Tag Archives: cli

Updating firewall rules with netsh

I needed to adjust the scope of a built-in firewall rule in a couple of servers, restricting the remote IPs to a list of UVM subnets in CIDR notation. The netsh documentation describes the syntax for a list as comma-separated values (no spaces). But I kept getting errors with the command:

netsh advfirewall firewall set rule name="Windows Internet Naming Service (WINS) (NB-Name-UDP-In)" remoteip=",,"

Finally, I actually read the error message:

For ‘set’ commands, the ‘new’ keyword must be present and must not be the last argument provided.

And the related part of the usage text:

Values after the new keyword are updated in the rule.  If there are no values, or keyword new is missing, no changes are made.

One little three-letter keyword was all I needed:

netsh advfirewall firewall set rule name="Windows Internet Naming Service (WINS) (NB-Name-UDP-In)" new remoteip=",,"


Listing parent of AD object in PowerShell

Recently, I wanted to provide a client with a list of groups that related to some work he was doing. I wanted the group names as well as their location with AD. Although I often use the ds* commands or excellent ADfind tool for this type of task, I had been working in PowerShell on another project, so I decided to use the PowerShell ActiveDirectory module.

The Get-ADGroup Cmdlet pulled out the groups easily enough, but the there wasn’t a property representing the group object’s parent, nor is there an LDAP property that I could request (AFAIK). The object’s parent is contained within the DistinguishedName (DN) property, though.

For a group with the following DN:

CN=FOO-FileServices Administrators,OU=FOO,OU=Departments,DC=uvm,...

I just need to strip off the CN. I could split the DN on commas, remove the first element, and then reassemble what’s left to get the parent. I also needed to avoid splitting on an LDAP-escaped comma where a value actually contains a comma (e.g., CN=).

PS> $dn -split '(?<![\\]),'

Continue reading

re-enabling ESET NOD32

ESET has fixed the problem that caused widespread system hangs. If you followed my instructions to disable NOD32, you can re-enable it by repeating those steps and changing one word: replace disabled with auto.

To recapitulate:

1. Boot into safe mode

2. In either the Run dialog or the Vista Start Menu search box, type the following:

cmd /k "sc config ekrn start= auto"

(Please note that the space after start= is required; goodness knows why…)



3. Watch for the success message, and reboot.

ESET NOD32 making many systems hang

I’ve spent most of the day trying identify a systematic way to work around the campus antivirus solution, which is causing widespread system hangs. Our vendor has tentatively identified a problematic recent update, and is recommending that affected users temporarily disable the Eset Service service until a patch is available.

Disabling ESET NOD32 / ekrn Service.

If your system become unresponsive, in most cases soon after logging into the system, you may be affected. Please follow these instructions to disable the ESET service:

1. Restart your system in safe mode

2. In either the Run command ( Start->Run or [Windows Key]+R)



OR in the Vista Start menu search box…



3. …Enter the command below

cmd /k "sc config ekrn start= disabled"

(Please note that the space after start= is required; goodness knows why…)


4. Watch for the success message:



Reboot and stay tuned to your friendly neighborhood technical support resources for updates.

PS. for what it’s worth, here’s my current ESET version info, which hangs my system.


CLI configuration of network interfaces

I like GUIs, but I also like getting things done via the command line. I was hunting around to see if there was a way to change the MTU setting for my NICs without having to edit the registry, and I found that the netsh interfaces context exposes this attribute:

netsh interface ipv4 show subinterfaces
netsh interface ipv4 set subinterface "Local Area Connection" mtu=1500 store=persistent

I used this to change the MTU for my Wifi and Ethernet interfaces from 1300 — Cisco’s preferred setting from Win9x days — back to the Windows default. And now the performance problem I was having yesterday has been resolved. :-)

[ via http://www.annoyances.org/exec/forum/winvista/t1158155937]