Some Notes on the Machines

Since Windows 7, I have been adding the Everyone group to Windows-hosted printers, and checking every permissions box, as a method to drastically increase reliability and controllability, using other groups only if restrictions were necessary. The inestimable Dave Gottschamer just reported a scenario in which Everyone was there, but didn’t work; he tried Authenticated Users and it worked. This is quite the sea change. Not exactly unexpected, as Microsoft has been slowly denaturing Everyone for quite some time, but now we have a definite diagnostic-and-fix change for printers, including desktop USB printers, which will help!

To do this, one must set a registry entry, this is Powershell:

$registryPath = "HKLM:\SYSTEM\Setup\MoSetup";
If ( !(Test-Path $registryPath) ) { New-Item -Path $registryPath -Force; };
New-ItemProperty -Path $registryPath -Name "AllowUpgradesWithUnsupportedTPMOrCPU" -Value 1 -PropertyType DWORD -Force;

then download the ISO (not the recommended upgrader app), unpack it, and run setup.exe.

This has some gems in it:

scripts.aaronjstevenson.com/

including a Dell Command Update script which reportedly takes care of all drivers and firmware on Dell non-servers in one swell foop!

PSInfo. Does a lot of very helpful things, including repairs and much more. It is located here:

C:\Program Files (x86)\Panda Security\Panda Aether Agent\Additional files

This is a curious method, seemingly very reliable, and it has many different builds, including 22H2, 23H2, 24H2 as of right now. Here’s the last 22H2:

uupdump.net/selectlang.php?id=0cda15f9-a14a-4adf-bb3c-2ce79d0de621

It is not the ISO itself, it is a script setup which uses OS resources to build an ISO.

The journal can get huge over time, slowing machines down a lot. Here’s how to delete it and recreate it for C:, in CMD. The process can cause interference and conflict with Windows internals and applications, though I have not seen this happen so far. On a machine that has been in use a while, it can help a whole lot.

fsutil usn deletejournal /n C: & fsutil usn createjournal C:

Here are quick pastes for D: and E:.

fsutil usn deletejournal /n D: & fsutil usn createjournal D:

fsutil usn deletejournal /n E: & fsutil usn createjournal E:

In 2012R2/8.1 and before, we must be more specific in the creation:

fsutil usn deletejournal /n C: & fsutil usn createjournal m=1000 a=100 C:

fsutil usn deletejournal /n D: & fsutil usn createjournal m=1000 a=100 D:

fsutil usn deletejournal /n E: & fsutil usn createjournal m=1000 a=100 E:

And here’s Powershell, to do it all for every drive letter in the system:

########################################
# Delete and Recreate NTFS USN Journal #
########################################

# This script iterates through all lettered NTFS drives in Windows, 
# and deletes and recreates the USN Journal of each one.
# Considerable performance gain results if the image has been running
# for a year or more.

# There are slightly different commands between some OS versions.
$OSVer = [System.Environment]::OSVersion.Version
If ($OSVer.Major -gt 10)
{
	"OS > 10. Create uses short command."
	$ShortCommand = $True
} ElseIf ($OSVer.Major -eq 10) {
	If ($OSVer.Build -le 14393)	{
		("OS is 10 build " + $OSVer.Build + ". " + "Create uses long command.")
		$ShortCommand = $False
	}
	Else {
		"OS is 10, build > 14393. Create uses short command."
		$ShortCommand = $True
	}
} ElseIf ($OSVer.Major -lt 10) {
	"OS < 10. Create uses long command."
	$ShortCommand = $False
}	

Get-CimInstance -Query "Select * FROM Win32_LogicalDisk WHERE DriveType=3" | ForEach-Object {
	$DriveID = $_.DeviceID

	If ($DriveID -match "[A-Z]")
	{
		"Deleting USN Journal on " + $DriveID + " ..."
		fsutil usn deletejournal /n $DriveID

		"Recreating USN Journal on " + $DriveID + " ..."
		if ($ShortCommand) {
			fsutil usn createjournal $DriveID
		}
		else {
			fsutil usn createjournal m=1000 a=100 $DriveID
		}
	}
}
# End Script

Reference:

docs.microsoft.com/en-us/windows-server/administration/windows-commands/fsutil-usn

Here’s a summary:

sudo apt update
sudo apt install ssh
sudo systemctl start ssh
sudo systemctl enable ssh
sudo systemctl status ssh
sudo ufw allow ssh

To do this, stop the service, copy the command line into an administrative CMD, and add “-f” to the end. Then you can open the instance in SQL Studio using Windows authentication.

Often one will find a Microsoft SQL server with no working or available administrative login. To set one up:

1. Stop the database. You’ll need its name. Go to services.msc , find entry “SQL Server (XYZ)”; XYZ is the name.

2. Set up the database to run in single-user mode. Take the executable line in Services Manager for the SQL server, add “-m -f” to the end (no spaces, no quotes), and run it in a new administrative CMD. An example:
   "E:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\sqlservr.exe" -sXYZ -m -f

3. From another administrative command prompt, run the command-line client:

SQLCMD -E -S 127.0.0.1\XYZ

This may take multiple attempts. The attempts may error saying “Reason: Server is in single user mode. Only one administrator can connect at this time.” You may need to stop and restart the server. Sometimes the server just takes a while to reach functionality. Eventually the client will connect will connect and give you the prompt:

1>

4. Enter the following, press Enter at every line, and choose something long and horrible for PasswordText:

CREATE LOGIN [sa2] WITH PASSWORD = 'PasswordText'
GO
GRANT CONTROL SERVER TO [sa2]
GO
EXIT

5. Reverse the change in SQL Server Configuration Manager.

6. Restart the SQL server.

This works:

np:\\.\pipe\MICROSOFT##WID\tsql\query