LAPS password from computer in other domain (PS)

If you ever need to read a LAPS password on a device in another domain, you have to get a bit creative as the LAPS UI doesn’t support multi-domain in an easy fashion.

There is of course the use of “distinguishedName” attribute, but who can remember this and when you are in the Attribute Editor anyway – to copy this – you can read the LAPS password inhere.

But with PowerShell, you can do a simple query … or two …

With LAPS module

  • With the LAPS PS module you get the expirationTime formated in a readable format

No LAPS module

  • Without the LAPS PS module you need need to format the ExpirationTime timestamp yourself – or just do an educated guess

Remember, that the context of the PS session has to have read permission to the password attribute in the remote domain, otherwise you will get nothing.

Windows 10 Fonts and Fonts

With newer version of Windows 10 (1809 I think), users can now add Fonts them self. Thanks Microsoft!

This is where to look …

Per computer

  • Fonts located: C:\Windows\Fonts
  • Registry located: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts

Per user

  • Fonts located: %LocalAppData%\Microsoft\Windows\Fonts
  • Registry located: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts

Set default file associations

In Windows 10, the way to set the a default program or a file association is done with a .xml file and a Group Policy setting, when the computer is joined a domain – otherwise you do it manually.

Export

On a reference computer, setup the program and file association as needed and then export the result:

Edit

Edit the .xml file to  contain the settings you wish to apply to your computer clients. It is not recommended that you use it “as-is”.

Below is my default appAssoc.xml file containing Outlook and Internet Explorer as default apps on a computer.

If you wish  to add an Adobe product as default PDF reader, Adobe has created a ‘how to’ guide … Read it here

Copy

Now copy the .xml file to a network location where all your computers can get a hold on the file, eg. %NETLOGON%\ClientApps\appAssoc.xml

Group Policy

In an relevant Group Policy, go to [Computer Configuration], [Administrative Templates], [Windows Components], [File Explore] and select the [Set a default associations configuration file] setting. Enable it and hereafter enter the path and file name, of the location of the .xml file.

At next reboot the new program and file association should be effective.

WUAUCLT is dead (CMD)

Windows 10 has toombed yet another function within Windows, and now the ‘wuauclt’ command line tools is dead. To replace the old tool, Microsoft has created a brand new Windows Update tool called: ‘usoClient’.

The ‘usoClient’ is a part of the new Windows 10 Update Orchestrator family and is located in the System32 folder, and like ‘wuauclt’ the ‘usoClient’ can do a lot of cool Windows Update stuff.

Switch Description
StartScan Use this to Start Scan
StartDownload Use this to Start Download of Updates
StartInstall Use this to Install Downloaded Updates
RefreshSettings Use this to Refresh Settings if any changes were made
RestartDevice Use this to Restart the device to finish the installation of Updates
ScanInstallWait Use this to Combine Scan-Download-Install
ResumeUpdate Use this to Resume Update Installation On Boot

The ‘day-to-day’ Update Orchestrator actions are controlled from Task Scheduler -> Microsoft -> Windows -> UpdateOrchestrator

Happy updating.

Source: omgdebugging.com