New-Item 'HKLM:\SOFTWARE\WOW6432Node\Microsoft.NETFramework\v4.0.30319' -Force | Out-NullNew-ItemProperty -path 'HKLM:\SOFTWARE\WOW6432Node\Microsoft.NETFramework\v4.0.30319' -name 'SystemDefaultTlsVersions' -value '1' -PropertyType 'DWord' -Force | Out-NullNew-ItemProperty -path 'HKLM:\SOFTWARE\WOW6432Node\Microsoft.NETFramework\v4.0.30319' -name 'SchUseStrongCrypto' -value '1' -PropertyType 'DWord' -Force | Out-NullNew-Item 'HKLM:\SOFTWARE\Microsoft.NETFramework\v4.0.30319' -Force | Out-NullNew-ItemProperty -path 'HKLM:\SOFTWARE\Microsoft.NETFramework\v4.0.30319' -name 'SystemDefaultTlsVersions' -value '1' -PropertyType 'DWord' -Force | Out-NullNew-ItemProperty -path 'HKLM:\SOFTWARE\Microsoft.NETFramework\v4.0.30319' -name 'SchUseStrongCrypto' -value '1' -PropertyType 'DWord' -Force | Out-NullNew-Item 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server'...

$UserInboxRule = ForEach ($i in (Get-Mailbox -ResultSize Unlimited)) { Get-InboxRule -Mailbox $i.DistinguishedName | Where-Object { $_.ForwardTo } | fl MailboxOwnerID,Name,ForwardTo,Description}$UserInboxRule | Out-File C:\TEMP\User_inbox_Forwarding_rule.txt -Encoding UTF8

https://docs.microsoft.com/en-us/windows-server/get-started/kmsclientkeys KMS_2019 KMS_2016

netsh wlan export profile name=”WLANNAME” folder=C:\TEMP\ key=clearnetsh wlan add profile filename=”\\server\CONFIG$\WLANNAME.xml” user=all >> C:\TEMP\WiFi.txtnetsh wlan connect ssid=WLANNAME name=WLANNAME

Get-CimInstance -Class Win32_UserProfile | Where-Object {​​​​​​​​ $_.LocalPath.split('\')[-1] -eq 'UserXYZ' }​​​​​​​​ | Remove-CimInstance

find /volume1/veeam/ -iname *.vbk -exec btrfs fi defrag -v {​​​​​​}​​​​​​ \;

#!/bin/bashfree -msyncecho 3 > /proc/sys/vm/drop_cachessyncfree -msyncswapoff -a && swapon -afree -m

sudo defaults write /Library/Preferences/SystemConfiguration/com.apple.nat NAT -dict-add SharingNetworkNumberStart 192.168.11.0 sudo defaults write /Library/Preferences/SystemConfiguration/com.apple.nat NAT -dict-add SharingNetworkNumberEnd 192.168.11.252 sudo defaults write /Library/Preferences/SystemConfiguration/com.apple.nat NAT -dict-add SharingNetworkMask 255.255.255.0

PowerShell script to enable TLS 1.2 TLS 1.2 enforcement for Azure AD Connect see https://docs.microsoft.com/en-gb/azure/active-directory/hybrid/reference-connect-tls-enforcement

eventcreate /L APPLICATION /T INFORMATION /SO %~n0%~x0 /ID 208 /D "%~0 -- assigning Teamviewer to ABC"REM assign Teamviewer to ABC"C:\Program Files (x86)\TeamViewer\Teamviewer.exe" assign --api-token=12345678-blahblahblah --grant-easy-access

REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DeliveryOptimization" /f /v DOAbsoluteMaxCacheSize /t REG_DWORD /d 16REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DeliveryOptimization" /f /v DOAllowVPNPeerCaching /t REG_DWORD /d 0REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DeliveryOptimization" /f /v DODelayBackgroundDownloadFromHttp /t REG_DWORD /d 1REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DeliveryOptimization" /f /v DODelayCacheServerFallbackBackground /t REG_DWORD /d 1REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DeliveryOptimization" /f /v DODelayCacheServerFallbackForeground /t REG_DWORD /d 1REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DeliveryOptimization" /f /v DODownloadMode /t REG_DWORD /d 1REG...

# Check if running as Administrator if (-NOT ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")) { Write-Host "This script requires administrative privileges." exit } # Define the path to MpCmdRun.exe $mpCmdRun = Join-Path $env:ProgramFiles "Windows Defender\MpCmdRun.exe" # Validate MAPS Connection & $mpCmdRun -ValidateMapsConnection # List All Dynamic Signatures & $mpCmdRun -ListAllDynamicSignatures # Remove Dynamic Signatures & $mpCmdRun -removedefinitions -dynamicsignatures #...

netsh advfirewall firewall set rule group="Network Discovery" new enable=Yes

REM https://support.atera.com/hc/en-us/articles/360037960294-Use-Atera-and-Splashtop-in-Safe-ModeREG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Splashtop Inc." /fREG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SplashtopRemoteService" /fREG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AteraAgent" /fREG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TeamViewer" /fexit

chkdsk /scan c:chkdsk /spotfix c:

# Set the Password-String -- defaults to THIS.IS.NOT.SECURE$newpwd = ConvertTo-SecureString -String "THIS.IS.NOT.SECURE" -AsPlainText –Force# Set the correct local user you want to reset$UserAccount = Get-LocalUser -Name "ADMINUSER"# Set it$UserAccount | Set-LocalUser -Password $newpwd

echo offsetlocal ENABLEDELAYEDEXPANSIONif exist %ProgramFiles(x86)%\TeamViewer\TeamViewer.exe (GOTO IS_INSTALLED) else (GOTO INSTALL)GOTO INSTALL :IS_INSTALLED echo is installed eventcreate /L APPLICATION /T INFORMATION /SO %~n0%~x0 /ID 208 /D "%~0 -- Teamviewer is already installed" REM assign Teamviewer to ABC "C:\Program Files (x86)\TeamViewer\Teamviewer.exe" assign --api-token=123456-xyzxyzxyz --grant-easy-access GOTO DONE :INSTALLecho installing softwareeventcreate /L APPLICATION /T INFORMATION /SO %~n0%~x0 /ID 404...

Get-ItemProperty HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall* | Format-Table PSChildName, DisplayName, Publisher, DisplayVersion, Version, UninstallString| Out-String -Width 300 Get-ItemProperty HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall* | Format-Table PSChildName, DisplayName, Publisher, DisplayVersion, Version, UninstallString| Out-String -Width 300

In case you want to create a LACP-bonded NIC-group use the following powershell-command New-NetLbfoTeam -Name "Team1" -TeamMembers "NIC1","NIC2" -TeamingMode LACP -LoadBalancingAlgorithm Dynamic Remember to configure LACP on the Switch too Reference: https://docs.microsoft.com/en-us/powershell/module/netlbfo/new-netlbfoteam?view=windowsserver2019-ps

If you need to extend your system disk (APFS) type the following in Terminal. You can extend your disk on a live running system diskutil apfs reseizeContainer disk0s2 0

# see https://infosec.mozilla.org/guidelines/openssh.html ########## cp /etc/ssh/moduli /etc/ssh/moduli.orig awk '$5 >= 3071' /etc/ssh/moduli > /etc/ssh/moduli.tmp && mv /etc/ssh/moduli.tmp /etc/ssh/moduli sed -i -e 's/#HostKey/HostKey/g' /etc/ssh/sshd_config sed -i -e 's/#PubkeyAuthentication/PubkeyAuthentication/g' /etc/ssh/sshd_config sed -i -e 's/#LogLevel INFO/LogLevel VERBOSE/g' /etc/ssh/sshd_config sed -i -e 's/#PrintLastLog yes/PrintLastLog yes/g' /etc/ssh/sshd_config echo KexAlgorithms curve25519-sha256@libssh.org,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256 >> /etc/ssh/sshd_config echo Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr >> /etc/ssh/sshd_config echo MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com...

Determine which .NET Framework versions are installed https://docs.microsoft.com/en-us/dotnet/framework/migration-guide/how-to-determine-which-versions-are-installed The Release REG_DWORD value in the registry represents the version of .NET Framework installed. reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4\Full" Exchange Server build numbers and release dates https://docs.microsoft.com/en-us/exchange/new-features/build-numbers-and-release-dates?view=exchserver-2019 Get-ExchangeServer | Format-List Name,Edition,AdminDisplayVersion MSFAQ https://www.msxfaq.de/exchange/update/servicepack2016.htm#exchange_2016_cu7 Exchange Server-Support-Marix https://docs.microsoft.com/de-at/Exchange/plan-and-deploy/supportability-matrix?view=exchserver-2016#microsoft-net-framework -> Compare Exchange-Version to supported .NET-Version Upgrade Paths for CU’s &...

For installing Windows-Updates on servers using command-line here is a two-liner for powershell. Run with elevated privileges 🙂 cd C:\Windows\System32\de-DEcscript.exe .\WUA_SearchDownloadInstall.vbs What i really like on this approach: you can select a single update-package you want to install. As recommended by Microsoft — first install the servicing stack update (SSU): Microsoft strongly recommends you always...

edit ~/.bashrc HISTSIZE=0 >> ~/.bashrcHISTFILESIZE=0 >> ~/.bashrc or for zsh (there is somehow a bug — it seems to me — one entry is still left) HISTSIZE=0 >> ~/.zshrcSAVEHIST=0 >> ~/.zshrc

echo "create a 1GB swapfile"fallocate -l 1G /swapfilechmod 600 /swapfilemkswap /swapfileswapon /swapfileecho "/swapfile swap swap defaults 0 0" >> /etc/fstab