ASCI Fun with Mikrotik Terminal Banner

To edit Mikrotik Terminal Welcome Banner, Open Terminal & Issue following command,

/system note edit note

Now Design your graphics / or add texts of your choice, or paste your already copied data in this terminal window.

After Done, Press CTRL+O , & it will save/exit.

Now open Terminal again, and this time you will see your MOTD/Banner smiling 🙂

More Info here …

24.915149 67.006464

PAKRAD – Reseller,Dealer & Sub-Dealer base ISP Billing System

“PAK~Radius” is a customized billing system designed for mid-large scale ISP’s. It’s powered by Linux (Ubuntu) using Freeradius v 3.x & Dynamic & responsive GUI panel coded in PHP 7.x . It’s developed to cater local desi market requirements.

It’s built on concept where ISP have Super Admin > Admin / Reseller / Dealer & Sub-Dealer base franchise / clientele. This system is continuously under development & new features / enhancements and improvements are being made on a regular basis.

---

Workflow ….

• It’s a cash base system, (cards options not available)
• on TOP, ISP have the Super Admin account , this account assign services with desired rates to the ADMIN account
• ADMIN account cannot create users directly, Admin first creates reseller , assign him some services with desired rates, & transfer desired amount in the reseller wallet/account,
• Reseller cannot create users directly, Reseller first creates Dealer, assign him some services with desired rates, & transfer some amount in the dealer wallet/account,
• Dealer can create his users upto the limit of his wallet/account, Dealer can also create his sub dealer and assign him required services and assign there rates to his sub-dealer.

Some screenshots …

---

---

Some major Features …

• Dynamic , responsive & appealing web design (advance responsive PHP designing)
• Just one time license cost & you get Lifetime license (PHP code is encrypted)
• Unlimited number of users / NAS support
• Generalized information on front panel for each manager, a glance window 
• Specially customized designed for local Internet Cable Services providers , with TO THE POINT options only, no hankies pankies
• Purely Designed as a Reseller base system, Example – Admin > Reseller > Dealer / Sub-dealer 
• Profit calculation for view purposes
• Free ID’s assignment for dealer for there Test purposes  *under process*
• Different services rates assignment for different re-sellers / dealers / sub-dealers
• Each Manager can view there dealer/sub-dealer billing easily. Good Financial modules for tracking all sort of transactions for dealer / sub-dealers
• Cash base system for reseller/dealer/sub-dealer charging
• `Get Back Cash` System to pull back cash sent to the managers
• Dynamic day & night bandwidth configuration available , compatible with all version of mikrotik routers
• Quota base packages configuration available *under process*
• Prevention of user DELETE action to prevent any misuse, user can be disabled only!
• Users unsuccessful dialing attempts for each manager
• Users connecting devices information recorded in user table , example tplink/tenda etc
• Reports for Package wise consumption
• Good reporting section for Users usage reports / / User charges reports (User usage Graphs base option *under process*)
• Record last login information
• Email/SMS Alerts for various actions & multiple users email/sms alert example expiry / renewal / general notification sending to active users etc [currently its being done via bash scripts, but soon they will be added in GUI]
• Strong Bug Free Back-end design, capable of connecting thousands of users in just few seconds ! 

~ Years of experiences compiled in one single package ~

Many other features added based on local operators feedback to suite local market requirements !

---

Demo link: 

• http://pakrad.galaxy.net.pk:8181
  Credentials  ….
• superadmin/superadmin
• admin/admin
• reseller/reseller
• reseller2/reseller2
• dealer/dealer
• dealer2/dealer2
• subdealer/subdealer

---

Regard’s
Syed Jahanzaib 

24.918426 67.004826

Tracking Account Lockout Source in Active Directory

Following are some short reference notes to MYSelf on how to trace account lockout in active directory environment’. An audit policy must be set on all computers and domain controllers.

Scenario:

We are running two domain controller and some times account lock out issue appears at user end. To trace which workstation is the fault point we use different methods to sort it.

---

1# Examine Domain Controllers Event Viewer

open Event Viewer on the DC, and goto Security tab, right click and select Filter Current Log, in <All Event ID> type 4740 & hit Ok. and you will see details for the offending account/workstation.

---

2# Use Powershell Scripts

2a) Trace offending account/workstations using single liner PS cmd …

You can also use powershell to get event log information for account lockouts events …

Get-Eventlog –ComputerName ([System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain()).FindDomainController() “Security” -InstanceID “4740” -Message *”USERNAME”* | Format-List Timegenerated, Message

Result:

TimeGenerated : 10/2/2018 9:37:34 AM
Message : A user account was locked out.
Subject:
Security ID: S-1-5-18
Account Name: DC01$
Account Domain: MYDOMAIN
Logon ID: 0x3e7
Account That Was Locked Out:
Security ID: S-1-5-21-664357565-1371172752-1124750213-14855
Account Name: testid
Additional Information:
Caller Computer Name: UNKNOWN-PC

2.b#) PS Script to fetch information from all DC

Read following guide

Using Powershell to Trace the Source of Account Lockouts in Active Directory

in privilege powershell command prompt, create new script as below …

#script written by Alexandre Almeida
# for get user Account Lockout Host name, or ENTER to get all list
$username = Read-Host "Please Enter the Locked User Name: "

$DCCounter = 0
$LockedOutStats = @()

Try
{
Import-Module ActiveDirectory -ErrorAction Stop
}
Catch
{
Write-Warning $_
Break
}

#Get all domain controllers in domain
$DomainControllers = Get-ADDomainController -Filter *
$PDCEmulator = ($DomainControllers | Where-Object {$_.OperationMasterRoles -contains "PDCEmulator"})

Write-Verbose "Finding the domain controllers in the domain"
Foreach($DC in $DomainControllers)
{
# $DCCounter++
# Write-Progress -Activity "Contacting DCs for lockout info" -Status "Querying $($DC.Hostname)" -PercentComplete (($DCCounter/$DomainControllers.Count) * 100)
Write-Verbose "Finding the Which domain controllers Authenticate the Password"
Try
{
$UserInfo = Get-ADUser -Identity $username -Server $DC.Hostname -Properties LastLogonDate -ErrorAction Stop
Write-Verbose "Bad Password Attempt count collected"
}
Catch
{
# Write-Warning $_
Continue
}
If($UserInfo.LastBadPasswordAttempt)
{
$LockedOutStats += New-Object -TypeName PSObject -Property @{
Name = $UserInfo.SamAccountName
SID = $UserInfo.SID.Value
LockedOut = $UserInfo.LockedOut
BadPwdCount = $UserInfo.BadPwdCount
BadPasswordTime = $UserInfo.BadPasswordTime
DomainController = $DC.Hostname
AccountLockoutTime = $UserInfo.AccountLockoutTime
LastLogonDate = ($UserInfo.LastLogonDate).ToLocalTime()
}
}#end if
}#end foreach DCs
$LockedOutStats | Format-Table -Property Name,LockedOut,DomainController,BadPwdCount,AccountLockoutTime,LastBadPasswordAttempt -AutoSize

#Get User Info
Try
{
Write-Verbose "Querying event log on $($PDCEmulator.HostName)"
Write-Verbose "Collecting Event Log"
$LockedOutEvents = Get-WinEvent -ComputerName $PDCEmulator.HostName -FilterHashtable @{LogName='Security';Id=4740} -ErrorAction Stop | Sort-Object -Property TimeCreated -Descending
}
Catch
{
Write-Warning $_
Continue
}#end catch

Foreach($Event in $LockedOutEvents)
{
If($Event | Where {$_.Properties[2].value -match $UserInfo.SID.Value})
{

$Event | Select-Object -Property @(
@{Label = 'User'; Expression = {$_.Properties[0].Value}}
@{Label = 'DomainController'; Expression = {$_.MachineName}}
@{Label = 'EventId'; Expression = {$_.Id}}
@{Label = 'LockedOutTimeStamp'; Expression = {$_.TimeCreated}}
@{Label = 'Message'; Expression = {$_.Message -split "`r" | Select -First 1}}
@{Label = 'LockedOutLocation'; Expression = {$_.Properties[1].Value}}
)
Write-host $_.MachineName

}#end ifevent

}#end foreach lockedout event
Write-Verbose "Collected Details Update in the Text File. Please find the Text file for More Details"

echo "Cache Profile Removal Steps
1) Open Control Panel > Credential Manager > Remove all Saved Password.
2) Remove passwords by clicking on Start => Run => type (rundll32.exe keymgr.dll KRShowKeyMgr) without quotes and then delete the Domain-related passwords;
3) Remove passwords in Internet Explorer => Tools => Internet Options =>Content => Personal Information => Auto Complete => Clear Passwords;
4) Delete cookies in Internet Explorer => Tools => Internet Options =>General;
5) Disconnect (note the path before disconnecting) all networks drives, reboot, then map them again;
6) Start -> run ->type control userpasswords2 without quotes and go to advanced -> Manage passwords and remove all the stored passwords.
7) Reconfigure Your mobile Setting if your Active sync enabled.
8) Check if any saved or scheduled task is configured for user account

Microsoft Kwoledge Bytes Link for Cache profile Removal Steps:

https://social.technet.microsoft.com/Forums/windows/en-US/ced8eab6-87e2-4d20-9d18-7aaf5e9713a3/windows-7-clear-cached-credentials"

Result:

PS C:\temp> .\test2.ps1
Please Enter the Locked User Name: : testid

User : testid
DomainController : DC01.MYDOMAIN
EventId : 4740
LockedOutTimeStamp : 10/2/2018 9:54:35 AM
Message : A user account was locked out.
LockedOutLocation : UNKNOWN-PC

---

3) More Information:

https://activedirectorypro.com/account-lockout-tool/

https://blogs.technet.microsoft.com/heyscriptingguy/2011/08/31/use-powershell-to-find-locked-out-user-accounts/

Email Account Lockout
https://community.spiceworks.com/how_to/11824-email-account-lock-out-notification