Get access to Redirected Folders

Ref: https://blogs.msmvps.com/bradley/2010/02/28/getting-access-to-the-my-documents-redirected-folders/

This post is a copy of the article referenced above.  Just read that if the link is still good.  Otherwise I include it here because it is so useful, and things disappear on the web.

Download pstools (part of the sysinternals package).

I suggest you create c:\sysinternals, unzip it there, and add that to your path.

Copy the below to a script named ChangePermissions.ps1.  

Change the two highlighted lines to suit your environment.

#ChangePermissions.ps1
# CACLS rights are usually
# F = FullControl
# C = Change
# R = Readonly
# W = Write

$StartingDir= "E:\Users\shares"

$Principal="INSERT_DOMAIN_NAME\ADMIN_USERNAME"

$Permission="F"

$Verify=Read-Host `n "You are about to change permissions on all" `
"files starting at"$StartingDir.ToUpper() `n "for security"`
"principal"$Principal.ToUpper() `
"with new right of"$Permission.ToUpper()"."`n `
"Do you want to continue? [Y,N]"

if ($Verify -eq "Y") {

foreach ($file in $(Get-ChildItem $StartingDir -recurse)) {
#display filename and old permissions
write-Host -foregroundcolor Yellow $file.FullName
#uncomment if you want to see old permissions
#CACLS $file.FullName

#ADD new permission with CACLS
CACLS $file.FullName /E /P "${Principal}:${Permission}" >$NULL

#display new permissions
Write-Host -foregroundcolor Green "New Permissions"
CACLS $file.FullName
}
}

 Run the script from an elevated cmd prompt with this command:

    psexec -s -i powershell -noexit "& 'C:\Path\To\ChangePermissions.ps1'"

It will recursively grant you access to everything in that path.

Powershell and Visual Basic logon scripts to map drives

On Error Resume Next 
' Ref: https://community.spiceworks.com/topic/1945685-gpo-drive-mapping-not-mapped-on-login-but-mapped-on-gpupdate

Set objSysInfo = CreateObject("ADSystemInfo")
strUserDN = objSysInfo.UserName
Set objUser = GetObject("LDAP://" & strUserDN)
Set objNetwork = CreateObject("Wscript.Network")
Set objShell = CreateObject("WScript.Shell")
Set FSO = CreateObject("Scripting.FileSystemObject")

'Map network share by group
arrGroups = objUser.GetEx("memberOf")
   For Each strGroup in arrGroups
        Set objGroup = GetObject("LDAP://" & strGroup)
        strGroupName = objGroup.CN

        Select Case strGroupName
 
        Case "N_share"
            objNetwork.MapNetworkDrive "Z:", "\\server\Network_share"

        'Case "Teachers"
            'objNetwork.MapNetworkDrive "K:", "\\fileserver\teachers$"

        End Select
Next



'Label the Network drives
Set WshNet = WScript.CreateObject("WScript.Network")
 Set oShell = CreateObject("Shell.Application")
 
Set nDrives = WshNet.EnumNetworkDrives
 
For i = 0 To nDrives.Count - 1 step 2
 path = nDrives.Item(i+1)
 drive = ndrives.Item(i)
 if drive <> "" then
 folders = Split(path,"\")
 foldername = folders(ubound(folders))
 oShell.NameSpace(drive & "\").Self.Name = foldername
 end if
 next
 
Set WshNet = Nothing
 Set oDrives = Nothing
 Set oShell = Nothing

Enable RDP, Ping, File sharing, remote registry and allow it through firewall from cmd line

REM
REM ENABLE RDP
REM
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f
netsh advfirewall firewall set rule group="remote desktop" new enable=yes

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-TCP" /v UserAuthentication /t REG_DWORD /d "0" /f  

REM
REM SET REMOTEREGISTRY SERVICE TO AUTO START AND START IT
REM
sc config remoteregistry start=auto
wmic service where "name = 'remoteregistry'" call startservice

REM install Telnet client
dism /online /Enable-Feature /FeatureName:TelnetClient

REM install WMIC (not installed by default on Windows 11)

DISM /Online /Add-Capability /CapabilityName:WMIC

REM

REM set sysadmin password to not expire.

wmic useraccount where name="sysadmin" set passwordexpires=false

REM
REM ENABLE FIREWALL
REM
netsh Advfirewall set allprofiles state on

REM
REM ENABLE FILE SHARING
REM
netsh advfirewall firewall set rule group="File and Printer Sharing" new enable=Yes
netsh advfirewall firewall set rule group="Network Discovery" new enable=Yes

REM
REM ENABLE ICMP PING REPLY
REM
netsh advfirewall firewall add rule name="ICMP Allow incoming V4 echo request" protocol=icmpv4:8,any dir=in action=allow

REM Disable 'Fast Boot'
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Power" /v HiberbootEnabled /t REG_DWORD /d 0 /f

Install any program or even a script to run as a service

There are a few ways to create your own service processes in Windows.  NSSM does it the best.

Henry's Post Tester

Henry's Post Tester is a service for developers testing clients that POST and GET things over HTTP. 

http://ptsv2.com/

 

 

Interesting sites

This site has link after link to miscellaneous interesting sites on the web.  If you're asking yourself, How can I waste more of my time?, look no further.

https://stumbled.cc/stumble

Windows Update Stop!

The people at novirusthanks.org made a free product called WinUpdateStop.  It is an active service that persistently prevents Windows updates from happening.  Yes, you could disable Windows services and do registry things, but this is a more active approach.  And it has a nice interface allowing you to easily enable or disable updates.

The software was free up until March of 2021 with version 1.4.  As of version 1.5 it is a paid product requiring an annual subscription.  Out of respect to the work of the authors I won't provide a link to v1.4, but I'm happy I always keep copies my downloads.

https://www.winupdatestop.com/

Do check out the novirusthanks.org web site.  They have dozens of interesting utility programs and services, some security related and some not.