We are creating a SSL VPN setup and our SSL VPN Gatway does not push pac files to the end users machines. But it do supoort running scripts when user connects and disconnet the ssl vpn.
I have created two batch files placed in system one will get execute at the time of connecting to SSL VPN and other at the time of disconnect to the VPN
Connecting to VPN reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v AutoConfigURL /t REG_SZ /d "http://www-abc.com:3132/accelerated_pac_base.pac " /f
Disconnecting to VPN reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v AutoConfigURL /t REG_SZ /d "" /f
The same is getting updated in the registry but not in the internet explorer connection settings.
Above, you mentioned that we have to modify the value under [HKEY_USERS\, to rectify brower restart issue.
Is is possible to create a two files ( Loin/Logout ) which could be provided to around 100 users to place in their system in the given path. and that patch would be called from our SSL vpn access gateway and resolve browser restart issue
Thanks
Manpreet Bhuee
Related
Trying to turn off the Password protected sharing via command line and having no luck at all.
Control Panel\All Control Panel Items\Network and Sharing Center\Advanced sharing settings
Password protected sharing = Off
I have looked at netsh advfirewall firewall
And only been able to configure the option for Turn on file and printer sharing.
No registry or command i have seen online can alter this setting, The only placed i have not fully explored is group polices.
PC's come in to be setup, we use a default set of look & feel with a number of settings changed. It would of been nice to have have the one Bat file configure all. But this is the only stumbling block i have hit.
Windows 7 (POS Ready)
I have seen a similar post on here: How do you pro grammatically Turn Password Protected Sharing on/off in Windows 7
Unfortunately this has not worked for me.
After a long time researching for myself I discovered that as long as you run the command prompt window with admin access the following works:
reg add Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa /v everyoneincludesanonymous /t REG_DWORD /d 1 /f
reg add Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters /v restrictnullsessaccess /t REG_DWORD /d 0 /f
And then you will have to restart your computer (which you can do with shutdown /r).
I'm having an issue where my WSUS Server (Windows 2012 R2) only reports 12 clients. I've modified the local group policy of each client host to contact the WSUS server, but only 12 show under "All Computers". If I attempt to add a 13th client, the server will bump one of the last 12 (I cannot tell if it's the previously added client, FIFO, or random).
Did I miss something in setup of the server or is it an issue with WSUS? I followed the basic/default setup for the installation of WSUS and nothing else is running on the server.
I've tried finding anything on the issue but this seems like I'm the only one so I'm sure its a misconfiguration on my part.
Thank you for advice and help...
David
So the problem was not associated with a 12 client limit - either with server or WSUS application. I was able to apply the suggestion above and the problem resolved.
There SusClientId are duplicated.
You will need to run on every client the following script:
net stop wuauserv
reg Delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v PingID /f
reg Delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v AccountDomainSid /f
reg Delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v SusClientId /f
reg Delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v SusClientIDValidation /f
net start wuauserv
wuauclt.exe /resetauthorization /detectnow
pause
Reference
I want to enable and disable manual proxy setup in windows 7,8 and 8. I want to toggle the manual proxy setup option using command script. I want to create a .bat file using command line and whenever I click on that .bat file, the manual proxy setup option will be toggled. I don't know the command for doing my job. I want to know the command for this job.
I agree with #Quirk this question is better placed in the super user group, but at the same time, users are drawn more often to StackOverflow and get discouraged when they don't find the answer.
Here is something I came up with, also my taught process:
all of Windows configurations that are flags or simple values are kept in the registry
you can manipulate the registry with the REG command
REG /? shows you what you can do
with regedit you can search the registry (F3) for your proxy host name
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
once you found the REG_KEY you are ready to write your script
in conclusion:
here is your 'command' for enabling your proxy:
REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings" /v ProxyEnable /t REG_DWORD /d 1 /f
here is your 'command' for disabling your proxy:
REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings" /v ProxyEnable /t REG_DWORD /d 0 /f
It works, the value is set, but I am pretty sure your Network Settings Window does not get the update until the next time you open it.
Hope this helps.
I want to enable and disable manual proxy setup
To enable:
netsh winhttp set proxy myproxy:80
To disable:
netsh winhttp reset proxy
To show the current settings:
netsh winhttp show proxy
Further Reading
An A-Z Index of the Windows CMD command line - An excellent reference for all things Windows cmd line related.
netsh - Configure Network Interfaces, Windows Firewall, Routing & remote access.
Netsh commands for Interface IP
Netsh Commands for Wireless Local Area Network (WLAN)
I want to set a proxy throught the command line, first thing I found out is that you have to run command line with administrator rights - then the basic proxy set would be:
netsh winhttp set proxy SERVER:PORT
This works nice, but I also want to add a login. As you can see I've tried using netsh->winhttp, however manual does not say anything about the login part so I just tried:
netsh winhttp set proxy user:password#SERVER:PORT
This unfortunately does not work. Is it even possible to achieve something like this in netsh->winhttp?
If so, how? If not => what windows commands should I follow?
̶O̶r̶ ̶i̶s̶ ̶t̶h̶i̶s̶ ̶m̶o̶r̶e̶ ̶e̶a̶s̶i̶l̶y̶ ̶a̶c̶h̶i̶e̶v̶e̶a̶b̶l̶e̶ ̶t̶h̶r̶o̶u̶g̶h̶ ̶s̶o̶m̶e̶ ̶W̶i̶n̶d̶o̶w̶s̶A̶P̶I̶ ̶(̶e̶.̶g̶.̶ ̶u̶s̶i̶n̶g̶ ̶C̶/̶C̶+̶+̶)̶?̶
Thanks for help, please feel free to ask any questions if something is unclear.
USING: Windows 7, cmd.exe, netsh->winhttp
EDIT: This looks like the C++ way: http://msdn.microsoft.com/en-us/library/windows/desktop/aa383144(v=vs.85).aspx , but a better way for C++ might be to go this way: http://msdn.microsoft.com/en-us/library/windows/desktop/aa385384(v=vs.85).aspx#general_option, - so the remaining question is how to achieve this in command line generally (or even better command-line->netsh->winhttp)?
If you are using Microsoft windows environment then you can set a variable named HTTP_PROXY, FTP_PROXY, or HTTPS_PROXY depending on the requirement.
I have used following settings for allowing my commands at windows command prompt to use the browser proxy to access internet.
set HTTP_PROXY=http://proxy_userid:proxy_password#proxy_ip:proxy_port
The parameters on right must be replaced with actual values.
Once the variable HTTP_PROXY is set, all our subsequent commands executed at windows command prompt will be able to access internet through the proxy along with the authentication provided.
Additionally if you want to use ftp and https as well to use the same proxy then you may like to the following environment variables as well.
set FTP_PROXY=%HTTP_PROXY%
set HTTPS_PROXY=%HTTP_PROXY%
cmd
Tunnel all your internet traffic through a socks proxy:
netsh winhttp set proxy proxy-server="socks=localhost:9090" bypass-list="localhost"
View the current proxy settings:
netsh winhttp show proxy
Clear all proxy settings:
netsh winhttp reset proxy
IE can set username and password proxies, so maybe setting it there and import does work
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyEnable /t REG_DWORD /d 1
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyServer /t REG_SZ /d name:port
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyUser /t REG_SZ /d username
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyPass /t REG_SZ /d password
netsh winhttp import proxy source=ie
The best way around this is (and many other situations) in my experience, is to use cntlm which is a local no-authentication proxy which points to a remote authentication proxy. You can then just set WinHTTP to point to your local CNTLM (usually localhost:3128), and you can set CNTLM itself to point to the remote authentication proxy. CNTLM has a "magic NTLM dialect detection" option which generates password hashes to be put into the CNTLM configuration files.
I have a Windows-xp-sp3 virtual machine, with configured NAT, disabled firewall, and ping-able ip address.
I'm trying to access \\<vm-name>\c$ from my computer.
I entered the <vm-name>\Administrator user in the prompted authentication window, yet I get Access is Denied.
When I configure "Everyone" to be an administrator on my VM, I can access the path.
Why do I get "Access is Denied" as a vm-local administrator user?
Edit: Solved the problem thanks to this blog:
http://chall32.blogspot.co.il/2010/02/how-to-enable-access-windows-7.html
You can run this line on your remote machine:
reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\system /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1 /f
Questioner provided the answer themselves. Running a simple Registry tweak on the remote machine (i.e., the host of the file being accessed) does the job --
reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\system /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1 /f
Answer based on a blog post, and backed up by MSKB.