Remotely Reboot Windows from Command Line

Here’s how we do it from the command line. Should work from PowerShell too.

  1. Win+R
  2. Type shutdown /[r|s] /m \\ComputerName /c “Comment” /d [u|p] <xx>:<yy> and then press ENTER.
Value Description
/r Restarts the remote computer.
/s Shuts down the remote computer.
/m \\ ComputerName Specifies the destination computer.
/c “ Comment Enables you to comment in detail about the reason for the shutdown. You can use a maximum of 511 characters. Comments must be enclosed in quotation marks.
/d [u|p] xx : yy Lists the reason for the system restart or shutdown, where xx specifies a major reason number from 0 through 255, and yy specifies a minor reason number from 0 through 65,535.
/force Forces the computer to shut down if other users are logged in. If this is not used and other users are logged in to the remote computer, the computer will not shut down or restart.

ImportantImportant
If you force the computer to shut down or restart, logged in users will not have the opportunity to save their work.
/t xxx Sets the time-out period before the system shuts down or restarts to xxx seconds. The valid range is 0-600, with a default of 30. Using the /t flag implies the /force option.

For more detailed information about the shutdown command and additional options, type shutdown /? at the command prompt.

The server was unable to allocate from the system nonpaged pool because the server reached the configured limit for nonpaged pool allocations.

When you use your Windows 7 workstation for heavy network file copying the lan manager server tends to run out of memory. By making the following setting changes you can avoid this and enhance the file copy speeds.
Continue reading “The server was unable to allocate from the system nonpaged pool because the server reached the configured limit for nonpaged pool allocations.”

Outlook: Can’t create file : XYZ.pdf. Right-click the folder you want to create the file in, and then click properties on the shortcut menu to check your permissions for the folder.

Error in Outlook 2010:

"Outlook: Can't create file : XYZ.pdf. Right-click the folder you want to create the file in, and then click properties on the shortcut menu to check your permissions for the folder."

This is an annoying message. Even after fixing the users profile permissions it made no difference. This is what worked for me:

  1. Open REGEDIT.EXE and go to Edit -> Find… In the Find dialog box type “OutlookSecureTempFolder” without the quotes.
  2. You may also find the key here without searching if you know the users key:  HKEY_USERS\%USER PROFILE ID NUMBER%\Software\Microsoft\Office\14.0\Outlook\Security
  3. When you find it the key will contain the actual folder location, and will look like:
    1. C:\Documents and Settings\%USER_NAME%\Local Settings\Temporary Internet Files\OLK#\ (where # is a random letter or number)
  4. Copy the location of that folder.
  5. Click on Start -> Run… and paste the folder location from step #4 then click OK.
  6. Explorer will open that folder, then delete all files present.
  7. Restart Outlook and you should be able to open your attachments.

Last time I did this I found over 14k files in that location. Yikes!

How To Remove All Printer Drivers In Windows 7

Let me start by saying that HP has some of the worst drivers for their small office printers. Shame on you!

After many rounds with “re-installing”, specifically HP drivers, I found that it was better to just manually wipe them from the computer and start over.

Open a command prompt with administrative privileges and enter:

net stop spooler

Navigate to (Paste one of these paths into the run command:

%systemroot%\system32\spool\drivers\

NOTE: %systemroot% is usually C:\Windows, but it might be “winnt” or something else; this is set when the OS is installed. Most systems are like this C:\Windows\system32\spool\drivers\w32x86 but also note that if you’re using a 64-bit version of windows the drivers will be in the folder called x64

Inside the w32x86/x64 folder there will be other folders and files. Delete the contents of these folders but do not delete them.

Restart the computer and re-install the printer.

Make sure you turn off or unplug the printer if it’s directly attached. If you don’t Windows will try and be smart and reinstall it for you.

Sending Syslog logs from Ubuntu to a remote syslog server

I don’t know why I didn’t have notes on this already. I’ve done it dozens of times. So here’s the write up.

I use Ubuntu and it uses the syslog facility/daemon called rsyslogd. Its configuration file is located here:

/etc/rsyslog.d/50-default.conf

This file tells the deamon where to log each type of message. For example the follow entry means that all cron message are sent to /var/log/cron.log:

cron.* /var/log/cron.log
Continue reading “Sending Syslog logs from Ubuntu to a remote syslog server”

Getting Windows Process Command Line

Windows Server 2008 and Windows 7 introduced a neat feature in the Task Manager that allows you to see the command line that instantiated the process. This is great for telling processes apart. Especially when svchost and others can have dozens of instances.

Just click View -> Select Columns and pick Command Line at the bottom.

But what if you have Windows Server 2003 or Server 2000? I found a few tricks. They’re not as clean but they work just as well.

This one just lists the processes, their PID and the “services” that are associated with them

tasklist /svc

This one makes a nice text file with much more info

wmic process get Name,ProcessId,CommandLine /format:table > wmic_task_list.txt

The text file lists the name, process id, command line and puts it in a table in a text file. Genius!

If you want to get really geeky you can see all the wmic options using this command. It can do some really nice output.

wmic process list /format /?

Hope this helps someone! I use it on a regular basis to find out why svchost is going bat shit crazy on my servers. We all know it likes to hit full cpu usage from time to time and these commands will help you find out which process is causing it.

Most often I’ve found that it has to do with Windows Updates but you never know.

 

 

Permissions Required To Delete

Windows 7 can be a serious pain in the ass when deleting files. This may help:

  1. Take ownership of the file(s). Start a Command Prompt (cmd) as an administrator in the affected folder, and enter:
    takeown /f file takeown /f directory /r 
  2. Give yourself full rights on the file:
    cacls file /G username:F 

cacls can be used with wildcards and directory traversal: Security from the command line with CACLS.