Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed last year.
Improve this question
I want to rename the network interface name to a default name, for example "Ethernet", via dos.
I know netsh interface set interface name=”Local Area Connection” newname=”Ethernet” is the way to do it.
I am running a script and it will not know the name of the interace, correct? So, I need it to rename it to a default before I set the IP address for the interface.
How can I do this without knowing the name of the interface?
Is there a way to get the name of the interface somehow and then change it?
netsh (a tool MS tried to wean us off and gave up)
To get the WLAN interface names: netsh wlan show interfaces
help states: show interfaces - Shows a list of the wireless LAN interfaces on the system.
To get LAN interface names: netsh lan show interfaces
help states: show interfaces - Shows a list of the current wired interfaces on the system.
To get names of all interfaces: netsh interface show interface
help states: show interfaces - Displays interfaces.
The command for LAN does need Wired AutoConfig service, which is usually not started.
This Batch script would start the service, get (the last) LAN interfaces name, change it to a new name, stop the Wired AutoConfig service again.
sc.exe start dot3svc
for /f "tokens=1* delims=: " %%a in ('netsh lan show interfaces') do if %%a == Name set activeAdapter=%%b
echo %activeAdapter%
netsh interface set interface name="%activeAdapter%" newname="Ethernet"
sc.exe stop dot3svc
Limitations:
It assumes there is only one wired interface
It will stop Wired AutoConfig service whether it was running or not at the start
For Wifi interfaces, change in above script 'lan' to 'wlan' and remove both sc.exe service start/stop
PowerShell
To get better control of what interface is renamed PowerShell will be an easier choice.
This will probably work in most cases:
Get-NetAdapter | Where-Object { $_.HardwareInterface -eq $True -and $_.MediaType -eq "802.3" } | Rename-NetAdapter -NewName "Ethernet"
HardwareInterface will eliminate virtual interfaces, e.g. VMWare
MediaType 802.3 will only show "wired" interfaces and not Wifi, Broadband or others.
In a script file, use the above version of the command, shorthand version would be:
Get-NetAdapter | ? HardwareInterface | ? MediaType -eq "802.3" | Rename-NetAdapter "Ethernet"
There are more options how to select the desired interface. Check all parameters by which it can be selected:
(Get-NetAdapter)[0] | Format-List -Property * -Force
e.g.
List all made by Realtek (Realtek vendor 10ec, Intel: 8086):
Get-NetAdapter | ? ComponentID -like "PCI\VEN_10EC*"
Not virtual:
Get-NetAdapter | ? Virtual -eq $false
Connector Present:
Get-NetAdapter | ? ConnectorPresent
Then there is WMI object
Get-WmiObject -Class Win32_NetworkAdapterConfiguration
Registry
In a case that you changed a Network adapter card and a new one is using a name: Ethernet 2 or similar and you want to rename it back to "Ethernet",
there will be an error saying:
"You were not connected because a duplicate name exists on the network. If joining a domain, go to System in Control Panel to change the computer name and try again. If joining a workgroup, choose another workgroup name."
Which is of course erroneous error message about renaming a computer.
PowerShell would say correctly: An attempt was made to create an object and the object name already existed.
But going to Control Panel\Network and Internet\Network Connections and trying to rename the interface there would not help either.
It seems the only option for such case is to find corresponding key in these registry paths:
HKEY_LOCAL_MACHINE\SYSTEM\Setup\Upgrade\NetworkDriverBackup\Control\Network\{4d36e972-e325-11ce-bfc1-08002be10318}\
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\
HKEY_LOCAL_MACHINE\SYSTEM\Setup\Upgrade\NetworkDriverBackup\Control\NetworkSetup2\Interfaces\
and remove the key for the old interface (not the whole paths as written above!), then restart.
Renaming by cmd batch, PS or in Control Panel should now work.
You can do quite a lot with Powershell, which depending on how new your server is, may be installed. Google "Get-WmiObject -Class Win32_NetworkAdapterConfiguration" to see more info.
Related
I have 12 servers (session hosts) with tens of thousands firewall rules on each of them. Rules are creating when users are logging in and system is not deleting them when the're logging off (probably a bug which was fixed in WS2016, but in 2019 is here again).
I have tried to delete the rules with powershell's Remove-NetFirewallRule, but it's useless because of a performance. It takes 33 hours to delete 40k rules (20 rules per minute). Now I'm trying to achieve it with netsh.exe which is much quicker (1000 rules per minute), but I'm unable to find out how to filter out rules with "Any" in profile (these I want to keep).
I have tried to filter the rules with powershell and then push it to netsh:
$rulesToRemove = Get-NetFirewallRule | where {$_.profile -ne "Any"} | select displayName
foreach($rule in $rulesToRemove) { netsh advfirewall firewall delete rule name=$rule }
and it's working for some rules and for others not - "No rules match the specific criteria". I tried to push displayName, name and several other values, but most of the rules simply didn't match the criteria. The only condition here is the fw rule name, so I tried to get the names with netsh and I got something like this for example:
#{Microsoft.Windows.Cortana_1.11.6.17763_neutral_neutral_cw5n1h2txyewy?mc-resource://Microsoft.Windows.Cortana/resources/PackageDisplayName}
and even this didn't work for netsh as rule name :(.
QUESTION: Is there a way how to delete tens of thousands FW rules by script in a reasonable time?
Like Bill_Stewart says, and you can also dot reference it.
$rulesToRemove = (Get-NetFirewallRule | where {$_.profile -eq "Any"}).DisplayName
foreach($rule in $rulesToRemove) { netsh advfirewall firewall delete rule name=$rule }
This script will remove most of them; just add the rest if they have similar name. It's not fancy, but it works. The remove-command searches through both in and out firewall lists and removes all that match with the displayname. Run it regularly and it will not use many resources:
Write-Host '*** Deleting: '
remove-netfirewallrule -DisplayName "Your account"
remove-netfirewallrule -DisplayName "Work or school account"
remove-netfirewallrule -DisplayName "cortana"
remove-netfirewallrule -DisplayName "SmartScreen"
remove-netfirewallrule -DisplayName "Windows Default Lock Screen"
remove-netfirewallrule -DisplayName "Windows Shell Experience"
remove-netfirewallrule -DisplayName "Xbox Game UI"
remove-netfirewallrule -DisplayName "Email and accounts"
There's a reg edit to stop this from happening once you've deleted the orphaned rules.
Addresses an issue that slows server performance or causes the server to stop responding because of numerous Windows firewall rules. To enable this solution, use regedit to modify the following and set it to 1:
Type: “DeleteUserAppContainersOnLogoff” (DWORD)
Path: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy
I'v been trying to add a computer to my domain add-computer -DomainName Gary.psv
but this error pops up "The specified domain either does not exist or could not be contacted"
I'm confused Am I suppose to match DNS between both servers? I'm using powershell btw.
I am wondering if it's possible to use the 'net user' command in Windows to pull up details on a user in a different domain? The domain is connected to us. For example, I can log in as that user in the other domain from the same network.
This is the net user command I use to pull my local details:
net user myusername /domain
Is there a way to specify a different domain name? Or are there other commands that will do something similar? I'm am wanting to use a command to verify the password expiration date on the other domain.
No, you cannot use it that way. The /domain flag is used just for specifying that the command should be run on the primary domain controller for the domain that you are in. Otherwise, the command runs on the computer (server) where you are running the command.
https://support.microsoft.com/en-us/help/251394/how-to-use-the-net-user-command
You can, however, use PowerShell cmdlets to manage users in Active Directory. The following documentation is for the Get-AdUser cmdlet.
https://technet.microsoft.com/en-us/library/ee617241.aspx
You probably want to pass in the Identity flag and specify the full Distinguished Name for the user object. For example: -Identity "CN=SaraDavis,CN=Europe,CN=Users,DC=corp,DC=contoso,DC=com"
Try to issue following command in powershell
Get-ADUser "username" -Server "domaincontroller.localdomain"
You can log onto a virtual machine or windows server on that domain and run the same command to get that domain user's details.
Powershell like in Matson's answer is probably the better option if you rarely have machines open on that domain, but if you are already working on a machine in that domain your command works just fine.
As part of a business solution we are offering several remote desktops to a user base. Currently the users must go system by system attempting to connect and find one that is not already being used. I'd like to see if there is a command that can be run to quickly query an IP and see if there is an active remote connection already.
I've run across a 'wmic' solution already, but this only seems to work if the person running the command has admin access on the destination machine. I don't need a username returned or any information other than if there is a currently in-use remote connection.
Any idea's?
Researched solutions that didn't pan out listed below:
wmic /node:IP ComputerSystem GET UserName ---Returns only if requestor is an admin
qwinsta /server:IP ---RPC is not enabled on all machienes
eventvwr IP ---Too technical and time consuming for end users
Thanks in advance
query session /SERVER:servername
Using Windows 7 Enterprise with SP1, but I'm hoping to get a generic answer that would apply to Windows XP/2003/2008/Vista/7.
From a command prompt, I execute a net use command to map the Z: drive to a share on another computer, but I don't use my current credentials, I specify a different domain and user to map the drive.
net use z: \\rd-pc2037\C_DRIVE password /user:rd-pc2037\Administrator
The command completes successfully. Now that the drive is mapped, how can I find what Domain and Username I used to successfully map the drive? I can't seem to find what I want with the net use command.
C:\Users\rdomarat>net use
New connections will not be remembered.
Status Local Remote Network
----------------------------------------------------------------------------
OK Z: \\rd-pc2037\C_DRIVE Microsoft Windows Network
The command completed successfully.
C:\Users\rdomarat>net use Z:
Local name Z:
Remote name \\rd-pc2037\C_DRIVE
Resource type Disk
Status OK
# Opens 0
# Connections 1
The command completed successfully.
Checking the properties of the share in Windows Explorer and looking at the security tab showed me what permissions different people would have, but I didn't see how which DOMAIN\User I had used. I searched through the registry with limited success as well.
Any thought?
WMI is your friend:
> wmic netuse where LocalName="Z:" get UserName /value
UserName=rd-pc2037\Administrator
[anonymous suggestion 2022-08-07]:
Since Microsoft is gradually moving away from WMI,
Powershell/CIM is your future friend:
Get-CimInstance -classname Win32_NetworkConnection | select-object Remotename,Username
None of these answers help when using alternate credentials. They only show the current, local user. That doesn't help.
To view all stored credentials, use...
rundll32.exe keymgr.dll, KRShowKeyMgr
According to http://technet.microsoft.com/en-us/library/cc957215.aspx
the information you want is in the registry.
I have tried the wmic-command but it showed me the locally logged in user and not the "used DOMAIN\login"
The critical info from the link above:
Registry entry HKCU\Network\{Drive letter}\UserName is a REG_SZ that specifies the username (including domain name) whose credentials were used when the network drive was mapped.
Windows 11 -- some of this is useful, however Windows is still telling me that it has connected to a drive not listed in Windows Explorer, but which is not listed in computer, manage or net use or any of the options above. So Windows is storing connection information somewhere else.
There really should be a way to remove or replace persistent connections globally by username or servername.