You got a virusscanner and maybe also some other mitigation tools to protect your or company computers, but still viruses and malware can get thru into the system. Here is a method to create an extra layer of defense for your systems. We’ll be using Software Restriction Policies that can be found in the Local Security Policy for standalone PC’s or in the Group Policy Management for domain joined systems. We will be gonna use this for blocking executables from %APPDATA% and %USERPROFILE% directories, but also from compressed archives that can be mailed with an executable as attachment, for example the Cryptovirus (TorrentLocker) or
WDS and MDT cannot import images with this type of compression.
Try this to get a wim that can be imported in WDS and MDT:
Download and install the Windows ADK for Windows 10:
(Scroll to the bottom of the page to the section, “Customize, assess, and deploy Windows on your hardware.”)
Run as administrator the DISM version 10.0.10240.16384 to export the image included in the wim to a new wim changing the compression type:
C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment
Tools> dism.exe /Export-Image /SourceImageFile:E:\sources\install.wim /SourceInde
x:1 /DestinationImageFile:C:\ExportedWim\install.wim /Compress:max
Import in WDS the new wim.
Windows 10 and 8 use a substantially different process to create images than what I had used in Windows XP and 7. Fortunately it is not rocket science. The four big differences are:
Config CLI a desired.
Save config to json with this command.
mca-ctrl -t dump-cfg > /tmp/config.gateway.json
Export the json file to you’re controller, reprovision and done!
#add snapin to PS
Get-VBRTapeLibrary | Start-VBRTapeInventory -wait
$tape = get-VBRTapeMedium
Erase-VBRTapeMedium -Medium $tape -Wait -Confirm:$false
Schedule the task with task scheduler and finished!
The RD Licensing grace period has expired and the service has not registered with a license server with installed licenses. A RD Licensing server is required for continuous operation. A Remote Desktop Session Host server can operate without a license server for 120 days after initial start up.
The solution was to delete the REG_BINARY in
Only leaving the default.
You can you delete and Provided the clock to Years 2025 and restart and reset a clock normally… you have licence to years 2025 🙂
How to setup a s2s vpn on unifi USG.
Backup user profile.
First you should log in as the domain admin then make a copy of the user profile you are going to mess around with (you may need to reboot your machine if the user profile has been in use).
To Load it up…
- Download pfSense from one of the mirrors here. You’ll need the nanobsd version (depending upon the size of your CF card, you can choose to download the most appropriate nanobsd file. Store it in an folder easily accessed from a command line like c:\pfsense. I also renamed my download to something simple like pfsense-2.0. .