Useful tools for IT Administrators
February 20, 2018
This is my list of helpful tools for IT professionals. I’ll keep adding to it as I discover and think of more tools.
Computer Hardware Information
- General information: https://www.ccleaner.com/speccy
- In depth information: http://www.astra32.com/download.htm
- Offline Windows password reset: http://pogostick.net/~pnh/ntpasswd/bootdisk.html
- IP scanner: http://www.advanced-ip-scanner.com/
- Another IP scanner: http://angryip.org/download/#windows
- Packet capture and analysis: https://www.wireshark.org/
Computer and Network Security
- Router open port information: https://www.grc.com/x/ne.dll?bh0bkyd2
- Internal network vulnerability scanning: https://www.tenable.com/products/nessus-home
- Windows and SQL server security checker: https://www.microsoft.com/en-gb/download/details.aspx?id=7558
- SSL certificate checker and security evaluation: https://www.ssllabs.com/ssltest/
- Easily turn a PI into an OpenVPN server: http://www.pivpn.io/
Installing HP LaserJet M2727nf Drivers on a PC with USB3.0
September 2, 2016
Recently I was trying to install the Windows 7 driver for a HP LaserJet M2727nf printer on a PC which has a USB3.0 card installed. The installer kept failing to install, telling me it couldn’t find any compatible USB hardware. Considering that USB3.0 is backward compatible to USB2.0 and the standard HP universal driver installed and worked with no issues, I found this very odd.
After looking though all of the installation files in the “setup” folder, I discovered an executable file called “usbready.exe”. This is a program dating back to 1998, which was written by Intel, for use by hardware vendors to determine if PCs had USB support. When ran on a PC with USB3.0 it will come back with this screen:
The solution to this problem is quite simple.
You will need installed on your computer a copy of 7Zip of some other compression tool such as WinRar or WinZip. I recommend 7Zip it is free, light and easy to use.
- Download the driver from the HP site.
- Go to the folder you downloaded it to. Open the installer in your compression tool and extract the files. 7Zip users can do this by right-clicking on the file, going to “7-Zip” then “Extract files…”
- Once extracted, open the folder you extracted the files to and then open the “setup” folder.
- Find the file called “usbready.exe” and delete it.
- Go back to the main installer folder and run “Setup.exe” to start the installation.
This time the setup should run without any USB problems.
Stopping Microsoft Windows 10 and Telemetry Updates
December 10, 2015
Windows 10, Microsoft is advertising it everywhere! “Get your free upgrade here*” they keep saying. This all started before its release in the summer when Microsoft started to try and persuade the Windows 7 and 8.x users to upgrade. The nagware was everywhere and since then it has only gotten more persistent. Now it is on almost every web page on Microsoft’s website, the first popup you see on MSN and in the Windows tray.
Why all of a sudden is Windows 10 free? Microsoft appear to be changing their business model, from one that is of making money mostly out of operating systems and office productivity suites, to one of cloud services. This has quite a large implication to the users of its products, because they are now Microsoft’s product. Their cloud solutions allow them to legally extract large amounts of personal information about their users and share that with their partners, marketing, the NSA etc. legally.
This is what Microsoft say they use some of your information for:
Microsoft may use your contact information (i) to communicate with you about your use of the Programme software and services, and (ii) to provide you with additional information, which may be personalised, about the Programme software and services, and other Microsoft and partner products and services.
Microsoft claim they are pushing out telemetry updates out to Windows 7,8.x and 10 to help further improve their software. If you are unfamiliar with telemetry read this. This also allows them to gather massive amounts of potentially personal or confidential information and share that with whoever they like.
Examples of data we may collect include your name, email address, preferences and interests; location, browsing, search and file history; phone call and SMS data; device configuration and sensor data; voice, text and writing input; and application usage.
Microsoft collect this information using any sensor they wish on your computer. This includes but is not limited to:
- Keyboard (Keyboard Logger)
- Touch screen
- Pen Input
For more information on files, communications and intellectual property rights see this article.
There is a lot more which can be said about Windows 10 and its intrusiveness and lack of consideration for its users. You can read all about that at places like theregister.co.uk.
If you already have Windows 10 and intend to stick with it I recommend proceeding with caution and following this tutorial:
If you currently have Windows 7, 8.x, Server 2008 R2, Server 2012 or Server 2012 R2 and would like to keep using them with out Windows 10 nonsense affecting them, remove and hide these updates:
Please note this is a growing list so keep checking. Also, not all of these updates will affect every operating system.
Click here for help removing and hiding updates.
Possibly the best solution of all, but not always possible for some, use Linux Mint Cinnamon! It is user friendly and works great; it even comes with a free version of office. WINE and Play on Linux can be used to run some Windows programs. For help doing this check these out:
June 10, 2015
Eli the Computer Guy, (2013). Introduction to Windows Server 2012. [online] YouTube. Available at: https://www.youtube.com/watch?v=tlI8okaWXVM [Accessed 10 Jun. 2015].
Jscon, (2012). Understanding Features on Demand and role persistence in Windows Server 2012 – The Windows Servicing Guy – Site Home – TechNet Blogs. [online] Blogs.technet.com. Available at: http://blogs.technet.com/b/joscon/archive/2012/08/20/understanding-features-on-demand-and-role-persistence-in-windows-server-2012.aspx [Accessed 10 Jun. 2015].
Microsoft, (2013). Cloud optimize your business with Windows Server 2012 R2. [online] Available at: http://download.microsoft.com/download/D/2/C/D2CDA5BA-E440-4A50-A418-5362291156C1/Windows_Server_2012_R2_Datasheet.pdf [Accessed 10 Jun. 2015].
Microsoft, (2014). Migrate from Previous Versions to Windows Server 2012 R2 Essentials or Windows Server Essentials Experience. [online] Technet.microsoft.com. Available at: https://technet.microsoft.com/en-gb/library/dn408633.aspx [Accessed 10 Jun. 2015].
Microsoft, (2015). Upgrade Options for Windows Server 2012 R2. [online] Technet.microsoft.com. Available at: https://technet.microsoft.com/en-gb/library/dn303416.aspx [Accessed 10 Jun. 2015].
Zacker, C. (2014). Exam ref 70-410. Redmond, Wash.: Microsoft Press.
1.1.3 Migrating Windows Server Roles
June 10, 2015
Migration is the recommended method of moving from an older version of Windows Server to Windows Server 2012 R2. This is because most of the troubles and restrictions encountered when performing an in-place upgrade are no longer and issue. It works by taking copies of critical data from the source (old) server to the destination (new) server with a fresh copy of Windows Server 2012 R2 installed.
Following the migration guide provided by Microsoft, administrators can migrate between:
- Versions – any version of Windows Server 2003 SP2 or higher
- Platforms – 32 bit to 64 bit platforms
- Editions – any edition of Windows Server (provided it supports the required features)
- Physical and virtual instances – from physical to virtual or the other way
- Installation options – between Server Core and GUI or the other way
Migration is performed on roles and role services, rather than migrating everything in one go. Windows Server Migration Tools are sometimes required to perform migrations for certain roles and can be installed using the Add Roles and Features Wizard or PowerShell using the following command: “Install-WindowsFeature Migration”.
1.1.2 Upgrading Servers
June 10, 2015
An upgrade installation is the most likely to have problems due to its complexity and therefore it is recommended that where possible, administrators perform clean installations or migrate applications and roles. If an in-place upgrade has to take place make sure the the server is prepared properly and there is a roll-back plan.
18.104.22.168 Upgrade Paths
Upgrades which are not supported
- from a 32 bit architecture
- from Itanium architecture
- from another language
- from a workstation computer
- between build types
- if it is a domain controller
- from pre-release versions of Windows Server
- if the installation type will change (e.g. from Server Core to Server GUI)
If the server is running a 64 bit version of Windows Server 2008 R2 or Server 2012, it can be upgraded to the appropriate edition of Windows Server 2012 R2. Table 5 shows the supported in-place upgrade paths for Windows Server 2012 R2.
|Current System||Windows Server 2012 R2 Edition|
|Windows Server 2008 R2 Datacenter SP1||Windows Server 2012 R2 Datacenter|
|Windows Server 2008 R2 Enterprise SP1||Windows Server 2012 R2 Datacenter or Standard|
|Windows Server 2008 R2 Standard SP1||Windows Server 2012 R2 Datacenter or Standard|
|Windows Web Server 2008 R2 SP1||Windows Server 2012 R2 Standard|
|Windows Server 2012 Datacenter||Windows Server 2012 R2 Datacenter|
|Windows Server 2012 Standard||Windows Server 2012 R2 Datacenter or Standard|
Table 5: Windows Server 2012 R2 Upgrade Paths
22.214.171.124 Upgrade Preparation
Before performing an in-place upgrade follow this check list:
|Hardware compatibility||Ensure the server hardware meets the requirements minimum for Windows Server 2012 R2. Also ensure device drivers are supported on the new operating system.|
|Disk space||There needs to be enough disk space to hold the old operating system, the new one and any setup files.|
|Check software is signed||Device drivers and other kernel-mode software must be signed or the upgrade could be aborted or hardware failures. Uninstall any unsigned software before upgrading.|
|Gather any required storage drivers||To provide the setup with access to necessary mass storage for installation, have a copy of the drivers ready on removable media or placed in “/amd64” directory in the setup location.|
|Check application compatibility||Create an inventory of all the software on the system and check the manufacturer to see if it is compatible. If this is not possible, test it on another server running the new version of Windows Server before upgrading. If the software is critical it is advised that the software is tested in the new environment before an upgrade, regardless of what the manufacturer claims.|
|Check system for faults||Make sure the current install of Windows Server along with any third-party applications are running as they should.|
|Perform a full backup||If anything goes wrong there needs to be something to fall back on. At the very least critical data must be backed up. When imaging the system ensure to take a copy of all boot and system partitions too.|
|Disable any anti-virus applications||Anti-virus software can slow down the upgrade processes and possibly cause problems as well. It is best disabled during the upgrade process.|
|Disconnect UPS devices||Disconnect UPS data cables before running the upgrade as setup will attempt to detect connected devices and sometimes UPS devices cause issues.|
|Purchase a suitable Windows Server 2012 R2 licence key||Check the valid upgrade paths to ensure the in-place upgrade is possible.|
|Roll-back plan||Be prepared to roll-back the upgrade if required. Have a cut-off time which allows enough time for the upgrade to be roll-back, before the maintenance window closes. Ensure the roll-back procedures work before proceeding with the upgrade.|
Table 6: Windows Server 2012 R2 In-Place Upgrade Check List
During the upgrade process, the server may restart a few times. Whilst the upgrade is still in progress, the boot menu will provide the option to abort the upgrade and revert the changes. Once the upgrade is completed, this option will no longer be available.
1.1.1 Planning a Server Installation
June 10, 2015
126.96.36.199 Windows Server 2012 R2 Editions and Installation Options
Since Windows Server 2008 R2, there has not been a 32 bit version of Windows Server. This is because most server processors are now manufactured to the 64 bit standard. This helps when deciding which version of Windows Server 2012 R2 to purchase because there are now only four editions to choose from (see Table 1).
Table 1: Windows Server 2012 R2 Editions and Features
For more information about the different server editions see: https://www.microsoft.com/en-us/download/details.aspx?id=41703
Factors affecting the choice of Windows Server edition are:
- Roles required for the server
- Virtualisation requirements
- Licensing plan
It is the job of the administrator to choose an edition which meets the requirements of their organisation with the best return on investment.
When installing the Windows Server 2012 R2 Standard or Datacenter editions there is the option to choose server Core, Minimal Interface and Full. The Core installation provices CLI acess to the server, minimal provides a cut down version of the GUI and the Full version provides the will GUI and CLI options.
The CLI option uses the least system resources and has the smallest attack face as many common attack vectors, such as Internet Explorer, are not available (see Table 2).
|Reduced hardware utilisation||Removes the some of the memory and processor intensive features of the operating system.|
|Reduced disk space||Requires less disk space for the operating system installation and the swap.|
|Reduced patch frequency||The GUIs for Windows Server are among the most patched aspects of the operating system. Removing them reduces the patch frequency of the server and in turn reduced restarts and downtime.|
|Reduced attack surface||Due to the reduced amount of software running on the server, there are less weaknesses for attackers to try and exploit.|
Table 2: Advantages of Server Core
Server Core is the default option when in stalling Windows Server 2012 R2. It does also allow for the install type to be changed after installing, unlike Windows Server 2008. This means the server can be configured using the full GUI, then maintained using the CLI should the administrator wish.
Due to the way Windows Server 2012 R2 can be configured, the CLI is not likely to be heavily used. This is because the Server Manager can be used to remotely manage Windows Servers across the network. This means only a few servers need to be configured with the GUI to manage all of the other servers in the network.
Minimal Server Interface
The minimal server interface provides some of the advantages of the Server Core, but also adds some useful GUI tools too. Most of the hardware intensive UI (User Interface) are removed:
- Some Windows Shell Features
- File Explorer
- Windows 8 Apps
- Internet Explorer
- Some Control Panel Features
- Programs and Features
- Network and Sharing
- Devices and Printers
- Windows Update
- Storage Spaces
It does provide
- Server Manager
- Device Manager
To install the minimum server interface, first install the Full server installation. Then navigate to “Remove Rolls and Features Wizard” in “Server Manager”. Look for “User Interfaces and Infastructure” feature, then display the sub features and uncheck “Desktop Experience”. This can also be achieved in Windows PowerShell with this command: “Remove-WindowsFeature -Name Server-GUI-Shell -Restart”. This will remove the selected feature and restart the computer in minimal server interface mode.
188.8.131.52 Server Roles
Server roles are collections of services which together make server functions. Roles can be configured in Windows Server 2012 R2 using the Server Manager or PowerShell. The edition selected will determine the role available.
When planning the server, the administrator not only needs to consider which roles the server will need to perform now, but which ones may be required in the future.
Server Core does not support all of the roles available in Windows Server 2012 R2. These are the unsupported roles:
- Active Directory Federation Services
- Application Server – this is because it is depreciated
- Fax Server
- Network Policy and Access Services
- Remote Desktop Gateway
- Remote Desktop Session Host
- Remote Desktop Web Access
- Volume Activation Services
- Windows Deployment Services
184.108.40.206 Virtualisation in Windows Server 2012 R2
Windows Server 2012 R2 Datacenter and Standard editions both support Hyper-V. Each licence allows for one POSE (Physical Operating System Environment) installation. The two editions differ when it comes to the number of VOSE (Virtual Operating System Environment) installations.
Datacenter edition allows for unlimited VOSE, whereas Standard edition allows for just two VOSE installations. Windows Server Essentials allows for either one POSE or VOSE installation. The Foundation edition is limited to one POSE installation only.
More POSE and VOSE installations can be acquired by purchasing additional licences.
220.127.116.11 System Requirements for Windows Server 2012 R2
Table 3 details the minimum hardware requirements to install Windows Server 2012 R2.
|Processor||64 bit 1.4Ghz or faster|
|HDD||32GB Available (more is required if installing over a network or the system has more then 16GB of RAM)|
|Display||Super VGA 1024×768 or higher|
|Peripherals||Keyboard and Mouse/Pointing Device|
Table 3: Minimum Windows Server 2012 R2 Hardware Requirements
There are also some maximum hardware restrictions which may need to be considered (see Table 4).
|Failover cluster nodes||64|
Table 4: Windows Server 2012 R2 Maximum Hardware Configurations
18.104.22.168 Features on Demand
In order to allow administrators to add and remove features to the Windows operating system as they please without having to provide the installation medium, all the required components are stored in a folder called “WinSxS”. These files are copied there when the system is installed and is about 5GB in size. Once a system is configured it is unlikely these files will be used and the disk space could be put to better use.
Features on Demand is a new feature to Windows Server 2012 and Windows 8. It allows administrators to remove these files from the local hard disk of the server. In the event the server requires these files, it can get the from a remote source instead, such as Windows Update, NAS (Network Attacked Storage) or from the installation media. Group policy can also be used to specify the new location for Windows Feature payloads. Features on Demand provides three states for features in a system:
- Disabled with payload removed
To remove the payload of a feature, the following command can be used in Windows PowerShell: “Unistall-WindowsFeature [feature] -Remove”. To reinstall the feature from a specific source (other than Windows Update) the following command can be using in Windows PowerShell: “Install-WindowsFeature [feature] -Source [source]”.
The ability to move the storage disabled components to a central local is very useful when disk space is limited and or expensive. Increased virtualisation and SSDs (Solid State Drives) have increased the need for Features on Demand.
1.1 Installing Servers
June 10, 2015
When deciding on a new server installation careful thought and planning needs to be taken. Some things which needs to be considered based on the functional requirements of the server are:
- Virtualisation technologies (if any)
- Operating system edition
- GUI (Graphical User Interface) or Server Core CLI (Command Line Interface)
- If the new server will be introducing new technologies or software, should it be first tested on a test network before it is put into production?
- Location in the network
- Number of users now and in the future
Introduction to 70-410
June 10, 2015
70-410 is the first exam in the Server 2012 R2 MCSA (Microsoft Certified Systems Associate). This blog contains some material to help you prepare for the exam.
I am studying for this exam now, so most of the content is based on my notes.
The main book that I am using for this exam is Installing and Configuring Windows Server 2012 R2 Exam Ref 70-410 along with other documentation on Microsoft Technet.
They say one of the best ways to learn something really well, is to learn it, then see if you can teach it. So here it goes; hope it helps.
June 10, 2015