A script combining all your commands can be created as a batch file. Below is a step-by-step explanation and the actual batch script code:

 

A script combining all your commands can be created as a batch file. Below is a step-by-step explanation and the actual batch script code:

ping 8.8.8.8

md d:\databackup\tallydatabackup%date%

Ping 10.10.10.74

xcopy "d:\Tally Prime\Data\*" "d:\databackup\tallydatabackup%date%" /e/v/y/i/s

ping 10.10.10.6

Thumbnail Previews

In Windows, thumbnail previews are useful for quickly viewing the contents of files, especially images and videos, without opening them. Here’s how to enable or troubleshoot thumbnail previews:

1. Enable Thumbnail Previews in File Explorer

1. Open File Explorer.
2. Click on the View tab.
3. In the Options group, select Options (far right) and then Change folder and search options.
4. In the Folder Options dialog, go to the View tab.
5. Ensure Always show icons, never thumbnails is unchecked. This setting enables thumbnails.
6. Click OK to apply.

2. Clear and Rebuild the Thumbnail Cache

Sometimes the thumbnail cache can become corrupted, causing previews not to show correctly.

1. Open the Start Menu and type Disk Cleanup.
2. Select your drive (usually C:) and click OK.
3. Check Thumbnails in the list and click OK to clear them.
4. Restart your computer, and Windows will rebuild the thumbnail cache.

3. Enable Thumbnails for Specific File Types

Certain file types may not show thumbnails by default. To address this, you can:

1. Install third-party software like Icaros or Media Preview for additional file type support.
2. Adjust system settings for specific programs if they allow thumbnail configuration.

4. Update Graphics Drivers

Outdated graphics drivers can sometimes interfere with thumbnails. Update your drivers through:

1. Device Manager: Expand Display adapters, right-click your graphics card, and select Update driver.
2. Alternatively, use your graphics card manufacturer’s software or website for the latest drivers.

Let me know if any specific type of thumbnail is causing issues, and I can help troubleshoot further!

 Commands

1- taskkill /f /im explorer.exe 2- del /f /s /q /a %LocalAppData%\Microsoft\Windows\Explorer\thumbcache_*.db 3- start explorer.exe

How to fix error 0x0000011b

 How to fix error 0x0000011b when adding networked printer solution in the command line

The error 0x0000011b typically occurs when adding a network printer on Windows due to security updates that block certain network printing configurations. This error is often associated with issues in the Windows Print Spooler service and can be resolved by adjusting certain registry settings and disabling the enforcement of printer driver security updates.

Steps to fix the error using the Command Line:

1. Run Command Prompt as Administrator:

   • Press Win + X, then select Command Prompt (Admin) or Windows PowerShell (Admin).

2. Modify the Windows Registry to Disable RPC (Remote Procedure Call) Authentication for Network Printers:

   • Type the following command to create a new registry entry that disables RPC security:

   cmd
   reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print" /v RpcAuthnLevelPrivacyEnabled /t REG_DWORD /d 0 /f
   

   This command sets the RpcAuthnLevelPrivacyEnabled value to 0, which disables the requirement for high-level RPC authentication for printers.

3. Restart the Print Spooler Service:

   • After modifying the registry, restart the Print Spooler service with the following commands:

   cmd
   net stop spooler
   net start spooler
   

4. Try Adding the Printer Again:

   • Now, try to add the network printer again, and it should connect without throwing the 0x0000011b error.

Additional Troubleshooting (if the issue persists):

• Disable Print Spooler Isolation: You can disable print spooler isolation by adding another registry key:

  cmd
  reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print" /v DisablePrintSpoolerIsolation /t REG_DWORD /d 1 /f
  

• Uninstall the Problematic Security Update: Some users reported that uninstalling specific Windows updates (e.g., KB5005565) resolved the issue. If you wish to uninstall the update via command line:

  cmd
  wusa /uninstall /kb:5005565
  

This should help resolve the 0x0000011b error when connecting to a network printer. Let me know if you encounter any issues!

Stop windows update | Commands to Enable Windows Update

 

Stop windows update

 running from CMD (as administrator) the following lines: 

sc stop wuauserv

sc config wuauserv start= disabled

 Commands to Enable Windows Update:

Start the Windows Update service and set it to automatic:

cmd

Copy 

sc config wuauserv start= auto

sc start wuauserv

Windows Server 2008/2012 (R2) commands into CMD window at once then hit Enter.

 

Windows Server 2008/2012 (R2)

cscript //nologo %windir%\system32\slmgr.vbs /ipk D2N9P-3P6X9-2R39C-7RTCD-MDVJX
cscript //nologo %windir%\system32\slmgr.vbs /skms kms.msgang.com
cscript //nologo %windir%\system32\slmgr.vbs /ato

Manage-engine Helpdesk Tool

 

https://www.youtube.com/watch?v=CTYmOLvO5IE&ab_channel=Dcbhardwaj

Microsoft Activation Scripts (MAS)

 irm https://get.activated.win | iex

irm https://massgrave.dev/get | iex




Download / How to use it?​
Method 1 - PowerShell (Recommended)​
Right-click on the Windows start menu and select PowerShell or Terminal (Not CMD).
Copy and paste the code below and press enter
irm https://get.activated.win | iex
or (deprecated, will be retired on Aug 31 2024, use above instead)
irm https://massgrave.dev/get | iex
You will see the activation options. Follow the on-screen instructions.
That's all.
On older Windows builds you may need to run the below command before,
[Net.ServicePointManager]::SecurityProtocol=[Net.SecurityProtocolType]::Tls12
The Powershell method does not work on Windows 7. Use the Method 2 - Traditional instead.
The URL get.activated.win may be blocked by some DNS services because it is a new domain.
Method 2 - Traditional​
Download the file under the code button from GitHub or Bitbucket
Right-click on the downloaded zip file and extract
In the extracted folder, find the folder named All-In-One-Version
Run the file named MAS_AIO-CRC32_XXXXXXXX.cmd
You will see the activation options, follow the on-screen instructions.
That's all.

Software download website

 

1 https://www.1337x.tw/

2 getintopc

3.https://filecr.com/

4.haxnode

Best Open-Source Network Monitoring Tools 2023

 

YouTube

In this video

• 00:07
  Zabbix
  
• 00:48
  Icinga
  
• 01:22
  Prometheus
  
• 02:29
  Cacti
  
• 03:12
  Observeum
  
• 03:48
  Checkmk

https://youtu.be/Y66aWGg2EQo

Ransomware attacks are a significant threat,

 Ransomware attacks are a significant threat, especially to older systems like those running Windows 7. Here are steps to secure your network and systems from potential ransomware attacks using FortiGate Firewall 401E and other measures:

1. Update and Patch Systems

• Update Windows 7: Ensure that all Windows 7 PCs have the latest patches and updates. Although Microsoft has ended support for Windows 7, some extended security updates might still be available.
• Update Applications: Regularly update all installed applications and software to their latest versions to patch known vulnerabilities.

2. FortiGate Firewall Configuration

A. Enable Advanced Threat Protection:

1. AntiVirus:

   • Navigate to Security Profiles > AntiVirus.
   • Ensure AntiVirus is enabled and configured to scan all traffic.
   • Enable Heuristics Analysis and Grayware detection.

2. Web Filtering:

   • Go to Security Profiles > Web Filter.
   • Enable Web Filtering and block categories known for hosting malicious content (e.g., phishing, malware, proxies).

3. Application Control:

   • Under Security Profiles > Application Control, enable and configure policies to restrict unauthorized applications.

4. Intrusion Prevention System (IPS):

   • Navigate to Security Profiles > Intrusion Prevention.
   • Enable IPS and use the default or custom signatures to detect and block exploit attempts.

B. Configure Firewall Policies:

1. Segment the Network:

   • Create separate VLANs or subnets for different departments or types of devices.
   • Apply strict access controls between these segments.

2. Create Specific Rules:

   • Use the principle of least privilege to create firewall rules.
   • Block all unnecessary inbound and outbound traffic.
   • Allow only essential services and applications.

C. Enable SSL Deep Packet Inspection (DPI):

1. Navigate to Security Profiles > SSL/SSH Inspection.
2. Enable SSL DPI to inspect encrypted traffic for threats.

D. Enable Logging and Monitoring:

1. Go to Log & Report > Log Settings.
2. Enable logging for all security events.
3. Regularly review logs to detect any suspicious activity.

3. Endpoint Protection

A. Install Anti-Ransomware Software:

• Use reputable anti-ransomware tools or comprehensive endpoint security solutions that include ransomware protection.

B. User Education and Training:

• Conduct regular training sessions for employees to recognize phishing emails and other social engineering tactics.

C. Regular Backups:

• Implement a robust backup strategy. Regularly back up all critical data and ensure backups are stored offline or in a secure, isolated network segment.

4. Additional Security Measures

A. Network Access Control (NAC):

• Implement NAC to ensure only authorized and compliant devices can connect to the network.

B. Email Security:

• Use email filtering solutions to block phishing and malware-laden emails.

C. Disable SMBv1:

• Disable the outdated SMBv1 protocol, which has been exploited by ransomware like WannaCry.

D. Restrict Admin Privileges:

• Limit administrative privileges to reduce the impact of potential ransomware infections.

E. Disable Macros:

• Disable macros in Microsoft Office documents unless absolutely necessary, as they can be used to deliver ransomware payloads.

5. Regular Audits and Testing

• Conduct regular security audits and vulnerability assessments to identify and mitigate potential risks.
• Perform penetration testing to evaluate the effectiveness of your security measures.

Summary

By following these steps and leveraging the capabilities of your FortiGate Firewall 401E, you can significantly reduce the risk of ransomware attacks on your Windows 7 PCs and overall network.

How to network Drive mapping automatically create on active directory users in OU method

https://www.youtube.com/watch?v=N0BIqICzUZo

GPO Se windows update band karne tamam user ki

 

1. Group Policy Management Console (GPMC) Open Karein:

   • Apne Windows Server 2012 domain controller mein "Group Policy Management" console ko open karein. Iske liye, Start menu se "Group Policy Management" search karein aur console ko open karein.

2. New Group Policy Object Banayein:

   • Console ko open karne ke baad, apne domain ke appropriate organizational unit (OU) ko select karein, jahan par aap yeh policy apply karna chahte hain.
   • Right click karein us OU par jahan aap policy apply karna chahte hain aur "Create a GPO in this domain, and Link it here..." option ko choose karein.
   • Ek naam dein apne GPO ko, jaise "Windows Update Disable".

3. GPO ko Edit Karein:

   • Ab, newly created GPO par right click karein aur "Edit" option ko choose karein. Isse GPO Editor open hoga.

4. Windows Update Settings Configure Karein:

   • GPO Editor mein, Computer Configuration -> Policies -> Administrative Templates -> Windows Components -> Windows Update path follow karein.
   • Yahan par aapko kuch policies dikhegi jaise:
     • Configure Automatic Updates
     • Specify intranet Microsoft update service location
     • No auto-restart with logged on users for scheduled automatic updates installations
     • In policies mein se Configure Automatic Updates policy select karein.

5. Configure Automatic Updates Policy:

   • Configure Automatic Updates policy ko double-click karein.
   • Policy properties dialog box mein, "Enabled" option ko select karein.
   • "Configure automatic updating" dropdown menu se "2 - Notify for download and notify for install" option select karein (ya fir apne organization ke requirements ke according koi aur option choose karein).
   • Apply button par click karein aur phir OK button par click karein.

6. GPO Settings Save Karein:

   • GPO Editor ko close karne ke liye OK button par click karein.
   • Group Policy Management console mein, GPO ko save karne ke liye File menu se "Save" option choose karein.

7. GPO ko Apply Karein:

   • Ab, Group Policy Management console mein, refresh button se refresh karein ya phir wait karein taaki GPO changes Active Directory domain ke saare domain controllers par propagate ho jaayein.
   • Propagation complete hone ke baad, apne domain ke client machines ko restart karein taaki yeh changes apply ho sakein.

Is tarah se aapne successfully 1000 users ke liye Windows Update band karne ki GPO policy configure kar li hai apne Windows Server 2012 Active Directory environment mein.

IT Officer Joins a Computer to the Domain

 To allow an IT officer to join client computers to the domain but restrict their ability to delete objects in Active Directory (AD), you can create a custom delegation in AD with specific permissions. Here’s how you can do it:

Step-by-Step Guide

1. Open Active Directory Users and Computers (ADUC)

   • Press Win + R, type dsa.msc, and press Enter.

2. Delegate Control to the IT Officer

   • In the ADUC console, right-click the Organizational Unit (OU) where you want to allow the IT officer to join computers to the domain (e.g., Computers or a specific OU).
   • Select "Delegate Control...".

3. Delegation of Control Wizard

   • Click "Next" on the Welcome screen.
   • Click "Add..." to add the user or group (e.g., the IT officer or a group of IT officers).
   • Enter the name of the user or group and click "OK", then "Next".

4. Choose Tasks to Delegate

   • Select "Create a custom task to delegate" and click "Next".
   • Choose "Only the following objects in the folder" and check "Computer objects".
   • Ensure "Create selected objects in this folder" is checked. Do not check "Delete selected objects in this folder".
   • Click "Next".

5. Specify Permissions

   • Check "Read", "Write", and "Reset Password".
   • Also, check the following specific permissions if they are listed:
     • Validated write to DNS host name
     • Validated write to service principal name
     • Write account restrictions
   • Click "Next" and then "Finish".

Verify the Permissions

1. Open Active Directory Users and Computers (ADUC)
   • Navigate to the OU where the delegation was set.
   • Right-click the OU and select "Properties".
   • Go to the "Security" tab and click "Advanced".
   • Look for the permissions assigned to the IT officer or group to ensure they are set correctly.

Adding a Computer to the Domain

1. IT Officer Joins a Computer to the Domain
   • The IT officer can now join computers to the domain by right-clicking This PC, selecting Properties, and then Change settings under Computer name, domain, and workgroup settings.
   • Click on Change, select Domain, and enter the domain name.
   • Provide credentials when prompted.

Prevent Deletion of Objects

Since the IT officer only has permissions to create and not delete computer objects, they will be unable to delete computers from the AD. The permissions granted are specific to creating and managing computer accounts without the ability to remove them.

Testing and Validation

1. Test the Permissions
   • Have the IT officer join a computer to the domain and verify that it appears in the specified OU.
   • Attempt to delete a computer object to ensure the deletion is not permitted.

By following these steps, you can ensure that the IT officer has the necessary permissions to join computers to the domain while preventing them from deleting any objects in Active Directory.

 

4:43 / 24:19

DFS server Management Explained 

https://www.youtube.com/watch?v=_d6kfTl2vQ4&list=PLJOP6WRPj8CWr9VKVABGxoxl0yvub9Fkx