Category Archives: Command Line

Command Lines To Remember

Fix A Broken Trust Relationship With Domain without Removing/Rejoining

Have you been hit with the login error: The trust relationship between this workstation and the primary domain failed.
GOOD News, there is a fix (If you can get into the machine – see below)
Just change your computer password using netdom.exe!

netdom.exe resetpwd /s: /ud: /pd:*
= a domain controller in the joined domain
= DOMAIN\User format with rights to change the computer password

Can’t log in because you don’t have the local admin password? Try this trick:

  • Turn off computer.
  • Remove network cable.
  • Turn on computer.
  • Login using regular domain credentials
  • This should work with any credentials recently used on that machine as they will be cached locally.

    Thanks to: http://implbits.com/active-directory/2012/04/13/dont-rejoin-to-fix.html

    Bypass Windows Account Logon – Password Reset

    If you are in the situation where you forgot the local account (Not Microsoft LiveID) password, there are several ways to reset the password. Most use a boot disk using Linux to access the SAM file are blank the password.
    This method also uses a boot disk or recovery disk to access the command prompt.
    Once at the command prompt, follow these step:

    1. Find the Windows\System32 folder (It likely won’t be C: in the recovery environment
    2. Rename UtilMan.exe to UtilMan.Old
    3. Copy cmd.exe to UtilMan.exe
    4. Reboot computer back to the normal Windows logon screen.
    5. Click the analog clock looking icon null– you may need to press Ctrl-Alt-Del or click the screen to see the icon.
    6. At the command prompt that appears, type Net user Name 1234 where Name = the account name to reset the password and 1234 is the password you want.
    7. You can now log in using the new password.

    Configure Exchange to Use DBL Spam Blocking List BarracudaCentral.org

    With any mail server, you need to manage spam. When I moved to Exchange server, I needed to figure out how to enable DBL blocking services.
    I prefer the Barracuda Central DBL. You should register and provide them with you server IP’s before using this configuration.

    Simply create the block list provider at the Exchange Powershell prompt. This can be easily modified for Spamhaus and other DBLs.

    Add-IPBlockListProvider -Name “Barracuda IP Block List Provider” -LookupDomain b.barracudacentral.org -BitmaskMatch 127.0.0.1

    You can test the block list by using a test against an IP or your choosing.

    Test-IPBlockListProvider “Barracuda IP Block List Provider” -IPAddress 121.34.188.148

    The test should respond as such:

    Provider : Barracuda IP Block List Provider
    ProviderResult : {127.0.0.2}
    Matched : True

    If the ProviderResult = {127.0.0.2}, then it means the IP is listed in the DBL: this means it is a spam IP address.
    If the ProviderResult = {}, then the IP was not found in the DBL and is not a spam IP address.

    For more information, visit Barracuda Central – How-To-Use

    Powershell Commands to Reinstall / Re-register Windows8 and Windows10 Packages/Apps

    To re-register for all Windows Apps for the current user:

    Get-AppXPackage | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register “$($_.InstallLocation)\AppXManifest.xml”}

    To re-register for all Windows Apps for all users:

    Get-AppXPackage -AllUsers | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register “$($_.InstallLocation)\AppXManifest.xml”}

    This command only works on Windows 10, and I have used it to repair other issues (specifically the Windows Edge Hijack)

    Get-AppXPackage -AllUsers |Where-Object {$_.InstallLocation -like “*SystemApps*”} | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register “$($_.InstallLocation)\AppXManifest.xml”}

    I really good post on this topic, with other individual App specific commands, is available here: https://www.tenforums.com/tutorials/3175-reinstall-re-register-apps-windows-8-10-a.html

    Issues Printing from DOS to LPT1

    If you use older DOS applications – Such as dBaseIV – you may have run into the situation where you need to print to network printers by mimicking local printer ports using commands like:

    Net Use LTP1 \\MyServer\Printer

    You should now be able to send data to the printer from your applications using the LPT1 port. Alternatively, you can test directly from the command line using commands such as:

    copy file.txt LPT1
    type file.txt > LPT1
    Echo “Testing 123” > LPT1

    But what if you get ‘Access Denied’?

    First, make sure you user has permissions to access the printer \\MyServer\Printer,
    Second, making sure the firewall is allowing the connection,
    Third, make sure you aren’t accidentally overriding a local LPT port. If LPT1 doesn’t work, try LPT2, LPT3, LPT4, etc.
    Fourth, change the permissions on the C:\Windows\System32\Spool folder to allow the user or user group read/write permission.

    I would have thought that the first item would have taken care of the fourth item, but on Windows2012, I can attest that was not the case.

    Issues with Windows 7 Reporting Counterfeit? Try this:

    You will need a VALID license key. I have experienced this error on OEM editions hard-locked to the motherboard, and sometimes this helps to re-authenticate the system. I have also seen this on units with ‘Refurbished’ Authentication Stickers.

    1.Click on the Windows button. Inside the search box type in CMD
    2.Right click on CMD => Choose Run as Administrator
    3.Inside the Command Prompt windows copy and paste the following commands

    net stop sppsvc (wait for the service to stop before trying to enter any more commands)

    CD %windir%\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform
    REN tokens.dat tokens.bak
    net start sppsvc
    slui.exe
    4.Reactivate using the System applet in the Control Panel
    (Click on the Windows button. Inside the search box type in System)

    5.Once done please restart your computer.

    If this fails and you continue to have issues with a known good license, a likely scenario is the hard drive is having issues – even if S.M.A.R.T. status reports no issues. Clone to a new drive.

    Create a Clean BCD File

    The following is an except from “Rajan : Computer Blog”
    You can find the original post here: http://rajandmk.blogspot.ca/2012/09/how-to-create-clean-bcd-file-to-fix.html
    I put it here so I knew were to find it.
    It has come in handy recovering more than one “hopeless” situation.

    Enter the following commands:

    bootrec.exe /fixmbr
    X:\boot\bootsect.exe /nt60 all /force

    Replace X in the command line above with the device letter to the CD/DVD drive that is running your Windows 7 Recovery Disk.

    Now remove the old BCD registry, and create a new one instead.

    del C:\boot\bcd

    bcdedit /createstore c:\boot\bcd.tmp

    bcdedit.exe /store c:\boot\bcd.tmp /create {bootmgr} /d “Windows Boot Manager”

    bcdedit.exe /import c:\boot\bcd.tmp

    bcdedit.exe /set {bootmgr} device partition=C:

    bcdedit.exe /timeout 12

    del c:\boot\bcd.tmp

    Now we have a clean, working Win 7 bootloader. But we need to add a Win 7 entry to it:

    bcdedit.exe /create /d “Windows 7” /application osloader

    bcdedit.exe should return a message with a GUID for the newly-created entry. It will look something like this:

    The entry {fc8bcc18-8a93-11df-baf9-806e6f6e6963} was successfully created.

    You’ll need to use the value that bcdedit.exe returned for you below, along with the drive letter for the drive that Windows 7 is installed to (remember, the GUID listed here is an example, please substitute the one returned to you in the previous command):

    bcdedit.exe /set {fc8bcc18-8a93-11df-baf9-806e6f6e6963} device partition=C:

    bcdedit.exe /set {fc8bcc18-8a93-11df-baf9-806e6f6e6963} osdevice partition=C:

    bcdedit.exe /set {fc8bcc18-8a93-11df-baf9-806e6f6e6963} path \Windows\system32\winload.exe

    bcdedit.exe /set {fc8bcc18-8a93-11df-baf9-806e6f6e6963} systemroot \Windows

    And, last of all, tell the Windows 7 bootloader to boot the new entry by default:

    bcdedit.exe /displayorder {fc8bcc18-8a93-11df-baf9-806e6f6e6963}

    bcdedit.exe /default {fc8bcc18-8a93-11df-baf9-806e6f6e6963}

    Now the Windows 7 bootloader has been removed and rebuilt from scratch.

    At this point, you have a clean and hopefully a fully-working bootloader with one entry for Windows 7.

    Reboot your PC system to get back into Windows 7.