In this post I describe some of the settings and changes I made to make my Windows 10 and Ubuntu WSL into a fully fledged development environment. Here are the settings and tools I use for DevOps/SysOps on Windows.
Windows Server
Microsoft Windows Server 2016 logo
Windows Server articles and howtos. With Windows Server you can scale to run your most important workloads with robust recovery options. You’ll achieve value quickly with a wide range of cost-effective, high-performance storage options and simplified delivery of multi-tenant IT services. You can build, deploy, operate, and monitor applications on premises and in the cloud. Empower users with secure access to corporate resources on the devices they choose.
Microsoft SQL Server database: security, performance, code, T-SQL, PowerShell and information
(featured image credit: Freddy2001 on Wikipedia)
YubiKey support in OpenSSH for Windows 11 and Windows 10
Since Win32-OpenSSH version 8.9.1.0p1-Beta there is decent support for FIDO/U2F hardware authenticators. This means we can use a YubiKey with Windows 11 and Windows 10, w00h00! In this post, I’ll show you how to install Microsoft OpenSSH client in Windows 11 and Windows 10, and how to configure your YubiKey. If you follow this guide and all goes well, you no longer need additional tools like Git Bash or MremoteNG/MobaXterm.
Monitor .NET CLR Garbage Collected heap from your web application
In order to let your .NET (web) application run smooth over a longer period of time, it is important to monitor the .NET CLR Garbage Collector (GC) and collection. Here is how you can monitor this in a Zabbix template using Powershell WMI / CIM and Win32_PerfRawData_NETFramework_NETCLRMemory Windows Performance Counters.
Quickly check EnableTrailerSupport isn’t set in your network for http.sys (CVE-2022-21907)
If you want to find out fast if your IIS webservers have EnableTrailerSupport enabled for https.sys in the registry, here is a small PowerShell method. All you have to do is set the correct SearchBase.
How to install IIS Web Management Service (WMSVC) using PowerShell in Windows Server Core
Here is a short post for you on how to install and enable IIS Web Management Service (WMSVC) in Windows Server Core, using PowerShell. This allows you to remotely manager your IIS webservers. If you want a graphical (or GUI) tool to install in Windows (Server or 11/10), see Install and setup IIS Manager for Remote Administration in Windows Server IIS.
Adding VirtIO drivers to Windows Recovery Environment (Windows RE)
How to customize your Windows System Restore
If you need to add VirtIO drivers to your Windows Recovery Environment (Windows RE) to recover your Windows virtual machine, here is how. The following steps come in handy if you found out the hard way you don’t see any disks in Windows RE after a hard crash. As have I…
Retrieve SSH public key from Active Directory for SSH authentication
How to configure SSH public key authentication for Windows Server in Active Directory (AD)?
If you want to be able to log on to your Windows Servers through Win32 OpenSSH, you can make use of SSH public key authentication through a ~/.ssh/authorized_keys file. But if you have tens (hundreds) of servers and/or users, perhaps it’s easier to retrieve SSH public keys from Active Directory (AD). In this article I’ll explain how.
Install SQL Server cumulative updates silently
Installing SQL Server cumulative updates is always a cumbersome, and quite daunting task. Unpacking and running the CU installer is a slow process, you have to click through a lot of screens, and it’s hard to get it to install silently. But here is how!
Remove computer object from Windows Server Update Services (WSUS) in PowerShell
Here is a short PowerShell snippet for you to remove a computer object from Windows Server Update Services (WSUS).
How to add, list and remove IP addresses in Windows Firewall
Yesterday, I showed you how to block IP addresses in Windows Firewall using PowerShell. This comes in handy when blocking IP addresses that are brute-force attacking your servers. In this short post I’ll show you how to bulk add IP addresses in Windows Firewall, list an IP address and how to remove all IP addresses from Windows Defender Firewall with Advanced Security.
Block brute force attacks on SQL Server, block IP addresses in Windows Firewall using PowerShell
This PowerShell solution blocks IP addresses that are trying to brute force your SQL Server logins, by blocking IP addresses in Windows Defender Firewall with Advanced Security. For the time being, some manual labor is involved, but it is still manageable. You can use this to create your own solution to block offending IP addresses in SQL Server’s firewall.
Windows Defender: Turn off routine remediation
Long story short: During the transition of antivirus software to Windows Defender Antivirus (WinDefend), I don’t want Windows Defender remediation on threats it might find. Later, when I have more information about potential threats, I can always choose to remediate that threat, e.g. quarantaine or remove it. Unfortunately, there is no PowerShell cmdlet to configure this. Here is how to (temporarily) turn off routine remediation.
How to enable HTTP/3 in Windows Server 2022
With the release of Windows Server 2022, there is now native support for hosting HTTP/3 services. Jeej! In short, here are the few steps you need to perform to enable HTTP/3 in Windows Server 2022. I can’t provide you with full details and how-to’s, as I don’t know your network.
Increase WMI memory to support large volume of queries
How to optimize WMI performance and memory usage in Windows Server
Since I started expanding my Zabbix scripts and templates for monitoring Windows Server instances – AD, IIS and SQL Server – I found WMI was failing more and more. WMI stopped working: WmiPrvse.exe would just crash after hitting some memory limit of 512 MB. If you run into the same issue with Windows Management Instrumentation, here is how you can increase WMI Provider Service’s memory quota. Doing so resolved my issues.