I raised a flag pole just in time for Flag Day…
I still have quite a few rocks to put down as you can see. I will surround the whole flag pole with them and then put some nice soil over the top of it and then plant wild flower seeds.
joeware - never stop exploring... :)
Information about joeware mixed with wild and crazy opinions...
6/22/2008
6/19/2008
Major MUD Scripts…
Wow I went looking and actually found the SLIQ Major MUD scripts I talked about in the last post. Or at least I think I found most of them, even then I broke the stuff up into multiple files and modules.
I was poking around in one piece and found this section which was one of my favorite pieces as it always surprised the crap out of newbies who thought they could steal from me…
// Thief Routine
if instr(line,”bumps you”) then
dim pointer as integer
pointer = 1
if instr(line,”:”) then
if instr(line,”:”) > instr(line,”)”) then
pointer=instr(line,”:”)+1
else
pointer=instr(line,”)”)+1
end if
end if
thief = MyMid(line,pointer,instr(line,”bump”)-pointer-1)
Attack(thief)
fighting = TRUE
monster1 = thief
send
end if
Basically you had people who would figure out that someone was running a script and then send a thief in to rob them blind. Up until I wrote my script, the scripts were so simple the thieves could get away with it because the script wouldn’t attack back. I sat and watched my character get robbed one day and said, hmm that isn’t happening to me again. So I wrote this routine to attack the thief that tried to rob me. Another routine would then chase the thief if he started running. Definitely not the normal script handling. π
I also had this cute little routine
// Character attacking Normal way
if instr(line,”moves to attack you”)>2 and instr(line,”attack young”) = 0 and instr(trueLine,”You”)=0 then
print “>>”+ line
if instr(line,other) then
send “Forgive ” + other
goto end_parse
end if
lstart=instr(line,”moves”)-1
if instr(line,”:”) > instr(line,”)”) then
lslash=instr(line,”:”)+1
else
lslash=instr(line,”)”)+1
end if
command1=MyMid(line,lslash,lstart-lslash)
if myInfo.pvp <> “” then
if instr(command1,myInfo.pvp) then
monster1 = myInfo.pvp
fighting = TRUE
Attack(monster1)
goto end_parse
end if
end if
if (myInfo.log AND DEBUG) then print #1, time+” Under Attack>”+command1
if caution_level = 9 then call get_out
sayMessage(“Under Attack–>”+line)
end if
That would attack anyone who attacked me, but for bonus it would tell the other character that the first character was “tagged” to to also attack.
Here was a routine that would have one tagged character help another that dropped to the ground
// Somebody hit the ground, find out who and help.
if (instr(line,”drops to the ground”)) then
lstart=instr(line,”drops to the ground”)-1
lslash=instr(line,”:”)+1
command1=MyMid(line,lslash,lstart-lslash)
if (myInfo.log AND DEBUG) then print #1, time+” Someone hit the ground ->”+command1
if instr(other,command1) then
heal(command1)
send “aid “+command1
if fighting then Attack(” “)
else
if other <> “*none*” then send “!Oh That’s Got To Hurt!”
end if
end if
I love this stuff, so much fun. I am such a geek. π
joe
Scripting / SysAdmin Meme
Well Darren has effectively said “Tag, you’re it” for this Scripting/Sysadmin Meme that is going around. I kind of liken this to the emails that say send this to 7 of your friends immediately but since I am not actually forwarding it, you have to come to me to read it, I will play.
How old were you when you started using computers?
I was 12 and I believe I was in 7th grade when I first started playing with computers.
What was your first machine?
The first computer I used was a Commodore PET with cassette tape storage. It was in Manton Consolidated School’s Library. The first computer my parents owned that I played on was an Atari 800 which I believe I still have a book on programming the graphics for. Although we had that machine I believe I had begged and begged for a TI-99 before that. Also mixed up in there in my playing were an Apple II and the Tandy TRS-80 Model II and the first multi-user computer I used was a PDP-11/34 running RSTS/E 7.2.
What was the first real script you wrote?
I started with writing compiled and assembled languages. I had all of these languages down before writing my first script – BASIC, BASIC-PLUS, BASIC-PLUS-2, FORTRAN, COBOL, PL-1, Pascal, Assembler for like 3 or 4 different processor architectures, MACRO Assembler for PDP-11, and C back when I was still in High School.
I didn’t get too involved with scripting until I started playing a MUD in the mid-90’s called MajorMUD and then I used Qmodem Pro’s SLIQ Scripting language to write scripts that would run my characters around killing monsters and picking up cash and weapons. That was the first major script I wrote for anything and was thousands of lines (I wonder if I still have that around) and could handle nearly everything in the game and used text files for directions for easy updates. It was very cool as it allowed for two characters to work together (which I called tag teaming script) which was immensely better than just a single character running around scripting. I actually was able to sell copies of the compiled version to other players of the game. If anyone that used to play MajorMUD is reading this, my characters were Slayer Cricket which was a Ogre Witch Hunter and Hunter Cricket which was a Human Paladin (colloquially known as Hunter and Slayer). The scripts would talk to each other by passing text messages back and forth through a MUD private chat channel.
The first real scripting I did “professionally” was REXX and Perl back in the late-90’s (1996 or so).
What scripting languages have you used?
DOS batch, Fastlane FINAL (dabbled), REXX, Perl, VBScript, JScript, SLIQ, and I have dabbled with PowerShell because I have had too occasionally. π Out of the bunch, I find Perl to be by far what I prefer.
What was your first professional sysadmin gig?
Well I ran the PDP-11 at my high school which was kind of a real job though I didn’t get paid. Didn’t matter, that system had to be up and running and if it wasn’t, it was my ass. After that when I was about 17 and still in high school I got a job working for a company called Automated Tracking Systems which processed insurance info for GMAC loans and issues MIC insurance for anyone who didn’t have any insurance. It was an interesting job as we would get Mag Tapes from EDS and you never knew what format those things would be coming in as, it was all over the map. The job was as weekend operator. I worked 24 hours over Sat/Sun making sure PDP-11’s and VAXes ran ok processing loan tapes and doing other batch jobs. Mostly I slept and wrote code (MACRO Assembler and Basic-Plus II) to do system chores.
If you knew then what you know now, would have started in IT?
Yes I think so. I would have started earlier and not taken the time off that I did and I very likely would be retired right now just sitting back having fun writing code and enjoying life a little more. While I started early, I took large blocks of time (years) off from the tech field as it kept burning me out and went out and explored the world a little doing sales, etc. I certainly would have started something joeware “like” much sooner and would have pushed harder to make it commercial as it is tougher to do now with the little time I have. I also wouldn’t have wasted my time and money going to University/College.
If there is one thing you learned along the way that you would tell new sysadmins, what would it be?
Share information. Information hoarded is ridiculous. I laugh when I see people in IT who think they are important because they are the only ones who know how to do this that or the other thing. I am very quick to tell people how to do things or at least help them learn things so I can move on and do other things. Who wants to be stuck doing the same thing over and over again. Also… Never stop exploring. π
Whatβs the most fun youβve ever had scripting?
Well for pure fun, it was the MUD scripts I wrote. It was a huge challenge trying to make the computer “think” for me when I was off working so that my characters would get money, weapons, experience points and stay alive. People constantly would attack the scripts and try to trick you, etc. My scripts would play a song anytime they “bugged out” when there was too much danger of dying or something unexpected and therefore unhandled occurred…. the song… Blue Oyster Cult’s Don’t Fear The Reaper. π Just hearing the opening bars will make the hair on my arms stand upright and wake me up instantly because usually when I heard that it meant that someone was attacking my characters and I might be dead. I recall the Hunter and Slayer scripts running on my Packard Bell computer while I slept in the next room the song would pop on and I would be flying out of bed before it got 15 notes into the song.
As for “real” scripts I would say I had a blast writing scripts for Ford Credit when I worked there. We implemented SMS replacements in perl as well as all sorts of other things.
Who am I calling out?
Hilarious response…
I saw this on an email today and had to share as it cracked me right up…
One very intelligent analyst I know was asked if a customer should be queried about the scope of a given project. His response was
“They will ask us for a 2008 Lincoln Continental. We’re reasonably equipped to deliver a 2001 Taurus.”
The fact that the Lincoln Continental was discontinued in 2002 makes this all the more funnier… And accurate.
Question about configuring Active Roles Server property validation policies…
So I am working on Active Roles Server (ARS for now on…) and ran into a little issue that had me thinking for a little bit…
The thing was that I needed to auto-generate the user name and it needed to be
[LASTNAME],[SPACE][FIRSTNAME][SPACE][INITIALS]
So for example, say I have John Q. Public the name attribute (aka cn for user) needed to be Public, John Q
Now I don’t like this format for the name attribute on objects in AD, I much prefer using something that is unique, say like sAMAccountName. But for some reason, some people like to see the name looking like the displayName. Not sure why, just some people do. So anyway, it doesn’t matter what I think in this case, the standard that I have to follow is as I mentioned
Anyway… This is frighteningly easy in ARS. First I defined my rules for givenName, sn, and initials…
givenName = ^[A-Z]([A-Za-z]+[ -]?)+[A-Za-z]{0,1}$
sn = ^[A-Z]([A-Za-z]+[ -‘]?)+[A-Za-z]{0,1}$
initials = ^[A-Za-z]+$
and then via the GUI set the rule for name to autogenerate with
%<sn>, %<givenName> %<initials>
That works perfectly…
Right up until someone doesn’t have initials in their name… CRAP!
What happens is that you get
[LASTNAME],[SPACE][FIRSTNAME][SPACE]
and that trailing space is a P.I.T.A..
Does anyone here use ARS? If so, do you know how to handle this situation WITHOUT a script? I mean seriously, you should be able to do this in the basic auto-generation language.
6/18/2008
PowerShell + S.DS.Protocols Versus AdFind Redux… Sorta
So you will recall my previous post on AdFind and PowerShell using S.DS.Protocols…
If you read activedir.org you will know that I realized some odd things occurred… I didn’t want to post back here until I had some more understanding of what is going on but now almost 2 weeks later I still haven’t a clue what is going on. I wanted to respond though. Admittedly the weather has been pretty nice here lately so I haven’t been playing computer geek as much as I did on the 9th when we had tornadoes whistling around the area (don’t worry, closest that got to me was about 3 miles away, so plenty of safety margin).
Basically the problem is that I have one PowerShell window that is performing like complete crap for the test script, and other Windows I open even though I seem to configure them similarly perform fine normally. I have been able to cause them to slow down a little by running the same commands over and over and watching it suck up silly amounts of memory but haven’t gotten it to slow down to the point the first window slows down. This really bothers me, I hate inconsistency. It throws all sorts of doubt on testing and what you have in front of you.
Interestingly running AdFind out of the two PowerShell windows results in identical performance, it is entirely within the realm of the PoS Scripts and .NET. But what? ~Eric suggested using some CLR profiler application but it apparently can’t profile something that is already running, you have to launch it with the profiler and unfortunately, my screwed up PoS window is already running.
Looking at the two Windows now, the PoS window that is “acting up” in which I just reran the test script to make sure it is still screwing up and that is all it has done in a couple of days is sitting there sucking up 140MB of RAM. The other PoS window is is using a “paltry”[1] 14MB[2].
When running in these “other” windows, the performance of PowerShell with the script is within 25% of AdFind. This is much closer to what I was expecting when I first tested it. The processor utilization of the “good” window is considerably less than what I saw with the “bad” window. Better actually than I expected out of PoS which is good. Network utilization is also much closer to AdFind which is what I expected; its the same data coming over the wire.
Again, I have no clue why that one PoS window is being troublesome, sorry. No answers here for you on that.
So anyway, oddness aside, I wanted to comment on each of the points from before.
1. Testing Methodology
I didn’t like Brandon’s testing methodology, I still don’t like what he initially did. He changed it and is now posting numbers with the new methodology. Very nice. π
2. Testing Environment
Nothing new here.
3. Considerable performance hit on the machine running the tools…
This is related to the “bad” PoS window. Again, no clue what is happening here. The “good” PoS window has much better performance characteristics.
4. Network utilization
As mentioned above, this is now in line with AdFind as originally anticipated, again this was screwed before due to the bad window.
5. Umm there is a problem in the PoS Script…
This was all me, shortly afterward I realized while chatting with Dean about it that I used objectclass=* for AdFind and PoS was only doing an objectclass=user. I told Dean, I assume he passed that info on to Brandon.
6. The PoS doesn’t seem to fast in relation to AdFind…
Again, this is related to the bad window. The results are much closer now; within 25% in my limited tests.
While I have been off doing whatever, Brandon has continued forward in his tests, I highly recommend checking his blog out and reading about them. You can find it here – http://bsonposh.com/. He actually has some stuff way cooler than the perf testing that he has posted about now which is the STATS control stuff. He has sample code on how to return that info which I highly applaud. I know he spent a good portion of the weekend working through it as I got a bunch of emails from him on the details etc of it. I helped with what I felt I could[4] and then he found some docs up on MSFT in the protocols descriptions that were recently posted for legal reasons that actually describe all the stuff I had to reverse back in 2004 – http://msdn.microsoft.com/en-us/library/cc200562.aspx. I didn’t look closely at the code, but note that there were some changes in the STATS handling around the 2003 SP1 time frame as I had several people hit me with bug reports and I had to change how I was handling some of the info. I think the issue was around the calltime stuff but it was back in 2005 and I honestly don’t recall the details at the moment.
Oh Brandon mentions on his blog how PoS started surpassing AdFind for most tests when he started doing CSV data and that I would explain why. I explained to Brandon (and Dean) prior to them even getting into the tests that I expected it to occur. I don’t care too much to get into it but the gist is that the CSV handling was a hack into the tool to try and get it in there (along with -soao and -oao switches) because so many people were asking for it and I previously wasn’t planning on doing it until I built the 2.0 version of the AdFind internal logic framework[5]. Anyway when I say hack, I mean total hack, I am passing whole AdFind formatted output strings for the entire object around internally like for example
dn:DC=test,DC=loc
>objectClass: top
>objectClass: joeware-ServerClass
>objectClass: domain
>objectClass: domainDNS
>description: Test.Loc
>distinguishedName: DC=test,DC=loc
>instanceType: 5
>whenCreated: 20060512031950.0Z
>whenChanged: 20080529025642.0Z
>subRefs: CN=Configuration,DC=test,DC=loc
>subRefs: DC=ForestDnsZones,DC=test,DC=loc
>subRefs: DC=DomainDnsZones,DC=test,DC=loc
>uSNCreated: 7254
<SNIP>
and then reparsing them and reformatting into CSV format, etc. It seriously is a mess. The issue is lots of string passing between functions etc which means lots of string class instantiation going on which is dramatically slowing the AdFind down. When I was testing it back then I was seeing differences in speed between 20-60%, it was literally enough of a delta to see the difference in the output to the console. That almost prevented me from releasing the -csv/-soao/-oao switches at all. Then just bit the bullet because of my plans to rewrite the whole thing anyway. The ideas behind the new engine for AdFind will be to not do any of the formatting of the output until the very end and then it will go through a custom class that will figure out where that output is going – pipe, redirection, file, etc and output the info appropriately which should handle some of the various unicode issues people encounter at the command prompt[6].
In summary, the PoS stuff is running pretty well, when you don’t have a bad PoS Window. How you would detect that I don’t know, just have an idea on how fast your script should run I guess. For doing ad hoc DS stuff, would totally say this is fine, for constant running apps that use the directory, still won’t recommend .NET let alone PoS. PoS (and .NET) still has a lot of overhead (I had a window running some tests the other day that was eating 1.5GB and would have taken more but there was no more to take so it started throwing System.OutOfMemoryException errors…) and has been a wee bit unstable for me[7].
Possibly more later.
Oh one last thing, I tried to tweak one of Brandon’s scripts and obviously did it wrong, but it is fun to see how PoS handles it… I am currently at 1.25GB RAM being sucked up and 50%+ utilization on the PoS shell trying to run it…
$SearcherExpression = @’
$searcher = new-object System.DirectoryServices.DirectorySearcher([ADSI]””,”(objectclass=user)”,@(“distinguishedName”))
$searcher.pagesize = 1000
$searcher.findall()
‘@
Write-Host “Test 1”
Write-Host (“-“*40)
$myresults1 = “” | select @{n=”DirectorySearcher 1″;e={(Measure-command {invoke-expression $SearcherExpression}).TotalSeconds}},
@{n=”DirectorySearcher 2″;e={(Measure-command {invoke-expression $SearcherExpression}).TotalSeconds}},
@{n=”DirectorySearcher 3″;e={(Measure-command {invoke-expression $SearcherExpression}).TotalSeconds}},
@{n=”DirectorySearcher 4″;e={(Measure-command {invoke-expression $SearcherExpression}).TotalSeconds}},
@{n=”DirectorySearcher 5″;e={(Measure-command {invoke-expression $SearcherExpression}).TotalSeconds}},
@{n=”ADFind 1″;e={(Measure-Command { .\adfind -b “dc=test,dc=loc” -c -f “(objectclass=user)” }).TotalSeconds}},
@{n=”ADFind 2″;e={(Measure-Command { .\adfind -b “dc=test,dc=loc” -c -f “(objectclass=user)” }).TotalSeconds}},
@{n=”ADFind 3″;e={(Measure-Command { .\adfind -b “dc=test,dc=loc” -c -f “(objectclass=user)” }).TotalSeconds}},
@{n=”ADFind 4″;e={(Measure-Command { .\adfind -b “dc=test,dc=loc” -c -f “(objectclass=user)” }).TotalSeconds}},
@{n=”ADFind 5″;e={(Measure-Command { .\adfind -b “dc=test,dc=loc” -c -f “(objectclass=user)” }).TotalSeconds}},
@{n=”DSP Using 1.1 1″;e={(Measure-command { .\Test-DSProtocalsSP.ps1 }).TotalSeconds}}
@{n=”DSP Using 1.1 2″;e={(Measure-command { .\Test-DSProtocalsSP.ps1 }).TotalSeconds}}
@{n=”DSP Using 1.1 3″;e={(Measure-command { .\Test-DSProtocalsSP.ps1 }).TotalSeconds}}
@{n=”DSP Using 1.1 4″;e={(Measure-command { .\Test-DSProtocalsSP.ps1 }).TotalSeconds}}
@{n=”DSP Using 1.1 5″;e={(Measure-command { .\Test-DSProtocalsSP.ps1 }).TotalSeconds}}
$myresults1 | fl
Write-Host “Test 2”
Write-Host (“-“*40)
$myresults2 = “” | select @{n=”ADFind #1″;e={(Measure-Command { .\adfind -b “dc=test,dc=loc” -c -f “(objectclass=user)” }).TotalSeconds}},
@{n=”ADFind #2″;e={(Measure-Command { .\adfind -b “dc=test,dc=loc” -c -f “(objectclass=user)” }).TotalSeconds}},
@{n=”ADFind #3″;e={(Measure-Command { .\adfind -b “dc=test,dc=loc” -c -f “(objectclass=user)” }).TotalSeconds}},
@{n=”ADFind #4″;e={(Measure-Command { .\adfind -b “dc=test,dc=loc” -c -f “(objectclass=user)” }).TotalSeconds}},
@{n=”ADFind #5″;e={(Measure-Command { .\adfind -b “dc=test,dc=loc” -c -f “(objectclass=user)” }).TotalSeconds}},
@{n=”DSP Using 1.1 #1″;e={(Measure-command { .\Test-DSProtocalsSP.ps1 }).TotalSeconds}}
@{n=”DSP Using 1.1 #2″;e={(Measure-command { .\Test-DSProtocalsSP.ps1 }).TotalSeconds}}
@{n=”DSP Using 1.1 #3″;e={(Measure-command { .\Test-DSProtocalsSP.ps1 }).TotalSeconds}}
@{n=”DSP Using 1.1 #4″;e={(Measure-command { .\Test-DSProtocalsSP.ps1 }).TotalSeconds}}
@{n=”DSP Using 1.1 #5″;e={(Measure-command { .\Test-DSProtocalsSP.ps1 }).TotalSeconds}}
@{n=”DirectorySearcher #1″;e={(Measure-command {invoke-expression $SearcherExpression}).TotalSeconds}},
@{n=”DirectorySearcher #2″;e={(Measure-command {invoke-expression $SearcherExpression}).TotalSeconds}},
@{n=”DirectorySearcher #3″;e={(Measure-command {invoke-expression $SearcherExpression}).TotalSeconds}},
@{n=”DirectorySearcher #4″;e={(Measure-command {invoke-expression $SearcherExpression}).TotalSeconds}},
@{n=”DirectorySearcher #5″;e={(Measure-command {invoke-expression $SearcherExpression}).TotalSeconds}},
$myresults2 | fl
Write-Host “Test 3”
Write-Host (“-“*40)
$myresults3 = “” | select @{n=”DSP Using 1.1 #1″;e={(Measure-command { .\Test-DSProtocalsSP.ps1 }).TotalSeconds}}
@{n=”DSP Using 1.1 #2″;e={(Measure-command { .\Test-DSProtocalsSP.ps1 }).TotalSeconds}}
@{n=”DSP Using 1.1 #3″;e={(Measure-command { .\Test-DSProtocalsSP.ps1 }).TotalSeconds}}
@{n=”DSP Using 1.1 #4″;e={(Measure-command { .\Test-DSProtocalsSP.ps1 }).TotalSeconds}}
@{n=”DSP Using 1.1 #5″;e={(Measure-command { .\Test-DSProtocalsSP.ps1 }).TotalSeconds}}
@{n=”DirectorySearcher #1″;e={(Measure-command {invoke-expression $SearcherExpression}).TotalSeconds}},
@{n=”DirectorySearcher #2″;e={(Measure-command {invoke-expression $SearcherExpression}).TotalSeconds}},
@{n=”DirectorySearcher #3″;e={(Measure-command {invoke-expression $SearcherExpression}).TotalSeconds}},
@{n=”DirectorySearcher #4″;e={(Measure-command {invoke-expression $SearcherExpression}).TotalSeconds}},
@{n=”DirectorySearcher #5″;e={(Measure-command {invoke-expression $SearcherExpression}).TotalSeconds}},
@{n=”ADFind #1″;e={(Measure-Command { .\adfind -b “dc=test,dc=loc” -c -f “(objectclass=user)” }).TotalSeconds}},
@{n=”ADFind #2″;e={(Measure-Command { .\adfind -b “dc=test,dc=loc” -c -f “(objectclass=user)” }).TotalSeconds}},
@{n=”ADFind #3″;e={(Measure-Command { .\adfind -b “dc=test,dc=loc” -c -f “(objectclass=user)” }).TotalSeconds}},
@{n=”ADFind #4″;e={(Measure-Command { .\adfind -b “dc=test,dc=loc” -c -f “(objectclass=user)” }).TotalSeconds}},
@{n=”ADFind #5″;e={(Measure-Command { .\adfind -b “dc=test,dc=loc” -c -f “(objectclass=user)” }).TotalSeconds}},
$myresults3 | fl
$myresults1,$myresults2,$myresults3
joe
[1] Said in a sarcastic tone…. π
[2] For comparison, the five command prompt windows I have had open since the mid-May and that I do practically everything I do on the computer including hundreds if not thousands[3] of AdFind/AdMod commands are using 5MB combined. The PowerShell window I just opened to see how much memory it used on launch has 27MB.
[3] I run test commands against my various test AD domains all throughout the day for work.
[4] I wasn’t about to talk about what I reverse engineered because I didn’t want to get in trouble for that…
[5] Good thing I didn’t wait, I still haven’t finished that one. π
[6] Not positive but last I heard, console .NET apps have the same issues. You can test it by putting in an object in your directory with some characters with umlauts or other fun characters and then write a console app to display them at the console them redirect them then pipe them and then write them to a file and then make sure it is displayed properly each way. Unicode is a bit of a pain.
[7] In trying to do various things to make it slow down like the first window I caused PoS to crash several times which I can’t recall ever doing to a command prompt window. I can understand if a script blows or an app blows, but I don’t think it should take out the shell window in the process.
6/17/2008
Spitter….
It’s hard to be emotional with a spitter.
– Anonymous friend
6/14/2008
[joeware – never stop exploring… :) is proudly powered by WordPress.]
