You will need to update the CompanyName to yours

#Change AutoSaveLocation to OneDrive



$onedrivelocation = %userprofile%\OneDrive - **CompanyName**\



mkdir "$onedrivelocation\Autorecover\Word\"

New-ItemProperty -path "HKCU:\Software\Microsoft\Office\16.0\Word\Options" -Name AUTOSAVE-PATH -PropertyType "ExpandString" -Value "$onedrivelocation\Autorecover\Word\"

mkdir "$onedrivelocation\Autorecover\Excel\"

New-ItemProperty -path "HKCU:\Software\Microsoft\Office\16.0\excel\Options" -Name AutoRecoverPath -PropertyType "ExpandString" -Value "$onedrivelocation\Autorecover\Excel\"

mkdir "$onedrivelocation\Autorecover\Powerpoint\"

New-ItemProperty -path "HKCU:\Software\Microsoft\Office\16.0\PowerPoint\Options" -Name PathToAutoRecoveryInfo -PropertyType "ExpandString" -Value "$onedrivelocation\Autorecover\Powerpoint\"
VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Public

Worksite permissions default to everyone have access to everything. When a workspace is set to Public no permissions are restricted every if they are listed in the security list

Private

Private mode restricts access per the permissions listed 

FAQ

Read/Write Permission vs Full Access

Full Access gives users permissions to change existing permissions. Read/Write gives full access to the data

How do I give users read Access to a Workspace

Set it as Private

Great a group with all users and assign this read

Setup Users to full access

How can I get a list of all private or public workspaces?

SELECT p.prj_id, p.prj_name, p.prj_descript, p.prj_owner FROM mhgroup.projects p (NOLOCK) WHERE p.subtype = 'work' AND p.default_security = 'X'

To get a list of public workspaces you would change p.default_security = ‘X’ to ‘P’.

SELECT p.prj_id, p.prj_name, p.prj_descript, p.prj_owner FROM mhgroup.projects p (NOLOCK) WHERE p.subtype = 'work' AND p.default_security = 'P'

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Add the below to the top of your script

if (!([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")) { Start-Process powershell.exe "-NoProfile -ExecutionPolicy Bypass -File `"$PSCommandPath`"" -Verb RunAs; exit }

# Your script here
VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Powershell script to set Registry Key Permissions with Subkeys for a User ( Needs to be run as admin as its changing things in HKCU:\Software\Policies

$acl = Get-Acl HKCU:\Software\Policies\Google
$inherit = [system.security.accesscontrol.InheritanceFlags]"ContainerInherit, ObjectInherit"
$propagation = [system.security.accesscontrol.PropagationFlags]"None"
$rule = New-Object System.Security.AccessControl.RegistryAccessRule ("domain\user","FullControl",$inherit,$propagation,"Allow")
$acl.SetAccessRule($rule)
$acl |Set-Acl -Path HKCU:\Software\Policies\Google
VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

I used the Below Policies to create a Local User and Password

./Device/Vendor/MSFT/Accounts/Users/LocalAdmin/Password

However there is no where in CSP to set this to never expire.

You have to use a new Powershell run as the System account separately to do this

Set-LocalUser -Name “localadmin” -PasswordNeverExpires 1

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

You can set the author and default document class by setting the following registry key. The variable %USERID% will resolve to the user that is logged in.

[HKEY_CURRENT_USER\Software\Interwoven\WorkSite\8.0\iManExt\DefaultNewProfile]
“382”=”%USERID%”
“384”=”DOC”

VN:F [1.9.22_1171]
Rating: 9.0/10 (1 vote cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Use this to Generate a Command for Open SSL e.g the below 

https://www.digicert.com/easy-csr/openssl.htm

openssl req -new -newkey rsa:2048 -nodes -out test_test_com.csr -keyout test_test_com.key -subj "/C=US/ST=Test/L=/O=Test/CN=test.test.com" 

Now add to the end : -config “C:\Program Files\Autonomy\WorkSite\Apache\conf\openssl.cnf”

In Comand Prompt Navigate to Openssl.exe (  C:\Program Files\Autonomy\WorkSite\Apache\bin ) 

Run the full command

openssl req -new -newkey rsa:2048 -nodes -out test_test_com.csr -keyout test_test_com.key -subj "/C=US/ST=Test/L=/O=Test/CN=test.test.com" -config "C:\Program Files\Autonomy\WorkSite\Apache\conf\openssl.cnf"

It will generate a .csr and a .key file , copy these to C:\SSL

Use the CSR with your certificate Authority to Generate a .crt file and also a chain file

Download these to C:\SSL

Open the file : C:\Program Files\Autonomy\WorkSite\Apache\conf\worksite.conf

Add or Change the Lines to the below

SSLCertificateFile “C:\SSL\certs_test_test_com.crt”
SSLCertificateKeyFile “C:\SSL\test_test_com.key”
SSLCertificateChainFile “C:\SSL\certs_DigiCertCA.crt”

Restart iManage Work Server Service

 

Next

Copy “C:\SSL\test_test_com.key” to “C:\SSL\test_test_comkey.pem”

Open certs_test_test_com.crt with Notepad and copy the contents into a new file

Open certs_DigiCertCA.crt with Notepad and copy the contents to the below of the new file ( directly under the other certificate on a new Line ) 

Save this as C:\SSL\test_test_comfullchain.pem

On the Worksite Service Properties  , Configure Hosted DM

Change .PEM files to your new file

 

 

Restart iManageMicroServiceHub Service

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Recently at a site we had machines starting using high CPU of the SVCHost process, this process is used by lots of services to access the network , however, as soon as stopping the Windows Update Service CPU came back down to normal

I had seen this before at another site and the issue was due to not enough CPU ( only one was flatlining the CPU )  , however increasing the CPU and memory still did not fix this

Then after some recent updates, the servers would no Windows Update anymore , they would just sit on “Checking for Windows Updates”. I couldn’t install updates Via powershell 

A server running Windows Server 2012 R2 on the same network updated fine!

I tried the normal fix of Wiping these : 

C:\Windows\SoftwareDistribution

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate

However to no avail.

 

I checked the Windows Update Log : C:\Windows\WindowsUpdate.log

2019-04-23 14:09:51:839 5080 ab8 CltUI FATAL: CNetworkCostChangeHandler::RegisterForCostChangeNotifications: CoCreateInstance failed with error 80004002
2019-04-23 14:09:51:839 5080 ab8 CltUI WARNING: RegisterNetworkCostChangeNotification: Error 80004002

 

I then found an article to Remove the Desktop Experience Feature ( which had been installed to Disk Cleanup the servers ) 


After this I did this again and could windows update again

C:\Windows\SoftwareDistribution

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)