Skip to content

Windows

Microsoft's main Operating System.

Most of these notes are from before 2015. They were auto-converted, and not cleaned up very well, so there are lots of formatting weirdnesses.

Tips

Mount a drive using CLI:

net use z: \\servername\sharename password /USER:username

Disable 128 bit encryption requirement for CIFS shares:

reg add HKLM\SYSTEM\CurrentControlSet\Control\Lsa /v LmCompatibilityLevel /t REG_DWORD /d 1 /f

Generate new SID:

c:\windows\system32\sysprep\sysprep.exe /generalize /reboot /quiet

Get system serial number:

wmic bios get /format:list | find "Serial"

Disable balloon tips:

reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v EnableBalloonTips /t REG_DWORD /d 0 /f

Disable tray auto-hide:

REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer /t REG_DWORD /v EnableAutoTray /d 0 /f

Add a scheduled task to defrag windows every morning:

schtasks /create /tn "Defrag C and D" /sc DAILY /st 03:01:00 /tr "defrag c: & defrag d:" /ru "domain\administrator"

Add a scheduled task to start dropbox at 11pm:

C:\Users\zerocool>SchTasks /Create /SC DAILY /TN "Start Dropbox" /ST 23:00 /TR "C:\Users\zerocool\AppData\Roaming\Dropbox\bin\Dropbox.exe /home"

Allow non-windows non-AD systems to submit their own hostnames to DNS, Add dhcpservice to the DnsUpdateProxy group

reg add HKLM\SYSTEM\CurrentControlSet\Control\Lsa /v LmCompatibilityLevel /t REG_DWORD /d 1 /f

Enable auto-login: start -> run -> control userpasswords2

HKEY\_LOCAL\_MACHINE/SYSTEM/CurrentControlSet/Services and can be deleted via the sc command line.

Edit a lot of policies via the Active Directory Services Interface editor - Adsiedit.msc

Enable DNS debugging:

reg add "HKLM\SYSTEM\CurrentControlSet\Services\NTDS\Diagnostics\" /v "13 Name Resolution" /t REG_DWORD /d 1 /f ; net stop "DNS Server" ; net start "DNS Server"

RSOP.msc will allow you to see the policy that is in effect on the given computer.

mklink /D c:\lysithea-shared\ \\lysithea\shared

Enable Telnet Server

This isn't really advisable except for when you *really* need it, like remote PowerCLI.

Configure telnet server to auto-start: sc config TlntSvr start=auto

Start telnet server:

sc start TlntSvr

Configure telnet server to not require NTLM auth, allowing password auth:

tlntadmn config sec=-NTLM

Configure stream mode (apparently makes things better for unix clients)

tlntadmn config mode=stream

Remotely uninstall graphical interfaces on Windows Server 2012

Uninstall-WindowsFeature -ComputerName "<server>" -Name Server-Gui-Mgmt-Infra, Server-Gui-Shell -Restart

Bootable hard drive install

Use the Windows 7 USB/DVD download tool, but if that doesn't work, this should work newer than XP:

  1. Attach hard disk
  2. Format as NTFS
  3. Set partition as active
  4. xcopy d:\*.* /e/f/s e:\ (Where d: is the source media and e: is the hard disk)
  5. bootsect /nt60 e:

Configure NTP from CLI

Here are commands to enable NTP client to poll every 900 seconds:

reg add HKLM\SYSTEM\CurrentControlSet\Services\W32Time\Parameters /v Type /t REG_SZ /d "NTP" /f
reg add HKLM\SYSTEM\CurrentControlSet\Services\W32Time\Parameters /v NtpServer /t REG_SZ /d "0.us.pool.ntp.org,0x1 1.us.pool.ntp.org,0x1 2.us.pool.ntp.org,0x1" /f
reg add HKLM\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpClient /v SpecialPollInterval /t REG_DWORD /d 00000900 /f
net stop w32time && net start w32time

Replication checking

repadmin /showrepl

In-place upgrade between editions

dism /online /set-edition:ServerEnterprise /productkey:sdfjk-asldf-jkals-dfjsj-asdfk

Group Policies

Win2003 can use gpmc.msc to make things easier

gpedit.msc to edit some policies

Retrieve product key

This is useful to do as soon as you buy a new computer that came pre-installed with Windows OEM.

wmic path softwareLicensingService get OA3xOriginalProductKey

Get-WmiObject -query 'select * from SoftwareLicensingService').OA3xOriginalProductKey

(Get-ItemProperty "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SoftwareProtectionPlatform").BackupProductKeyDefault