when the network profile of a Windows PC is set to public, there are firewall restrictions enabled which could prevent accessing the Computer from network. For example Windows Remoting.
Unfortunately in some cases the profile cannot be switch by the Network Gui(s) of windows.
in Active Directory Domain environment you have to frequently change your password.
The default Windows methods usually does not support clipboard operations. So you have to enter your new password two times and depending on your method your old password too 🙁 .
when it is necessary that normal user needs the ability to do some operations on a service, such as starting or stopping, multiple ways exists to grant these permissions. Windows has no GUI or (easy to use) command line tool on board to set these access rights. I will show you 3 ways to set them.
- Sysinternals Process Explorer
- sc.exe (Service controller)
- subinacl.exe (The security swiss knife)
For the following examples I will use the OpenVPN Service with its Service Name openvpnservice and assign the start and stop permissions to a user or group. But its the same procedure for all other services.
The easiest way is to use the sysinternals Process Explorer. It provides a graphical user interface but has the dependency that the service must be in the running state before process explorer is started. If you already have a valid openvpn configuration start the service:
sc start openvpnservice
Then start the process explorer as administrator and locate the openvpn service process openvpnserv.exe.
for some migration scenarios it is nesseccary to set Volume Serial Number of a partition or volume. For example when you move a license manager to a new hardware and the licenses are bound to the disk serial.
for test purposes it could be necessary to backup a computer by an image tool, i.e. Acronis TrueImage, and after the test is completed or in situations of a failure reset the computer back to it’s initial state by restoring the image.
In domain environments this could be a problem, because each computer which is member of a Windows Active Directory Domain is negotiating a password with the domain and this password is changed after 7 Days. If your Image is older the domain member ship is broken and you have to rejoin.
The password change is initiated by the client and this behaviour could be prevented by setting a registry value. Set this value, make an image afterwards and you will be able to restore the image as often you want or need without to leave the domain.
Windows Registry Editor Version 5.00
Set it by command line
reg ADD HKLM\SYSTEM\CurrentControlSet\services\Netlogon\Parameters /v DisablePasswordChange /t REG_DWORD /d 1 /f
Have a nice day