Interesting: [Ardhive.is] Use Software Restriction Policies to block viruses and malware | Branko Vucinec
via: [WayBack] Ransomware treft Tweede Kamer – Malware versleutelt overheidsbestanden – IT Pro – Nieuws – Tweakers
–jeroen
Archive for the ‘Windows Server 2008 R2’ Category
Use Software Restriction Policies to block viruses and malware | Branko Vucinec
Posted by jpluimers on 2018/06/25
Posted in Microsoft Surface on Windows 7, Power User, Windows, Windows 10, Windows 7, Windows Server 2003, Windows Server 2003 R2, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, Windows Vista, Windows XP | Leave a Comment »
0x8024400E error with WSUS SP2
Posted by jpluimers on 2018/03/16
From a note a very long time ago: [WayBack] 0x8024400E error with WSUS SP2
TL;DR:
- ensure you have at least KB2938066 installed.
- while upgrading WSUS, ensure you reboot the server after each update.
Related: [WayBack] windows – WSUS clients failing to get updates with error 80072EE2 – Server Fault
–jeroen
Share this:
Posted in Power User, Windows, Windows Server 2008, Windows Server 2008 R2 | Leave a Comment »
Windows 10 auto-logout on <5 minutes of inactivity – Super User
Posted by jpluimers on 2018/02/26
This seems to work on other Windows versions as well: [WayBack] Windows 10 auto-logout on <5 minutes of inactivity – Super User
Share this:
Posted in Power User, Windows, Windows 10, Windows 7, Windows 8, Windows 8.1, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016 | Leave a Comment »
Finding out when your domain password will expire :: Active Directory :: Admin Tips :: Windows 7 :: Windows Server 2012/2008/2003/2000/XP/NT Administrator Knowledge Base :: KBase Tips :: WindowsNetworking.com
Posted by jpluimers on 2018/02/02
Here’s how you can find out when your domain password will expire.
net user %USERNAME% /domain
It figures this out for the current logon domain (so it doesn’t work cross-domain) but it is a great help, especially when filtering out just the password information:
net user %USERNAME% /domain | findstr "Password"
This can be done in a more complex way with dsquery or adinfo that are tools to query
Share this:
Posted in Power User, Windows, Windows 10, Windows 7, Windows 8, Windows 8.1, Windows 9, Windows Server 2000, Windows Server 2003, Windows Server 2003 R2, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, Windows Vista, Windows XP | Leave a Comment »
Consolidating NTFS free space
Posted by jpluimers on 2017/12/29
For shrinking VM disk images, it’s important to consolidate NTFS free space towards the end of the this.
I’ve tried many tools, starting with defrag C: /X (which tries, but doesn’t give good results) and found out these steps give the best results:
- Perform an Ultradefrag full optimisation,
- Perform a MyDefrag
Consolidate free spacescript on the drive.
If shrinking still fails then:
- Try the Ultradefrag at boot time
- Note you have to install the normal version, as you cannot enable boot time defragmentation from the portable version:
- [WayBack] UltraDefrag Handbook: Graphical Interface – 7.0.2
- Settings
- Boot time scan > Enable (F11)
- Enable or disable the boot time processing (disabled for portable editions).
- Boot time scan > Script (F12)
- Open the boot time script (disabled for portable editions).
- Settings
- [WayBack] UltraDefrag Handbook: Boot Time Defragmentation – 7.0.2
- [WayBack] UltraDefrag Handbook: Graphical Interface – 7.0.2
- Note you have to install the normal version, as you cannot enable boot time defragmentation from the portable version:
- Verify what kind of file(s) prevent shrinking: they show up in red after the MyDefrag session:
- Zoom in them (they can initially as small as 1 red pixel) by clicking on or near them, repeating the zoom long enough so you can hover over with the mouse and the lower part of the screen shows a filename like
where you cannot find much information about “$badclus:$bad:$data” but appear to be clusters marked as badon NTFS level using something likechkdsk /B. - If it was a bad sector like above, then try to resolve it with [WayBack]
ntfsfixwhich ships with GParted live boot:- boot a [WayBack] GParted — Live CD/USB/PXE/HD drive,
- run GParted to see the drive path (for instance /dev/sda1)
- start a terminal
- run this command:
ntfsfix -b /dev/sda1
which will give output like this:Mounting volume... OK Processing of $MFT and $MFTMirr completed successfully. Checking the alternate boot sector... OK NTFS volume version is 3.1. Going to un-mark the bad clusters ($BadClus)... OK NTFS partition /dev/sda1 was processed successfully. - boot back into Windows
- on an administrative command prompt run this for the affected drive letter:
chkdsk D: /B
(reboot if needed)
- Zoom in them (they can initially as small as 1 red pixel) by clicking on or near them, repeating the zoom long enough so you can hover over with the mouse and the lower part of the screen shows a filename like
- Shrink the drive using
diskmgmt.msc
If you still cannot shrink, then try [WayBack] http://ftp.raxco.com/pub/download/pd14.0/pd14.0_pro.exe PerfectDisk by Raxco free trial.
Note:
MyDefrag (formerly named JkDefrag) is not maintained any more but the 4.3.1 version in the WayBack machine still works very well as the underlying defragmentation APIs in Windows haven’t changed.
References:
- [WayBack] UltraDefrag – An Open Source Defragmenter
- [WayBack: MyDefrag v4.3.1]
- [WayBack] MyDefrag – Wikipedia
- [WayBack] Defragmenting Files (Windows)
- [WayBack] The Challenge of Defragmenting an NTFS Partition | Systems Management content from Windows IT Pro
- [WayBack] windows – How do you defragment the MFT on an NTFS disk? – Super User
- [WayBack] hard drive – defrag /x – consolidate free space not really working – Windows Server 2012 – Server Fault
For FAT32:
For GParted / ntfsfix:
- GParted ships with a [WayBack] truckload of file system support including NTFS support (and tools like
ntfsfix)- I’ve put the [WayBack] GParted — Live CD/USB/PXE/HD on USB via
TuxBootas per instructions at [WayBack] GParted Live on USB - Tuxboot helps you to create a bootable Live USB drive for Clonezilla live, DRBL live, Gparted live and tux2live.
- The safest version of GParted to download is the i686 version: it works on all processor architectures. Download from [WayBack] GParted — Download.
- The graphical X environment around GParted often has problems with graphics cards, use the
safeboot options that uses VGA mode. Not nice, but very effective - You can use GParted to do resizing as well, but if you have a bad sector, then it refuses to do so: [WayBack] [SOLVED]How do I reduce an NTFS system partition with Gparted-live? (Page 1) — Live Media — GParted forum:
- The volume in the Gparted window shows an exclamation mark in a yellow triangle, and info says:Unable to read the contents of this file system!
Because of this some operations may be unavailable.The cause might be a missing software package.
The following list of software packages is required for ntfs file system support: ntfsprogs / ntfs-3g. - This command from the terminal will show you if there are bad sectors:
sudo ntfsresize --info --force --no-progress-bar /path-to-your-ntfs-partition - When that happens, us the
ntfsfixabove to try and fix it.
- The volume in the Gparted window shows an exclamation mark in a yellow triangle, and info says:Unable to read the contents of this file system!
- I’ve put the [WayBack] GParted — Live CD/USB/PXE/HD on USB via
- [WayBack] partitioning – Removing a bad sector from an NTFS partition. Badblocks gave me an output. now what? – Ask Ubuntu (thanks [WayBack] Mina Michael)
PerfectDisk via:
- [WayBack] ntfs – How do I move the physical location of $MFTMirr, to allow resizing the partition? – Server Fault
- [WayBack] windows – Resizing volume with DiskPart unsuccessful, while there’s enough free space – Server Fault
- WayBack: Tip: How to shrink a volume beyond half its size using DiskPart or Disk Manager regardless of Microsoft’s NTFS restrictions and $MFTMirr | Under My Hat
–jeroen
Share this:
Posted in Power User, Windows, Windows 10, Windows 7, Windows 8, Windows 8.1, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, Windows Vista | Leave a Comment »
WinHTTP Cipher restrictions to TLSv1.2 does not work on Windows7, Server 2008 R2 and Server 2012…
Posted by jpluimers on 2017/12/18
This will bite me some time for sure, so for my link archive: [WayBack] TRestClient and Cipher restrictions to TLSv1.2 does not work on Windows7 and Server2008R2 … and how it can be solved… – Günther Schoch – Google+
References:
- [WayBack] Support for SSL/TLS protocols on Windows – Unleashed
- [no WayBack or Acrhive.is] Update to enable TLS 1.1 and TLS 1.2 as a default secure protocols in WinHTTP in Windows: Describes an update that adds TLS 1.1 and TLS 1.2 to default security protocols in Windows Server 2012, Windows 7 SP1, and Windows Server 2008 R2 SP1.
For at least some Windows 7 and Server 2008 R2 systems, that update (KB3140245) doesn’t automatically turns up in the Windows Update list.
To make matters worse, the page cannot be archived in either the WayBack machine or Archive.is (I tried multiple times with empty results).
Luckily, there is a copy at [WayBack] KB3140245 DefaultSecureProtocols – Security.NL.
After installing the update, you have to ensure you set the DefaultSecureProtocols registry value to the bitmap value that indicates with SSL/TLS versions you want to support:
The DefaultSecureProtocols registry entry can be added in the following path:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttpOn x64-based computers, DefaultSecureProtocols must also be added to the Wow6432Node path:
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttpThe registry value is a DWORD bitmap. The value to use is determined by adding the values corresponding to the protocols desired.
DefaultSecureProtocols Value Protocol enabled 0x00000008 Enable SSL 2.0 by default 0x00000020 Enable SSL 3.0 by default 0x00000080 Enable TLS 1.0 by default 0x00000200 Enable TLS 1.1 by default 0x00000800 Enable TLS 1.2 by default For example:
The administrator wants to override the default values for WINHTTP_OPTION_SECURE_PROTOCOLS to specify TLS 1.1 and TLS 1.2.
Take the value for TLS 1.1 (0x00000200) and the value for TLS 1.2 (0x00000800) then add them together in calculator (in programmer mode), the resulting registry value would be 0x00000A00.
–jeroen
Share this:
Posted in .NET, Delphi, Development, Power User, Software Development, Windows, Windows 7, Windows Server 2008 R2 | 2 Comments »
Task Scheduler – command-line End a Running Task
Posted by jpluimers on 2017/12/11
schtasks /End [/S <system> [/U <username> [/P [<password>]]]] /TN taskname
Every now and then you have those Scheduled Tasks consisting of batch files that – despite trying – still ask for user input.
If – even after a reasonable time out – the Task Scheduler still hasn’t killed them, you can kill them by hand with the above schtasks in a snap.
–jeroen
Share this:
Posted in Console (command prompt window), Power User, Windows, Windows 10, Windows 7, Windows 8, Windows 8.1, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016 | Leave a Comment »
Can I invoke Windows Update from the command line? – Super User
Posted by jpluimers on 2017/09/25
For my link archive: Can I invoke Windows Update from the command line? – Super User [WayBack]
–jeroen
Share this:
Posted in Power User, Windows, Windows 10, Windows 7, Windows 8, Windows 8.1, Windows 9, Windows Server 2003, Windows Server 2003 R2, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, Windows Vista, Windows XP | Leave a Comment »
The Most Common VPN Error Codes Explained
Posted by jpluimers on 2017/06/26
Source: The Most Common VPN Error Codes Explained
- VPN Error 800 “Unable to establish connection”
- VPN Error 619 “A connection to the remote computer could not be established”
- VPN Error 51 “Unable to communicate with the VPN subsystem”
- VPN Error 412 “The remote peer is no longer responding”
- VPN Error 721 “The remote computer did not respond”
- VPN Error 720 “No PPP control protocols configured”
- VPN Error 691 “Access denied because username and/or password is invalid on the domain”
- VPN Errors 812, 732 and 734 “The connection was prevented because of a policy configured on your RAS/VPN server”
- VPN Error 806 “A connection between your computer and the VPN server has been established but the VPN connection cannot be completed.”
–jeroen
via: Could be useful. – Joe C. Hecht – Google+
Share this:
Posted in Power User, Windows, Windows 10, Windows 7, Windows 8, Windows 8.1, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Vista, Windows XP | Leave a Comment »
17 years ago, C:\nul\nul crashed/BSOD Windows; now $MFT does for Windows < 10
Posted by jpluimers on 2017/05/26
Source:
History repeating itself: [Archive.is] 31607 – C:\nul\nul crashes/BSOD then, now it’s this:
- [WayBack] A bug in NTFS, or hang the entire system / Blog Aladdin RD / Habrahabr
- [WayBack] Баг в NTFS, или как подвесить всю систему / Блог компании Аладдин Р.Д. / Хабрахабр
- [WayBack] In a throwback to the ’90s, NTFS bug lets anyone hang or crash Windows 7, 8.1 | Ars Technica UK
- [WayBack] NTFS bug allows any website to crash Windows 7, 8.1
Via:
- [WayBack] NTFS bug allows any website to crash Windows 7, 8.1Users of older versions of Windows aren’t having the best time of it lately. Last week it was disco… – BetaNews – Google+
- [WayBack] Writing solid code is really hard these days … – Lars Fosdal – Google+
All versions prior to Windows 10 and Windows Server 2016 seem vulnerable.
So add $MFT to this list:
The following device names have been known to render a system unstable: CON, NUL, AUX, PRN, CLOCK$, COMx, LPT1, and CONFIG$.
Oh BTW: history repeated itself this year too. With NUL
In short, Steven Sheldon created a rust package named nul which broke the complete package manager on Windows:
- [WayBack] How I Broke Rust’s Package Manager for All Windows Users – sasheldon.com
- [WayBack] I Broke Rusts Package Manager for Windows Users | Hacker News
- [WayBack] I think a crate called ‘nul’ is causing errors for cargo (windows).
- [WayBack] @bstrie: @sheldonut Hi Steven, Rust team here :) We’re having some technical difficulties with the name of one of your crates… feel free to DM
- [WayBack] Null character – Wikipedia
- [WayBack] IRC Logs for #rust-internals | BotBot.me [o__o] – 2017-04-30 – 84953638 – page 4
- [WayBack] List of software package management systems – Wikipedia: Application-level package managers
- [WayBack] I think the name of this project causes issues for windows users. · Issue #1 · SSheldon/nul
- When cargo updates its crates.io registry, it creates a file for each crate, no extension, just the name.The name
nulis not a valid name in windows 10, so cargo fails to update the registry, and then aborts whatever it was doing (building, searching, ect.).I think this project should be re-published to crates.io under a new name, something likenull-stringsperhaps?
- When cargo updates its crates.io registry, it creates a file for each crate, no extension, just the name.The name
- [WayBack] Fresh install unable to install anything · Issue #3982 · rust-lang/cargo
- Here is what I see with verbose. I get this trying to install clippy or rustfmt. I assume I would get it with other crates.Updating registry
https://github.com/rust-lang/crates.io-index
error: [20/-1] Cannot checkout to invalid path ‘3/n/nul’
- Here is what I see with verbose. I get this trying to install clippy or rustfmt. I assume I would get it with other crates.Updating registry
- [WayBack] IRC Logs for #rust | BotBot.me [o__o] – 2017-04-30 – msg 84953614 – page=19
- [WayBack] What’s the deal with those reserved filenames like NUL and CON? – The Old New Thing
- The solution: [WayBack] Reserve windows crate names. by withoutboats · Pull Request #695 · rust-lang/crates.io
- [WayBack] @withoutboats boats ✨ on Twitter: “I thought Rust was supposed to prevent nul errors! ;-)”
BTW: one of my gripes on learning new languages is that they come with a whole new idiom of their ecosystem: rust, cargo, crates, all sound like being a truck mechanic to me.
–jeroen
Share this:
Posted in Development, Microsoft Surface on Windows 7, NTFS, Power User, Security, Software Development, The Old New Thing, Windows, Windows 10, Windows 7, Windows 8, Windows 8.1, Windows 9, Windows 95, Windows 98, Windows Defender, Windows Development, Windows ME, Windows NT, Windows Server 2000, Windows Server 2003, Windows Server 2003 R2, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, Windows Vista, Windows XP | Leave a Comment »
The Wiert Corner - irregular stream of stuff 