Mapped drives are the shares on remote computers for which you assigned a drive letter for easier access. We can query these drives and the target shares behind them with a simple and easy powershell one liner.
Here is the tip of the day. Happy Learning.
Get-WmiObject -Class Win32_MappedLogicalDisk | select Name, ProviderName
You might see the error message outlined in subject while installing/uninstalling software on windows 2003 computer by connecting to terminal services. We all know that application installation has certain limitations when it comes to terminal services (anyone know why?). In such cases if you still want to install/uninstall the application on these terminal services enabled servers, you need to choose one of the following methods.
If this the requirement is just one of the case, then option#1 best suits you.
Option#1:
start mstsc with /console or /admin option and then connect to the server. This allows you to connect to the console of the server directly eliminating terminal services piece from you way.
Go to start -> Run -> type “mstsc /admin /v:servername” and click OK if you are using RDP client v6 or above
Go to start ->Run -> type “mstsc /console /v:servername” and click OK if you are using legacy version of RDP client.
Option#2:
If your administrators are expected to install applications on servers by connecting via terminal services, then you need to make sure that application installation is allowed. You can do it via group policies.
“computer configuration” -> “administrative templates” -> “windows components” -> “windows installer” -> “allow admin to install from terminal server session” should be enabled
Hope this helps.
I inspired from my previous post, and decide to do some network interface related operations from command line as they helps me when managing Windows 2008 Core Operating system. Another command that I am going to provide now is to disable network connection from command line.
netsh interface set interface name=”Local Area Connection 1″ admin=DISABLED
In about command, “Local Area Connection 1″ is the name of the connection that you want to disable. You can change the value of “Admin” to “Enable” to enable back the network connection. Similarly, if you want to rename the network connection, you can use newname parameter. Below is the command.
netsh interface set interface name=”Local Area Connection 1″ newname=”My NIC1″
Above command renames “Local Area Connection 1″ network to “My NIC1″.
Hope this helps…
I bought a new Cisco LINKSYS WRT120N wireless router and noticed that reset button is not working properly in it. That means if I press and hold the reset button to reset the router settings to factory defaults, it is not working. After some troubleshooting, I figured out the problem and fixed it. The solution here is to upgrade the firmware of the wireless router to latest version.
To do this, follow below steps.
Feel free to write in comments section if you have some questions.
It is very common requirement that most system administrators will get. They will be requested for allowing some domain user to restart specific service on specific server. In this case most Administrators, either adds the domain user to power users groups or local administrators group. While this works, it is not a efficient solution as it allow the domain user to perform more actions in the computer than what he wants. Sometimes, it might result in server down if he does something unknowingly.
One solution in such situations is, granting the permissions exclusively at service level. This allows the user to just start or stop the service but nothing else.
C:>setacl.exe -on spooler -ot srv -actn ace -ace “n:domainuser1;p:start_stop”
Processing ACL of: <spooler>SetACL finished successfully.
C:>
In above example, I am trying to give start_stop permissions to spooler (print spooler) service on computer where I am running this command.
To list the permissions of a given service, try the below command
C:>setacl.exe -on spooler -ot srv -actn list
Above steps are for doing for single computer. If you want to do it on multiple computer, then using the Group Policies is the best option. Group policies has built-in option to define service level permissions. Let me know if you need any help in doing that.
To know more option of SETACL.exe, look at the below help.
SetACL by Helge Klein
Homepage: http://setacl.sourceforge.net
Version: 2.0.1.0
Copyright: Helge Klein
License: GPL
-O-P-T-I-O-N-S——————————————————–
-on ObjectName
-ot ObjectType
-actn Action
-ace “n:Trustee;p:Permission;s:IsSID;i:Inheritance;m:Mode;w:Where”
-trst “n1:Trustee;n2:Trustee;s1:IsSID;s2:IsSID;ta:TrusteeAction;w:Where”
-dom “n1:Domain;n2:Domain;da:DomainAction;w:Where”
-ownr “n:Trustee;s:IsSID”
-grp “n:Trustee;s:IsSID”
-rec Recursion
-op “dacl:Protection;sacl:Protection”
-rst Where
-lst “f:Format;w:What;i:ListInherited;s:DisplaySID”
-bckp Filename
-log Filename
-fltr Keyword
-clr Where
-silent
-P-A-R-A-M-E-T-E-R-S————————————————-
ObjectName: Name of the object to process (e.g. ‘c:mydir’)
ObjectType: Type of object:
file: Directory/file
reg: Registry key
srv: Service
prn: Printer
shr: Network share
Action: Action(s) to perform:
ace: Process ACEs specified by parameter(s) ‘-ace’
trustee: Process trustee(s) specified by parameter(s)
’-trst’.
domain: Process domain(s) specified by parameter(s)
‘-dom’.
list: List permissions. A backup file can be
specified by parameter ‘-bckp’. Controlled by
parameter ‘-lst’.
restore: Restore entire security descriptors backed up
using the list function. A file containing the
backup has to be specified using the parameter
‘-bckp’. The listing has to be in SDDL format.
setowner: Set the owner to trustee specified by parameter
‘-ownr’.
setgroup: Set the primary group to trustee specified by
parameter ‘-grp’.
clear: Clear the ACL of any non-inherited ACEs. The
parameter ‘-clr’ controls whether to do this for
the DACL, the SACL, or both.
setprot: Set the flag ‘allow inheritable permissions from
the parent object to propagate to this object’ to
the value specified by parameter ‘-op’.
rstchldrn: Reset permissions on all sub-objects and enable
propagation of inherited permissions. The
parameter ‘-rst’ controls whether to do this for
the DACL, the SACL, or both.
TrusteeAction: Action to perform on trustee specified:
remtrst: Remove all ACEs belonging to trustee specified.
repltrst: Replace trustee ‘n1′ by ‘n2′ in all ACEs.
cpytrst: Copy the permissions for trustee ‘n1′ to ‘n2′.
DomainAction: Action to perform on domain specified:
remdom: Remove all ACEs belonging to trustees of domain
specified.
repldom: Replace trustees from domain ‘n1′ by trustees with
same name from domain ‘n2′ in all ACEs.
cpydom: Copy permissions from trustees from domain ‘n1′ to
trustees with same name from domain ‘n2′ in all
ACEs.
Trustee: Name or SID of trustee (user or group). Format:
a) [(computer | domain)]name
Where:
computer: DNS or NetBIOS name of a computer -> ‘name’ must
be a local account on that computer.
domain: DNS or NetBIOS name of a domain -> ‘name’ must
be a domain user or group.
name: user or group name
If no computer or domain name is given, SetACL tries to find
a SID for ‘name’ in the following order:
1. built-in accounts and well-known SIDs
2. local accounts
3. primary domain
4. trusted domains
b) SID string
Domain: Name of a domain (NetBIOS or DNS name).
Permission: Permission to set. Validity of permissions depends on the
object type (see below). Comma separated list.
Example: ‘read,write_ea,write_dacl’
IsSID: Is the trustee name a SID?
y: Yes
n: No
DisplaySID: Display trustee names as SIDs?
y: Yes
n: No
b: Both (names and SIDs)
Inheritance: Inheritance flags for the ACE. This may be a comma separated
list containing the following:
so: sub-objects
sc: sub-containers
np: no propagation
io: inherit only
Example: ‘io,so’
Mode: Access mode of this ACE:
a) DACL:
set: Replace all permissions for given trustee by
those specified.
grant: Add permissions specified to existing permissions
for given trustee.
deny: Deny permissions specified.
revoke: Remove permissions specified from existing
permissions for given trustee.
b) SACL:
aud_succ: Add an audit success ACE.
aud_fail: Add an audit failure ACE.
revoke: Remove permissions specified from existing
permissions for given trustee.
Where: Apply settings to DACL, SACL, or both (comma separated list):
dacl
sacl
dacl,sacl
Recursion: Recursion settings, depends on object type:
a) file:
no: No recursion.
cont: Recurse, and process directories only.
obj: Recurse, and process files only.
cont_obj: Recurse, and process directories and files.
b) reg:
no: Do not recurse.
yes: Do Recurse.
Protection: Controls the flag ‘allow inheritable permissions from the
parent object to propagate to this object’:
nc: Do not change the current setting.
np: Object is not protected, i.e. inherits from
parent.
p_c: Object is protected, ACEs from parent are
copied.
p_nc: Object is protected, ACEs from parent are not
copied.
Format: Which list format to use:
sddl: Standardized SDDL format. Only listings in this
format can be restored.
csv: SetACL’s csv format.
tab: SetACL’s tabular format.
What: Which components of security descriptors to include in the
listing. (comma separated list):
d: DACL
s: SACL
o: Owner
g: Primary group
Example: ‘d,s’
ListInherited: List inherited permissions?
y: Yes
n: No
Filename: Name of a (unicode) file used for list/backup/restore
operations or logging.
Keyword: Keyword to filter object names by. Names containing this
keyword are not processed.
-R-E-M-A-R-K-S——————————————————–
Required parameters (all others are optional):
-on (Object name)
-ot (Object type)
Parameters that may be specified more than once:
-actn (Action)
-ace (Access control entry)
-trst (Trustee)
-dom (Domain)
-fltr (Filter keyword)
Only actions specified by parameter(s) ‘-actn’ are actually performed,
regardless of the other options set.
Order in which multiple actions are processed:
1. restore
2. clear
3. trustee
4. domain
5. ace, setowner, setgroup, setprot
6. rstchldrn
7. list
-V-A-L-I-D–P-E-R-M-I-S-S-I-O-N-S————————————-
a) Standard permission sets (combinations of specific permissions)
Files / Directories:
read: Read
write: Write
list_folder: List folder
read_ex: Read, execute
change: Change
profile: = change + write_dacl
full: Full access
Printers:
print: Print
man_printer: Manage printer
man_docs: Manage documents
full: Full access
Registry:
read: Read
full: Full access
Service:
read: Read
start_stop: Start / Stop
full: Full access
Share:
read: Read
change: Change
full: Full access
b) Specific permissions
Files / Directories:
traverse: Traverse folder / execute file
list_dir: List folder / read data
read_attr: Read attributes
read_ea: Read extended attributes
add_file: Create files / write data
add_subdir: Create folders / append data
write_attr: Write attributes
write_ea: Write extended attributes
del_child: Delete subfolders and files
delete: Delete
read_dacl: Read permissions
write_dacl: Write permissions
write_owner: Take ownership
Registry:
query_val: Query value
set_val: Set value
create_subkey: Create subkeys
enum_subkeys: Enumerate subkeys
notify: Notify
create_link: Create link
delete: Delete
write_dacl: Write permissions
write_owner: Take ownership
read_access: Read control
By this time I am sure you find Custom filters in Windows 7/2008 R2 event viewer very useful. They just displays the results what you need. If you want to get similar functionality with powershell, you can use Get-WinEvent Powershell cmdlet.
I am using it to very good extent to find out the application crashes of given exe in remote computers. Here is a small example where I am querying iexplore.exe crash events in remote computers and I am interested only in recent 5 incidents.
Get-WinEvent -ComputerName PC1 -FilterHashtable @{logname=”Application”;providername=”application error”; data=”iexplore.exe”;} | select -first 5
This runs pretty quickly and displays the results very fast compared to other cmdlets like Get-EventLog or GWMI WIn32_NTLogEvent. You can measure the performance with measure-command cmdlet if you want.
Hope this little tip helps you. Feel free to write in comments section if you have any doubts/questions
Microsoft has released a tool which helps you in blocking the installation of Windows 7/Windows 2008 R2 Service Pack 1 through windows Updates. You can download it from here.
This download contains three files.
1. SPBlockingTool.exe — A microsoft executable
2. SPReg.bat – A batch script
3. NoSPUpdate.ADM — A ADM file to use with GPOs
The installation of service pack 1 through Windows Update can be stopped with one of the above above given tools. If you plan to use the executable, you need to pass /B switch to it to block the installation and /U switch to unblock the installation. Similar functionality can be achieved with BAT script also. It helps you to run against remote system as well. Third approach is using the ADM file in your Group Policies. This GPO procedure is very straight forward and like using any other ADM file.
Irrespective of approach you use, it creates a key value name “DoNotAllowSP” and sets it to “1” under HKLMSoftwarePoliciesMicrosoftWindowsWindowsUpdate registry key to block the installation. It deletes this newly created key when you instruct it to unblock the installation restriction.
Hope this helps you.
The below command helps you to open multiple websites in single go, each one in separate tabs, in firefox. I found this tip useful, so sharing with my blog readers.
Go to Start -> Run-> and type firefox.exe “cricinfo.com” “gmail.com” “techibee.com” ” microsoft.com” and click on OK.
With powershell, it is very easy to unlock a active directory user account. It is as easy as executing below command.
Unlock-qaduser myuser1
Only thing is, you need to have Quest Powershell cmdlets for active directory installed in your computer.
Similarly you can perform some more quick actions with Quest active directory cmdlets
Query all disabled accounts:
Get-QADuser -disabled
Query all locked accounts:
Get-QADUser -locked
Hope this helps…
Till windows XP, taking a screenshot of active windows or a selected area is more than an easy task. You need to be familiar and always remember the key selection(Ctrl+PrintScn) to do that. These headaches are gone with windows 7.
To capture a screenshot in windows 7, follow the below steps.
I assume you felt this very easy. You can read more about this at http://windows.microsoft.com/en-IN/windows7/products/features/snipping-tool.