roru/IT-Wissen
1
0
Fork 0
Code Pull Requests Packages Projects Releases Wiki Activity
e87a9fe2b1
IT-Wissen/win-sysadmin/README.md
Roger Rutishauser 096a91a3d9 check tls version
2024-10-24 14:56:05 +02:00

140 lines
4.3 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
gitea: none
include_toc: true
---
# Windows Sysadmin
## Autostart
Windows-R Tastenkombination, anschliessend `shell:startup`
## TLS Version aktiv/inaktiv?
```
# Function to check TLS version
function Test-TlsVersion {
param (
[string]$ComputerName = "localhost"
)
try {
# Test TLS 1.0
$tls10 = [System.Net.ServicePointManager]::SecurityProtocol -band [System.Net.SecurityProtocolType]::Tls10
# Test TLS 1.1
$tls11 = [System.Net.ServicePointManager]::SecurityProtocol -band [System.Net.SecurityProtocolType]::Tls11
# Test TLS 1.2
$tls12 = [System.Net.ServicePointManager]::SecurityProtocol -band [System.Net.SecurityProtocolType]::Tls12
Write-Host "TLS 1.0 Enabled: $($tls10 -ne 0)" -ForegroundColor Green
Write-Host "TLS 1.1 Enabled: $($tls11 -ne 0)" -ForegroundColor Green
Write-Host "TLS 1.2 Enabled: $($tls12 -ne 0)" -ForegroundColor Green
}
catch {
Write-Host "Error: $_" -ForegroundColor Red
}
}
# Check TLS versions on the local machine
Test-TlsVersion
```
## .NET
### .NET Version herausfinden
#### Variante 1
- In Registry nachschauen unter `HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\NET Framework Setup\NDP\v4\Full`, im Feld `release`, die 6-stellige Nummer in Klammern. (siehe auch [[https://docs.microsoft.com/en-us/dotnet/framework/migration-guide/how-to-determine-which-versions-are-installed]])
- Release-Nummer unter [[https://docs.microsoft.com/en-us/dotnet/framework/migration-guide/how-to-determine-which-versions-are-installed#version_table]] nachschauen.
#### Variante 2
``` powershell
Get-ChildItem 'HKLM:\SOFTWARE\Microsoft\NET Framework Setup\NDP' -Recurse | Get-ItemProperty -Name Version,Release -ErrorAction SilentlyContinue | Where-Object { $_.PSChildName -match '^(?!S)\p{L}'} | Select-Object PSChildName, Version, Release
```
## Windows Services/Dienste
### cdpusersvc deaktivieren
- In Registry nach key `cdpusersvc` suchen. Überall bei "start" auf 4 setzen.
- admin-cmd öffnen, dann `pwsh`.
- `sc config cdpusersvc type=own`
- `nssm remove cdpusersvc`
## Shell Extensions
### Tool: ShellExView
The ShellExView utility displays the details of shell extensions installed on your computer, and allows you to easily disable and enable each shell extension.
ShellExView can be used for solving context-menu problems in Explorer environment.
http://www.nirsoft.net
## Files
### Find encrypted Files
```
cmd> cipher /s:D:\beispiel\pfad
```
## CMD
### run CMD as different user
```
runas /user:"infra.vs.ch\fedcom" cmd
```
if you want to use `system` user:
- Auf Server PsExec installieren https://docs.microsoft.com/en-us/sysinternals/downloads/psexec
- CMD als Admin ausführen
- `PsExec64.exe -s cmd`
- Test mit Befehl: `whoami`. Dann sollte `nt authority\system` erscheinen.
### Access fileshare in CMD
If youve ever tried to access a network file share in a command prompt by simply using the cd command, youll know that it just complains that “CMD does not support UNC paths as current directories”. Well, there is a way to do it (two in fact):
#### net use
```
net use z: \\machine\share
```
It can be combined with the `/user` switch to provide additional user details:
```
net use z: \\machine\share /user:domain\username
```
delete:
```
net use p: /delete
```
#### pushd
```
pushd \\machine\share
```
The bonus of using the `pushd` command over the `net use` command is that it will automatically change the current directory to the mapped drive (which will be the first unused drive letter available in reverse alphabetical order). Also, when finished with the network share, you can use the `popd` command to remove the mapped drive.
### run multiple batch files in one file
`cmd.exe /C`, danach die bat-Datei in Anführungszeichen, und Parameter je nachdem ob sie gebraucht werden. Weil ein Misch ist, ein @ davor setzen.
Bsp. Inhalt einer Master-.bat Datei, mit mehreren bat Aufrufen (und einer env-variable)
```
cmd.exe /C @"fedora-purge.bat" abc.def.ch:8443 fedoraAdmin %FEDORAPW% CH-000999-4:328110 https "delete because more recent version CH-000917-4:331101"
cmd.exe /C @"fedora-purge.bat" abc.def.ch:8443 fedoraAdmin %FEDORAPW% CH-000999-4:328111 https "delete because more recent version CH-000917-4:331101"
```
View Git Blame Copy Permalink