Automatic Declining arm64 Update from WSUS

Overview New Windows Server Update Services (WSUS) includes ARM64 updates to support the deployment and management of updates for devices that run on ARM64 architecture. ARM64 is an architecture used in many modern devices, including laptops, tablets, and other mobile devices, as well as some servers. Unfortunately, there are still not many devices that use arm64 CPU, and WSUS doesn’t have the option to filter the update based on the architecture of the CPU that result the update for ARM64 architecture will be automatically download if we enable the Auto Approve....

February 12, 2024 · 3 min · by Chisqi

KB5028997 - Instructions to manually resize your partition to install the WinRE update

This article was copied from the KB5028997 Instruction Microsoft Offical Link, with some additional information. Overview Microsoft has changed how it updates PCs that run the Windows Recovery Environment (WinRE). WinRE will be updated using the monthly cumulative update. This change only applies to PCs that get updates from Windows Update (WU) and Windows Server Update Services (WSUS). This change starts on June 27, 2023, for the Windows 11, version 22H2 cumulative update....

February 6, 2024 · 3 min · by Chisqi

Enable SSH server on Windows Server

Overview Windows Server 2025 includes SSH pre-installed, streamlining secure remote server management for administrators. This feature is particularly advantageous when accessing servers from macOS, Linux systems, or Windows computers outside the Active Directory domain, where configuring PowerShell remoting may present challenges. By default, SSH on Windows Server 2025 is configured to use password authentication; however, it is strongly recommended to transition to public key authentication to enhance security. Prerequisites Before you start, your computer must meet the following requirements:...

November 4, 2023 · 4 min · by Chisqi

Active Directory - Cheatsheet

AD Functional level and DC list Functional Level Check Forest functional Level Get-ADForest | ft ForestMode Check Domain functional Level Get-ADDomain | ft DomainMode Upgrade / set Functional level Set-ADForestMode –ForestMode <desired forest level> Set-ADDomainMode –DomainMode <desired domain level> Show all DC servers netdom query dc DSQUERY Server -o rdn FSMO Get FSMO roles netdom query fsmo Get-ADDomain | select InfrastructureMaster, PDCEmulator, RIDMaster Get-ADForest | select DomainNamingMaster, SchemaMaster Transfer FSMO # Transfer PDCEmulator Move-ADDirectoryServerOperationMasterRole -Identity "DC01" PDCEmulator # Transfer RIDMaster Move-ADDirectoryServerOperationMasterRole -Identity "DC01" RIDMaster # Transfer InfrastrctureMaster Move-ADDirectoryServerOperationMasterRole -Identity "DC01" Infrastructuremaster # Transfer DomainNamingMaster Move-ADDirectoryServerOperationMasterRole -Identity "DC01" DomainNamingmaster # Transfer SchemaMaster Move-ADDirectoryServerOperationMasterRole -Identity "DC01" SchemaMaster Seize FSMO The different between transfering and seizeing the FSMO role is by adding -force argument at the end of command....

August 23, 2022 · 5 min · by Chisqi

Extend Windows Partition contains Recovery Partition

Introduction Did you ever in a critical situation because your production Virtual Machine was running out of space but you were not able to extend the disk because there was recovery partition exist on the end of C:\ volume. This situation blocks you from extending the disk in a critical situation. We can actually just remove the recovery partition, and extend the disk, but we will lose the recovery partition which is important for troubleshooting purposes....

March 23, 2022 · 4 min · by Chisqi

Configure Microsoft Local Administrator Password Solution (LAPS) Legacy-Mode

Introduction Windows LAPS, which stands for “Local Administrator Password Solution,” is a Microsoft tool designed to enhance security in an Active Directory environment by automatically managing and rotating the passwords of local administrator accounts on domain-joined windows computers. The primary goal of LAPS is to prevent attackers from easily exploiting a common vulnerability – the use of the same local administrator password on multiple machines. How LAPS works: Password Rotation: LAPS automatically generates a random and unique password for each computer’s local administrator account....

December 12, 2021 · 6 min · by Chisqi

Reset Windows Password with Bitloker Enabled

Overview Have you ever forgot the computer password, and want to reset it? Typically, you just need to boot into Windows installer ISO, open cmd and rename the utilman.exe. However, you can’t do that if the bitlocker is enabled on that computer. You will need to disable the bitlocker first. On this article, I want to share how to disable the bitlocker and reset the forgotten password. This require either the Bitlocker Password or Bitlocker Recovery Key...

September 1, 2021 · 2 min · by Chisqi

Windows moving or deleting files older than date

Move Item Get-ChildItem –Path "$sourcepath" -Recurse | Where-Object {($_.LastWriteTime -lt (Get-Date).AddDays(-90))} | Move-Item -Destination "$destinationpath" Delete Items Get-ChildItem –Path "$sourcepath" -Recurse | Where-Object {($_.LastWriteTime -lt (Get-Date).AddDays(-30))} | Remove-Item This deletes or moves files older than 90 Days. Change the source path and days.

August 19, 2021 · 1 min · by Chisqi

Windows Powershell Bypass

By default, Windows doesn’t allow us to run the powershell which’s downloaded from another computer without trusted signature. The ExecutionPolicy was set Restricted by default, which’s only allow us to run script created on the same computer (localhost), or script with an signature or from trusted publisher. To check current policy: Get-ExecutionPolicy To check all ExecutionPolicy Scope: Get-ExecutionPolicy -List Scope ExecutionPolicy ----- --------------- MachinePolicy Undefined UserPolicy Undefined Process Undefined CurrentUser Undefined LocalMachine RemoteSigned In order to able run untrusted powershell script, you can change the ExecutionPolicy to Unrestricted:...

July 12, 2021 · 3 min · by Chisqi

Run program as service on Windows

Introduction NSSM stands for “Non-Sucking Service Manager,” and it is an open-source utility for Windows that allows you to easily run any program as a Windows service. The name “Non-Sucking Service Manager” humorously suggests that it is a better alternative to the built-in Windows Service Manager. Windows services are background processes that can be started automatically during system boot and run independently of any user login. They are typically used for tasks that need to run continuously in the background, such as server applications, daemons, or background services....

March 16, 2021 · 3 min · by Chisqi