msgbartop
A chronological documentation test project, nothing serious, really!
msgbarbottom

26 Jan 2012 Disable DLNA in Windows 7

If you are using your Windows 7 and have a active wireless network, then the chances are that you are sharing your media files with DLNA enabled devices like smartphones, TVs with wireless access and media centers.
This HOWTO describes how you can disable DLNA in Windows 7.

  1. Type “Manage advanced sharing settings” in the Start Menu
  2. Go to “Home and Work”
  3. Under “Media Streaming” you click the “Choose media streaming options” link
  4. Click the “Block all” button followed by the “OK” button

You have now disabled DLNA sharing on your computer.

Tags: , ,

Posted by

19 Jun 2011 List installed Windows Updates using WMIC

I have recently been trying to find a way to export a list of some, but not all installed Windows Updates and patches on a Windows 2008 server. WMIC is a Windows command that has been available in Windows for a long time and has become a tool that can perform many kinds of actions and queries.
Microsoft has created a tool called Microsoft Baseline Security Analyzer that helps you determine the security state in accordance with Microsoft security recommendations and offers specific remediation guidance, but I have not tried it to see if all patches and updates are exported.

Open a Windows Command Prompt (cmd.exe) and type the following command

wmic qfe get

The result presented in plain text

Caption                                        CSName    Description      FixComments  HotFixID   InstallDate  InstalledBy          InstalledOn  Name  ServicePackInEffect  Status  
http://go.microsoft.com/fwlink/?LinkId=133041  PC-NAME Update                        982861                  pc-name\username      3/20/2011                                       
http://go.microsoft.com/fwlink/?LinkId=161784  PC-NAME Update                        KB971033                NT AUTHORITY\SYSTEM  8/9/2010                                        
http://support.microsoft.com/?kbid=2305420     PC-NAME Security Update               KB2305420               NT AUTHORITY\SYSTEM  12/17/2010                                      
http://support.microsoft.com/?kbid=2393802     PC-NAME Security Update               KB2393802               NT AUTHORITY\SYSTEM  2/10/2011
...

WMIC can also be used to gather other Windows related information and this is a list with many wmic commands I have copied from Tech-Wreck InfoSec Blog: WMIC Command Line Kung-Fu in case the site becomes unavailable.
This site has produced many interesting articles and is well worth a visit.

Description – Command
Spot Odd Executables – wmic PROCESS WHERE “NOT ExecutablePath LIKE ‘%Windows%'” GET ExecutablePath
Look at services that are set to start automatically – wmic SERVICE WHERE StartMode=”Auto” GET Name, State
Find user-created shares (usually not hidden) – wmic SHARE WHERE “NOT Name LIKE ‘%$'” GET Name, Path
Find stuff that starts on boot – wmic STARTUP GET Caption, Command, User
Identify any local system accounts that are enabled (guest, etc.) – wmic USERACCOUNT WHERE “Disabled=0 AND LocalAccount=1″ GET Name”
Change Start Mode of Service – wmic service where (name like “Fax” OR name like “Alerter”) CALL ChangeStartMode Disabled
Number of Logons Per USERID – wmic netlogin where (name like “%skodo”) get numberoflogons
Obtain a Certain Kind of Event from Eventlog – wmic ntevent where (message like “%logon%”) list brief
Clear the Eventlog (Security example) – wmic nteventlog where (description like “%secevent%”) call cleareventlog
Get Mac Address – wmic nic get macaddress
Reboot or Shutdown – wmic os where buildnumber=”2600″ call reboot
Update static IP address – wmic nicconfig where index=9 call enablestatic(“192.168.16.4”), (“255.255.255.0”)
Change network gateway – wmic nicconfig where index=9 call setgateways(“192.168.16.4”, “192.168.16.5”),(1,2)
Enable DHCP – wmic nicconfig where index=9 call enabledhcp
Service Management – wmic service where caption=”DHCP Client” call changestartmode “Disabled”
Start an Application – wmic process call create “calc.exe”
Terminate an Application – wmic process where name=”calc.exe” call terminate
Change Process Priority – wmic process where name=”explorer.exe” call setpriority 64
Get List of Process Identifiers – wmic process where (Name=’svchost.exe’) get name,processid

Information About Harddrives – wmic logicaldisk where drivetype=3 get name, freespace, systemname, filesystem, size, volumeserialnumber
Information about os – wmic os get bootdevice, buildnumber, caption, freespaceinpagingfiles, installdate, name, systemdrive, windowsdirectory /format:htable > c:\osinfo.htm
Information about files – wmic path cim_datafile where “Path=’\\windows\\system32\\wbem\\’ and FileSize>1784088” > c:\wbemfiles.txt
Process list – wmic process get /format:htable > c:\process.htm
Retrieve list of warning and error events not from system or security logs – WMIC NTEVENT WHERE “EventType<3 AND LogFile != ‘System’ AND LogFile != ‘Security'” GET LogFile, SourceName, EventType, Message, TimeGenerated /FORMAT:”htable.xsl”:” datatype = number”:” sortby = EventType” > c:\appevent.htm
Total Hard Drive Space Check – wmic LOGICALDISK LIST BRIEF
Get Running Services Information – Wmic service where (state=”running”) get caption, name, startmode, state
Get Startmode of Services – Wmic service get caption, name, startmode, state
Get Domain Names And When Account PWD set to Expire – WMIC UserAccount GET name,PasswordExpires /Value
Get Hotfix and Security Patch Information – WMIC QFE GET /format:CSV >QFE.CSV
Get Startup List – wmic startup list full
Find a specific Process – wmic process list brief
find “cmd.exe”
Get List of IP Interfaces – wmic nicconfig where IPEnabled=’true’
Change IP Address – wmic nicconfig where Index=1 call EnableStatic (“10.10.10.10”), (“255.255.255.0”)
OS/System Report HTML Formatted – wmic /output:c:\os.html os get /format:hform
Products/Programs Installed Report HTML Formatted – wmic /output:c:\product.html product get /format:hform
Services Report on a Remote Machine HTML Formatted – wmic /output:c:\services.htm /node:server1 service list full / format:htable
Turn on Remoted Desktop Remotely! – Wmic /node:”servername” /user:”user@domain” /password: “password”
RDToggle where ServerName=”server name” call SetAllowTSConnections 1
Get Server Drive Space Usage Remotely – WMIC /Node:%%A LogicalDisk Where DriveType=”3″ Get DeviceID,FileSystem,FreeSpace,Size /Format:csv
MORE /E +2 >> SRVSPACE.CSV
Get PC Serial Number – wmic /node:”HOST” bios get serialnumber
Get PC Product Number – wmic /node:”HOST” baseboard get product
Get Services for Remote Machine in HTML Format – wmic /output:c:\services.htm /node:server1 service list full / format:htable

Tags: , , ,

Posted by

23 May 2011 Clear Read-Only flag on Disk in Windows 7 using Diskpart

This is a short HOWTO clear the read-only/readonly flag/attribute on a disk in Windows 7 using the diskpart command from a Windows Command Prompt.

Warning!
Be sure to do this on the right disk since the diskpart command can do serious damage if you run it on the wrong disk.

  1. Open a command window by running the diskpart command from a Command Prompt
  2. Determine which disk you are going to modify:
  3. DISKPART> list disk
    
      Disk ###  Status         Size     Free     Dyn  Gpt
      --------  -------------  -------  -------  ---  ---
      Disk 0    Online          149 GB  1024 KB
      Disk 1    Online          465 GB   465 GB
  4. Select the disk you are going to modify
    DISKPART> select disk 1

    You have now selected disk 1

    list disk
    
      Disk ###  Status         Size     Free     Dyn  Gpt
      --------  -------------  -------  -------  ---  ---
      Disk 0    Online          149 GB  1024 KB
    * Disk 1    Online          465 GB   465 GB
  5. Clear the Read-Only attribute on the selected disk
    DISKPART> attributes disk clear readonly

The disk is no longe Read-Only protected.

If you would like to set the disk Read-Only again just do the same procedure and write

DISKPART> attributes disk set readonly

in the last operation.

When you are done modifying the disk attributes just issue the exit command

DISKPART> exit

and the diskpart windows will be closed.

Tags: ,

Posted by

03 Mar 2010 Enable or disable ping in Windows Server 2008 R2

I always forget where to change the ping setting in the Windows Server 2008 R2 Firewall.
To enable ping

Go to Start >> Administrative Tools >> Windows Firewall with Advanced Security >> Inbound Rules >> File and Printer Sharing (Echo Request – ICMPv4-IN) >> right click and select Enable Rule.

To disable the ping rule just select Disable Rule in the last step.
These steps does also work in Windows 7 to enable ping.

Tags: , ,

Posted by

14 Aug 2009 Getting VMware vSphere Client to run on Windows 7 RTM

This post describes how you can get your VMware vSphere Client version 4 running on a 32-bit Windows 7 (RTM) installation until VMware makes an update to fix this Microsoft .Net problem. Be aware that this method of getting the client to run is not recommended in a production environment since you are running the client in development mode.

First you need to edit the VpxClient.exe.config file located in your C:\Program Files\Vmware\Infrastructure\Virtual Infrastructure Client\Launcher folder and make it look like the code below

<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.net>
<connectionManagement>
<clear/>
<add address="*" maxconnection="8" />
</connectionManagement>
</system.net>
<appSettings>
<add key = "protocolports" value = "https:443"/>
</appSettings>
<runtime>
<developmentMode developerInstallation="true"/>
</runtime>
</configuration>

Next we have to ensure that you we the .Net system.dll from a non Windows 7 machine.

It’s possible to download the config file and the DLL filer from here.

Place the modified config file in your C:\Program Files\Vmware\Infrastructure\Virtual Infrastructure Client\Launcher folder.

Then we create a new folder called Lib in the folder noted above and place the downloaded DLL file in the folder.

windows-7-environment-settings
windows-7-environment-settings-2Reboot your PC and VMware vSphere Client should now work without any error messages.

Edit your system properties and create a new ‘Environment Variable” Name it “Devpath” with the value of C:\Program Files\VMware\Infrastructure\Virtual Infrastructure Client\Launcher\Lib. You can locate these variables under Control Panel –> System and Security –> System –> Advanced system settings

This post came to life after reading this thread on the VMware Communties discussion forum. The thread also describes how to make VMware vSphere Client to work on 64-bit Windows 7 but I’m not going to describe that in this post.

Tags: , ,

Posted by