分类目录归档:Windows

Windows

File System Redirector

The %windir%\System32 directory is reserved for 64-bit applications. Most DLL file names were not changed when 64-bit versions of the DLLs were created, so 32-bit versions of the DLLs are stored in a different directory. WOW64 hides this difference by using a file system redirector.

In most cases, whenever a 32-bit application attempts to access %windir%\System32, the access is redirected to %windir%\SysWOW64. Access to %windir%\lastgood\system32 is redirected to %windir%\lastgood\SysWOW64. Access to %windir%\regedit.exe is redirected to %windir%\SysWOW64\regedit.exe.

If the access causes the system to display the UAC prompt, redirection does not occur. Instead, the 64-bit version of the requested file is launched. To prevent this problem, either specify the SysWOW64 directory to avoid redirection and ensure access to the 32-bit version of the file, or run the 32-bit application with administrator privileges so the UAC prompt is not displayed. 继续阅读

Windows 事件命令行实用程序

Windows 事件命令行实用程序。

用于检索有关事件日志和发布者的信息,
安装和卸载事件清单,运行查询以及导出、存档和清除日志。

用法:

你可以使用短(如 ep /uni)或长(如
enum-publishers /unicode)形式的命令和选项名称。
命令、选项和选项值不区分大小写。

变量均使用大写形式。

wevtutil COMMAND [ARGUMENT [ARGUMENT] …] [/OPTION:VALUE [/OPTION:VALUE] …]

继续阅读

Modify an SMTP Service Property

ADSI:
strComputer = "LocalHost"

Set objIIS = GetObject("IIS://" & strComputer & "/SMTPSVC/1")
objIIS.FullyQualifiedDomainName = "stmp.517sou.net"
objIIS.SetInfo

#Wscript.Echo "OK!"

cscript.exe c:\inetpub\AdminScripts\adsutil.vbs set /Smtpsvc/1/FullyQualifiedDomainName "stmp.517sou.net"

PowerShell & WMI

Set-ExecutionPolicy RemoteSigned
function Configure-SMTPService ([string]$incomingEMailDomainName, [int]$incomingEMailMaxMessageSize)
{
       Write-Host -Foregroundcolor White ” -> Changing the start-up type of SMTP service to ‘Automatic’…”
       Set-Service “SMTPSVC” -StartupType Automatic -ErrorAction SilentlyContinue
       if ($?)
       {
             Write-Host -Foregroundcolor Green ” [OK] Successfully changed startup type.”
       }
       else
       {
             Write-Host -Foregroundcolor Red ” [Error] Unable to change startup type.”
             Exit
       }
       
       Write-Host -Foregroundcolor White ” -> Starting SMTP service…”
       Start-Service “SMTPSVC” -ErrorAction SilentlyContinue
       
       if ($?)
       {
             Write-Host -Foregroundcolor Green ” [OK] Service successfully started.”
       }
       else
       {
             Write-Host -Foregroundcolor Red ” [Error] Unable to start service.”
             Exit
       }
      
       # Ascriptomatic is a great tool to explorefor exploring WMI namespace is scriptomatic: 
       # http://www.microsoft.com/en-us/download/details.aspx?id=12028
       Write-Host -Foregroundcolor White ” -> CreatingCreate incoming SMTP domain…”
       
       # First create a new smtp domain. The path ‘SmtpSvc/1’ is the first virtual SMTP server. If you need to modify another virtual SMTP server
       # change the path accordingly.
       try
       {
             $smtpDomains = [wmiclass]‘root\MicrosoftIISv2:IIsSmtpDomain’
             $newSMTPDomain = $smtpDomains.CreateInstance()
             $newSMTPDomain.Name = “SmtpSvc/1/Domain/$incomingEMailDomainName“
             $newSMTPDomain.Put()  | Out-Null
             Write-Host -Foregroundcolor Green ” [OK] Successfully created incoming email domain.”
       }
       catch
       {
             Write-Host -Foregroundcolor Red ” [Error] Unable to create incoming email domain.”
             Exit
       }
      
       Write-Host -Foregroundcolor White ” -> Configuring incoming SMTP domain…”
   
       try
       {
             # Configure the new smtp domain as alias domain
             $smtpDomainSettings = [wmiclass]‘root\MicrosoftIISv2:IIsSmtpDomainSetting’
             $newSMTPDomainSetting = $smtpDomainSettings.CreateInstance()
 
             # Set the type of the domain to “Alias”
             $newSMTPDomainSetting.RouteAction = 16
 
             # Map the settings to the domain we created in the first step
             $newSMTPDomainSetting.Name = “SmtpSvc/1/Domain/$incomingEMailDomainName“
             $newSMTPDomainSetting.Put() | Out-Null
             Write-Host -Foregroundcolor Green ” [OK] Successfully configured incoming email domain.”
       }
       catch
       {
             Write-Host -Foregroundcolor Red ” [Error] Unable to configure incoming e-mail domain.”
             Exit
       }
       Write-Host -Foregroundcolor White ” -> Configuring virtual SMTP server…”

       try
       {
             $virtualSMTPServer = Get-WmiObject IISSmtpServerSetting -namespace “ROOT\MicrosoftIISv2” | Where-Object { $_.name -like “SmtpSVC/1” }
             
             # Set maximum message size (in bytes)
             $virtualSMTPServer.MaxMessageSize = ($incomingEMailMaxMessageSize * 1024)

             # Disable session size limit
             $virtualSMTPServer.MaxSessionSize = 0

             # Set maximum number of recipients
             $virtualSMTPServer.MaxRecipients = 0

             
             # Set maximum messages per connection
             $virtualSMTPServer.MaxBatchedMessages = 0
             $virtualSMTPServer.Put() | Out-Null
             Write-Host -Foregroundcolor Green ” [OK] Successfully configured virtual SMTP server.”
       }
       catch
       {
             Write-Host -Foregroundcolor Red ” [Error] Unable to configure virtual SMTP server.”
             Exit
       }
}
Configure-SMTPService “sp.mydomain.local” 10240

Puppet部署:
configWinSMTPSVC.vbs

strComputer = "LocalHost"
 
Set objIIS = GetObject("IIS://" & strComputer & "/SMTPSVC/1")
Wscript.Echo "FullyQualifiedDomainName(Before): " & objIIS.FullyQualifiedDomainName
strFQDN = Trim(objIIS.FullyQualifiedDomainName)
If Instr(strFQDN,"517sou.net") = 0 Then
	objIIS.FullyQualifiedDomainName = "smtp.517sou.net"
	objIIS.SetInfo
End If
Wscript.Echo "FullyQualifiedDomainName(After): " & objIIS.FullyQualifiedDomainName
class configWinSMTPSVC {
    file { 'C:/Windows/Temp/configWinSMTPSVC.vbs':
    ensure => 'file',
	alias  => "configWinSMTPSVCvbs",
    source_permissions  => ignore,
    group  => 'Administrators',
	source => "puppet://puppet.zzy.com/files/windows/smtpsvc/configWinSMTPSVC.vbs",
  }
  exec { 'exec-configWinSMTPSVC':
    path      => $::path,
    command   => 'cmd.exe /c cscript.exe //Nologo C:/Windows/Temp/configWinSMTPSVC.vbs',
	require   => File['configWinSMTPSVCvbs'],
  }
}

获取Windows管理员用户名及对应的SID

GetAdminName.vbs:

'''''Code Start '''''
Wscript.Echo GetAdminName

Function GetAdminName 
	Set objNetwork = CreateObject("Wscript.Network") 	'get the current computer name
	objComputerName = objNetwork.ComputerName

	Set objwmi = GetObject("winmgmts:{impersonationLevel=impersonate}!//" & objComputerName)
	qry = "SELECT * FROM Win32_Account where Domain = '" & cstr(objComputerName) & "'" 'set query, making sure to only look at local computer

	For Each Admin in objwmi.ExecQuery(qry)
		if (left(admin.sid, 6) = "S-1-5-" and right(admin.sid,4) = "-500") then 	'look for admin sid
			GetAdminName = admin.name
		end if
	next
End Function

'''''Code End'''''

在.bat中获取.vbs返回值
GetAdminName.bat

@echo off
for /f "delims=" %%x in ('cscript //nologo t.vbs') do (
    set sFileName=%%x
)
echo %sFileName%
REM pause.

命令行查询用户对应的SID

C:\Users\Administrator>wmic useraccount where "SID like 'S-1-5-%-500'" get sid
SID
S-1-5-21-2837057897-1460117072-2570820871-500

E:\temp>wmic useraccount where "SID like 'S-1-5-%-%'" get caption,sid
Caption SID
SHANE-WORKPLACE\Administrator S-1-5-21-4246277841-3966888941-2683127511-500
SHANE-WORKPLACE\DefaultAccount S-1-5-21-4246277841-3966888941-2683127511-503
SHANE-WORKPLACE\Guest S-1-5-21-4246277841-3966888941-2683127511-501
SHANE-WORKPLACE\Shane.Wan S-1-5-21-4246277841-3966888941-2683127511-1001

Windows PowerShell – 在 PowerShell 中编写 Windows 服务

Windows 服务通常就是编译的程序用 C、 c + +、 C# 或其他 Microsoft 基于.NET Framework 的语言,编写并调试此类服务可能会相当困难。在几个月前,通过允许编写服务作为简单的 shell 脚本,其他操作系统启发我开始想知道是否有可能会更简单的方法以及在 Windows 中,创建它们。

这篇文章介绍了此项工作成果的最终结果 ︰ 新颖简便的方法来创建 Windows 服务,通过在 Windows PowerShell 脚本语言中编写它们。没有更多的编译,就可以在任何系统上,而不仅仅是开发人员自己完成一个快速的编辑测试周期。

我提供一个称为 PSService.ps1,以便您可以创建并以分钟为单位,与只是记事本等文本编辑器中测试新的 Windows 服务的通用服务脚本模板。此技术可以保存任何人如想尝试使用 Windows 服务的很大的时间和开发工作量,或甚至提供针对 Windows 的实际服务时不考虑性能的关键因素。可以从下载 PSService.ps1 bit.ly/1Y0XRQB继续阅读

Windows Server 2012 R2 同一用户多会话登陆策略设置

1、Win+R,输入:Gpedit.msc,回车;
2、打开”计算机配置” > “管理模板” > “Windows组件” > “远程桌面服务” > “远程桌面会话主机” > “连接”;
3、禁用”将远程桌面服务用户限制到单独的远程桌面服务会话”;启用”限制连接的数量”,填入同时连接的数量。

HOW TO:如何在 Windows 中配置 IPSec 隧道

您可以在隧道模式中使用“IP 安全”(IPSec) 来封装“Internet 协议”(IP) 数据包,而且可以选择将它们加密。在 Windows Server 2003 中使用 IPSec 隧道模式(有时称为“纯 IPSec 隧道”)的主要原因是为了能够与那些不支持“第 2 层隧道协议”(L2TP)/IPSec 或 PPTP 虚拟专用网络 (***) 隧道技术的非 Microsoft 路由器或网关进行互操作。
Windows Server 2003 在隧道的两个终结点都有静态 IP 地址的情况下支持 IPSec 隧道。这主要适用于网关到网关的情形。不过,它也可以在网关或路由器与服务器之间的专用网络安全方案中使用。(例如,一个 Windows Server 2003 路由器,它从其外部接口将通信流路由到一台基于 Windows Server 2003 的内部计算机,该计算机通过建立一条到为外部客户端提供服务的内部服务器的 IPSec 隧道来保护内部路径的安全)。

不支持将 Windows Server 2003 IPSec 隧道用于客户端远程访问 ***,因为目前“Internet 工程任务组 (IETF) IPSec 请求注释 (RFC)”没有在“Internet 密钥交换”(IKE) 协议中为客户端到网关的连接提供远程访问解决方案。IETF RFC 2661“第 2 层隧道协议”(L2TP) 是由 Cisco、Microsoft 和其他公司为提供客户端远程访问 *** 连接而专门开发的。在 Windows Server 2003 中,使用自动生成的 IPSec 策略来保护客户端远程访问 *** 连接,此策略在 L2TP 隧道类型被选中时使用 IPSec 传输模式(不是隧道模式)。

Windows Server 2003 IPSec 隧道也不支持协议和端口特定的隧道。虽然 Microsoft 管理控制台 (MMC) IPSec 策略管理单元十分通用,并且允许您将任何类型的筛选器与隧道关联,但您还是要确保在为隧道规则指定筛选器时只使用地址信息。

继续阅读

New Clustering Utility – Remote Desktop Connection Manager

Hi Cluster Fans,

We wanted to let you know about a new tool which will significantly help you manage your cluster deployments.  Remote Desktop Connection Manager is actually not cluster-specific, but it allows you to logically group server remote desktop connections – ideal if you are working with clusters for easy access to all the nodes within the cluster. 继续阅读

IIS 7 HTTP status code

当您试图通过使用 HTTP 访问一台正在运行 Internet 信息服务 (IIS) 7.0 的服务器上的内容时,IIS 7.0 返回一个表示该响应的状态的数字代码。HTTP 状态代码记录在 IIS 日志中。此外,HTTP 状态代码可能会显示在客户端浏览器中。

HTTP 状态代码可能表示请求是否成功或不成功。HTTP 状态代码也可能显示请求成功的确切原因。 继续阅读

Database Manager

IIS Database Manager allows you to easily manage your local and remote databases from within IIS Manager. IIS Database Manager automatically discovers databases based on the Web server or application configuration and also provides the ability to connect to any database on the network. Once connected, IIS Database Manager provides a full array of administrative functionalities including managing tables, views, stored procedures and data as well as running ad hoc queries. IIS Database Manager provides support for Microsoft SQL Server and MySQL. In addition, because IIS Database Manager is an extension of IIS Manager, administrators can securely delegate the management of databases to authorized local or remote users, without having to open additional management ports on the server. 继续阅读