Show TCP/IP settings -
netsh interface ip show config
Change network configuration -
netsh interface ip set
address “Local Area
Connection” static
192.168.0.10 255.255.255.0
192.168.0.254
Use a dynamic DHCP assigned address -
netsh interface ip set
address “Local Area
Connection” dhcp
Change a DNS Server address -
netsh interface ip set dns
“Local Area Connection”
static 192.168.0.2
Dynamically assign the DNS server address -
netsh interface ip set dns
“Local Area Connection” dhcp
Work with remote systems -
netsh set machine remotecomputer
Recently had an Interviewer for a highly under paid Sr. Windows Admin position send me some questions to screen applicants. However, I found his questions worth tossing up here.
“What are the five FSMO roles?”
Schema Master, Domain Name Master, Infrastructure Master, Relative ID Master (RID), and of course PDC Emulator.
“How long does it take for security changes to be replicated among domain controllers?”
Immediate.
“If an admin deleted an OU, how would you recover it?”
Two ways the more clumsy Authoritative restore or better yet using powershell. Seeing this is not for the faint of heart I’ll include a link to a nice write up from this site .
Step 1
Restart Windows 2003 in Directory Service Restore Mode.
Note: At startup, press F8 and choose Directory Service Restore Mode. It disables Active Directory.
When the login screen appears, log on as Local Administrator. You now have full access to the computer resources, but you cannot make any changes to Active Directory.
Step 2
You are now going to install SRVANY. This utility can virtually run any programs as a service. The interesting point is that the program will have SYSTEM privileges (LSA) (as it inherits the SRVANY security descriptor), i.e. it will have full access on the system. That is more than enough to reset a Domain Admin password. You will configure SRVANY to start the command prompt (which will run the ‘net user’ command).
Copy SRVANY and INSTSRV to a temporary folder, mine is called D:\temp. Copy cmd.exe to this folder too (cmd.exe is the command prompt, usually located at %WINDIR%\System32).
Start a command prompt, point to d:\temp (or whatever you call it), and type:
instsrv PassRecovery “d:\temp\srvany.exe”
(change the path to suit your own).
It is now time to configure SRVANY.
Start Regedit, and navigate to
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\PassRecovery
Create a new subkey called Parameters and add two new values:
name: Application type: REG_SZ (string) value: d:\temp\cmd.exe name: AppParameters type: REG_SZ (string) value: /k net user administrator 123456 /domain
Replace 123456 with the password you want. Keep in my mind that the default domain policy require complex passwords (including digits, respecting a minimal length etc) so unless you’ve changed the default domain policy use a complex password such as P@ssw0rd
Now open the Services applet (Control Panel\Administrative Tools\Services) and open the PassRecovery property tab. Check the starting mode is set to Automatic.
Go to the Log On tab and enable the option Allow service to interact with the desktop.
Restart Windows normally, SRVANY will run the NET USER command and reset the domain admin password.
Step 3
Log on with the Administrator’s account and the password you’ve set in step #2.
Use this command prompt to uninstall SRVANY (do not forget to do it!) by typing:
net stop PassRecovery sc delete PassRecovery
Now delete d:\temp and change the admin password if you fancy.
October 22nd, 2009 in
Windows |
No Comments
Had one of my users come tell me she couldn’t login to our web mail. I found she was trying to login to our OWA after typing in the wrong url, off by one character. So I decided to have one of our graphic guys help customize the login page so it was more apparent to users they were on the correct page.
http://technet.microsoft.com/en-us/library/bb310750.aspx
To access the console session (3rd RDC connection) to Server 2003 or newer. Use the following command from the CLI:
mstsc -v:0.0.0.0 /admin
This was introduced in RDC 5, but don’t get in the habit in using this connection else you just end up with 3 stuck sessions. Should still modify the timeout settings to disconnect those users that stay logged in for days.
Wanted to post my old script for mapping network drives for users during logon:
On Error Resume Next
Set objSysInfo = CreateObject(“ADSystemInfo”)
Set objNetwork = CreateObject(“Wscript.Network”)
strUserPath = “LDAP://” & objSysInfo.ComputerName
Set objUser = GetObject(strUserPath)
‘Finds users group membership
For Each strGroup in objUser.MemberOf
strGroupPath = “LDAP://” & strGroup
Set objGroup = GetObject(strGroupPath)
strGroupName = objGroup.CN
‘Removes curent mappings
objNetwork.RemoveNetworkDrive “H:”, True, True
objNetwork.RemoveNetworkDrive “I:”, True, True
objNetwork.RemoveNetworkDrive “R:”, True, True
objNetwork.RemoveNetworkDrive “S:”, True, True
objNetwork.RemoveNetworkDrive “T:”, True, True
‘Mappings for all users
objNetwork.MapNetworkDrive “H:”, “\\Server\Share”
‘Mappings Based on Group Membership
Select Case strGroupName
Case “Group 1″
objNetwork.MapNetworkDrive “I:”, “\\Server\Share1”
Case “Group 2″
objNetwork.MapNetworkDrive “R:”, “\\Server\Share 2″
Case “Group 3″
objNetwork.MapNetworkDrive “S:”, “\\Server\Share 3″
Case “Group 4″
objNetwork.MapNetworkDrive “T:”, “\\Server\Share 4″
End Select
Next
July 29th, 2009 in
Scripts |
No Comments
Ran in to an issue I had to deal with 2 years ago when I deployed all of my company’s new SSL Certs from VeriSign. VeriSign decided to put in an intermediate cert between mine and their root. For IIS this is fairly easy to fix as you just import the cert from VeriSign in to Windows list of root authorities. Two years ago if you didn’t do this nearly all browsers gave an cert error when clients went to your site. As many know this makes customers nervous so had to be fixed.
Well this month I installed some new F5 Big-IP load balancers, besides a few issues dealing with our homegrown software, they also brought back the cert chain issue. Most of the popular browsers were up-to-date enough that they handled the chain on their own (like IE and Firefox), however Safari and Opera would pop an err.
After some digging this is the article you need to follow if you have this issue:
https://support.f5.com/kb/en-us/solutions/public/6000/400/sol6401.html
There is little risk and the change only takes seconds per cert. Stil something I did in the off hours.
July 27th, 2009 in
Networking |
No Comments
Set a console password to cisco Router(config)#line con 0
Router(config-line)#login
Router(config-line)#password cisco
Set a telnet password Router(config)#line vty 0 4
Router(config-line)#login
Router(config-line)#password cisco
Stop console timing out Router(config)#line con 0
Router(config-line)#exec-timeout 0 0
Set the enable password to cisco Router(config)#enable password cisco
Set the enable secret password to peter. Router(config)#enable secret peter
To enable IRGP with a AS of 200, to all interfaces Router(config)#router igrp 200
Router(config-router)#network 172.16.0.0
June 16th, 2009 in
CISCO |
No Comments
Changing a currently used static route, cut and paste the below so they are executed at the same time. These have to be done at the same time so no new sessions are created while you are changing the route. Best to paste in to notepad first.
clear ip nat translation *
conf t
no ip nat inside source static 10.1.1.1 1.1.1.1
ip nat inside source static 10.1.1.2 1.1.1.1
Adding an IP to a current access list:
access-list 102 permit tcp host x.x.x.x host x.x.x.x eq 2020
access-list 105 permit tcp any any eq 1700 log
access-list 105 permit tcp any host x.x.x.x eq 7080 log
access-list 105 permit tcp x.x.x.x 0.0.0.31 host x.x.x.x eq 2020 log
To Edit an access list use the following commands:
Show access-lists XXX XXX is the access list name or number
ip access-list extended 105 At this point we can change the order or add lists between other rules
Type in “no XXXX” XXXX is the line number shown in the show command
show env all: Shows the environment status, including fan, power supplies, etc. Good for making sure the environment is alright.
show history: Shows your command history since you logged onto the device. Good for remembering what command you put into get those stats the boss needs. Configuration changes don’t show up here.
show inventory: Shows a nice list of what the device has hardware-wise. It’s good for a router with a bunch of modules or a switch with a bunch of cards.
show interface trunk: Shows all the trunks on a switch along with pruning information. Good for making sure all VLANs are propagating around the network.
show interface capabilities: Shows what the interface is capable of doing — not just what’s its configured to do.
show interface counters: Shows byte and packet information for every interface. Good for quickly showing statistics without having to look at all the show interface garbage.
show mac-address-table: Shows the CAM table on a switch. Good for tracking down where a host is plugged into.
show tcp brief: Shows all TCP connections associated with the device like SSH sessions or BGP.
show users: Shows who’s logged onto the device. Good for finding a line to clear to kick everyone off the box.
June 14th, 2009 in
CISCO |
No Comments