Windows
Update root certificates
certutil.exe -generateSSTFromWU C:\PS\roots.sst $sstStore = ( Get-ChildItem -Path C:\ps\rootsupd\roots.sst )$sstStore | Import-Certificate -CertStoreLocation Cert:\LocalMachine\Root link: https://woshub.com/updating-trusted-root-certificates-in-windows-10/#h2_1
WinSxS cleanup
Clean up: Dism.exe /online /cleanup-image /AnalyzeComponentStore Dism.exe /online /cleanup-image /StartComponentCleanup Health check and restore (if the commands above show errors): sfc /scannow Dism /Online /Cleanup-image /Scanhealth Dism /Online /Cleanup-Image /RestoreHealth
SSH-COPY-ID for Windows
type $env:USERPROFILE\.ssh\id_rsa.pub | ssh {IP-ADDRESS-OR-FQDN} “cat >> .ssh/authorized_keys”
Port forward with Windows 10
netsh interface portproxy add v4tov4 listenaddress=127.0.0.1 listenport=9000 connectaddress=192.168.0.10 connectport=80 netsh interface portproxy delete v4tov4 listenaddress=127.0.0.1 listenport=9000
ActiveMQ + Docker + network ports conflict
We got some errors like: When ActiveMQ started from the Docker container “Error starting userland proxy: Bind for 0.0.0.0:1883: unexpected Error response from daemon: failed to create endpoint SpinWay on network nat: hnsCall failed in Win32: The process cannot access the file because it is being used by another process. (0x20). Solution: netsh int ipv4 […]
Powershell + string to array
An array is created with the -split operator. Like so, $myString=”Four score and seven years ago” $arr = $myString -split ‘ ‘ $arr # Print output Four score and seven years ago When you need a certain item, use array index to reach it. Mind that index starts from zero. Like so, $arr[2] # 3rd […]
Group policy + Account lockout audit
Found out the strange thing: my script for locked out accounts stopped working after 21 November 2018. I checked eventlog and didn’t see any 4740 events. After investigation I resolved it. It must be turned on there: Computer configuration/Policies/Windows Settings/Security settings/Advanced Audit Policy Configuration/Logon/Logoff/Audit Account Lockout Then I checked it: Auditpol /get /category:*
MDT + Script for joining to a domain
$strUser = “domain\user” $strDomain = “domain.local” $strPassword = ConvertTo-SecureString “password” -AsPlainText -Force $Credentials = New-Object System.Management.Automation.PsCredential $strUser, $strPassword $strOU = “OU=Computers,DC=domainn,DC=local” Add-computer -DomainName $strDomain -Credential $Credentials -OUPath $strOU
MDT + Script for renaming a PC according to his IP
powershell.exe -noprofile -command “Set-ExecutionPolicy Bypass LocalMachine” -force $strPrefix=”WS” # Get IP and make the name $IP=(Get-WmiObject win32_networkadapterconfiguration | Select-Object -Property @{name=’IPAddress’;Expression={($_.IPAddress[0])}} | Where IPAddress -NE $null).IPAddress $a,$b,$c,$d = $IP.split(‘.’) $strComputerName=$strPrefix+$c+”-“+$d # Rename $computer=gwmi Win32_computersystem $computer.rename($strComputerName)