Preventing data loss due to USB flash drives

***Not Fully Tested***

So I’ve been thinking lately about data loss due to a recent branch of our company all quiting at the same time and deleting as much data as they could without it being notible. (Luckily we had backups to restore what was deleted.)

So what I’ve come up with won’t prevent users from deleting data off their computers or the network, but it will prevent them from stealing information by copying it to flash drives and such.

Navigate to
HKLMSYSTEMCurrentControlSetControlStorageDevicePolicies

then change┬áthe dword “WriteProtect” to “00000001”. By making that change whenever a user tries to write data to a external drive they will get a write protect error.

Enjoy

Enabling Remote Desktop remotely

So I ran into the need to enable remote desktop on a computer about 300 miles away this morning. Here is what I did.

First off I logged into my virtual XP machine with a domain admin account. I then launched the registry editor and connected to the registry of the remote machine. I then navigated to the following path on the remote registry: HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlTerminal Server

Once in the terminal server key, change the DWORD value for fDenyTSConnections from 1 to 0. (1 = Disabled, 0 = Enabled)

The remote machine won’t automatically start working, so you’ll need to reboot it. You can do this by running the following from command prompt.

shutdown -m remotecontroller -r

Enjoy

Modifying your primary OS partition

So here’s the scenario that got me into posting this. One of the sysadmins created a new virtual machine in VMWare by cloaning another. The original only had a 20GB drive, but he wanted it to be 40GB. He added the needed space, and then was going to use a partitioning tool to modify the OS partition. Well, he found out that VMWare didn’t like his partition tool and wouldn’t allow it to boot so at that point I pointed out that he could just use diskpart. Apparently he was under the assumption that diskpart wouldn’t allow him to mess with the primary partition… but he soon discovered otherwise. All you need to do to be able to use diskpart to manage your partitions outside of windows is do the following…

  1. Get a WinPE 2.0 disc, or a Windows Vista/7 disc
  2. On the WinPE disc, just get to command prompt, which should be super easy. On the Windows installation discs, you’ll need to select your language, click Install Now, then click SHIFT + F10.
  3. Once the command prompt is up, type diskpart. You’ll then see your prompt change from X:> to DISKPART>
  4. At this point if you don’t know what commands you need, you can go to the below link to read up on it.
    http://technet.microsoft.com/en-us/library/cc766465%28WS.10%29.aspx

Enjoy

Set file associations with a script

So I’m ashamed to be presenting a scripting technique that doesn’t use PowerShell… but I don’t have the time right now to find out how to do it in PowerShell.

I’ve come across the need to set PDF files to open using Adobe Reader instead of another program. After looking into it, I found that I can create a batch file and use the assoc command, like so.

@echo off
assoc .pdf=AcroExch.Document
Simple as that.
Enjoy