Using Dell Command Configure to Enable TPM for Bitlocker

After configuring Wake On Lan via Command Configure in a previous post, I then wanted to enable Bitlocker on the Windows 8 machine. Unfortunately, the Dell laptop did not have TPM enabled in the BIOS, which allows for a secure key to be saved. Command Configure to the rescue!

There are a few commands you have to run. For some reason, Dell requires you to have a BIOS password to enable the TPM. Don’t worry, you can enable it and disable it all at once without needing to reboot the machine. Here is what you need to run:

cctk –setuppwd=biospassword        // This sets a BIOS password

cctk –tpm=on –valsetuppwd=biospassword         // This turns TPM on and provides the BIOS password you set previously

cctk –tpmactivation=activate –valsetuppwd=biospassword          // This activates TPM and provides the BIOS password you previously set

cctk –setuppwd= –valsetuppwd=biospassword          // This removes the BIOS password. Just put one space after the = sign. You need to feed the old BIOS password to make the change.

That is it! You’ll have to restart the computer and Windows will see the TPM device and be able to enable Bitlocker.

Using Dell Command Configure to Enable Wake On Lan (WOL)

I’ve been playing with Dell Command Configure recently and will be doing a few posts on my work.

First up is enabling Wake On Lan (WOL) on Dell Optiplex, Latitude, XPS, Insprion, systems. The main advantage is this can be done remotely, through Windows, and can even be scripted.

You’ll need Dell Command | Configure which you can grab from here. If you are interested in more features, you can read up on the full documentation in the Reference Guide here.

After you install it, you can open the aptly named “Command Configure Command Prompt” tool. From there, you can enter all your arguments that you want to change. To change your Wake On Lan settings, simply type in:

cctk –wakeonlan [enable, disable, enablewakeonwlan, lanorwlan]

The options above are what you can do. You can set it to wake on just wireless, or both wireless and ethernet LAN. For both wlan and lan, your command would be:

cctk –wakeonlan lanorwlan

3/19/2020: I have written an updated post with updated information and usage here.

Windows 10 Will Let You Choose Which Drive to Store Default Folders On

With the growing popularity of SSDs, a lot of users have been using SSDs for boot drives and HDDs for storage. In Windows 10, there is an exciting new feature which will automatically and seamlessly let you choose what folders and files get put on a secondary HDD. This includes “My Documents”, “My Pictures”, and even applications.

The setting is under Settings > System > Storage and can be seen below:

Windows10Choice

Fix for Slow Internet Speed While On VPN

I’ve encountered this more times then I’d like to say. Basically, when you create a VPN connection in Windows it automatically routes ALL traffic, even traffic not for the remote LAN over the VPN connection. This slows things down considerably. To stop this, do the following:

  • Go into the Properties of the VPN Connection
  • Go to the Networking Tab
  • Select TCP/IPv4 and click “Properties”
  • Hit “Advanced” and then uncheck “use default gateway on remote network”
  • Click OK until you are out of the menu system

That is it!

RemoteGateway

 

 

 

Windows 10 Upgrade Path

In case you’re wondering, the simplified upgrade paths to Windows 10 are as follows:

Free Upgrade to Windows 10 Home:

If you own any of the below editions, you will get the free upgrade to Windows 10 Home edition:

  • Windows 7 Starter
  • Windows 7 Home Basic
  • Windows 7 Home Premium
  • Windows 8.1 (without Pro)
  • Windows 8.1 country specific editions
  • Windows 8.1 Single Language
  • Windows 8.1 with Bing

Free Upgrade to Windows 10 Pro:

Below versions will receive the free upgrade to Windows 10 Pro edition:

  • Windows 7 Professional
  • Windows 7 Ultimate
  • Windows 8.1 Pro
  • Windows 8.1 Pro for Students

Generate Mailbox Size and Usage Report using PowerShell for Exchange 2010 / 2013

An easy way to get a mailbox usage report is via the Get-Mailboxstatistics commandlet in powershell and a combination of other commands. The below script will output a mailbox usage report in HTML format:

 

Get-Mailbox -ResultSize Unlimited | Get-MailboxStatistics | Select DisplayName,
TotalItemSize,ItemCount,Database,LastLogonTime,LastLoggedOnUserAccount | Sort
TotalItemSize -Descending | ConvertTo-Html -Title "Mailbox Stats"|
Out-file "C:\MailboxStats.html"

Exchange 2010 Add Mailbox Folder Permissions including Subfolders

I was asked by a user today for access to a specific folder in an old user’s mailbox within Outlook. There were no free computers and so the easy way out of setting up Outlook with the mailbox was not an option. I fired up Google and found this handy script for use in the Exchange Console:

ForEach($folder in (Get-MailboxFolderStatistics AliasofSharer| Where { $_.FolderPath.ToLower().StartsWith(“/Invoices“) -eq $True } ) )
{
$foldername = “AliasofSharer:” + $folder.FolderPath.Replace(“/”,”\”);
Add-MailboxFolderPermission $foldername -User AliasofRequestor-AccessRights PublishingEditor
}

  1. Change the name of the folder to be shared to where Invoices is here: ‘FolderPath.ToLower().StartsWith(“/Invoices“)’
  2. Change ‘AliasofSharer’ to the alias of the user who will be sharing the folder
  3. AliasofRequestor is who will be given access to said folder
  4. In the above example I’ve used PublishingEditor but this can be changed as required.

Rebooting Computers with Symantec PGP Encryption Installed

In the same vain as my previous post on rebooting Macs with FileVault, computers with Symantec PGP Encryption also require users to enter a password before Windows boots which can be quite annoying. However, there is a workaround!

First, via command prompt navigate to C:\Program Files\PGP Corporation\PGP Desktop OR C:\Program Files (x86)\PGP Corporation\PGP Desktop depending on if you are 64-bit or 32-bit.

For a one-time password bypass, run this:

pgpwde –add-bypass –admin-passphrase [phrase]

Or for several reboots, run this:

 pgpwde –add-bypass –disk [number] –count [number] –admin-passphrase [phrase]

Where phrase is the password / passphrase and the number is the number of reboots. Disk is for if multiple disks are encrypted. Enjoy your reboots now!

 

Restarting OS X with Filevault Enabled

If you’re up on your security, you’ve enabled FileVault on any and all Macbooks you have. The problem for an IT admin working off-site or away from the physical machine is that you may need to reboot the computers. With FileVault, a user will need to enter their password first before OS X boots.

With the commands below, you can reboot a Macbook with FileVault WITHOUT NEEDING USER INPUT. This is good for late night work or times when the user is in a meeting.

Simply open you Terminal and to first check if the command is supported, type:

fdesetup supportsauthrestart

If everything looks good, you can then enter the following and reboot:

sudo fdesetup authrestart