Posted by Mads Dam on 30. J 2024 in Blog
If the media creation tool is failing for some reason – you can make a bootable USB yourself. This is for my reference. cmd (run as administrator) diskpart list disk (select the disk, that is the usb drive) fx: select disk 2 clean convert mbr create partition primary size=1024 format fs=fat32 quick assign active create partition primary select partition 2 format fs=ntfs quick assign exit copy everything but sources-folder to the fat32-drive copy sources to ntfs-drive...
Read More »
Posted by Mads Dam on 27. J 2024 in Blog
Here are the commands to clenaup a Microsoft Certificate Authority. It doesn’t do it by itself. This is a good thing, if you’re using some Key Archival-tech. But I’ve only ever used it for Always on VPN or Wi-Fi-access, so I don’t care if the expired certificates get cleaned up. Now you’re warned 🙂 This can take a LONG time, if you’ve never done it before – I recommend doing it in batches. First, find out how old your earliest...
Read More »
Posted by Mads Dam on 20. J 2023 in Blog
Annoying features, that I’d like default disabled (but perhaps configurable by user, if they actively seek it) [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge\Recommended] “EdgeShoppingAssistantEnabled”=dword:00000000 “FavoritesBarEnabled”=dword:00000000 “PinBrowserEssentialsToolbarButton”=dword:00000000 “QuickSearchShowMiniMenu”=dword:00000000 “TranslateEnabled”=dword:00000000...
Read More »
Posted by Mads Dam on 18. J 2023 in Blog
From October 2023, Microsoft is adding a new “feature” called Azure Arc. If you, like me, don’t need it, you can run this in Powershell: Uninstall-WindowsFeature -Name AzureArcSetup
Read More »
Posted by Mads Dam on 14. J 2023 in Blog
This is just for my personal notes – I’m using this method to make sure that a machine is unable to browse the internet, unless VPN is connected. Ofc you also need to define outbound rules for your vpn-host. And also make a rule, that allow connecting to your DCs from any profile (that way it can detect if it’s on a domain-network instead and change a profile to that). If using Always-On-VPN, then also make a rule to let NlaSvc-service connect to anything ...
Read More »