某台asus win10的筆電內建麥克風跟外接耳麥,都收不到音。
但在裝置管理員裡都有找到設備,所以就更新驅動,結果還是沒用。
後來拿閒置硬碟換上去裝了win11後,居然都沒問題,那表示硬體沒故障。
在換回win10 後,突然想到,去設定裡面看看,結果發現在"隱私權"裡面有一個"麥克風"的設定,有一個"存取此裝置的麥克風"居然是關閉的,改成開啟後,麥克風就正常了。
An ASUS laptop running Windows 10 had issues with both the built-in microphone and external headset not picking up any sound. Even though the devices were detected in the Device Manager, updating the drivers didn't solve the problem.
Later, when a spare hard drive was installed and Windows 11 was installed on it, surprisingly, there were no issues with the microphone. This suggested that there was no hardware fault.
Upon reverting back to Windows 10, checked the settings. It was discovered that under "Privacy," there was a setting for "Microphone," and the option to "Allow apps to access your microphone" was inexplicably turned off. After toggling it on, the microphone started working properly again.
有台win7電腦有時後會突然連不到所有的共用資料夾都連不上 ,錯誤代碼都是0x80004005。
但上網都正常,去ping那些共用資料夾的主機也正常。
經查才發現,那個win7電腦的網卡內容裡,少了很多項目,正常的應該要像下圖一樣,但那台電腦裡的網卡內容只剩ipv4的設定。
要把其他功能找回來,就只要按下左下方的"安裝",裡面就有其他項目可以選,選好後馬上就會裝回來了,但是要重開機後,會生效。
有時後用EDGE在瀏覽網頁時,看到一些PDF檔,EDGE可以直接顯示,不用另存成PDF檔,再用 PDF reader開啟。
如果希望直接存在PDF檔,不要在EDGE中直接開啟,可以調整機碼來達行。
機碼位置如下,如果沒有的話,可以自行手動新增,設定好要重開機才會生效。
Sometimes, when browsing web pages using EDGE, you may come across PDF files that EDGE can display directly without the need to save them as PDF files and then open them with a PDF reader.
If you prefer to save the PDF file directly instead of opening it in EDGE, you can adjust the registry to achieve this.
If you cannot find this registry entry, you can manually add it yourself and ensure that the changes take effect after restarting your computer.
win10在裝framework 3.5一直失敗,錯誤代碼是 0X800F0954 。
有人說要去HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU\ 裡面調機碼,把UseWUServer的值改成0。
但發現自己的電腦裡並沒有這個機碼,所以就手動新增,設定好重開機,就可以成功安裝。
Windows 10 fails to install Framework 3.5, and the error code is 0X800F0954.
Some suggest modifying the registry key at HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU\ by changing the value of UseWUServer to 0.
However, it was found that the registry key was not present on the computer, so it was manually added. After configuring and restarting, the installation was successful.
如果要把A資料夾整個完整複製,包含裡面的權限跟所有資料,然後名稱變成B資料夾。
而且B資料夾本身的權限必須跟A資料夾相同,可以使用robocopy這個內建指令。
執行指令前要確認B資料夾不存在,再執行指令。
指令: robocopy D:\A D:\B /E /COPYALL
If you want to completely copy the entire A folder, including its permissions and all data inside, and rename it to B folder, you can use the built-in command robocopy.
Ensure that the B folder does not exist before executing the command.
Command: robocopy D:\A D:\B /E /COPYALL
使用者反應,他在檔案總管裡,開啟一個pdf檔案時很正常,然後再點其他pdf檔案後,檔案不會馬上開啟,要等個幾十秒,他認為是程式有問題。
把程式重新安裝後,還是一樣,後來發現在檔案總管內,是有開啟預覽窗格的功能,如果這個功能關閉,連續開啟不同檔案時,就不會有緩慢的問題了。
User feedback indicates that when he opens a PDF file in File Explorer, it works fine. However, when he tries to open another PDF file after that, the file doesn't open immediately; instead, it takes several seconds. He believes there is an issue with the program.
Even after reinstalling the program, the problem persists. Later, it was discovered that within File Explorer, there is a feature to open a preview pane. When this feature is disabled, there is no longer a delay issue when opening different files consecutively.
某台win2012的電腦使用本機登入,要連到一個共用資料夾。
使用 \\電腦名稱\ 連線,會跳出帳號密碼驗證,接著輸入 網域\使用者帳號 做登入,沒問題。
但使用 \\IP\ 連線,會跳出帳號密碼驗證,接著輸入 網域\使用者帳號 做登入,會跳錯誤,代碼是 0x80004005。
查了網路上一些方法,改機碼,改gpedit安全性都沒用。
後來是會跳出帳號密碼驗證時,輸入 使用者帳號@網域,就成功了,很特別的狀況。
A Windows 2012 computer logged in locally attempts to connect to a shared folder.
When connecting to \\HostName\, a username and password prompt appears. Entering Domain\Username works without issue.
However, when connecting to \\IP\, a username and password prompt appears. Entering Domain\Username results in an error code of 0x80004005.
After trying some methods found online, such as changing registry keys and Group Policy security, the issue was not resolved.
Finally, entering Username@Domain at the username and password prompt resolved the issue.
When opening an internal web page in IE mode of Edge, the content cannot be displayed normally. The error message "Internet Explorer has modified this page to help prevent cross-site scripting attacks" appears below.
At this time, go to the Internet Options in Control Panel, find the area to which this page belongs in Security, open the Custom Level, find Enable XSS Filter, and disable it.
在WORD程式內,透過插入物件的功能,要插入一個PDF檔,卻跳出"此物件是使用程式Acrobat建立。您的電腦並未安裝此程式......請安裝Acrobat或確定已關閉Acrobat中任何的對話"
先確認PDF檔都是可直接用Acrobat PDF Reader開啟,WORD試著插入EXCEL物件也正常。
所以就決定先重裝Acrobat PDF Reader,結果就解決問題了。
When trying to insert a PDF file into a Word document using the "Insert Object" function, the following error message appears: "This object was created using the Acrobat program. This program is not installed on your computer. Please install Acrobat or make sure that all Acrobat dialog boxes are closed."
I confirmed that the PDF files could be opened directly using Acrobat Reader. I also tried inserting an Excel object into a Word document, and that worked fine.
Based on these findings, I decided to reinstall Acrobat Reader. After doing so, the problem was resolved.
原本有透過GPO在使用者的電腦,佈署EDGE政策,讓EDGE在開啟一些特定網頁時,會啟用IE瀏覽模式。
但這兩天開始有電腦的IE瀏覽模式沒被啟用,查看GPO確定是有套用沒錯,所以不是GPO的問題。
開啟EDGE查看設定,發現套用的政策被略過了,但只有少數人有這個狀況。
Originally, we deployed EDGE policies via GPO on users' computers to enable IE browsing mode when opening certain websites.
However, in the past two days, some computers have failed to enable IE browsing mode. After checking the GPO, we confirmed that it is being applied correctly. Therefore, the issue is not with the GPO.
When we opened EDGE and checked the settings, we found that the applied policies were being ignored. However, this was only happening for a small number of users.
After some investigation, we learned that this is because EDGE was recently updated. If a user is logged in to a personal account in EDGE, the policies deployed via GPO will be ignored. Simply logging out of the account will restore normal behavior.
如果是windows2012,powershell 4.0裡面有get-dhcp的指令把DHCP目前租用IP的清單做匯出。
但在windows2008,powershell 1.0沒這個指令,不想升級powershell,可以用netsh來完成,指令如下:
@echo off
netsh dhcp server scope 172.16.11.0 show clients > "%DATE:~0,4%%DATE:~5,2%%DATE:~8,2%_dhcp_clients.txt"
exit
指令會把172.16.11.0這個領域的IP租用匯出到txt中,檔名是會以當天的日期呈現。
如果要把每個領域都匯出,就把指令重覆貼上,改掉scope後面的領域IP就行了。
If you are using Windows 2012, PowerShell 4.0 includes the get-dhcp command to export a list of currently leased IP addresses from DHCP.
However, in Windows 2008, PowerShell 1.0 does not have this command. If you do not want to upgrade PowerShell, you can use netsh to complete the task. The command is as follows:
@echo off
netsh dhcp server scope 172.16.11.0 show clients > "%DATE:~0,4%%DATE:~5,2%%DATE:~8,2%_dhcp_clients.txt"
exit
This command will export the IP leases for the 172.16.11.0 scope to a text file. The file name will be in the format of YYYYMMDD_dhcp_clients.txt.
To export leases for all scopes, simply copy and paste the command, and change the scope IP address after scope.
在win2019透過freefilesync要把遠端win2003的檔案同步過來本機的時後,有些資料夾都會出現錯誤,內容都是在本機端的資料夾中 sync.ffs_lock有錯誤, code error 5: Access refuse [create file]。
照字面上的意思應該就是同步的過程程式要產生一個sync檔,但無法建立。
可是我在本機端自己建立檔案時,都沒什麼異狀,就覺得很怪。
後來就手動用複製貼上檔案的方式,發現有時後會跳出錯誤訊息,大概就是說沒有權限,要用系統管理者執行之類的,可是我就是用本機管理者帳號在執行啊。
這時突然想到,那執行freefilesync時,要用系統管理者身份去執行,有三四個在同步會跳錯誤的資料夾,就通通都沒問題了。
When using FreeFileSync on Windows Server 2019 to sync files from a remote Windows Server 2003 to the local machine, some folders encounter errors. The error message states that there is an issue with the "sync.ffs_lock" file in the local folder, with error code 5: Access refused [create file].
According to the literal meaning of the error, it seems that the sync process is unable to create the "sync" file.
However, I noticed that there were no issues when manually creating files on the local machine, which struck me as odd.
Later, while manually copying and pasting files, I encountered occasional error messages indicating a lack of permission and suggesting the need for administrator privileges. However, I was already using the local administrator account to perform the operation.
At this point, it occurred to me that when running FreeFileSync, it should be executed with administrator privileges. When I ran the program as an administrator, the folders that were previously causing errors during synchronization, about three or four of them, synced without any problems.
如果想查詢近期DHCP server 的IP發送給哪一台主機,可以用下列方式查詢。
先開啟DHCP的管理工具,在server名稱按下滑鼠右鍵,選擇內容。
透過chrome登入某些網站後,都會產生cookie,下次在登入時,就可以不用輸入帳密就登入了,像是spotify,teams等等的網站。
但有時後卻希望網頁關閉,這些cookie就清除掉,避免下一次登入又自動使用上一次的帳密登入。
chrome的設定裡有一個清除cookie的功能,但這會清除所有的cookie,沒辦法只清除特定網站的cookie,也不太方便。
一台虛擬機DC的時間被設定成與底層hyperv系統同步,結果與正確的時間差了一分多鐘。
PDC的時間是正確的,所以並不是所有client電腦的時間都錯了,就看是抓到哪台DC做時間同步。
時間錯誤的DC一開始就直接用NTPCLOCK這個小工具調整成對的時間,但沒多久又變回錯的時間,在該伺服器執行"w32tm /query /configuration",有看到有一區"VMICTimeProvider"的設定,enable=1,這就是設定成與底層hyperv系統同步的地方。
直接找到HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\VMICTimeProvider ,把enable改成0就好,不用重開機,然後在用NTPCLOCK調成正確時間就行了。
Client端如果不想等重開機做時間同步的話,可以下指令直接強制同步。
要用系統管理員執行cmd,然後輸入 w32tm /resync就可以開始同步了,時間不會馬上就變正確的,而且會慢慢的縮小與正確時間的差距,所以要等一下。
可以開啟client的時鐘,如果是client的時間是比較慢,就會發現秒數有時後會跳的比較快,然後慢慢跟上正確的時間。
Domain Controller Time Error Causing Incorrect Client Computer Time
The time of a virtual machine Domain Controller (DC) was initially set to synchronize with the underlying Hyper-V system, but it ended up being more than a minute off from the correct time.
The time displayed on PDC files was accurate, indicating that not all client computers had incorrect time settings. It depended on which DC the clients synchronized their time with.
Initially, the DC with the time error was adjusted using a small utility called NTPCLOCK to set the correct time. However, after a short while, it reverted back to the incorrect time. When running the command "w32tm /query /configuration" on the server, the configuration showed a section called "VMICTimeProvider" with enable=1, indicating synchronization with the underlying Hyper-V system.
To resolve this, the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\VMICTimeProvider was located, and the "enable" value was changed to 0. There was no need to restart the server. Afterward, the correct time could be set using NTPCLOCK.
For client computers that didn't want to wait for a reboot to synchronize their time, a command could be executed to force synchronization. By running cmd as an administrator and entering "w32tm /resync," the synchronization process would begin. The time wouldn't immediately become correct but would gradually narrow the gap with the accurate time. Patience was required.
Observing the client's clock, if the client's time was slower, one would notice that the seconds occasionally jumped ahead and slowly caught up with the correct time.
在使用 OPENVAS對內部電腦進行弱點掃描,發現一個問題,就是會造成一些AD帳號因輸入太多次錯號密碼被鎖住。
個人猜測是在做掃描時,可能會隨便找一些帳號做登入測試,剛好有人的帳號就是一樣的,所以就被鎖了。
帳號被鎖,可以參考下列這個網站的教學,來查是哪一台設備在在做登入驗證的行為。
https://evotec.xyz/active-directory-how-to-track-down-why-and-where-the-user-account-was-locked-out/
OPENVAS(GVM) Vulnerability Scanning Causing Domain Account Lockouts
During the use of OPENVAS for vulnerability scanning on internal computers, I encountered an issue where it resulted in some AD accounts getting locked due to multiple incorrect password attempts. My personal speculation is that during the scanning process, the tool may attempt to log in using random accounts, and if there happens to be a match with a valid account, it leads to the account being locked.
To determine the source of the account lockouts, you can refer to the tutorial provided on the following website. It explains how to track down the device responsible for the login authentication attempts:
https://evotec.xyz/active-directory-how-to-track-down-why-and-where-the-user-account-was-locked-out/
有些網頁必須要用IE才能正常顯示,如果透過EDGE,就要啟用裡面的IE模式才行。
可以直接在EDGE設定中加入要用IE模式開起的網頁,但這有個缺點,要一台一台做,而且還有期限,預設30天,最長可以改到90天,不適合在公司裡這樣設定。
這時就可以用GPO來佈署,步驟如下:
1. 確認GPO裡有EDGE設定,因為DC都是2012版的,所以要自己下載ADMX檔來增加EDGE功能,方式可參考 https://www.anoopcnair.com/download-microsoft-edge-admx-group-policy-templates/
2. GPO裡有EDGE設定後,要啟用兩個設定
設定企業模式網站清單-這個先設定好檔案路徑跟檔名,例如
C:\ielist.xml,這個檔案在第3步會產生。
再來是要啟用設定InternetExplorer整合。
在AD查看被鎖定的帳號,用id 4776去撈出登入出敗的訊息,要找出是在哪台電腦做登入行為的。
結果在來源工作站的資訊,是一台沒看到的電腦名稱,也ping不到,覺得很奇怪。
就想到之前遇到來源工作站是空白的問題,那時就繼續在事件檢視器裡去找NTLM的log,可以找到相關的訊息。
這次也想說去NTLM裡面找找,就找到了,在NTLM裡記錄的登入失敗log裡,除了來源工作站,還多了一個安全通道名稱,這邊顯示的才是正確的電腦名稱。
至於為啥來源工作站是一個奇怪的名稱,目前也不知原因。
When checking the locked accounts in Active Directory, I used ID 4776 to retrieve the information about failed logins in order to determine the workstation where the login attempts originated.
The result showed an error in the workstation information, indicating a computer name that I couldn't find or ping, which seemed unusual.
I recalled a previous encounter where the workstation information was blank, so I continued searching for NTLM logs in the Event Viewer, as they often contain relevant details.
This time, I decided to check the NTLM logs and successfully found the failed login log. In addition to the workstation information, there was also a security channel name recorded. The computer name displayed in this section was the correct one.
As for why the workstation information appeared as a strange name, I am currently unaware of the underlying reason.
突然有幾台電腦的teams開啟都會有這個錯誤,無法使用。
重裝teams也沒用。
查了一下,原來是可轉發套件的問題,處理流程如下。
1. 移除teams,並把%appdata%底下teams相關的資料夾全刪除。
2. 移除電腦內所有的visual c++可轉發套件,然後重開機。
3. 安裝最新的2015to2022,visual c++可轉發套件。
4. 安裝teams。
之後就可以正常開啟了。
Teams JavaScript error: "The specified procedure could not be found."
Suddenly, several computers are experiencing this error when opening Teams, rendering it unusable.
Reinstalling Teams did not resolve the issue.
Upon investigation, it was discovered that the problem lies with the redistributable package. The following steps can be taken to address it:
Uninstall Teams and delete all related folders under "%appdata%".
Remove all Visual C++ redistributable packages from the computer and restart.
Install the latest version of the Visual C++ redistributable package (2015 to 2022).
Install Teams.
After following these steps, Teams should open without any errors.
