .

   --bs=n                   Use n as the block size (specified in kB).  n must be one of (8, 16, 32, 64, 128, 1024).                             The default is 8.

   --preview                Show what would be done, then exit.  No changes are madeto the file.

   --quiet                  Only print warnings and errors (no other status isprinted to screen).

   --debug                  Print debug comments.

   --help                   Print usage.

   --thereAreNoVmSnapshots  Suppress the warning message about snapshots and answer YES to the question of whether to                            continue.

Cloning and converting virtual machine disks with vmkfstools

vmkfstools -i <input> <output> -d <format>

Convert HD type to thin-provision
1. SSH to VM host.
2. Shutdown the virtual machine.
3. vmkfstools -i "guest.vmdk" "new_guest.vmdk" -d thin
4. Add new HD and point to the "new_guest.vmdk" under "Edit setting"
5. Power-on the virtual machine.
6. Delete the "guest.vmdk" file.

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1028042

Hotkey for MacOS

Hotkey for Mac OS：

• Power-off screen：Shitf + Ctrl + Eject
• Hibernate：Command + Option +Eject
• Reboot：Ctrl + Command +Eject
• Shutdown：Ctrl + Option + Command +Eject
• Logout：Shift + Command + Q

How to increase HD size for Windows XP guest in ESXi

1. SSH to VM host.
2. Power-off the guest.
3. vmkfstools -X xxG /vmfs/volumes/"Datastore"/"VM guest"/"VM guest".vmdk
4. Power-on the guest.
5. Use GParted to extend the size for the filesystem of virtual machine.

WSUS offline update

WSUS offline update

微軟更新離線安裝檔下載工具，支援Windows 7及2008 R2，只要勾選要下載的更新項目，就會將檔案儲存於「client\wsus」資料夾，還可以勾選下載完畢時自動打包成ISO檔，或者複製到USB或某個資料夾。

Backup software -- Freeware

YadisBackup

Yadis is a free and easy backup application that protects your private information within minutes. It's intuitive design will guide you through a few steps, and before you know it, your personal data is brought in safety.

When you use a backup-tool, it's often a hard job to learn to know all of the features. And when you've finally managed to understand every possibility of that tool, you realize it's not just that what you wanted.

That's why we've created Yadis Backup. Take a look around and discover all of it's advantages...

• It's FREE
• It's small
• It's easy to use
• You can fully decide what to backup
• It copies one on one your files to allmost any destination you want
• You don't need Yadis! Backup to access the backed-up files
• The marked folders are backed-up real-time (no scheduling needed!). You make a change? Yadis! Backup makes a backup
• When your backup destination isn't available, Yadis! remembers the changes you have made. Whenever the location becomes available Yadis! starts backing up the changes.

How to list the password of all domian users will be expired in xx days

Requirement:netpwage

1. netpwage.exe /? ==> get more detail syntax
2. netpwage.exe /USERS /DOMAIN:xx /MIN:180 ==>List the users whose password  is at least 180 days old.

Exchange2003 自動郵件通知密碼將到期的使用者

參考來源 http://japlinchen.wordpress.com/


' exch-pwd-expires.vbs
'
' Alan.Zhou
' Jun 26, 2007
'Email: alan.zhou@hi-p.com
'
' This program scans all users in the AD,for users whose passwords have either
' already expired or will expire within DAYS_FOR_EMAIL days.
'
' An email is sent, using CDO, via the SMTP server specified as SMTP_SERVER to the
' user to tell them to change their password. You should change strFrom to match
' the email address of the administrator responsible for password changes.
'
' You will, at a minimum, need to change the SMTP_SERVER,  and the STRFROM constants.
' If you run this on an Exchange server, then SMTP_SERVER can
' be "127.0.0.1" - and it may be either an ip address or a resolvable name.
'


 'Option Explicit


 ' Per environment constants - you should change these!
 Const SMTP_SERVER  = "192.168.0.x"
 Const STRFROM   = "Administrator@YourDomain.com"
 Const DAYS_FOR_EMAIL  = 5


 ' System Constants - do not change
 Const ONE_HUNDRED_NANOSECOND    = .000000100   ' .000000100 is equal to 10^-7
 Const SECONDS_IN_DAY            = 86400
 Const ADS_UF_DONT_EXPIRE_PASSWD = &h10000
 Const E_ADS_PROPERTY_NOT_FOUND  = &h8000500D


 ' Change to "True" for extensive debugging output
 Const bDebug   = True
 Const ForWriting = 2
 Const ForReading = 1
 Const ForAppending = 8
 Const TristateUseDefault    = -2


    ' 簡單註記 by Japlin on 2010.12.22
 ' ================================================================================
 ' 使用者帳號      ： Mid (objUser.Name, 4)
 ' 使用者郵件帳號  ： objUser.userPrincipalName
 '                 {  UPN=系統主體用戶，是系統用戶以完整的電子郵件格式書寫的名稱 }
 '                 {  如：name@domain.com, Email.Name@emailAddress.com }
 ' 使用者登入名稱  ： objUser.sAMAccountName
 '                 {  sAMAccountName = Domain account login name }
 ' Mailbox         ： objUser.Mail
 ' 密碼最後變更日期： dtmValue = objUser.PasswordLastChanged
 ' 密碼保存最長期間： numdays = GetMaximumPasswordAge (strDomainDN)
 '                 {  在 UserIsExpired Function 內，變數名稱＝iMaxAge }
 ' 密碼變更在幾天前： intTimeInterval = Int (Now - dtmValue)
 '                 {  今天日期-密碼最後變更日期 }
 ' 密碼是否過期    ： if intTimeInterval >= iMaxAge
 ' 密碼在幾天後到期： iRes = Int ((dtmValue + iMaxAge) - Now)
 '                 {  密碼最後變更日期 + 密碼保存最長期間 - 今天日期 }
 ' 發送郵件通知條件： If iRes <=  DAYS_FOR_EMAIL
 '                 {  DAYS_FOR_EMAIL 是在程式內自定義，並非AD上所定義的通知日期 }
 '


 Dim objRoot , objFSO
 Dim numDays, iResult
 Dim strDomainDN , Outputfile
 Dim objContainer, objSub


 Set objFSO = CreateObject("Scripting.FileSystemObject")
 Outputfile = "./exch-pwd-expires-2-log.txt"
 CreateOutputFile OutputFile
 wscript.sleep 1000


 Set objRoot = GetObject ("LDAP://rootDSE")
 strDomainDN = objRoot.Get ("defaultNamingContext")
 Set objRoot = Nothing


 numdays = GetMaximumPasswordAge (strDomainDN)
 dp strDomainDN & " 密碼保存最長期間: " & numDays & vbCRLF


 If numDays > 0 Then
    Set objConnection = CreateObject("ADODB.Connection")
 Set objCommand =   CreateObject("ADODB.Command")
 objConnection.Provider = "ADsDSOObject"
 objConnection.Open "Active Directory Provider"
 Set objCommand.ActiveConnection = objConnection


 objCommand.Properties("Page Size") = 1000
 objCommand.Properties("Searchscope") = 2
 'objCommand.CommandText = _
 '    "SELECT AdsPath, whenCreated FROM 'LDAP://"& strDomainDN &"' WHERE objectCategory='user'"
 objCommand.CommandText = _
         "Select AdsPath, whenCreated from 'LDAP://" & strDomainDN & _
             "' where objectClass ='user' and objectClass <>'computer'"
 Set objRecordSet = objCommand.Execute
 objRecordSet.MoveFirst
 Do Until objRecordSet.EOF
  Set objUser = GetObject(objRecordSet.Fields("AdsPath").Value)
  If Right (objUser.Name, 1) <> "$" Then
   If IsEmpty (objUser.Mail) or IsNull  (objUser.Mail) Then
    dp Mid (objUser.Name, 4) & " 沒有 Mailbox" & vbCRLF
            Else
                If UserIsExpired (objUser, numdays, DAYS_FOR_EMAIL, iResult) Then
     dp "---已經發送 Email 給 " & objUser.Mail & vbCRLF
     Call SendEmail (objUser, iResult)
    Else
     dp "...不需要發送 Email" & vbCRLF
    End If
   End If
  End If
     objRecordSet.MoveNext
 Loop


 End If


 WScript.Echo "Done"


Function GetMaximumPasswordAge (ByVal strDomainDN)
 Dim objDomain, objMaxPwdAge
 Dim dblMaxPwdNano, dblMaxPwdSecs, dblMaxPwdDays


 Set objDomain = GetObject("LDAP://" & strDomainDN)
 Set objMaxPWdAge = objDomain.maxPwdAge


 If objMaxPwdAge.LowPart = 0 And objMaxPwdAge.Highpart = 0 Then
  ' Maximum password age is set to 0 in the domain
  ' Therefore, passwords do not expire
  GetMaximumPasswordAge = 0
 Else
  dblMaxPwdNano = Abs (objMaxPwdAge.HighPart * 2^32 + objMaxPwdAge.LowPart)
  dblMaxPwdSecs = dblMaxPwdNano * ONE_HUNDRED_NANOSECOND
  dblMaxPwdDays = Int (dblMaxPwdSecs / SECONDS_IN_DAY)
  GetMaximumPasswordAge = dblMaxPwdDays
 End If
End Function


Function UserIsExpired (objUser, iMaxAge, iDaysForEmail, iRes)
 Dim intUserAccountControl, dtmValue, intTimeInterval
 Dim strName


 On Error Resume Next
 Err.Clear


 strName = Mid (objUser.Name, 4)
 intUserAccountControl = objUser.Get ("userAccountControl")


 If intUserAccountControl And ADS_UF_DONT_EXPIRE_PASSWD Then
  dp strName & " 的密碼尚未過期."
  UserIsExpired = False
 Else
  iRes = 0
  dtmValue = objUser.PasswordLastChanged
  If Err.Number = E_ADS_PROPERTY_NOT_FOUND Then
   UserIsExpired = True
   dp strName & " 的密碼尚未設定." & vbCRLF
  Else
   intTimeInterval = Int (Now - dtmValue)
   dp strName & " 的密碼最後設定日期：" & _
    DateValue(dtmValue) & " 在 " & TimeValue(dtmValue) & _
    " (" & intTimeInterval & " 天以前) 最大日期：" & iMaxAge


   If intTimeInterval >= iMaxAge Then
    dp strName & " 的密碼已經過期."
    UserIsExpired = True
   Else
    iRes = Int ((dtmValue + iMaxAge) - Now)
    dp strName & " 的密碼將於 " & _
     DateValue(dtmValue + iMaxAge) & " (" & _
     iRes & " 天後到期)."


    If iRes <= iDaysForEmail Then
     'dp strName & " 需要一個 email 帳號作為密碼更改通知"
     UserIsExpired = True
    Else
     'dp strName & " 不需要 email 帳號作為密碼更改通知"
     UserIsExpired = False
    End If
   End If


  End If
 End If
End Function


Sub SendEmail (objUser, iResult)
 Dim objMail


 Set objMail = CreateObject ("CDO.Message")


 objMail.From     = STRFROM
 objMail.To       = objUser.Mail


 objMail.Subject  = "密碼到期通知：" & Mid (objUser.Name, 4)
 objMail.Textbody = "Dear " & objUser.userPrincipalName & ":" & vbCRLF & _
    "您的網域和郵件帳號 (" & objUser.sAMAccountName & ")" & vbCRLF & _
    "密碼將於 " & iResult & " 天後到期了。 " & vbCRLF & _
    "請您儘快更換您的密碼." & vbCRLF & vbCRLF & _
 "請至 <a herf='https://webmail.YourDomain.com/ChangePassword/'>公司網域密碼變更處</a> 變更您的密碼" & vbCRLF & _
    "謝謝！" & vbCRLF & _
    "資訊部 系統管理者 敬上"


 objMail.Send


 Set objMail = Nothing
End Sub


Sub dp (str)
 If bDebug Then
  WriteOutputToFile str
 End If
End Sub


'---------------------------------------------------------------------------------------
'Function: CreateOutputFile
'Last Modified: 10/11/05 .csm
'This function writes the output file for the script.  The name and destination of the
'file is passed in as string variable. Uses Wscript.network to find current user id
'and domain, tries Win32_ComputerSystem and prompts if both of these methods fail.
'---------------------------------------------------------------------------------------
Function CreateOutputFile(OutputFile)
Dim tmpCurrentUser, objNetwork
strComputer = "."
'get local user information and add to the header file
Set objNetwork = CreateObject("Wscript.Network")
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\CIMV2")
Set colItems = objWMIService.ExecQuery("SELECT * FROM Win32_ComputerSystem")
For Each objItem In colItems
 tmpCurrentUser = objItem.UserName
Next


If IsNull(tmpCurrentUser) Then
    ScriptDomain = objNetwork.UserDomain
 ScriptUser = objNetwork.UserName
 If ISNull(ScriptDomain) or IsNull(ScriptUser) Then ' have user manually enter information as a last resort
  ScriptDomain = InputBox("請輸入 Domain:")
  ScriptUser = InputBox("請輸入 User ID:")
 End if
Else
 tmpCurrentUser = Split(tmpCurrentUser,"\")
 ScriptDomain = tmpCurrentUser(0)
 ScriptUser = tmpCurrentUser(1)
End if


Set objFile = objFSO.CreateTextFile(Outputfile) 'Create the File
objFile.Close
'Re-open file, write the headcer & 1st line of output
Set objFile = objFSO.OpenTextFile(Outputfile, ForWriting, true, TristateUseDefault)
objFile.WriteLine "Check domain password log"
objFile.WriteLine "Created: " & Now
objFile.WriteLine "Computer Domain: " & ScriptDomain
objFile.WriteLine "Current User: " & ScriptUser & vbcrlf
objFile.Close
End Function 


'---------------------------------------------------------------------------------------
'Function: WriteOutputToFile
'Last Modified: 9/28/05 .csm
'This function accepts a string and writes it to the output file
'---------------------------------------------------------------------------------------
Function WriteOutputToFile(strOutput)
'Check if file exists & write the data
On Error Resume Next
'Wscript.echo (strOutput)


If objFSO.FileExists(Outputfile) Then
 Set objFile = objFSO.OpenTextFile(Outputfile, ForAppending)
 objFile.Write strOutput
 objFile.WriteBlankLines(1)
 objExplorer.Document.Body.InnerHTML = "Script progress: <br>" & strOutput
Else
 ' file not found
 'Wscript.echo "Error file not found.  Please run the script again."
End If
objFile.Close
End Function

Hotkey for ESXi

Hotkey for ESXi
Hosts And Clusters                               Ctrl+Shift+H
Virtual Machines And Templates         Ctrl+Shift+V
Networking                                             Ctrl+Shift+N
Datastores and Datastore Clusters    Ctrl+Shift+D

拼音繁體輸入法

http://ant.sillydog.org/pages/PinyinChart.pdf