The permissions on the certificate template do not allow the current user to enroll this type of certificate. You do not have permission to request this type of Certificate
Apparently I had to assign Enroll permissions to the Certificate template security for the computer requesting the certificate. Read more…
Adobe Patches for May 2020
The Adobe updates for May are just two patches covering 36 CVEs. Two of these CVEs were reported through the ZDI program. The patch for Adobe Acrobat and Reader covers 24 Critical and Important-rated CVEs that mostly consist of Out-of-Bounds (OOB) Reads and Writes. There are also some buffer overflows, memory corruptions, stack exhaustion, and Use-After-Free (UAF) bugs fixed. The patch for the Adobe DNG Software Development Kit (SDK) fixes four Critical-rated heap overflows and eight Important-rated OOB Reads. The overflows could lead to code execution, so if you use the DNG format for your digital photography, definitely make sure you are patched. None of these bugs are listed as publicly known or under active attack at the time of release.
Microsoft Patches for May 2020
For May, Microsoft released patches for 111 CVEs covering Microsoft Windows, Microsoft Edge (EdgeHTML-based), ChakraCore, Internet Explorer, Microsoft Office, and Microsoft Office Services and Web Apps, Visual Studio, Microsoft Dynamics, .NET Framework, .NET Core, and Power BI. Of these 111 CVEs, 16 are rated Critical and 95 are rated Important in severity. Eleven of these CVEs were reported through the ZDI program. None of the bugs being patched are listed as being publicly known or under active attack at the time of release. That makes three months in a row that Microsoft has released patches for more than 110 CVEs. We’ll see if they maintain that pace throughout the year. Read more…
CPU的参数详解:
表示CPU执行用户进程的时间,包括ni时间。通常我们只看这项。
表示CPU在内核运行时间,包括IRQ和softirq时间,系统CPU占用率高,表明系统某部份存在瓶颈,通常值越低越好。
CPI在等待I/O操作完成所花费的时间,系统不应该花费大量时间来等待I/O操作,否则说明I/O存在问题。
系统处于空闲期,等待进程运行。
系统调整进程优先级所花费的时间。
系统处理硬中断所花费的时间。
系统处理软件中断所花费的时间。
被强制等待虚拟CPU的时间,此时hypervisor在为另一个虚拟处理器服务。
阀值:处理器的阀值一般设为85%。
含义:表示处理器活动的主要指标。高数值并不一定是坏事,但是如果其他处理器相关的计数器(比如% Privileged Time 或者 Processor Queue Length)线性增加的话,高CPU使用率就值得调查了。
阀值:如果数值持续大于75%就表示存在瓶颈。
含义:表示一个线程在特权模式下所使用的时间比例。当你的程序调用操作系统的方法(比如文件操作,网络I/O或者分配内存),这些操作系统的方法是在特权模式下运行的。
阀值:取决于处理器
含义:表示处理器接收处理硬件中断所使用的时间比例。这个值间接指出产生中断的硬件设备活动,比如网络变化。这个计数器显著增加的话表示硬件可能存在问题。
阀值:平均值持续大于2那么表示CPU存在瓶颈
含义:如果就绪的任务超过处理能力线程就会被放进队列。处理器队列是就绪但是未能被处理器执行的线程的集合,这是因为另外一个线程正在执行状态。持续或者反复发生2个以上的队列则明确的表示存在处理器瓶颈。你也能通过减少并发取得更大的吞吐量。
阀值:按照通常的规律,Context switching速率小于5000/秒/CPU是不需要担心的。如果Context Switching速率达到15000/秒/CPU的话就是一个制约因素了。
含义:当一个高优先级的线程取代一个正在运行的低优先级线程,或者高优先级线程阻塞的时候就会发生Context Switching。大量的Context Switching可以发生在许多线程拥有相同的优先级的情况下,这通常表示有太多的线程竞争CPU,如果你没有看到太高的处理器使用率而且发现Context Switch非常低,那么表示线程被阻塞。
Logon Types are logged in the Logon Type field of logon events (event IDs 528 and 540 for successful logons, and 529-537 and 539 for failed logons). Windows supports the following logon types and associated logon type values:Logon Types are logged in the Logon Type field of logon events (event IDs 528 and 540 for successful logons, and 529-537 and 539 for failed logons). Windows supports the following logon types and associated logon type values:Logon Types are logged in the Logon Type field of logon events (event IDs 528 and 540 for successful logons, and 529-537 and 539 for failed logons). Windows supports the following logon types and associated logon type values:
function Get-LastLogon {
[CmdletBinding()]
param(
[Parameter(ValueFromPipeline = $true)]
[String]$ComputerName = $env:COMPUTERNAME
)
process {
Get-WmiObject Win32_UserProfile -ComputerName $ComputerName -Filter "Special='FALSE'" | ForEach-Object {
# Attempt to get the UserAccount using WMI
$userAccount = Get-WmiObject Win32_UserAccount -Filter "SID='$($_.SID)'" -ComputerName $ComputerName
# To satisfy WMI all single \ in a path must be escaped.
# Prefer to use NTUser.dat for last modification
$path = (Join-Path $_.LocalPath 'ntuser.dat') -replace '\\', '\\'
$cimObject = Get-WmiObject CIM_DataFile -Filter "Name='$path'" -ComputerName $ComputerName
if ($null -eq $cimObject) {
# Fall back to the directory
$path = $_.LocalPath -replace '\\', '\\'
$cimObject = Get-WmiObject CIM_Directory -Filter "Name='$path'" -ComputerName $ComputerName
}
$lastModified = $null
if ($null -ne $cimObject) {
$lastModified = [System.Management.ManagementDateTimeConverter]::ToDateTime($cimObject.LastModified)
}
# See if LastUseTime is more useful.
$lastUsed = $null
if ($null -ne $_.LastUseTime) {
$lastUsed = [System.Management.ManagementDateTimeConverter]::ToDateTime($_.LastUseTime)
}
# Profile type
$profileType = switch ($_.Status) {
1 { "Temporary" }
2 { "Roaming" }
4 { "Mandatory" }
8 { "Corrupted" }
0 { "LOCAL" }
}
[PSCustomObject]@{
ComputerName = $ComputerName
Username = $userAccount.Caption
LastChanged = $lastModified
LastUsed = $lastUsed
SID = $_.SID
Path = $_.LocalPath
ProfileType = $profileType
}
}
}
}
$myDomain = Get-Content C:\temp\Domain.txt
Get-Content C:\temp\Computers1.txt | ForEach-Object {
$ComputerName = $_ + $myDomain
if (Test-Connection $ComputerName -Quiet -Count 3) {
Get-LastLogon -ComputerName $ComputerName | Select-Object *, @{Name='Status';Expression={ 'OK' }} |
Where-Object { $_.LastChanged -lt (Get-Date).AddDays(-30) }
} else {
# Normalise the output so we don't lose columns in the export
$ComputerName | Select-Object @{Name='ComputerName';e={ $ComputerName }},
Username, LastChanged, LastUsed, SID, Path, ProfileType, @{Name='Status';Expression={ 'PING FAILED' }}
}
} | Export-Csv 'C:\temp\Profiles.csv' -NoTypeInformation
We will use Group Policy Preferences to set password on local user account
Here is an image of what the policy should look like before applying it:
Note: By default, all Group Policy updates are applied on a 90-minute timer. To apply the update instantly, run a gpupdate /force on the machine to be affected.
Action选择Update,User Name选择Administrator(built-in),输入密码以及确认密码(当密码输入框为灰色时是由于http://support.microsoft.com/kb/2962486 该微软安全补丁导致,卸载该补丁后OK!)
If you want to change this 90-minute policy refresh time for all machines:
Note: There has been a Common Vulnerability and Exposure number CVE-2014-1812 released for this feature.
With that in mind Microsoft has released a fix, to PREVENT the use of passwords within Group Policy Preferences.
https://technet.microsoft.com/library/security/ms14-025
This article was originally posted at http://mabdelhamid.wordpress.com/2011/09/12/how-to-change-local-administrator-password-with-group-policy/
什么是花生日记呢?
花生日记app是一款优秀的淘宝天猫导购软件,是直接跳转到官方淘宝APP的软件。
淘宝上也有很多优惠券,购物之前领优惠券可以省下一笔,但在使用花生日记中发现花生日记APP中的优惠券优惠金额更大,有时是在淘宝客户端看不到的大额优惠券。
因为花生日记的用户众多,很多商家联合花生日记搞活动,可以用极便宜的价格购买到超值的商品。
花生日记并不是那种可以随便注册的APP,而是需要邀请码。每个花生日记用户都有一个独有的邀请码,使用你的邀请码注册的用户是你的粉丝,粉丝通过花生日记购物,你也可以获得一些返利分成。当然粉丝越多,分成越多。极少成多,也是一笔不小的收入。
如何突破这个拿佣金提点的限制?那么就需要各位努力推广,升级官方运营商。
运营商的好处:
No matter whether you use Windows 7, Windows 10 or Windows 8.1, you may want to login without entering a password, while keeping your existing user account password. You may have a long password, and you are using a PC where only you have access. If this is what you want, then you are in luck. With the help of a hidden Windows app named netplwiz, you can set Windows to automatically log you in, without typing the password, each time you start your PC. Here is how it is done: Read more…
Shared Nothing Live Migration requirements:
In this article, we’ll look on licensing features of the Windows Server 2019, 2016 and 2012 R2 operating systems from the point of view of new Microsoft licensing model. Also, we’ll tell about the rules and licensing procedures when using Windows Server as a guest OS in a virtual machines, including the HA clusters with the ability to migrate virtual machines between hypervisors (VMWare VMotion, Hyper-V Live Migration, etc). Read more…
