Windows Group Policy – Disable The Local Windows Firewall

KB ID 0001090

Problem

I’ve got nothing against the Windows firewall, it’s certainly a lot easier to manage now than it was back in the XP SP2 days. But I find a lot of clients still just ‘want it gone’ and, providing they have a decent corporate firewall in front of them that’s fair enough.

Solution

1. On a domain controller or a client running the remote administration tools > Windows Key+R > gpmc.msc {Enter} > The Group Policy Management Console will open.

2. Select the OU that contains the ‘Computers’ you want to enforce this policy on, (or here I’m choosing the entire domain) > Right Click > ‘Create GPO in this domain, and link it here..’.

3. Give the policy a sensible name so you can see what it is doing later.

4. Right click your new policy > Edit.

5. Navigate to;

[box]

Computer Configuration > Policies > Administrative Templates > Network > Network connections > Windows Firewall > Domain Profile > Windows Firewall: Protect all network connections

[/box]

6. Set the policy to disabled.

7. Close the Group Policy Management Editor. If you have a Windows 2012 domain you can force the policy refresh on a particular OU like so.

9. Or simply run gpupdate /force on the target machine, (or you could also wait a couple of hours, or reboot the target machines).

SBS Note

An (SBS) Small Business Server domain enables the client firewall by default! The policy us called Windows Firewall Policy, which is usually linked to the computer OU under  ‘My Business’.

Related Articles, References, Credits, or External Links

Windows – Open a Firewall Port with Group Policy

Stop EditPlus Creating .bak files

KB ID 0000825 

Problem

I use EditPlus 3 a lot for editing firewall configs, and just taking notes. But freshly installed it has the annoying habit of creating .bak (backup) files for every file you work on. I tend to keep the notes I’m working on on my desktop, so this can clutter it up with annoying icons.

Solution

1. Launch EditPlus > Tools > Preferences > Files.

2. Untick ‘Create backup file when saving’ > Apply > OK.

Related Articles, References, Credits, or External Links

EditPlus – Enable ‘Word Wrap’ Permanently

 

Stop ‘Open File – Security Warning’

KB ID 0000804 

Problem

I put in a Remote Desktop Services Server this week, and every time the users launched their line of business app,

Open File - Security Warning
The publisher of this file can not be verified. Are you sure you want to run this software.
Name: {Application name}
Publisher: Unknown Publisher
Type: Application
From: {PathApplication name}
This file does not have a valid digital signature that verifies its publisher. You should only run 
software from publishers you trust.

Solution

OK the program is not digitally signed, but this is going to annoy the client even more, I need to suppress this warning.

1. Open the local group policy editor on the machine in question. (Start > Run > gpedit.msc {enter}).

2. Navigate to;

[box]
Computer Configuration > Administrative Templates > Windows Components > Internet Explorer
[/box]

3. Locate the ‘Turn off the Security Settings Check feature’ > Set it to enabled.

Related Articles, References, Credits, or External Links

NA

Windows Server – Disable IESC  (IE Enhanced Security Configuration)

KB ID 0000728 

Problem

We have had IESC (or IE Enhanced Security) in previous iterations of Windows Server, It is not a bad thing, in most cases you will not want people browsing the internet from a server anyway. Though when you have just built a server, and you are trying to get software and patches onto it it can be very annoying. With IESC enabled you will see this every time you visit a site;

Content from the website listed below is being blocked by the Internet Explorer Enhanced Security Configuration.

And this every time you try and download something;

You are attempting to download a file form a site that is not part of your Trusted Sites and that might be different from the website you are viewing.

Solution

1. From Server Manager (ServerManager.exe) > Local Server > IE Enhances Security Configuration > Then you can change the IESC for both administrators and normal users.

Related Articles, References, Credits, or External Links

Windows Server – Javascript Is Disabled

How Do I Shut Down Windows 8?

KB ID 0000588

Problem

Like Windows 7, Windows 8 is more than happy to gracefully shutdown if you press the power button on your PC/Laptop/Tablet. But now you don’t have a “Start Button” where’s the option to turn it off?

You might find it simpler just to Create a Shutdown shortcut on the Start Menu.

Solution

How to Shut Down Windows 8

1. Press Windows Key+I > Power > Shut down.

How to Shut Down Windows 8 (By Launching charms Bar)

1. To launch the “Metro Start Screen” you need to press the Windows key (or press CTRL+Esc), then locate the “Charms Bar” Button and hover over it. (Or Press Windows Key+C).

2. Select Settings.

3. Select Power > Shut down.

How to Shut Down Server 2012

1. Press Windows Key+I > Power > Shut down.

How to Shut Down Server 2012 (via the Charms Bar)

1. To launch the “Metro Start Screen” you need to press the Windows key (or press CTRL+Esc), then locate the “Charms Bar” Button and hover over it. (Or Press Windows Key+C).

2. Select Settings.

3. Select Power > Shut down.

4. Like its predecessor (Server 2008 R2) Windows Server 2012 wants to log a reason why it’s being shut down, enter the reason and select continue.

 

Related Articles, References, Credits, or External Links

Windows 8 Metro Shortcuts

Windows 8 – Add Shutdown to the Start/Metro Menu

Outlook 2013 and 2010 Stop – Do you want to send this message without a subject?

KB ID 0000371 

Problem

With Outlook 2010, everytime you send and email withough a subject line you get the following prompt

“Do you want to send this message without a subject?”

 

Now there are sensible reasons for this, but a lot of the time I don’t really want to put in a subject, especially if I’m conversing with friends colleagues etc. And I’m really sick and tired of being asked.

Solution

1. Open Outlook, Press ALT+F11 > Expand Project1 > Microsoft Outlook Object > This Outlook Session (Note: if you can’t see the code window right click and select “View Code” > Paste in the script (see below) > Click Save > Close the VBA project window to return to Outlook.

2. Whilst in Outlook select File > Options > Trust Center > Trust Center Settings > Macro Settings > Seelct “Enable all macros…” > Tick “Apply macro security…” > OK.

3. Restart Outlook

The Script (Note: I DID NOT WRITE THIS the good folk here did).

[box]

Option Explicit

'=========================================================================
' Prevents Outlook® 2010 to display a no-subject warning message
' (c) Peter Marchert - http://www.outlook-stuff.com
' 2010-07-15 Version 1.0.0
' 2010-07-19 Version 1.0.1
' 2010-08-01 Version 1.1.0
' 2010-08-31 Version 1.1.1
'=========================================================================

Private WithEvents colInspectors As Outlook.Inspectors

Private Sub Application_Startup()

    '---------------------------------------------------------------------
    ' Set a reference to all forms
    '---------------------------------------------------------------------
    Set colInspectors = Outlook.Inspectors

End Sub

Private Sub colInspectors_NewInspector(ByVal Inspector As Inspector)

    '---------------------------------------------------------------------
    ' This code is running if a form (e. g. an e-mail) will be opened
    '---------------------------------------------------------------------

    Dim objItem As Object

    '---------------------------------------------------------------------
    ' Skip errors
    '---------------------------------------------------------------------
    On Error GoTo ExitProc

    '---------------------------------------------------------------------
    ' Set a reference to the open item
    '---------------------------------------------------------------------
    Set objItem = Inspector.CurrentItem

    '---------------------------------------------------------------------
    ' Skip appointments, not meeting items
    '---------------------------------------------------------------------
    If InStr(LCase(objItem.MessageClass), "ipm.appointment") > 0 Then
        If objItem.MeetingStatus = 0 Then GoTo ExitProc
    End If

    '---------------------------------------------------------------------
    ' A new item does not have an ID
    '---------------------------------------------------------------------
    If objItem.EntryID = "" Then

        '-----------------------------------------------------------------
        ' Check if the subject is empty if an item was created by a
        ' template with predefined subject.
        '-----------------------------------------------------------------
        If objItem.Subject = "" Then objItem.Subject = " "

        '-----------------------------------------------------------------
        ' Meeting items will be checked for a empty location too
        '-----------------------------------------------------------------
        If objItem.Location = "" Then objItem.Location = " "

    End If

ExitProc:

    '---------------------------------------------------------------------
    ' Delete the reference to the form and to the item
    '---------------------------------------------------------------------
    Set objItem = Nothing
    Set Inspector = Nothing

End Sub

Private Sub Application_ItemSend(ByVal Item As Object, Cancel As Boolean)

    On Error Resume Next

    '---------------------------------------------------------------------
    ' If a blank still exists it will now be removed (Outlook®
    ' will this not recognize)
    '---------------------------------------------------------------------
    Item.Subject = Trim(Item.Subject)
    Item.Location = Trim(Item.Location)

End Sub

Private Sub Application_Quit()

    '---------------------------------------------------------------------
    ' Delete the reference to the forms
    '---------------------------------------------------------------------
    Set colInspectors = Nothing

End Sub

[/box]

 

Related Articles, References, Credits, or External Links

NA

 

Cisco ASA 5500 – Error ‘DHCP: Interface ‘inside’ is currently configured as SERVER and cannot be changed to a CLIENT by a CLIENT feature’

KB ID 0000836

Problem

I put in an ASA 5505 this week, and while I was setting it up I was getting plagued with these popping up in the command window all the time;

[box]

DHCP: Interface 'inside' is currently configured as SERVER and cannot be changed to a CLIENT by a CLIENT feature
DHCP Client: can't enable DHCP Client when DHCP Server/Relay is running on the interface.

[/box]

Seen here on ASA Version 9.1(1)

Solution

There not a lot of information out there about this, but it it essentially caused because you enabled the Cisco ‘Call-Home’ function. If you want call-home on then configure it, but I did not. The reason you are seeing these is because when you first entered configuration mode you were prompted with this,

And you answered yes, or if you use the ASDM;

You can confirm that by issuing a show call-home command,

As you can see its enabled, if you want it on, then configure it, I don’t so I’ll simply disable call-home.

[box]

User Access Verification

 

Password: Type help or ‘?’ for a list of available commands. PetesASA> enable Password: ******** PetesASA# configure terminal PetesASA(cfg-call-home)# call-home PetesASA(cfg-call-home)# no configuration all PetesASA(cfg-call-home)# exit PetesASA(config)#

 

[/box]

Finally save the changes.

[box]

PetesASA(config)# write mem
Building configuration...
Cryptochecksum: b984ffbc dd77cdbf f2cd8d86 0b8f3f96

3965 bytes copied in 1.490 secs (3965 bytes/sec) [OK]

 

PetesASA(config)#

 

[/box]

Related Articles, References, Credits, or External Links

NA