Win10恢复模式cmd下卸载驱动

I ran into following error with pnputil -e on the latest Windows 10 repair console:

No published driver packages were found on the system

I had to use dism

Listing drivers:

dism /image:c:\ /get-drivers

Removing a driver:

dism /image:c:\ /remove-driver /driver:oem#.inf

Use list vol inside diskpart to get the assigned drive letter of your windows partition and replace /image:c:\ with it

原文链接:https://superuser.com/questions/621604/how-to-uninstall-a-driver-from-recovery-console

用subprocess.Popen()解决popen中文报错

Python subprocess.Popen() is one of best way to call external application in python. It has two main advantages:

1.It can return the output of child program, which is better than os.system().

2.It can return the output of child program with byte type, which is better an os.popen().

In this tutorial, we will introduce python beginners how to use this function correctly and get the output of child program.

Preliminary

We import os library first.

import os

Create a command line

We will use subprocess.Popen() to run other applications, a command line (cmd) should be created.

For example:

cmd = r'c:\aria2\aria2c.exe -d f:\ -m 5 -o test.pdf https://example.com/test.pdf'

In this tutorial, we will execute aria2c.exe by python.

Execute a Child Program

We can use subprocess.Popen() to run cmd like below:

p1=subprocess.Popen(cmd,shell=True,stdout=subprocess.PIPE)

Here we set stdout=subprocess.PIPE, which means we will get the cmd output.

Get child program output

subprocess.Popen() will return the output of child program, we can read this output line by line.

    msg_content = ''
    for line in p1.stdout:
        print(line)
        l = line.decode(encoding="utf-8", errors="ignore")
        msg_content += l
    p1.wait()
    print(msg_content)

p1.wait() is very important, which will block python main process to read full output of child program.

Run this code, you may get the result.

python subprocess.popen() get child program output

From the result, we can find subprocess.Popen() will return the output of cmd with byte mode, we can convert it to string with encoding utf-8.

l = line.decode(encoding="utf-8", errors="ignore")

This will avoid UnicodeDecodeError.

原文链接:https://www.tutorialexample.com/implement-python-subprocess-popen-execute-an-external-command-and-get-output/

阻止Network Manager修改resolv.conf

I do not want network manager to add DNS servers received from DHCP to my /etc/resolv.conf.

When configuring from GUI/Connections/IPV4 and choose the method Automatic (address only) it still adds DNS servers received via DHCP.

Is it possible to do it per connection (specific ssid ?)

Answer:

One way to stop Network Manager from adding dns-servers to /etc/resolv.conf file is to do this:

First open the nm conf file /etc/NetworkManager/NetworkManager.conf:

sudo vim /etc/NetworkManager/NetworkManager.conf

And add this to the [main] section:

dns=none

Save and exit.

原文链接: https://askubuntu.com/questions/623940/network-manager-how-to-stop-nm-updating-etc-resolv-conf

VMware View 5.1 and SSL Certificate Replacement

The procedure to replace SSL certificates has changed in recently released VMware View 5.1 and differs from 5.0 or earlier versions. The main difference is that native Windows certificate store is used. Also it is now necessary to replace or at least to verify self signed certificates otherwise the View infrastructure will not work properly.
Which servers need to replace the certificates? View Connection Managers, Security servers and View Composer. Also vCenter certificate must be replaced or validated.
Although the certificate replacement procedure is described in the manual, the description is very brief and it took me some time to figure it out. I also found an existing blog post which takes different angle here: http://my-virt.alfadir.net/2012/05/generate-view-5-1-certificat/.

The Setup

My lab configuration is following. View Composer is installed together with vCenter. I have two View Connection Managers; one for internal connections and one for external internet connections. I do not use Security server as I use port forwarding to the external View Connection Manager. All servers are in the domain with Enterprise CA which uses self signed certificate.

View Composer Certificate

My View Composer server is coexisting with vCenter so I did not need to generate new certificate. I just imported the vCenter certificate from C:\ProgramData\VMware\VMware VirtualCenter\SSL into the local Windows certificate (Personal) store via MMC Certificates Snap-in.

Select the .pfx file which contains both private key and the certificate.

Now we have to stop the View Composer process and run SviConfig command to replace the certificate:

C:\Program Files (x86)\VMware\VMware View Composer>SviConfig.exe -operation=replacecertificate -delete=false
and select the new certificate.

Start the View Composer process again and check the status in the View Administrator.

View Connection Servers

Here we have to generate the certificates. To do this I am again using the Certificates Snap-in. However prior to that I needed to give both of my Connection Server access to Web Server certificate template.
On my CA open the Certificate Templates Management Console Snap-in and open properties of Web Server certificate template.

Open the security tab and add both View Connection computers and give them read, write and enroll permissions.

Now we can go to each Connection Server Certificates Snap-in and right click, select All Tasks and Request New Certificate.

Select Active Directory Enrollment Policy and Web Server certificate template.

Now we have to add FQDN and additional info to the certificate. Click the More information is required … link.
Type in the Common name (FQDN), Country, Locality, Organization and any other info that will be visible inside the certificate. If your Connection server uses different internal (viewcs2.fojta.com) and public (public.url.com) Fully Qualified Domain Names add both and do the same for the Type: DNS field. The end result should look like this:

And do not forget to make private key exportable in the Private Key tab / Key options.

Click enroll and finish.
Now we should see the newly created certificate. Last thing we need to do is to change the certificate Friendly Name to vdm. This can be done in the certificate properties. Also we have to rename the original certificate (vdm.old)

Once this is done we can restart the View services.
Repeat for all other View Connection servers and check the result in the View Administrator.

View Clients

As I said at the beginning my CA uses self signed certificate so I have to make sure all the non-domain PCs I use to connect to my View desktops imported the CA Root certificate into the Trusted Root Certification Authorities store.

原文地址: https://fojta.wordpress.com/2012/05/27/vmware-view-5-1-and-ssl-certificate-replacement/

How to Remove Child Domain – Manually

Removing Orphaned Domains from Active Directory

1) Determine the domain controller that holds the Domain Naming Master Flexible Single Master Operations (FSMO) role. To identify the server holding this role:
        1.1) Start the Active Directory Domains and Trusts Microsoft Management Console (MMC) snap-in from the Administrative Tools menu.
        1.2) Right-click the root node in the left pane titled Active Directory Domains and Trusts, and then click Operations Master.
        1.3) The domain controller that currently holds this role is identified in the Current Operations Master frame.NOTE: If this changed recently, not all computer may have received this change yet due to replication.
        For more information about FSMO roles, click the following article number to view the article in the Microsoft Knowledge Base:

    2) Verify that all servers for the domain have been demoted.
    3) Click Start, point to Programs, point to Accessories, and then click Command Prompt.
         At the command prompt, type: ntdsutil.
         Type: metadata cleanup, and then press ENTER.
         Type: connections, and then press ENTER. This menu is used to connect to the specific server on which the changes will occur. If the currently logged-on user is not a member of the Enterprise Admins group, alternate credentials can be supplied by specifying the credentials to use before making the connection. To do so, type: set creds domainname username password , and then press ENTER. For a null password, type: null for the password parameter.
        Type: connect to server servername (where servername is the name of the domain controller holding the Domain Naming Master FSMO Role), and then press ENTER. You should receive confirmation that the connection is successfully established. If an error occurs, verify that the domain controller being used in the connection is available and that the credentials you supplied have administrative permissions on the server.
        Type: quit, and then press ENTER. The Metadata Cleanup menu is displayed.
        Type: select operation target, and then press ENTER.
        Type: list domains, and then press ENTER. A list of domains in the forest is displayed, each with an associated number.
        Type: select domain number, and then press ENTER, where number is the number associated with the domain to be removed.
        Type: quit, and then press ENTER. The Metadata Cleanup menu is displayed.
        Type: remove selected domain, and then press ENTER. You should receive confirmation that the removal was successful. If an error occurs, please refer to the Microsoft Knowledge Base for articles on specific error messages.
        Type: quit at each menu to quit the NTDSUTIL tool. You should receive confirmation that the connection disconnected successfully.
see ref

IF it gives the error: “DsRemoveDsDomainW error 0x2162(The requested domain could not be deleted because there exist domain controllers that still host this domain.”

THEN do the following
1) open mmc
2) go to add / remove snap-in and select ADSI-Edit & click ok
3) Right Click on ADSI-Edit and select “Configuration” under select a well known Naming Context. Click ok to exit
4)Under CN=Sites delete the child domain controllers from the respective site(s)

This should clear up the above error.

run the above step again – it should be able to complete sucessfully. IF you get this error “DsRemoveDsDomainW error 0x2015(The directory service can perform the requested operation only on a leaf object”

Use the following steps to get rid of the error.


    1) Click Start, click Run, type ntdsutil, and then press ENTER.
    At the Ntdsutil command prompt, type partition management, and then press ENTER.
    2) Type connections, and then press ENTER.
    3) Type connect to serverDomain_Controller_Name, and then press ENTER.
    After the following message appears,“Connected to Domain_Controller_Name using credentials of locally logged on user” type quit, and then press ENTER:
    4) At the domain management prompt, type list, and then press ENTER.
    Note the following entry:
    DC=DomainDnsZones,DC=Child_Domain, DC=extension
    For example, if the child domain is let.do.com, note the following entry:
    DC=DomainDnsZones,DC=let,DC=do,DC=com
    Type the following command, and then press ENTER.
    delete nc dc=domaindnszones,dc=Child_Domain,dc=extension
    Note In this command, Child_Domain represents the name of the child domain that you want to remove. For example, if the child domain is let.do.com, type the following command, and then press ENTER:
    delete nc DC=DomainDnsZones,DC=let,DC=do,DC=com
    Quit Ntdsutil.

see ref
Once this is removed, then you can again remove the child domain using ntdsutil from the top.

It worked for me!

原文地址:http://myblogs-amit.blogspot.com/2011/12/how-to-remove-child-domain-manually.html