June 15th, 2020 | Tags:

The permissions on the certificate template do not allow the current user to enroll this type of certificate. You do not have permission to request this type of Certificate

Certificate Renew You do not have permission to request this type of Certificate

Apparently I had to assign Enroll permissions to the Certificate template security for the computer requesting the certificate. Read more…

May 15th, 2020 | Tags: ,

Adobe Patches for May 2020

The Adobe updates for May are just two patches covering 36 CVEs. Two of these CVEs were reported through the ZDI program. The patch for Adobe Acrobat and Reader covers 24 Critical and Important-rated CVEs that mostly consist of Out-of-Bounds (OOB) Reads and Writes. There are also some buffer overflows, memory corruptions, stack exhaustion, and Use-After-Free (UAF) bugs fixed. The patch for the Adobe DNG Software Development Kit (SDK) fixes four Critical-rated heap overflows and eight Important-rated OOB Reads. The overflows could lead to code execution, so if you use the DNG format for your digital photography, definitely make sure you are patched. None of these bugs are listed as publicly known or under active attack at the time of release.

Microsoft Patches for May 2020

For May, Microsoft released patches for 111 CVEs covering Microsoft Windows, Microsoft Edge (EdgeHTML-based), ChakraCore, Internet Explorer, Microsoft Office, and Microsoft Office Services and Web Apps, Visual Studio, Microsoft Dynamics, .NET Framework, .NET Core, and Power BI. Of these 111 CVEs, 16 are rated Critical and 95 are rated Important in severity. Eleven of these CVEs were reported through the ZDI program. None of the bugs being patched are listed as being publicly known or under active attack at the time of release. That makes three months in a row that Microsoft has released patches for more than 110 CVEs. We’ll see if they maintain that pace throughout the year. Read more…

April 10th, 2020 | Tags:


us(user time)


sy(system time)


wa(waiting time)


id(idle time)


ni(nice time)


hi(hard irq time)


si(softirq time)


st(steal time)


Processor/% Processor Time

含义:表示处理器活动的主要指标。高数值并不一定是坏事,但是如果其他处理器相关的计数器(比如% Privileged Time 或者 Processor Queue Length)线性增加的话,高CPU使用率就值得调查了。

Processor/% Privileged Time


Processor/% Interrupt Time


System/Processor Queue Length


System/Context Switches/sec

阀值:按照通常的规律,Context switching速率小于5000/秒/CPU是不需要担心的。如果Context Switching速率达到15000/秒/CPU的话就是一个制约因素了。
含义:当一个高优先级的线程取代一个正在运行的低优先级线程,或者高优先级线程阻塞的时候就会发生Context Switching。大量的Context Switching可以发生在许多线程拥有相同的优先级的情况下,这通常表示有太多的线程竞争CPU,如果你没有看到太高的处理器使用率而且发现Context Switch非常低,那么表示线程被阻塞。

February 10th, 2020 | Tags:

Logon Types are logged in the Logon Type field of logon events (event IDs 528 and 540 for successful logons, and 529-537 and 539 for failed logons). Windows supports the following logon types and associated logon type values:Logon Types are logged in the Logon Type field of logon events (event IDs 528 and 540 for successful logons, and 529-537 and 539 for failed logons). Windows supports the following logon types and associated logon type values:Logon Types are logged in the Logon Type field of logon events (event IDs 528 and 540 for successful logons, and 529-537 and 539 for failed logons). Windows supports the following logon types and associated logon type values:

  • 1: Interactive logon—This is used for a logon at the console of a computer. A type 2 logon is logged when you attempt to log on at a Windows computer’s local keyboard and screen.
  • 2: Network logon—This logon occurs when you access remote file shares or printers. Also, most logons to Internet Information Services (IIS) are classified as network logons, other than IIS logons that use the basic authentication protocol (those are logged as logon type 8).
  • 3: Batch logon—This is used for scheduled tasks. When the Windows Scheduler service starts a scheduled task, it first creates a new logon session for the task, so that it can run in the security context of the account that was specified when the task was created.
  • 4: Service logon—This is used for services and service accounts that log on to start a service. When a service starts, Windows first creates a logon session for the user account that is specified in the service configuration.
  • 5: Unlock—This is used whenever you unlock your Windows machine.
  • 6: Network clear text logon—This is used when you log on over a network and the password is sent in clear text. This happens, for example, when you use basic authentication to authenticate to an IIS server.
  • 7: New credentials-based logon—This is used when you run an application using the RunAs command and specify the /netonly switch. When you start a program with RunAs using /netonly, the program starts in a new logon session that has the same local identity (this is the identity of the user you are currently logged on with), but uses different credentials (the ones specified in the runas command) for other network connections. Without /netonly, Windows runs the program on the local computer and on the network as the user specified in the runas command, and logs the logon event with type 2.
  • 8: Remote Interactive logon—This is used for RDP-based applications like Terminal Services, Remote Desktop or Remote Assistance.
  • 9: Cached Interactive logon—This is logged when users log on using cached credentials, which basically means that in the absence of a domain controller, you can still log on to your local machine using your domain credentials. Windows supports logon using cached credentials to ease the life of mobile users and users who are often disconnected.


December 25th, 2019 | Tags:
function Get-LastLogon {
        [Parameter(ValueFromPipeline = $true)]
        [String]$ComputerName = $env:COMPUTERNAME

    process {
        Get-WmiObject Win32_UserProfile -ComputerName $ComputerName -Filter "Special='FALSE'" | ForEach-Object {    
            # Attempt to get the UserAccount using WMI
            $userAccount = Get-WmiObject Win32_UserAccount -Filter "SID='$($_.SID)'" -ComputerName $ComputerName

            # To satisfy WMI all single \ in a path must be escaped.
            # Prefer to use NTUser.dat for last modification
            $path = (Join-Path $_.LocalPath 'ntuser.dat') -replace '\\', '\\'
            $cimObject = Get-WmiObject CIM_DataFile -Filter "Name='$path'" -ComputerName $ComputerName
            if ($null -eq $cimObject) {
                # Fall back to the directory
                $path = $_.LocalPath -replace '\\', '\\'
                $cimObject = Get-WmiObject CIM_Directory -Filter "Name='$path'" -ComputerName $ComputerName
            $lastModified = $null
            if ($null -ne $cimObject) {
                $lastModified = [System.Management.ManagementDateTimeConverter]::ToDateTime($cimObject.LastModified)
            # See if LastUseTime is more useful.
            $lastUsed = $null
            if ($null -ne $_.LastUseTime) {
                $lastUsed = [System.Management.ManagementDateTimeConverter]::ToDateTime($_.LastUseTime)

            # Profile type
            $profileType = switch ($_.Status) {
                1 { "Temporary" }
                2 { "Roaming" }
                4 { "Mandatory" }
                8 { "Corrupted" }
                0 { "LOCAL" }

                ComputerName = $ComputerName
                Username     = $userAccount.Caption
                LastChanged  = $lastModified
                LastUsed     = $lastUsed
                SID          = $_.SID
                Path         = $_.LocalPath
                ProfileType  = $profileType

$myDomain = Get-Content C:\temp\Domain.txt
Get-Content C:\temp\Computers1.txt | ForEach-Object {
    $ComputerName = $_ + $myDomain 
    if (Test-Connection $ComputerName -Quiet -Count 3) {
        Get-LastLogon -ComputerName $ComputerName | Select-Object *, @{Name='Status';Expression={ 'OK' }} |
            Where-Object { $_.LastChanged -lt (Get-Date).AddDays(-30) }
    } else {
        # Normalise the output so we don't lose columns in the export
        $ComputerName | Select-Object @{Name='ComputerName';e={ $ComputerName }},
            Username, LastChanged, LastUsed, SID, Path, ProfileType, @{Name='Status';Expression={ 'PING FAILED' }}
} | Export-Csv 'C:\temp\Profiles.csv' -NoTypeInformation
December 21st, 2019 | Tags:

We will use Group Policy Preferences to set password on local user account

  • Click Start – All programs – Administrative Tools – Group Policy Management.
  • Create or Edit Group Policy Objects.
  • Expand Computer Configuration – Preferences – Control Panel Settings.
  • Right-click Local Users and Groups – New – Local User.
  • Ensure the Action is Update and enter the new password.
  • If this is a one-time change (not permanent):
    • Go to the Common tab and check the box for “Apply once and do not reapply“.
  • If the change should be permanent: The defaults are correct.

Here is an image of what the policy should look like before applying it:


Note: By default, all Group Policy updates are applied on a 90-minute timer. To apply the update instantly, run a gpupdate /force on the machine to be affected.

Action选择Update,User Name选择Administrator(built-in),输入密码以及确认密码(当密码输入框为灰色时是由于http://support.microsoft.com/kb/2962486 该微软安全补丁导致,卸载该补丁后OK!)

If you want to change this 90-minute policy refresh time for all machines:

  • Expand Computer Configuration – Administrative Templates –System – Group policy
  • Enable Group policy refresh interval for computers and set any time you want (Recommended 5 – 10 min)


Note: There has been a Common Vulnerability and Exposure number CVE-2014-1812   released for this feature.

With that in mind Microsoft has released a fix, to PREVENT the use of passwords within Group Policy Preferences.


This article was originally posted at  http://mabdelhamid.wordpress.com/2011/09/12/how-to-change-local-administrator-password-with-group-policy/ 












  1. 推广产品赚佣金:建购物群或发朋友圈分享产品,别人通过你的产品口令买,佣金全部归你。
  2. 推广注册躺赚:像我一样,让别人用自己的海报或者邀请码下载注册花生日记。她买东西佣金全归他,但你作为上级,平台另外奖励你20%。扫描下方图片二维码下载微信登录即可。
  3. 运营商:相当于公司合伙人,参与公司利润分配,下面的代理无论发展多少级别,你都有佣金奖励。
  4. 超级会员佣金分成:自购商品赚100%佣金,直属下级购买,你拿20%佣金提点,再往下,直属会员推荐的会员出单,这个会员拿100%,你的直属会员拿20%,你没有。简单来说就是超级会员只能拿直属会员佣金的20%



  1. 享受优惠券
  2. 享受自购和直线消费者购买的100%佣金
  3. 享受直线代理32%的佣金奖励
  4. 享受直线代理以外整个团队22%的佣金奖励
October 22nd, 2019 | Tags:

No matter whether you use Windows 7, Windows 10 or Windows 8.1, you may want to login without entering a password, while keeping your existing user account password. You may have a long password, and you are using a PC where only you have access. If this is what you want, then you are in luck. With the help of a hidden Windows app named netplwiz, you can set Windows to automatically log you in, without typing the password, each time you start your PC. Here is how it is done: Read more…

October 17th, 2019 | Tags:

Shared Nothing Live Migration requirements:

  1. Migration is possible between the servers running the following OSs: Windows Server 2012 R2 or Windows Server 2016
  2. Virtual machine version has to be 5 or higher
  3. Both computers must be located in the same Active Directory domain or in trusted domains
  4. A user performing the configuration must have Hyper-V administrator privileges. While configuring Kerberos constrained delegation, a user must have the domain administrator privileges (or server account privileges)

Read more…

October 17th, 2019 | Tags:

In this article, we’ll look on licensing features of the Windows Server 2019, 2016 and 2012 R2 operating systems from the point of view of new Microsoft licensing model. Also, we’ll tell about the rules and licensing procedures when using Windows Server as a guest OS in a virtual machines, including the HA clusters with the ability to migrate virtual machines between hypervisors (VMWare VMotion, Hyper-V Live Migration, etc). Read more…