Showing posts with label windows. Show all posts
Showing posts with label windows. Show all posts

How to Enable or Disable the Control Panel using Group Policy

by Shabeeribm
If you are sharing your laptop/ computer with your friends ,You may want them to stop accessing Control Panel.This can be done via few simple steps

 Go to Start | Run | Type: gpedit.msc | OK |
Navigate to >>>
User Configuration\Administrative Templates\Control Panel\
On the right hand side you should see a setting called “Prohibit access to Control Panel and PC settings”. Double click on it.
Then change the radio button over to Enabled

Once you have applied the setting you need to refresh your group policy settings

Go to Start > Type cmd and type gpupdate /force in cmd prompt and press enter
Read More...

How to resolve AD account lockout issue

by Shabeeribm
As a system administrator there will be times that user will be contacting you for unlocking their AD account when they get locked out.Usually unlocking their AD account from  Active Directory Users and Computers will resolve the issue.But there will be times when some user's complaining their account is getting locked out frequently  even after unlocking AD account.In worst cases.their account will be getting locked out multiple times within few minutes even after unlocking.I have come across several situations like this

 Below is the procedure I used to follow to find out the such frequent AD lockout issues,If you have enough privilege you can check all the details below mentioned from LockoutStatus.exe itself.If you don't have enough privilege you may need to login to the AD server to continue troubleshooting

 1.Download and Install Account Lockout Status (LockoutStatus.exe) from here 
After Installation default location of LockoutStatus will be here - C:\Program Files (x86)\Windows Resource Kits\Tools
Double-click LockoutStatus
On the File menu, click Select target.


 Type the AD username of the user you want to find  AD lockout and Enter your domain name then click OK


Then you can see the list of all AD servers in your domain and many other details Including the bad password counts etc.In that list there was a tab called Orig Lock.Below that tab  you can see the AD server were user is getting lockout


2.Login to that AD server and go to event viewer (From Start > Type "Event viewer")
3.In event viewer go to Windows logs > Security 

 4.Right click on "security" and select "Filter current logs"

 5.In place of <All Event ID> type 4740 and Click OK [Event ID 4740 - A user account was locked out]

 6.You can see the list of user lock out happened in that AD server ,Search for the recent event to find out the the server/Desktop where the users account is getting continuously locking out.Double click on the recent event ID and there will be a pop-up window which will show a message like below


 In above case account lockout of USER shabeer was happening in FILESERVER

7.Log into that server/Desktop where account lockout is happening(here its FILESERVER)and go to task manager >users tab and see if there was a disconnect session from the user who is getting locked out.If there is a disconnect session from user,Logout user from that machine (Sometimes user will just disconnect a RDP session to that server without proper log off and this may cause account lockout issue)

8. In Most cases issue will be resolved by this.If there is no session of the user.Check the server for any application running it which is using AD credentials.If you found any such applications logout user from it.
9.You can also remove the previous password cache which may be used by some applications and therefore cause the account lockout problem by below steps

1. Click Start, click Run, type “control userpasswords2″ (without the quotation marks), and then click OK.
2. Click the Advanced tab.
3. Click the “Manage Password” button.
4. Check to see if these domain account’s passwords are cached. If so, remove them.
5. Check if the problem has been resolved now.


Read More...

How to view and kill tasks or process running in a remote server

by Shabeeribm
Windows has several built in command line utilities for performing various tasks, and two tools are useful for remotely viewing and killing tasks from command prompt.They are “Tasklist” and “Taskkill”. 

If you open an admin command prompt (Press Start, type cmd, press Ctrl+Shift+Enter) and type tasklist, it will give you a list of running processes on your computer. We can use same command with some modifications to view the task manager of remote computer in our network from our machine.

To view Task manager of remote computer use below format in cmd prompt [with admin privilege] from our machine
Tasklist /S remote system (name or IP address) /U username /P password
Example: Tasklist /S  192.168.1.1 /U sysnet /P P@ss@0rd

To kill process of remote computer use below format
Taskkill /S remote system /U username /P password /IM ProcessName
Example: Taskkill /S 192.168.1.1 /U sysnet /P P@ss@0rd /IM malware.exe

NOTE: You have to use IP address or Hostname of your server and your AD username and password instead of  192.168.1.100 , sysnet and P@ss@0rd respectively 

Note: To kill the process you want,Add the process name (including .exe) or the PID number along with the “/IM” argument as above example. If it works a SUCCESS message will show. If the process doesn’t get killed, try to add /F to the end of the line to force the process to be terminated.

Note: Some processes cannot be terminated such as those which are system critical or security software etc.

Read More...

Find last logged in USER in a remote computer from your network via Cmd Prompt

by Shabeeribm
Imagine a scenario that you are monitoring network of offices situated at different global locations and you received a virus alert email saying that one of the computer in remote location is infected with Virus

If you can find the current user who is logged into the machine you can advise them to log off from their account and turn the machine OFF until the local network security team can investigate about the infection 

There are different tools like Lansweeper which can tell you the last logged in user in a remote computer.If you don't want to use such tools or if you are not allowed to install 3rd party tools  you can find the last logged in user in a remote computer in your network simply by running a batch file

Steps for creating the batch file

1.Open a Notepad
2.Type below text to a notepad

@echo off
echo This batch file is for finding the last user logged into a computer in your network.Please enter the IP address or Hostname of the computer below to find the last logged in USER for that particular computer

echo.
:Loop
set /p IP-or-HostName=Enter IP-or-HostName :
wmic.exe /node:%IP-or-HostName% ComputerSystem Get UserName
goto Loop

or download  batch file by clicking here  [You may get a warning from your Antivirus or chrome saying that file is Malicious ,You can ignore that because for all .cmd which was downloaded from internet you will get such warning!]

3.Save the notepad as FindUser.cmd and save it in your desktop

In future if you come across a situation to find the last logged in user in a remote computer.Just open the  FindUser.cmd batch file and provide the host name or IP address of the computer and it will show you the last user logged into that computer

Let me know if you face any trouble in creating this batch file



Read More...

How to backup and restore the registry on Windows 2008 server

by Shabeeribm
Please refer to the following steps to backup and restore the registry on Windows 2008 server: Before making any changes in the registry, please make sure to take the backup of the registry. Backup the registry: 1. From the windows server, click Start >> Run >> Type regedit to open Registry Editor. 2. Click Computer in the Registry Editor. 3. Click File from the Registry Editor >> Export. 4. Enter the file name to save the backup file in appropriate location.  5. Click Save button.  Restore the registry: 1. From the Registry Editor, click File >> Import. 2. Locate the registry backup where you have stored and click "Open" 3. Restart the Windows server to use the restored registry.
Read More...

How to Fix Temporary Profile in Windows 7

by Shabeeribm
Sometimes Windows 7 OS may not read your correct user profile properly, instead, load with temporary profile which will look completely different.  If you are not aware of temp profile or missed to see the pop-up message at bottom right side of the screen, then really you will be surprised to see completely different and new desktop without your files,folders,shortcut icons and any customized settings.This guide shows how to fix temporary profile issue on Windows 7.
You have been logged on with Temporary profile”- that’s the famous message from Windows 7
1. Login to computer with Administrator privilege account
2. From START button choose RUN or use (windows key + R)  combination
3. Type “regedit” in run box  and hit enter or click on OK, then Registry editor will open 
4. From Registry editor Under computer tab expand HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList 
5. Delete .bak files in profile list 
Example: “S-1-5-21-1213428093-345618312-2235-148770.bak”
6. Restart the computer and login with User's AD credentials  
To confirm 
From START menu choose cmd prompt and check whether users AD login name is showing there
for eg : C:\Users\sysnetnotes> instead of C:\Users\temp>

Read More...

Error opening installation log file. Verify that the specified location exists and is writable.

by Shabeeribm
When you attempt to uninstall any product in “Programs and Features”, a new “Windows Installer” window appears and gives the following error:
“Error opening installation log file. Verify that the specified location exists and is writable.”

Resolution
  1. Hit CTRL-ALT-DEL to launch Task Manager or right-click Desktop Task Bar and choose Start Task Manager.
  1. Click Processes Tab.
  1. Locate and select the explorer.exe, click End Process.
  • You may need to select Show Processes from all users.
  • DD2479514_1.jpg
  1. Click End Process to the prompt.
  1. Your Desktop Icons and Desktop Bar will disappear.
  1. Hit CTRL-ALT-DEL to launch Task Manager again.
  1. Click File -> New Task (Run...).
  1. Type explorer.exe and click Ok.
  • Your Desktop Task bar and Icons should appear again.
  • DD2479514_2.jpg


After this you can uninstall the application as usual from control panel add or remove programs
Read More...

Error : Can not add a site to "Trusted sites zone" [Solved]

by Shabeeribm
Internet Explorer assigns all websites to one of four security zones: Internet, Local intranet, Trusted sites, or Restricted sites. The zone to which a website is assigned specifies the security settings that are used for that site. You can choose which websites to assign to the Intranet, Trusted, or Restricted zones. By adding a website to a specific zone, you can control the level of security used on that site. For example, if you have a list of websites that you visit and you completely trust those sites, add those sites to the Trusted zone.

To add a site to Trusted Zone

-Open Internet Explorer 
-Navigate to the website that you want to add to a specific security zone.
-Click the Tools button, and then click Internet Options.
-Click the Security tab, and then click Trusted sites
-Click Sites.
-The website should be shown in the Add this website to the zone field. Click Add.
-If the site is not a secure site (HTTPS), clear the Require server verification (https:) for all sites in this zone check box.
-Click Close, and then click OK 

 Sometimes you might come across an error : Can not add a site to "Trusted sites zone"

To solve this error try below method

 -Open Internet Explorer.
-Click Tools, and then click Internet Options.
-Click the Advanced tab.
-Under Reset Internet Explorer Settings, click Reset.
Read More...

Tracert from Cmd prompt and save result in a notepad [Batch file]

by Shabeeribm

Steps for Tracert an IP and save result in a notepad

- Open Notepad
-Type

TRACERT 8.8.4.4 >Tracert.txt 

-Save it as Sysnet.cmd in your desktop .
Instead of "8.8.4.4" you can use any IP address you want.
Instead of "Sysnet.cmd" you can use any Name.cmd you want.

Tracert to given IP will be initiated  when you click on the Sysnet icon on your desktop.Result of tracert will be saved to the notepad named Tracert.txt in the desktop which will be automatically created when you click on Sysnet icon.



Result in notepad


Read More...

List of commands which can execute from cmd promt

by Shabeeribm
Below are the list of commands which can be run from cmd prompt.This commands will help to get informations about your network.Some of this commands can be directly executed from Run window

 Click the Start button Picture of the Start button. In the Search box, type Cmd, and then, in the list of results, click on Cmd

 OR Press  (windows Key) + R which will open Run window and there you can type cmd and press OK.
1) Display Connection Configuration: ipconfig /all


 2) Display DNS Cache Info: ipconfig /displaydns

 3) Clear DNS Cache: ipconfig /flushdns

 4) Release All IP Address Connections: ipconfig /release

 5) Renew All IP Address Connections: ipconfig /renew

 6) Re-Register the DNS connections: ipconfig /registerdns

 7) Trace IP address Route: tracert <IP address>

 8) Network Connections: control netconnections / control ncpa.cpl

 9) Display Name of Computer Currently on: hostname

 10) Test Connectivity: ping <IP address>

 11) Trace IP address Route: tracert <IP address>

 12) Displays the TCP/IP protocol sessions: netstat

 13) Display Local Route: route

 14) Display Resolved MAC Addresses: arp

 15) To view "Add or Remove Programscontrol": appwiz.cpl

 16) To view Admin tools: control admintools

 17) Date and time:  control timedate.cpl

 18) Device Manager : control hdwwiz.cpl

 19) Devices and Printers : Control printers

 20) Display : control desk.cpl

 21) Folder Options : control folders

 22) Fonts : Control fonts

 23) Internet Options: control inetcpl.cpl

 24) Network Setup Wizard : control netsetup.cpl

 25) User Accounts: control userpasswords

 26) Troubleshooting: control /name Microsoft.Troubleshooting

 27) Windows Firewall: firewall.cpl
Read More...

How to find IP address of a network printer

by Shabeeribm
If you’re on a Windows computer, this is how you can find the IP address of a network printer.
1. In Windows 7, From Start menu type "Devices and Printers."
2. Right-click on the appropriate printer in the list and select “Printer Properties.” In the location box under the General tab, you should see the IP address of the printer.
If the location box happens to be empty, click on the “Ports” tab in Printer Properties, highlight/select the port that is checked off (there should just be one) and click  the “Configure Port…” button. In the next window, you should see the IP address in the “Printer Name or IP Address” text box
Read More...

How To Turn Off Compatibility View In IE8 Browser

by Shabeeribm

Disable Compatibility View for All Websites


Launch Internet Explorer 8.
  • Click on the "Tools" menu and select the "Compatibility View Settings"  option. This will open a window where you can customize the compatibility view  feature.
  • Remove the check in the check box next to "Display all websites using  Compatibility View" to turn off the feature.
Read More...