SCRIPTING - HOW TO SCHEDULE SERVER REBOOT

If you need to plan one shot (fixed time and date) reboot you could use this command.

It will create a scheduled task, that can be executed with or without any one logged on.

(no password saving is required)

Obviously any other customization is easily to be rearranged.

schtasks /create /sc once /tn taskname /tr "shutdown -r -f” /st hh:mm /sd dd/mm/yyyy /NP

 

/NP   No password is stored.  The task runs non-interactively

            as the given user.  Only local resources are available.      

 /SC   schedule    Specifies the schedule frequency.

                                    Valid schedule types: MINUTE, HOURLY, DAILY, WEEKLY,

                                    MONTHLY, ONCE, ONSTART, ONLOGON, ONIDLE,                                     ONEVENT.                                                          

 

/SD   startdate    Specifies the first date on which the task runs. The

                                   format is dd/mm/yyyy. Defaults to the current

                                    date. This is not applicable for schedule types: ONCE,

                                    ONSTART, ONLOGON, ONIDLE, ONEVENT.                           

                                                                               

/ST   starttime     Specifies the start time to run the task. The time

                                    format is HH:mm (24 hour time) for example, 14:30 for

                                    2:30 PM. Defaults to current time if /ST is not

                                    specified.  This option is required with /SC ONCE.

               

/TN   taskname    Specifies the string in the form of path\name

                                    which uniquely identifies this scheduled task.

                                                                               

/TR   taskrun      Specifies the path and file name of the program to be

                                    run at the scheduled time.

                                    Example: C:\windows\system32\calc.exe            

[UPDATE 2023.08.08]

Windows 2003/2008/2008 R2/2012/2012 R2 this is correct syntax.

schtasks /create /sc once /tn taskname /st hh:mm /sd dd/mm/yyyy /NP /tr "shutdown -r -f”

SCRIPTING - HOW TO CHECK SERVER UPTIME WITH SINGLE COMMAND

If you must check server uptime (or any other information) systeminfo is an interesting command line tool (Windows builtin)

SystemInfo /s SERVERNAME| find "Boot Time:"

With previous command you could obtain remote server uptime information

Indeed concatenating previous commands, using &&, it will aggregate several server info "one shot"

SystemInfo /s SERVERNAME1 | find "Boot Time:" && SystemInfo /s SERVERNAME2| find "Boot Time:"

Consider that you might launch command line, locally, with AD account with enough permissions on remote servers.

[related article]

Scripting - How to refresh remote client ip

[Update - 2022.11.17]

There is an alternative way to check, remotely, system uptime, it is using psexec in conjunction with wmic command.

About psexec you can review this old blog article:

https://www.alessandromazzanti.com/2014/04/psexec-21-download-and-tutorials.html

  1. execute cmd with Administrative rights
  2. cd c:\patchwherepsexecislocated\
  3. PsExec64.exe \\REMOTEPCNAME cmd
  4. wmic path Win32_OperatingSystem get LastBootUpTime



Antivirus - Failed to install sme64: general error #Sophos Central

During these days we faced several devices with below error (on Sophos Central console)

Failed to install sme64: general error

Due to this error no updates was no longer received on endpoints.

This is Sophos article that fixed problem (certificate error)

https://support.sophos.com/support/s/article/KB-000043788?language=en_US

[update 2022.10.13]

Here it is a similar article that could be useful to be applied:

Sophos Central: Installation Failures due to Automatic Root Certificates Update being disabled
https://support.sophos.com/support/s/article/KB-000044065?language=en_US&name=KB-000044065

Sophos Central: Locate the Central Endpoint SSL certificate
https://support.sophos.com/support/s/article/KB-000036882?language=en_US&name=KB-000036882

Consider that, in my expirience, it could be useful, navigate to below weblink

https://trusted-root-g4.chain-demos.digicert.com/

or apply, original sophos article, related to below steps:

  1. Access the file referenced in the log:
    • C:\Program Files\Sophos\Sophos ML Engine\ML1\docmodel\<timestamp>\docmodel.dll
      • Note: In this case, <timestamp> is the name of the folder specific to the device.
  2. Access the Properties of the file docmodel.dll.
  3. Click the Digital Signatures tab.
  4. Select Sophos Ltd in the Signature list and click Details.
  5. Click View Certificate and then click the Install Certificate...
  6. On the Certificate Import Wizard select Store Location Local Machine and click Next.
  7. Leave the default option Automatically select the certificate store based on the type of certificate selected and click Next, then Finish.
  8. The message 'The import was successful' should be displayed. Click OK to exit the windows.
  9. Once imported, on the next update the Sophos ML Engine should install.

Server - Event ID 4105: The Terminal Services license server cannot update the license attributes for user in Active Directory Domain #HOW TO FIX

During these days we faced problems on license server (that was dealing 2008 R2 CAL)

Error was this one:

Event ID 4105: The Terminal Services license server cannot update the license attributes for user <UserName> in Active Directory Domain <DomainName>

Log Name: System

Source: Microsoft-Windows-TerminalServices-Licensing

Event ID : 4105

Level: Warning

User: N/A

Computer: <computer name>

Description:

The Terminal Services license server cannot update the license attributes for user <user name> in the Active Directory Domain <domain name>. Ensure that the computer account for the license server is a member of Terminal Server License Servers group in Active Directory domain <domain name>.

If the license server is installed on a domain controller, the Network Service account also needs to be a member of the Terminal Server License Servers group.

If the license server is installed on a domain controller, after you have added the appropriate accounts to the Terminal Server License Servers group, you must restart the Terminal Services Licensing service to track or report the usage of TS Per User CALs.

Win32 error code: 0x80070005


Solution was to add these AD group "Terminal Server License Server" to users that was dealing with problem (and changing permissions as below screenshot)



https://docs.microsoft.com/en-us/troubleshoot/windows-server/remote/terminalservices-licensing-event-4105

https://www.mysysadmintips.com/windows/servers/505-the-remote-desktop-license-server-cannot-update-event-4105

https://docs.microsoft.com/en-US/troubleshoot/windows-server/remote/terminalservices-licensing-event-4105


Security - How to find domains that contain specific keyword

You might have necessity to check if you domain/company name, or any other term, is available on internet.

Basically to intercept any phishing, website cloning with similar FQDN

There is a specific website that easily help you on these searches.

https://dnslytics.com/domain-search

You can use:

  1. ^keyword to search all domains that starts with keyword term
  2. keyword$ to search all domains that ends with keyword term