Using this freeware software you can do it fast way to add time stamp.
Firstly move all photos to one folder then open faststone image viewer software.
Choose the image folder then select all photos after that press the tools tab on the top.
->Tools ->Batch convert selected images -> Advanced options -> Text -> Remove current text and then select -> insert a variable -> File dateandtime ($D1)-> OK ->choose correct format and output destination folder -> Convert
You can find the photos on output folder with time stamped each photos.
iTunes backup iPhone XR on external HDD
I have facing issue on my laptop have small storage space. So i can not take 128gb size iPhone backup on local drive. Here this step to take iPhone backup on external drive.
I have connected external hard-disc on laptop and make junction created on both side using power-shell.
Open Powers-Shell and go to iTunes default back location.
After entering this command, link will create on backup location.
Here below video will helpful
Microsoft Group Policy – Microsoft Server 2019
What is difference between local group policy and Active Directory Group Policy
The local GPO exists on every windows workstation and server.
AD based GPO are stored in AD and SYSVOL.
The local GPO is processed regardless of whether a machine is domain or workgroup joined.
Local GPO resides in the file system under %windir%\system32\GroupPolicy. You can also create muliple user-specific local GPOs.
Specific local user accounts, All administrators on the system, All non-administrators on the system.
Active Directory based GPOs in Parts.
first part GPC- The AD based portion of the GPO is stored under CN=Policies. CN=system. Referred as the Group Policy container(GPC).
Second part GPT- The file-system based portion of the GPO is stored in SYSVOL under \\<domin>\sysvol\<domain>\policies and is referred to as the Group Policy Template(GPT).
How to open Local Group Policy on command prompt.
Run -> gpedit.msc
How to create AD Group Policy
Microsoft GPMC is the main interface for creating GPOs in AD and we can also use the Microsoft Group Policy Powershell module.
GPOs are created in a given AD Domain. Once created they have no effect until they are linked.
Members of Domain admins and Group policy creator owners can create GPOs in a domain.
GPMC – Group Policy Management Console.
Editing GPOs is simple right-click from the GPO in launch GP Editor.
GPOs can be linked to AD sites
GPOs can be linked to at the domain level.
GPOs can be linked at one or more OU levels.
ADMX files
ADMX file exist in C:\Windows\PolicyDefinitions
The corresponding language specific ADML files provide the description of each policy. In the current language of Windows. There is one ADML file for every ADMX, stored in folders under the ADMX directory (example: en-us).
The ADMX Central Store
Created by copying C:\Windows\policydefinitions to SYSVOL
Restore the default GPOs using command prompt type- dcgpofix
dcgpofix – it will revert back to original default policy
GPO Backup tools – GPMC can be used to backup one or all GPOs in a domain.
We can also script GPO backups using the group policy module and Backup-GPO
Restore GPO Backup policy – right click on GPO – Manage backups
GPO Migration Table – Used when migrating GPOs from one domain or forest to another. Designed to replace security principals and UNC paths that are referenced in source GPOs, with new ones in the destination domain.
Implementing the migration table
Migration tables can be populated : Manually, From live GPO, from a GPO backup.
Migration tables are used when importing a GPO backup into a new GPO ( usually in a different domain).
Limitations in Migration tables:
Only supports mapping legacy security policy area, software installation and folder redirection for UNC path migration. Does not support security principal or UNC path mapping of any GP preferences areas.
Delegation Fundaments
GPO delegation serves two purposes- who can process a GPO and who can read/edit a GPO.
By default all GPOs grant read and apply group policy permissions to authenticated users, which includes all user and computer accounts in the domain.
Delegation can be used to filter which computers and users can apply policy separate from linking of a GPO.
Group Policy Software installation
GP based software installation allow deploy of .MSI packages to computers or users
Packages can be deployed on startup or logon, or when a user clicks a shortcut associated with the package.
Package always install with elevated privileges, even for users.
Package store on UNC path for everyone access that MSI package.After machine restarted will replicated policy.
Folder Redirection
Lets you redirect key folders ( ex: desktop, documents, pictures) out of the users profile and onto a server share
can be done to the same location for all users or to different locations based on users group memebership.
Ensures local user files are backed up to a server.
Scrips Policy
You can deploy per computer startup or shutdown scripts or per user logon or logoff scrips.
can be any executable batch or powershell script.
Logon scrips run 5 minutes after the user logs on by default in windows 10.
Group Policy preferences Printers and Drive maps
GP preference can set shared TCP/IP or local printers can be defined per computer or per user.
Computer configuration set only local printer- No shared printer option
GP preference can map drivers per user can be specific letter or next available.
GP preference Power option and Custom registry
We can configure power plans and power settings using power options in GP Preferences.
We can configure arbitrary registry entries using GP preferences Registery.
GP Preference file creating on desktop
Computer configuration -> windows settings-> files->New
Above method will fix office 365 mailbox storage limits .
After execute this command Email box size will change to 100gb.
Microsoft free to support for expand mailbox size upto 100gb.
Basic Group Policy- Windows server 2012
Create local administrtor security group on AD
Open group Policy Management
1. Create GPO in this domain 2. Name: corp local administrator access 3. Edit- open group policy management editor 4. Computer configuration- Policies – Windows settings – security settings – Restricted groups – Add Group Browse – Add – “corp local administrator” then The group of memember of – administrators
5. GPO Enforced. 6. OU Linked to GPO and enable
7. Apply to client machine – on command prompt “:
How to disable a standard user to install program on client machine being domain user?
1.Open the Group Policy Management Console (GPMC). 2.Right-click your domain and choose the Create a GPO in this domain, and link it here option. 3.Name the Group Policy Object (GPO) Block Google Chrome and click OK. 4.Right-click the policy you just created and click Edit. 5.Navigate to the User Configuration\Policies\Windows Settings\Security Settings\Software Restriction Policies folder. 6.Right-click Software Restriction Policies and select New Software Restriction Policies. 7.Right click Additional Rules and choose New Path Rule. 8.In the Path field, type chromesetup.exe. 9.In the Security level drop-down box, choose Disallowed and click OK. Repeat steps 7 through 9 for the chrome.exe and gears-chrome-opt.msi files. Repeat steps 7 through 9 for the path C:\Users\%username%\AppData\Local\Google\Chrome\Application\chrome.exe for Vista machines or C:\Documents and Settings\%username%\Local Settings\Application Data\Google\Chrome\Application\chrome.exe for XP machines. You should include this rule in case some of your users have already installed the browser. After you implement the GPO and the Group Policy settings refresh on those users’ local machines, they’ll no longer be able to successfully run Google Chrome. Open a command-prompt window and run the command to apply the new rules.
gpupdate /force
Run the command
gpresult /R
Verify that the newly created GPO has successfully been applied. As a final test, attempt to run the installer from the Google Chrome website.
If the users do not have local administrator access, you may simply disable per-user installations via Group Policy.
DisableUserInstalls is a machine policy which will block per-user installations. There is also an option for “hiding” existing per-user installed applications in favor of the per-computer installed versions.
To configure:
1.Open gpmc.msc, select the GPO to which you will add the policy. 2.Navigate Computer Configuration, Policies, Administrative Templates, Windows Components, Windows Installer. 3. Set the policy “Prohibit User Install” to “Enabled”. [Optional] Set the policy “User Install Behavior” to “Hide User Installs”.
Group Policy- Change Domain user wallpaper
First create folder on server name: “commonwallapaper”
Share the folder with everyone give read only access.
sharing option – enable- no files or prgoram from the shared folder are available offline.
Put wallpaper on same folder.
Group policy 1. create a GPO in the domain- name : commonwallpaper_GPO 2.right click commonwallaper_GPO – edit – user configuration – Policies – Administrative Template – Desktop – Desktop – Desktop Wallpaper – Enabled – wallper name: \\192.168.1.250\commonwallpaper$\corpwallpaper.jpg
3. apply GPO to security group..
4. Go to Client system open cmd- gpudate /force
5. Automatically updated all client machine wallpaper.
The most common scenario is that the client has the CredSSP update installed, and the Encryption Oracle Remediationpolicy setting does not allow an insecure RDP connection to a server that does not have the CredSSP update installed.
To work around this issue, follow these steps:
On the client has the CredSSP update installed, run gpedit.msc, and then browse toComputer Configuration> Administrative Templates> System> Credentials Delegationin the navigation pane.
Change theEncryption Oracle Remediation policytoEnabled, and then change Protection LeveltoVulnerable.
If you cannot use gpedit.msc, you can make the same change by using the registry, as follows:
Open a Command Prompt window as Administrator.
Run the following command to add a registry value: REG ADD HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters\ /v AllowEncryptionOracle /t REG_DWORD /d 2
Remote Connection issue: The Specified Domain Either Does Not Exist or Could Not Be Contacted
Remote desktop getting an error while access windows server 2012
Remote desktop error message
After you install Active Directory Domain Services on a new full or read-only Windows Server 2012-based domain controller in an existing domain, the SYSVOL share is present. However, the NETLOGON share is not present on the new domain controller.
To work around this issue, set the SysvolReady Flag registry value to “0” and then back to “1” in the registry. To do this, follow these steps:
ClickStart, clickRun, typeregedit, and then clickOK.
In the details pane, right-click theSysvolReadyflag, and then clickModify.
In theValue databox, type0, and then clickOK.
Again in the details pane, right-click theSysvolReadyflag, and then clickModify.
In theValue databox, type1, and then clickOK.
The handle is invalid – Error on windows 7 – Fix
I have faced this issue today morning one of our office staff try to access share drive while clicking gets pop-up box message come out saying “The handle is invalid”. so many steps troubleshot on this issue Updated windows, changed workgroup, and IP address but not work out.
The reason why is getting message because of wrong windows update KB4480970 installed on your system.
We have to remove that update only can fix this issue.
How to remove windows update – goto Control Panel\All Control Panel Items\Programs and Features\Installed Updates
