Some tips for me and other


Renew the certificate for Azure Proxy Connector

Update root certificates

certutil.exe -generateSSTFromWU C:\PS\roots.sst $sstStore = ( Get-ChildItem -Path C:\ps\rootsupd\roots.sst )$sstStore | Import-Certificate -CertStoreLocation Cert:\LocalMachine\Root link:

WinSxS cleanup

Clean up: Dism.exe /online /cleanup-image /AnalyzeComponentStore Dism.exe /online /cleanup-image /StartComponentCleanup Health check and restore (if the commands above show errors): sfc /scannow Dism /Online /Cleanup-image /Scanhealth Dism /Online /Cleanup-Image /RestoreHealth

SSH-COPY-ID for Windows

type $env:USERPROFILE\.ssh\ | ssh {IP-ADDRESS-OR-FQDN} “cat >> .ssh/authorized_keys”

Port forward with Windows 10

netsh interface portproxy add v4tov4 listenaddress= listenport=9000 connectaddress= connectport=80 netsh interface portproxy delete v4tov4 listenaddress= listenport=9000

ActiveMQ + Docker + network ports conflict

We got some errors like: When ActiveMQ started from the Docker container “Error starting userland proxy: Bind for unexpected Error response from daemon: failed to create endpoint SpinWay on network nat: hnsCall failed in Win32: The process cannot access the file because it is being used by another process. (0x20). Solution: netsh int ipv4 […]

Powershell + string to array

An array is created with the -split operator. Like so, $myString=”Four score and seven years ago” $arr = $myString -split ‘ ‘ $arr # Print output Four score and seven years ago When you need a certain item, use array index to reach it. Mind that index starts from zero. Like so, $arr[2] # 3rd […]

Group policy + Account lockout audit

Found out the strange thing: my script for locked out accounts stopped working after 21 November 2018. I checked eventlog and didn’t see any 4740 events. After investigation I resolved it. It must be turned on there: Computer configuration/Policies/Windows Settings/Security settings/Advanced Audit Policy Configuration/Logon/Logoff/Audit Account Lockout Then I checked it: Auditpol /get /category:*

MDT + Script for joining to a domain

$strUser = “domain\user” $strDomain = “domain.local” $strPassword = ConvertTo-SecureString “password” -AsPlainText -Force $Credentials = New-Object System.Management.Automation.PsCredential $strUser, $strPassword $strOU = “OU=Computers,DC=domainn,DC=local” Add-computer -DomainName $strDomain -Credential $Credentials -OUPath $strOU

MDT + Script for renaming a PC according to his IP

powershell.exe -noprofile -command “Set-ExecutionPolicy Bypass LocalMachine” -force $strPrefix=”WS” # Get IP and make the name $IP=(Get-WmiObject win32_networkadapterconfiguration | Select-Object -Property @{name=’IPAddress’;Expression={($_.IPAddress[0])}} | Where IPAddress -NE $null).IPAddress $a,$b,$c,$d = $IP.split(‘.’) $strComputerName=$strPrefix+$c+”-“+$d # Rename $computer=gwmi Win32_computersystem $computer.rename($strComputerName)

Previous Posts