Category Archives: Operating Systems

Operating Systems

How to Install a Clean Windows

Leave a comment

Motivation:

Most of Windows machines are delivered with a limited Windows version and unnecessary preinstalled software.

You want to format the hard drive and install a fresh Windows that can be booted from UEFI secure boot to improve machine performance and stability.

Prerequisites:

You need to have a 8Gb USB stick and an ISO file of Windows 10, version 21H2 or Windows 11, version 23H2.

Solution:

Step 1: Backup your machine and create an USB recovery by entering “Create a recovery drive” text to the search box on the task bar and follow the instructions.

Step 2: Create a bootable USB with Windows installation files.

2.A. If you plan to install Windows 11 then you can use Windows 11 Installation Assistant to create a bootable USB (click Download Now link below Create Windows 11 Installation Media section).

2.B. If you plan to install Windows 10 then you can use the commands below to create a bootable USB.

  • Right click Windows logo, click Command Prompt (Admin).
  • Enter diskpart.exe, press Enter. 
    DISKPART> list disk
DISKPART> select disk 1 -- the USB disk should be selected, the number may be different in your machine.
DISKPART> clean
DISKPART> create partition primary size=1024
DISKPART> select partition 1
DISKPART> active
DISKPART> format quick fs=fat32
DISKPART> assign
DISKPART> create partition primary
DISKPART> select partition 2
DISKPART> format quick fs=ntfs
DISKPART> assign
DISKPART> exit
  • Double click on the Windows ISO file to create a virtual drive. 
    xcopy f:\sources\boot.wim d:\sources\ /s /e

where 
f: the virtual drive and 
d: the USB fat32 partition.
We copy only the f:\sources\boot.wim file to d:\sources\.

robocopy f:\ d:\ /IS /S /XD sources

where 

f: the virtual drive and 
d: the USB fat32 partition.
We copy everything from f:\ to d:\ except the sources folder.

xcopy f:* e:\ /s /e 

where 
f: the virtual drive and 
e: the USB ntfs partition.

Step 3: Boot your laptop using the USB.

  1. Plug the USB to a machine.
  2. For a Dell laptop, power on the machine, press F12 until a one-time boot up menu appears. Select the option to boot the machine from the USB. (You may need to access BIOS to select the UEFI option for Boot Sequence, and select the AHCI option for SATA operation).
  3. For a Sony VAIO laptop, power off the machine, then press the Assist button to enter VAIOCare. Select the option to boot the machine from the USB. (You may need to access BIOS to enable the option to boot the machine from an USB).
  4. For a ThinkPad laptop, power on the machine, press F12 until a one-time boot up menu appears. Select the option to boot the machine from the USB. Alternatively go to Settings > Update & Security > Recovery, click the Restart now button under the Advanced setup section and follow the instructions to boot the machine from a USB.

Step 4: Install Windows.

  1. If your laptop is NOT officially supported by Windows 11, then on the first screen asking you to choose the language of your install, press Shift + F10 or Fn + Shift + F10 to open Command Prompt. Then type regedit and press Enter. Then locate HKEY_LOCAL_MACHINE\SYSTEM\Setup key. Then create a new LabConfig key. Then click on LabConfig key, and create 3 DWORD (32-bit) Values named BypassTPMCheck, BypassSecureBootCheck and BypassRAMCheck and set each to 1. Then close regedit and the Command Prompt, and continue the setup process.
  2. Follow the instructions to install Windows.
  3. Set Windows partition size to 123748Mb for DellXPS if you want to have a 120Gb C drive, or 614516Mb for DellPrecision if you want to have 600Gb C drive, or 819815Mb for ThinkPad if you want to have a 800Gb C drive.
  4. You can delete all the partitions, including MRP (Microsoft Reserved Partition – this is just a reserved partition for Windows later use if needed), ESP (EFI System Partition – this is where UEFI firmware files are stored to boot Windows), WINRETOOLS (Windows Recovery Environment (WinRE) Tools – this is where files for repairing or recovering Windows are stored), and PBR image (this is where original the manufacture Windows installation file  are stored) because you already created an USB recovery in the Step 1.

Step 5: Configure Windows without the Internet.

  1. Press Shift + F10 or Fn + Shift + F10 to open Command Prompt.
  2. Type oobe\bypassnro.
  3. Press Enter.
  4. Setup will reboot your computer and after reboot, you will get  I don’t have Internet option and Continue with limited setup option to skip the Internet requirement.

Step 6: Configure Windows.

  1. Change Computer Name, turn off System Restore, enable Remote Desktop,
  2. Change Time Zone.
  3. Add Wireless LAN Service feature for Windows Server 2019.
  4. For a Dell laptop, install Dell Wireless 1820A 1830 WiFi Driver. Set battery charge threshold value to 50% in BIOS.
  5. Turn on Network discovery and file sharing by clicking on Network icon on the left side of Explorer.
  6. Activate Windows.
  7. Disable Hibernation (powercfg.exe /h off).
  8. Configure Power options (Hard disk >> Turn of hard disk after: 0, Wireless Adapter Settings >> Power Saving Mode: Maximum Performance, Sleep >> Sleep after: 0).
  9. Uninstall unnecessary applications.
  10. Use the manage-bde -status command to show BitLocker status (There is a space between bde and status). Use the manage-bde -off C: command to turn off BitLocker for the C drive.
  11. Turn on Automatic Logon.
  12. For a Dell laptop, go to Dell Support, scroll down and enter your Dell laptop service tag, click Search button, click Drivers & Downloads tab, expand Find drivers section, install Dell Command Update, and use it to check and install necessary drivers.
  13. For Windows Server 2019, install Chipset Device, Graphics, Audio, Ethernet, Bluetooth, Memory Card Reader, Dynamic Platform and Thermal Framework driver.
  14. For a ThinkPad laptop, install Lenovo Vantage. Set battery charge threshold value to 40% using Lenovo Vantage.

Step 7: Configure Windows for developer’s needs.

  1. Turn the following Windows features on: .NET 3.5, ASP.NET 4.8, Hyper-V, Internet Information Services, Telnet Client.
  2. Install Total Commander, Office 365 Offline, MS Project 2016, MS Visio 2016, MS SQL Server 2016, Visual Studio 2022, Adobe Acrobat Pro DC v15.8, Adobe Photoshop CC 2015, TortoiseSVN 1.14.6
  3. Install Remote Desktop Connection Manager, PuTTY 0.80, WinSCP 6.3.
  4. Create a VPN connection. Configure the VPN connnection.
  5. Prevent normal traffic from going through VPN: Go to Control Panel >> Network and Sharing Center >> Change adapter settings >> Right click VPN Connection >> Properties >> Select the Networking tab:
    – Disable Internet Protocol Version 6 (TCP/IPv6).
    – Select Internet Protocol Version 4 (TCP/IPv4) >> Properties >> Advanced >> IP Settings: Uncheck the Use default gateway on remote network option.
  6. Install Python 3.6.8, TensorFlow, Keras
    1. Install Firefox, MPC-HC.1.7.13. (Go to View >> Options >> Player and turn off all options under the History section. Go to View >> Options >> Playback and disable the Auto-zoom feature.)
    2. Configure secure protocols using IIS Crypto GUI (Select Best Practices, disable TLS 1.0, TLS 1.1, MD5, SHA).
    3. Install Hyper-V, create an external Virtual Switch for Internet access, set Scheduler Type to Core.
    4. Apply Windows updates to the machine.

    Information:

    The bypassnro.cmd which is in \Windows\System32\oobe folder, is a script which contains:

    @echo off
reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\OOBE /v BypassNRO /t REG_DWORD /d 1 /f
shutdown /r /t 0

     

    Operating Systems

    How to fix “An internal error has occurred” issue of Remote Desktop Connection

    Leave a comment

    Problem:

    You get “An internal error has occurred” error message when trying to connect to a remote machine using Remote Desktop Connection.

    Solution:

    1. Type Local Security Policy to the Windows Search box.

    2. Click Open link.

    3. Expand Local Policies > Security Options on the left panel.

    4.  Double click on System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing row on the right panel.

    5. Select Enabled, click Apply and click OK.

    6. Log in the remote machine.

    7. Apply all the Windows Updates to the remote machine.

    8. Revert the System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing setting back to Disabled.

    9. Log in the remote machine again.

     

    Operating Systems, Technologies

    How to add multiple IPs to an Amazon EC2 virtual machine

    Leave a comment
    Motivation:

    You have a Server 2008 R2 machine on Amazon EC2.

    You want to secure multiple domains using different  SSL/TLS certificates.

    Server 2008 R2 does not support Server Name Indication (SNI). Therefore you need to add multiple IPs to Server 2008 R2 machine to use different SSL/TLS certificates.

    Solution:
    1. Create an EC2 virtual machine.
    2. Click on Network Interfaces tab.
    3. Click Create Network Interface button or select an existing network interface and select Actions > Attach.
    4. Click on a network interface ID, click Actions, click Manage IP Addresses, click on the network interface name (beginning with eth…), click the Assign new IP Address button, enter a private IP Address (e.g. 172.30.0.32), click the Save button, click the Confirm button.
    5. Click Elastic IPs tab, click the Allocate Elastic IP address button, click the Allocate button, optionally name the new allocated IP.
    6. Select the new allocated IP, click on Actions , click Associate Address, choose Network interface, then choose a private IP of the network interface with which the elastic IP will be associated, click the Associate button.
    7. Login Windows.
    8. View the network configuration using below command, note the Default Gateway and DNS Servers information.
    ipconfig /all

    9. Open Control Panel\All Control Panel Items\Network and Sharing Center.

    10. Click Change adapter settings link, click a Local Area Network Connection Network.

    11. Manually enter one IP address, Default Gateway and DNS Servers information.

    12. Click Advance… button to open Advanced TCP/IP Settings screen, and add the private IPs in the 4th step to the machine.

    13. Restart the machine.

    If you get any issue then try limit the number of private IPs of a network interface to 4 (including the default private IP).

    Operating Systems, Web Application Development

    How to move a WordPress instance from one server to another Linux server

    Leave a comment
    Motivation:

    You want to move a WordPress instance from one server to another to consolidate your websites to reduce cost.

    Solution:

    Install and use below Duplicator plugin to achieve your goal.

    https://wordpress.org/plugins/duplicator/

    User guide: https://snapcreek.com/duplicator/docs/quick-start/

    If everything goes well for you then congratulation!

    Otherwise, please review below possible problems and corresponding solutions.

    Problem 1:

    You don’t have a website on the new server.

    Solution 1:

    1. Create a new virtual host in the /etc/httpd/conf/httpd.conf

    <VirtualHost *:80>
ServerName example.com
ServerAlias www.example.com
DocumentRoot "/var/www/www.example.com"
</VirtualHost>

    2. Set 775 permission for /var/www/www.example.com

    3. Restart httpd service

    sudo systemctl restart httpd
    Problem 2:

    You are using Amazon Linux 2 server.

    You are logged in as ec2-user.

    You use WinSCP to upload files and edit configuration files.

    You cannot modify /etc/httpd/conf/httpd.conf and /etc/php.ini.

    Solution 2:

    1 View permission settings for the file

    ls -ld /etc/httpd/conf/httpd.conf

    The result indicates that the file owner is root user and root group, not ec2-user.

    2. View groups of a user

    groups ec2-user

    The result indicates that the ec2-user does not belong to root group.

    3. Add a user to root group

    sudo usermod -a -G root ec2-user

    4. Grant Read-Write permission against a file to root group

    sudo chmod g+rwx /etc/httpd/conf/httpd.conf
sudo chmod g+rwx /etc/php.ini

    5. Logout and login to the server again.

    Problem 3:

    You are using Amazon Linux 2 server. The ZipArchive feature is missing.

    Solution 3:

    1. Execute below commands:

    sudo amazon-linux-extras install php7.2
sudo yum install php-pear php-devel gcc libzip-devel zlib-devel
sudo pecl install zip-1.13.5 # we must specify a slightly older version due due to compatibility

    2. Add “extension=zip.so” to /etc/php.ini

    3. Restart the server

    sudo reboot
    Problem 4:

    You don’t have a WordPress database on the new Linux server.

    Solution 4:

    Execute below MySQL commands:

    CREATE USER 'username'@'localhost' IDENTIFIED BY 'password';
CREATE DATABASE `wp_database`;
GRANT ALL PRIVILEGES ON `wp_database`.* TO "username"@"localhost";
FLUSH PRIVILEGES;
    Problem 5:

    An database error occurs while restoring a website.

    Solution 5:

    1. Execute below commands to remove the website:

    sudo chown -R ec2-user:apache /var/www/example.com
sudo chmod 2775 /var/www/example.com && find /var/www/example.com -type d -exec sudo chmod 2775 {} \;
find /var/www/example.com -type f -exec sudo chmod 0664 {} \;
rm -r /var/www/example.com

    2. Upload the Duplicator files again, and restore the website again.

    Problem 6:

    No write access against /var/www/example.com is available for Duplicator.

    Solution 6:

    1. Execute below commands:

    sudo chown -R ec2-user:apache /var/www/example.com
sudo chmod 2775 /var/www/example.com && find /var/www/example.com -type d -exec sudo chmod 2775 {} \;
find /var/www/example.com -type f -exec sudo chmod 0664 {} \;

    2. Run http://example.com/installer.php again.

    Operating Systems

    How to connect and upload files to a remote machine using OpenVPN and SSH on macOS

    Leave a comment

    Motivation:

    You have a server inside a network. You are granted OpenVPN and SSH access to the server. You have a MacBook. You want to upload files to the server. You want to execute a process on the server (e.g. training a machine learning model).

    Procedure:

    • Request a certificate and an Open VPN configuration file (an .ovpn file) from your network administrator.
    • Install Tunnelblick https://tunnelblick.net
    • Drag the Open VPN configuration file to the Tunnelblick Configurations tab.
    • Click the Connect button.
    • On macOS, open Terminal and execute below command
    ssh [email protected] -p 7081

    where 172.29.64.144 is the machine IP and 7081 is the SSH port

    Operating Systems, Tech Devices

    How to Fix the Dell Laptop “Hard Drive Not Installed” issue

    Leave a comment
    Problem:

    Suddenly, when turning your Dell laptop on you get the error message “Hard drive Not installed” and cannot boot into Windows.

    Solution:
    1. Power your laptop and quickly press F2 key to enter BIOS.
    2. Expand System Configuration node.
    3. Click SATA Operation.
    4. Select AHCI option.
    5. Click Apply button.
    6. Click Exit button.
    7. If the problem still persists then restore BIOS settings to Default BIOS settings, then try the procedure again.
    More information:
    • PCI Express (Peripheral Component Interconnect Express), officially abbreviated as PCIe or PCI-e, is a high-speed serial computer expansion bus standard. It is the common motherboard interface for personal computers’ graphics cards, hard drives, SSDs, Wi-Fi and Ethernet hardware connections.
    • NVM Express (NVMe) or Non-Volatile Memory Host Controller Interface Specification (NVMHCIS) is an open logical-device interface specification for accessing non-volatile storage media attached via PCI Express (PCIe) bus. By its design, NVM Express allows host hardware and software to fully exploit the levels of parallelism possible in modern SSDs. As a result, NVM Express reduces I/O overhead and brings various performance improvements relative to previous logical-device interfaces, including multiple long command queues, and reduced latency.
    • Serial ATA (SATA, abbreviated from Serial AT Attachment) is a computer bus interface that connects host bus adapters to mass storage devices such as hard disk drives, optical drives, and solid-state drives.
    • The Advanced Host Controller Interface (AHCI) is a technical standard defined by Intel that specifies the operation of Serial ATA (SATA) host controllers in a non-implementation-specific manner in its motherboard chipsets. AHCI is mainly recommended for SSDs that have better NVMe drivers from their factories.
    • RAID (“Redundant Array of Inexpensive Disks” or “Redundant Array of Independent Disks“) is a data storage virtualization technology that combines multiple physical disk drive components into one or more logical units for the purposes of data redundancy, performance improvement, or both.

     

    Operating Systems

    How to Set File Permissions for WordPress on Windows IIS

    Leave a comment

    Motivation:

    • You have a WordPress instance on Windows IIS.
    • You upload a file. Its thumbnail is not shown in Media Library.
    • You change the file permission. Its thumbnail now is shown correctly in Media Library.
    • You upload another file and have to change the file permission manually again.
    • How can we make WordPress automatically set the correct permission for new uploaded files?

    Procedure:

    1. Ensure that the the Identity of Application pool that the website is running under is ApplicationPoolIdentity.
    2. Execute below commands as Administrator
    icacls "C:\inetpub\wwwroot\domain.com" /grant "IUSR":(OI)(CI)F /T 
icacls "C:\inetpub\wwwroot\domain.com" /grant "IIS_IUSRS":(OI)(CI)F /T

    3. Set up IIS.

    • Open IIS Manager.
    • Click on your website.
    • Click Authentication.
    • Click Anonymous Authentication (which should be the only one enabled).
    • Click Edit.
    • Select Application pool identity if it is not selected.
    • Click OK.

     

     

    Operating Systems

    How to Count the Number of Source Lines of Code, Find and Replace Content in Multiple Files

    Leave a comment

    Motivation:

    • You have a source code folder and want to know the number of source lines of code.
    • You want to find and replace a string with another string in multiple files.

    Procedure:

    1. Right click Start icon, click on Command Prompt (Admin) or Windows Powershell (Admin)
    2. Assume that the source code folder location is C:\Users\admin\Downloads\test, type below commands and press Enter
    cd C:\Users\admin\Downloads\test

    3. Assume that the source code file extension is .py, type below commands and press Enter

    type *.py | Measure-Object -line

    SLOC

    4. Assume that you want to find and replace “.flac” string with “.wav” string in all .cue files in the “E:\New Music\” directory, type below command, then press Enter.

    Get-ChildItem "E:\New Music\" *.cue -recurse | ForEach { (Get-Content -Path $_.FullName).Replace(".flac", ".wav") | Set-Content -Path $_.FullName }
    Operating Systems

    How to Copy, Move, Replicate, Augment or Delete Files and Folders using Commands on Windows

    Leave a comment

    Motivation:

    • You have a web application the backup of which needs to be  created daily.
    • You have a web application the content of which needs to be replicated daily.
    • You have data folder the content of which needs to be augmented daily.

    Commands:

    • Copying files and folders inside one folder to another:
    robocopy E:\inetpub\wwwroot\website.domain.com E:\inetpub\wwwroot\backup.domain.com /e

/e Copies subdirectories. This option includes empty directories. 

robocopy \\192.168.1.49\E\inetpub E:\inetpub /e
    • Moving entire folder to another location:
    PS C:\> Move-Item -path \\192.168.1.15\e\inetpub\ -destination E:\ -force

where PS C:\> is PowerShell.
    • Moving new files and folders inside one folder to another:
    robocopy E:\inetpub\wwwroot\website.domain.com E:\inetpub\wwwroot\archive.domain.com /move /e

/move Moves files and directories, and deletes them from the source after they are copied.
    • Copying (mirroring) entire data from one drive to another, including file and folder permissions:
    robocopy E:\ G:\ /MIR /COPYALL /ZB /W:1 /R:2 /XO

or

robocopy E:\ G:\ /TEE /LOG+:F:\robolog.txt /MIR /COPYALL /ZB /W:1 /R:2 /XO

E:\
 - Source folder. This can be a UNC path.

G:\
 - Destination folder. This can be a UNC path.

/TEE
 - Display the output of the command in the console window and write it to a log file.

/LOG+:F:\robolog.txt
 - Write the logs to F:\robolog.txt. The + sign means appending the content to the log file.

/MIR
 - Copy all files and subfolders, remove files and folders from the destination if they no longer exist on the source.

/COPYALL
 - Copy all of the NTFS permissions and attributes (security permissions, timestamps, owner info, etc.)

/ZB
 - Use restartable mode when copying files. If a file is in use, retry after a set amount of time (see /W:1 and /R:2). If access is denied then try to copy in backup mode.

/W:1
 - Wait for 1 second between retries when copying files.

/R:2
 - The number of retries on failed copies.

/XO
 - eXclude Older files/folders if the destination file or folder exists and has the same date.
If destination file exists and is the same date or newer than the source - don't bother to overwrite it.
    • Augmenting files and folders (making an incremental backup) from one drive to another, including file and folder permissions:
    robocopy E:\ G:\ /E /COPYALL /ZB /W:1 /R:2 /XO /XX

or

robocopy E:\ G:\ /TEE /LOG+:F:\robolog2.txt /E /COPYALL /ZB /W:1 /R:2 /XO /XX

/E
 - Copy Subfolders, including Empty Subfolders.

/XX
 - eXclude "eXtra" files and dirs (present in destination but not source). This will prevent any deletions from the destination.
    • Granting Full control to a user or group:
    icacls "E:\inetpub\wwwroot\website.domain.com\App_Data" /grant "IUSR":(OI)(CI)F /T

icacls "E:\inetpub\wwwroot\website.domain.com\App_Data" /grant "IIS_IUSRS":(OI)(CI)F /T

CI
 - Container Inherit - This flag indicates that subordinate containers will inherit this ACE (access control entry).

OI
 - Object Inherit - This flag indicates that subordinate files will inherit the ACE.

OI and CI only apply to new files and sub-folders).

F
 - Full Control

/T
 - Apply recursively to existing files and sub-folders.
    • Deleting and creating a folder:
    rmdir "E:\inetpub\wwwroot\website.domain.com\Temp\" /S /Q 
mkdir "E:\inetpub\wwwroot\website.domain.com\Temp\
    • Recursively deleting all files in a folder and all files in its sub-folders:
    cd C:\inetpub\wwwroot

del /s *.log /s
 - delete all the files in the sub-folders.


del /s /f /q *.* /f
 - force deletion of read-only files.

/q
 - do not ask to confirm when deleting via wildcard.
    • Recursively deleting a folder, its files and its sub-folders:
    rmdir .\force-app\main\default\objects /s /q /s
 - delete all the files in the sub-folders.
    • Enabling long paths and file names: For Windows 10, Version 1607, and Later: Open Group Policy (gpedit.msc) and go to Computer Configuration > Administrative Templates > System > Filesystem. Set “Enabling Win32 long paths” to “Enabled“. Restart the machine. Then use command below:
    PS C:\> Move-Item -path \\?\UNC\192.168.101.157\e\Files\ -destination \\?\E:\ -force
    • Removing a drive letter from a volume:
    mountvol F: /D

/D
- remove the drive letter from the selected volume.
    Operating Systems

    Anti-Virus vs. Anti-Malware

    Leave a comment

    What is the difference between anti-virus software and an anti-malware software?

    A virus is a piece of code that is capable of copying itself in order to do damage to your computer, including corrupting your system or destroying data.

    Malware, on the other hand, is an umbrella term that stands for a variety of malicious software doing damage to your computer or stealing your information, including Trojans, spyware, worms, adware, ransomware, and yes, viruses.

    So the logic follows: all viruses are malware. Not all malware are viruses.

    Anti-virus software generally scans for infectious malware which includes viruses, worms, Trojans, rootkis and bots.

    Anti-malware software generally tends to focus more on adware, spyware, unwanted toolbars, browser hijackers, potentially unwanted programs and potentially unsafe applications.

    Therefore, you need both an anti-virus and an anti-malware solution for maximum protection.

    Built-in Windows Defender provides both anti-virus and anti-malware protection, and IMO, is enough for non-tech-savvy users.

    A comprehensive FREE anti-virus software is AVG.

    A comprehensive FREE anti-malware software is Malwarebytes

    An ads blocker for Edge browser is uBlock Origin

    An ads blocker for Firefox browser is Adblock Plus