Windows How To
| Windows |
|---|
| Windows Topics |
| How To · Troubleshooting · Technical Notes |
[edit] How to delete drivers and records of inactive devices
From the command prompt.
set devmgr_show_nonpresent_devices=1 devmgmt.msc”
When device manager is started, click View -> Show Hidden Devices. This will show you old devices as "greyed out" that you can then remove.
[edit] How to get a parent process id from the Windows command line
wmic process where (name like '%name of the process%') get parentprocessid
For further processing of the results in the batch file look here.
[edit] How to get process id of a batch file
I found the method that works quite reliably and does not require external commands:
for /f "usebackq tokens=* skip=1" %%P in (`wmic process where "commandline like '%%name of the file.bat'" get processid`) do set PID=%%P
Use %0 or the fully expanded %~f0 if you want to reference back to the name of the batch file that executes the wmic command.
[edit] How to determine which services are "hosted" by which svchost process
TASKLIST /FI "imagename eq svchost.exe" /SVC
[edit] How to run a batch file as a service
- Install the resource kit 2003 from here
- Run the following
instsrv.exe "Service Name Here" "C:\Program Files\Windows Resource Kits\Tools\srvany.exe"
- Create the Parameters key in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Service Name Here
- Add the Application string value under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Service Name Here\Parameters that reads "cmd /c C:\full path to your batch\name of the batch.bat"
For more info on srvany look here
Note for windows 2008+: srvany is deprecated. Look at the sc command to make it work.
[edit] How to run a command form a remote session that survives an RDP disconnect
Schedule it with an "at" command. Make sure all the paths used are absolute (try running it manually from a random folder) and that the command does not rely on your personal settings/environment.
[edit] How to print from Windows to a printer connected to Ubuntu
On the ubuntu print server edit /etc/samba/smb.conf and uncomment in [global]
load printers = yes printing = cups printcap name = cups
Add the following to [printers]
use client driver = Yes
Restart samba
sudo service smbd restart
On the Windows client go to Add a printer->Networked printer. Put in the URL of your printer
http://printserver:631/printers/yourprintername
If you do not know the URL you can get it the CUPS Web UI from the print server
http://localhost:631
In the PRINTERS tab, hover over the shared printer name or view its properties. Now point to your print driver on the Windows machine and print a test page.
[edit] How to turn off Internet Explorer Enhanced Security Configuration
if you see res://shdoclc.dll/hardAdmin.htm when opening IE, go to control panel -> add remove programms -> add remove windows components -> then uncheck IE Enhanced security config Click next and you are done
[edit] How to lock and unlock a windows box through an SSH connection
- To lock:
- open an ssh connection to the box and lock run
/cygdrive/c/WINDOWS/System32/rundll32.exe user32.dll,LockWorkStation
- Unlocking is bit harder
- Get RemoteUnlockDll.dll and RemoteUnlockService.exe from the web. Note that these execs may trigger antivirus alerts, so you might need to polymorph/metamorph the code.
- Run them on the box through ssh
[edit] How to do echo in a batch file without going to a next line
Here is an example where this is used for a rudimentary progress bar:
@echo off for /l %%A in (1,1,20) do ( <nul (set/p z=%%A) >nul ping 127.0.0.1 -n 2 )
And here is an example where info is written to a single line in a file from multiple uses of the set/p command:
<nul (set/p z=hello) >out.txt <nul (set/p z= world!) >>out.txt dir out.txt
The dir command should indicate the file size as 12 bytes: "hello world!".
The strings output need not be literal, and can originate from any source capable of creating a variable, simply by including a variable reference in the prompt string:
<nul (set/p z=sec min hours: %time:~6,2% %time:~3,2% %time:~0,2%)
[edit] How to find all dlls for a service
@echo off set imagepath= FOR /F "tokens=3" %%a in ('reg query HKLM\system\currentcontrolset\services\%1 /v imagepath 2^> nul ^| find "imagepath" ') DO set imagepath=%%a if defined imagepath ( echo Dependencies for %imagepath%: call depends /a0f1c /oc:~svcdep.tmp "%imagepath%" FOR /F "tokens=1 delims=, skip=1" %%b in ('type ~svcdep.tmp ^|findstr /B /c:"," ^|findstr /V /c:"?" ^| sort') do echo %%b del ~svcdep.tmp 2>nul ) else ( echo '%1' is not installed or is not a valid service )
[edit] How to login as an NT Authority system user
If you are using a remtoe connection, first, make sure you are connected to a console (main display) of the remote server To access the console run
mstsc /admin /v:servername
(older versions used /console switch)
The trick is to use task scheduler to kick off a cmd that will by default use the system user
start cmd net start "Task Scheduler" (if it is not already started) at 11:10 /interactive c:\windows\system32\cmd.exe
ATTN: If you are running this command over a TS connection the tasks will be brought up on the CONSOLE session, not your TS screen.
To check that the task was added successfully run
at
Once the new cmd is up it will be running as the system user. To check that run
whoami
Now you can use the elevated privileges.
For example to restore SQL sa or an administrative account just type
C:\WINDOWS\system32\mmc.exe /s "C:\Program Files\Microsoft SQL Server\80\Tools\BINN\SQL Server Enterprise Manager.MSC"
in the new cmd shell
[edit] How to remove login banner (legal notice) "by logging in this system you acknowledge..."
Annoying, isn`t it? Here is the pill -
regedit HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\system
delete legalnoticetext and legalnoticecaption You'll be fine until the next time GPO is applied
[edit] How to run regedit interactively in the System account to view the contents of the SAM and SECURITY keys
psexec -i -d -s c:\windows\regedit.exe
[edit] How to set service dependancies
Run
regedit "LMachine/System/CurrentControlSet/Services/IBMWAS6Service - ITIMServerNode01"
Then add
DependOnService="DB2ADMIN\000\000", "REG_MULTI_SZ"
[edit] How to simulate bash backtick in win cmd batch
- Generic backtick
rem Prep for backtick <nul (set/p z=set result=) > setresult$ rem Run it program > tmpresult$ copy setresult$ + tmpresult$ tmp$.bat > nul call tmp$.bat echo %result% rem Teardown backtick del setresult$ del tmpresult$ del tmp$.bat
- If doing this in a loop add the following and use !result! instead of %result%
SetLocal EnableDelayedExpansion
- Less generalized backtick with the use of sed
rem Does search and replace in both file name and file contents <nul (set/p z=sed -rb s/\$1/%1/g "%%a" ^> ) > tmp$.bat echo ../../%1/%1%2Profile/%%a | sed -r s/\$1/%1/g >> tmp$.bat call tmp$.bat
|
|||||
