Lev Shuvalov » windows

list all emails in domain

admin — Thu, 21 Apr 2011 14:33:17 +0000

users and non-users
dsquery * -limit 0 -filter "mail=*" -attr name mail > emails-in-domain.txt

group policy, proxy settings for specific department

admin — Fri, 08 Apr 2011 06:44:09 +0000

On a domain controller under Domain/Enterprise Administrator rights
1)
Open Active Directory Users and Computers -> Information Infrastructure -> right click on Specific Department -> Properties -> Group Policy -> select Specific Policy -> Edit -> User Configuration -> Windows Settings -> Internet Explorer Maintenance -> Connection -> Proxy Settings : set IP, Port, Bypass -> [Ok]
2)
Start -> Run -> gpupdate.exe /Target:User /force

Putty SSH without password

admin — Thu, 31 Mar 2011 20:29:43 +0000

1) Generate a key-pair _without passphrase_ SSH2-RSA 2048 (1024,4096) on your host1 from you will assess;
2) The host1 should know your private key. Putty Configuration -> Connection -> SSH -> Auth : Browse;
3) Somehow transfer public key to your host2 to which you will assess;
4) The host2 should know your public key. Add public key into ~/.ssh/authorized_keys2;

~/.ssh/authorized_keys2
# public key 2048 from host1 ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAtxhCxo6PkZUZ/k1oBJyQtp/N N5gXul4lF+usZOd/6iudYLsFXgOwrARETOoZMfiCleRje1YoXETdLoTE6/3PTb zqKS3JENjKkMsG/aXxu64zSBVeM1H0Lk3cSVd6LGB7Sblgbms69DfYt50yBjd dePCbk3KviHnkClpgFRHVbXZqiAjn1j6ZnCPRERS6NweiCXRCl6uswzOggM1H 4eDF9HNDypHno1iEa1Xn/Wx+Ra2LOFx9QUDuqrdTACnmYGGJzcrzlj/VZHgg 92G+ipZ51Z8ZUfY5aMWiP3tlWvThV5kuUaDUKaOT/DuYDGllQo/LWsBe8b6 ==

Linux
$> ssh-keygen -t rsa -b 2048

Windows
$> c:\putty\puttygen.exe

Cisco
$> crypto key generate rsa modulus 2048

turn off/on firewall in command line

admin — Wed, 30 Mar 2011 20:04:51 +0000

Turning Off firewall
$>netsh firewall set opmode disable

Turning On firewall
$>netsh firewall set opmode enable

or shorter
$>netsh f s o d $>netsh f s o e

Don’t allow exception
$>netsh firewall set opmode enable disable

Show desktop icon

admin — Sat, 04 Apr 2009 13:11:02 +0000

The icon “Show Desktop” on “Quick Launch” toolbar is a link to .scf text file locates in [harddive]:\Documents and Settings\[user name]\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

[Shell]
  Command=2
  IconFile=explorer.exe,3
[Taskbar]
  Command=ToggleDesktop

F-Secure 8.23.3002 definitions updates problem

admin — Tue, 31 Mar 2009 11:21:42 +0000

Since last update to 8.23.3002 (2009-03-19 F-Secure Automatic Update Agent for WIN32 8.23.3002) F-Secure Agen stops to take the proxy settings from windows internet settings as it was before and as a result of it F-Secure Agent cannot pass our proxy and download anti-virus/spam definitions database updates.

I set our proxy manually in the configuration file %ProgramFiles%\F-Secure\FSAUA\program\fsaua.cfg and it begin do its job.

1. Execute F-Secure Automatic Update Agent
   Start |  Programs | F-Secure Automatic Update Agent | F-Secure Automatic Update Agent
2. Click button "Configuration"
3. Put in the proxy section
   http_proxies=http://192.001.001.001:8080/

1. vim %ProgramFiles%\F-Secure\FSAUA\program\fsaua.cfg
2. Put in the proxy section
   http_proxies=http://192.001.001.001:8080/
3. :wq

where 192.001.001.001 – an example IP of a proxy server

ASPNET user

admin — Mon, 30 Mar 2009 17:27:35 +0000

I have decided that is not good idea to keep ASPNET user so I had deleted the ASPNET user on all computers in LAN without any harm by now. The “ASPNET” user account is created in Windows XP by Microsoft .NET Framework automaticly. You can delete if you need it in the future you can re-create it by using this command:

%systemroot%\Microsoft.NET\Framework\1.1.4322\aspnet_regiis.exe /i

*USER ASP.NET
Machine Account Account used for running the ASP.NET worker process (aspnet_wp.exe)
USER Cannot change password;
Password never expires.

*GROUP USERS
Users are prevented from making accidental or intentional system-wide changes. Thus, Users can run certified applications, but not most legacy applications.

wallpaper location, XP

admin — Fri, 27 Mar 2009 08:17:38 +0000

\\[computer name]\[local disk]\Documents and Settings\[user name]\Local Settings\Application Data\Microsoft\Wallpaper[0-9].bmp

e.g.
\\shuvalov\c$\Documents and Settings\lev\Local Settings\Application Data\Microsoft\Wallpaper2.bmp

520 – mistype password on HP 9200c Digital Sender

admin — Tue, 17 Mar 2009 10:28:39 +0000

An user has mistyped password on HP 9200C Sender
The user has bound only with his/her own computer in Active Directory

Event Type: Error
Event Source: HPMfpDigitalSendingSoftware
Event Category: None
Event ID: 520
Date: 3/17/2009
Time: 12:03:17 PM
User: N/A
Computer: XXXXXXXX
Description:
HP MFP Digital Sending Software 4.11.11 – Authentication feature encountered the LDAP error: “[31] Invalid Credentials” (DSS error: [91] eLdapInvalidCredentials) returned by the Windows LDAP API of “ldap_bind_s()”.

if complexity is enable (gpedit.msc)

admin — Sat, 14 Mar 2009 06:26:32 +0000

if complexity is enable (gpedit.msc)

Passwords cannot contain the user’s account name or parts of the user’s full name that exceed two consecutive characters.
Passwords must be at least seven characters in length.
Passwords must contain characters from three of the following four categories:
1. English uppercase characters (A through Z);
2. English lowercase characters (a through z);
3. Base 10 digits (0 through 9);
4. Non-alphabetic characters (for example, !, $, #, %).