netstat daily

netstat -a >> display all connections
netstat -a -n >> display all existing connections, BUT no DNS resolving.

netstat -n >> only active connections

netstat -nb >> active connections with listening ports

Details of packet statistics
netstat -s -p IP/TCP/UDP >> to display details of packets. IP or TCP or UDP

netstat -e >> display complete packet details on ethernet interface

Details of communication on specific applications
netstat -abnp TCP/UDP >> display protocol, application exe, outgoing IP+PORT, destination IP+PORT, connection status

netstat -n -o -b -p TCP 1 >> active connections, process ID, ONLY numerical form, portocol, screen refresh at every 1 second

Refer below Microsoft article on TCP Connection States and Netstat Output for TCP/IP connection state

Sync Windows time

Windows Machine time not syncing not working with Internet/Root servers ?
1. Make sure port 123/UDP OUT is open
2. Run > CMD with elevated privilages

to get details of configurations
w32tm /query /configuration

Enable log file details
w32tm /debug /enable /file:C:\Windows\System32\LogFiles\w32tm.log /entries:0-300 /size:1024000

Manul NTP server list
w32tm /config / /syncfromflags:MANUAL

Update configuration in registry
w32tm /config /update

Sync time with updated configuration details
w32tm /resync

Last sync details
w32tm /query /status

Firewall tweaks for GPO

here are the Firewall rules you need to consider for playing around GPO.

For remote policy updates
Remote Scheduled Tasks Management (RPC)
Remote Scheduled Tasks Management (RPC-EPMAP)
Windows Management Instrumentation (WMI-in)

For remote policy logging
Remote Event Log Management (NP-in)
Remote Event Log Management (RPC)
Remote Event Log Management (RPC-EPMAP)
Windows Management Instrumentation (WMI-in)

TCP RPC port 135, named pipe port 445, and the dynamic ports associated with the endpoint mapper, like always.



Delete work items from TFS 2010

If you want to delete unwanted Work Items from a Team Foundation Server.

Tool required: witadmin.exe
Location: “C:\Program Files\Microsoft Visual Studio 10.0\Common 7\IDE”

How to delete-
witadmin.exe destroywi /collection:http://localhost:8080/tfs/Collection_Name /id:WI_IDs /noprompt

C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE>witadmin.exe des
troywi /collection:http://localhost:8080/tfs/Collection_Name /id:4939,4940,4941,4942,4943,49
44,4945,4946,4947,4948,4949,4950,4951,4952,4953,4955,4956,12091,12092 /noprompt

BSNL ADSL Broadband using DSL-2750U

BSNL ADSL Broadband using DSL-2750U
A short blog on how to configure your DSL-2750U[D-Link] Device for a ADSL Broadband connection. For a beginner configuration using this device is bit tough. Attaching step-by-step screenshots for easy setup.

1. Unbox your new DSL-2750U
2. Connect the device adapter and switch-on.
3. Search on your laptop for a new wiresless network connection named DLink.
4. Open any internet browser and connect using
5. username/password: admin/admin [you will land on a page written as Device Info ]
6. From the left side navigation > go to Advanced Setup
7. Select Layer2 Interface and click on the add button on the right side. This will open up and page as shown below.







8. Select WAN Service from the same Advanced Setup main menu.











9. Done

Windows 2008 ServerCore Basic Config Commands

How to change Windows 2008R2 hostname when there is no GUI.

netdom renamecomputer %computername% /NewName:<New_Server_Name>

How to set/change IPv4 address.

This will show current address > netsh interface ipv4 show address
This will set IPv4 address > netsh interface ipv4 set address name=”Local Area Connection” source=static address= mask= gateway=
This will set DNSServer > netsh interface ipv4 set dnsservers “Local Area Connection” static Primary

Join existing Domain.
This will join Server to an existing Domain > netdom join MIA-RODC /Domain:woodgrovebank /UserD:administrator /PasswordD:<password> [MIA-RODC < Server Name, woodgrovebank < NETBIOS name of existing Domain, UserD < Domain Administrator]

Disable Network Connection.
netsh interface set interface “local area connection” disabled << This will disable Network Connection
netsh interface>set interface “local area connection” enabled << This will enable Network Connection

Create new Domain using unattended
dcpromo unattend:unattended.txt





How to add users into AD administrators group-
dsadd user “CN=mohan mathew,DC=tfs2010,DC=test” -disabled no -samid mohan -pwd <password> -mustchpwd no -memberof “CN=Administrators,DC=tfs2010,DC=test”


Windows Server RunAs different user

On certain occasions, we might need to run different programs in an elevated mode. We can run it using any high privileged user accounts from ordinary user desktop. Attaching some screenshots.

Windows 2003 Server – feature is available from the program right click menu!


Windows Server 2003

Windows 2008 Server – feature is removed from right click menu, but still available through command prompt [cmd.exe] .

G:\>runas /user:mohan@domain notepad
Enter the password for mohan@domain: xxxxx
Attempting to start notepad as user “mohan@domain” …

Windows 2008 R2 Server – feature is available by pressing SHIFT + right click! Yes, it is hidden.


Windows Server 2008 R2

DISABLE ctrl+alt+del

1. howto DISABLE Alt+Ctrl+Del when your screen is locked. Just for avoiding accidental computer restarts! But still you can restart computer by hiting Alt+Ctrl+Del two time. For completely disabling the Alt+Ctrl+Del restarting for your computer see next session in this post.

Disable Alt+Ctrl+Del

Disable Alt+Ctrl+Del

2. howto disable Alt+Ctrl+Del computer restart. Navigate to the following registry keys and create key named ‘NoClose’ with value ’0′.

User Key:
System Key: [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\
Value Name: NoClose
Data Type: REG_DWORD (DWORD Value)
Value Data: (0 = shutdown enabled, 1 = shutdown disabled

User Key: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]System Key: [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]Value Name: NoCloseData Type: REG_DWORD (DWORD Value)Value Data: (0 = shutdown enabled, 1 = shutdown disabled


Once you did this correctly, you can verify it by pressing ‘Alt+Ctrl+Del’, there you can see the ‘Shutdown’ button is grayed out!

workgroup WSUS clients

If you have a workgroup which you wish to use a WSUS Server to push Microsoft updates, add the below lines into client computer registry and check for updates.

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\windows\WindowsUpdate\AU]“NoAutoUpdate”=dword:00000000″AUOptions”=dword:00000003″ScheduledInstallDay”=dword:00000007″ScheduledInstallTime”=dword:00000023″UseWUServer”=dword:00000001″RescheduleWaitTime”=dword:00000001″NoAutoRebootWithLoggedOnUsers”=dword:00000001 >> this is my local WSUS server with port.