Run PowerShell (and Command Prompt) Administratively

KB ID 0000988

Problem

We had the ‘run as’ service way back in Windows 2000, so the concept of running a command window ‘as administrator’ should not be difficult to understand. But the amount of times I tell people ‘You need to run that as administrator’, and they reply ‘I AM an administrator’ is far too high. With PowerShell theres no way of knowing, and with command prompt the differences are subtle.

Solution

There’s a myriad of different ways to launch an administrator command window, here are a few, If I’ve missed any let me know.

Launch Powershell in Administrative Mode 

Powershell administrative mode (from Within Powershell)

If you’re already in Powershell you can open an administrative Powershell window, with the following command;

[box]

Start-Process PowerShell -Verb RunAs

[/box]

Powershell Administrative Mode (from Start Menu)

Option 1: From Start/Search > Powershell > Right Click Windows PowerShell > Run as administrator.

Option 2: Start > Right Click Windows PowerShell > Run as administrator.

Option 3: Start > Windows PowerShell > Windows Powershell > Run as Administrator.

Option 4: Right Click Start Menu (or Press Windows+X) > Window Powershell (Admin).

Powershell Administrative Mode (from Task Manager)

Launch Task Manger > File > Run new task > Powershell > Tick ‘Create this task with administrative privileges’.

Powershell Administrative Mode (from Windows Explorer)

From Windows Explorer > File > Open Windows PowerShell as administrator.

Launch Command Prompt in Administrative Mode 

Administrator Command Prompt From Start Menu. (Windows 10 and Server 2016/2019)

From the Start/Search option > Type cmd > Then right click Command Prompt and select ‘Run as administrator’.

Command Prompt (Admin) – Windows 10 (& Server 2016/2019) 

Right click the Start Button > Command Prompt (Admin)

Command Prompt (Admin) – Windows 8 (& Server 2012) Quick Links Menu

Press Windows Key+X > Select Command Prompt (Admin)

Administrator Command Prompt From Start Menu. (Windows 8 and Server 2012)

If you have the new Windows 8/2012 Start Menu (that we can’t call Metro any more) then type ‘command’ in the search window, then either right click and select ‘Run as administrator’, or press Ctrl+Shift+Enter to launch.

If you have the traditional start menu enabled or are running Windows 7/Vista, you can type command in the search/run box, then

Create An Always Run As Administrator Command Prompt Shortcut

1. Right click and empty area of your desktop > New > Shortcut.

2. Set the location to ‘cmd’ > Next > Call it Admin Command > Finish.

3. Right click your new shortcut > Properties.

4. Shortcut > Advanced > Run as administrator > Apply > OK.

 

Launch Admin Command Prompt from Task Manager.

Launch Task Manager (Ctrl+Shift+Esc) > File > Run new task > cmd > Tick ‘Create this task with administrative privileges’.

Launch Command Prompt ‘As Administrator’ From Command/Run.

I’m not a fan of this, in fact I only include it here for completeness, you can call a command windows and run it as administrator from command (or the run box (Windows Key+R). The reason I don’t like this is, you need to enter the machines local administrators password for it to work.

[box]

runas /user:%computername%administrator cmd

[/box]  

If theres any I’ve missed feel free to drop me an email, and I will update the article.

Related Articles, References, Credits, or External Links

NA

vSphere – Virtual Center Server Service Stops

KB ID 0000479

Problem

If your VC Database reaches 4GB, the VMware Virtual Centre Server service will stop. A restart of it will result in the service stopping again within a minute.

You will also see see this event logged.

Description:

Could not allocate space for object ‘dbo.VPX_HOST_VM_CONFIG_OPTION’.’PK_VPX_HOST_VM_CONFIG_OPTION’ in database ‘VIM_VCDB’ because the ‘PRIMARY’ filegroup is full. Create disk space by deleting unneeded files, dropping objects in the filegroup, adding additional files to the filegroup, or setting autogrowth on for existing files in the file group.

Solution

1. Download and install the Microsft SQL Server Management Studio Express.

2. Connect to ServernameSQLEXP_VIM and login with Windows Authentication.

3. Expand databases > Expand VIM_VCDB > Expand Tables > Open table dbo.VPX_PARAMETER:

4. Modify event.maxAge to a be 30 > Modify event.maxAgeEnabled to value of true.

5. Modify task.maxAge to be 30 > Modify task.maxAgeEnabled to a value of true.

5. Then run the built in stored procedure: from the VCDB > Programmability > Stored Procedures.

6. Right Click dbo.cleanup_events_tasks_proc and click “Execute Stored Procedure”.

7. This will purge the data from tables: vpx_event, vpx_event_arg and vpx_task based on the date specified for maxAge.

8. When this has sucessfully completed, close the SQL Management Studio down > Then start the VMware Virtual Centre Server service.

 

Related Articles, References, Credits, or External Links

NA

McAfee ePO – Client Firewall Exceptions to Allow Agent Deployment

KB ID 0000952 

Problem

It’s been a while, since I deployed ePO, and as I’ve got a big McAfee roll-out coming up I thought I’d better run it up on the test bench and see how much it’s changed since version 4. As the prospective client is going to use Server 2012 and Windows 8, that’s what I tested it with.

Despite my best efforts the the McAfee agent (8.6) refused to deploy to the clients as long as I had the windows firewall on. A quick Google turned up a myriad of suggestions for ports and services, and most of them were for older versions of ePO or were simply incorrect.

Solution

Basically you need to to do two things with the firewall;

  • Allow in ICMP echo requests
  • Allow in File and Printer sharing

Set Firewall to Allow McAfee Agent deployment via Group Policy

This is the simplest option, especially if you have a lot of client to deploy to.

1. On your Domain Controller > Launch the Group Policy Management Console > Create a new policy (or edit an existing one), that is linked either to the root of the domain, or the OU that your computers are in.

2. Edit The policy, and navigate to;

[box]Computer ConfigurationAdministrative TemplatesNetworkNetwork ConnectionsWindows FirewallDomain ProfileWindows Firewall: Allow ICMP exceptions[/box]

3. Set to Enabled > Select ‘Allow inbound echo request’ > Apply > OK.

4. In the same location select ‘Windows Firewall: Allow inbound file and printer sharing exception’.

5. Enable this policy > Then enter the IP address of the ePO server > Apply > OK.

6. Then either reboot the clients, wait a couple of hours, or manually run “gpupdate /force” on them. Then Re-deploy your McAfee agent.

Set Firewall to Allow McAfee Agent deployment on an Individual Machine

1. Windows Key +R > cmd {Enter} > firewall.cpl {Enter}.

2. Allow an app or feature though Windows Firewall.

3. Locate ‘File and Printer Sharing’ and enable (Note: Here I’ve enabled for Domain, Public, and Private, you may only want to select Domain) > OK.

4. Advanced Settings > Inbound Rules > New Rule.

5. Custom > Next.

6. All Programs > Next.

7. Protocol Type = ICMPv4 > Customize > Echo Request > OK > Next.

8. Enter the IP address of your ePO server > Next.

9. Allow the connection > Next.

10. Select as appropriate > Next.

11. Give the rule a sensible name > Finish.

12. Re-deploy your McAfee agent.

Related Articles, References, Credits, or External Links

NA