This is a super succinct method of finding a mac address on a Window s DHCP server: https://thewayeye.net/2016/10/8/find-a-mac-microsoft-dhcp
Get-DhcpServerv4Scope | Get-DhcpServerv4Lease -EA SilentlyContinue -ClientId xx-xx-xx-xx-xx-xx
This is a super succinct method of finding a mac address on a Window s DHCP server: https://thewayeye.net/2016/10/8/find-a-mac-microsoft-dhcp
Get-DhcpServerv4Scope | Get-DhcpServerv4Lease -EA SilentlyContinue -ClientId xx-xx-xx-xx-xx-xx
When moving from one ADFS server to another I imported a full certificate chain and private key into Machine certs on the new Windows 2016.
The certificate displayed fine and chain is complete.
However viewing the certificate properties via ADFS the certificate information gives the error “Windows does not have enough information to verify the certificate”
Move the intermediate certificate to the Intermediate Certificate Authorities > Certificates store
It seems stupidly obvious in retrospect but Windows itself could view the cert fine, and the import was done via Machine Certificates so you’d think it would put things in the right place.
After finishing editing and wim image using dism I was being left with Windows still thinking the image was still mounted somehow and not able to remount the image file.
Thanks to a post here I finally managed to resolve the issue by deleting keys under “HKLM\SOFTWARE\Microsoft\WIMMount\mounted images\”
Next I just need to find how to be able to delete the folders ProgramData\Microsoft\Windows\SystemData underneath the root of a mounted image after it’s been unmounted. Windows is locking them but there are no handles open to them
Like many people it seems I’ve been scratching my head as to why WDS’s Driver Package Filters were not matching my hardware when imaging a machine that I’d created a driver package group for.
After looking at Greg Shields technet post I was convinced I just needed to grab the model name straight off of the machine type beforehand via a powershell WMI get and I’d be laughing. Alas this still did not work.
I found the best way was to enable the Debug log on WDS, then pull the info directly from what WDS was seeing and use that to create the filters.
I’ve also written a powershell script to pull the details from the debug log as otherwise it takes a fair bit of time.
I’ve posted this here:
https://github.com/mikedixson/Get-SMBios-Strings-From-WDS
Some powershell get commands only output a handful of the object properties get-CalendarProcessing being one such command, than returns just one property.
To get all properties of an object you can pipe to format-list *
get-CalendarProcessing -identity [email protected] | Format-List *
If you know the specific attribute you are after you can still access this variable using select-object.
get-CalendarProcessing -Identity [email protected] | Select-Object AllowConflicts
I wrote the following script enumerates an OU and then looks up the last boot time for each computer.
https://github.com/mikedixson/GetLastBootTimeFromOU
Note: I’m starting to put any scripts I write on GitHub, this will make it easier for you copy down and easier for me to keep any scripts up to date.
After poking around the Group Policy Objects (GPO) of an infrastructure that was new to me I needed a decent way of producing a quick and useful report on the state of the GPOs.
Because the ComputerVersion and UserVersion numbers are listed as two figures, one for AD and one for Sysvol just an export-csv of get-gpo left me with blank ComputerVersion and UserVersion.
I found this post: https://community.spiceworks.com/topic/551588-get-gpo-userversion-and-computerversion-troubles
By using the following powershell I was able to within minutes provide useful information on the state of the GPOs.
get-gpo -all | select Displayname,ID,Description,GPOStatus,CreationTime,ModificationTime,@{Label="ComputerVersion";Expression={$_.computer.dsversion}},@{Label="UserVersion";Expression={$_.user.dsversion}}| export-csv gpo-audit.csv
A small bit of conditional formatting later and we can see that the Domain GPO has a large amount of user setting edits and should be split into a user only GPO and a computer GPO (I won’t go into where these GPOs should be linked at this stage).
The below PowerShell script check the website is responding AND doesn’t returns a certain string, if either test is failed then a Windows service is restarted, forcefully if necessary after a grace period.
Please note that I have modified this script to make it more easily customisable and not had the opportunity to test with the strings switched out for the variables. The logic is sound and works.
Also note that this is one code block (word press isn’t a fan of it being one though :-/
You can download the file here CheckWebsiteIsUp.ps1
$webClient = new-object System.Net.WebClient
$webClient.Headers.Add("user-agent", "PowerShell Script")
#Initialising
$webClient = new-object System.Net.WebClient
$webClient.Headers.Add("user-agent", "PowerShell Script")
#Variables to modify
$output = "" #Define output variable
$serviceName = "confluence" #Short windows service name
$smtpServerName = "smtp.website.com" #SMTP Server name
$fromEmailAddress = "[email protected]" #Email address for mail to come from/reply address
$stringToCheckFor = "The service is unavailable" #String to check for. Note that this will be searched for with wildcards either side
$startTime = get-date
$output = $webClient.DownloadString("http://www.website.com/") #Modify this url to be the url you want to test
$endTime = get-date
#Main workload
#The below checks for the string "The service is unavailable" from your website and if found forcefully restarts the defined service
if ($output -And $output -notlike "*$stringToCheckFor*") {
"Site Up`t`t" + $startTime.DateTime + "`t`t" + ($endTime - $startTime).TotalSeconds + " seconds"
} else {
"Fail`t`t" + $startTime.DateTime + "`t`t" + ($endTime - $startTime).TotalSeconds + " seconds"
stop-service $serviceName -force
"Stop Service Command Sent"
$svc = Get-Service $serviceName
$svc.WaitForStatus('Stopped','00:05:00') #Waits for service to enter stopped state or 5 mins has passed, whichever is first
get-service $serviceName | where-object {$_.Status -eq "Stopped"} | restart-service #Belt and braces but only restarts the service if it's stopped.
$svc.WaitForStatus('Running','00:01:00') #Waits for service to enter Running state or 1 minute to pass, whichever is first
Send-MailMessage -From “[email protected]” -To “$fromEmailAddress” -SmtpServer “$smtpServerName” -Subject "$serviceName Service Restarted" -Body "$serviceName Service Restarted" #Sends an email alert that the service was restarted
}
So in order to use pressure sensitivity in Photoshop you MUST have Use Windows Ink enabled.
But without it no pressure sensitivity at all and in Brush Dynamics the pen control option just gives you an exclamation mark next to it.
Update: I’ve upgraded one of my machines to Windows 10 and Windows Ink doesn’t seem necessary on that one for pressure sensitivity.
Taken from [https://pandapow.co/how-to/win-reset-adapter/] – These instructions were used by a colleague recently when his network stack was b0rK3n. Running both the reset for tcp4 and tcp6 seemed to be key. Just resetting 4 did not resolve his issue.
Run the commands in this document in a Command Prompt that has been started “*as administrator*”.
Resets Winsock Catalog to a clean state.
netsh winsock reset
*Restart computer*
This command restores the Windows Firewall with Advanced Security policy to the default policy.
netsh advfirewall reset
Resets the BranchCache service. Flushes the local cache. Every configuration parameter of BranchCache will be reset to its default value.
netsh branchcache reset
Resets TCP/IP and related components to a clean state.
netsh int ip reset
Resets IPv6 configuration state.
netsh int ipv6 reset