How to: Refresh the User Manager Cache in K2 blackpearl

Each change in the configuration of user managers in K2 requires user cache refresh which can be done by executing following SQL script against K2 database:

UPDATE [K2HostServer].[Identity].[Identity]
SET [ExpireOn] = GETDATE()
,[Resolved] = 0
,[ContainersResolved] = 0
,[ContainersExpireOn] = GETDATE()
,[MembersResolved] = 0
,[MembersExpireOn] = GETDATE()

GO

 

 

How to: Remotely enable inbound Remote Desktop rule in Windows Server 2008 R2 firewall

In situations when you unable to connect to remote WS 2008 box via RDS due to Windows Firewall being enabled without inbound RDS rule enabled you may try to enable required firewall rule remotely.

If PS on machine in question is configured for remoting you may open remote PS session on this machine, using following command:

enter-pssession -computername REMOTE_COMPUTER_NAME

If remote PS session opened successfully you may run both PS commands and regular CLI commands for remote machine there. To check inbound RDS rule for Windows firewall use:

netsh advfirewall firewall show rule name=”Remote Desktop (TCP-IN)”

If this role not enabled issue following command to enable it:

netsh advfirewall firewall set rule name=”Remote Desktop (TCP-IN)” new enable=yes

Starting with Windows Server 2012 you may control Windows Firewall with PS commandlets which is much more convenient and easier.

 

How to: check currently used credentials for database connection in Oracle SQL Developer 4

When you are using Oracle SQL Developer 4 to connect to multiple databases at the same time (sometimes using credentials other than saved in connection properties) you have multiple tabs in main window labeled with DB names without any indication of under which account you are connected to them (it seems natural to have such information in tab label/name).

So your options here is either create multiple saved connections for each credentials used and name connections so that they reflect both DB name and credentials (after that using drop box in top right corner of main window comes in really handy) or use a query to check which credentials are currently being used.

You may use following query to check your currently used credentials:

SELECT username,
osuser,
machine,
schemaname
FROM gv$session
WHERE sid=(SELECT sys_context(‘userenv’,’sid’) FROM dual);

This will give you USERNAME, OSUSER and MACHINE info. Or, alternatively you may use this (less details, but also less privileges required)​:

SELECT USER,SYS_CONTEXT (‘USERENV’,’SESSION_USER’) FROM dual

This returns USER and SYS_CONTEXT.

How to quickly check last reboot time for Windows box

Sometimes you need check on the last reboot time for Windows box. Here are two methods to do it quickly:

1. Via systeminfo command: systeminfo | find “System Boot Time” (for systems prior to Server 2008/Windows 7 use: systeminfo | find “System Up Time”)

This will give you date and time when the system was started.

2. Via PowerShell: get-eventlog System | where-object {$_.EventID -eq “6005”} | sort -desc TimeGenerated

get-eventlog

This option is better to my mind as it gives you info not on the latest startup event only but on all history from the event log.

How to remove rights granted through AD DS “Delegation of Control Wizard”

In Windows Server 2008 R2 it is very easy to delegate control over particular OU or domain via “Delegation of Control Wizard” to user or a group. Just select a domain or an OU in ADUC and choose “Delegate Conrol” – the rest it’s straightforward point and click process.

But once you delegated these rights it is not so easy to view or remove them (at least you don’t have any GUI wizard for this). To view or delete delegated rights through ADUC GUI you should first enable Advanced Features in View menu (see screenshot below).

Image

Next you access properties of domain/OU in question and look for Security tab where you can view / edit / remove delegated permissions (see screenshor below).

Image

In case you need to revoke delegated permissions you need to use scripting / CLI to accomplish this. For example you may use following command to remove all delegated rights from specified user to specified OU:

dsacls.exe “OU=Test OU,DC=testdomain,DC=local” /r testdomain\testuser