ipconfig net use h: \\host\drive$ /persistent:yes Try "net use... /autodisconnect:-1 to disable auto-disconnect. The registry setting for unencrypted passwords needs a reboot in order to take effect. XP Firewall app. Start/Run/firewall.cpl Registry setting to enable clear passwords: reate a new field EnablePlainTextPassword with a dword value of 1 in the registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkStation\Parameters\ (see http://www.chongluo.com/books/unix3/upt/ch47_03.htm ) To run something as administrator via UAC (elevated privs), SHIFT+CTL to invoke entered command, or Right click on any link to use context menu. To use the Start Search field w/ admin privs, hit CTRL+SHIFT+ENTER instead of just ENTER. Enable Administrator login (and disable): net user administrator /active:{yes|no} NO PASSWORD BY DEFAULT!!!! Disable the stupid authorization prompter for Vista in Control Panel / Users. "net user" to list all users. "net user /domain" to list all domain users. SET PASSWORD: net user username * (or supply literal password instead of *). CREATE ACCOUNT: net user... /ADD (Creates without admin privs) "net localgroup" to list all local groups. Password expirations: (run as admin, of course) Check: net user x | findstr /c:expires Disable: wmic useraccount where name='x' set passwordexpires=false To grant admin: net localgroup administrators USERNAME /add To give file privs: net share confg*C:\/grant:USERNAME,full DOES NOT WORK FOR ME! OR net share SHARE_NAME=c:\ /grant:USERNAME,full Mounting drive FROM Win TO Linux http://www.cyberciti.biz/tips/how-to-mount-remote-windows-partition-windows-share-under-linux.html Password-related stuff: http://www.kellys-korner-xp.com/win_xp_passwords.htm Settings > System, About graphic display of the subversion. Distinguishing 32 bit vs. 64 bit: http://support.microsoft.com/kb/827218 For XP specifically, see if the Processor description starts with "x86" vs. "*64" under the System Summary node of "winmsd". For Vista, same designation under System Information tab. Windows autostart dir is %HOMEPATH%\StartMenu\Programs\Startup Password management (at least in XP): Run "control userpasswords2". "ipconfig" "tracert" See "cmd.txt" re. CLI file associations. Changing hostname. sysdm System, Computer Name tab, Change... button. don't persist! from CLI: wmic computersystem where name='oldname' rename 'newname' :: quotes only needed for names that contans special char like - :: then reboot shutdown /r /t 0 More convenient from PowerShell. SHOW FILE TYPES and HIDDEN FILES: My Computer OR IE. Tools / Folder Options... View tab. For Windows 11, pulldown View > Show. Uncheck: Files and Folders / Hide extensions for known file types and Hidden items FIREWALL EXCEPTIONS: Windows Firewall Exceptions tab Add Program... (I think) VNC Client (for outgoing) winvnc4.exe (for RealVNC) Remote Assistance Remote Desktop BETTER! Add Port: VNC / 5900 / TCP For auto-powering off, use Control Panel / Power Options and screen saver password checkbox. Grep: findstr (Command "find" is for simple searches with few options). \b does not work. Does not support regexp | operator. A work-around is to not use /c and specify multiple expressions in double-quotes. findstr similar to grep. Most useful syntax: findstr [/rsivnm] [/c:"expr" "words to search for" files... Switches have same purpose as for grep except: /r /c:"str": Regexp /c:"str" [without /r] == grep -F (for single fixed expression) /s: == grep -{rR} /m: == grep -l /l: Supposed to be "Literal" but seems to have no effect. pushd, popd doskey still good for macros F7: history pop-up Comments is macros file: ?= command-line regedit Work with .reg files. Write .reg files like: regedit /e newfilename.reg HKEY_LOCAL_MACHINE\... Seems can only export keys (sets of values). Update by using an exported file as a template, editing, and running regedit filename.reg ALLOW PING with Windows Firewall Advance tab / ICMP of Windows Firewall settings. Easier: netsh advfirewall firewall add rule name="ICMP Allow incoming V4 echo request" protocol=icmpv4:8,any dir=in action=allow netsh advfirewall firewall add rule name="ICMP Allow incoming V6 echo request" protocol=icmpv6:8,any dir=in action=allow Defender Firewall from CLI CURRENT profile: netsh advfirewall monitor show currentprofile This impacts both Defender Firwall and 'Network & Internet' > 'Sharing opts' Domain profile set when host is a member of a domain (and no network interfaces circumvent that) Intention is Public == unprotected-public-network-connection-active. [Determined by active connections' "Network profile" in conn. properties. version-dependent] GOTCHA! Can't change this from UI with modern Win Servers. Must use PowerShell. Powershell: Get-NetConnectionProfile CHANGE: Set-NetConnectionProfile -Name 'network name' -NetworkCategory {Public|Private} Easiest to get network name from PowerShell: get-netconnectionprofile network name is not adapter name like "Ethernet 2" but the subtitle like "Network 3". Also can see this under 'Show Available Networks' (from Win Start menu) Firewall rule "groups" have very slight scope. Can only use them to view and as a criterion only for enabling/disabling via netsh advfirewall firewall set rule group="grp name" new enable={yes|no} enable/disable: netsh advfirewall set ? netsh advfirewall show allprofiles # shows log locations too! netsh advfirewall set {all|domain|private|public}profile state {on|off} netsh firewall add rule ? netsh can't set rule group for some damned reason. Be careful to not create multiple rules with same (case-insensitive) name, or will have to give extra criteria to identify one rule. netsh advfirewall firewall add rule name="name" dir=in action=allow protocol=tcp|udp|icmpv4*|icmpv6* localport=80 profile=Private,Domain must set action; defaults: enable=yes profile=any interfacetype=any group= icmpv4 and icmpv6 may have suffix of :type,code. ping request is 8, 0 per netsh advfirewall firewall set rule name="name" new setting=value... (see above for only set allowed with group, for enabling/disabling) https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol#Control_messages Then set group with powershell: $r = Get-NetFirewallRule -DisplayName "the name"; $r.Group = "new grp"; $r | Set-NetFirewallRule; XP disabling search indexing: http://lifehacker.com/031440/turn-off-indexing-and-speed-up-windows-xp Right click disk in My Computer and disable indexing in disk props "services.msc". Double-click Indexing Service, and Stop and (startup type) Disable Indexing Service. services.msc Services management UI To start or stop: net start|stop|restart "Service Name" (some or all Win vers lack "restart"). (remember to start the cmd shell with CTRL+SHIFT+Enter) Really dumb since services can have nothing to do with "net". Have to double-quote service names with funky characters. hosts file at C:\Windows\System32\drivers\etc\hosts Sometimes needs extra privs to edit, and sometimes not. Windows-bootable USB stick parted mklabel msdos mkpart primary ntfs 0 3684MB set 1 boot on mkfs.ntfs -L 'Win 8 Preview Install' /dev/sdd1 "cp -a..." all files from a "mount -loop file.iso /tmp/mnt" to the mounted sdd1 ms-sys -7 /dev/sdd Product Key: TK8TP-9JN6P-7X7WW-RFFTV-B7QPF Stop windows from snapping to maximize when window moved to near edge. Ease of Access Center, Make the mouse easier to user..., Make the keyboard... or Prevent windows... WINDOWS 8. Which is Home screen? The Start screen? Start menu from Start screen by hovering cursor at far left bottom corner. Top-level menu from Desktop screen by hovering cursor at far right bottom corner. CTRL+ESC (== Windows key) to go to Home screen. When have a double-height taskbar where vertical arrow won't resize it, problem is that you have placed two things right one above the other. Just move the items so that they are not above/below one another. determining service pack level systeminfo | findstr /B /C:"OS Name" /C:"OS Version" But the search is English-specific. Doesn't work for Windows Server, and I doubt works reliably otherwise. winver seems to work, but is graphical. CLI invocation for Remote Desktop Connection is "mstsc", at least with one version of Windows. Built-in Screen-shotting application (but see native method below), probably Win 7 and later. Accessories/ Snipping Tool. Graphical PSR = Problem Step Recorder. Invoke with command line "PSR". Auto-shots when you click. Full-screen only. Screen capture / screen shot natively to system clipboard: PRINT_SCREEN captures entire screen ALT+PRINT_SCREEN captures active window Can be pasted into Paint if you have nothing better. Paint can save as PNG (at least with Windows 7), but it saves a full "page" instead of just the image dimensions. To really close an app: ALT+F4 http://www.bleepingcomputer.com/tutorials/how-to-show-file-extensions-in-windows/#windows_vista_7 Version-specific! Windows 8: Control Panel>[Appearance and Personalization>]Folder Options, View tab, under Advanced settings. Recovery disks are not computer-specific, only version (not variant like Home/Biz/Enterprise) and bit-specific. (That according to the label they have you write). Win 7 done from somewhere under Control Panel; for Win 8 run "recdisc". To log into local account can specify domain as ".". But that doesn't work with RDP, where . means source host not destination host. Shortcut icons and quick launch icons for CMD scripts in Win 8. Last section of PIN... answer at: http://superuser.com/questions/656611/how-to-pin-a-batch-file-to-the-taskbar-quicklaunch After that can change the icon at Properties -> Shortcut -> Change Icon... button. Wants an .ico or .icl file or a .dll or .exe file embedding an icon. Shutdown: shutdown /t 0 /f /r|/s /f without '/t 0' would shut down within the minute /f bypasses checking on active user sessions /r or /s for restart or shutdown RDP Control keys from Windows RDP Client: CTL+ALT+END -> CTL+ALT+DEL (don't need any mapping for C+A+D when using Linux rdesktop client) Can't do a 3-finger reboot. Need to issue awesome shutdown cmd: shutdown /t 0 /f /r See below for command-line invocation and switches. If you give username as .\user, . will mean the CURRENT host! (You can see this explicitly if you use /v: switch and do 'Use a diff...'. Don't rdp to a domain host with unqualified name because RDP will change to either local or domain account based on what was run previously. Mapping network drives on command-line: net use net use S: \\tower\movies [/P:Yes] [/user:USERNAME Password] [/Delete] net use S: /d /P means persist across reboots. /D means delete (un-map). To format a drive as NTFS from X Must open properties for the drive (under My Computer or Windows Explorer) and set "Optimize for performance". Afterward disable that to stop the caching, but it's necessary to allow you to format with NTFS. When DNS fails to work for no good reason, do: ipconfig /flushdns Determine/set NTFS label from Linux: ntfslabel -f /dev/sdb2 [THE_LABEL] Determine whether EUFI being used (Windows 8.x): 1: Search for "Detected boot environment:" in C:\Windows\Panther\setupact.log 2: msinfo32. Look for "BIOS Mode" entry (at top level) 3: a: Get to Recovery Firmware Shell: PC settings > Update & Recovery > Recover , Restart now. b: Troubleshoot > Advanced options > UEFI Firmware Settings > press Restart Mess with wireless networks: netsh wlan show profiles netsh wlan delete profile name="WirelessProvile" Useful Outlook search: CTRL+SHIFT+F = Put focus in the 'Search Current Mailbox' field. This will activate the search toolbar up top. Advanced Find. outlook exact search".. there's a really good Microsoft KB article on it. Outlook find-in-page (not CTRL+F !). Open msg in its own window and F4. Outlook contact group = local Outlook email alias/list For some reason can't use local contact groups in Teams Diff: fc Fix barely visible blue-on-black for Putty. Change Window > Colours values for ANSI Blue for desired Sessions. ANSI Blue -> 85/85/187 (don't use any button) Back on Session screen, make sure desired session is selected/bg-highlit in list and Save Flash http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager03.html http://www.farmvilledirt.com/2011/09/emergency-farm-repair-kit.html down in the center will show you what to clear. Find last boot time, uptime: systeminfo | find "Time:" OR: systeminfo | findstr Time: Awesome tool to prepare drives for safe removal from CLI, and it work BETTER than OOTB UI method. http://www.uwe-sieber.de/drivetools_e.html Use like: removedrive d: -l Exit Chrome full-screen: F11 Renew DHCP addr: ipconfig /release ipconfig /renew Map a local folder to a drive. Does not persist across reboots. Only usable to current user. SUBST X: "D:\Documents\Blah\Blah" To remove SUBST X: /D At least with Windows 10, you can invoke executables and scripts in $PWD regardless of PATH value. Storage/disk/FS management: Disk Management. diskmgmt.msc Find out what Windows Defender Firewall is rejecting. Choose very top item in nav panel (NO ICON!), "Windows Defender..." Then use link 'Windows Defender Firewall Properties' Select correct profile tab (useful descriptions at top of each body). Customize button. Invoke network adapters directly: ncpa.cpl Invoke system properties directly: sysdm.cpl Invoke Local Policy Editor directly: gpedit.msc Invoke Local Users and Groups directly: lusrmgr.msc Invoke Active Directory Users and Computers directly: dsa.msc Invoke Services: services.msc Invoke Disk Management: diskmgmt.msc Invoke RDP: mstsc [file.rpd] [/w:1024 /h:768|/f] /v:server (/v gives a different prompt UI for some reason). Invoke Windows Defender Firewall with Advanced Securty: wf.msc Invoke Registry Editor: regedit Invoke Group Policy Management: gpmc.msc Invoke Group Policy Management Editor: gpme.msc CLI for many things incl. firewall, wlan: netsh Service Control: sc Local Security Policy: secpol.msc sc.exe sc.exe query "service name" # Not! display_name as shown in services.msc sc.exe queryex type=service [state=active|all|inactive] sc qc "service name" # In addition to state info, displays Run As user and invoke cmd path. sc config "service name" start=auto|demand (3 other supported values) wmic service "service name" get pathname # display the execution path sc config "service Name" binPath= ... If the binPath has multiple double-quotes, the only way I can get it to work is with Bash shell by putting the entire value into a separate param, like: sc config SVCNAME binpath= 'the whole thing with any spaces and doublequotes' sc query|start|stop|delete "service Name" (I see no restart operation) To refresh global policies immediately (instead of waiting for schedule): gpupdate /force Local account login to a domain-member computer: \account or .\account (but for RDP this is source not target host) works for "administrator" too. whoami [/groups] works on windows, to show login domain vs. local. windows-key + r = Run Enabling NLA For some reason I get NLA rejection if it's enabled on wintmp server; but not on outlook server!! Server needs to enable NLA via sysdm.cpl, Remote tab, bottom checkmark. Or PowerShell: reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp" /v UserAuthentication /t REG_DWORD /d 0 /f Users need to be in some allow-remote-connecton list. Admins are. GPO (not local): Computer Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Security Computer Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Settings\Remote Desktop Session Host\Security Computer Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Settings\Remote Desktop Connection Client Gotcha: To select domain users in places like sysdm.cpl and lusrmgr.cpl UI: Locations button. Select 'Entire Directory' (which may appear empty). "Enter the object..." field, enter the short (unqualified) user name, click "Check Names" button and select the correct domain account. DOMAIN USER NAMES: Either NBNAME\user or user@DOM.NAME, but 2nd only works for real domain accounts (i.e. no . or hostname). RDP Requirements: Must be an admin or belong to 'Remote Desktop Users' list (or be explicitly listed in sysdm.cpl Remote, User list). gMSA group managed service accounts https://docs.microsoft.com/en-us/windows-server/security/group-managed-service-accounts/group-managed-service-accounts-overview (cf. sMSA) For decent encryption, "AES should always be explicitly configured for MSAs". Symlinks: mklink [/d] sym/path target/path Good test if user is a domain user and has domain connectivity: net user /domain File Explorer Searching for just filenames: name:token file:token filename:token Plus for patter matching switch : for :* and :~ To change file associations for opening (e.g. *.ps1 -> PowerShell) Computer\HKEY_CLASSES_ROOT\Microsoft.PowerShellScript.1\Shell\Open\Command -> "C:\...\powershell.exe" "%*" Interactively changing "Open with" configuration doesn't allow param-passing. Defining a new ftype and then updating the .ps1 assoc would probably work, but requires sysadmin privs. Certificate trust. http://woshub.com/updating-trusted-root-certificates-in-windows-10/ By default, Internet update from Microsoft weekly. GUI app: Certificatest snap-in for mmc.exe Current CA trust list: powershell -command "Get-Childitem cert:\LocalMachine\root |format-list" Task Scheduler: Add a one-time task (silently replacing existng job with task name): schtasks /create /st 13:37 /tn myTask /tr "powershell -NoLogo -WindowStyle hidden -file x/y/z.ps1" /sc once|daily /ru %USERNAME% /f For some reason /z switch fails with message: The task XML is missing... List schtasks /query [/v] /tn myTask :: or use /tx switch to use some other task ID (Can't change /sc but can change /st) Remove the job: schtasks /delete /tn myTask :: or use /tx switch to use some other task ID Change it: schtasks /change /tn myTask /somesetting val :: or use /tx switch Disable windows search indexing sc stop wsearch && sc config wsearch start=disabled (Or disable the services in services.msc) services.msc Windows Search -> Disabled Display seconds in clock Registry HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced RMB, new DWORD name: ShowSecondsInSystemClock value: 1 32 vs. 64 bit Program Files. \Program Files is 64 bit. I believe can always depend on this being \PROGRA~1 I would not depend on PROGRA~x numbering for the following: \Program files (x86) is legacy 32 bit \ProgramData. Hidden directory To see hidden directories from CMD, use: dir /a:h See 'powershell.txt" file about setting powershell execution policy on a host. gitforwindows gotcha. When running non-GFW binaries if any arg looks like a filepath (at least contains or maybe starts with /) it will translate what the target program gets. Without digging deep, no simple workaround. For now I execute these from CMD. CMD/DOS console/terminal By default to select and copy text you must mark and copy with CTRL+m or RMT-item then ENTER or CTRL+c. At the (acceptable) cost of losing the RMB menu, enable Quick Edit Mode to: LMB drag in place of CTRL_m or RMB-item to start text selection. (Still need to ENTER or CTRL+c to copy) Also useful to increase CLI history and remove dups from history. RMB to paste. (Eliminating RMB menu) If a zip program (incl. 7Zip) not available on PC then can use Powershell's Compress-Archive cmdlet. Wordpad blows!!! You must use filename suffix "txt" or it will write binary. When it saves it always writes \r\n's, converting if not already present. There is no option to paste in text/ASCII to a text document. You have to insert binary and then when you re-save to the *.txt file it will ask you to confirm that you want the binary data stripped out. BitLocker Keys are maintained at https://account.microsoft.com Lock Status: CLI: manage-bde -status [C:] # See "Lock Status:" PS: get-bitlockervolume [-mountpoint "C:"] Lock/Unlock PS: [un]lock-bitlocker "C:" ... [idunno] CLI: manage-bde -[un]lock C: -RecoveryKey \dir\or\file.bek Enable/disable RDP Settings > System > Remote Desktop Laptops-only. To extend battery life, use "Smart Charging", indicated by heart on power status icon. Looks like shown under System > Power & battery but can only enable/disable using LG Assistant. checking open files: openfiles [/query /v] [/fo csv /noh] # /query required with /v. Other options only for remote use. Must be enabled first, which you can check with /local and enable with '/default yes' + reboot. There is also "handle64.exe" from MS Sysinternals. Hide Windows Search field in task bar: RMB on task bar background, Search > check Hidden Stop collapsing taskbar icons: RMB on task bar background, Taskbar Settings, 'Select which icons appear on the taskbar', toggle on master 'Always show all..' switch at top.