- update-help
- get-help -name about*
- get-variable
- get-command -verb
- get-command -noun
- $psversiontable.psversion
- $null - can be assigned to and assigned from
- $var.gettype().name
- get-member -inputobject $variable
- $var = @('one','two') - array variable
- $var = @{ test1=1; test2='here' } - hash table
- get-content -path $filepath - can be used to pipe entries (piped as objects)
- get-help -name get-service -full - for details and examples
Thursday, June 24. 2021
PowerShell Notes To Self
Tuesday, May 22. 2018
Feature update to Windows 10, version 1607 - error code 0xC190020E
When upgrading Windows 10 on a small HP Stream with limited drive space, I get an error code 0xC190020E.
Here are some steps to possibly get past this obstacle:
- Bring up task manager (ctrl-alt-del). Kill the windows update application.
- Bring up task manager (ctrl-alt-del). Switch over to the services tab. Stop the 'wuauserv' service.
- In control panel - programs and services - delete the windows update program
- Using file manager, delete c:\windows\SoftwareDistribution
- Using file manager, delete c:\Windows10Upgrade
- Right click the trash bin and empty the contents
- Connect a large USB drive, 10G or more, identify drive letter (probably d:)
- Start cmd.exe in administrator mode, run these commands:
- mkdir d:\microsoft
- mkdir d:\microsoft\updates
- mkdir d:\microsoft\upgrades
- mklink /j c:\windows\SoftwareDistribution d:\microsoft\updates
- mklink /j c:\Windows10Upgrade d:\microsoft\upgrades
- start microsoft update
- it should start to use the USB drive for files. you will need at least 8G free on the c: drive for the process.
- hopefully the upgrade process works for you, it did for me
Sunday, November 13. 2016
Disable Windows 10 Login Background
- Run regedit.
- In Registry Editor, go to following key: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System
- In right-side pane, create new DWORD DisableLogonBackgroundImage and set its value to 1.
- Restart your computer and it'll remove the background image from login screen.
If you want to restore Login Screen background image in future, delete the DWORD DisableLogonBackgroundImage.
From How To Change Sign-in/Login Screen Background Picture In Windows 10
Pictures are located in C:\Windows\Web\Screen
One other setting: Settings -> Ease of Access -> Other Options -> Show Windows Background -> Off
Wednesday, September 9. 2015
Windows Machine Inventory/Upgrades/Downgrades
I was always under the impression that once you installed Windows, put in the key, and then if the label or key information is lost, you'd never be able to get it back. And sometimes computers come with Windows installed, but the license key is no where to be found.
It is nice to be proven wrong. I came across an article called How to download the last three versions of Windows officially at no cost.
A utility called the Belarc Advisor - Free Personal PC Audit can be used, among other things, to recover the original license key used to register the system. This can then be used to re-install the system.
The advisor creates a local file which can be viewed in you web browser. Information is not transferred over the internet. Information sections provided by the software include: Operating System, System Model, Processor, Main Circuit Board, Drives, Memory Modules, Users, Display, Bus Adapters, MultiMedia, Virus Protection, Communications (network cards), Other Devices, Network Map, License Keys, and a Software Version List.
The manufacturer's recovery solution can be used, or for recent versions of windows, .iso files can be downloaded from Microsoft. There are some caveats, some of which are listed in the comments of the article to which I linked earlier.
These are the downloads:
Tuesday, August 5. 2014
Interesting Boot Drive Utilities
I'm currently working on getting some Supermicro X8DTT blades upgraded on their BIOS, LSI Raid, IPMI firmware sets.
IPMI was the first thing to be tackled. The existing version, 2.x something, just would not communicate with the LAN. The support people suggested performing a manual upgrade. So, the next question, is how to build a bootable flash drive?
That turned out to be quite easy. Rufus creates "Create bootable USB drives the easy way". It comes with FreeDOS as part of the toolset. Simple. Choose an external USB drive, and install. Then copy over the necessary BIOS burning utilities. Then boot the target machine with the USB drive.
The only draw back with Rufus, is that it requires an external, physical USB drive. It won't create an on disk .iso or .img file. This would be so convenient.
It becomes a bit more challenging to create an on-disk .iso file. The solution comes from CrashMAG.
From FREEDOS Ripcord BootDisk, download FDOEMCD.builder.zip. Unzip to your local drive. It will create a directory structure startingwith FDOEMCD, and will have a sub-directory called CDROOT. This is where the various flash utilities will go.
If running a 32 bit operating system, you should be able to run mkisofs.exe to create an iso. For 64 bit operating systems, go to smithii.com/cdrtools and download cdrtools-latest.zip. From this archive, extract 'mkisofs.exe' and 'cygwin1.dll' and put them into the FDOEMCD directory, over-writing the existing mkisofs.exe file.
After the CDROOT drive is populated with the necessary files, mkisofs.exe can be executed. This will create an .iso file in the FDOEMCD directory ready for remote mounting via IPMA or ILO clients.
Another interesting utility is WinImage. Given an existing image file, this can be used to add and subtract file from it. But you already need an existing image.
I came across ultimatebootcd but havn't really evaluated it.
Free Boot Disks has a list of free boot disks to be downloaded.
Ltr Data has a bunch of interesting utilities. By far the most interesting, for this moment, is ImDisk Virtual Disk Driver. It beats Daemon Tools hands-down. Not only will it open and mount existing images, but empty pre-allocated files in a folder can be created. The file can be mounted, formatted, and then files placed into it. Very light weight and quick. Raymond P. Burkholder in MS Windows at 19:51 | Comments (0)
Monday, May 7. 2007
Security Enhancements for Remote Access at Microsoft
Here is a link to a paper that has a bunch of useful stuff in it regarding Microsoft VPN's, IAS (Internet Authentication Server), security scripting, and Windows 2003 based Remote Access Infrastructure: Security Enhancements for Remote Access at Microsoft: Technical White Paper
User Certficate Auto Enrollment
With my 802.1x test setup, machine certificates were being sent to domain machines with no problem, but user certificates were not showing up.
In the group policy object, right on the container housing the users that needed certificates, I set the auto-enrollment settings. For some reason things weren't being inherited from the domain default policy. The group policy container is User Configuration -> Windows Settings -> Security Settings -> Public Key Policies -> Autoenrollment SEttings. The 'Enroll Certificates Automatically' needs to be checked along with it's two subsidiary check boxes.
The following command serves as a manual refresh of the policy:
gpupdate /target:user
Enrollment will take several minutes. Running the certmgr.msc mmc snap-in will allow one to check that the certificate has arrived in the Personal -> Certificates store.
The Application Event Log will contain success/failure status for the auto-enrollment.
I also found out from an troubleshooting auto-enrollment article, that domain users without email addresses will not auto-enroll. They don't need an actual email box, just an entry in the email attribute in Active Directory.
As further reference, Microsoft has an article on How Autoenrollment Works. There are other related and helpful articles in the same library section.
Monday, April 30. 2007
Implementing a Wired 802.1X Network With Cisco and Microsoft
Some companies will set up guest networks utilizing a parallel network configuration: separate switches or hubs, along with separate DSL/router internet connections. They will then designate certain ports in a conference room to be 'corporate connections' and certain ports to be 'guest network'. They then leave it up to the user to 'pick a port'.
This mechanism does indeed provide a separate path to the internet, but obviously, the weakness is an inability to prevent people from using inappropriate ports.
A better from of enforcement is provided through the implementation of an authentication/authorization protocol called 802.1X. This protocol works with wired as well as wireless networks. Various methods of operation are available. The simplest to to either enable or disable a switch port based upon receipt of appropriate credentials from the supplicant, which is the computer/user being connected to the network. Continue reading "Implementing a Wired 802.1X Network With Cisco..." »