Windows: Difference between revisions
Jump to navigation
Jump to search
NickPGSmith (talk | contribs) |
NickPGSmith (talk | contribs) m (28 revisions imported) |
||
| (22 intermediate revisions by the same user not shown) | |||
| Line 9: | Line 9: | ||
Revert to normal: | Revert to normal: | ||
bcdedit /deletevalue {current} safeboot | bcdedit /deletevalue {current} safeboot | ||
== Performance Metrics == | |||
winsat mem | |||
winsat cpu -encryption | |||
winsat disk | |||
== Installation == | == Installation == | ||
| Line 48: | Line 54: | ||
Unmount ISO: | Unmount ISO: | ||
Dismount-DiskImage -ImagePath $iso | Dismount-DiskImage -ImagePath $iso | ||
== Server Core == | |||
* At the console, menu driven app: SConfig | |||
To enable remote management: | |||
winrm qc | |||
or: | |||
Enable-NetFirewallRule -DisplayGroup "Windows Remote Management" | |||
To disable the firewall: | |||
Get-NetFirewallProfile | |||
Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled true | |||
Connect remotely with Computer Manager, Registry Editor, etc | |||
See [https://learn.microsoft.com/en-us/windows-server/administration/server-core/server-core-administer here] for other tasks. | |||
== IoT == | |||
* [https://learn.microsoft.com/en-us/windows/iot-core/downloads Download & Installation] | |||
To set up remote PowerShell connectio to device "iotdev", start PowerShell on desktop: | |||
net start winrm | |||
Enable trust with either: | |||
Set-Item WSMan:\localhost\Client\TrustedHosts -Value iotdev | |||
Set-Item WSMan:\localhost\Client\TrustedHosts -Value "iotdev,another-device.example.com" | |||
Enter and leave remote PS sessions: | |||
Enter-PSSession -ComputerName iotdev -Credential iotdev\Administrator | |||
Exit-PSSession | |||
eg shutdown immediately: | |||
shutdown /r /t 0 | |||
== Hyper-V == | |||
Default file Locations: | |||
* C:\ProgramData\Microsoft\Windows\Virtual Hard Disks | |||
* C:\ProgramData\Microsoft\Windows\Hyper-V | |||
External virtual network switch may perform very badly with Intel Wireless NICs. | |||
*To fix poor upload speed: | |||
** On the Hyper-V Virtual Ethernet Adapter, disable: | |||
*** Large Send Offload IPv4 | |||
*** Large Send Offload IPv6 | |||
*To fix poor Download speed: | |||
** On the Wifi Card, disable: | |||
*** Packet Coalescing | |||
== Registry == | == Registry == | ||
| Line 67: | Line 124: | ||
* HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\Profiles | * HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\Profiles | ||
=== User === | |||
* HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfilekList\[SID]\ProfileImagePath | |||
Use netplwiz to change username | |||
== NFS Client == | == NFS Client == | ||
| Line 131: | Line 194: | ||
""; | ""; | ||
}; | }; | ||
Run commands remotely: | |||
Invoke-Command -ComputerName somehost -FilePath C:\path\script.ps1 -credential Administrator | |||
The [https://learn.microsoft.com/en-gb/powershell/module/microsoft.powershell.core/about/about_execution_policies?view=powershell-7.3 execution policy] may need to be changes: | |||
Get-ExecutionPolicy | |||
Set-ExecutionPolicy -ExecutionPolicy Unrestricted | |||
Revert with: | |||
Set-ExecutionPolicy -ExecutionPolicy Default | |||
=== Remove Applications === | === Remove Applications === | ||
| Line 159: | Line 232: | ||
Can also convert to mbr format | Can also convert to mbr format | ||
== Move User Profiles == | |||
User profiles are stored in (for example) C:\Users\Sharon. Can be moved per-user to a new drive or NTFS mount, eg D:\Users\Store | |||
* Ensure target directory (D:\Users\Sharon) is created with full-control permissions (eg create as Sharon) | |||
Some hiddent junctions may be problematic during copy. Can list them with: | |||
dir /s /A:L | |||
As Administrator: | |||
xcopy C:\Users\Sharon\*.* D:\Users\Sharon /E /H /K /O | |||
These options: | |||
* Copy Everything | |||
* Including System/Hidden files | |||
* Preserve file/director attributes | |||
* Preserve file/directory permissions | |||
May also need /C : continue on errors. On my Windows 11 system I found a junction loop: | |||
* C:\Users\Sharon\AppData\Local\Application Data -> C:\Users\Sharon\AppData\Local | |||
which I had to remove with remdir to allow zcopy to proceed. | |||
cd C:\Users | |||
ren Sharon Sharon.old | |||
mklink /J C:\Users\Sharon D:\Users\Sharon | |||
Here we create an NTFS junction to point from the original location to the new one. | |||
Alternatively, see: | |||
* Move C:\Users\Sharon directory | |||
* HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\<User SID> | |||
* Change ProfileImagePath to C:\Store\Sharon | |||
* Search/replace registry for old entries for C:\Users\Sharon | |||
== NTFS == | == NTFS == | ||
| Line 170: | Line 277: | ||
* /h Creates a hard link instead of a symbolic link | * /h Creates a hard link instead of a symbolic link | ||
* /j Creates a director junction | * /j Creates a director junction | ||
To remove a symlink (not the target) to a directory use: | |||
rmdir Alias | |||
=== Drive as a folder === | === Drive as a folder === | ||
Latest revision as of 04:53, 8 May 2024
Boot Mode
Boot into safe mode:
bcdedit /set {current} safeboot minimal
Or, with networking:
bcdedit /set {current} safeboot network
Revert to normal:
bcdedit /deletevalue {current} safeboot
Performance Metrics
winsat mem winsat cpu -encryption winsat disk
Installation
Allow Win 11 Upgrades
In-place upgrade:
- HKEY_LOCAL_MACHINE\SYSTEM\Setup\MoSetup\AllowUpgradesWithUnsupportedTPMOrCpu = 1 (DWORD32)
From USB install/ISO, at first setup screen, SHIFT-F10 to open regedit, and add:
- HKEY_LOCAL_MACHINE\SYSTEM\Setup\LabConfig\BypassTPMCheck = 1 (DWORD32)
- HKEY_LOCAL_MACHINE\SYSTEM\Setup\LabConfig\BypassSecureBootCheck = 1 (DWORD32)
- HKEY_LOCAL_MACHINE\SYSTEM\Setup\LabConfig\BypassRAMCheck = 1 (DWORD32)
Create bootable thumb drive from ISO file
Insert >= 8 GiB thumb drive that has been initalised as GPT with no partitions. In PowerShell:
Mount ISO file:
$iso = "C:\en_windows_server_2019_x64.iso" $isomount = Mount-DiskImage -ImagePath $iso -StorageType ISO -PassThru $isodrive = ($isomount | Get-Volume).DriveLetter
Look for USB drives, identify by FriendlyName or SerialNumber:
Get-Disk | Where BusType -eq "USB" $thumb = Get-Disk | Where SerialNumber -eq "1234567890"
Clear thumb drive, and initialise to GPT:
$thumb | Clear-Disk -RemoveData -PassThru
Create partition, format to FAT32
$vol = $thumb| New-Partition -UseMaximumSize -AssignDriveLetter | Format-Volume -FileSystem FAT32 -NewFileSystemLabel WINSVR-2019
Copy files to thumb drive:
Copy-Item -Path ($isodrive + ":\*") -Destination ($vol.DriveLetter + ":\") -Recurse
Unmount ISO:
Dismount-DiskImage -ImagePath $iso
Server Core
- At the console, menu driven app: SConfig
To enable remote management:
winrm qc
or:
Enable-NetFirewallRule -DisplayGroup "Windows Remote Management"
To disable the firewall:
Get-NetFirewallProfile Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled true
Connect remotely with Computer Manager, Registry Editor, etc
See here for other tasks.
IoT
To set up remote PowerShell connectio to device "iotdev", start PowerShell on desktop:
net start winrm
Enable trust with either:
Set-Item WSMan:\localhost\Client\TrustedHosts -Value iotdev Set-Item WSMan:\localhost\Client\TrustedHosts -Value "iotdev,another-device.example.com"
Enter and leave remote PS sessions:
Enter-PSSession -ComputerName iotdev -Credential iotdev\Administrator Exit-PSSession
eg shutdown immediately:
shutdown /r /t 0
Hyper-V
Default file Locations:
- C:\ProgramData\Microsoft\Windows\Virtual Hard Disks
- C:\ProgramData\Microsoft\Windows\Hyper-V
External virtual network switch may perform very badly with Intel Wireless NICs.
- To fix poor upload speed:
- On the Hyper-V Virtual Ethernet Adapter, disable:
- Large Send Offload IPv4
- Large Send Offload IPv6
- On the Hyper-V Virtual Ethernet Adapter, disable:
- To fix poor Download speed:
- On the Wifi Card, disable:
- Packet Coalescing
- On the Wifi Card, disable:
Registry
Chrome updates and forced Extensions
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\Update\UpdateDefault = 1
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\Update\AutoUpdateCheckPeriodMinutes = 30
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist\*
- HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update = 1
- HKEY_CURRENT_USER\SOFTWARE\Google\Update = 1
Firefox updates
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Mozilla\Firefox\DisableAppUpdate = 0
Wifi Names
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\Profiles
User
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfilekList\[SID]\ProfileImagePath
Use netplwiz to change username
NFS Client
Can mount, like:
mount \\nfsserver\home\fred F:
but to make writeable, in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ClientForNFS\CurrentVersion\Default
- Create AnonymousUid as DWORD and enter the UID of the remote user that has write permissions
- Create AnonymousUid as DWORD and enter the GID of the remote user that has write permissions
PowerShell
Unzip:
Expand-Archive somefile.zip
Show all attributes on an object:
Get-Date | Format-List Get-Service | Format-List
Show properties and methods:
Get-Date | Get-Member
Show a subset of data:
Get-VM | Select Name, State, Status Name State Status ---- ----- ------ Local Discovery Off Operating normally Local Fedora (lisa) Running Operating normally
Determine type:
$_.GetType().Name
Find certificate objects:
Get-ChildItem -Path Cert:\LocalMachine -Recurse | WhereObject {$_.Name -match 'X509Certificate'}
Show MD5 sum:
Get-FileHash C:\somefile -Algorithm MD5
Issue Rest-API call:
$uri='https://www.example.com/api/v1.1/admin/about' $token='Mzo3ODI4ZjgzNzM2OTk3OGJiNTFmYTdmMDAwM...' $headers=@{Authorization="Bearer $token"} Invoke-RestMethod -SkipCertificateCheck -Uri $uri -Method 'GET' -Headers $headers
Test Network connection:
Test-NetConnection -Port 5985
Remote PS Session:
Enter-PSSession -ComputerName somehost -Credential Administrator
Remote PS Command:
Invoke-Command -ComputerName somehost -Credential Administrator -ScriptBlock {Get-NetIPAddress}
Invoke-Command -ComputerName somehost -Credential Administrator -ScriptBlock {Get-CIMInstance -Class Win32_NetworkAdapter}
Network Connections to PID 0:
Get-NetTCPConnection | Where-Object {$_.OwningProcess -eq 0} | ForEach-Object {
"local_ip_addr: {0}" -f $_.LocalAddress;
"local_port: {0}" -f $_.LocalPort;
"remote_ip_addr: {0}" -f $_.RemoteAddress;
"remote_port: {0}" -f $_.RemotePort;
"pid: {0}" -f $_.OwningProcess;
"";
};
Run commands remotely:
Invoke-Command -ComputerName somehost -FilePath C:\path\script.ps1 -credential Administrator
The execution policy may need to be changes:
Get-ExecutionPolicy Set-ExecutionPolicy -ExecutionPolicy Unrestricted
Revert with:
Set-ExecutionPolicy -ExecutionPolicy Default
Remove Applications
Get-AppxPackage | Out-File packages.txt Get-AppxPackage Microsoft.XboxApp | Remove-AppxPackage Get-AppxPackage Microsoft.XboxGamingOverlay | Remove-AppxPackage Get-AppxPackage Microsoft.XboxSpeechToTextOverlay | Remove-AppxPack
List all installed apps:
Get-AppxPackage | Select Name , PackageFullName
Remove all inbuilt / default app from all user account
Get-AppxPackage -AllUsers | Remove-AppxPackage
Remove all modern apps:
Get-AppXProvisionedPackage -online | Remove-AppxProvisionedPackage -online
Remove XBox apps:
get-appxpackage *xbox* | remove-appxpackage
Diskpart
list disk select disk 6 convert gpt exit
Can also convert to mbr format
Move User Profiles
User profiles are stored in (for example) C:\Users\Sharon. Can be moved per-user to a new drive or NTFS mount, eg D:\Users\Store
- Ensure target directory (D:\Users\Sharon) is created with full-control permissions (eg create as Sharon)
Some hiddent junctions may be problematic during copy. Can list them with:
dir /s /A:L
As Administrator:
xcopy C:\Users\Sharon\*.* D:\Users\Sharon /E /H /K /O
These options:
- Copy Everything
- Including System/Hidden files
- Preserve file/director attributes
- Preserve file/directory permissions
May also need /C : continue on errors. On my Windows 11 system I found a junction loop:
- C:\Users\Sharon\AppData\Local\Application Data -> C:\Users\Sharon\AppData\Local
which I had to remove with remdir to allow zcopy to proceed.
cd C:\Users ren Sharon Sharon.old mklink /J C:\Users\Sharon D:\Users\Sharon
Here we create an NTFS junction to point from the original location to the new one.
Alternatively, see:
- Move C:\Users\Sharon directory
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\<User SID>
- Change ProfileImagePath to C:\Store\Sharon
- Search/replace registry for old entries for C:\Users\Sharon
NTFS
Junction
Create a directory (/d option) symbolic link:
mklink /D C:\Alias "C:\Original Data"
so now Alias can be referenced to access original data.
- /h Creates a hard link instead of a symbolic link
- /j Creates a director junction
To remove a symlink (not the target) to a directory use:
rmdir Alias
Drive as a folder
diskpart DISKPART> list volume
Note the volume number.
DISKPART> select volume <volumenumber> DISKPART> assign mount="C:\Users\John\Documents\NewDrive"