Access-based Enumeration

Posted on May 6, 2008 by James Rudd

A great new feature in Windows Server 2003 is Access-based Enumeration (ABE).

What ABE does is hide any file or folder that a user does not have access to. So for example the folder where you store all your users home drives, would usually appear jam packed with folders, most of which would return an Access Denied error. However, with ABE installed users would only see the folders they have access to, usually their own.

This is great especially if you are coming from a Novell background where this is the standard behaviour. It is also very useful in a school situation to keep the students from seeing things they shouldn’t.

To use ABE you need to download the management tools from Microsoft ABE Management Tools, then after installation either enable it on all shares or bring up properties and manually add it to shares.

A better description and walk through is available WindowsNetworking: Implementing Access-Based Enumeration in Windows Server 2003 R2

Links in this post:

Posted in Active Directory, Windows | Tagged , , , , , , , , , , , | Leave a comment

Notepad++

Posted on April 24, 2008 by James Rudd

Notepad++ is a freeware text editor that has a wide range of great features.

I use it for nearly all my text based programming (PHP, HTML, CSS, CMD, JS, etc), for editing configuration files and reading Linux text files (i.e. only LF no CR).

It has replaced my previous one, ConTEXT, as my primary editor.

  • It has a tabbed interface which makes it easy to work on multiple files
  • good syntax highlighting for a wide range of languages
  • good regular expression find and replace, as well as find in files in a directory
  • can change shortcut keys
  • does manually indenting but to my knowledge does not auto-indent.

It used to be even better, but most recent version does not include the HexEditor plugin from previous releases (although it does appear to still work if it is installed).
The Hex Editor is now available as a plugin for the Unicode version.

Overall a great freeware application.

Available from Source forge: Notepad++

Posted in Utilities | Tagged , , , , , , , , , | 4 Comments

Local Intranet Problems with Internet Explorer 7 and Novell

Posted on January 1, 2008 by James Rudd

Open File - Security Warning When you install Internet Explorer 7 (IE7) on Windows XP or Windows Server 2003 it may display a security warning when you access applications and files stored on Novell drive mappings if it does not consider them part of your local intranet.
It may also prevent MS Access from opening databases from the network as they are considered a security threat.

To see if your mapped drive is considered as either Internet or Local Intranet: first make sure Status Bar is on (View -> Status Bar), then browse to a sub folder of drive and look in lower right hand corner. Zone Internet or Zone Intranet

Testing Security Settings or Configure for Individual PC

  1. Open the “Internet Options” control panel
  2. Click Security Tab, Local Intranet, Sites
  3. Untick Automatically detect intranet network then tick Include all local (intranet) sites not listed in other zones and Include all network paths (UNC). Local Intranet Detection settingsI find these are the minimum required. However I find these still occasionally don’t work so I add the server names and server IP range to intranet list.
  4. Click Advanced and add the names and IPs of your servers. This should be in form MyServer, and IP ranges as 10.1.1.2-10.Local Intranet Add Sites to Zone
  5. Browse to network location and check if Explorer shows Local Intranet in lower right of screen.
    Check if files and applications now open without requiring verification.

Deploying Settings using Group Policies

If performing the above has fixed the problem you probably need to deploy these settings to all users, which can be done using Group Policies.

  1. Open the Group Policy for machines affected (this may just be local GPEdit.msc on a terminal server or the Zenworks Workstation Policy in ConsoleOne).
  2. Make sure the IE7 version of inetres.adm is loaded (~2.3MB). If not it can be download from MS IE7 ADM.
  3. Go to Computer Configuration -> Windows Components -> Internet Explorer -> Internet Control Panel -> Security Page and set the following:
    • Site to Zone Assignment List:Group Policy Zone Assignments
      Add your server names with a value of 1 to list.
      You can add your server IP range with name “10.x.y.1-30” and value of 1.
      You may want to add the Windows Update entries with a value of 2.

      http://*.windowsupdate.microsoft.com
http://windowsupdate.microsoft.com
*.windowsupdate.com
update.microsoft.com
    • Note: Adding items to the Zone Assignment List prevents desktop users adding trusted sites themselves.
    • Disable Turn on Automatic detection of intranet as this only works with Active Directory.
    • Enable Include all local (intranet) sites not listed in other zones and Include all network paths (UNC)
  4. Exit Group Policy editor

Other resources:

Posted in Novell, Windows | Tagged , , , , , , , | Leave a comment

Some useful Moodle SQL Queries

Posted on December 15, 2007 by James Rudd

I occasionally use the following SQL statements to clean-up our Moodle system and identify old courses. I recommend backing up your database before using any and knowing enough SQL to understand what they are doing before running them. I usually use phpMyAdmin for execution and export, but use what ever works best for you.

Find Empty Moodle Courses

If you use an auto-enrolment module you will often find you have lots of courses created that are never used. We have used the LDAP and Database enrolment before and both have created large numbers of courses. Some are not used by teachers,others are just used as child courses for year wide meta courses. Either way at the end of the year you may wish to identify any class that hasn’t been used. (Perhaps to delete using the Bulk Deletion options).

No Content

Following SQL code I’ve written will generate a list containing a sum of most of the resources and activities a course has, allowing you to quickly identify those with little to no content. It bases this count on having no labels, resources, assignments, etc.

SELECT m.id, m.`shortname` , m.fullname, cCount.totalcount
FROM mdl_course m
LEFT JOIN (

SELECT courseCount.course, sum( courseCount.subcount ) AS totalcount
FROM (

SELECT course, count( * ) AS subcount
FROM mdl_resource
GROUP BY course
UNION ALL SELECT course, count( * ) AS subcount
FROM mdl_quiz
GROUP BY course
UNION ALL SELECT course, count( * ) AS subcount
FROM mdl_assignment
GROUP BY course
UNION ALL SELECT course, count( * ) AS subcount
FROM mdl_survey
GROUP BY course
UNION ALL SELECT course, count( * ) AS subcount
FROM mdl_label
GROUP BY course
UNION ALL SELECT course, count( * ) AS subcount
FROM mdl_glossary
GROUP BY course
UNION ALL SELECT course, count( * ) AS subcount
FROM mdl_homework
GROUP BY course
UNION ALL SELECT course, count( * ) AS subcount
FROM mdl_wiki
GROUP BY course
) AS courseCount
GROUP BY courseCount.course
) AS cCount ON cCount.course = m.id

You may need to edit above code if you do not have an activity installed (eg homework).

No Users

The following code generates a list of all your courses together with how many students are enrolled in each. Useful to find out if you have any courses with no one enrolled.


SELECT cr.shortname, cr.fullname, count( ra.id ) AS enrolled
FROM `mdl_course` cr
JOIN `mdl_context` ct ON ( ct.instanceid = cr.id )
LEFT JOIN `mdl_role_assignments` ra ON ( ra.contextid = ct.id )
WHERE ct.contextlevel =50
GROUP BY cr.shortname, cr.fullname
ORDER BY `enrolled` ASC

You can export either of the above queries into Excel and manipulate it from there. Order by the counts then copy the short names’ of courses to delete, paste into a text file and upload to the Bulk Course Deletion addon. Goodbye excess courses.

Data Cleanup: Roles without Users

Sometimes when a user gets deleted Moodle doesn’t clean up after it self as well as it should. The following code will list all the rows in your role assignments table that no longer match to a user:

SELECT *
FROM `mdl_role_assignments`
WHERE `userid` NOT
IN (
SELECT id
FROM mdl_user
)

If you wish to the delete all of these just run following. As always make sure you have a good backup before deleting anything from DB.

DELETE
FROM `mdl_role_assignments`
WHERE `userid` NOT
IN (
SELECT id
FROM mdl_user
)
Posted in Moodle | Tagged , , , , , | 6 Comments