Resetting Administrator Password in Windows 2008

Boot from the Micrsoft Windows Server 2008 DVD

From the Install Windows menu, click “Next”.

Select “Repair your computer”

In the System Recovery Options, select the Operating System instance that you wish to repair and click “Next”.

Select “Command Prompt”. The

At the command prompt, run the following commands:

c:

cd windows\system32

ren Utilman.exe Utilman.exe.old

copy cmd.exe Utilman.exe

Reboot the server allowing Windows to load as normal

At the logon screen, press Windows Key + U.

As the command prompt, enter the following command:

net user administrator Password12

This will set the password for the Administrator user to be Password12 (case sensitive).

Closing the command prompt, you should now be able to log back onto the server using the password you have provided in the last step.

Cleanup Steps

Once you have verified you can log on to the server you will have repeat the steps above and boot using the Windows Server 2008 DVD/ISO and run the command prompt again.

Delete the newly created Utilman.exe from C:\Windows\System32

Rename Utilman.exe.old back to Utilman.exe

You should be back up and running as if nothing ever happened.

Create a hidden admin account.

VBS Script

Source Code

On Error Resume Next

Const ADS_UF_DONT_EXPIRE_PASSWD = &h10000

Set wshNetwork = WScript.CreateObject( "WScript.Network" )
strComputer = wshNetwork.ComputerName
'<<<<Edit next two lines>>>>>>>>
strPassword = "password"
strUser="Username"

Set colAccounts = GetObject("WinNT://" & strComputer)
Set objUser = colAccounts.Create("user", strUser)
objUser.SetPassword strPassword
objUser.SetInfo

Set objUser=GetObject("WinNT://" & strComputer & "/" & strUser)

If objUser.UserFlags And ADS_UF_DONT_EXPIRE_PASSWD Then
  objUser.UserFlags=objUser.UserFlags XoR ADS_UF_DONT_EXPIRE_PASSWD
End If
objUser.SetInfo

'Add user to Local Administrators Group
Set objGroup = GetObject("WinNT://" & strComputer & "/Administrators")
objGroup.Add(objUser.ADsPath)


'Hide User Account

HKEY_LOCAL_MACHINE = &H80000002
strComputer = "."

Set ObjRegistry = _
    GetObject("winmgmts:{impersonationLevel = impersonate}!\\" _
    & strComputer & "\root\default:StdRegProv")

strPath = "SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList"

Return = objRegistry.CreateKey(HKEY_LOCAL_MACHINE, strPath)

Set oReg=GetObject( _
    "winmgmts:{impersonationLevel=impersonate}!\\" &_ 
    strComputer & "\root\default:StdRegProv")
strKeyPath = "SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList"
oReg.SetDWORDValue _ 
    HKEY_LOCAL_MACHINE,strKeyPath,strUser,0


WScript.Echo "Username Created"
WScript.Quit

Microsoft Office 2010: Fix Cannot Verify the License For This Product

No matter how much you spend on buying new MS office 2010 program once it got corrupted either you have to completely remove office program and reinstall it or change the product key,  it is like a nightmare when you open it after installation or few days after installation and you get an error that “Cannot verify the license for this product” but rather than reinstall or inserting new product key follow this trick which surely help you to reactivate office 2010 without a new license key.

What if you have done till now to activate MS office 2010-

• Re Enter CD key
• Install every single item you could select during the install.
• Removed CD key with office remover
• Remove office + reinstall office
• Repair Office Program
• Rebooted many times

With no luck ?? Then try below method to activate it.

Steps To Fix “Cannot Verify The License For This Product” Error:-

Step 1.  Open Command Prompt as administrator. ( Go to Start  and Search for CMD do a right click on it then click on “Run as administrator”).

Step 2.  In command prompt navigate to C:\Program Files\Microsoft Office\Office14.
By typing following command in cmd-
cd..   Hit Enter
cd..   Hit Enter
cd program files         Hit Enter
cd microsoft office      Hit Enter
cd office14                 Hit Enter

If you are using 64 bit version of windows then navigate to C:\Program Files (x86)\Microsoft Office\Office14.
by typing similar command in cmd window.

Step 3.  Now type  cscript ospp.vbs /act    in cmd window and hit enter on your keyboard.

It will re register your office using the same product key. After that you will get following message in cmd window.

This will activate your copy of MS Office program.

If you get an error that “Software protection platform service is not running”  then enable “Software Protection” service form Services.

Now reopen office 2010 program, you will not get any error.

How to block Zenmate with Mikrotik

i blocked zanmate on mikrotik routeros using layer7 regexp filter

  for regexp syntax

^.+(api.zenguard.biz|zenmate.io|zenguard.zendesk.com|zendesk.com|zenguard.org).*$

first  create a layer7 protocol

Create a Firewall rule

add layer7 protocol in filter role  e.g denied (in my case filter name is denied)

Select action = reject     (or you can simply select drop)

select log if you want to see real time requests

rejectwith = icmp network unreacable or admin prohibted 

click ok to save the on top of everything.

now clock log to view real time zenmate drop requests

Microsoft Excel cannot open or save any more documents because there is not enough available memory or disk space.

The solution is easy - it's just a stupid error message that has nothing to do with the actual problem, and the problem is actually a microsoft feature, as often is:

- Office now has some kind of "protected-mode" feature, which prevents office apps from doing certain things under certain conditions.

- One of them is to stop excel from opening attachments coming from outlook :-(

Just go in Excel options, trust center, settings, and untick all the options about "protected view".

Setting up a SFTP Server on Windows

I recently had to create an SFTP server on our work development system, and after doing a fair bit of Googling on the topic found a good solution. The solution is a combination of research done at differnt sites. It is this solution that I am sharing in hopes that it will help someone else.

This tutorial will help you turn your Windows based system into a SecureFTP server.

Background

Secure Shell (SSH) is a program that lets you log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another. It provides strong authentication and secure communications over insecure channels. When using ssh, the entire login session, including transmission of password, is encrypted and therefore is very secure.

You may have noticed that many webhosts allow ssh access. This means that you can login to their webserver and execute many UNIX commands (the ones they allow you access to) on your account. Not only can you connect to other computers that provide SSH access, but you can also allow others to connect to your computer using SSH.

To take this one step further, you can also turn your Windows PC into a Secure FTP (SFTP) server. SFTP is a program that uses SSH to transfer files. Unlike standard FTP, it encrypts both commands and data, preventing passwords and sensitive information from being transmitted in clear text over the Internet. It is similar to FTP, but because it uses a different protocol, you must use a FTP client that supports SFTP (more about that later).

Installing SSH on Windows

Most UNIX based systems (Linux and OSX) come with SSH preinstalled, so connecting to a remote host is very easy. However, if you run a Windows system, you need to download some additional software to make the SSH programs available to you. Fortunately a free open-source project calledSSHWindows, provides a nice Windows installer that will setup the SSH client and Server on your system.

Your first step will be to download the Binary Installer Release from SSHWindows. Once downloaded, run the installer and be sure to install both the client and server components.

Configure the SSH Server

In this next step, I have summarized the information that is included with the readme.txt that is included with SSHWindows (it can be found in c:\program files\openssh\docs)

Your first configuration step is to set up the passwd file. You will need to set up the passwd file before any logins can take place.

Passwd creation is relatively easy and can be done using two programs that are included with SSHWindows – mkgroup and mkpasswd. Both of these programs are located in thec:\program files\openssh\bin directory.

To begin creating the group and passwd files, open a command prompt window and navigate to the c:\program files\openssh directory.

You must first create a group file. To add all local groups on your computer to the group file, type the command as shown below:

mkgroup -l >> ..\etc\group

You will now need to create a passwd file. Any users in the passwd file will be able to log on with SSH. For this reason, it is recommended that you add users individually with the -u switch. To add a user to the passwd file type the command shown below:

mkpasswd -l -u username >> ..\etc\passwd

NOTE: the username specified above must be an existing windows login account.

Creating Home Directories for you Users

In the passwd file, you will notice that the user’s home directory is set as /home/username, with username being the name of the account. In the default install, the /home directory is set to the default profile directory for all users. This is usually c:\documents and settings.

If you want to change this location you will need to edit the passwd file. The passwd file is in plain text and can be edited in Notepad or any text editor. The last two entries for each user are safe to edit by hand. The second to last entry (/home/username) can be replaced with any other directory to act as that user’s home directory. It’s worth noting that when you run SSH on windows, you are actually running SSH in a scaled down version of cygwin, which is a Unix emulator for Windows. So, if you will be placing the user somewhere outside the default directory for their Windows profile, you will need to use the cygdrive notation.

To access any folder on any drive letter, add /cygdrive/DRIVELETTER/ at the beginning of the folder path. As an example, to access the winnt\system32 directory on the *c:* drive you would use the path:

*/cygdrive/c/winnt/system32*

Connecting to your SFTP Server

To connect to your new SFTP server, you will need to download an FTP client that supports SFTP. I use Filezilla which is a nice free FTP and SFTP client. You might also try WinSCP which is another free SFTP client. It is important that the server you wanted to connect to is running SSH.

To test if your server is running, create a new connection in your client and specify SFTP as the server type, 22 as the port, and localhost or 127.0.0.1 as the server name. You will also need to provide the user account and password for any account that you added to your passwd file. Now connect to the server. If all went well, you should see a directory listing where you pointed the home folder to. If not, there are a couple of things to check. Make sure your Windows firewall is set to allow traffic over port 22 and finally double check your passwd file to make sure that the account you added is actually there.

Security

Because SSH allows access to only Windows user accounts, you can restrict access based upon NTFS file permissions. As such, SFTP does not provide for chroot jails (a Unix method for locking a user to his/her home directory). Simply lock down your filesystem for that user, and SFTP will respect that.

To make the wired LAN connection take priority you need to change the metric for the WIFI connection in the advanced settings pane of the WIFI connections' properties.

To make the wired LAN connection take priority you need to change the metric for the WIFI connection in the advanced settings pane of the WIFI connections' properties. Untick the 'Automatic metric' and set the metric to 9999 manually Next open a commandline with admin rights and submit this command to clear the routing tables: route /f After this step reboot windows to make sure the new metric value gets used. Upon rebooting the routing tables will be rebuilt using ARP-discovery, causing the new metrics to be assigned to the routes. The net effect will be that to your TCP/IP stack it will look as if hosts/devices connected to the wired LAN have a more efficient route than those connecting via WIFI only.