Posts

Showing posts with the label CMD

Wanna disable SMBv1 to stop WannaCry

Link from Technet why SMBv1 should be disabled:

STOP using SMBv1

Link below shows how to to check whether SMBV1 is enabled and how to disable SMBV1:

How to disable SMBv1? - How to check if SMBv1 is enabled?


PowerShell codes below is from the link above:

Windows 8 and Windows Server 2012

To check whether SMB1 and SMB2 are enabled:

Get-SmbServerConfiguration | Select EnableSMB1Protocol, EnableSMB2Protocol

To disable SMBv1 on the SMB server, run the following cmdlet:

Set-SmbServerConfiguration -EnableSMB1Protocol $false

=====================

Windows 7, Windows Server 2008 R2, Windows Vista, and Windows Server 2008

Requires Windows PowerShell 2.0 or a later version of PowerShell

To disable SMBv1 on the SMB server, run the following cmdlet:

Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" SMB1 -Type DWORD -Value 0 -Force

Or if you're not comfortable using PowerShell just open registry editor and do it manually.

PowerShell is quite straight forw…

How to insert landscape orientation in Word?

Image
If you are writing a thesis, a report or an article that you need to insert a landscape layout in a specific page in Word document but your orientation all long is portrait and changing the orientation causes the whole layout to change.
Inserting landscape in a specific page in a word document can be done by inserting section breaks. Let’s just make a basic example.
Let’s say you have 3 page document and you want that first page in Portrait mode, second page in landscape and third page in portrait layout also.
First, click on “home” tab, click the “show/hide paragraph marks” option or see the icon below. Enabling this option the section breaks, spaces and tabs will be visible. But what we are interested is to see the “section breaks”.


In the first page position the cursor on the last area at the bottom of the page.
In Word 2010, click on “page layout” in the ribbon tab. Click on “breaks” and select “next page”. In the second page, position also the cursor at the middle or bottom of t…

Svchost process in task manager

Svchost.exe contains generic host processes.

If the svchost.exe is accidentally close or intentionally close, then the system might crash or shutdown.

There are times that svchost.exe does consume quite a lot of resources and eats up the memory on the system. Thus, it's quite tempting to close or kill the process.

To kill or close a process forcefully via command line can be done using taskkill command plus the process id.

Ex: Taskkill /pid 1234

How to know exactly which service or process the svchost is running?

To check the pid and the process that svchost is running, type:

tasklist /svc

Tasklist /svc command will display the image name, pid and the services.

Output example for tasklist /svc command:

svchost.exe                   1172 EventSystem, fdPHost, FontCache, netprofm,
                                   nsi, W32Time, WdiServiceHost
svchost.exe                   1200 Appinfo, BITS, Browser, CertPropSvc,
                                   EapHost, IKEEXT, iphlpsvc, LanmanSe…

Domain Computer takes a long time to login

Login process should be quick and fast, so every user will be happy and start the day smoothly.
But not every day is a new year’s day and there are times that things will just go south and some issues will surface.
Enabling verbose login in local group policy will definitely help to troubleshoot which part of the login process the system halts and takes a long time to process.
Folder redirection for some reason will cause an issue that will take time to load the desktop or causes a login issue.
There are quite a lot of reasons why a GPO takes time to process, and causes login issue.
But if a computer or workstation has been working fine and all of a sudden gives a logon issue; no changes has been made on the server or GPO. Then an issue could occur at the workstation or client side.
One solution that might work on this kind of scenario is to open an elevated command prompt and issue this command on the problematic user computer:
Netsh winsock reset

Normally, the command above is issue…

Map drive not working

Mapping drive can be set in different ways,  via group policy, using scripting (PowerShell, Vbscript, Jscript) or it can be set via command line.
Setting script via command line can be done easily using ”net” command, like the example below. The example below shows the syntax on how to map a drive or folder.

net use ?
The syntax of this command is:
NET USE [devicename | *] [\\computername\sharename[\volume] [password | *]]         [/USER:[domainname\]username]         [/USER:[dotted domain name\]username]         [/USER:[username@dotted domain name]         [/SMARTCARD]         [/SAVECRED]         [[/DELETE] | [/PERSISTENT:{YES | NO}]]
NET USE {devicename | *} [password | *] /HOME
NET USE [/PERSISTENT:{YES | NO}]
Example:
Net use \\AD_Server\Working_folder  Z:
The command will map “Working_folder” to drive Z on the client PC.
The above command will not need a password  if run as a batch file and deploy as a logon script via group policy.
To delete the mapped drive : net use Z: /delete

Active Directory GPO apply to forest

How to apply GPO to whole forest?

1. Open GPMC (Group Policy Management Console) and create a GPO for a single domain.

2. Link the GPO to other domains in the forest.
   Right click each domain and select "Link an Existing GPO Here" then select the GPO that will be applied to all domains in the forest.

3. If everything works fine, then you're a lucky man.


Before rolling out a GPO create a test Organizational Unit and create Active Directory user accounts for test purposes.

Then apply the GPO to the OU.

If it works properly then there's a good chance that it will work smoothly to all users but it's not a guarantee that it will work correctly to all users.

If the GPO is critically needed to be applied to all users and testing works okay, roll out the GPO and troubleshoot issues that may occur.

If no problem arises, then drink a cup of coffee and consider yourself "lucky".

If the GPO is not yet tested and you are not sure whether it will havoc the Active Directory …

Shutdown or reboot computers with user abort option in Windows

Delete Directories with Wildcards using rd or rmdir

Deleting files in command prompt using wildcards is quite straight forward.
Command below will delete all text (".txt") files on the specified path.
Del D:\txtlog\*.txt
Command above will delete all files with ".txt" extension in d:\txtlog directory.
Easy enough to delete all matching files.
Using the same method with rmdir or rd command this will not work.

For example, if we have a directory on d drive that is auto-generated by an application and the filename is consistent with a pattern plus incrementing number at the end to differentiate the folder from other folders.

   D:\baklogs\log1\    D:\baklogs\log2\    D:\baklogs\log3\    Etc..    D:\baklogs\log100\

The folder name has a consistent pattern that is preceded by the word “log” plus incrementing number.
If the command below is executed to remove the directories in one go, an error is shown which has this message: "The filename, directory name, or volume label syntax is incorrect."
rmdir D:\baklogs\…

Disconnect Remote Desktop from command line

How to kill remote desktop sessions from the command line?
How to close RDC sessions from the command line?
One solution is to use batch file scripting or use PowerShell.
For old timers batch file might be the preferred solution because you don't need to install anything, it  comes in handy with the native command prompt.
Of course, PowerShell is also one of the best solutions; provided the environment is PowerShell ready.
The method used below utilizes batch file or the command prompt, just like the good old DOS environment of yesterday.
Command below can be run directly from the command prompt.
To use batch file scripting open notepad and save the file with ".bat"  file extension. Once saved as a batch file, the script is ready for automation with the help of Task Scheduler.
Here's the command:
for /f "tokens=2,5" %a in ('netstat -ano ^| find "3389"') do echo %a & tskill %b /v
For folks who just started to embark in batch file world,…

Check Domain Name, DHCP and IP Address