Post in evidenza

Recovery - Access, Excel, Word, Office and Photo recovery tools and other blog procedures

During these years I had necessity to recover various files (.doc, mdb, .xls, photos...)  I utilized various free tools (here is an exampl...

Server - How to Execute RSAT snapins with different users without server/client logon necessity

If you need to launch some mmc snapins with different AD account (without logging on server/pc with that credentials) you could follow these steps:


  1. Execute command prompt start --> cmd.exe
  2. Copy and paste this command text:
    C:\Windows\System32\runas.exe /netonly /user:aduser@domain.suffix "mmc %SystemRoot%\system32\xxxx_command.msc
  3. where command.msc is any command with .msc.
    Usually any .msc command that is included in your RSAT tool (win 7, Win 10)  installed on your pc 

You can review these blog articles too:


Scripting - Tutti i comandi .cpl, .msc ed altri dal menu start --> Esegui


2012 Server – RSAT anche in 2008 R2 SP1 e 2008 SP2


Scripting - Lista di comandi di start --> Esegui di Microsoft Windows

Scripting - Silent install SQL Studio Management Console Studio 17.2

If you need to silent install SQL Studio Management Console Studio 17.2 you can do that through command line and using properly command switches.

I took note on this quickly post about this settings for future purposes.


Install Program – “SSMS-Setup-ENU.exe” /install /quiet /norestart

Uninstall Program – “%programfiles(x86)%\Microsoft SQL Server\140\tools\binn\managementstudio\ssms.exe” /uninstall /quiet

Download SQL Server Management Studio (SSMS)

https://docs.microsoft.com/en-us/sql/ssms/download-sql-server-management-studio-ssms

direct Links:

2016 Server - Windows Server 2016 Security Guide free download

Today I would like to share information that Windows Server 2016 Security Guide can be downloaded for Free from Miscrosoft web site:

http://download.microsoft.com/download/6/7/3/673E651E-C5B3-4C93-A69A-94042EB6DE22/Windows_Server_2016_Security_Better_protection_begins_at_the_OS_Whitepaper_EN_US.pdf

Precedent .pdf ncludes general guidance for helping secure servers in your environment and how you can utilize new security features in Windows Server 2016.

About other windows 2016 articles you can review this link:

http://www.alessandromazzanti.com/search/label/Windows%202016%20Server

SCCM - How to disable local Administrator Account

If you need to disable local Administrator account, change/set password or create new local Admin/user you can review previously article about GPO approach.

GPO - How to create local Administrator account using Group policies
http://www.alessandromazzanti.com/2017/04/gpo-how-to-create-local-administrator.html

Otherwise you can do that using SCCM.

Summarizing you would need to create a simple CI checking on specific collection verifyng thereshold relatively devices that have local Administrator account enabled, apply remediation (account disabling) and finally have available reports/alerts.

Here it is more verbosely article:

https://4sysops.com/archives/disable-the-local-administrator-account-with-sccm/

Windows 10 - Pro Workstation announcement about new release

Microsoft is going to release, during next months, following win 10 version:

https://blogs.windows.com/business/2017/08/10/microsoft-announces-windows-10-pro-workstations/

This announcement due to fact actually Windows 10 has this hardware limitation and often for particular activities on Workstation Microsoft server edition are installed as welle: 

  •  2 CPU, 256 cores and up to 2TB. RAM.
Windows 10 pro for Workstation is going to have these features:


  • ReFS (Resilient file system) support. (new Microsoft file system)
    ReFS provides cloud-grade resiliency for data on fault-tolerant storage spaces and manages very large volumes with ease. ReFS is designed to be resilient to data corruption, optimized for handling large data volumes, auto-correcting and more. It protects your data with integrity streams on your mirrored storage spaces. Using its integrity streams, ReFS detects when data becomes corrupt on one of the mirrored drives and uses a healthy copy of your data on the other drive to correct and protect your precious data.
  • Persistent memory support: 
    Windows 10 Pro for Workstations provides the most demanding apps and data with the performance they require with non-volatile memory modules (NVDIMM-N) hardware. NVDIMM-N enables you to read and write your files with the fastest speed possible, the speed of the computer’s main memory. Because NVDIMM-N is non-volatile memory, your files will still be there, even when you switch your workstation off.
  • SMB Direct support and lan card based on Remote Direct Memory Access (RDMA)
  • CPU Intel Xeon and AMD Opteron support till 4 CPU and  6 TB RAM.
Actually Windows 10 versions are going to become 12 (from 10):

  1. Windows 10 Home
  2. Windows 10 Pro
  3. Windows 10 Enterprise
  4. Windows 10 Education
  5. Windows 10 Pro Education
  6. Windows 10 Enterprise LTSB
  7. Windows 10 Mobile Enterprise
  8. Windows 10 Mobile
  9. Windows 10 IoT
  10. Windows 10 S
  11. Windows 10 Team
  12. Windows 10 Pro for Workstations

Here it is relative recap:

GPO - Wifi pcs and policy applying problems

Company laptop that connect to domain via WiFi could not apply correctly policies due to WiFi connection unavailability.

There are two alternatives to solve issue customizing properly GPO:

You can do this with Group Policy, using the Always wait for the network at computer startup and logon policy setting.  

https://technet.microsoft.com/en-us/library/gg486839.aspx

gplogon.jpg

Alternatively adding a delay during policy appling this policy:

Policy Location: Computer Configuration > Policies > Admin Templates > System > Group Policy
Setting Name: Startup policy processing wait time
Registry Key: HKLM\Software\Policies\Microsoft\Windows\System!GpNetworkStartTimeoutPolicyValue

https://support.microsoft.com/it-it/help/2421599/windows-7-clients-intermittently-fail-to-apply-group-policy-at-startup

Tips - Fix network connection issues in Windows 10

Here it is an interesting Microsoft article that well explain several easy workaround useful to reset windows 10 network issues.

you can use this command line syntax executing command prompt with Administrative rights:

ipconfig /flushdns
netsh winsock reset

netsh winsock reset proxy

https://support.microsoft.com/en-us/help/10741/windows-10-fix-network-connection-issues


<------------>
Using network reset should be the last step you try. Consider using it if the steps above don’t help to get you connected.
This can help solve connection problems you might have after upgrading from a previous version of Windows to Windows 10, as well as fix problems where you can connect to the Internet but not to shared network drives. It removes any network adapters you have installed and the settings for them. After your PC restarts, any network adapters are reinstalled, and the settings for them are set to the defaults.
  1. Select the Start  button, then select Settings  > Network & Internet  > Status > Network reset.
  2. On the Network reset screen, select Reset now > Yes to confirm.
    Wait for your PC to restart and see if that fixes the problem.


wnr_2

Freeware - Teracopy and RichCopy two GUI tools for coping files

I would like to highlight two software that should be allways in your IT tool collection.

Here they are characteristic and explanations.

TeraCopy 3.1

It is a compact program designed to copy and move files at the maximum possible speed, providing the user a lot of features:

  • It uses dynamically adjusted buffers to reduce seek times. Asynchronous copy speeds up file transfer between two physical hard drives.
  • Pause and resume file transfers. 
  • Error recovery. In case of copy error, it will try several times and in the worse case just skips the file, not terminating the entire transfer.
  • Interactive file list. It shows failed file transfers and lets you fix the problem and recopy only problem files.
  • Shell integration. TeraCopy can completely replace Explorer copy and move functions, allowing you work with files as usual.
  • Full Unicode support.

Spotlight RichCopy


offers a number of granular controls that allow you to tailor file copying to your needs


Freeware - UninstallView from NirSoft

Today I would like to highlight UninstallView is a new tool for Windows that collects information about all programs installed on your system and displays the details of the installed programs in one table. 
You can use it to get installed programs information for your local system, for remote computer on your network, and for external hard-drive plugged to your computer. It also allows you to easily uninstall a software on your local computer and remote computer (Including quiet uninstall if the installer supports it).

Disaster Recovery - Ex-Admin Deletes All Customer Data and Wipes Servers of Dutch Hosting Provider

Today I would like to mention this incredible history about an ex-Administrator proceeded to delete and wipe all customers servers.

You can review following image that well explain what happened:

Verelox, a provider of dedicated KVM and VPS servers based in The Hague, Netherlands, suffered a catastrophic outage after a former administrator deleted all customer data and wiped most of the company's servers.



more details can be found here:

https://www.bleepingcomputer.com/news/security/ex-admin-deletes-all-customer-data-and-wipes-servers-of-dutch-hosting-provider/

Windows 10 - How to: Move from BIOS to UEFI with the new Windows 10 Creators Update

Microsoft Mechanics delivers a comprehensive yet concise explanation of how you can safely and non-destructively convert a Windows 10 machine from legacy BIOS to UEFI disk partitioning.

Windows Program Manager, Desmond Lee, demonstrates the new MBR2GPT disk conversion tool that’s part of Windows 10 Creators Update. 
This is a comprehensive yet concise overview that explains how you can safely and non-destructively convert a Windows 10 machine from legacy BIOS to UEFI disk partitioning; and how you can automate the conversion as part of your in-place upgrade process from Windows 7 to Windows 10. 

Importantly, unlike wipe and load methods, all of this can be achieved without having to move your data off the disk.
To learn more please also check out: http://aka.ms/mbr2gpt


Scripting - Nslookup and debugging mode

About Nslookup command you can review old blog articles.

Nslookup

I would like to highlight this interesting Microsoft article and debug switch to have more debug capability when nslookup is launched and there are some unknown DNS query problems.

Scripting - Il comando NSLOOKUP parte 2 (piu' DIG)

Scripting - comando nslookup

Server - How to verify that your mail server work properly

<-------->


Nslookup's debug mode is a useful troubleshooting feature; you can set the local computer into this mode by typing set debug , or for even greater detail, set d2 . In debug mode, Nslookup lists the steps being taken to complete its commands, as shown in this example:

C:\>nslookup
(null) testpc1.reskit.com
Address: 172.16.8.190
> set d2
> rain-city
(null) testpc1.reskit.com
Address: 172.16.8.190
------------
SendRequest(), len 49
HEADER:
opcode = QUERY, id = 2, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
rain-city.reskit.com, type = A, class = IN
------------
------------
Got answer (108 bytes):
HEADER:
opcode = QUERY, id = 2, rcode = NOERROR
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 2, authority records = 0, additional = 0
QUESTIONS:
rain-city.reskit.com, type = A, class = IN
ANSWERS:
-> rain-city.reskit.com
type = CNAME, class = IN, dlen = 31
canonical name = seattle.reskit.com
ttl = 86400 (1 day)
-> seattle.reskit.com
type = A, class = IN, dlen = 4
internet address = 172.16.2.3
ttl = 86400 (1 day)
------------
(null) seattle.reskit.com
Address: 172.16.2.3
Aliases: rain-city.reskit.com

SCOM - Backup - Veeam Management Pack for System Center v8

Today I would like to mention this Veeam Management Pack for System Center v8 that provides complete app-to-metal visibility for both your virtual and physical environments, creating the “big-picture” view of your entire virtualized infrastructure – and all from within the native System Center Management console.
This kind of monitor will include insights into Veeam Backup & Replication services.

https://www.veeam.com/system-center-management-pack-vmware-hyperv.html

What’s New in v8 Product Overview Editions Comparison Microsoft Solution Brief Veeam MP Differentiators




Tips - How to add Developer Tab in Excel 200X/201X

Excel 2007


Office Button --> Excel Option button at the bottom
Excel Option window --> Popular button at the left;
Under Top Option for Working with Excel, check the Show Developer tab in the Ribbon option.


Excel 2010 and 2013 Ribbon

File tab --> Options at the left --> Excel Option window;
Click Customize Ribbon at the left -->  Main Tabs  --> Check the Developer item --> Ok


2016 Server - DC upgrade from 2012 to 2016 issue

If you are planning to upgrade 2012 DC server to 2016 withouth taking in consideration reinstallation scenario you need to be aware about problems that you will face about netlogon and Network Time servicing.

Here they are related Microsoft articles:

Windows Time Service settings are not preserved during an in-place upgrade to Windows Server 2016 or Windows 10 Version 1607

https://support.microsoft.com/en-my/help/3201265/windows-time-service-settings-are-not-preserved-during-an-in-place-upgrade-to-windows-server-2016-or-windows-10-version-1607

Netlogon service doesn't retain settings after upgrade to Windows Server 2016

https://support.microsoft.com/sl-si/help/3201247/netlogon-service-doesn-t-retain-settings-after-upgrade-to-windows-server-2016

Here it is an article that can be useful for reading purpose:

https://www.devadmin.it/2017/05/08/issues-durante-upgrade-in-place-di-domain-controller-a-windows-server-2016/

Extra IT - Wimbledon Semifinals Free Live streaming

I found this interesting article that indicate working links to live view, and for free, Wimbledon.

Here it is above link that, about Federer semifinals works with very good resolution quality.


  • Alternative [ LINKS ] – more links on this page
  • External [ LINK 1 ] – Mobile Supported (ESPN/Main-Court)
  • External [ LINK 2 ] – Mobile Supported (BBC 1/Main-Court)
  • External [ LINK 3 ] – Mobile Supported (BBC 2/Court 1)
  • External [ LINK 4 ] – Mobile Supported (ESPN/Main-Court)
  • External [ LINK 5 ] – Mobile Supported (ESPN/Main-Court)
  • External [ LINK 6 ] – BatmanStream (Center Court Matches)
  • External [ LINK 7 ] – Flash (Spanish HD)
  • External [ LINK 8 ] – Mobile Supported (Men’s Singles Semifinals)
  • External [ LINK 9 ] – BatmanStream (German/Center Court)
  • External [ LINK 10 ] – Flash (Spanish/Main-Court)
  • External [ LINK 11 ] – Flash (French)
  • External [ LINK 12 ] – Flash (BBC)
  • External [ LINK 12 ] – Flash (BBC One)
  • External [ LINK 13 ] – Flash (English)

Original Article:

Powershell - Windows Firewall commands

Here they are some powerhesll commands.

To view actual rule status:

Get-NetFirewallRule -DisplayName '*Remote Desktop*'



To view more detailed rules informations:

Get-NetFirewallRule -DisplayName '*Remote Desktop*' | Get-NetFirewallPortFilter

If you want to setting up to precedent settings displayed:

Get-NetFirewallRule -DisplayName '*Remote Desktop*' | Set-NetFirewallRule -Action Block

Another useful cmdlet is called Show-NetFirewallRule. Recall that we could not see all of the details when using Get-NetFirewallRule earlier. Using Show-NetFirewallRule, we're able to instantly see everything that's involved with one or all firewall rules.

Show-NetFirewallRule



For deeper explanation and relative usage you can review this article:

http://www.tomsitpro.com/articles/managing-windows-firewall-powershell,1-3588.html#xtor=RSS-100


Tips - Google Chrome redistributable download

If you need to download latest google chrome version in redistributable version and, in case, have portable with old google chrome executable too here is useful link for you:

http://www.geocities.jp/ecvcn/exam/chrome_installer.html

Veeam - How to Use the Veeam Backup Validator

Veeam offer a simple command line tool to verify backup consistencies.

Here it is relative Veeam article:

How to Use the Veeam Backup Validator

From precedent article here they are relative switches and examples:


Parameters:

    /?       - Displays help
    /backup  - Specifies backup name or backup ID
    /vmname  - Specifies one or more VM names (empty value for all VMs)
    /point   - Specifies restore point ID
    /date    - Specifies restore point date
    /time    - Specifies restore point time
    /silence - Enables silence output mode
    /skip    - Skips specified VMs
    /report  - Generates HTML report at the specified path
    /file    - Specifies one or more backup files (VBM, VBK, VIB, VLB)
    /format  - Specified report format (HTML, XML)

Examples:   
  • Validate the VMs named "W2008", "W2008R2_DC" and "W2K" in the most recent restore point for the backup "Backup Job 1_imported".

    Veeam.Backup.Validator.exe /backup:"Backup Job 1_imported" /vmname:W2008 /vmname:W2008R2_DC /vmname:W2K

     
  • Validate all virtual machines in the last restore point with ID 3942788C-B309-4FA4-A111-A4C87B3EC63D.

    Veeam.Backup.Validator.exe /backup:3942788C-B309-4FA4-A111-A4C87B3EC63D

     
  • Validate a VM with the name "Windows 8" in the restore point created on December 5 2012 for a job named “Backup Job 1".

    Veeam.Backup.Validator.exe /backup:"Backup Job 1" /vmname:"Windows 8" /date:05.12.2012

     
  • Validate a VM with the name "VM1" in the restore point created around 16:00 on December 5 2012 for a job named "Backup Job 2".

            Veeam.Backup.Validator.exe /backup:"Backup Job 2" /vmname:"VM1" /date:"05.12.2012" /time "16:00"
 

  • Validate a VM with the name "VM2" contained in the VBM file located at C:\Backup\VM2_Backup.vbm

    Veeam.Backup.Validator.exe /file:"C:\Backup\VM2_Backup.vbm" /vmname:"VM2"

     
  • Validate all VMs in VBK-file (backup file).

    Veeam.Backup.Validator.exe /file:"C:\Backup\VM2_Backup.vbk"

     
  • Validate a VM with the name "VM3" in the most recent restore point of "Backup Job 1" and create an HTML-report.

    Veeam.Backup.Validator.exe /backup:"Backup Job 1" /vmname:"VM3" /report:"D:\Reports\Backup_Job_1_Validate_30_09_2014.html"

     
  • Validate a VM with the name "VM3" in the most recent restore point of "Backup Job 1" and create XML-report.

    Veeam.Backup.Validator.exe /backup:"Backup Job 1" /vmname:"VM3" /report:"D:\Reports\Backup_Job_1_Validate_30_09_2014.xml" /format:xml

Nmap - Scanning port tool

Nmap ("Network Mapper") is a free and open source (license) utility for network discovery and security auditing. 
Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. 

It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X. In addition to the classic command-line Nmap executable, the Nmap suite includes an advanced GUI and results viewer (Zenmap), a flexible data transfer, redirection, and debugging tool (Ncat), a utility for comparing scan results (Ndiff), and a packet generation and response analysis tool (Nping).

Nmap was named “Security Product of the Year” by Linux Journal, Info World, LinuxQuestions.Org, and Codetalker Digest. It was even featured in twelve movies, including The Matrix ReloadedDie Hard 4Girl With the Dragon Tattoo, and The Bourne Ultimatum.
Nmap is ...
  • Flexible: Supports dozens of advanced techniques for mapping out networks filled with IP filters, firewalls, routers, and other obstacles. This includes many port scanning mechanisms (both TCP & UDP), OS detectionversion detection, ping sweeps, and more. See the documentation page.
  • Powerful: Nmap has been used to scan huge networks of literally hundreds of thousands of machines.
  • Portable: Most operating systems are supported, including LinuxMicrosoft WindowsFreeBSDOpenBSDSolarisIRIXMac OS XHP-UXNetBSDSun OSAmiga, and more.
  • Easy: While Nmap offers a rich set of advanced features for power users, you can start out as simply as "nmap -v -A targethost". Both traditional command line and graphical (GUI) versions are available to suit your preference. Binaries are available for those who do not wish to compile Nmap from source.
  • Free: The primary goals of the Nmap Project is to help make the Internet a little more secure and to provide administrators/auditors/hackers with an advanced tool for exploring their networks. Nmap is available for free download, and also comes with full source code that you may modify and redistribute under the terms of the license.
  • Well Documented: Significant effort has been put into comprehensive and up-to-date man pages, whitepapers, tutorials, and even a whole book! Find them in multiple languages here.
  • Supported: While Nmap comes with no warranty, it is well supported by a vibrant community of developers and users. Most of this interaction occurs on the Nmap mailing lists. Most bug reports and questions should be sent to the nmap-dev list, but only after you read the guidelines. We recommend that all users subscribe to the low-traffic nmap-hackers announcement list. You can also find Nmap on Facebook andTwitter. For real-time chat, join the #nmap channel on Freenode or EFNet.
  • Acclaimed: Nmap has won numerous awards, including "Information Security Product of the Year" by Linux Journal, Info World and Codetalker Digest. It has been featured in hundreds of magazine articles, several movies, dozens of books, and one comic book series. Visit the press page for further details.
  • Popular: Thousands of people download Nmap every day, and it is included with many operating systems (Redhat Linux, Debian Linux, Gentoo, FreeBSD, OpenBSD, etc). It is among the top ten (out of 30,000) programs at the Freshmeat.Net repository. This is important because it lends Nmap its vibrant development and user support communities.

<-------------------->


Effettuare un "port scan" completo è possibile su tutti i sistemi operativi, grazie a questo eccellente software open source.
Il tool di riferimento per ogni amministratore di rete o power-user che si rispetti è indubbiamente Nmap! Si tratta di un potente port scanner, capace di analizzare computer sia in LAN, sia via Internet e preparare report completissimi circa le porte TCP o UDP raggiungibili.

È compatibile con Windows (comprese le compilazioni a 64 bit), Linux e Mac OS X e può essere utilizzato sia da riga di comando, sia tramite una comoda interfaccia grafica chiamata Zenmap, già inclusa nei pacchetti d'installazione per sistemi operativi Microsoft ed Apple.
Il software è distribuito con licenza open source. Questo significa che può essere utilizzato liberamente, anche per scopi professionali.

Il Download si può effettuare in http://nmap.org/

720check