Month: July 2017

Internet Explorer Proxy Registry Keys

Internet Explorer Proxy Registry Keys

Disable Proxy on Windows

There may be a scenario where you may find the need to bypass a Proxy in order to test an internal application or just basically get out to the internet. In most organisations the Proxy is usually set via Group Policy and in order to bypass the proxy you would usually move the computer account to another Organisation Unit within Active Directory. In order to action this the new OU would need to have identical group policies applied except for the proxy.

Well, you can easily bypass a proxy, as long as you have local administrator access to the client machine. I came over a scenario with DirectAccess where I required the removal of the Proxy in order to test the Microsoft CPA scripts which hardened the solution. A simple and effective way to do this is to delete the below registry location. Do not worry, it location will be re-created once you fire up Internet Explorer or Edge. A restart is not required, just close down all your IE windows and re-open the change is instant. Do not reboot as the policies may be applied again via group policy.

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings

 

Verify Connectivity to a Remote Computer

Verify Connectivity to a Remote Computer

Telnet from a Windows Machine

When providing accessible public services a requirement may arise to test the connectivity externally. This can be done using the built in command line Telnet subject to the Telnet Windows feature is installed. This is unlikely as in most scenarios, Telnet is only installed if required. Additionally, using Putty you can achieve the same result, however try downloading Putty through some Proxy’s and you wont have much luck. But using the built in Windows 10 PowerShell command Test-NetConnection, this is easily achiveable. If you need to test SMTP, HTTP, HTTPS, running  the below command can provide you with either “True” or “False”.

Test-NetConnection -Port 80 -ComputerName kamhussain.com | ft TcpTestSucceeded

 

Extracting a Private Key from a Certificate

Extracting a Private Key from a Certificate

Splitting a Certificate File

OpenSSLWe recently has an issue where I was required to upload a certificate to a F5 Big-IP. Now most of admins probably already figured out that some systems such as ADC’s or load balances require the certificate you upload to come in to parts. Part 1 is the certificate file itself so it will have an extension of .CER and part 2 is the private key with an extension of .KEY. Some certificate providers bundle the private key and certificate together, as useful as this, sometimes you have a requirement to separate the private key from the certificate file.

In order to split a certificate we will use OpenSSL for Windows, a free utility to manage and create certificates, if you don’t already have a copy of this utility, Click HERE to download it.

Assuming your utility is located in the root of the C Drive, and the certificate you want to split is also kept within in the same folder.

 

Open a administrative command prompt and navigate to the folder where you have stored the OpenSSL utility, then run the following command. You will be asked to provide the password for the certificate. This will extract the Private Key.

openssl pkcs12 -in certificates.pfx -nocerts -out privatekey.key

 

Next we will now extract the certificate, so run the below command:

openssl pkcs12 -in certificates.pfx -clcerts -nokeys -out certificate.cer

 

That’s it! You now have a private key and certificate which you can utilise. If you need to use OpenSSL on Windows, I’ve attached the program to this post. Just extract the files and using a command prompt navigate to the OpenSSL directory and call openssl.exe [then your commands]

Printing Errors

Printing Errors

If you ever face issues with printing, in most cases the print driver is the culprit. It’s always best to restart the computer which in turn restarts the print spooler service that controls printing. If this fails and you continue to receive errors ensure that the printer is turned on and power cycle the printer. Failing this you can forcefully remove all print drivers safely from your computer which does resolve most issues which are encountered. Print drivers can be temperamental and difficult to diagnose, googling can leave you chasing your tail without no avail. Before progressing ensure you have a copy of your print driver which is available from the manufactures website. Newer printers are able to download their drivers automatically. The print repository has remained the same with Windows 10.

Removing print drivers

1. Stop the Printer Service (Spool)

Click Start and type ‘services.msc’ or press the Windows  + R keys on your keyboard and in the Run box type ‘services.msc’

Find the ‘Print Spooler’ services from the services window. Right click the print spoiler service and click ‘Stop’.

2. Remove all print drivers

Click the Windows + R key on your keyboard and now in the run box type the below path and press enter

C:\Windows\System32\spool\drivers\x64\3

Within this directory, select all the files and delete them, some files may not delete but you can safely ignore this. If you receive errors abou the files still in use ensure that step one was compeleted and the print spooler service is stopped.

3. Restart the print spoiler service

As with step one, head back into the services window but now right click the ‘Print Spooler’ service and click ‘Start’

4. Install your Print Drivers again.

In most cases your printers will remain, so you can head into Control Panel > Devices and Printers. To get to Devices and Printers, again press the Windows Key + R on your keyboard and type ‘Control’ the in the Control Panel window click on ‘Devices and Printers’.

Your printer should show up again in most cases, so you can right click on your printer and click ‘Printing Properties’ in the properties window click ‘Print Test Page’, you will be promoted to install your print driver again, most newer printers will automically install the latest drivers, otherwise you will need to select your print driver you downloaded from the manufactures website or run the executable file that you download and following the wizard.

If your printers don’t show up automatically your will need to add them again.

Alternatively stopping the print spooler service and running the below command will remove all your print drivers.

Note: You will need to install print drivers for all your printers not just the printer you are having issues for as we have removed all the print drivers from the Windows repository.

Run the below command as an Admin:

printui /s /t2