O365 – Change default security settings
O365 – Powershell connect once
Because I’m testing I made this, so I dont need to fill in everytime the credentials, but checks if there is a connection.
AzureAD Connect
if($azureConnection.Account -eq $null){
$azureConnection = Connect-AzureAD
}
MSO Connect Check
if( $credential -eq $null){
$credential = Get-Credential
Connect-MsolService -Credential $credential
}
Disable Password Expiration Azure AD
Connect-AzureAD
Set-AzureADUser -ObjectId <SyncACCOUNT>@<DOMAIN>.onmicrosoft.com -PasswordPolicies DisablePasswordExpiration
And if you want all online created accounts disable Password expiration:
Get-AzureADUser -All $true | Set-AzureADUser -PasswordPolicies DisablePasswordExpiration
Print spooler is crashing
Printspooler is crashing because of a wrong printerdriver.
Remove printer in register:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors
And start Printspooler service
VMware disable auto resize
Found a solution!!
Windows Client resolution changes work by calling <ProgramDir>\VMware\VMware Tools\VMwareResolutionSet.exe. After I renamed that file, bingo no more resolution changes. Obviously this works until the next VMware tools update only, but it does the job for us.
Enable Pin code and/or fingerprint login
Go to start -> Settings
Go to Account
On the left side Sign-in Options
Now you can setup Fingerprint and/or pin code.
Install-Module – unable to resolve package source
When you want to install a powershell module and you get this error message.
Solution. Run Powershell as admin and enter
[Net.ServicePointManager]::SecurityProtocol = “tls12”
Now you can install the powershell module
Enable Windows Update “Features on Demand” and “Turn Windows features on or off” in WSUS Environments
I Found this website very usefull and searched long for this.
If you are running Microsoft Windows in a domain environment with WSUS configured, you may notice that you’re not able to install some FODs (Features on Demand), or use the “Turn Windows features on or off”. This will stop you from installing things like the RSAT tools, .NET Framework, Language Speech packs, etc…
You may see “failure to download files”, “cannot download”, or errors like “0x800F0954” when running DISM to install packages.
To resolve this, you need to modify your domain’s group policy settings to allow your workstations to query Windows Update servers for additional content. The workstations will still use your WSUS server for approvals, downloads, and updates, however in the event content is not found, it will query Windows Update.
Enable download of “Optional features” directly from Windows Update
- Open the group policy editor on your domain
- Create a new GPO, or modify an existing one. Make sure it applies to the computers you’d like
- Navigate to “Computer Configuration”, “Policies”, “Administrative Templates”, and then “System”.
- Double click or open “Specify settings for optional component installation and component repair”
- Make sure “Never attempt to download payload from Windows Update” is NOT checked
- Make sure “Download repair content and optional features directly from Windows Update instead of Windows Server Update Services (WSUS)” IS checked.
- Wait for your GPO to update, or run “gpupdate /force” on the workstations.
Please see an example of the configuration below:
Download repair content and optional features directly from Windows Update instead of Windows Server Update Services (WSUS)
You should now be able to download/install RSAT, .NET, Speech language packs, and more!
Install Fonts with Powershell
$ssfFonts = 0x14
$fontSourceFolder = ""
$Shell = New-Object -ComObject Shell.Application
$SystemFontsFolder = $Shell.Namespace($ssfFonts)
$FontFiles = Get-ChildItem $fontSourceFolder
$SystemFontsPath = $SystemFontsFolder.Self.Path
$rebootFlag = $false
foreach($FontFile in $FontFiles) {
# $FontFile will be copied to this path:
$targetPath = Join-Path $SystemFontsPath $FontFile.Name
# So, see if target exists...
if(Test-Path $targetPath){
# font file with the same name already there.
# delete and replace.
$rebootFlag = $true
Remove-Item $targetPath -Force
Copy-Item $FontFile.FullName $targetPath -Force
}else{
#install the font.
$SystemFontsFolder.CopyHere($FontFile.fullname)
}
}
#Follow-up message
if($rebootFlag){
Write-Host "At least one existing font overwritten. A reboot may be necessary."
}