Words about things. Introverted, Geeky, DevOps.

Vulfpeck Live!

Holy heck, these guys are simply amazing. Here's their bandcamp. Their albums are great, but their live performances are just... something else.

I saw them live on Saturday 17th, at the Brooklyn Bowl at the Millenium Dome (O2 something?), and it was absolutely wonderful.

I've been enjoying the live shows posted on YouTube (though a few have now been taken down, sad face). As an aside: I totally understand if someone wants to take down a video of something because they're selling it - but it turns out I can't buy the stream anymore, because they only sold it prior to the event. Hmph.

Anyway, these guys rock, and I could go on for hours about how much I think so.

SysInternals Updater

I was just running a delightful batch script written by Jason Faulkner to update my SysInternals tools directory.

Sysinternals Updater

It was taking forever! At least 2 seconds per tool (regardless of state), and a huge chunk of time to download the current tool list. It seems to download everything, regardless of whether or not it's up-to-date.

I thought it may be far quicker in PowerShell with some more up to date methods, so I sketched this out. It's far less robust (won't attempt to kill processes if they're in use), as I actually don't want that functionality.

function Update-SysInternalsTools {
    begin {
        $localTools  = Get-ChildItem $localDirectory -Filter *.exe
        $onlineTools = Get-ChildItem '\\live.sysinternals.com\tools' -Filter *.exe
    process {
        foreach ($tool in $localTools) {
            if ($tool.LastWriteTime -lt ($online = $onlineTools | ?{$_.Name -eq $tool.Name}).LastWriteTime) {
                Write-Verbose "[$($tool.Name)] requires updating..."
                try {
                    Invoke-WebRequest -Uri $online.FullName -OutFile $tool.FullName -ErrorAction Stop
                catch {
                    Write-Warning "$($tool.Name) failed to update."

if ($MyInvocation.InvocationName -NE '.') {Update-SysInternalsTools}

I'll probably update the script shortly with kill-process-and-restart as an option (as well as a "download everything" argument, as it currently only updates tools that are present), but it seems to get through the listing far faster.

It's also currently just comparing LastWriteTime - it could actually grab the VersionInfo/FileVersion with Get-ItemProperty, but I thought that might add a very large chunk of (fairly unnecessary) delay. Will have to test it.

Google Chrome allows Tab-by-Tab muting

Was just going to re-enable NPAPI plugins in Chrome, and I found this:


Now that's cool! Slightly weirdly, I love exploring the about:flags page in Chrome (Canary, or otherwise) and finding things in various stages of development - and I always loved the functionality that allowed you to see which tab was playing audio.

On hover:
Context Menu:

Active Directory - Storing Bitlocker Recovery Info

A recent quick project was to enable storage of Bitlocker recovery data within Active Directory, instead of our moderately secure encrypted drive of text-files.

This is actually a really easy process (assuming you only have Windows 7 / 2008R2 and up on the domain), only needing to make a few adjustments to ACLs on ADComputer objects (allowing Computers to write to their own objects).

The Technet article describing this, along with the more convoluted method involved in sorting this out for anything below 2008R2 is here: Backing Up BitLocker and TPM Recovery Information to AD DS

Unfortunately, it's a bit of a hassle (very minor hassle, anyway) to load up ADSIEdit.msc, and navigate around to the correct object every time you want to retrieve a key... so I wrote a quick Powershell script to replace the VBScript linked in the above article.


function Get-BitlockerRecovery($Computers, $Credential) {
    $report = @()

    foreach ($Computer in $Computers) {
    $objects = Get-ADObject -Filter * -SearchBase (Get-ADComputer $Computer).DistinguishedName -Credential $Credential -Properties * | Where -Property ObjectClass -eq msFVE-RecoveryInformation

    foreach ($key in $objects) {
        $keyInfo = "" | Select Computer, RecoveryID, RecoveryPassword
        $keyInfo.Computer = $Computer
        $key.Name -match ".*\{(.*)\}" | Out-Null
        $keyInfo.RecoveryID = $matches[1]
        $keyInfo.RecoveryPassword = $key."msFVE-RecoveryPassword"

        $report += $keyInfo
    return $report

Get-BitlockerRecovery -Computers $Computers -Credential $Credential

I'm sure there's probably a nicer way to do it, and that this could be compressed down to three lines or so - but I think that's quite legible.

Sunday Bike-Ride (08/06/14)

Nice ride! Managed to miss my Dad at Gransden, Orwell, and Barrington, but otherwise lovely.
Also to note: The Royal Oak in Barrington stops serving drinks at 15:00. What the what!?