Monday, 17 May 2010

my tweak of windows server 2008 R2

desktop -> right click menu -> view -> small icons
taskbar and start menu properties
 Taskbar
  Use small icons +
   rem not apply instantly, REG.EXE add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v TaskbarSmallIcons /t REG_DWORD /d 1 /f
  Taskbar buttons
   combine when task bar is full
  notification area -> customize
   notification area icons
    always show all icons ... +
 Start Menu
  Customize Start Menu
   Use large icons -
    REG.EXE add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v Start_LargeMFUIcons /t REG_DWORD /d 0 /f

services.msc
 desktop window manager session manager [uxsms] -
 Diagnostic Policy Service [DPS] -
 Diagnostic Service Host [WdiServiceHost] -
 Diagnostic System Host [WdiSystemHost] -
 disk defrag [defragsvc] -
 distributed link tracking client [TrkWks] -
 distributed transaction client [MSDTC] -
 health key [hkmsvc] -
 KtmRm for Distributed Transaction Coordinator [KtmRm] -
 microsoft fibre channel [FCRegSvc] -
 microsoft iSCSI [MSiSCSI] -
 Problem Reports and Solutions Control Panel Support [wercplsupport] -
 Remote Procedure Call (RPC) Locator [RpcLocator] -
 remote registry [RemoteRegistry] -
 smart card [SCardSvr] -
 smart card removal policy [SCPolicySvc] -
 snmp [SNMPTRAP] -
 windows audio [AudioSrv] +
 Windows Color System [WcsPlugInService] -
 windows firewall [MpsSvc] -
 Windows Font Cache Service [FontCache] -
 Windows Remote Management (WS-Management) [WinRM] -
 WinHTTP Web Proxy Auto-Discovery Service [WinHttpAutoProxySvc] -
  sc config uxsms start= disabled & net stop uxsms
  sc config DPS start= disabled & net stop DPS
  sc config WdiServiceHost start= disabled & net stop WdiServiceHost
  sc config WdiSystemHost start= disabled & net stop WdiSystemHost
  sc config defragsvc start= disabled & net stop defragsvc
  sc config TrkWks start= disabled & net stop TrkWks
  sc config MSDTC start= disabled & net stop MSDTC
  sc config hkmsvc start= disabled & net stop hkmsvc
  sc config KtmRm start= disabled & net stop KtmRm
  sc config FCRegSvc start= disabled & net stop FCRegSvc
  sc config MSiSCSI start= disabled & net stop MSiSCSI
  sc config wercplsupport start= disabled & net stop wercplsupport
  sc config RpcLocator start= disabled & net stop RpcLocator
  sc config RemoteRegistry start= disabled & net stop RemoteRegistry
  sc config SCardSvr start= disabled & net stop SCardSvr
  sc config SCPolicySvc start= disabled & net stop SCPolicySvc
  sc config SNMPTRAP start= disabled & net stop SNMPTRAP
  sc config AudioSrv start= auto & net start AudioSrv
  sc config WcsPlugInService start= disabled & net stop WcsPlugInService
  sc config MpsSvc start= disabled & net stop MpsSvc
  sc config FontCache start= disabled & net stop FontCache
  sc config WinRM start= disabled & net stop WinRM
  sc config WinHttpAutoProxySvc start= disabled & net stop WinHttpAutoProxySvc

gpedit.msc
 Computer Configuration -> Administrative Templates -> System
  Display Shutdown Event Tracker -
 Computer Configuration -> Administrative Templates -> Windows Components -> Autoplay Policies
  Default Behavior for AutoRun
   Do not execute any autorun commands +
  Turn off Autoplay
   all drives +
  Turn off Autoplay for non-volume devices
   enabled +
     REG.EXE add "HKLM\Software\Policies\Microsoft\Windows NT\Reliability" /v ShutdownReasonOn /t REG_DWORD /d 0 /f
     REG.EXE add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoAutorun /t REG_DWORD /d 1 /f
     REG.EXE add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoDriveTypeAutoRun /t REG_DWORD /d 255 /f
     REG.EXE add HKLM\SOFTWARE\Policies\Microsoft\Windows\Explorer /v NoAutoplayfornonVolume /t REG_DWORD /d 1 /f

secpol.msc
 account policies -> pw policy
  age 0
  complexity -
 local policies -> security options
  I: do not require CAD +
# no more REG.EXE add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v DisableCAD /t REG_DWORD /d 1 /f
  S: allow shutdown without logon +

sysdm.cpl
 advanced -> performance -> visual effects , best performance
 advanced -> performance -> advanced , programs

servermanager.msc
 configure IE ESC , - -
 rundll32.exe iesetup.dll,IEShowHardeningDialog

folder -> organize -> layout
 menu bar +
 details / preview / navigation pane -
folder -> view (alt+v)
 status bar + (b)
    rem Display the menu bar in Windows Explorer
    REG.EXE add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v AlwaysShowClassicMenu /t REG_DWORD /d 1 /f
    rem Turn off Details Pane .. yes the key is previewpane
    REG.EXE add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoPreviewPane /t REG_DWORD /d 1 /f
    rem Turn off Preview Pane .. yes the key is not previewpane but readingpane
    REG.EXE add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoReadingPane /t REG_DWORD /d 1 /f
    rem no key for navigation pane, so do it in gui

folder options -> view
 RunDll32.exe shell32.dll,Options_RunDLL 7
   - or -
 control folders
  show hidden files ... +
  hide empty drives -
  hide extensions for file -
  hide system file -
  use sharing wizard -
# REG.EXE add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v ShowSuperHidden /t REG_DWORD /d 1 /f
# REG.EXE add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v SuperHidden /t REG_DWORD /d 1 /f
# REG.EXE add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v Hidden /t REG_DWORD /d 1 /f
# REG.EXE add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v HideFileExt /t REG_DWORD /d 0 /f
# REG.EXE add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v SharingWizardOn /t REG_DWORD /d 0 /f
# REG.EXE add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v HideDrivesWithNoMedia /t REG_DWORD /d 0 /f
Disable UAC (useraccountcontrolsettings.exe)
 REG.EXE add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f
enable quick edit in cmd
 REG.EXE add HKCU\Console /v QuickEdit /t REG_DWORD /d 1 /f
command prompt default window size w80xh40
 REG.EXE add HKCU\Console /v WindowSize /t REG_DWORD /d 0x280050 /f

start menu, right click my computer, show on desktop
Desktop Icon Settings
 rundll32.exe shell32.dll,Control_RunDLL desk.cpl,,0

region and language
 rundll32.exe shell32.dll,Control_RunDLL intl.cpl,,2
  add chinese(trad. Taiwan) keybroad for changjie
   some settings for changjie , query the input sequence -> changjie
   prompt associated phrases
 rundll32.exe shell32.dll,Control_RunDLL intl.cpl,,3
  non-unicode codepage -> chinese trad., Taiwan
windows update
 wuapp.exe
   - or -
 control update
  change settings -> never check for updates
sysdm.cpl
 rundll32.exe shell32.dll,Control_RunDLL sysdm.cpl,,5
  remote -> allow connections (change settings when windows firewall services is started, then turn it off)
  (can't switch the settings while firewall is off, it is microsoft design)
gpedit.msc
 Computer Configuration -> Administrative Templates -> Windows Components -> Remote Desktop Services -> RD Sess host
  Prompt for credentials on the client computer -
 Computer Configuration -> Administrative Templates -> Windows Components -> Remote Desktop Services -> RD Sess host
  connections
   Set rules for remote control of remote desktop services user options -> full control without user's permission
   deny logoff administrator in console +
  device
   allow audio redirection +
  Remote Session Environment
   Limit maximum color depth + (15 bit)
 User Configuration -> Administrative Templates -> Start Menu and Taskbar
  remove frequent programs list from start menu +
  remove help menu from start menu +
     REG.EXE add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoSMHelp /t REG_DWORD /d 1 /f
  remove recent items menu from start menu +
  do not search internet +
     REG.EXE add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoSearchInternetInStartMenu /t REG_DWORD /d 1 /f

servermanager.msc
 Add Features
  remote server administrator tools
   RDS tools
    RD Session Host Tools +
  telnet client +
  wireless lan services +
    rem install telnet client feature
    dism /online /Enable-Feature /FeatureName:TelnetClient
    rem Role Administration Tools > Remote Desktop Services Tools > Remote Desktop Session Host Tools  (remoteapp manager)
    dism /online /Enable-Feature /FeatureName:AppServer-UI
    rem dism /online /Enable-Feature /FeatureName:WirelessNetworking

remoteprograms.msc
 add remote apps (cmd.exe) and create .rdp file
  promptcredentialonce:i:0
  enablecredsspsupport:i:0
  authentication level:i:0

reg.exe ADD "HKCU\Control Panel\Desktop" /v PaintDesktopVersion /t REG_DWORD /d 1 /f
reg.exe ADD "HKEY_USERS\.DEFAULT\Control Panel\Desktop" /v PaintDesktopVersion /t REG_DWORD /d 1 /f
rem default color is "58 110 165"
reg.exe ADD "HKCU\Control Panel\Colors" /v Background /t REG_SZ /d "29 95 122" /f
reg.exe ADD "HKEY_USERS\.DEFAULT\Control Panel\Colors" /v Background /t REG_SZ /d "29 95 122" /f


turn off DEP then oem7f7

control panel -> power options -> power saver

//all users except administrator will use cmd.exe as shell, and administrator will remain using Explorer.exe
//run it in administrator session
reg.exe ADD "HKLM\Software\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\boot" /v Shell /t REG_SZ /d "USR:Microsoft\Windows NT\CurrentVersion\Winlogon" /f
reg.exe ADD "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v Shell /t REG_SZ /d "cmd.exe" /f
reg.exe ADD "HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v Shell /t REG_SZ /d "Explorer.exe" /f
//http://msdn.microsoft.com/en-us/library/ms838576%28WinEmbedded.5%29.aspx

no windows picture and fax viewer, looking for a good replacement
http://www.blackviper.com/
http://technet.microsoft.com/en-us/library/ff393699%28WS.10%29.aspx
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Labels

Search This Blog