≡ Menu

When you login with built-in administrator and open Microsoft Edge(new browser that replaces internet explorer), you may notice below error message.
This app can’t open
Microsoft Edge can’t be opened using Built-in Administrator account. Sign in different account and try again.

Screen Shot 2015-10-06 at 11.12.55 pm


The resolution to this problem is disabling this security setting from local policies. Follow the below steps to resolve it.

  • Open gpmcedit.msc
  • Navigate to Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options
  • Open User Access Control : Admin Approval Mode for the Built-in Administrator account policy and enable it.
  • Click Apply & OK to save the change
  • Reboot your computer

Screen Shot 2015-10-06 at 11.22.42 pm

After restart, login with administrator account again and you can start browsing using Microsoft Edge.


In this article, let us see force local or remote computer to register its IP address in DNS using PowerShell. The native way of doing it is ipconfig /registerdns. The disadvantage with this is it cannot be used for triggering dns registration on remote computers.

There is a cmdlet called Register-DNSClient in DNSClient module which comes by default with Windows Server 2012/Windows 8 or above operation systems. The good thing with this cmdlet is it can be used for forcing remote clients to register dns.

First let us see how to force the local computer to register its DNS records.


Running above cmdlet from a PowerShell prompt will initiate the registration process.

If you want to perform similar operation against a remote computer, then you can use CimSession to trigger this.

$Computername = "TIBDC01"            
([WMIClass]"\\$ComputerName\ROOT\CImv2:Win32_Process").Create("cmd.exe /c ipconfig /registerdns")

This procedure works for Windows Server 2012/Windows 8 or later operating system. However if your remote computer is lower version than aforementioned versions, then you can use Get-WMIObject cmdlet to trigger this remotely.

This WMI approach works for any of the windows operating systems.

$session = New-CimSession -ComputerName TIBDC01            
Register-DnsClient -CimSession $session            

This way you can force the registration of DNS on any remote windows computer using PowerShell.


Find current working directory using PowerShell

What is my current working directory? You can easily determine this if you are in a interactive shell, but how to get this information as part of script. This post will provide that information.

There are two ways available to get the current working directory using PowerShell.

Using cmdlets:

Get-Location returns a object that contains the current path information. You can get it using the command shown below.

Get-Location | select -ExpandProperty Path

Using Dotnet class:

There is a dotnet way available as well. System.IO.Directory class provides this information. All you need to do is invoking the GetCurrentDirectory() method.


Which one you like most?


There are several ways available with PowerShell to check and create a new folder at given location using. Combination of Test-Path and New-Item can do this task for you.

However, there is much more easy way available, if you are not bothered to check if the path exists and all you need is a folder there. The [System.IO.Directory] class has a method called CreateDirectory which just a creates a directory if it doesn’t exists. It will not do anything if the folder is already available.

Let us try this now.


Irrespecitve of how many no. of times you are executing the above command, it will never error out. It create the folder for the first time and doesn’t do anything during the subsequent runs because the folder is already avialable.

Hope you like this tip.


Get current UTC time using PowerShell

In this powershell tip post, let us see how to find the current UTC time. There are several ways available to do this but one easy and simple way I found is by  using [System.DateTime] class.


This displays the current UTC date time information. See below screenshot for easy understanding.


Alternatively you can try below code as well.

$datetime = Get-Date            


Please subscribe to this blog for more such tips.



This post will help in converting System.Security.SecureString created from Read-Host cmdlet to plain text using PowerShell. We generally read passwords using -AsSecureString parameter of Read-Host. Once the password is read, if you want to see what is the password entered by the user, you cannot really see it by printing the variable into which you read the input. If you try that, you will see a screen similar to below.


Converting this System.Security.SecureString is made easy with below few lines of code. If you have a application that accepts only plain text passwords then you will find this very useful for conversion purpose.

Using below code first we are reading the password into $SecureString variable and converting it to Plain text using DotNet class.

$SecureString = Read-Host "Enter a password for user account" -AsSecureString            
$BSTR = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($SecureString)            
$PlainPassword = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR)            
Write-Host "Entered password is $PlainPassword"

Below is a sample output that shows the conversion of secure string to plain text.


Hope this post is helpful.




In this post, you will see various options for extracting folder name from given file or directory path. This is generally useful in many ways as you work more with file and folders.

Let us proceed to see how we can achieve this. For example you have a absolute path c:\temp\abc\myproj1\newdata.txt file and you want to get the parent directory of the newdata.txt from the path string that is given to you. This operation might look simple if you just have one path and what you do if you have to do this for some 10,000 files paths? Obviously a programmatic approach is destination.

My favorite approach is using [System.IO.Path] Class.


The GetDirectoryName method takes a path as input and returns the directory name. Alternative to this is using split-path cmdlet that comes with PowerShell. Using this cmdlet is much better than GetDirectoryName method because this cmdlet provides several other features.

What they are?

Like the GetDirectoryName method, it also returns the parent directory

Split-Path "c:\temp\abc\myproj1\newdata.txt"

It verifies if the path exists or not when -Resolve parameter is specified

Split-Path "c:\temp\abc\myproj1\newdata.txt" -Resolve

It can be used to get the file name from path instead of parent directory.

Split-Path "c:\temp\abc\myproj1\newdata.txt" -Leaf

Hope this tip helps you


While connecting Windows Server 2012(or R2) using RDP you might notice error which says “An authentication error occurred. The Local Security Authority cannot be contacted”. In this post we will see how to get rid of this error and have some PowerShell solution so that you can deploy this across to your servers.

Basically this problem happens when RDP configuration on Windows Server 2012 enforces you to use Network Level Authentication(NLA) to connect using RDP client. It is a security feature introduced starting from Windows Vista/Windows Server 2008. You can read more about NLA at https://technet.microsoft.com/en-us/magazine/hh750380.aspx.

While NLA increases security and performance of the server, it prevents clients which doesn’t support NLA or the ones in broken state from connecting via RDP. If you decided to disable NLA, then follow below steps.

On the server where you want to disable NLA to allow RDP connections.

  • Go to Start -> Run -> type “sysdm.cpl” and Press Enter
  • It opens System Properties. Now go to Remote tab
  • Uncheck Allow Connections only from computers running Remote Desktop with Network Level Authentication (recommended) checkbox.
  • Click on Apply and try to RDP again to the server.

It should work without issues this time. Below screenshot shows the option that I am explaining in above steps.

Now you know how to address this error on single server. But how to do it on multiple server or you want to make it part of your build process? There is a way using PowerShell.

The Win32_TSGeneralSetting WMI class in Root\CIMv2\TerminalServices namespace provides a method called SetUserAuthenticationRequired() to enable or disable above check box.

To disable NLA:

$TSObj = Get-WMIObject -Class Win32_TSGeneralSetting -Namespace Root\CIMV2\TerminalServices            


To enable NLA:

$TSObj = Get-WMIObject -Class Win32_TSGeneralSetting -Namespace Root\CIMV2\TerminalServices            

Above commands enables or disables NLA for RDP on local computer. If you want to perform these actions on remote computer, just use -ComputerName parameter with Get-WMIObject cmdlet.

Like the way we can enable/disable NLA, we can also check what is the current state of it. There is a Property called UserAuthenticationRequried which stores 0 or 1 that indicates it is disabled or enabled respectively.

$TSObj = Get-WMIObject -Class Win32_TSGeneralSetting -Namespace Root\CIMV2\TerminalServices            

Hope this helps.


PowerShell: How to get DNS client Cache

Tip: How to get(or read) DNS client cache using PowerShell.

You know that DNS client caches the results it received from DNS server for the amount of allowed as per the values in DNS Zone. Client refers to this cache first before making a call to DNS server for resolving any record. Sometime this cache goes stale and we need to clear it to get fresh results. If you want to see what is there in local DNS client cache you can run IPCONFIG /displayDNS. This gives the details in plain text.

You can use below PowerShell cmdlet which is part of DNSClient in Windows 8 & Windows server 2012 and above operating systems to read what is there in the cache and the result is in object format which is easy to parse.


You can look for cache details of a particular domain by passing it to -Entry parameter.

Get-DnsClientCache -Entry techibee.com


Use Get-Help cmdlet to know more about it.

Get-Help Get-DnsClientCache -Detailed

Hope this helps..


This post will discuss about querying DNS Server (Microsoft or Non-Microsoft) using PowerShell for different types of records like A, PTR, MX, NS, and resource records.

Nslookup.exe is a great utility for querying DNS servers. You can connect to server and query records types that you need. Its very useful utility but only problem is it is not flexible to use inside your scripts/automations. If this utility is used inside script, you to parse the text output to extract the details you need. Ideally anything that returns results in object format is very good in programming.

Are you looking for a script to resolve host name to IP and IP to host name using PowerShell, then check this post.

Alternative to nslookup in windows world is querying DNS server using WMI. There are WMI Classes available to query DNS server for various record types. Try below command to get a list of WMI classes that helps you to query and manage DNS running on a Windows Server.

Get-WmiObject -Namespace root\MicrosoftDNS -List

The downside with approach is, it works only for querying windows based DNS servers and this approach absolutely not valid for non Microsoft DNS server like bind. You can read about using these WMI classes using PowerShell at this Hey Scripting Guy post.

This problem is addressed in much better way in Windows 8/Windows Server 2012 with the introduction of Resolve-DNSName cmdlet. Using this cmdlet you can query any kind of DNS server(Microsoft or non-MS) for any record type without requiring any extra privileges and utilities. This cmdlet returns results in object format which is easy to consume within the script.

This cmdlet is part of DNSClient module in Windows 8/Windows Server 2012 or above Operating Systems. You cannot use this module on Windows 7 or any other previous operating systems.


Now let us look at some examples to understand how to query DNS server using this.

We can query A record techibee.com using below command. This queries the DNS servers that are listed in your network connection configuration. You can get DNS Server IP details of a computer using the script provided in this post.

Resolve-DnsName -Name techibee.com -Type A

resolve-dnsname-queryASimilarly you can query Name server rescords(NS) of a Domain by passing NS as value to -Type Parameter. This lists all name servers that are hosting the Domain name you are querying. Below examples shows how to query NS records of Google.com

Resolve-DnsName -Name google.com -Type NS -DnsOnly


We can target these queries against any DNS server in your network. For example, we can query Google name servers directly for a record or internal DNS server for records. Below command shows how to query a DNS server directly instead of relying on what is configured in local computer network configuration.

Resolve-DnsName -Name techibee.com -Type A -Server


In above example, is the IP of Google DNS server. You can try giving your internal DNS server name/IP or any external DNS name. It works same way as NSLookup does.

Similarly you can query MX records of a domain using below command.

Resolve-DnsName -Name techibee.com -Type MX -Server


You might be wondering what all types of records you can query using this cmdlet. Below is the list of records that this cmdlet supports.

If you have any questions about using this cmdlet, please write it in comments section.

Source : TechNet

Record Name

Hope this helps….