Category: os

Creates a registry entry to allow access to admin share

net user /add adminusernet localgroup Administrators adminuser /add

if not exist c:\temp (mkdir c:\temp) if not exist c:\temp\OpenVPN-2.5.6-I601-amd64.msi ( curl -C - -o c:\temp\OpenVPN-2.5.6-I601-amd64.msi https://swupdate.openvpn.org/community/releases/OpenVPN-2.5.6-I601-amd64.msi) REM if exist "%programfiles%\OpenVPN\Uninstall.exe" (start /wait "%programfiles%\OpenVPN\Uninstall.exe") REM {E5931AF4-2A8F-48A5-AFC8-CE9B79C4B19D} OpenVPN 2.5.1-I601 amd64 msiexec.exe /x {E5931AF4-2A8F-48A5-AFC8-CE9B79C4B19D} /qn REM {E5931AF4-2A8F-48A5-AFC8-0E8A268358A0} OpenVPN 2.5.2-I601 amd64 msiexec.exe /x {E5931AF4-2A8F-48A5-AFC8-0E8A268358A0} /qn REM {919FC393-C79F-4043-ABD6-E80F81D3DD58} OpenVPN Connect start /wait msiexec.exe /x {919FC393-C79F-4043-ABD6-E80F81D3DD58} /qn REM {8B4BC420-3DCB-4018-A345-B24F7DBC30C3} OpenVPN...

$domain = "example.local"$password = "secret" | ConvertTo-SecureString -asPlainText -Force$username = "$domain\ad-add"$credential = New-Object System.Management.Automation.PSCredential($username,$password)Add-Computer -DomainName $domain -OUPath "OU=New_Computers,OU=Computers,DC=example,DC=local" -Credential $credential -Restart

Get-WindowsCapability -Name RSAT* -Online | Add-WindowsCapability –Online

Import-Module ADSyncStart-ADSyncSyncCycle -PolicyType Initial

Get-ADUser -Identity "SOURCE" -Properties memberof | Select-Object -ExpandProperty memberof | Add-ADGroupMember -Members "NEW_USER"

New-Item 'HKLM:\SOFTWARE\WOW6432Node\Microsoft.NETFramework\v4.0.30319' -Force | Out-NullNew-ItemProperty -path 'HKLM:\SOFTWARE\WOW6432Node\Microsoft.NETFramework\v4.0.30319' -name 'SystemDefaultTlsVersions' -value '1' -PropertyType 'DWord' -Force | Out-NullNew-ItemProperty -path 'HKLM:\SOFTWARE\WOW6432Node\Microsoft.NETFramework\v4.0.30319' -name 'SchUseStrongCrypto' -value '1' -PropertyType 'DWord' -Force | Out-NullNew-Item 'HKLM:\SOFTWARE\Microsoft.NETFramework\v4.0.30319' -Force | Out-NullNew-ItemProperty -path 'HKLM:\SOFTWARE\Microsoft.NETFramework\v4.0.30319' -name 'SystemDefaultTlsVersions' -value '1' -PropertyType 'DWord' -Force | Out-NullNew-ItemProperty -path 'HKLM:\SOFTWARE\Microsoft.NETFramework\v4.0.30319' -name 'SchUseStrongCrypto' -value '1' -PropertyType 'DWord' -Force | Out-NullNew-Item 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server'...

https://docs.microsoft.com/en-us/windows-server/get-started/kmsclientkeys KMS_2019 KMS_2016

netsh wlan export profile name=”WLANNAME” folder=C:\TEMP\ key=clearnetsh wlan add profile filename=”\\server\CONFIG$\WLANNAME.xml” user=all >> C:\TEMP\WiFi.txtnetsh wlan connect ssid=WLANNAME name=WLANNAME

Get-CimInstance -Class Win32_UserProfile | Where-Object {​​​​​​​​ $_.LocalPath.split('\')[-1] -eq 'UserXYZ' }​​​​​​​​ | Remove-CimInstance

find /volume1/veeam/ -iname *.vbk -exec btrfs fi defrag -v {​​​​​​}​​​​​​ \;

sudo defaults write /Library/Preferences/SystemConfiguration/com.apple.nat NAT -dict-add SharingNetworkNumberStart 192.168.11.0 sudo defaults write /Library/Preferences/SystemConfiguration/com.apple.nat NAT -dict-add SharingNetworkNumberEnd 192.168.11.252 sudo defaults write /Library/Preferences/SystemConfiguration/com.apple.nat NAT -dict-add SharingNetworkMask 255.255.255.0

PowerShell script to enable TLS 1.2 TLS 1.2 enforcement for Azure AD Connect see https://docs.microsoft.com/en-gb/azure/active-directory/hybrid/reference-connect-tls-enforcement

eventcreate /L APPLICATION /T INFORMATION /SO %~n0%~x0 /ID 208 /D "%~0 -- assigning Teamviewer to ABC"REM assign Teamviewer to ABC"C:\Program Files (x86)\TeamViewer\Teamviewer.exe" assign --api-token=12345678-blahblahblah --grant-easy-access

REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DeliveryOptimization" /f /v DOAbsoluteMaxCacheSize /t REG_DWORD /d 16REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DeliveryOptimization" /f /v DOAllowVPNPeerCaching /t REG_DWORD /d 0REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DeliveryOptimization" /f /v DODelayBackgroundDownloadFromHttp /t REG_DWORD /d 1REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DeliveryOptimization" /f /v DODelayCacheServerFallbackBackground /t REG_DWORD /d 1REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DeliveryOptimization" /f /v DODelayCacheServerFallbackForeground /t REG_DWORD /d 1REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DeliveryOptimization" /f /v DODownloadMode /t REG_DWORD /d 1REG...

# Check if running as Administrator if (-NOT ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")) { Write-Host "This script requires administrative privileges." exit } # Define the path to MpCmdRun.exe $mpCmdRun = Join-Path $env:ProgramFiles "Windows Defender\MpCmdRun.exe" # Validate MAPS Connection & $mpCmdRun -ValidateMapsConnection # List All Dynamic Signatures & $mpCmdRun -ListAllDynamicSignatures # Remove Dynamic Signatures & $mpCmdRun -removedefinitions -dynamicsignatures #...

netsh advfirewall firewall set rule group="Network Discovery" new enable=Yes

REM https://support.atera.com/hc/en-us/articles/360037960294-Use-Atera-and-Splashtop-in-Safe-ModeREG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Splashtop Inc." /fREG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SplashtopRemoteService" /fREG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AteraAgent" /fREG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TeamViewer" /fexit

chkdsk /scan c:chkdsk /spotfix c:

# Set the Password-String -- defaults to THIS.IS.NOT.SECURE$newpwd = ConvertTo-SecureString -String "THIS.IS.NOT.SECURE" -AsPlainText –Force# Set the correct local user you want to reset$UserAccount = Get-LocalUser -Name "ADMINUSER"# Set it$UserAccount | Set-LocalUser -Password $newpwd

echo offsetlocal ENABLEDELAYEDEXPANSIONif exist %ProgramFiles(x86)%\TeamViewer\TeamViewer.exe (GOTO IS_INSTALLED) else (GOTO INSTALL)GOTO INSTALL :IS_INSTALLED echo is installed eventcreate /L APPLICATION /T INFORMATION /SO %~n0%~x0 /ID 208 /D "%~0 -- Teamviewer is already installed" REM assign Teamviewer to ABC "C:\Program Files (x86)\TeamViewer\Teamviewer.exe" assign --api-token=123456-xyzxyzxyz --grant-easy-access GOTO DONE :INSTALLecho installing softwareeventcreate /L APPLICATION /T INFORMATION /SO %~n0%~x0 /ID 404...

Get-ItemProperty HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall* | Format-Table PSChildName, DisplayName, Publisher, DisplayVersion, Version, UninstallString| Out-String -Width 300 Get-ItemProperty HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall* | Format-Table PSChildName, DisplayName, Publisher, DisplayVersion, Version, UninstallString| Out-String -Width 300

In case you want to create a LACP-bonded NIC-group use the following powershell-command New-NetLbfoTeam -Name "Team1" -TeamMembers "NIC1","NIC2" -TeamingMode LACP -LoadBalancingAlgorithm Dynamic Remember to configure LACP on the Switch too Reference: https://docs.microsoft.com/en-us/powershell/module/netlbfo/new-netlbfoteam?view=windowsserver2019-ps

If you need to extend your system disk (APFS) type the following in Terminal. You can extend your disk on a live running system diskutil apfs reseizeContainer disk0s2 0