Windows Machine Administration
September 9, 2019

Windows Machine Administration

A collection of how-tos related to the administration and monitoring of Microsoft Windows machines. Note: much of this is not original content, but for my own reference. Links are provided to the sources.

Win+R Quick Reference

Command Opens
control panel Control Panel!
cmd + SHIFT + CTRL + ENTER Command Prompt in administrative mode
SystemPropertiesComputerName System Properties / Computer Name
SystemPropertiesHardware System Properties / Hardware
SystemPropertiesProtection System Properties / Protection
SystemPropertiesRemote System Properties / Remote

From the Command Line

Enable Administrator Account

net user administrator /active:yes

Manage User Passwords

net user username newpassword

Recover Lost Password

Method 1:

One method that works up until build 1903:

  1. Load the recovery and troubleshooting environment, e.g. by clicking on "Repair your computer" during Windows Setup if you boot from Windows installation media.
  2. Select Troubleshoot > Command Prompt.
  3. Switch to the drive letter that Windows is installed on and there in the system32 directory, e.g. cd c:\windows\system32
  4. Type rename utilman.exe utilman.bak.
  5. Type copy cmd.exe utilman.exe.
  6. Restart the computer and boot from the Window installation this time.
  7. If you run Windows 10 version 1803 or earlier, click on the Ease of Access button to open a command prompt window.
  8. If you run Windows 10 version 1809 or later, do the following first:
    1. Hold Shift-key on the keyboard and click on the Power button to select Restart.
    2. After the Restart, hold down the Shift-key again and select Restart from the Power menu again to boot into startup repair.
    3. Select Troubleshoot > Advanced Options > Startup Settings > Restart
    4. When the Startup Settings screen appears after the Restart, select 8) Disable early launch anti-malware protection.
  9. Click on the Ease of Access button on the next start on the login screen to open the command prompt window.
  10. Type net user to display the names of all user accounts.
  11. Use the command net user [username] [password] to change the password of the account, e.g. net user martin qwerty123456 to change the password of the user martin to qwerty123456.

Method 2: Create a New User to Save Account Files

  1. Boot into windows setup (via USB stick)
  2. Once the setup begins, hit Shift+F10 to bring up a command prompt
  3. move d:\windows\system32\utilman.exe d:\windows\system32\utilman.exe.bak
    copy d:\windows\system32\cmd.exe d:\windows\system32\utilman.exe
  4. wpeutil reboot
  5. At the login screen, click the Utility Manager
  6. net user  /add
    net localgroup administrators  /add
  7. Reboot, and you should see your new user in the login screen
  8. Log in and use computer management to reset the password of the other account

Alternatively, use a utility:

Tips

Run something as an administrator

win + <command> and press ctrl + shift + enter

Get into safe mode

From the Login screen:

  1. On the Windows sign-in screen, press and hold the Shift key while you select the Power  > Restart
  2. After your PC restarts to the Choose an option screen, select Troubleshoot > Advanced options > Startup Settings > Restart

From Settings:

  1. Go to Settings > Update & Security  > Recovery
  2. Under Advanced startup, select Restart now
  3. After reboot, select Troubleshoot > Advanced options > Startup Settings > Restart

Reactivate the F8 key (and bring back the boot menu):

bcdedit /set {default} bootmenupolicy legacy

To return to the "normal" startup, run:

bcdedit /set {default} bootmenupolicy standard

Windows hangs? Telemetry might be the cuplrit!

(1) Disable CompatTelRunner.exe

Task Manager → CompatTelRunner.exe → End Task

Task Scheduler → Microsoft → Windows → Application Experience → right click on each task for: DISABLE

(2) Other things to try:

sc delete DiagTrack
sc delete dmwappushservice
echo "" > C:\\ProgramData\\Microsoft\\Diagnosis\\ETLLogs\\AutoLogger\\AutoLogger-Diagtrack-Listener.etl
reg add "HKLM\\SOFTWARE\\Policies\\Microsoft\\Windows\\DataCollection" /v AllowTelemetry /t REG_DWORD /d 0 /f

Here is a more complete guide.

There is also a tool to do the above (and more), I cannot vouch for it though!

References:

Your CPU usage just shot up? Could be WinSAT!

To see what's using up your resources open up the Windows Task Manager. Go to the Tasks pane and order the rows by CPU. If you see winsat.exe near the top, then it is probably the culprit.

WinSAT (Windows System Assessment Tool) is scheduled to run once a week and when it does, it measures your PC-s performance and possibly takes action to try and mitigate any slow-downs. Such an action might be dumbing down your visuals (for example window transparency). Of course, if you haven't changed your hardware, it really isn't necessary to run this once every week. So just disable it!

  1. Open Task Scheduler
  2. Find Microsoft\Windows\Maintenance
  3. Right click “WinSAT” and choose “Disable”

Use Robocopy to Copy Files & Retain File Permissions

robocopy source destination /E /ZB /DCOPY:T /COPYALL /R:1 /W:1 /MT:5 /V /TEE /LOG:Robocopy.log

Here's what the switches mean:

source :: Source Directory (drive:\path or \\server\share\path).
destination :: Destination Dir  (drive:\path or \\server\share\path).
/E :: copy subdirectories, including Empty ones.
/ZB :: use restartable mode; if access denied use Backup mode.
/DCOPY:T :: COPY Directory Timestamps.
/COPYALL :: COPY ALL file info (equivalent to /COPY:DATSOU).  Copies the Data, Attributes, Timestamps, Ownser, Permissions and Auditing info
/R:n :: number of Retries on failed copies: default is 1 million but I set this to only retry once.
/W:n :: Wait time between retries: default is 30 seconds but I set this to 1 second.
/MT:5 if you have downtime scheduled for this, tack on /MT:<number-of-threads> to make the transfer much faster
/V :: produce Verbose output, showing skipped files.
/TEE :: output to console window, as well as the log file.
/LOG:file :: output status to LOG file (overwrite existing log).
 
Move shared folders and retain file and share permissions with robocopy
I have a project coming up where I need to move all the shared files (stored in ONE directory, and within that LOTS of directories inside that with files, etc...) to a new se...
robocopy
Reference article for the robocopy command, which copies file data from one location to another.
Windows Machine Administration
Share this