If you need to disable local Administrator account, change/set password or create new local Admin/user you can review previously article about GPO approach.
GPO - How to create local Administrator account using Group policies
http://www.alessandromazzanti.com/2017/04/gpo-how-to-create-local-administrator.html
Otherwise you can do that using SCCM.
Summarizing you would need to create a simple CI checking on specific collection verifyng thereshold relatively devices that have local Administrator account enabled, apply remediation (account disabling) and finally have available reports/alerts.
Here it is more verbosely article:
https://4sysops.com/archives/disable-the-local-administrator-account-with-sccm/
Pagine
▼
Windows 10 - Pro Workstation announcement about new release
Microsoft is going to release, during next months, following win 10 version:
https://blogs.windows.com/business/2017/08/10/microsoft-announces-windows-10-pro-workstations/
This announcement due to fact actually Windows 10 has this hardware limitation and often for particular activities on Workstation Microsoft server edition are installed as welle:
https://blogs.windows.com/business/2017/08/10/microsoft-announces-windows-10-pro-workstations/
This announcement due to fact actually Windows 10 has this hardware limitation and often for particular activities on Workstation Microsoft server edition are installed as welle:
- 2 CPU, 256 cores and up to 2TB. RAM.
Windows 10 pro for Workstation is going to have these features:
- ReFS (Resilient file system) support. (new Microsoft file system)
ReFS provides cloud-grade resiliency for data on fault-tolerant storage spaces and manages very large volumes with ease. ReFS is designed to be resilient to data corruption, optimized for handling large data volumes, auto-correcting and more. It protects your data with integrity streams on your mirrored storage spaces. Using its integrity streams, ReFS detects when data becomes corrupt on one of the mirrored drives and uses a healthy copy of your data on the other drive to correct and protect your precious data. - Persistent memory support:
Windows 10 Pro for Workstations provides the most demanding apps and data with the performance they require with non-volatile memory modules (NVDIMM-N) hardware. NVDIMM-N enables you to read and write your files with the fastest speed possible, the speed of the computer’s main memory. Because NVDIMM-N is non-volatile memory, your files will still be there, even when you switch your workstation off. - SMB Direct support and lan card based on Remote Direct Memory Access (RDMA)
- CPU Intel Xeon and AMD Opteron support till 4 CPU and 6 TB RAM.
Actually Windows 10 versions are going to become 12 (from 10):
- Windows 10 Home
- Windows 10 Pro
- Windows 10 Enterprise
- Windows 10 Education
- Windows 10 Pro Education
- Windows 10 Enterprise LTSB
- Windows 10 Mobile Enterprise
- Windows 10 Mobile
- Windows 10 IoT
- Windows 10 S
- Windows 10 Team
- Windows 10 Pro for Workstations
Here it is relative recap:
Alessandro M.
GPO - Wifi pcs and policy applying problems
Company laptop that connect to domain via WiFi could not apply correctly policies due to WiFi connection unavailability.
There are two alternatives to solve issue customizing properly GPO:
You can do this with Group Policy, using the Always wait for the network at computer startup and logon policy setting.
https://technet.microsoft.com/en-us/library/gg486839.aspx
Alternatively adding a delay during policy appling this policy:
Policy Location: Computer Configuration > Policies > Admin Templates > System > Group Policy
Setting Name: Startup policy processing wait time
Registry Key: HKLM\Software\Policies\Microsoft\Windows\System!GpNetworkStartTimeoutPolicyValue
https://support.microsoft.com/it-it/help/2421599/windows-7-clients-intermittently-fail-to-apply-group-policy-at-startup
There are two alternatives to solve issue customizing properly GPO:
You can do this with Group Policy, using the Always wait for the network at computer startup and logon policy setting.
https://technet.microsoft.com/en-us/library/gg486839.aspx
Alternatively adding a delay during policy appling this policy:
Policy Location: Computer Configuration > Policies > Admin Templates > System > Group Policy
Setting Name: Startup policy processing wait time
Registry Key: HKLM\Software\Policies\Microsoft\Windows\System!GpNetworkStartTimeoutPolicyValue
https://support.microsoft.com/it-it/help/2421599/windows-7-clients-intermittently-fail-to-apply-group-policy-at-startup
Alessandro M.
Tips - Fix network connection issues in Windows 10
Here it is an interesting Microsoft article that well explain several easy workaround useful to reset windows 10 network issues.
you can use this command line syntax executing command prompt with Administrative rights:
ipconfig /flushdns
netsh winsock reset
netsh winsock reset proxy
https://support.microsoft.com/en-us/help/10741/windows-10-fix-network-connection-issues
you can use this command line syntax executing command prompt with Administrative rights:
ipconfig /flushdns
netsh winsock reset
netsh winsock reset proxy
https://support.microsoft.com/en-us/help/10741/windows-10-fix-network-connection-issues
<------------>------------>
Using network reset should be the last step you try. Consider using it if the steps above don’t help to get you connected.
This can help solve connection problems you might have after upgrading from a previous version of Windows to Windows 10, as well as fix problems where you can connect to the Internet but not to shared network drives. It removes any network adapters you have installed and the settings for them. After your PC restarts, any network adapters are reinstalled, and the settings for them are set to the defaults.
Note
To use network reset, your PC must be running Windows 10 Version 1607 or later. To see which version of Windows 10 your device is currently running, select the Start button, then select Settings > System > About.
- Select the Start button, then select Settings > Network & Internet > Status > Network reset.
- On the Network reset screen, select Reset now > Yes to confirm.Wait for your PC to restart and see if that fixes the problem.
Notes
After using network reset, you might need to reinstall and set up other networking software you might be using, such as VPN client software or virtual switches from Hyper‑V (if you're using that or other network virtualization software).
Network reset might set each one of your known network connections to a public network mode. In a public network mode, your PC is not discoverable to other PCs and devices on the network, which can help make your PC more secure. However, if your PC is part of a homegroup or used for file or printer sharing, you’ll need to make your PC discoverable again. To do this, go to Settings > Network & Internet > Wi-Fi . On the Wi-Fi screen, select Manage known networks > the network connection you want to change > Properties, and then turn on the switch under Make this PC discoverable.
Alessandro M.
Freeware - Teracopy and RichCopy two GUI tools for coping files
I would like to highlight two software that should be allways in your IT tool collection.
Here they are characteristic and explanations.
Here they are characteristic and explanations.
TeraCopy 3.1
It is a compact program designed to copy and move files at the maximum possible speed, providing the user a lot of features:- It uses dynamically adjusted buffers to reduce seek times. Asynchronous copy speeds up file transfer between two physical hard drives.
- Pause and resume file transfers.
- Error recovery. In case of copy error, it will try several times and in the worse case just skips the file, not terminating the entire transfer.
- Interactive file list. It shows failed file transfers and lets you fix the problem and recopy only problem files.
- Shell integration. TeraCopy can completely replace Explorer copy and move functions, allowing you work with files as usual.
- Full Unicode support.
Spotlight RichCopy
offers a number of granular controls that allow you to tailor file copying to your needs
Alessandro M.
Freeware - UninstallView from NirSoft
Today I would like to highlight UninstallView is a new tool for Windows that collects information about all programs installed on your system and displays the details of the installed programs in one table.
You can use it to get installed programs information for your local system, for remote computer on your network, and for external hard-drive plugged to your computer. It also allows you to easily uninstall a software on your local computer and remote computer (Including quiet uninstall if the installer supports it).
You can use it to get installed programs information for your local system, for remote computer on your network, and for external hard-drive plugged to your computer. It also allows you to easily uninstall a software on your local computer and remote computer (Including quiet uninstall if the installer supports it).
Alessandro M.
Disaster Recovery - Ex-Admin Deletes All Customer Data and Wipes Servers of Dutch Hosting Provider
Today I would like to mention this incredible history about an ex-Administrator proceeded to delete and wipe all customers servers.
You can review following image that well explain what happened:
Verelox, a provider of dedicated KVM and VPS servers based in The Hague, Netherlands, suffered a catastrophic outage after a former administrator deleted all customer data and wiped most of the company's servers.
more details can be found here:
https://www.bleepingcomputer.com/news/security/ex-admin-deletes-all-customer-data-and-wipes-servers-of-dutch-hosting-provider/
You can review following image that well explain what happened:
Verelox, a provider of dedicated KVM and VPS servers based in The Hague, Netherlands, suffered a catastrophic outage after a former administrator deleted all customer data and wiped most of the company's servers.
more details can be found here:
https://www.bleepingcomputer.com/news/security/ex-admin-deletes-all-customer-data-and-wipes-servers-of-dutch-hosting-provider/
Alessandro M.
Windows 10 - How to: Move from BIOS to UEFI with the new Windows 10 Creators Update
Microsoft Mechanics delivers a comprehensive yet concise explanation of how you can safely and non-destructively convert a Windows 10 machine from legacy BIOS to UEFI disk partitioning.
Windows Program Manager, Desmond Lee, demonstrates the new MBR2GPT disk conversion tool that’s part of Windows 10 Creators Update.
This is a comprehensive yet concise overview that explains how you can safely and non-destructively convert a Windows 10 machine from legacy BIOS to UEFI disk partitioning; and how you can automate the conversion as part of your in-place upgrade process from Windows 7 to Windows 10.
Importantly, unlike wipe and load methods, all of this can be achieved without having to move your data off the disk.
To learn more please also check out: http://aka.ms/mbr2gpt
Windows Program Manager, Desmond Lee, demonstrates the new MBR2GPT disk conversion tool that’s part of Windows 10 Creators Update.
This is a comprehensive yet concise overview that explains how you can safely and non-destructively convert a Windows 10 machine from legacy BIOS to UEFI disk partitioning; and how you can automate the conversion as part of your in-place upgrade process from Windows 7 to Windows 10.
Importantly, unlike wipe and load methods, all of this can be achieved without having to move your data off the disk.
To learn more please also check out: http://aka.ms/mbr2gpt
Alessandro M.
Scripting - Nslookup and debugging mode
About Nslookup command you can review old blog articles.
Nslookup
I would like to highlight this interesting Microsoft article and debug switch to have more debug capability when nslookup is launched and there are some unknown DNS query problems.
Scripting - Il comando NSLOOKUP parte 2 (piu' DIG)
Scripting - comando nslookup
Server - How to verify that your mail server work properly
<-------->-------->
Nslookup
I would like to highlight this interesting Microsoft article and debug switch to have more debug capability when nslookup is launched and there are some unknown DNS query problems.
Scripting - Il comando NSLOOKUP parte 2 (piu' DIG)
Scripting - comando nslookup
Server - How to verify that your mail server work properly
<-------->-------->
Nslookup's debug mode is a useful troubleshooting feature; you can set the local computer into this mode by typing set debug , or for even greater detail, set d2 . In debug mode, Nslookup lists the steps being taken to complete its commands, as shown in this example:
C:\>nslookup
(null) testpc1.reskit.com
Address: 172.16.8.190
> set d2
> rain-city
(null) testpc1.reskit.com
Address: 172.16.8.190
------------
SendRequest(), len 49
HEADER:
opcode = QUERY, id = 2, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
rain-city.reskit.com, type = A, class = IN
------------
------------
Got answer (108 bytes):
HEADER:
opcode = QUERY, id = 2, rcode = NOERROR
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 2, authority records = 0, additional = 0
QUESTIONS:
rain-city.reskit.com, type = A, class = IN
ANSWERS:
-> rain-city.reskit.com
type = CNAME, class = IN, dlen = 31
canonical name = seattle.reskit.com
ttl = 86400 (1 day)
-> seattle.reskit.com
type = A, class = IN, dlen = 4
internet address = 172.16.2.3
ttl = 86400 (1 day)
------------
(null) seattle.reskit.com
Address: 172.16.2.3
Aliases: rain-city.reskit.com
Alessandro M.