This command:
wmic product where name="Application Name" call uninstall /nointeractive
appears to do it. Put the whole long name from the software list in Control Panel, within those double parentheses. This works in at least some cases where msiexec /x does not. And it is not version-specific.
To get a full list of names with GUIDs, try this:
get-wmiobject Win32_Product | sort-object -property Name | Format-Table IdentifyingNumber, Name, LocalPackage -AutoSize
Categories:
Windows Installer, Updates, Patching
Windows OS-Level Issues
This is a skeleton, Powershell. Needs prerequisite setup added.
$Cred = Get-Credential
Connect-MSolService -Credential $Cred
Install-Module MSOnline
Get-MsolUser -ReturnDeletedUsers
# The list of users/mailboxes marked 'deleted', is visible, if there are any.
# Do the next step ONLY if you are certain. There is no going back after this.
Get-MsolUser -ReturnDeletedUsers | Remove-MsolUser -RemoveFromRecycleBin -Force
Categories:
Office 365
Exchange and Exchange Online
Here it is:
$BLVolume = Get-BitLockerVolume -MountPoint "C:"
Backup-BitLockerKeyProtector -MountPoint "C:" -KeyProtectorId $BLVolume.KeyProtector[1].KeyProtectorId
Categories:
Encryption

This method uses Powershell module PsWindowsUpdate.
- Run this in administrative Powershell:
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
Set-Executionpolicy RemoteSigned -Scope Process -Force
Install-PackageProvider -Name NuGet -Force -ErrorAction 'SilentlyContinue' > $null
Set-PSRepository -Name PSGallery -InstallationPolicy Trusted
If (Get-InstalledModule -Name PsWindowsUpdate -ErrorAction 'SilentlyContinue') {
Update-Module -Name PSWindowsUpdate -Force
} Else {
Install-Module -Name PSWindowsUpdate -Force
}
Import-Module PSWindowsUpdate
- Then check the list of available updates:
Get-WindowsUpdate
- You may find some that you want to omit, e.g., build upgrades. If you found one marked KB1234567, you would install all and omit that one thus:
Install-WindowsUpdate -KBArticleID KB1234567 -AcceptAll
If you had two KBs to omit:
Install-WindowsUpdate -AcceptAll -NotKBArticleID "KB1234567,KB7654321"
There are other noteworthy items. Lots of firmware is being sent by Microsoft now, and some of this is more up-to-date than that available from the vendor. But there is risk in firmware updates, don’t forget. Some of the items don’t have KBs, and there are two other command-line arguments to omit those, -NotTitle
and -NotUpdateID
.
PSWindowsUpdate is a very interesting module, it can do lots of things. One of them is:
Reset-WUComponents
To get a full list of functions:
Get-Command -Module PSWindowsUpdate
Get-Help
works for all of them.
Categories:
Windows Installer, Updates, Patching
Powershell

The Microsoft Update Health Tools appears to be an optional add-on which helps Windows do updates. Beyond that all of my searching has come up with vagueness. But Microsoft recommends it and often installs it without informing us, so probably it helps fairly often.
Microsoft Update Health Tools comes in KB4023057. To install KB4023057, we can use PSWindowsUpdate:
www.business.com/articles/install-windows-patches-powershell/
Here’s a complete run-anywhere command paste for preparing to use the module (administrative shell only please):
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
Set-Executionpolicy RemoteSigned -Scope Process -Force
Install-PackageProvider -Name NuGet -Force -ErrorAction 'SilentlyContinue' > $null
Set-PSRepository -Name PSGallery -InstallationPolicy Trusted
If (Get-InstalledModule -Name PsWindowsUpdate -ErrorAction 'SilentlyContinue') {
Update-Module -Name PSWindowsUpdate -Force
} Else {
Install-Module -Name PSWindowsUpdate -Force
}
Import-Module PSWindowsUpdate
and the command for just KB4023057:
Install-WindowsUpdate -KBArticleID KB4023057
PSWindowsUpdate is a very interesting module all by itself, it can do lots of things, e.g., install all updates available from Microsoft. Another nice function is:
Reset-WUComponents
To get a full list of functions:
Get-Command -Module PSWindowsUpdate
Get-Help
works for all of them.
One can install all updates available from Microsoft, though this can be dangerous, there are huge ones and drivers and BIOS too. So this simple command won’t be here :-)
To just see the list of available updates:
Get-WindowsUpdate
To install all available updates except one KB:
Install-WindowsUpdate -AcceptAll -NotKBArticleID KB000000
and except a list (here of two) KBs:
Install-WindowsUpdate -AcceptAll -NotKBArticleID "KB000000,KB000001"
where KB000000
is a KB to be excepted. There’s also -NotCategory
and -NotTitle
for items without KB articles.
Categories:
Windows Installer, Updates, Patching
Windows OS-Level Issues
This will log off all users, whether console or RDP:
logoff console
quser /server:localhost | ForEach-Object {
logoff $_.ID
}
Categories:
Scripting
Run these in an administrative or SYSTEM-level command prompt.
In Windows 8.1/2012R2/10/2016 and later, we set a scheduled task, we do have to specify the actual full date:
schtasks /create /tn "schtasks_REBOOT" /tr "C:\Windows\System32\shutdown.exe -f -r -t 0" /sc once /st 04:00 /sd 01/01/2016 /ru System
In 8/2012R1, we have to have a “/Y on the very end:
schtasks /create /tn "schtasks_REBOOT" /tr "C:\Windows\System32\shutdown.exe -f -r -t 0" /sc once /st 04:00 /sd 01/01/2016 /ru System /Y
Under 7/2008R2 and before, it was easier, we could schedule for 4:00 AM tomorrow:
AT 4:00 c:\windows\system32\shutdown.exe -f -r -t 0
and we could schedule for 4:00 AM next Monday:
AT 4:00 /next:Monday c:\windows\system32\shutdown.exe -f -r -t 0
Categories:
Tools
Categories:
Azure
Office 365
For 10:
netsh advfirewall firewall set rule group="remote desktop" new enable=yes
reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f
For 7:
netsh firewall Set service REMOTEDESKTOP ENABLE
netsh firewall set service REMOTEAdmin ENABLE
REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0
For XP:
netsh firewall set service remotedesktop enable
netsh firewall set service remoteadmin enable
reg ADD "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0
Categories:
Remote Access, Remote Desktop, Terminal Server

When we install new group policy templates from Microsoft, e.g., the Windows 10 set by which we may upgrade existing networks, they now come in the newer ADMX format. Do this on every domain controller:
- The package is downloaded as a self-installing EXE which requires you to specify a folder. Do not try to manually unpack this, for some reason the contents are in small pieces which the installer assembles. Just run the EXE and give a useful path, e.g., C:\IT.
- Open an administrative CMD, and CD to the extraction point. Then CD into the folder “admx”, one level down.
- Run the following. If your language is not en-us, replace it in the last two lines. If your servers have multiple languages, you’ll need to replicate lines with multiple language specifications.
xcopy *.admx \\%userdnsdomain%\sysvol\%userdnsdomain%\Policies\PolicyDefinitions /Y /I
xcopy *.admx %SystemRoot%\PolicyDefinitions /Y /I
xcopy en-US\*.adml \\%userdnsdomain%\sysvol\%userdnsdomain%\Policies\PolicyDefinitions\en-us /Y /I
xcopy en-US\*.adml %SystemRoot%\PolicyDefinitions\en-us /Y /I
Another very common set needing this install, is the Office Administrative Templates.
Multiple versions of Office templates coexist nicely. But the same cannot be said for Windows OS templates. It appears that when a complete refresh of OS templates is required, good results obtain by removing all of the OS templates and then installing new.
Categories:
Group Policy