Browsing "Windows 2008"

Some quick command line tools for AD

1. To quickly list all the groups in your domain, with members, run this command:

dsquery group -limit 0 | dsget group -members –expand

2. To find all users whose accounts are set to have a non-expiring password, run this command:

dsquery * domainroot -filter “(&(objectcategory=person)(objectclass=user)(lockoutTime=*))” -limit 0

3. To list all the FSMO role holders in your forest, run this command:

netdom query fsmo

Read more »

How can I kill RDP sessions from the command line?

If you have hung RDP sessions on a server that you want to kill without rebooting it, run the following:

regsvr32 query.dll [enter] You only have to do this the first time.

query session /server:servername [enter]

reset session # /server:servername [enter]

Why can I not access administrative shares from Windows 7 or Windows 8 ?

Someone asked me about this recently. They had a Windows 8 laptop and a Windows 7 desktop and no matter what they tried, they were unable to access the C$ on either the laptop or the desktop.

They were 100% sure they were using the correct credentials but for whatever  reason, Windows would not accept their login when trying to map a drive (\\desktopname\c$)

The issue is related to UAC and how that restricts remote connections. This has been the case since Vista and the same issue (feature :)  is still in Windows 8.

The issue only applies to local accounts and not domain accounts.

The quick fix is to just disable UAC but if you want to keep that running but still allow admin share access, do the following:

To disable UAC remote restrictions, follow these steps:

  1. Click Start, click Run, type regedit, and then press ENTER.
  2. Locate and then click the following registry subkey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
    Windows\CurrentVersion\Policies\System
  3. If the LocalAccountTokenFilterPolicy registry entry does not exist, follow these steps:
  4. On the Edit menu, point to New, and then click DWORD Value.
  5. Type LocalAccountTokenFilterPolicy, and then press ENTER.
  6. Right-click LocalAccountTokenFilterPolicy, and then click Modify.
  7. In the Value data box, type 1, and then click OK.
  8. Exit Registry Editor.

The LocalAccountTokenFilterPolicy registry entry in the registry can have a value of 0 or of 1. These values change the behavior of the registry entry to the behavior that is described in the following table.

Value Description
0 This value builds a filtered token. This is the default value. The administrator credentials are removed.
1 This value builds an elevated token.

 

How can I clear all the remote desktop session remotely

There are 2 methods to do this:

Method 1:

Open CMD with admin right, then —

A. Type “qwinsta /server:xxx.xxx.xxx.xxx” into the window, replacing “xxx.xxx.xxx.xxx” with the IP address of your server. When you hit “Enter,” a list of active remote-desktop connections will appear. Each session will have an ID number assigned to it.

B. Use the “rwinsta /server:xxx.xxx.xxx.xxx id” command, replacing “xxx.xxx.xxx.xxx” with the IP address of your server and “id” with the ID number of the session you want to end. When you hit “Enter,” Windows will end the selected session.

Method 2:

A. Go to CMD prompt and run ”quser /server:YOUR_SERVER_NAME”, it will list all the remote connection.

B. Still in CMD prompt, run “logoff rdp-tcp#123 /server:YOUR_SERVER_NAME”(where 123 is the sessionname)

How can I search for all users that have the “Network Policy” set to false using PowerShell ?

If you need to search Active Directory to find users who currently have the “Network Access Permission” set to “Deny Access” on the Dial-in tab of their user account

Dial-in

run this Powershell command:

Get-ADUser -Filter {(mail -like “*”) -and (ObjectClass -eq “user”)} -Properties msNPAllowDialin | Where { $_.msNPAllowDialin -match “False” } | fl Name, msNPAllowDialin

You need to ensure you start Powershell with the AD modules installed.

Why does my Windows 2008 server keep loosing its gateway IP?

I have come across this issue and it seems most common in virtual machines. The fix I found is:

  1. Logon to the server (using ILO or virtual console)
  2. NIC settings (and write down all settings)
  3. Open a CMD prompt with elevated permissions (“Run as Administrator”)
  4. Run the command:
    netsh int ip reset
  5. Reboot the server
  6. Logon again
  7. Set the correct NIC settings
  8. Reboot the server
Related Posts Plugin for WordPress, Blogger...