Category: Operating Systems

Categories
Internet Explorer Windows 10 Windows 7 Windows 8

IE9, and IE10 popups to upgrade to IE11 on Windows

We had users complaining about needing to upgrade to IE11, they were running IE8,9, and 10. I tracked down the KB that was installed on patch tuesday to: KB3124275. We have users who have to use Internet Explorer 10 for specific applications, so we cannot ugprade. I removed it from SUS and users PC’s, hopefully this’ll save someone some time.

You can see the MS KB here: https://support.microsoft.com/en-us/kb/3124275

And note part of the way down it says the GR KB is here:

KB3123303 The new “End of Life” upgrade notification for Internet Explorer

Categories
drivers Printers Server 2008 server 2012

Adding HP Printer gets error 0x0000007e

If a Windows 7 machine cannot add a printer because of a 0x0000007e error: Delete BIDI registry key (on server) from
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Printers\\CopyFiles\BIDI
Sometimes the print spooler needs to be restarted.

Categories
Powershell

Running a powershell command via batch or command that is restricted

I had to run a powershell module that I found remotely to remove some pinned applications in Windows 7. I also wanted it to run remotely, and not have to log on to each PC to do so. To kick off a powershell script, I had to add this to a command file:

REM KICK OFF POWERSHELL STUFF
xcopy "\\domain.com\software\Non-Licensed\scripts\kiosk\Set-PinnedApplications.psm1" C:\temp\
powershell "Set-ExecutionPolicy Unrestricted"
powershell \\domain.com\software\Non-Licensed\scripts\kiosk\Remove_Taskbar_Shortcuts.ps1

The .ps1 file leads to this:

Import-Module C:\temp\Set-PinnedApplications.psm1
Set-PinnedApplication -Action UnPinFromTaskBar -FilePath "C:\Users\kiosk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk"
Set-PinnedApplication -Action UnPinFromTaskBar -FilePath "C:\Users\kiosk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk"
Set-PinnedApplication -Action UnPinFromTaskBar -FilePath "C:\Users\kiosk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk"

So it allows me to remove the pinned applications. If you want to view the module (Set-PinnedApplications.psm1) I used off technet it is here:
https://gallery.technet.microsoft.com/scriptcenter/b66434f1-4b3f-4a94-8dc3-e406eb30b750
You would just copy that content into: Set-PinnedApplications.psm1

Categories
Windows 7

Hide Windows 7 desktop icons through registry and a command or bat file

If you want to hide certain desktop icons via a bat file, you can use this. Just read the REM line to see which 4 registry adds will change a specific icon. I needed this to roll out to a couple hundred computers, versus logging on to them and disabling them individually.

REM hide Computer icon on the desktop
REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel" /v "{20D04FE0-3AEA-1069-A2D8-08002B30309D}" /t REG_DWORD /d 1 /f
REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu" /v "{20D04FE0-3AEA-1069-A2D8-08002B30309D}" /t REG_DWORD /d 1 /f
REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel" /v "{20D04FE0-3AEA-1069-A2D8-08002B30309D}" /t REG_DWORD /d 1 /f
REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu" /v "{20D04FE0-3AEA-1069-A2D8-08002B30309D}" /t REG_DWORD /d 1 /f
REM hide Control Panel icon on the desktop
REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel" /v "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}" /t REG_DWORD /d 1 /f
REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu" /v "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}" /t REG_DWORD /d 1 /f
REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel" /v "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}" /t REG_DWORD /d 1 /f
REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu" /v "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}" /t REG_DWORD /d 1 /f
REM hide User's Files icon on the desktop
REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel" /v "{59031a47-3f72-44a7-89c5-5595fe6b30ee}" /t REG_DWORD /d 1 /f
REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu" /v "{59031a47-3f72-44a7-89c5-5595fe6b30ee}" /t REG_DWORD /d 1 /f
REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel" /v "{59031a47-3f72-44a7-89c5-5595fe6b30ee}" /t REG_DWORD /d 1 /f
REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu" /v "{59031a47-3f72-44a7-89c5-5595fe6b30ee}" /t REG_DWORD /d 1 /f
REM hide Network icon on the desktop
REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel" /v "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}" /t REG_DWORD /d 1 /f
REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu" /v "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}" /t REG_DWORD /d 1 /f
REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel" /v "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}" /t REG_DWORD /d 1 /f
REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu" /v "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}" /t REG_DWORD /d 1 /f
REM hide recycle bin from desktop
REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel" /v "{645FF040-5081-101B-9F08-00AA002F954E}" /t REG_DWORD /d 1 /f
REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu" /v "{645FF040-5081-101B-9F08-00AA002F954E}" /t REG_DWORD /d 1 /f
REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel" /v "{645FF040-5081-101B-9F08-00AA002F954E}" /t REG_DWORD /d 1 /f
REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu" /v "{645FF040-5081-101B-9F08-00AA002F954E}" /t REG_DWORD /d 1 /f
REM hide libraries icon from the desktop
REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel" /v "{031E4825-7B94-4DC3-B131-E946B44C8DD5}" /t REG_DWORD /d 1 /f
REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu" /v "{031E4825-7B94-4DC3-B131-E946B44C8DD5}" /t REG_DWORD /d 1 /f
REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel" /v "{031E4825-7B94-4DC3-B131-E946B44C8DD5}" /t REG_DWORD /d 1 /f
REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu" /v "{031E4825-7B94-4DC3-B131-E946B44C8DD5}" /t REG_DWORD /d 1 /f

Categories
file sharing Operating Systems

Poor mans file audit on Windows Server 2008 R2 – with an easy search function and GUI

I needed a way to audit file deletions on our Windows 2008 R2 Server, but didn’t need to make pretty reports for our C levels, it was just for techs to track down who deleted what. So I used the built in Windows File Audit with GPO.

We also have about 1800 people who use this share, so we had to keep a watchful eye on how many logs were generated, and then script out deletions after a certain period, we chose 14 days is about how far back we want to retain.

Task 1 was to enable the GPO for the server to start actually recording the file deletions in Event Viewer.
Following this guide: http://www.morgantechspace.com/2013/11/Enable-File-System-Auditing-in-Windows.html
You can enable the GPO to start actually logging the deletions attempts.

Task 2 was to separate the security logs into it’s own directory, for easy pruning.
I then had to go to the file server and enable this: http://blogs.technet.com/b/askds/archive/2009/08/04/tracking-a-remote-file-deletion-back-to-the-source.aspx
So that I can start logging. You are essentially enabled file auditing. I only chose to enable the Success of file deletions, nothing else, as that was all the data I want logged.

Task 3 was to script automated deletions of the evtx files after 14 days of age.
I wrote this to do my automated deletions. You will make a cmd, or bat file on your desktop with these contents:
REM Remove Security older than 14 days
forfiles /p "C:\Windows\System32\winevt\Logs\Security" /s /m *.* /c "cmd /c Del @path" /d -14

You can adjust the 14 days to be whatever you like. Then add it to task schedule to automate and run once a day.

Task 4 was to find a way to prune through 2-3GB of evtx files easily.
SOURCE: https://martin77s.wordpress.com/2010/01/16/evtlogparser/
You will need to install LogParser.msi first.
Then run EVTLOGPARSER.EXE – it is portable after the LogParser.msi is installed.
You can then add the security directory directly: \\SERVERNAME\c$\Windows\System32\winevt\Logs\Security
and query eventid 4663 AND/OR under message, search for your file deleted, partials should work.

Categories
Operating Systems Powershell

Windows 10 not searching desktop applications with cortona

Out of the blue, my start -> search stopped functioning, it would just be blank.

I reinstalled Cortana using the following procedure:

Open an elevated Command Prompt window (press win + X, and then press A)
Type start powershell and press enter
Run the command (in one line):
Get-AppXPackage -Name Microsoft.Windows.Cortana | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register “$($_.InstallLocation)\AppXManifest.xml”}
After 30 seconds the problem was solved on my machine. Incredible.

Source: http://answers.microsoft.com/en-us/windows/forum/windows_10-win_cortana/cortana-not-finding-desktop-apps-when-searching/f612e995-6664-4b91-b6ae-96790e763858

Categories
Powershell

Adding User Principal Names in Active Directory via PowerShell for Federation

I wanted to update the UPN or User Principal Names in our AD, as we had a couple thousand users that had been in our AD for over 10 years, in the NT days. So they were created without UPN’s.

This will print out the list of users and output it to a file so you can review who will be changed. We did not want to change the admin users so I added a notlike clause.

get-aduser -Filter * -SearchBase ‘CN=Users,dc=vivithemage,dc=com’ | where {($_.userprincipalname -eq $null) -and ($_.name -notlike “*admin*”)} | format-table samaccountname,givenname,surname | Out-File c:\test\UPN-prechange2.txt

Reviewed the list, looked good, so I can now run this to make the blanket change, while manually specifying the domain name:

get-aduser -Filter * -SearchBase ‘CN=Users,dc=vivithemage,dc=com’ | where {($_.userprincipalname -eq $null) -and ($_.name -notlike “*admin*”)} | foreach { Set-ADUser $_ -UserPrincipalName (“{0}@{1}” -f $_.name,”vivithemage.com”)}

Lots of help from this article: http://blogs.technet.com/b/heyscriptingguy/archive/2013/08/13/add-user-principal-names-in-active-directory-via-powershell.aspx
and ss64.com

Categories
Operating Systems

power shell script unmounting system reserved

I need a powershell way to remove the system reserved drive letter, as there is no reason for our users to actually use that, and access it. In powershell drop this code in:

$target = (Get-Volume -FileSystemLabel “System Reserved”).DriveLetter+ “:”
$volume = Get-WmiObject Win32_Volume -Filter “DriveLetter=’$target'”

if ($null -ne $volume)
{
$volume.DriveLetter = $null
$volume.Put()
}

Save it, make sure it’s a ps1 file and execute, it will remove the Drive Letter, and unmount it.

Categories
Windows 7

Disable Windows Startup Repair as Default Option

I was having issues where my older raid card would not get recognized on the first boot, causing windows to reboot, then BSOD. So 50% of the time I would reboot and would be stuck on the repair screen, so I wanted to disable it. Apparently you can through the bcdedit!

bcdedit /set {default} recoveryenabled No

Categories
Operating Systems Powershell Uncategorized Windows 7

copy a file into all user directories via bat files for windows 7 or xp using a wildcard

I needed to copy one file into all of the user directories on computers. I ended up creating a for loop, print it, then use that list as a variable to throw in, worked great. This was one of the few things I could not find on google, so hopefully this hits a few keywords for people when they’re searching. IT IS POSSIBLE! This can be done in BAT, CMD, OR just dump it into a command pronpt changing your own directories/variables as needed.

REM this prints all users in C:\Users\ and then copies the EssUser.cfg file to the PartsDoc Dir
FOR /D %%G IN (c:\Users\*.*) DO xcopy /Y /H /R "E:\PartsDoc Updates\EssUser.cfg" "%%G\Documents\CLAAS\PartsDoc\"