There may come a time when you want to turn off Windows firewall and ensure that it doesn’t come back on. Windows appears to do this randomly (I’m sure there is a reason). To ensure that it is disabled, you can use Group Policy when on a domain. However, when you are off the domain, you need to do it locally. Using GPEDIT.MSC, you can do this on a machine.
Open up GPEDIT.MSC and browse to Computer Configuration\Administrative Templates\Network\Network Connections\Windows Firewall. In there, you will see several profiles. Under each profile, change the “Windows Firewall: Protect all network connections” to disabled. This will effectively disable the Windows Firewall and not allow anyone/anything to turn it back on. You should repeat this for all profiles that it makes sense on.
I was presented with a question from a user the other day. They needed to be able to use Adobe Flash on a Windows 2012 R2 server while using Internet Explorer. Apparently, they have regular users logging into the server to grab information from the web server application it was running. Aside from the blatant security issues of using Flash in IE and why they don’t access it remotely via HTTP, I don’t know, but I will be looking into it. So I started looking into installing Flash. The installer that they had downloaded, presumably from their machine, told me “Your Microsoft Internet Explorer browser includes the latest version of the Adobe Flash Player built-in.” Well, I went to the Adobe Flash test page, and it didn’t load Flash. So where was it? Well, after some digging, I finally discovered that while IE 11 does indeed contain Adobe Flash, it does not contain it on Windows Server 2012 unless you install the Desktop Experience. I only found one other webpage that appeared to mention this, so I thought I would help spread the word. If you need Adobe Flash on Server 2012, make sure you install the Desktop Experience feature. Keep in mind however that it will require not one, but two reboots. After you install the feature and reboot, it will apply settings at bootup, then reboot again.
There are times when I need a Windows program that performs an outside function to simply access a website with a particularly formed URL. Many times, these programs do not have an option to “touch” a URL. By touch, I am referencing the touch command in Linux which creates an empty file. Sometimes I need to touch something like http://www.somewebsite.com/folder/update.php?q=Update. I could use wget for Windows, but why do that when I could use a built-in function of Windows. I wrote a VB Script that simply “gets” a URL and exits.
' httptouch.vbs
' Created by Jason C. Greb
' http://www.grebfamily.us/electronerdz.com/
Set Args = WScript.Arguments
URL = Args(0) ' Read argument (must be in quotes)
Set oHTTP = CreateObject("MSXML2.XMLHTTP")
oHTTP.Open "GET", URL, False
oHTTP.Send() ' Send to the server
'Wscript.Echo oHTTP.Status ' Output the status if you'd like
Set oHTTP = Nothing
This script takes an argument after it, in quotes, and accesses that URL, then quits. You can add it to your program that runs an external program and put the argument after it. Keep in mind that you may need to reference the cscript.exe file (usually in system32) then the script, then the argument.
From time to time in a corporate network a user may lock out their account accidentally. In the corporate network that I am involved in there are generic accounts (unfortunately with dead simple passwords) that occasionally get locked. Since this is a 24/7 operation, it can happen in the middle of the night (in fact, more common at night). So to ease this a bit, and be proactive, I decided to find a way to get an alert every time an account gets locked. I of course, just used Windows easy to use built in feature. Oh wait, Windows doesn’t have that… Read on for how I did this…