Showing posts with label DHCP. Show all posts
Showing posts with label DHCP. Show all posts

2014-03-13

Windows AD, DHCP


AD DC

Disabling USB storage on Microsoft Windows:
1. From Explorers folder options ensure that hidden files and folders are displayed, file extensions are not hidden and simple file sharing is disabled.
2. Open up the properties for %systemroot%\Inf\Usbtror.inf (%systemroot% would normally be ‘C:\Windows’).
3. Select the security tab and make sure that all options for all users are set to deny. This must include administrators and SYSTEM.
4. Repeat the above for %systemroot%\Inf\Usbstor.pnf
5. If USB storage devices have been used on this machine previously then open up the registry editor otherwise ignore steps 6 and 7.
6. Browse to the registry location ‘HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UsbStor’.
7. Open up the registry key ‘Start’ and change the data value to ‘4?. Close the registry editor.

If you dont want to simplify the task download and run this usbstoragedisable.reg that will take care of diabling USB storage device. Make sure you restart after running this registry script.

If you want to enable it back then download and run this usbstorageenable.reg. Restart to take effect.

Additionally you need to deny the registry permissions to system for installing USB storage devices. For that, get a copy of subinacl.exe from MS 2003 server resource kit or search microsoft site for this tool.

Here is the command you should run to deny the permissions. Copy it in your batch file and run wherever you want.

subinacl.exe /keyreg \system\currentcontrolset\services\usbstor /deny=system



Pre:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Forceguest 0

IP Static to DHCP
wmic /node:10.0.1.101 /user:User /password:abc123 nicconfig where (ipenabled=true and dhcpenabled=false) call enabledhcp

DNS Auto
wmic /node:10.0.1.101 /user:User /password:abc123 nicconfig where (ipenabled=true and dhcpenabled=true) call setdnsserversearchorder ()

Change Computername
wmic /node:10.0.1.101 /user:user /password:abc123 computersystem where (name="vboxxp") rename name="vboxxp5"

Config DHCP Server

Reboot (No DC)
wmic /node:10.0.1.101 /user:User /password:abc123 os where primary=True call reboot

Join DC
netdom join 10.0.1.101 /Domain:macau_slot.com /UserO:user /PasswordO:abc123 /UserD:macau_slot.com\siduser /PasswordD:Abc!234 /REBoot:5


Reboot (Joined DC)
wmic /node:10.0.1.101 /user:Administrator /password:abc123 os where primary=True call reboot                          






WMIC /node:10.0.1.103 /user:Administrator /password:abc123 ComputerSystem where Name="vboxxp" call Rename Name="vboxxp4"

wmic /node:10.0.1.103 /user:Administrator /password:abc123 OS Where Primary=TRUE Call reboot



==============================


wmic /node:10.0.1.103 /user:Administrator /password:abc123 OS Where Primary=TRUE Call Shutdown

AD
netsh firewall set service remoteadmin enable
netsh firewall set opmode enable