Windows: Difference between revisions

From Smithnet Wiki
Jump to navigation Jump to search
Line 184: Line 184:


Here we create an NTFS junction to point from the original location to the new one.
Here we create an NTFS junction to point from the original location to the new one.
Alternatively, see:
* Move C:\Users\Sharon directory
* HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\<User SID>
* Change ProfileImagePath to C:\Store\Sharon
* Search/replace registry for old entries for C:\Users\Sharon


== NTFS ==
== NTFS ==

Revision as of 04:15, 11 June 2023

Boot Mode

Boot into safe mode: 

bcdedit /set {current} safeboot minimal

Or, with networking: 

bcdedit /set {current} safeboot network

Revert to normal: 

bcdedit /deletevalue {current} safeboot

Installation

Allow Win 11 Upgrades

In-place upgrade:

  • HKEY_LOCAL_MACHINE\SYSTEM\Setup\MoSetup\AllowUpgradesWithUnsupportedTPMOrCpu = 1 (DWORD32)

From USB install/ISO, at first setup screen, SHIFT-F10 to open regedit, and add:

  • HKEY_LOCAL_MACHINE\SYSTEM\Setup\LabConfig\BypassTPMCheck = 1 (DWORD32)
  • HKEY_LOCAL_MACHINE\SYSTEM\Setup\LabConfig\BypassSecureBootCheck = 1 (DWORD32)
  • HKEY_LOCAL_MACHINE\SYSTEM\Setup\LabConfig\BypassRAMCheck = 1 (DWORD32)

Create bootable thumb drive from ISO file

Insert >= 8 GiB thumb drive that has been initalised as GPT with no partitions. In PowerShell:

Mount ISO file: 

$iso = "C:\en_windows_server_2019_x64.iso"
$isomount = Mount-DiskImage -ImagePath $iso -StorageType ISO -PassThru
$isodrive = ($isomount | Get-Volume).DriveLetter

Look for USB drives, identify by FriendlyName or SerialNumber: 

Get-Disk | Where BusType -eq "USB"
$thumb = Get-Disk | Where SerialNumber -eq "1234567890"

Clear thumb drive, and initialise to GPT: 

$thumb | Clear-Disk -RemoveData -PassThru

Create partition, format to FAT32 

$vol = $thumb| New-Partition -UseMaximumSize -AssignDriveLetter | Format-Volume -FileSystem FAT32 -NewFileSystemLabel WINSVR-2019

Copy files to thumb drive: 

Copy-Item -Path ($isodrive + ":\*") -Destination ($vol.DriveLetter + ":\") -Recurse

Unmount ISO: 

Dismount-DiskImage -ImagePath $iso

Registry

Chrome updates and forced Extensions

  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\Update\UpdateDefault = 1
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\Update\AutoUpdateCheckPeriodMinutes = 30
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist\*
  • HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update = 1
  • HKEY_CURRENT_USER\SOFTWARE\Google\Update = 1

Firefox updates

  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Mozilla\Firefox\DisableAppUpdate = 0

Wifi Names

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\Profiles

NFS Client

Can mount, like: 

mount \\nfsserver\home\fred F:

but to make writeable, in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ClientForNFS\CurrentVersion\Default

  • Create AnonymousUid as DWORD and enter the UID of the remote user that has write permissions
  • Create AnonymousUid as DWORD and enter the GID of the remote user that has write permissions

PowerShell

Unzip: 

Expand-Archive somefile.zip

Show all attributes on an object: 

Get-Date | Format-List
Get-Service | Format-List

Show properties and methods: 

Get-Date | Get-Member

Show a subset of data: 

Get-VM | Select Name, State, Status

Name                  State Status
----                  ----- ------
Local Discovery         Off Operating normally
Local Fedora (lisa) Running Operating normally

Determine type: 

$_.GetType().Name

Find certificate objects: 

Get-ChildItem -Path Cert:\LocalMachine -Recurse | WhereObject {$_.Name -match 'X509Certificate'}

Show MD5 sum: 

Get-FileHash C:\somefile -Algorithm MD5

Issue Rest-API call: 

$uri='https://www.example.com/api/v1.1/admin/about'
$token='Mzo3ODI4ZjgzNzM2OTk3OGJiNTFmYTdmMDAwM...'
$headers=@{Authorization="Bearer $token"}
Invoke-RestMethod -SkipCertificateCheck -Uri $uri -Method 'GET' -Headers $headers

Test Network connection: 

Test-NetConnection -Port 5985

Remote PS Session: 

Enter-PSSession -ComputerName somehost -Credential Administrator

Remote PS Command: 

Invoke-Command -ComputerName somehost -Credential Administrator -ScriptBlock {Get-NetIPAddress}
Invoke-Command -ComputerName somehost -Credential Administrator -ScriptBlock {Get-CIMInstance -Class Win32_NetworkAdapter}

Network Connections to PID 0: 

Get-NetTCPConnection | Where-Object {$_.OwningProcess -eq 0} | ForEach-Object {
    "local_ip_addr: {0}" -f $_.LocalAddress;
    "local_port: {0}" -f $_.LocalPort;
    "remote_ip_addr: {0}" -f $_.RemoteAddress;
    "remote_port: {0}" -f $_.RemotePort;
    "pid: {0}" -f $_.OwningProcess;
    "";
};

Remove Applications

Get-AppxPackage | Out-File packages.txt
Get-AppxPackage Microsoft.XboxApp | Remove-AppxPackage
Get-AppxPackage Microsoft.XboxGamingOverlay | Remove-AppxPackage
Get-AppxPackage Microsoft.XboxSpeechToTextOverlay | Remove-AppxPack

List all installed apps: 

Get-AppxPackage | Select Name , PackageFullName

Remove all inbuilt / default app from all user account 

Get-AppxPackage -AllUsers | Remove-AppxPackage

Remove all modern apps: 

Get-AppXProvisionedPackage -online | Remove-AppxProvisionedPackage -online

Remove XBox apps: 

get-appxpackage *xbox* | remove-appxpackage

Diskpart

list disk
select disk 6
convert gpt
exit

Can also convert to mbr format

Move User Profiles

User profiles are stored in (for example) C:\Users\Sharon. Can be moved per-user to a new drive or NTFS mount, eg D:\Users\Store

  • Ensure target directory (D:\Users\Sharon) is created with full-control permissions (eg create as Sharon)

As Administrator: 

xcopy C:\Users\Sharon\*.* D:\Users\Sharon /E /H /K /O

These options:

  • Copy Everything
  • Including System/Hidden files
  • Preserve file/director attributes
  • Preserve file/directory permissions

May also need /C : continue on errors. On my Windows 11 system I found a junction loop:

  • C:\Users\Sharon\AppData\Local\Application Data -> C:\Users\Sharon\AppData\Local

which I had to remove with remdir to allow zcopy to proceed. 

cd C:\Users
ren Sharon Sharon.old
mklink /J C:\Users\Sharon D:\Users\Sharon

Here we create an NTFS junction to point from the original location to the new one.

Alternatively, see:

  • Move C:\Users\Sharon directory
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\<User SID>
  • Change ProfileImagePath to C:\Store\Sharon
  • Search/replace registry for old entries for C:\Users\Sharon

NTFS

Junction

Create a directory (/d option) symbolic link: 

mklink /D C:\Alias "C:\Original Data"

so now Alias can be referenced to access original data.

  • /h Creates a hard link instead of a symbolic link
  • /j Creates a director junction

To remove a symlink (not the target) to a directory use: 

rmdir Alias

Drive as a folder

diskpart
DISKPART> list volume

Note the volume number. 

DISKPART> select volume <volumenumber>
DISKPART> assign mount="C:\Users\John\Documents\NewDrive"
Retrieved from ‘https://www.smithnet.org.uk/wiki/index.php?title=Windows&oldid=668