| author | Oleksandr Gavenko <gavenkoa@gmail.com> |
| Sun, 20 Nov 2011 20:14:48 +0200 | |
| changeset 1092 | 639665016a27 |
| parent 1082 | ffb3f274b8fe |
| child 1116 | 140ed8e4da7f |
| permissions | -rw-r--r-- |
| 940 | 1 |
.. -*- coding: utf-8; -*- |
2 |
||
3 |
============= |
|
4 |
Windows OS. |
|
5 |
============= |
|
6 |
.. contents:: |
|
7 |
||
8 |
Determining windows version. |
|
9 |
============================ |
|
10 |
||
11 |
Run winver.exe: <Win> + R winver <RET>. |
|
12 |
||
13 |
Or type: <Win> + <Break>. |
|
14 |
||
15 |
Under cmd.exe use built-in command ver. |
|
16 |
||
17 |
For Win 2000 and upper check registry key:: |
|
18 |
||
19 |
cmd> reg query "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion" /v CurrentVersion |
|
20 |
||
21 |
To check 32/64-bit OS use PROCESSOR_ARCHITECTURE env var (it has such values: |
|
22 |
x86, AMD64, IA64). |
|
23 |
||
24 |
Windows update. |
|
25 |
=============== |
|
26 |
||
27 |
To find updates and drivers visit (подлинность Windows not checked): |
|
28 |
||
29 |
http://catalog.update.microsoft.com/ |
|
30 |
||
31 |
You can search driver by keywords from Device Manager like:: |
|
32 |
||
33 |
VEN_10DE DEV_0247 |
|
34 |
VID_22B8 PID_2A62 |
|
35 |
||
36 |
Also you can find updates on: |
|
37 |
||
38 |
http://www.microsoft.com/downloads/ru-ru/default.aspx |
|
39 |
||
40 |
Check system files integrity. |
|
41 |
============================= |
|
42 |
:: |
|
43 |
||
44 |
cmd> sfc /Scannow |
|
45 |
||
46 |
To complete repair you may need original installation CD (you can mount it |
|
47 |
from .iso image for example with DemonTools). |
|
48 |
||
49 |
Works for Windows 2000, Windows XP, Windows 2003. |
|
50 |
||
51 |
See |
|
52 |
||
53 |
http://support.microsoft.com/kb/222471/ |
|
54 |
http://support.microsoft.com/kb/310747/ru |
|
55 |
||
56 |
Repair boot. |
|
57 |
============ |
|
58 |
||
59 |
If you only damage boot sector of master or system partition boot from Windows |
|
60 |
XP installation CD, enter to recovery console and run: |
|
61 |
||
62 |
cmd> fixboot |
|
63 |
cmd> fixmbr |
|
64 |
||
65 |
See |
|
66 |
||
67 |
http://support.microsoft.com/kb/307654/ru |
|
68 |
||
69 |
Automatically connect to shared resource. |
|
70 |
========================================= |
|
71 |
||
72 |
Add to autorun such .bat file: |
|
73 |
||
74 |
net use x: \\server\share /user:username password |
|
75 |
||
76 |
See |
|
77 |
||
78 |
http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/net_use.mspx |
|
79 |
||
80 |
Activate windows. |
|
81 |
================= |
|
82 |
||
83 |
http://www.microsoft.com/genuine/selfhelp/XPPkuinst.aspx?sGuid=bab9e103-6365-44dd-9337-93f0cd9dd4b7&displaylang=en |
|
84 |
Windows Product Key Update Tool Instructions |
|
85 |
||
86 |
Activate Windows XP. |
|
87 |
-------------------- |
|
88 |
||
89 |
Replace %WINDIR%/system32/winlogon.exe with valid in Safe Mode and run Windows Product Key Update |
|
90 |
Tool. |
|
91 |
||
92 |
Windows images. |
|
93 |
=============== |
|
94 |
||
95 |
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=2fcde6ce-b5fb-4488-8c50-fe22559d164e |
|
96 |
Windows XP Service Pack 3 - ISO-9660 CD Image File |
|
97 |
||
|
992
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
98 |
Access to Samba from Vista/7. |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
99 |
============================= |
| 940 | 100 |
|
101 |
By default, you cannot authenticate and share files to and from Mac OS X or |
|
102 |
Linux Samba due to a well known authentication method turned off by default. |
|
103 |
To enable this, |
|
104 |
||
105 |
Only for Windows Vista Ultimate/Business/Enterprise Editions. |
|
106 |
------------------------------------------------------------- |
|
107 |
||
108 |
Goto Start->Run and open gpedit.msc or secpol.msc |
|
109 |
||
110 |
Select Continue on the User Account Control prompt. This will launch the Group |
|
111 |
Policy Object Editor for the Local Computer Policy. |
|
112 |
||
113 |
In the Group Policy Object Editor, expand: |
|
114 |
||
115 |
-> Computer Configuration |
|
116 |
-> Windows Settings |
|
117 |
-> Security Settings |
|
118 |
-> Local Policies |
|
119 |
-> Security Options |
|
120 |
||
121 |
Open the "Network security: LAN Manager authentication level" policy and |
|
122 |
change the Security Setting to: |
|
123 |
||
124 |
Send LM & NTLM - use NTLMv2 session security if negotiated |
|
125 |
||
126 |
Windows Vista Home Edition. |
|
127 |
--------------------------- |
|
128 |
||
129 |
Since Windows Vista Home Edition does not feature the Group Policy Editor, you |
|
130 |
may do the following to enable this feature: |
|
131 |
||
132 |
Goto Start->Run-> and type regedit. |
|
133 |
||
134 |
Select Continue on the User Account Control prompt. |
|
135 |
||
136 |
Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa |
|
137 |
||
138 |
Create the following DWORD value (if it doesn't exist): LmCompatibilityLevel |
|
139 |
||
140 |
And set its value to: 1 |
|
141 |
||
142 |
Map dir to disk. |
|
143 |
================ |
|
144 |
||
145 |
To create:: |
|
146 |
||
147 |
cmd> subst [to-disk: [from-disk:]path] |
|
148 |
||
149 |
To remove:: |
|
150 |
||
151 |
cmd> subst disk: /d |
|
152 |
||
153 |
Standard scripts. |
|
154 |
================= |
|
155 |
||
156 |
compmgmt.msc - Computer management |
|
157 |
devmgmt.msc - Device manager |
|
158 |
diskmgmt.msc - Disk management |
|
159 |
dfrg.msc - Disk defrag |
|
160 |
eventvwr.msc - Event viewer |
|
161 |
fsmgmt.msc - Shared folders |
|
162 |
gpedit.msc - Group policies |
|
163 |
lusrmgr.msc - Local users and groups |
|
164 |
perfmon.msc - Performance monitor |
|
165 |
rsop.msc - Resultant set of policies |
|
166 |
secpol.msc - Local security settings |
|
167 |
services.msc - Various Services |
|
168 |
msconfig - System Configuration Utility |
|
169 |
regedit - Registry Editor |
|
170 |
msinfo32 - System Information |
|
171 |
sysedit - System Configuration Editor |
|
172 |
win.ini - windows loading information(also system.ini) |
|
173 |
winver - Shows current version of windows |
|
174 |
mailto: - Opens default email client |
|
175 |
command - Opens command prompt |
|
176 |
||
177 |
appwiz.cpl - Add & Remove Programs |
|
178 |
timedate.cpl - Date/Time Properties |
|
179 |
desk.cpl - Display Properties |
|
180 |
inetcpl.cpl - Internet Options |
|
181 |
mmsys.cpl - Sound Settings |
|
182 |
sysdm.cpl - System Properties |
|
183 |
password.cpl - Password Options |
|
184 |
main.cpl - Mouse and Keyboard Options |
|
185 |
control fonts - Fonts Folder |
|
186 |
control printers Printers Folder |
|
187 |
||
| 997 | 188 |
'.cpl' scripts can be run from command line as: |
|
996
bc510bb02ba6
.msc and .cpl run from command line.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
995
diff
changeset
|
189 |
|
|
bc510bb02ba6
.msc and .cpl run from command line.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
995
diff
changeset
|
190 |
cmd> Rundll32 Shell32.dll,Control_RunDLL |
|
bc510bb02ba6
.msc and .cpl run from command line.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
995
diff
changeset
|
191 |
cmd> Rundll32 Shell32.dll,Control_RunDLL Mmsys.cpl,,0 |
|
bc510bb02ba6
.msc and .cpl run from command line.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
995
diff
changeset
|
192 |
|
| 940 | 193 |
Path. |
194 |
===== |
|
195 |
||
196 |
Max path length. |
|
197 |
---------------- |
|
198 |
||
199 |
260 chars. Use MAX_PATH macros from 'windows.h'. |
|
200 |
||
201 |
Allowed characters. |
|
202 |
------------------- |
|
203 |
||
204 |
Not allowed: |
|
205 |
* characters from 0 to 31 |
|
206 |
* < (less than) |
|
207 |
* > (greater than) |
|
208 |
* : (colon) |
|
209 |
* " (double quote) |
|
210 |
* / (forward slash) |
|
211 |
* \ (backslash) |
|
212 |
* | (vertical bar or pipe) |
|
213 |
* ? (question mark) |
|
214 |
* * (asterisk) |
|
215 |
||
216 |
http://msdn.microsoft.com/en-us/library/aa365247.aspx |
|
217 |
Naming Files, Paths, and Namespaces |
|
218 |
||
219 |
Memory. |
|
220 |
======= |
|
221 |
||
222 |
http://msdn.microsoft.com/en-us/library/ff542275%28v=VS.85%29.aspx |
|
223 |
Boot Parameters to Configure DEP and PAE |
|
224 |
||
225 |
PAE. |
|
226 |
---- |
|
227 |
||
228 |
All 32-bit Windows XP support only 4 GiB RAM. To enable PAE (Physical Address |
|
229 |
Extension) edit 'c:\boot.ini', add option '/pae': |
|
230 |
||
231 |
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="MS Windows XP Prof" /fastdetect /pae |
|
232 |
||
233 |
http://msdn.microsoft.com/en-us/library/ff557168%28v=VS.85%29.aspx |
|
234 |
/pae option |
|
235 |
http://www.microsoft.com/whdc/system/platform/server/pae/paedrv.mspx |
|
236 |
PAE support |
|
237 |
||
238 |
NX. |
|
239 |
--- |
|
240 |
||
241 |
NX (no execute) in Windows realised in Data Execution Prevention (DEP) |
|
242 |
technology. |
|
243 |
||
244 |
On 64-bit processes, DEP is enabled by default and cannot be disabled. For |
|
245 |
32-bit Windows DEP is supported in Windows Server 2003 with SP1, Windows XP |
|
246 |
with SP2, Windows Vista, and later versions of Windows. |
|
247 |
||
248 |
To enable NX on 32-bit Windows edit 'c:\boot.ini', add option |
|
249 |
'/noexecute=...' (alwayson/optout/optin/alwaysoff):: |
|
250 |
||
251 |
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="MS Windows XP Prof" /fastdetect /noexecute=alwayson |
|
252 |
||
253 |
To see current DEP status run:: |
|
254 |
||
255 |
cmd> wmic OS Get DataExecutionPrevention_Available |
|
256 |
cmd> wmic OS Get DataExecutionPrevention_SupportPolicy |
|
257 |
cmd> wmic OS Get DataExecutionPrevention_Drivers |
|
258 |
||
259 |
http://msdn.microsoft.com/en-us/library/ff557134%28VS.85%29.aspx |
|
260 |
/noexecute parameter |
|
261 |
http://support.microsoft.com/kb/912923 |
|
262 |
How to determine that hardware DEP is available and configured on your computer |
|
263 |
||
264 |
Life cycle. |
|
265 |
=========== |
|
266 |
||
267 |
http://www.microsoft.com/windows/support/endofsupport.mspx |
|
268 |
End of support for Windows 98, Windows Me, and Windows XP Service Pack 1 |
|
269 |
http://www.microsoft.com/windows/lifecycle/servicepacks.mspx |
|
270 |
Windows Service Pack Road Map |
|
271 |
http://www.microsoft.com/windows/lifecycle/default.mspx |
|
272 |
Windows Life-Cycle Policy |
|
273 |
http://support.microsoft.com/gp/lifeselect |
|
274 |
Life-Cycle Policy by product |
|
275 |
||
276 |
NTFS junction points. |
|
277 |
===================== |
|
278 |
||
279 |
To craete use 'junction.exe' from Mark Russinovich or 'linkd.exe' from |
|
280 |
Microsoft Windows 2000 Resource Kit. |
|
281 |
||
282 |
'junction.exe' included with Sysinternals suite. |
|
283 |
||
284 |
cmd> md c:\Program-Files |
|
285 |
cmd> junction c:\Program-Files "c:\Program Files" |
|
286 |
||
287 |
http://technet.microsoft.com/en-gb/sysinternals/bb896768.aspx |
|
288 |
Junction v1.05, Published: July 24, 2007 |
|
289 |
http://support.microsoft.com/?kbid=205524 |
|
290 |
How to create and manipulate NTFS junction points |
|
291 |
http://en.wikipedia.org/wiki/NTFS_junction_point |
|
| 951 | 292 |
NTFS junction point |
| 940 | 293 |
|
294 |
Microsoft Windows 2000 Resource Kit. |
|
295 |
==================================== |
|
296 |
||
297 |
http://support.microsoft.com/kb/927229 |
|
298 |
Windows 2000 Resource Kit Tools for administrative tasks |
|
299 |
separate tools downloads |
|
300 |
||
301 |
Microsoft security tools. |
|
302 |
========================= |
|
303 |
||
304 |
http://www.microsoft.com/downloads/details.aspx?FamilyID=CD057D9D-86B9-4E35-9733-7ACB0B2A3CA1&displayLang=en |
|
305 |
||
306 |
http://www.microsoft.com/downloads/details.aspx?FamilyID=B1E76BBE-71DF-41E8-8B52-C871D012BA78&displayLang=en |
|
307 |
Microsoft Baseline Security Analyzer 2.1.1 (for IT |
|
308 |
Professionals) |
|
309 |
||
310 |
http://www.microsoft.com/downloads/en/confirmation.aspx?familyId=4a2346ac-b772-4d40-a750-9046542f343d&displayLang=en |
|
311 |
Enhanced Mitigation Evaluation Toolkit |
|
312 |
||
313 |
http://blogs.technet.com/b/srd/archive/2009/10/27/announcing-the-release-of-the-enhanced-mitigation-evaluation-toolkit.aspx |
|
314 |
Announcing the release of the Enhanced Mitigation Evaluation |
|
315 |
Toolkit (old version 1.0) |
|
316 |
||
317 |
http://blogs.technet.com/b/srd/archive/2010/07/28/announcing-the-upcoming-release-of-emet-v2.aspx |
|
318 |
||
319 |
Enable/Disabling UAC. |
|
320 |
===================== |
|
321 |
||
322 |
To disable UAC on the computer, you must be able to log on with or provide the |
|
323 |
credentials of a member of the local Administrators group. |
|
324 |
||
325 |
Starting with Windows 7, UAC is disabled by following these steps: |
|
326 |
||
327 |
1. On the Start menu, type "UAC" and then click Change User Account settings. |
|
328 |
2. Move the slide bar to the bottom (Never Notify) and then click OK. |
|
329 |
||
330 |
On Windows Vista and Windows Server 2008, UAC is disabled by following these steps: |
|
331 |
||
332 |
1. Start Control Panel and double-click User Accounts. |
|
333 |
2. In the User Accounts tasks window, click Turn User Account Control on or off. |
|
334 |
3. Clear the Use User Account Control (UAC) to help protect your computer check box, and then click OK. |
|
335 |
||
336 |
http://windows.microsoft.com/en-US/windows-vista/Turn-User-Account-Control-on-or-off |
|
337 |
Turn User Account Control on or off |
|
338 |
||
339 |
Fix file association. |
|
340 |
===================== |
|
341 |
||
342 |
Check current association:: |
|
343 |
||
344 |
$ cmd /c assoc | grep -i "^\.mp3" |
|
345 |
.mp3=mp3file |
|
346 |
||
347 |
Get list of all available commands:: |
|
348 |
||
349 |
$ cmd /c ftype |
|
350 |
... |
|
351 |
AIMP.mp3="C:\Program Files\AIMP2\AIMP2.exe" "%1" |
|
352 |
... |
|
353 |
||
354 |
and select one on them:: |
|
355 |
||
356 |
$ cmd /c assoc .mp3=AIMP.mp3 |
|
357 |
||
358 |
Clean up Windows system directories. |
|
359 |
==================================== |
|
360 |
||
361 |
You can safely remove SP restore files:: |
|
362 |
||
363 |
%Systemroot%\$NtServicePackUninstall$ |
|
364 |
||
365 |
Also check such directories:: |
|
366 |
||
367 |
%SYSTEMDRIVE%\Program Files\Common Files |
|
368 |
%SYSTEMDRIVE%\Documents and Settings\USER\Application Data |
|
369 |
%SYSTEMDRIVE%\Documents and Settings\USER\Local Settings |
|
370 |
||
371 |
http://support.microsoft.com/kb/290402 |
|
372 |
HOW TO: Remove the Service Pack Restore Files and Folders in Windows |
|
373 |
||
374 |
Windows services from command line. |
|
375 |
=================================== |
|
376 |
||
377 |
List of all running services. |
|
378 |
----------------------------- |
|
379 |
:: |
|
380 |
||
381 |
cmd> net start |
|
382 |
||
383 |
Start service. |
|
384 |
-------------- |
|
385 |
:: |
|
386 |
||
387 |
cmd> net start NAME |
|
388 |
||
389 |
Stop service. |
|
390 |
------------- |
|
391 |
:: |
|
392 |
||
393 |
cmd> net stop NAME |
|
394 |
||
395 |
Schedule Tasks in Windows. |
|
396 |
========================== |
|
397 |
||
398 |
List registered of task. |
|
399 |
------------------------ |
|
400 |
:: |
|
401 |
||
402 |
$ schtasks /query |
|
403 |
||
404 |
Create task. |
|
405 |
------------ |
|
406 |
:: |
|
407 |
||
408 |
$ schtasks /create /tn %TASK_NAME% /ru %ROOT% /sc daily /st 23:00:00 /tr "rundll32.exe user32.dll,LockWorkStation" |
|
409 |
||
410 |
/sc can be one of:: |
|
411 |
||
412 |
MINUTE HOURLY DAILY WEEKLY MONTHLY ONCE ONSTART ONLOGON ONIDLE |
|
413 |
||
414 |
Delete task. |
|
415 |
------------ |
|
416 |
:: |
|
417 |
||
418 |
schtasks /delete /tn %TASK_NAME% /f |
|
419 |
||
|
992
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
420 |
Change NTFS permission. |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
421 |
======================= |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
422 |
|
|
1071
d06823550de7
takeown /r /f %file%
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
1043
diff
changeset
|
423 |
http://support.microsoft.com/kb/919240 |
|
d06823550de7
takeown /r /f %file%
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
1043
diff
changeset
|
424 |
The Icacls.exe utility is available for Windows Server 2003 with |
|
d06823550de7
takeown /r /f %file%
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
1043
diff
changeset
|
425 |
Service Pack 2 |
|
d06823550de7
takeown /r /f %file%
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
1043
diff
changeset
|
426 |
|
|
992
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
427 |
Change NTFS permission with 'icacls'. |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
428 |
------------------------------------- |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
429 |
|
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
430 |
'icacls' allow option: |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
431 |
|
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
432 |
* /c - Continues the operation despite any file errors. Error messages will |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
433 |
still be displayed. |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
434 |
* /t - Performs the operation on all specified files in the current directory |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
435 |
and its subdirectories. |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
436 |
* /l - Performs the operation on a symbolic link versus its destination. |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
437 |
* /q - Suppresses success messages. |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
438 |
|
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
439 |
Recursively change the owner of all matching files to the specified user:: |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
440 |
|
| 1043 | 441 |
cmd> icacls %dir% /setowner %user% /t /c |
|
992
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
442 |
|
|
1071
d06823550de7
takeown /r /f %file%
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
1043
diff
changeset
|
443 |
or simply:: |
|
d06823550de7
takeown /r /f %file%
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
1043
diff
changeset
|
444 |
|
|
d06823550de7
takeown /r /f %file%
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
1043
diff
changeset
|
445 |
cmd> takeown /r /f %file% |
|
d06823550de7
takeown /r /f %file%
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
1043
diff
changeset
|
446 |
|
|
993
e3fefdeb1cbf
Converting SID to names and inside out.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
992
diff
changeset
|
447 |
Recursively grand full access for everyone:: |
|
992
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
448 |
|
| 995 | 449 |
cmd> icacls %dir% /t /grant:r %user%:(f) |
| 994 | 450 |
cmd> icacls %dir% /t /grant:r *S-1-1-0:(f) |
|
992
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
451 |
|
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
452 |
Well-known security identifiers (SID). |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
453 |
====================================== |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
454 |
|
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
455 |
S-1-0-0 |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
456 |
Null SID. A group with no members. This is often used when a SID |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
457 |
value is not known. |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
458 |
S-1-1-0 |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
459 |
World/Everyone. A group that includes all users. |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
460 |
S-1-3-0 |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
461 |
Creator Owner ID. A security identifier to be replaced by the |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
462 |
security identifier of the user who created a new object. This |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
463 |
SID is used in inheritable ACEs. |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
464 |
S-1-3-1 |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
465 |
Creator Group ID. A security identifier to be replaced by the |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
466 |
primary-group SID of the user who created a new object. Use this |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
467 |
SID in inheritable ACEs. |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
468 |
S-1-5-6 |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
469 |
Service. A group that includes all security principals that have |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
470 |
logged on as a service. Membership is controlled by the |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
471 |
operating system. |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
472 |
S-1-5-7 |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
473 |
Anonymous. A group that includes all users that have logged on |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
474 |
anonymously. Membership is controlled by the operating system. |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
475 |
S-1-5-32-544 |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
476 |
Administrators group. |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
477 |
S-1-5-32-545 |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
478 |
Users group. |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
479 |
S-1-5-32-546 |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
480 |
Guests. By default, the only member is the Guest account. The |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
481 |
Guests group allows occasional or one-time users to log on with |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
482 |
limited privileges to a computer's built-in Guest account. |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
483 |
S-1-5-32-547 |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
484 |
Power Users. Power users can create local users and groups; |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
485 |
modify and delete accounts that they have created; and remove |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
486 |
users from the Power Users, Users, and Guests groups. Power |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
487 |
users also can install programs; create, manage, and delete |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
488 |
local printers; and create and delete file shares. |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
489 |
|
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
490 |
http://msdn.microsoft.com/en-us/library/aa379649.aspx |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
491 |
Well-known SIDs |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
492 |
http://support.microsoft.com/kb/243330 |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
493 |
Хорошо известные идентификаторы безопасности в операционных |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
494 |
системах Windows |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
495 |
http://en.wikipedia.org/wiki/Security_Identifier |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
496 |
Security Identifier |
|
3f8b5c0ba822
Change NTFS permission.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
951
diff
changeset
|
497 |
|
|
993
e3fefdeb1cbf
Converting SID to names and inside out.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
992
diff
changeset
|
498 |
Converting SID to names and inside out. |
|
e3fefdeb1cbf
Converting SID to names and inside out.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
992
diff
changeset
|
499 |
======================================= |
|
e3fefdeb1cbf
Converting SID to names and inside out.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
992
diff
changeset
|
500 |
|
|
e3fefdeb1cbf
Converting SID to names and inside out.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
992
diff
changeset
|
501 |
Use 'PsGetSid' utility from Sysinternals:: |
|
e3fefdeb1cbf
Converting SID to names and inside out.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
992
diff
changeset
|
502 |
|
|
e3fefdeb1cbf
Converting SID to names and inside out.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
992
diff
changeset
|
503 |
cmd> PsGetSid S-1-3-0 |
|
e3fefdeb1cbf
Converting SID to names and inside out.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
992
diff
changeset
|
504 |
cmd> PsGetSid "\NULL SID" |
|
e3fefdeb1cbf
Converting SID to names and inside out.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
992
diff
changeset
|
505 |
|
|
999
dc74e11a1686
Gathering info about Windows.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
997
diff
changeset
|
506 |
Gathering info about Windows. |
|
dc74e11a1686
Gathering info about Windows.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
997
diff
changeset
|
507 |
============================= |
|
dc74e11a1686
Gathering info about Windows.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
997
diff
changeset
|
508 |
:: |
|
dc74e11a1686
Gathering info about Windows.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
997
diff
changeset
|
509 |
|
|
dc74e11a1686
Gathering info about Windows.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
997
diff
changeset
|
510 |
cmd> systeminfo |
|
dc74e11a1686
Gathering info about Windows.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
997
diff
changeset
|
511 |
|
|
1082
ffb3f274b8fe
Automatically logon to Windows.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
1071
diff
changeset
|
512 |
Automatically logon to Windows. |
|
ffb3f274b8fe
Automatically logon to Windows.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
1071
diff
changeset
|
513 |
=============================== |
|
ffb3f274b8fe
Automatically logon to Windows.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
1071
diff
changeset
|
514 |
:: |
|
ffb3f274b8fe
Automatically logon to Windows.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
1071
diff
changeset
|
515 |
|
|
ffb3f274b8fe
Automatically logon to Windows.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
1071
diff
changeset
|
516 |
cmd# control userpasswords2 |
|
ffb3f274b8fe
Automatically logon to Windows.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
1071
diff
changeset
|
517 |
|
|
ffb3f274b8fe
Automatically logon to Windows.
Oleksandr Gavenko <gavenkoa@gmail.com>
parents:
1071
diff
changeset
|
518 |