• No details about the permissions the program requires to accomplish this magic?
    Does this work WITHOUT giving the application domain admin access?

  • Well i get what the article is about and it’s great! Would also prefer no reboot of course..
    But in situations where the trust relationship is broken because of either a restore, Azure migrate situation or something else that already has reboots/startups baked into the situation, we are just talking about an alternative quick-fix here.
    If one can live with i single reboot to solve the issue, it is pretty easy to log in, unjoin, rejoin, reboot.. It’s only an alternative if the situation fits of course 🙂

  • Actually only one Reboot is required. When dejoining the domain and asked to Reboot, just don’t and join again, then reboot. This will re-establish the domain join and work.

  • You would need to update your “Name the administrator account to manage” GPO by specifying your own Admininstrator account name. This example assumes you’re using the built-in Admin account so they haven’t told you to modify this GPO.

  • Congratulations on your generosity in taking the time to create such a useful guide!
    Thank you!

  • you could also unjoin the domain and rejoin. You would also need admin cached creds (domain) for this.

  • HI Emanuel!

    Thank you!!!

    With your expert guidance, I was able to come up with this:

    PS C:Windowssystem32> Invoke-Command -VMName Win10VMTest004 -ScriptBlock {
    $InterfaceIndex2 = Get-NetAdapter | Select-Object -ExpandProperty InterfaceIndex
    $InterfaceAlias2 = Get-NetAdapter | Select-Object -ExpandProperty InterfaceAlias
    If ($InterfaceAlias2 -eq “Ethernet 2”)
    $InterfaceIndex4Set = $InterfaceIndex2
    Write-Output $InterfaceIndex4Set, $InterfaceAlias2
    cmdlet Invoke-Command at command pipeline position 1
    Supply values for the following parameters:
    Ethernet 2

    PS C:Windowssystem32>

    What I need is to ‘do something’ once I catch InterfaceAlias value of Ethernet 2, and it’s basically using the InterfaceIndex value of ‘7’ somewhere down the road.

    So I have very obvious questions in here. Am I dealing with an array when I access the contents of Get-NetAdapter? How do I ‘capture’ the same ‘row’ of data once I get the ‘Ethernet 2’ value of InterfaceAlias? Sorry about my ignorance. I did COBOL programming and as you can see, my knowledge is pretty Jurassic at best. 😉

    Thank you again!

  • Most likely because Microsoft wants people to upgrade to Windows 11.

    It’s been stuck in preview builds for Windows 10, so they’ll probably gonna wait another 2 years or just not release it for Windows 10 because of the above reason.

  • Thank you for writing this article.
    I wrote all my own Powershell code to install VMs, but on the free Hypervisor-only platform. IMO, it is pointless to host VMs on a GUI based server. The command line based server has far less bloat and better security.

  • If you’re creating complex PowerShell scripts like this, you should already be aware that setting the AllowTelemetry key in the registry, will have the same effect as using the Local Group Policy Editor to set one on of the 4 allowed levels of Data Reporting. You should also be aware that setting it to Zero is only possible on Windows Enterprise and if you choose to do it anyway…. for example, if you set this key to 0 on a Windows Pro copy…. the system will revert to the level of Diagnostic Data that Microsoft sees fit, and this effect will be invisible. You can verify what I’m telling you by simply visiting the relevant Group Policy, setting it to 4 then refresh Regedit (press F5) and watch as the AllowTelemetry key changes to 4. If you’re not on Enterprise then then 1 is the lowest setting you can use.

    Basically, if you don’t know what you’re doing by poking around in the registry, you may very well be enabling more Telemetry while you think you’re turning it off.

    Key: HKLMSOFTWAREPoliciesMicrosoftWindowsDataCollection”AllowTelemetry”

    Local Group Policy: Computer ConfigurationAdministrative TemplatesWindows ComponentsData Collection and Preview BuildsAllow Telemetry (it tells you that you can only set 0 if you’re running Enterprise.)

    *I’d never recommend that anybody run a script that automatically makes a bunch of changes to their Windows in the hopes of tuning it for privacy reasons. The best thing to do is do the research yourself and understand what it is that you’ll be changing.

  • thanks for sharing!
    i am looking to make a script to do a hot clone(booteable) of disk….its posible to achive that on windows?
    Lets imagine:

    i have a 256 SSD disk with the default partitions that windows create….and a second HDD partition (lets say…500gb)

    so idea will be create the same parttion structure in HDD and a extra partition to hold the image of the partitions of SSD…

    launch in powershell the image of the parttions and hold in the extra partitions of HDD and then recover each image in the correspondent copied partitions of HDD…

    have sense?

  • Hi, I installed Windows Server 2016 on my computer, and when I installed it, it asked me which Windows to select. I also selected Windows Server Dasta Center, and after installing Windows on my computer, it asks me I need the administrator password. I do not know, but I do not know what the password. Please help me, thank you

  • 1. Navigate to C:windowssystem32 and search for the Sysprep folder, go to properties and change the ownership of the folder to the local admin by changing the permissions in the Advance menu.
    2.  After you take the ownership of the folder you can open sysprepactionfiles and edit the Generalize.xml and remove the following entry from there:

    3. Save as  the Generalize.xml on any desired location and then rename the existing Generalize.xml to old and replace it with the new one.
    4. Run sysprep Generalize and see if that works for you.

  • Hi,

    Is there anyway to many different ad domain user on different client machines?
    in one step?


  • I guess something has changed in PowerShell in the past three years, because despite following this guide to the letter it doesn’t work as described. Not sure why.

  • You said you would discuss changes in version 7 and 7.2, but I didn’t find that in the article.

  • Sometimes unexpected changes can have beneficial effects.

    I run a Server 2019 VM on my daily driver Win10 laptop, which allows me to use WSUS for my home domain by collecting updates where data is cheaper.

    I have been progressively increasing the VM’s RAM allocation to get better performance, but adding a third virtual processor improved things enormously, to the point where I could reduce its RAM by half a gigabyte.

    That might not seem a lot, but don’t forget that the VM is competing with the “normal” tasks on that laptop.

    I have to conclude that the extra “processor” allows the VM to shift its workload more easily, avoiding having to queue things up in memory awaiting the resource.

    The laptop does not seem to suffer much from allocating more CPU time to the VM.

  • Is it possible, or even advisable to clean up in the admx files?

    Like most environments, our domain has been upgraded over time, starting at win2012 DC’s with Win 7 clients.

    Now we’re on 2019 DC’s (soon to be upgraded) with win 10 client´s (the first few Win11 clients are popping up too).
    This all makes GPO management a bit of a hit & miss affair.

    Would a clean up be a good idea?

  • Load More
© 4sysops 2006 - 2022


Please ask IT administration questions in the forums. Any other messages are welcome.


Log in with your credentials


Forgot your details?

Create Account