Category Archives: Operating Systems

How to Disable Automatic Updates on Windows Server

Motivation:

You have a server with Windows Server 2016. The server Windows updates are being downloaded and installed automatically. This may affect your customers’ usage. You want to disable it so that you can install Windows updates when you find most appropriate.

Solution:
  1. Open Command Prompt (Admin).
  2. Type sconfig and press Enter.
  3. Press 5 (Windows Update Settings:), then press Enter.
  4. Press D (to select DownloadOnly option), then press Enter.
  5. Click OK button.
  6. Press 13 (Restart Server), then press Enter.
  7. Click Yes button to restart your server.

To disable automatic reboots in inactive hours, you can try the steps below.

1. Click Start and type Task Scheduler.
2. Expand Task Scheduler Library >> Microsoft >> Windows .
3. Click  UpdateOchestrator.
4. Right-click on Reboot and select Disable.

 

How to Set File Permissions for ASP.NET Website on Windows

Problem:

  • You have ASP.NET website on Windows.
  • Your website application pool name is mysite.com.
  • Your website physical location is D:\inetpub\wwwroot\mysite.com.
  • Your website physical data location is D:\mysite_data.
  • Your website users cannot upload or modify website files.
  • Your website users cannot upload or modify website data files.

Solution:

1. Open cmd.exe as Administrator and execute the command below.

icacls "D:\inetpub\wwwroot\mysite.com" /grant "IIS AppPool\mysite.com":(OI)(CI)F /T
icacls "D:\mysite_data" /grant "IIS AppPool\mysite.com":(OI)(CI)F /T

This command give full permissions against D:\inetpub\wwwroot\mysite.com  and all sub-directories and files, and against D:\mysite_data  and all sub-directories and files to mysite.com user.

2. Alternatively you can execute the command below.

icacls "D:\inetpub\wwwroot\mysite.com" /grant IIS_IUSRS:F /t
icacls "D:\mysite_data" /grant IIS_IUSRS:F /t

This command give full permissions against D:\inetpub\wwwroot\mysite.com  and all sub-directories and files, and against D:\mysite_data  and all sub-directories and files to IIS_IUSRS group.

mysite.com user is part of the IIS_IUSRS group.

 

How to Restart a Windows Server in a Domain Remotely

Problem:

You need to restart a Windows server in a domain remotely because it seems to be stuck and you cannot remotely connect to it via RDP.

Solution:

1. Open cmd.exe and execute 2 commands below.

ping server_name
shutdown /r /m \\server_name /t 0/

2. You may get the error below.

server_name: A system shutdown is in progress.(1115)

3. Download and extract PSTools.

4. Open cmd.exe and execute 3 commands below.

cd C:\Users\admin\Downloads\PSTools
pskill \\server_name winlogon
pskill \\server_name TrustedInstaller

 

How to Set File Permissions for WordPress on Ubuntu

Motivation:

  • You have a WordPress instance on Ubuntu Nginx.
  • You want to ensure that only the Nginx process can access WordPress files.

Procedure:

  1. View current file owner and group:
ls -l /var/html

The root folder should be owned by www-data user. www-data is the user that web servers like Apache and Nginx on Ubuntu use by default for their normal operation.

2. Change file owner and group to www-data if necessary:

sudo chown -R www-data:www-data /var/html

3. Set minimum permissions for folders:

cd /var/html
sudo find . -type d -exec chmod 755 {} \; # directory permissions rwxr-xr-x

4. Set minimum permissions for files:

cd /var/html
sudo find . -type f -exec chmod 644 {} \; # file permissions rw-r--r--

5. Verify the changes:

ls -l /var/html

How to Fix Firefox No Sound Issue

Problem:

Your Firefox suddenly does not play any sounds.

You have tried uninstalling and reinstalling it but the problem still persists.

Quick Solution:

  1. Go to Windows Settings > Sound > Advanced Sound Options .
  2. Make sure Firefox is not muted or set to low volume.

Advanced Solution:

  1. Create a Firefox account and synchronize (make a backup of) your current settings.
  2. Uninstall Firefox using Windows Apps and features.
  3. Go to %APPDATA%\Mozilla and delete Firefox folder.
  4. Open regedit.exe, search for Firefox, and delete all the keys and values that can be found. This process will take some time. Just ignore any errors that may occur when some keys or values cannot be deleted.
  5. Restart your computer.
  6. Download Firefox offline installer.
  7. Install Firefox.
  8. Log in your Firefox account and restore your settings.

 

 

How to Determine all Ports Opened by a Program in Windows

Motivation:

You want to ensure that your server is not compromised by a program.

Solution:

1. Open cmd.exe and execute commands below. Note the program file name and one of its ports that you want to investigate further.

netstat -a -b

2. Execute the command below. Note the PID associated with the port that you are interested in.

netstat -ano -p tcp

3. Execute commands below. “1544” is the PID that you are interested in.

netstat -ano -p tcp |find "1544"

4. Open https://mxtoolbox.com/TCPLookup.aspx, and enter [your external IP:port], and click TCP Lookup button to check if a port is open from your server.

5. Go to your Firewall and block the port if it should not be open to the Internet.

How to Fix Windows Updates Issue

Problem:

You were applying Windows updates to a Windows server and got an error with code 0x8007000d or 0x80073701. You tried restarting your server several times but it seemed that the problem still persisted.

0x80073701 = ERROR_SXS_ASSEMBLY_MISSING which means there are some system files are missing, which caused the update installation failure.

Solution:

1. Restart your server.

2. Open Command Prompt (Admin).

3. Execute the commands below.

net stop wuauserv
net stop bits
:: Removes all files from the directory
del /q C:\Windows\SoftwareDistribution\*
:: Recursively removes all nested directories
for /d %x in (C:\Windows\SoftwareDistribution\*) do @rd /s /q "%x"
net start bits
net start wuauserv
control update

4. Close the Command Prompt (Admin).

5. Install Windows updates.

6. Click Retry button if you encounter an error.

 

How to Remove Automatic Block from Downloaded Files

Problem:

After you download a file, you open its Properties and find that it is automatically marked with “This file came from another computer and might be blocked to help protect this computer.” warning and you have to unblock the file manually by selecting the “Unblock” check box.

Solution:

1. Open Group Policy Editor (gpedit.msc) as Administrator.

2. Go to User Configuration > Administrative Templates > Windows Components > Attachments Manager.

3. Enable Do not preserve zone information in file attachments option.

What is zone information?

Zone information is the information about the zone of origin (such as restricted, Internet, intranet, local) of downloaded files.

By default Windows marks downloaded files with information about their zone of origin (such as restricted, Internet, intranet, local) to make risk assessments in order to warn users when they open or execute files which are marked as being from the Internet or Restricted Sites zone, unless the file’s zone information has been removed.

 

How to Block Your Child from Certain Websites

Motivation:

You have a child and do not want him to be able to install games from Microsoft Store or play online games on certain websites or run a specific program.

Solution:

I. Prevent your child from installing games Microsoft Store.
This method only applies to Windows 10 Enterprise and Windows 10 Education.

  1. Type gpedit in the search bar to find and start Group Policy Editor.
  2. In the console tree of the snap-in, click Computer Configuration, click Administrative Templates, click Windows Components, and then click Store.
  3. In the Setting pane, click Turn off the Store application, and then click Edit policy setting.
  4. On the Turn off the Store application setting page, click Enabled, and then click OK.

Note: Enabling Turn off the Store application policy turns off app updates from Microsoft Store.

Source: https://docs.microsoft.com/en-us/windows/configuration/stop-employees-from-using-microsoft-store

II. Block all websites except some websites using one of the software below.

  1. Surfblocker.

III. Block certain websites in your modem settings in order to prevent your child from playing online games on these websites.

If you are using FTP GPON Modem then you can

  1. Click on the Access tab on the top,
  2. Click on the Filter tab on the left,
  3. Select URL Filter as Filter Type Selection,
  4. Select 1 as URL Index,
  5. Enter URL (host) (e.g. bluestacks.com or roblox.com),
  6. Select Enabled as Individual active,
  7. Click on the Save button.
  8. Repeat the procedure for other hosts with other URL Indexes (i.e. 2, 3, 4, etc.).

    IV. Block all Windows users from running certain programs.

    1. Type gpedit.msc in search box, then press Enter.
    2. Expand User Configuration > Administrative Templates, then select System.
    3. Double click the policy Don’t run specified Windows applications.
    4. Set the policy to Enabled, then select Show.
    5. Add the programs you would like to prevent the user from running to the List of disallowed applications. Use the name of the application launching file such as chrome.exe.
    6. Restart your computer.