This can be helpful for Windows 10 and 11, and probably newer server OSes as well. There are risks of problems being caused large and small, you have been warned :-)
Get-AppxPackage -allusers | foreach {Add-AppxPackage -register "$($_.InstallLocation)\appxmanifest.xml" -DisableDevelopmentMode}
This one makes sure general settings are likely helpful, and also deals with two common troublemakers:
# General powercfg /change monitor-timeout-ac 0 powercfg /change monitor-timeout-dc 15 powercfg /change standby-timeout-ac 0 powercfg /change standby-timeout-dc 120 powercfg /change hibernate-timeout-ac 0 powercfg /change hibernate-timeout-dc 180 powercfg /change disk-timeout-ac 0 powercfg /change disk-timeout-dc 60 # Unhides and zeroes hidden "System unattended sleep timeout" which can cause problems # including, sometimes, automatic unwanted logoff powercfg -attributes sub_sleep 7bc4a2f9-d8fc-4469-b07b-33eb785aaca0 -ATTRIB_HIDE powercfg -setacvalueindex scheme_current sub_sleep 7bc4a2f9-d8fc-4469-b07b-33eb785aaca0 0 # Disable hybrid sleep both AC powered and DC powercfg -setacvalueindex scheme_current sub_sleep 94ac6d29-73ce-41a6-809f-6363ba21b47e 0 powercfg -setdcvalueindex scheme_current sub_sleep 94ac6d29-73ce-41a6-809f-6363ba21b47e 0 # Reapply current power scheme powercfg -setactive scheme_current
Try the free version here:
Try URLs like this, for an ISO of Windows 10 build 1909:
https://archive.org/details/windows-1909
Unfortunately, archive.org lacks the bandwidth for rapid downloads of monsters like those. Here’s a source which can set you up to do it in 10 minutes if your side is fast enough:
Sometimes, the legacy/traditional Devices and Printers window does not come up in Windows 11. If you see this, browse to this in File Explorer:
shell:::{A8A91A66-3A7D-4424-8D24-04E180695C7A}
Found by the profound Brigg Bush:
$writers = vssadmin list writers |
Select-String -Context 0,4 'Writer name:' |
? {$_.Context.PostContext[2].Trim() -ne "Last error: No error"} |
Select Line |
% {$_.Line.tostring().Split("'")[1]}
$ServiceNames = $writers |
ForEach-Object {
switch ($_) {
'ASR Writer' { $Result = 'VSS' }
'Bits Writer' { $Result = 'BITS'}
'Certificate Authority' { $Result = 'EventSystem'}
'COM+ REGDB Writer' { $Result = 'VSS'}
'DFS Replication service writer' { $Result = 'DFSR'}
'Dhcp Jet Writer' { $Result = 'DHCPServer'}
'FRS Writer' { $Result = 'NtFrs' }
'IIS Config Writer' { $Result = 'AppHostSvc'}
'IIS Metabase Writer' { $Result = 'IISADMIN'}
'Microsoft Exchange Writer' { $Result = 'MSExchangeIS'}
'Microsoft Hyper-V VSS Writer' { $Result = 'vmms'}
'MS Search Service Writer' { $Result = 'EventSystem'}
'NPS VSS Writer' { $Result = 'EventSystem'}
'NTDS' { 'EventSystem'}
'OSearch VSS Writer' { $Result = 'OSearch'}
'OSearch14 VSS Writer' { $Result = 'OSearch14'}
'Registry Writer' { $Result = 'VSS'}
'Shadow Copy Optimization Writer' { $Result = 'VSS'}
'Sharepoint Services Writer' { $Result = 'SPWriter'}
'SPSearch VSS Writer' { $Result = 'SPSearch'}
'SPSearch4 VSS Writer' { $Result = 'SPSearch4'}
'SqlServerWriter' { $Result = 'SQLWriter'}
'System Writer' { $Result = 'CryptSvc'}
'WMI Writer' { $Result = 'Winmgmt'}
'TermServLicensing' { $Result = 'TermServLicensing'}
}
$result
}
If ($ServiceNames) { Restart-Service -Name ($ServiceNames | Select-Object -Unique) -WhatIf }
If ($Result) { Restart-Service -Name ($ServiceNames | Select-Object -Unique) -WhatIf }
The overall cause of buildup of orphan shadows in “System Volume Information” folders, is storage not being able to keep up with demand. If the situation is bad enough, this won’t help much, but it has helped in many instances. It’s three registry entries. Here’s Powershell code to get them in and engaged.
$NewMaxShadowCopies = 8
$NewMinDiffAreaFileSize = 128
# http://www.tomsitpro.com/articles/powershell_registry-powershell_command_line,2-152.html
function setupDWORD {
param( [string]$regPath, [string]$nameForDWORD, [long]$valueForDWORD )
##############
# Error out if cannot touch the registry area at all
If ( !(Test-Path $regPath) ) {
Try {
New-Item $regPath -Force -ErrorAction SilentlyContinue
}
Catch {
Write-Error ("Could not visit or create registry path " + $regPath)
Return
}
}
#############
# If an existing registry entry exists, store its value to report later
Try {
$oldValueProperty = Get-ItemProperty -Path $regPath -Name $nameForDWORD -ErrorAction SilentlyContinue
$oldValue = $oldValueProperty.$nameforDWORD
}
Catch {
$oldValue = ""
}
#############
# Report the changes to make
Write-Output ("DWORD to write: " + $nameForDWORD)
Write-Output ("at registry path " + $regPath)
If ($oldValue -ne "") {
Write-Output ("Original value is " + $oldValue)
}
else {
Write-Output "No original present."
}
Write-Output ("New value is " + $valueforDWORD)
############
# Report no changes to make, set new registry entry, or error out
If ($oldValue -eq $valueforDWORD) {
Write-Output "No change to make."
""
Return
}
Try {
New-ItemProperty -Path $regPath -Name $nameForDWORD -Value $valueForDWORD -PropertyType DWORD -Force -ErrorAction SilentlyContinue > $null
}
Catch {
Write-Error "Failed!"
""
Return
}
"Succeeded!"
""
}
setupDWORD "HKLM:\System\CurrentControlSet\Services\VSS\Settings" "MaxShadowCopies" $NewMaxShadowCopies
setupDWORD "HKLM:\System\CurrentControlSet\Services\VolSnap" "MinDiffAreaFileSize" $NewMinDiffAreaFileSize
setupDWORD 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows' 'DeleteStaleTaskCache' 1
""
"Restarting VSS..."
Restart-Service -Force -Name "VSS"
""
"Complete!"
""
This is a great way to get things removed where nothing else works.
Recently it was discovered that a Windows server was running very slow because the Security log’s maximum size was set to 40 gigabytes. Here is a Powershell bit which will look at all event logs, set their max size to 2.5M if set larger, and clear them. Seems to free up a nice healthy dollop of performance in general.
wevtutil el | Foreach-Object {
$LogObject = Get-WinEvent -ListLog $_
If ( $LogObject.MaximumSizeInBytes -gt 2500KB ) {
"$_ has max set to larger than 2.5M. Setting to 2.5M."
$LogObject.MaximumSizeInBytes = 2500KB
$LogObject.SaveChanges()
}
wevtutil cl $_
"$_ cleared."
}
There are times when an operation, a software install or configure perhaps, will error with “Cannot open log for source ———-. You may not have write access.” The below will do the above, and also give read/write to every local admin.
wevtutil el | Foreach-Object {
wevtutil sl $_ "/ca:O:BAG:SYD:(A;;0x1;;;SY)(A;;0x5;;;BA)(A;;0x1;;;LA)(A;;0x3;;;LA)"
$LogObject = Get-WinEvent -ListLog $_
If ( $LogObject.MaximumSizeInBytes -gt 2500KB ) {
"$_ has max set to larger than 2.5M. Setting to 2.5M."
$LogObject.MaximumSizeInBytes = 2500KB
$LogObject.SaveChanges()
}
wevtutil cl $_
"$_ cleared."
}
The security string is written in something called SDDL. Some more info:
https://itconnect.uw.edu/wares/msinf/other-help/understanding-sddl-syntax/
There have been many live CDs out there which have utilities to reset passwords on Windows. Unfortunately, many of them are long out of date and won’t work (or will do odd things) on recent hardware, and recent operating systems. This one:
https://www.supergrubdisk.org/rescatux/
was proven on 2022-12-21 to do well with the latest build of Windows 10.