There are times when it is impossible to remove the McAfee agent from a machine when it is in "Managed Mode". You'll attempt to, but the appropriate error message will be displayed.
To get around this issue, the agent needs to be uninstalled via the trusty Command Line:
1) Open a command prompt
2) Change directory to the McAfee Framework directory:
a) For 32-bit systems: cd "C:\Program Files (x86)\McAfee\Common Framework"
b) For 64-bit systems: cd "C:\Program Files\McAfee\Common Framework"
3) Execute the Following Command: frminst.exe /remove=agent
In most instances, this uninstalls the McAfee Agent. However, at the very least, it will place the Agent in "Unmanaged Mode", meaning it can now be uninstalled via "Control Panel" / "Programs and Features".
If all else fails, and I do mean ALL ELSE, you can follow the steps in this McAfee KB Article:
https://kc.mcafee.com/corporate/index?page=content&id=KB75902
Monday, 23 January 2017
MAC Randomisation
MAC Randomization (sic) is a feature in Windows 10 that can be activated to prevent your location being tracked using your MAC address. This can be a useful feature, especially for the more paranoid amongst us. However, ensure that your connection is not locked to your specific MAC address before activating this feature.
To turn on MAC Randomization:
1) Open the "Settings" app
2) Select "Network & Internet"
3) Under the WiFi section, select "Advanced Options"
4) Turn on the "Random Hardware Address" feature
That's it, you're done.
To turn on MAC Randomization:
1) Open the "Settings" app
2) Select "Network & Internet"
3) Under the WiFi section, select "Advanced Options"
4) Turn on the "Random Hardware Address" feature
That's it, you're done.
Monday, 16 January 2017
Disable Network Bridging
Sometimes a Workstation or Server has multiple network interfaces (because it's common to dual home servers right?). Since a network bridge allows a Layer 2 connection between two or more physical network segments, allowing data to be shared across networks, this is something that should often be avoided.
One way to accomplish this is via a Firewall (built-in or an additional piece of hardware). However, the ability to create a bridge can be disabled using Group Policy, and it is this mechanism that is detailed below.
Steps to enable/disable network bridging in Group Policy:
1) Create a new Group Policy Object (or choose the appropriate existing policy) and open for editing
2) Under the "Computer" section, navigate to: Policies / Administrative Templates / Network, and Network Connections
3) Open the "Prohibit installation and configuration of Network Bridge on your DNS domain network" setting
4) Set the policy as required:
a) To prevent a network bridge being created, click "Enabled"
b) To allow a network bridge to be created, click "Disabled"
5) Save the Group Policy
6) Apply the Group Policy to the relevant OU/Computer within your Active Directory structure.
One way to accomplish this is via a Firewall (built-in or an additional piece of hardware). However, the ability to create a bridge can be disabled using Group Policy, and it is this mechanism that is detailed below.
Steps to enable/disable network bridging in Group Policy:
1) Create a new Group Policy Object (or choose the appropriate existing policy) and open for editing
2) Under the "Computer" section, navigate to: Policies / Administrative Templates / Network, and Network Connections
3) Open the "Prohibit installation and configuration of Network Bridge on your DNS domain network" setting
4) Set the policy as required:
a) To prevent a network bridge being created, click "Enabled"
b) To allow a network bridge to be created, click "Disabled"
5) Save the Group Policy
6) Apply the Group Policy to the relevant OU/Computer within your Active Directory structure.
Sunday, 15 January 2017
Finding your WiFi Password
Assuming you have signed into your WiFi previously, and have now forgotten your password, there is a simple way to find out what it is:
1) Open a command prompt with "Admin" privileges
2) Run the following command: netsh wlan show profile
(This will list all networks you have connected to)
3) Choose the profile you want from the list, then type: netsh wlan show profile <Network SSID> key=clear
The output from this command will have all the details of your chosen WiFi connection. The last section is titled "Security settings" and your WiFi password is shown against the "Key Content" entry.
1) Open a command prompt with "Admin" privileges
2) Run the following command: netsh wlan show profile
(This will list all networks you have connected to)
3) Choose the profile you want from the list, then type: netsh wlan show profile <Network SSID> key=clear
The output from this command will have all the details of your chosen WiFi connection. The last section is titled "Security settings" and your WiFi password is shown against the "Key Content" entry.
Friday, 13 January 2017
Resetting Local SQL Accounts
If you are unable to log into SQL Server as a Domain User, and any local account (such as "sa") is disabled, you can follow the procedure below to log in using a local administrator (any account which is a member of the "Local Administrators" group), and perform a number of tasks.
1) Stop the SQL Server and SQL Server Agent services
2) Disable SQL Agent service
3) Run the following command to start SQL server in 'Single User Mode': sc start MSSQLSERVER -m
(Where MSSQLSERVER is the name of the SQL service)
4) From a command prompt, start a SQLCMD: SQLCMD -s (local)
5) Run the appropriate command for the task you are trying to achieve. For example:
a) To create a new local SQL administrator account:
1> CREATE LOGIN [NewAccount] WITH PASSWORD = N'[Password]',
2> DEFAULT_DATABASE = [master],
3> CHECK_EXPIRATION = OFF,
4> CHECK_POLICY = OFF
5> GO
1> ALTER SERVER ROLE [sysadmin]
2> ADD MEMBER [NewAccount]
3> GO
b) To reset the password of an existing account:
1> ALTER LOGIN [ExistingAccount] WITH PASSWORD = N'[Password]'
2> GO
c) To renable login for an existing account:
1> ALTER LOGIN [ExistingAccount] ENABLE
2> GO
6) Close the SQLCMD prompt
7) Stop the SQL Server Service
8) Enable the SQL Server Agent service
9) Start the SQL Server and SQL Server Agent services
You should now be able to log into SQL with either your new account, or the existing account that has been enabled or had its password reset.
1) Stop the SQL Server and SQL Server Agent services
2) Disable SQL Agent service
3) Run the following command to start SQL server in 'Single User Mode': sc start MSSQLSERVER -m
(Where MSSQLSERVER is the name of the SQL service)
4) From a command prompt, start a SQLCMD: SQLCMD -s (local)
5) Run the appropriate command for the task you are trying to achieve. For example:
a) To create a new local SQL administrator account:
1> CREATE LOGIN [NewAccount] WITH PASSWORD = N'[Password]',
2> DEFAULT_DATABASE = [master],
3> CHECK_EXPIRATION = OFF,
4> CHECK_POLICY = OFF
5> GO
1> ALTER SERVER ROLE [sysadmin]
2> ADD MEMBER [NewAccount]
3> GO
b) To reset the password of an existing account:
1> ALTER LOGIN [ExistingAccount] WITH PASSWORD = N'[Password]'
2> GO
c) To renable login for an existing account:
1> ALTER LOGIN [ExistingAccount] ENABLE
2> GO
6) Close the SQLCMD prompt
7) Stop the SQL Server Service
8) Enable the SQL Server Agent service
9) Start the SQL Server and SQL Server Agent services
You should now be able to log into SQL with either your new account, or the existing account that has been enabled or had its password reset.
Subscribe to:
Posts (Atom)