June 15th, 2020 | Tags:

The permissions on the certificate template do not allow the current user to enroll this type of certificate. You do not have permission to request this type of Certificate

Certificate Renew You do not have permission to request this type of Certificate

Apparently I had to assign Enroll permissions to the Certificate template security for the computer requesting the certificate. Read more…

May 15th, 2020 | Tags: ,

Adobe Patches for May 2020

The Adobe updates for May are just two patches covering 36 CVEs. Two of these CVEs were reported through the ZDI program. The patch for Adobe Acrobat and Reader covers 24 Critical and Important-rated CVEs that mostly consist of Out-of-Bounds (OOB) Reads and Writes. There are also some buffer overflows, memory corruptions, stack exhaustion, and Use-After-Free (UAF) bugs fixed. The patch for the Adobe DNG Software Development Kit (SDK) fixes four Critical-rated heap overflows and eight Important-rated OOB Reads. The overflows could lead to code execution, so if you use the DNG format for your digital photography, definitely make sure you are patched. None of these bugs are listed as publicly known or under active attack at the time of release.

Microsoft Patches for May 2020

For May, Microsoft released patches for 111 CVEs covering Microsoft Windows, Microsoft Edge (EdgeHTML-based), ChakraCore, Internet Explorer, Microsoft Office, and Microsoft Office Services and Web Apps, Visual Studio, Microsoft Dynamics, .NET Framework, .NET Core, and Power BI. Of these 111 CVEs, 16 are rated Critical and 95 are rated Important in severity. Eleven of these CVEs were reported through the ZDI program. None of the bugs being patched are listed as being publicly known or under active attack at the time of release. That makes three months in a row that Microsoft has released patches for more than 110 CVEs. We’ll see if they maintain that pace throughout the year. Read more…

April 10th, 2020 | Tags:

CPU的参数详解:

us(user time)

表示CPU执行用户进程的时间,包括ni时间。通常我们只看这项。

sy(system time)

表示CPU在内核运行时间,包括IRQ和softirq时间,系统CPU占用率高,表明系统某部份存在瓶颈,通常值越低越好。

wa(waiting time)

CPI在等待I/O操作完成所花费的时间,系统不应该花费大量时间来等待I/O操作,否则说明I/O存在问题。

id(idle time)

系统处于空闲期,等待进程运行。

ni(nice time)

系统调整进程优先级所花费的时间。

hi(hard irq time)

系统处理硬中断所花费的时间。

si(softirq time)

系统处理软件中断所花费的时间。

st(steal time)

被强制等待虚拟CPU的时间,此时hypervisor在为另一个虚拟处理器服务。

Processor/% Processor Time

阀值:处理器的阀值一般设为85%。
含义:表示处理器活动的主要指标。高数值并不一定是坏事,但是如果其他处理器相关的计数器(比如% Privileged Time 或者 Processor Queue Length)线性增加的话,高CPU使用率就值得调查了。

Processor/% Privileged Time

阀值:如果数值持续大于75%就表示存在瓶颈。
含义:表示一个线程在特权模式下所使用的时间比例。当你的程序调用操作系统的方法(比如文件操作,网络I/O或者分配内存),这些操作系统的方法是在特权模式下运行的。

Processor/% Interrupt Time

阀值:取决于处理器
含义:表示处理器接收处理硬件中断所使用的时间比例。这个值间接指出产生中断的硬件设备活动,比如网络变化。这个计数器显著增加的话表示硬件可能存在问题。

System/Processor Queue Length

阀值:平均值持续大于2那么表示CPU存在瓶颈
含义:如果就绪的任务超过处理能力线程就会被放进队列。处理器队列是就绪但是未能被处理器执行的线程的集合,这是因为另外一个线程正在执行状态。持续或者反复发生2个以上的队列则明确的表示存在处理器瓶颈。你也能通过减少并发取得更大的吞吐量。

System/Context Switches/sec

阀值:按照通常的规律,Context switching速率小于5000/秒/CPU是不需要担心的。如果Context Switching速率达到15000/秒/CPU的话就是一个制约因素了。
含义:当一个高优先级的线程取代一个正在运行的低优先级线程,或者高优先级线程阻塞的时候就会发生Context Switching。大量的Context Switching可以发生在许多线程拥有相同的优先级的情况下,这通常表示有太多的线程竞争CPU,如果你没有看到太高的处理器使用率而且发现Context Switch非常低,那么表示线程被阻塞。

February 10th, 2020 | Tags:

Logon Types are logged in the Logon Type field of logon events (event IDs 528 and 540 for successful logons, and 529-537 and 539 for failed logons). Windows supports the following logon types and associated logon type values:Logon Types are logged in the Logon Type field of logon events (event IDs 528 and 540 for successful logons, and 529-537 and 539 for failed logons). Windows supports the following logon types and associated logon type values:Logon Types are logged in the Logon Type field of logon events (event IDs 528 and 540 for successful logons, and 529-537 and 539 for failed logons). Windows supports the following logon types and associated logon type values:

  • 1: Interactive logon—This is used for a logon at the console of a computer. A type 2 logon is logged when you attempt to log on at a Windows computer’s local keyboard and screen.
  • 2: Network logon—This logon occurs when you access remote file shares or printers. Also, most logons to Internet Information Services (IIS) are classified as network logons, other than IIS logons that use the basic authentication protocol (those are logged as logon type 8).
  • 3: Batch logon—This is used for scheduled tasks. When the Windows Scheduler service starts a scheduled task, it first creates a new logon session for the task, so that it can run in the security context of the account that was specified when the task was created.
  • 4: Service logon—This is used for services and service accounts that log on to start a service. When a service starts, Windows first creates a logon session for the user account that is specified in the service configuration.
  • 5: Unlock—This is used whenever you unlock your Windows machine.
  • 6: Network clear text logon—This is used when you log on over a network and the password is sent in clear text. This happens, for example, when you use basic authentication to authenticate to an IIS server.
  • 7: New credentials-based logon—This is used when you run an application using the RunAs command and specify the /netonly switch. When you start a program with RunAs using /netonly, the program starts in a new logon session that has the same local identity (this is the identity of the user you are currently logged on with), but uses different credentials (the ones specified in the runas command) for other network connections. Without /netonly, Windows runs the program on the local computer and on the network as the user specified in the runas command, and logs the logon event with type 2.
  • 8: Remote Interactive logon—This is used for RDP-based applications like Terminal Services, Remote Desktop or Remote Assistance.
  • 9: Cached Interactive logon—This is logged when users log on using cached credentials, which basically means that in the absence of a domain controller, you can still log on to your local machine using your domain credentials. Windows supports logon using cached credentials to ease the life of mobile users and users who are often disconnected.

Source

December 25th, 2019 | Tags:
function Get-LastLogon {
    [CmdletBinding()]
    param(
        [Parameter(ValueFromPipeline = $true)]
        [String]$ComputerName = $env:COMPUTERNAME
    )

    process {
        Get-WmiObject Win32_UserProfile -ComputerName $ComputerName -Filter "Special='FALSE'" | ForEach-Object {    
            # Attempt to get the UserAccount using WMI
            $userAccount = Get-WmiObject Win32_UserAccount -Filter "SID='$($_.SID)'" -ComputerName $ComputerName

            # To satisfy WMI all single \ in a path must be escaped.
            # Prefer to use NTUser.dat for last modification
            $path = (Join-Path $_.LocalPath 'ntuser.dat') -replace '\\', '\\'
            $cimObject = Get-WmiObject CIM_DataFile -Filter "Name='$path'" -ComputerName $ComputerName
            if ($null -eq $cimObject) {
                # Fall back to the directory
                $path = $_.LocalPath -replace '\\', '\\'
                $cimObject = Get-WmiObject CIM_Directory -Filter "Name='$path'" -ComputerName $ComputerName
            }
            $lastModified = $null
            if ($null -ne $cimObject) {
                $lastModified = [System.Management.ManagementDateTimeConverter]::ToDateTime($cimObject.LastModified)
            }
            # See if LastUseTime is more useful.
            $lastUsed = $null
            if ($null -ne $_.LastUseTime) {
                $lastUsed = [System.Management.ManagementDateTimeConverter]::ToDateTime($_.LastUseTime)
            }

            # Profile type
            $profileType = switch ($_.Status) {
                1 { "Temporary" }
                2 { "Roaming" }
                4 { "Mandatory" }
                8 { "Corrupted" }
                0 { "LOCAL" }
            }

            [PSCustomObject]@{
                ComputerName = $ComputerName
                Username     = $userAccount.Caption
                LastChanged  = $lastModified
                LastUsed     = $lastUsed
                SID          = $_.SID
                Path         = $_.LocalPath
                ProfileType  = $profileType
            }
        }
    }
}

$myDomain = Get-Content C:\temp\Domain.txt
Get-Content C:\temp\Computers1.txt | ForEach-Object {
    $ComputerName = $_ + $myDomain 
    if (Test-Connection $ComputerName -Quiet -Count 3) {
        Get-LastLogon -ComputerName $ComputerName | Select-Object *, @{Name='Status';Expression={ 'OK' }} |
            Where-Object { $_.LastChanged -lt (Get-Date).AddDays(-30) }
    } else {
        # Normalise the output so we don't lose columns in the export
        $ComputerName | Select-Object @{Name='ComputerName';e={ $ComputerName }},
            Username, LastChanged, LastUsed, SID, Path, ProfileType, @{Name='Status';Expression={ 'PING FAILED' }}
    }
} | Export-Csv 'C:\temp\Profiles.csv' -NoTypeInformation
December 21st, 2019 | Tags:

We will use Group Policy Preferences to set password on local user account

  • Click Start – All programs – Administrative Tools – Group Policy Management.
  • Create or Edit Group Policy Objects.
  • Expand Computer Configuration – Preferences – Control Panel Settings.
  • Right-click Local Users and Groups – New – Local User.
  • Ensure the Action is Update and enter the new password.
  • If this is a one-time change (not permanent):
    • Go to the Common tab and check the box for “Apply once and do not reapply“.
  • If the change should be permanent: The defaults are correct.

Here is an image of what the policy should look like before applying it:

  

Note: By default, all Group Policy updates are applied on a 90-minute timer. To apply the update instantly, run a gpupdate /force on the machine to be affected.

Action选择Update,User Name选择Administrator(built-in),输入密码以及确认密码(当密码输入框为灰色时是由于http://support.microsoft.com/kb/2962486 该微软安全补丁导致,卸载该补丁后OK!)

If you want to change this 90-minute policy refresh time for all machines:

  • Expand Computer Configuration – Administrative Templates –System – Group policy
  • Enable Group policy refresh interval for computers and set any time you want (Recommended 5 – 10 min)

  

Note: There has been a Common Vulnerability and Exposure number CVE-2014-1812   released for this feature.

With that in mind Microsoft has released a fix, to PREVENT the use of passwords within Group Policy Preferences.

https://technet.microsoft.com/library/security/ms14-025  

This article was originally posted at  http://mabdelhamid.wordpress.com/2011/09/12/how-to-change-local-administrator-password-with-group-policy/ 

【花生日记APP】是广州花生日记网络科技有限公司旗下的一款手机购物优惠软件。少花钱,多生钱!花生日记【邀请码:MHD8EHO】字母O不是数字0.

 

什么是花生日记呢?

花生日记app是一款优秀的淘宝天猫导购软件,是直接跳转到官方淘宝APP的软件。

隐藏福利一:隐藏的淘宝优惠券

淘宝上也有很多优惠券,购物之前领优惠券可以省下一笔,但在使用花生日记中发现花生日记APP中的优惠券优惠金额更大,有时是在淘宝客户端看不到的大额优惠券。

隐藏福利二:淘宝超值商品推荐

因为花生日记的用户众多,很多商家联合花生日记搞活动,可以用极便宜的价格购买到超值的商品。

隐藏福利三:粉丝买东西,坐享购物返利分成

花生日记并不是那种可以随便注册的APP,而是需要邀请码。每个花生日记用户都有一个独有的邀请码,使用你的邀请码注册的用户是你的粉丝,粉丝通过花生日记购物,你也可以获得一些返利分成。当然粉丝越多,分成越多。极少成多,也是一笔不小的收入。

会员佣金制度

  1. 推广产品赚佣金:建购物群或发朋友圈分享产品,别人通过你的产品口令买,佣金全部归你。
  2. 推广注册躺赚:像我一样,让别人用自己的海报或者邀请码下载注册花生日记。她买东西佣金全归他,但你作为上级,平台另外奖励你20%。扫描下方图片二维码下载微信登录即可。
  3. 运营商:相当于公司合伙人,参与公司利润分配,下面的代理无论发展多少级别,你都有佣金奖励。
  4. 超级会员佣金分成:自购商品赚100%佣金,直属下级购买,你拿20%佣金提点,再往下,直属会员推荐的会员出单,这个会员拿100%,你的直属会员拿20%,你没有。简单来说就是超级会员只能拿直属会员佣金的20%

如何突破这个拿佣金提点的限制?那么就需要各位努力推广,升级官方运营商。

运营商的好处:

  1. 享受优惠券
  2. 享受自购和直线消费者购买的100%佣金
  3. 享受直线代理32%的佣金奖励
  4. 享受直线代理以外整个团队22%的佣金奖励
October 22nd, 2019 | Tags:

No matter whether you use Windows 7, Windows 10 or Windows 8.1, you may want to login without entering a password, while keeping your existing user account password. You may have a long password, and you are using a PC where only you have access. If this is what you want, then you are in luck. With the help of a hidden Windows app named netplwiz, you can set Windows to automatically log you in, without typing the password, each time you start your PC. Here is how it is done: Read more…

October 17th, 2019 | Tags:

Shared Nothing Live Migration requirements:

  1. Migration is possible between the servers running the following OSs: Windows Server 2012 R2 or Windows Server 2016
  2. Virtual machine version has to be 5 or higher
  3. Both computers must be located in the same Active Directory domain or in trusted domains
  4. A user performing the configuration must have Hyper-V administrator privileges. While configuring Kerberos constrained delegation, a user must have the domain administrator privileges (or server account privileges)

Read more…

October 17th, 2019 | Tags:

In this article, we’ll look on licensing features of the Windows Server 2019, 2016 and 2012 R2 operating systems from the point of view of new Microsoft licensing model. Also, we’ll tell about the rules and licensing procedures when using Windows Server as a guest OS in a virtual machines, including the HA clusters with the ability to migrate virtual machines between hypervisors (VMWare VMotion, Hyper-V Live Migration, etc). Read more…