Category Archives: Code

Code snips, and programming examples.

Android Active Directory Management

Presenting, ActiveDiroid:

Android App: ActiveDiroid on Android Market

Download: PHP Gateway Application Script. After extracting the files to the webserver you want to run the application on, you may rename the server.php file to anything you want plus the .php extension. You will be typing in the full URL to the script in the Android client anyway.

It is highly recommended that you get the free version and setup the script. The free version allows you to unlock accounts and view all information as the full version. Allowing you to test your SSL setup as well. Just set the SSL to enabled after doing the steps below and if you can connect then you should be good.

There is no longer a free limited version. Only full version is available and it is free as well as source code which will be available on this page.

You must completely uninstall the limited free version to use the full version.

My first Android application. Available on the market soon for 10″ tablet devices. This app is not developed to work on a phone or smaller tablet. There is just too much information to show cleanly.

I built this app to manage Active Directory users on my tablet while at work and away from the management console.

ActiveDiroid

ActiveDiroid

Current Features: Browse all users, browse users per group, unlock account, force password change, disable/enable account, change account display name, change full name, last name, account description, change password**, change office desc, company desc, telephone number, email (not exchange addresses), title, and department, change user group memberships (add and remove users from groups), create user accounts, exchange information.

It is an Active Directory via LDAP issue pulling the account locked status. If an account has not been logged into for a very long time, the locked account switch will be set to True. You can ‘unlock’ the account and it will do no harm.

The client connects to a PHP enabled webserver inside your network, the PHP script runs with all the information you provide inside the application. I choose this way because it’s easier to manage security and to lock down a single entry point into the Active Directory then many administrators with devices connecting to it from anywhere.

The application works on your internal wireless network, or over a VPN connection to your workplace. As long as you can hit the webserver with the tablet, this app will work. This also allows you to lock things down with a firewall, and all that good stuff.

In a multi-user setup, a single webserver is used (new or existing) that can run PHP applications. This server is allowed to connect to the Active Directory servers either by allowing through firewalls or security permissions in some setups. The Android application will ask for a few things that you can setup on the script.

Android Application Config
————————–
ScriptURL; The complete url to the hosted the php file. HTTP and HTTPS are supported. HTTPS is recommended, self-signed or other certificates are supported.

ScriptKey; The script key is a shared password that all of the admins use to connect to the script. It is necessary.

Username; A username in active directory to bind with, and do admin functions.

Password; The password of the active directory account username above.

PHP Script Config
—————–
The top of the PHP file contains the configuration variables you will need to set. They are pretty self explanatory. The Script Key and Domain Controller connection information.

The LDAP PHP module must be enabled for the script to work. It is required.

The SSL flag must be enabled (set to true) to change a users password. This is an active directory requirement and the php script will establish an LDAPS connection to Active Directory.

To enable LDAPS your PHP configuration must have SSL support (openssl in Linux) and a working ldap.conf file so that PHP knows how to connect.

/etc/openldap/ldap.conf

HOST mercury.archaicbinary.home
PORT 636
TLS_CACERT /etc/httpd/conf/archaicbinary.cer
TLS_REQCERT allow

HOST is your domain controller.
TLS_CACERT is the .cer file you export from the certificate services server in your AD domain. It must be in Base64 format. You can get this by visiting your certificate services website (http://ca-server/certsrv) and exporting the CA certificate by clicking on ‘Download a CA certificate, certificate chain, or CRL’ -> Encoding method: Base64 -> Download CA Certificate.

Installing and setting up Certificate Services is beyond this article. You can read up on Microsoft or other sites for this information.

If you do not enable SSL, or cannot. You can use all the functions of ActiveDiroid, except changing passwords and creating users, as you need to set a password to create a user.

ActiveDiroid Explain

ActiveDiroid Explain

Linux and Solid State Drives (SSD)

I started using a 120GB SSD myself recently on my desktop. Running ArchLinux.

Just a few sites to help out anyone doing the same.

http://cptl.org/wp/index.php/2010/03/30/tuning-solid-state-drives-in-linux/

https://wiki.archlinux.org/index.php/SSD#Tips_for_Maximizing_SSD_Performance

Kill all processes not root or daemon

for p in $(ps -ef|tail +2|grep -v root|grep -v daemon|awk '{print $2}'); do
  kill -1 ${p}
done

Drop in a KSH script and run anytime you want to send a kill -1 to all processes that are not owned by root or running under daemon.

Close Application VB6 Module

Simple module for your VB6 projects. This will gracefully close any application you specify.

Close Application VB6 Module

Kill Process VB6 Module

Simple module that adds function: killprocess(“name.exe”)

KillProc VB6 Module