Windows/Administration: Difference between revisions

From Omnia
Jump to navigation Jump to search
Line 693: Line 693:
  Autoruns for Windows - Sysinternals | Microsoft Learn
  Autoruns for Windows - Sysinternals | Microsoft Learn
  https://learn.microsoft.com/en-us/sysinternals/downloads/autoruns
  https://learn.microsoft.com/en-us/sysinternals/downloads/autoruns
: "This utility, which has the most comprehensive knowledge of auto-starting locations of any startup monitor, shows you what programs are configured to run during system bootup or login, and when you start various built-in Windows applications like Internet Explorer, Explorer and media players. These programs and drivers include ones in your startup folder, Run, RunOnce, and other Registry keys. Autoruns reports Explorer shell extensions, toolbars, browser helper objects, Winlogon notifications, auto-start services, and much more. Autoruns goes way beyond other autostart utilities."


=== Clean Out Startup Folder ===
=== Clean Out Startup Folder ===

Revision as of 05:06, 2 January 2024

DOS Batch Programming

See Windows/Batch Programming

Windows PowerShell

See Windows PowerShell

Remote Shutdown

The target system needs to not be using "Simple File Sharing" and the firewall needs to allow the connect (todo: what change to firewall?)

From Windows

Shutdown command usage:

Usage: shutdown [-i | -l | -s | -r | -a] [-f] [-m \\computername] [-t xx] [-c "comment"] [-d up:xx:yy]

        No args                 Display this message (same as -?)
        -i                      Display GUI interface, must be the first option
        -l                      Log off (cannot be used with -m option)
        -s                      Shutdown the computer
        -r                      Shutdown and restart the computer
        -a                      Abort a system shutdown
        -m \\computername       Remote computer to shutdown/restart/abort
        -t xx                   Set timeout for shutdown to xx seconds
        -c "comment"            Shutdown comment (maximum of 127 characters)
        -f                      Forces running applications to close without warning
        -d [u][p]:xx:yy         The reason code for the shutdown
                                u is the user code
                                p is a planned shutdown code
                                xx is the major reason code (positive integer less than 256)
                                yy is the minor reason code (positive integer less than 65536)
shutdown -r -t 0 -f -m \\hostname

From Linux

RCP Remote Shutdown from Linux

Example:

net rpc shutdown -r -f -I 216.119.202.100 -U administrator%password
net rpc shutdown -t 60 -r -f -I 216.119.202.100 -U administrator%password
net rpc shutdown -I 216.119.202.100 -U administrator%password
net rpc shutdown -C "some comment" -I 216.119.202.100 -U administrator%password

RPC Shutdown:

RPC SHUTDOWN [-t timeout] [-r] [-f] [-C message]
Shut down the remote server.

-r          Reboot after shutdown. 
-f          Force shutting down all applications. 
-t timeout  Timeout before system will be shut down. An interactive user of the system can use this time to cancel the shutdown. 
-C message  Display the specified message on the screen to announce the shutdown.

Samba: net rpc shutdown not working - Usenet Forums

net rpc shutdown -S <name> -U administrator%password

shutting down a windows box using linux:

net rpc shutdown -r -f -S systemname -I systemip -U Administrator -W domain
net rpc shutdown -r -f -S systemname -I systemip -U Administrator -W systemname


net rpc <command>             to run RPC commands
  -S or --server=<server>       server name
  -I or --ipaddress=<ipaddr>    address of target server
  -w or --workgroup=<wg>        target workgroup or domain
  -W or --myworkgroup=<wg>      client workgroup
  -d or --debuglevel=<level>    debug level (0-10)
  -n or --myname=<name>         client name
  -U or --user=<name>           user name
net rpc shutdown              to shutdown a remote server
  -r or --reboot                request remote server reboot on shutdown
  -f or --force                 request the remote server force its shutdown
  -t or --timeout=<timeout>     number of seconds before shutdown
  -C or --comment=<message>     text message to display on impending shutdown

linux errors

Win7 client on "net shutdown" causes the following error:

Error:

Could not initialise pipe \winreg. Error was NT_STATUS_OBJECT_NAME_NOT_FOUND 

Solution - Win7-EnableAdminShare.reg

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
"LocalAccountTokenFilterPolicy"=dword:00000001

Note: this should take effect immediately, and does not require a reboot!

References:

---

[2014/01/01 10:09:39, 0] utils/net_rpc.c:run_rpc_command(160)
  Could not initialise pipe \winreg. Error was NT_STATUS_OBJECT_NAME_NOT_FOUND

Windows 7 Solution:

  • Turning off User Account Control (UAC) works, but isn't a good option [1]
  • adding this key the shutdown works fine [2] [3] [4]
    • "The reason this doesn’t work is because of UAC (User Account Control) that Vista is (in)famous for. By default Vista doesn’t allow UAC elevation over the network with a local user account. There’s a registry key that we can use to change this behavior to work the same as Windows XP. This will make your computer less secure, and I can’t recommend that you do this… but it’s also good to understand how Windows works. At this point you can map to the C$ share and also perform some other administrative tasks remotely. Note that you will need to enable file sharing in the network and sharing center, and make sure that your firewall settings will allow sharing."
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
 DWORD : LocalAccountTokenFilterPolicy = 1

-

Missing \winreg might mean that the RemoteRegistry service is not running; try using the following commands in Windows: [5]

sc config RemoteRegistry start= auto
sc start RemoteRegistry

There was a other thing to do : my local account, which was in the "Admin group" was not allowed to shutdown remotely. To do it, I needed to activate the user "Administrator"

-

WinXP Solution:

  • Control Panels > Administrative Tools > Local Security Policy > Security Settings > Local Policies > Security Options > "Network Access: Sharing and security model for local accounts" = Classic - local users authenticate as themselves [6]

Version

See Windows Version

Disable Windows Keyboard Key

disable_windows_key.reg:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Keyboard Layout]
"Scancode Map"=hex:00,00,00,00,00,00,00,00,03,00,00,00,00,00,5b,e0,00,00,5c,e0,\
  00,00,00,00

enable_windows_key.reg:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Keyboard Layout]
"Scancode Map"=-

References:

---

"Disable the Windows key" - Extracted Binary.KB216893 from MicrosoftFixit50465.msi

Option Explicit
'On Error Resume Next

Const HKEY_LOCAL_MACHINE = &H80000002
Const strRoot = "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Keyboard Layout"
Const key = "SYSTEM\CurrentControlSet\Control\Keyboard Layout"
Const valueName = "Scancode Map"
Dim value
value = Array(&H00,&H00,&H00,&H00,&H00,&H00,&H00,&H00,&H03,&H00,&H00,&H00,&H00,&H00,&H5B,&HE0,&H00,&H00,&H5C,&HE0,&H00,&H00,&H00,&H00)

Dim Flag
Flag = False
Dim server
server = "."
Dim WshShell : Set WshShell = CreateObject("WScript.shell")
Dim oReg : Set oReg = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & server & "\root\default:StdRegProv")
If Not RegistryItemExists(strRoot) Then
  oReg.CreateKey HKEY_LOCAL_MACHINE, key
End If

oReg.SetBinaryValue HKEY_LOCAL_MACHINE,key,valueName,value

Set WshShell = Nothing
Flag = True

'******************************************************
'function to check if the registry exists
'******************************************************
Function RegistryItemExists (RegistryItem)
  'If there isnt the item when we read it, it will return an error, so we need to resume
  On Error Resume Next
 
  'Find out if we are looking for a key or a value
  If (Right(RegistryItem, 1) = "\") Then
    'It's a registry key we are looking for
    'Try reading the key
    WshShell.RegRead RegistryItem
    'Catch the error
    Select Case Err
      'Error Code 0 = 'success'
      Case 0:
        RegistryItemExists = True
      'This checks for the (Default) value existing (but being blank); as well as key's not existing at all (same error code)
      Case &h80070002:
        'Read the error description, removing the registry key from that description
        ErrDescription = Replace(Err.Description, RegistryItem, "")
 
        'Clear the error
        Err.clear
 
        'Read in a registry entry we know doesn't exist (to create an error description for something that doesnt exist)
        WshShell.RegRead "HKEY_ERROR\"
 
        'The registry key exists if the error description from the HKEY_ERROR RegRead attempt doesn't match the error
        'description from our RegistryKey RegRead attempt
        If (ErrDescription <> Replace(Err.Description, "HKEY_ERROR\", "")) Then
          RegistryItemExists = True
        Else
          RegistryItemExists = False
        End If
      'Any other error code is a failure code
      Case Else:
        RegistryItemExists = False
    End Select
  Else
    'It's a registry value we are looking for
    'Try reading the value
    WshShell.RegRead RegistryItem
 
    'Catch the error
    Select Case Err
      Case 0:
        'Error Code 0 = 'success'
        RegistryItemExists = True
      Case Else
        'Any other error code is a failure code
        RegistryItemExists = False
    End Select
  End If
 
  'Turn error reporting back on
  On Error Goto 0
End Function

'******************************************************
'Function Callback
'******************************************************
Function MyVBScriptCA()

    If (Flag) Then
        'return success
        MyVBScriptCA = 1
    Else
        'return cancel
        MyVBScriptCA = 2
    End If

End Function 

"Enable the Windows key" - Binary.KB216893 extracted from MicrosoftFixit50464.msi

Option Explicit
'On Error Resume Next

Const strRoot = "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Keyboard Layout\Scancode Map"

Dim Flag
Flag = False
Dim WshShell : Set WshShell = CreateObject("WScript.shell")
If RegistryItemExists(strRoot) Then
  Call WshShell.RegDelete(strRoot)
End If
Set WshShell = Nothing
Flag = True

'******************************************************
'function to check if the registry exists
'******************************************************
Function RegistryItemExists (RegistryItem)
  'If there isnt the item when we read it, it will return an error, so we need to resume
  On Error Resume Next
 
  'Find out if we are looking for a key or a value
  If (Right(RegistryItem, 1) = "\") Then
    'It's a registry key we are looking for
    'Try reading the key
    WshShell.RegRead RegistryItem
    'Catch the error
    Select Case Err
      'Error Code 0 = 'success'
      Case 0:
        RegistryItemExists = True
      'This checks for the (Default) value existing (but being blank); as well as key's not existing at all (same error code)
      Case &h80070002:
        'Read the error description, removing the registry key from that description
        ErrDescription = Replace(Err.Description, RegistryItem, "")
 
        'Clear the error
        Err.clear
 
        'Read in a registry entry we know doesn't exist (to create an error description for something that doesnt exist)
        WshShell.RegRead "HKEY_ERROR\"
 
        'The registry key exists if the error description from the HKEY_ERROR RegRead attempt doesn't match the error
        'description from our RegistryKey RegRead attempt
        If (ErrDescription <> Replace(Err.Description, "HKEY_ERROR\", "")) Then
          RegistryItemExists = True
        Else
          RegistryItemExists = False
        End If
      'Any other error code is a failure code
      Case Else:
        RegistryItemExists = False
    End Select
  Else
    'It's a registry value we are looking for
    'Try reading the value
    WshShell.RegRead RegistryItem
 
    'Catch the error
    Select Case Err
      Case 0:
        'Error Code 0 = 'success'
        RegistryItemExists = True
      Case Else
        'Any other error code is a failure code
        RegistryItemExists = False
    End Select
  End If
 
  'Turn error reporting back on
  On Error Goto 0
End Function

'******************************************************
'Function Callback
'******************************************************
Function MyVBScriptCA()

    If (Flag) Then
        'return success
        MyVBScriptCA = 1
    Else
        'return cancel
        MyVBScriptCA = 2
    End If

End Function 

Networking

See Windows Networking

Add Route

route add [NETWORK] mask [MASK] [GATEWAY]
route add 10.0.100.0 mask 255.255.255.0 10.0.0.1

Default Route

Add default route:

route add 0.0.0.0 mask 0.0.0.0 192.168.12.1

Change current default route:

route change 0.0.0.0 mask 0.0.0.0 10.10.10.1

Uptime

See Uptime

netsh

Configuring network settings from command line – LanToolbox - http://lantoolbox.com/articles/netsh-tips-and-tricks-for-network-administrator/

Static IP Address

Here are instructions for setting the IP address from the command line:

Configure TCP/IP from the Command Prompt

view your TCP/IP settings:

netsh interface ip show config

Set static address:

netsh interface ip set address name="Local Area Connection" static 192.168.0.100 255.255.255.0 192.168.0.1 1

Set DHCP:

netsh interface ip set address "Local Area Connection" dhcp

Set DNS:

netsh interface ip set dns "Local Area Connection" static 192.168.0.200
netsh interface ip add dns "Local Area Connection" 192.168.0.300 index=2

Set DNS from DHCP:

netsh interface ip set dns "Local Area Connection" dhcp

firewall

Enable/Disable Windows firewall

netsh firewall set opmode mode=disable

This will disable the Windows Firewall, we could use the following command to enable it:

netsh firewall set opmode mode=enable

Source: http://lantoolbox.com/articles/netsh-tips-and-tricks-for-network-administrator/

MAC

Show adapters:

netsh diag show adapter

Show mac address of first adapter:

netsh diag show adapter 1 | find "MAC"
        MACAddress = 00:50:56:87:43:BF

shortcuts

Shortcuts are windows' version of links:

Shortcut - Create shortcut - http://ss64.com/nt/shortcut.html

shortcut.vbs:

Set oWS = WScript.CreateObject("WScript.Shell")
sLinkFile = "C:\MyShortcut.LNK"
Set oLink = oWS.CreateShortcut(sLinkFile)

oLink.TargetPath = "C:\Program Files\MyApp\MyProgram.EXE"
' oLink.Arguments = ""
' oLink.Description = "MyProgram"
' oLink.HotKey = "ALT+CTRL+F"
' oLink.IconLocation = "C:\Program Files\MyApp\MyProgram.EXE, 2"
' oLink.WindowStyle = "1"
' oLink.WorkingDirectory = "C:\Program Files\MyApp"
oLink.Save

SDelete

Zero empty space

SDelete - http://technet.microsoft.com/en-us/sysinternals/bb897443.aspx

  • Allows you to delete one or more files and/or directories, or to cleanse the free space on a logical disk
sdelete -c [drive]  # 	Clean free space

keywords: wipe clean empty zero delete free space

Control Panel

How to run Control Panel tools by typing a command - http://support.microsoft.com/kb/192806

   Control panel tool             Command
   -----------------------------------------------------------------
   Accessibility Options          control access.cpl
   Add New Hardware               control sysdm.cpl add new hardware
   Add/Remove Programs            control appwiz.cpl
   Date/Time Properties           control timedate.cpl
   Display Properties             control desk.cpl
   FindFast                       control findfast.cpl
   Fonts Folder                   control fonts
   Internet Properties            control inetcpl.cpl
   Joystick Properties            control joy.cpl
   Keyboard Properties            control main.cpl keyboard
   Microsoft Exchange             control mlcfg32.cpl
      (or Windows Messaging)
   Microsoft Mail Post Office     control wgpocpl.cpl
   Modem Properties               control modem.cpl
   Mouse Properties               control main.cpl
   Multimedia Properties          control mmsys.cpl
   Network Properties             control netcpl.cpl
                                  NOTE: In Windows NT 4.0, Network
                                  properties is Ncpa.cpl, not Netcpl.cpl
   Password Properties            control password.cpl
   PC Card                        control main.cpl pc card (PCMCIA)
   Power Management (Windows 95)  control main.cpl power
   Power Management (Windows 98)  control powercfg.cpl
   Printers Folder                control printers
   Regional Settings              control intl.cpl
   Scanners and Cameras           control sticpl.cpl
   Sound Properties               control mmsys.cpl sounds
   System Properties              control sysdm.cpl

Join Domain

There is a support tool called NetDom that can join computers to the domain from the command line.

Netdom.exe utility (included in Windows XP Support Tools)

[ISO]\SUPPORT\TOOLS\SUPPORT.CAB\netdom.exe

Netdom Overview: Networking and Communications

Netdom


Join Domain:

netdom join [hostname] /domain:lab /userd:administrator /passwordd:test12

Remove from domain:

netdom remove [hostname] /domain:lab /userd:administrator /passwordd:test12

SMB Network Shares

Connect to a network server:

net use \\gil /user:guest
net use \\gil\IPC$ /user:guest

List available network shares:

net view \\computername

Connect to a network share:

net use \\computername\sharename /user:username password
net use \\computername\sharename /user:username password /persistent:yes
net use z: \\computername\sharename /user:username password /persistent:yes

Disconnect from a network share:

net use /delete \\computername\sharename

List connected shares:

net use

Net help:

net help view
net help use

User and Group Management

Add/Delete local user:

net user bob /add
net user bob /delete
net user bob /add /fullname:"bob charm" /passwordreq:no /comment:"mums the word" /active:yes
/passwordreq:no  # password required?
/passwordchg:no  # allow password change?

Set password:

net user bob ""  # blank
net user bob "password"  # blank

Have account password never expire:

net accounts /maxpwage:unlimited  # set for all accounts
WMIC USERACCOUNT WHERE "Name='bob'" SET PasswordExpires=FALSE    # windows xp
wmic path Win32_UserAccount WHERE Name='bob' set PasswordExpiries=false    # windows 7

Add local user to administrators group:

net localgroup administrators bob /add
net localgroup administrators bob /delete

Add domain user to local administrators group:

net localgroup administrators ten\app2925 /add
net localgroup administrators ten\app2925 /delete

Change user accounts picture: (48x48, 24 bit color, 96x96 dpi) [7]

C:\Documents and Settings\All Users\Application Data\Microsoft\User Account Pictures\[username].bmp

Rename Hostname

method 1

Rename computer:

Rename Method of the Win32_ComputerSystem Class (Windows) - http://msdn.microsoft.com/en-us/library/aa393056%28VS.85%29.aspx

The following script shows you how to rename a local computer.

Name = "name"
Password = "password"
Username = "username"

Set objWMIService = GetObject("Winmgmts:root\cimv2")

' Call always gets only one Win32_ComputerSystem object.
For Each objComputer in _
    objWMIService.InstancesOf("Win32_ComputerSystem")

        Return = objComputer.rename(Name,Password,Username)
        If Return <> 0 Then
           WScript.Echo "Rename failed. Error = " & Err.Number
        Else
           WScript.Echo "Rename succeeded." & _
               " Reboot for new name to go into effect"
        End If

Next

method 2

How To Use the Netdom.exe Utility to Rename a Computer in Windows XP (on domain)

"This article describes how to use the Netdom.exe utility (included in Windows XP Support Tools) to rename a computer that is a member of a Windows 2000 domain. This procedure can be performed either locally or remotely on the computer, which is being renamed. Also, the procedure does not require you to reset or manually re-create the computer account in the domain. The Netdom.exe utility has the ability to rename a computer that is a member of a domain. However, to rename the computer, you must be able to specify the user accounts that have local administrative permissions and the object of the computer account in Active Directory. "


method 3

http://www.tomshardware.com/forum/26545-45-change-computer-name-command-line-registry:

'Changing computer name for WNT/W2k/WXP with script:

sNewName = "put new name here"

Set oShell = CreateObject ("WSCript.shell" )

sCCS = "HKLM\SYSTEM\CurrentControlSet\"
sTcpipParamsRegPath = sCCS & "Services\Tcpip\Parameters\"
sCompNameRegPath = sCCS & "Control\ComputerName\"

With oShell
.RegDelete sTcpipParamsRegPath & "Hostname"
.RegDelete sTcpipParamsRegPath & "NV Hostname"

.RegWrite sCompNameRegPath & "ComputerName\ComputerName", sNewName
.RegWrite sCompNameRegPath & "ActiveComputerName\ComputerName", sNewName
.RegWrite sTcpipParamsRegPath & "Hostname", sNewName
.RegWrite sTcpipParamsRegPath & "NV Hostname", sNewName
End With ' oShell

MsgBox "Computer name changed, please reboot your computer" 

Add Hostname to My Computer

option explicit

dim objNetwork, objShell, strComputer, objFolder, objFolderItem
Const MY_COMPUTER = &H11&

Set objNetwork = CreateObject("Wscript.Network")
Set objShell = CreateObject("Shell.Application")

strComputer = objNetwork.ComputerName

Set objFolder = objShell.Namespace(MY_COMPUTER)
Set objFolderItem = objFolder.Self
objFolderItem.Name = "My Computer " & strComputer

Source: Thomson Reuters Project 2010

My Local Store Shortcut

batch file:

REM ***My Local Store Shortcut***
md "%userprofile%\Local Store"
c:\windows\system32\shortcut.exe /F:"%USERPROFILE%\Start Menu\Programs\Local Store.lnk" /A:C /T:"%userprofile%\Local Store"

Source: Thomson Reuters Project 2010

Startup Folder

Windows 10 startup folder, start->run:

shell:common startup
# C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
shell:startup
# %appdata%\Microsoft\Windows\Start Menu\Programs\Startup
# C:\Users\[USER]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

Task Manager -> Startup

Registry:

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Computer\HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
# or less likely to exist:
HKCU\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run
Computer\HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Possibly these:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce

Autoruns

To see everything that will autorun with Windows check out the Autoruns tools:

Autoruns for Windows - Sysinternals | Microsoft Learn
https://learn.microsoft.com/en-us/sysinternals/downloads/autoruns
"This utility, which has the most comprehensive knowledge of auto-starting locations of any startup monitor, shows you what programs are configured to run during system bootup or login, and when you start various built-in Windows applications like Internet Explorer, Explorer and media players. These programs and drivers include ones in your startup folder, Run, RunOnce, and other Registry keys. Autoruns reports Explorer shell extensions, toolbars, browser helper objects, Winlogon notifications, auto-start services, and much more. Autoruns goes way beyond other autostart utilities."

Clean Out Startup Folder

-- old folder --

batch file:

REM ***Clean Up***
REM del /F /Q "%USERPROFILE%\Start Menu\Programs\Startup\*.*"

Source: Thomson Reuters Project 2010

Auto Login

How to turn on automatic logon in Windows XP - http://support.microsoft.com/kb/315231

---

Method #2:

control userpasswords2

---

Method #1:

autologin.reg:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"DefaultUserName"="administrator"
"AutoAdminLogon"="1"
"DefaultPassword"="test12"

For domain:

"DefaultUserName"="lab\administrator"

May need:

"DefaultDomainName"="lab"
"ForceAutoLogon"="1"

To add registery:

regedit /s [file].reg

After your computer restarts and Windows XP starts, you can log on automatically.

Add registery file

To add registery silently:

regedit /s [file].reg

see regedit

NOTE: This will silently fail if there are issues!

Which user is logged in

To show the current user (and domain/workgroup):

whoami

Equivalent to Linux which command

The equivalent to 'which' is 'where.exe' [8]

Power Management

Sustainable Computing: Enforce Power Management Settings in your Organization with Group Policy - http://technet.microsoft.com/en-us/magazine/dd252731.aspx

Managing Power with Group Policy: Part 3 of 3 - Ask the Directory Services Team - Site Home - TechNet Blogs - http://blogs.technet.com/b/askds/archive/2008/03/21/managing-power-with-group-policy-part-3-of-3.aspx


How to use Powercfg.exe in Windows Server 2003 - http://support.microsoft.com/kb/324347

powercfg [/list | /query [name] | /create name | /delete name | /setactive name | /change name settings | /hibernate [on|off] | 
  /export name [/file filename] | /import name [/file file_name] | /globalpowerflag [on|off] /option:flag | /?] 


Power Policy Manager unable to set active policy - http://www.pcreview.co.uk/forums/thread-170906.php It works without giving the user full admin rights on the machine

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ControlsFolder\
PowerCfg\GlobalPowerPolicy
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ControlsFolder\
PowerCfg\PowerPolicies

"Adjust for best performance" through command line - MSFN - http://www.msfn.org/board/topic/31999-adjust-for-best-performance-through-command-line/

XP Command Line Visual Effects - MSFN - http://www.msfn.org/board/topic/32623-xp-command-line-visual-effects/

"I have written a small tool to select the Visual Effects Performance Options from the "System Options" control panel through command line.

Written with AutoIt3. The .au3 source code provided."

Windows Services

Start Service:

net start [service]
sc start [service]

List Start Services:

net start

Stop Service:

net stop [service]
sc stop [service]

Query Service State:

sc query [service] | find "STATE"

Delete Service:

sc delete [service]

FAT32

format e: /fs:fat32 /q
format e: /fs:fat32

Note: Microsoft Windows XP limits a FAT32 volume to 32GB it quits formatting when it hits the 32GB mark. [9]

Limitations of the FAT32 File System in Windows XP - http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q314463&

You cannot format a volume larger than 32 gigabytes (GB) in size using the FAT32 file system during the Windows XP installation process. Windows XP can mount and support FAT32 volumes larger than 32 GB (subject to the other limits), but you cannot create a FAT32 volume larger than 32 GB by using the Format tool during Setup. If you need to format a volume that is larger than 32 GB, use the NTFS file system to format it. Another option is to start from a Microsoft Windows 98 or Microsoft Windows Millennium Edition (Me) Startup disk and use the Format tool included on the disk.

Use this tool:

fat32format f:

Ping Info View

PingInfoView - Ping to multiple host names/IP addresses - http://www.nirsoft.net/utils/multiple_ping_tool.html

Download: http://www.nirsoft.net/utils/pinginfoview.zip

soft links

mklink - Creates a symbolic link

Creates a symbolic link.

MKLINK [[/D] | [/H] | [/J]] Link Target

        /D      Creates a directory symbolic link.  Default is a file
                symbolic link.
        /H      Creates a hard link instead of a symbolic link.
        /J      Creates a Directory Junction.
        Link    specifies the new symbolic link name.
        Target  specifies the path (relative or absolute) that the new link
                refers to.

NOTE: cmd must run as administrator

NOTE: symbolic link is the default (/d) for both directories and files

Example:

mklink /d c:\share\music \\server\music

Examples:

C:\test> echo > main

C:\test> mklink copy main
symbolic link created for copy <<===>> main

C:\test> mklink /d copy1 main
symbolic link created for copy1 <<===>> main

C:\test> mklink /h copy2 main
Hardlink created for copy2 <<===>> main

C:\test> mklink /j copy3 main
Junction created for copy3 <<===>> main

C:\test> mkdir maindir

C:\test> mklink copydir maindir
symbolic link created for copydir <<===>> maindir

C:\ltest> mklink /d copydir1 maindir
symbolic link created for copydir1 <<===>> maindir

C:\test> mklink /h copydir2 maindir
Access is denied.

C:\test> mklink /j copydir3 maindir
Junction created for copydir3 <<===>> maindir

C:\test> dir
...
05/05/2013  11:08 AM    <SYMLINK>      copy [main]
05/05/2013  11:08 AM    <SYMLINKD>     copy1 [main]
05/05/2013  11:04 AM                27 copy2
05/05/2013  11:08 AM    <JUNCTION>     copy3 [C:\dev\ltest3\main]
05/05/2013  11:04 AM                27 main

05/05/2013  11:09 AM    <SYMLINK>      copydir [maindir]
05/05/2013  11:09 AM    <SYMLINKD>     copydir1 [maindir]
05/05/2013  11:09 AM    <JUNCTION>     copydir3 [C:\dev\ltest3\maindir]
05/05/2013  11:08 AM    <DIR>          maindir

Delete:

# For links to files:
del linkName
# For links to directories:
rmdir linkName

References:

Mount Folder as Drive Letter

subst - Associates a path with a drive letter

Associates a path with a drive letter.

SUBST [drive1: [drive2:]path]
SUBST drive1: /D

  drive1:        Specifies a virtual drive to which you want to assign a path.
  [drive2:]path  Specifies a physical drive and path you want to assign to
                 a virtual drive.
  /D             Deletes a substituted (virtual) drive.

Type SUBST with no parameters to display a list of current virtual drives.

Lock Computer

Keyboard Shortcut:

[Windows Key] + L

Shortcut Link: (LockMe)

C:\Windows\System32\rundll32.exe user32.dll, LockWorkStation

Icon for shortcut - Paper Airplane

%SystemRoot%\System32\xpsrchvw.exe

References:

Soundcard Loopback Device - Recording Computer Playback on Windows

Tutorial - Recording Computer Playback on Windows - Audacity Manual - http://manual.audacityteam.org/o/man/tutorial_recording_computer_playback_on_windows.html

Please note that only certain sound cards have the "stereo mix" option

  1. Right-click over the Speaker icon by the system clock then choose Recording Devices to open the Recording tab of "Sound".
  2. Right-click anywhere inside the Recording tab and choose "Show disabled devices" then right-click again and choose "Show Disconnected Devices".
  3. Right-click specifically over the input device you want to record with (in this case "Stereo Mix" or whatever alternative you have), and if visible, choose "Enable".
  4. Sometimes it helps to right-click over the "stereo mix" or similar device again and choose "Set as Default Device"

See Audacity

Application Shortcut Key

Right click on application shortcut, select properties, and under the "Shortcut" tab, set the desired "Shortcut key".

NTP Internet Time Sync

Best to add the following as a task that runs on startup:

W32tm.exe /resync /force

Must also set the Windows Time service to auto start


HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\W32Time\TimeProviders\NtpClient\SpecialPollInterval
  default: 93a80

Make Windows synchronize time more often - http://www.pretentiousname.com/timesync/

weekly_time_sync.reg:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\W32Time\TimeProviders\NtpClient]
"SpecialPollInterval"=dword:00093a80

daily_time_sync.reg

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\W32Time\TimeProviders\NtpClient]
"SpecialPollInterval"=dword:00015180

hourly_time_sync.reg

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\W32Time\TimeProviders\NtpClient]
"SpecialPollInterval"=dword:00000E10

target polling server "time.windows.com,7cda83f"

"SpecialPollTimeRemaining"=hex(7):74,00,69,00,6d,00,65,00,2e,00,77,00,69,00,6e,\
  00,64,00,6f,00,77,00,73,00,2e,00,63,00,6f,00,6d,00,2c,00,37,00,63,00,64,00,\
  61,00,38,00,33,00,66,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00

Retrieve Licesne Key

Finding the Windows Key Without Any Software (Advanced Users Only)

productkey.vbs:

Set WshShell = CreateObject("WScript.Shell")
' Protip: If you use CTRL + C when the popup window is active, it will copy the contents of the
'         window to the clipboard, and then you can paste it into Notepad or somewhere else.
' Console option run: cscript productkey.vbs
' MsgBox ConvertToKey(WshShell.RegRead("HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\DigitalProductId"))
wscript.echo( ConvertToKey(WshShell.RegRead("HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\DigitalProductId")) )

Function ConvertToKey(Key)
Const KeyOffset = 52
i = 28
Chars = "BCDFGHJKMPQRTVWXY2346789"
Do
Cur = 0
x = 14
Do
Cur = Cur * 256
Cur = Key(x + KeyOffset) + Cur
Key(x + KeyOffset) = (Cur \ 24) And 255
Cur = Cur Mod 24
x = x -1
Loop While x >= 0
i = i -1
KeyOutput = Mid(Chars, Cur + 1, 1) & KeyOutput
If (((29 - i) Mod 6) = 0) And (i <> -1) Then
i = i -1
KeyOutput = "-" & KeyOutput
End If
Loop While i >= 0
ConvertToKey = KeyOutput
End Function

How to Find Your Lost Windows or Office Product Keys - http://www.howtogeek.com/206329/how-to-find-your-lost-windows-or-office-product-keys/

MSC

msc Shortcuts

compmgmt.msc
Computer Management
eventvwr.msc
Event Viewer
services.msc
Services

Reference: msc Shortcuts - http://www.primemsp.com/content/msc_Shortcuts.aspx

Desktop to Server Comparison

  • Windows 10 ?? Windows Server 2016
  • Windows 8.1 is Windows Server 2012 R2
  • Windows 8 is Windows Server 2012
  • Windows 7 SP2 is Windows Server 2008 R2
  • Windows Vista is Windows Server 2008
  • Windows XP is Windows Server 2003 R2

Command Prompt History

Previous command windows are not stored! Only the current window history can be dumped.

doskey /history > history.txt


the F7 key will show a text gui window where you can select past commands from the current command prompt window.

Enable Remote Desktop by Using an Answer File

Enable Remote Desktop by Using an Answer File - https://msdn.microsoft.com/en-us/windows/hardware/commercialize/manufacture/desktop/enable-remote-desktop-by-using-an-answer-file

keywords