Windows: Map network drives from csv

Even back in my olden days of using a non-free operating system, I was automating my tasks. The non-persistent sessions at the computer science lab required that I script my tasks. This is what I came up with for mapping network drives.

You can set a csv file with the following contents:

driveletter,sharename,username,password,vollabel
SERVER,192.168.1.2
w,vol1\ben,,,W_svol1_ben
x,vol1,,,X_svol1
y,vol2,,,Y_svol2
z,vol5,,,Z_svol5
SERVER,hulk
s,hulk_ben,,,S_hulk_ben
t,smash,,,T_smash
SERVER,dax
u,dax_ben,,,U_dax_ben
v,science,,,V_science

So it’s not a real csv file; it’s got headers delineated by “SERVER” and a server name. The script will operate on the following lines, until the next “SERVER” line. It will mount the drive letter, from the following CIFS share, using a username and password or prompting if blank, and a pretty name. It will only mount those entries, if the SERVER actually is reachable. So it fails safely if you are on a different network than the requested server at the time.

The script is available on my gitlab. And that example csv is also there.

I eventually scrapped this script when I deployed an Active Directory domain and I used group policy to define a number of mounts to define.

Change photo on AD user account from Linux shell

You need a photo, with a suitable small size, probably 100×100 or smaller. I heard a size limit, 10KB, but my reference photo was 2KB.

Install openldap-clients, or the appropriate package to get ldapmodify command.

You will need the reference photo, which I will call input.jpg.

$ file input.jpg
input.jpg: JPEG image data, JFIF standard 1.01

Convert it with base64 with no wrapping.

$ base64 -w0 < input.jpg > photo.ldif

And now, add the ldif commands to the photo.ldif file:

dn: CN=Example user,OU=Users,DC=example,DC=com
changetype: modify
add: thumbnailPhoto
thumbnailPhoto: /9j/BASE64CONTENTHERE,ONONELINE

Observe that there is a blank line after the attribute being modified.

If you’re using kerberos auth, make sure you have a ticket with kinit $LDAPUSER. Run the ldapmodif command!

ldapmodify -v -f photo.ldif -H ldaps://example.com -O maxssf=0 -Y gssapi

To use simple binding, you would want a command more like this:

ldapmodify -v -f photo.ldif -H ldaps://example.com -O maxssf=0 -x -W -D 'CN=Example user,OU=Users,DC=example,DC=com'

This works because in Active Directory a user has the permissions (NTACLs) to update certain attributes for himself.

References

Original research
Refresher on ldif syntax: https://www.digitalocean.com/community/tutorials/how-to-use-ldif-files-to-make-changes-to-an-openldap-system

xfreerdp client cannot connect to xrdp session

You might get this kind of error when using xfreerdp to connect to xrdp.

[07:56:20:443] [11212:11213] [ERROR][com.freerdp.core.update] - [0x03] Cache Glyph - SERVER BUG: The support for this feature was not announced! Use /relax-order-checks to ignore
[07:56:20:443] [11212:11213] [ERROR][com.freerdp.core.update] - order flags 03 failed
[07:56:20:443] [11212:11213] [ERROR][com.freerdp.core.fastpath] - Fastpath update Orders [0] failed, status 0
[07:56:20:443] [11212:11213] [ERROR][com.freerdp.core.fastpath] - fastpath_recv_update() - -1
[07:56:20:443] [11212:11213] [ERROR][com.freerdp.core.fastpath] - fastpath_recv_update_data() fail
[07:56:20:443] [11212:11213] [ERROR][com.freerdp.core.transport] - transport_check_fds: transport->ReceiveCallback() - -3
[07:56:20:443] [11212:11213] [ERROR][com.freerdp.core] - freerdp_check_fds() failed - 0
[07:56:20:443] [11212:11213] [INFO][com.freerdp.client.common] - Network disconnect!
[07:56:20:443] [11212:11213] [ERROR][com.freerdp.client.x11] - Failed to check FreeRDP file descriptor

To work around the problem, add +glyph-cache to your command.

xfreerdp /v:remote-host3 /size:"1520x820" /u:bgstack15 /wallpaper /sec-rdp /sound +glyph-cache

Reference

Weblinks

Cannot connect with XFreeRDP version 2.0.0-rc4 · Issue #1266 · neutrinolabs/xrdp

Compare two files in hexadecimal view

Just a quick and dirty list for myself. When I was looking for hexeditors with a file-compare view, these came up. All three of these options seem useful in slightly different ways.
vbindiff
dhex
vimdiff and :%!xxd
Vimdiff just calls vim with a bunch of preset options.

vimdiff file1 file2

Once inside, you have to convert each file with :%!xxd and then after making any changes, convert back with :%!xxd -r before saving. Slightly clunky, and I’m sure there’s a way to automate all that. But I was only making select changes. And a few keystrokes isn’t so bad.

Rearrange windows on iconbar in Fluxbox

I don’t know C++, so I don’t know how to add a patch to Fluxbox to make it easy to drag and rearrange the windows on the iconbar (aka taskbar). But I’ve dabbled with some higher-level X tools, and here’s my dirty solution to rearrange the windows.

#!/bin/sh
# designed to be used with a keyboard shortcut
# in ~/.fluxbox/keys that could be:
# Control Shift Mod4 X :Exec /home/username/bin/move-to-end-of-taskbar.sh
xdotool getactivewindow windowunmap windowmap

This is original research.
Any arbitrary window that is active, can be hidden and then redrawn, to make it show up last in the list, so it is on the end. Do it enough, and the remaining windows will be bumped to the first in the list.

Ansible make static dns record in Microsoft DNS

If you have a heterogenous datacenter with GNU/Linux and Microsoft servers, you might run into this problem.

When you want to create dynamic dns records programmatically, you can use the nsupdate module. It doesn’t work with gsstsig auth which is the only way the AD DNS works for “secure updates” so I previously wrote a wrapper for doing so. However, when you want to create static records, it’s a little bit harder. With the help of my Windows teammates, I now have a working solution for making static records in AD DNS, complete with the reverse PTR records.

Dependencies

  • A Windows Server 2016 client with RSAT with DNS installed. Apparently regular RSAT isn’t enough. I don’t know what’s involved in installing the right components, so if anybody could share your notes for how that works, comment at the end here.
  • Winrm with kerberos auth enabled

The tricky part here was learning how to elevate privileges once getting to the Windows client.

Playbook

---
- name: playbook that creates static DNS static records, both A and PTR, through the windows utility box
  hosts: localhost
  vars_files:
  - /etc/ansible/creds/windows_service_account.yml

  tasks:

  - add_host:
      group: rsat
      name: "rsat01.ad.example.com"
      ansible_connection: winrm
      ansible_winrm_server_cert_validation: ignore
      ansible_user: "{{ win_ansible_user }}"
      ansible_ssh_pass: "{{ win_ansible_ssh_pass }}"
      ansible_port: "5986"
      ansible_win_rm_scheme: https
      ansible_winrm_transport: kerberos
      ansible_host: rsat01.ad.example.com
    changed_when: false
    no_log: true

  - set_fact:
      ansible_winrm_server_cert_validation: ignore

  - name: make static a and ptr records, ad
    win_shell: Add-DnsServerResourceRecord -ComputerName ad.example.com -ZoneName ad.example.com -A -Name newhost1 -IPv4Address 10.234.56.78 -CreatePtr
    become: yes
    become_method: runas
    become_user: "{{ win_ansible_user }}"
    delegate_to: rsat01.ad.example.com
    vars:
      ansible_winrm_transport: kerberos

...

References

  1. How to make ansible connect to windows host behind linux jump server – ExceptionsHub
  2. Add-DnsServerResourceRecord [microsoft.com]
  3. Understanding Privilege Escalation — Ansible Documentation

Making my HTPC easier for non-technical people to use

I have a Ubuntu 16.04 instance (I’m not proud) because at the time, Kodi only supported 16.04 of the Ubuntu family and I didn’t feel like compiling it myself on another platform, or depending on prebuilt binaries (if that’s even an option). I ended up not really liking the 10-foot interface that Kodi had to offer (as well as it seemed to really stink at populating its indices of my own local content!), and I really like the paradigm of a desktop environment with traditional file manager and media player programs. So I will reimage the system with Devuan at some point, but that’s another day’s problem.
One of the little issues that I have discovered somehow between PulseAudio and HDMI is that upon each boot, the default audio out is the built-in speakers in the computer case. I have to manually adjust pavucontrol to set it to be the HDMI out audio that sends it to the big screen.
I decided to automate this so others don’t have to know what option to select on what tab in what program, in order to get the sound to goto the TV. I remember (fondly, actually) my automation days in obsolete, proprietary OSes using AutoHotKey. A great way to simulate key presses in X11 (because Wayland seems as scary as systemd or pulseaudio) is to use xdotool (which I’ve written about before).
Using my tried-and-true desktop-file-calls-shell-script method, I have whipped up a nice desktop icon for the user to call after first logging in.

[Desktop Entry]
Name=Output audio to HDMI
Exec=/home/kodi/bin/set-sound.sh
Type=Application
StartupNotify=true
Path=/home/kodi
Icon=multimedia-volume-control
StartupWMClass=pavucontrol
Terminal=true
Comment=Configures pulseaudio to send audio to HDMI automatically

And the shell script:

#!/bin/sh -x
# goal: set sound to have audio output to HDMI for the television.
# startdate: 2019-08-01 22:09
# dependencies:
#    pavucontrol
#    xdotool

pavucontrol &
sleep .5
xdotool key --delay 25 alt+c Down alt+Down End Up Up Up Return
# Return
# 3 up buttons to select the option fourth from the bottom in the list.
# this is very hard-coded for the kodi machine in the living room.

The hard part of course was finding how to notate the different keystrokes very precisely, with the capitalization and special characters.

Auxiliary info and asides

Pro tip: Don’t ever configure “Alt+F4” in an xdotool script, especially when you load it up into ~/.config/autostart, and not bound to a specific window class. I really messed up the Xfce session almost permanently because I magically closed out xfwm, xfdesktop, and I think even xfpanel. That was embarrassing, big-time. Took me a while to even figure out what I had done. I couldn’t figure out how to use the “search” window stack population function of xdotool, to identify the pavucontrol window, so I couldn’t restrict my simulated keypresses to just pavucontrol. I also learned later that when the terminal window running the shell script is terminated, it kills even the backgrounded job of pavucontrol, so no ALT+F4 was required.

firefox keeps reloading existing tabs when i switch

Firefox will unload tabs if you’re running low on memory (for whatever reason). Change these settings in about:config to keep the tabs loaded, and then restart Firefox.

browser.tabs.unloadOnLowMemory = false
accessibility.blockautorefresh = true

References

Weblinks

  1. How To Stop Firefox Tabs From Auto-Refreshing on Tab Switch – Super User
  2. [Fix] Mozilla Firefox Automatically Suspends Tabs and Reloads When You Visit – AskVG

Internet searches

  1. firefox having to reload loaded tabs