Tag: Windows Server

Have your forgotten your Local Administrator password?

Published on in Uncategorized, Windows, Windows Server by Elvis

Well, if the computer is yours and you have physical access to it, than you can solve it.
This procedure will work with Windows 8.x and newer and Windows server 2012 and newer. It is not a real hacking technology, but we will use a hole of the operating system.
All we need in this case is to open a shell with enough high privileges before we are asked for the password. Impossible? Not really.
We will do it in a simple way:

  • Insert installation media to your computer and start it from installation media
  • In installation process select Repair your computer

  • In Choose your option select Troubleshoot and then Command prompt

  • Find the partition where Windows are installed (default is C:) and change directory to Windows\System32 (cd \\Windows\\System32)
  • For server systems you have to rename file “UserInit.exe” to something else, using command Ren UserInit.exe Userinit.Old and replace the missing file with cmd by copying a file with command copy cmd.exe userinit.exe
  • For windows systems you have to rename the file “Utilman.exe” to something else, using the command Ren Utilman.exe Utilman.Old and replace the missing file with cmd by copying a file with command copy cmd.exe Utilman.exe

  • Restart the computer to boot into normal operating system (where you forgot the password)
  • Click on Easy of Access icon and a Command prompt window will open. To clarify, this Command shell is opened as system, so you can do a lot of things here.

  • If Administrator account is disabled (Windows 8.x or 10), first you need to enable it with command Net user Administrator /enable:yes
  • Reset password of Administrator account with command Net user Administrator MyPassword, where MyPassword is your new password

  • Close command prompt and login to your System.

Do not use this procedure for hacking. This article is meant for recovering your passwords and passwords for your clients and will not recover domain passwords.

Configuring Antivirus on Server

Published on in Windows Server by Elvis

As you know, Windows Server 2016 will have Defender installed by default. Here could be a problem as we have to do some exclusions and we don’t look how the Defender is configured by default.
Microsoft published one great post where you can see what are exceptions in Defender for each server role and of course this is a good start also to configure your own antivirus software. Be careful, because it is true that antivirus software can protect you, but a misconfigured one can make also damages.

Export and import DHCP settings with netsh

Published on in Essentials Server, Management, Windows SBS Server, Windows Server by Elvis

Sometimes you will have to transfer DHCP settings via netsh command. This could be useful for a couple of reasons and it is fine to know how to approach it. Anyway, this is the quickest way to do a DHCP migration.
First you have to login to source server (it could be also a failover clustered DHCP service) and open CMD as Administrator. Then you have to enter in netsh mode with typing:
netsh
Now you have to select server with typing:
dns server \\servername
Where servername is the name of the old DHCP server or clustered service name. This will connect you to DHCP server and you are ready to export settings with this command:
export filename all        to export the entire configuration or
export filename 192.168.222.0    to export only a scope configuration (in my case 192.168.222.0)
Of course, you have to replace the filename with full path and name of the file where you want to save exported data. This file now must be transferred to target – new server and we are ready to import the configuration. Of course, priory you import the configuration, the new server has to be authorized in AD. To begin an import procedure, we have to do the same steps as on the old server; open command prompt, enter into netsh mode and select DHCP server. After this, we have just a step to import settings with this command:
Import filename all        to import all settings or
Import filename 192.168.222.0    to import just a scope
That’s all. Just be sure to double-check if the import did its job, disable and unautorize the old server (you can do it also with netsh: netsh dhcp delete server ServerIP). Of course, don’t forget to uninstall the service on the old computer.
You have finished. Good work!

Empty screen when you login to DC

Published on in Windows Server by Elvis

Recently I took custody over an IT system and unfortunately, the previous admin was not really an expert – I expected some problems with implementation of best practice.
Anyway, I found this problem: after deleting some stupid settings in Default domain policy, I was not able to login to domain controllers. The login (it was the same if I tried to login locally or thru RDS) showed me only clean blue screen, without any icon, without start menu and other content. The first approach was trying with CRTL + ALT + DEL and launch Task manager where I wanted to start Explorer. Well, also Task manager didn’t work.
When I exanimated what I did previously (what could be the cause of this error) I found that I removed some settings form default domain policy (in my case it was the setting that allowed Domain admins to act as a part of OS – I didn’t even try to restore it ). Here, I suspected that it could be a security problem and I run two commands remotely using PSexec:
Net localgroup Users Interactive /add
Net localgroup Users “Authenticated Users” /add
Unexpectedly this solved my problem also if local groups are disabled on DC.
Hope that it will help someone.

RDS personal desktops in Windows Server 2016

Published on in Windows Server by Elvis

Windows server 2016 TP5 is available and there are few new features to try. Personally I was happy to see few new features because they solved some problems to me.
The first feature that I like is Session-based desktops. Practically is a new approach to VDI –we can say that is hybrid deployment between VDI and RD Session host. The result of this deployment will be that any user will have dedicated server to connect – one deployed server is full desktop for one user. This kind of deployment with installed desktop experience will look as Windows 10 and can replace deployment of Windows 10 based VDI. So where is difference? Easy to say. You can use this type of deployment in SPLA environment where VDI scenarios are not allowed, you can use it in Microsoft Azure (here you cannot deploy VDI as you cannot access to host) and similar scenarios. There is also a licensing advantage as you not need Windows 10 licenses and VLS – you can license all instances of “VDI machines” using one Windows server 2016 Datacenter license. This is cheaper!
The second feature I like is SQL database location for RD gateway. Now you can locate this database to Azure. My opinion is that in some cases this will be very positive and the right solution when we talk about hybrid deployments. It just open new possibilities to deploy a RDS farm.
You can read more about what’s new in RDS 2016 here.