Control panel has a lot of kinda-secret calls that open specific configuration windows that it’d be difficult to get to (need many clicks from other windows) and they might not necessarily have a path that you can access normally when Microsoft discourage their uses. Sometimes it’s just a phrase, sometimes it’s a .cpl in Windows’ system folder, yet sometimes you can call a .cpl that does not exist at all yet the control panel recognizes it.
Here are some examples
control userpasswords2 opens a dialog box to manger user accounts more directly without going through MMC’s user management (typically Local Users and Groups within compmgmt.msc Computer Management). It’s also netplwiz
It used to be valuable way of managing autologon until Microsoft Removed the checkbox “Users must enter a username and passwords to use this computer” because it doesn’t make sense with their freaking vision of Windows Hello where you logon with biometrics or other ways that you’d do with your cellphones. They are trying to make passwords a thing of the past.
I picked this shortcut up from the README file of Network TWAIN Driver installer, which plug and play doesn’t make sense because the device is on the network so there’s no hardware to detect. Instead you add a scanner device manually and enter the connection information in its properties.
The interesting thing about this one is that sticpl.cpl do not exist! There’s no control panel file (.cpl) anywhere in the system drive!
There are more information from Microsoft about these commands.
Windows 10 comes with a default alias that if you type python anywhere in terminal, powershell, run, etc, It will run a stub that points you to getting it in Windows Store. WTF man! I hate these stubs that are nothing but advertising! People will know there’s Python available in the store if Python Software Foundation’s website announces it. There’s no need to hijack the namespace with a useless stub!
After I install Spyder 5.3.0, it started with a Windows console instead of a Python Interpreter console, so when I typed Python (Spyder 5.3.0 came with Python 3.8.10 in its subfolder), this damn App store stub came up:
When I tried to force a .exe exceution in Powershell, I saw this:
So there’s a way to disable this bugger off!
It’s not the first time Spyder not working as intended out of the box, but Microsoft’s overzealous promotion of their ‘good ideas’ causes grief and agony to people who simply want things done.
Ping and file sharing (Samba/CIFS) with older Windows machines blocked out of the box
They are blocked by firewall out of the box. There’s a firewall setting group specifically for the service that can be enabled.
Powershell scripts wouldn’t execute
Because Microsoft changed the defaults and do not allow Powershell scripts to run out of the box. I have a CMD command to run in Post-Setup that you can run before any Powershell scripts are executed that’d fix the issue.
Slipstream-able Windows updates immediately following 21H2
Basically all the 4 updates about with the tag -ndp48_ refers to NET Framework 4.8. The last one (KB5011543 for now) is a 600MB+ roll-up that gets updated often that you might want to check Microsoft Update Catalog for the latest YYYY-MM Cumulative Update Preview and replace it (check superseded info)
Windows Updater keeps bugging you for Malicious Software Removal (it’ll prompt you over and over until you finished all the virus/malware definition files)
Event Viewer will bug you about Printer Notifications not working (Microsoft forgot to account for their product still using interactive Session 0 which they disabled for security concerns)
Enable System Restore Point and capture it on every login
Enable System Restore on System Drive
Disable refractory period (won’t run again in 24 hour even if requested) in registry (Needs to be done with reg.exe instead of just a registry file with NTLite to make sure it doesn’t get overwritten during provisioning)
Create scheduled task that takes a snapshot at every logon
Turns out Microsoft decided to not allow you to run Powershell scripts out of the box. The Execution-Policy is set to be disabled and you have to go to Powershell to run
Set-ExecutionPolicy unrestricted -force
The -force switch skips the prompt. However, this is a chick and egg problem with slipstreaming as you need to execute this first programmatically. I tried to use CMD files to do powershell -command "Set-ExecutionPolicy unrestricted -force" but it does not work and quite a few people reported ignoring execution policy with -ExecutionPolicy Bypass switch to powershell.exe does not work with NTLite either.
It’s a colossal pain in the butt. Microsoft deciding to prevent Powershell scripts from running by default broke NTLite’s powershell scripting.
I decided to take a look at registry values that can be changed and this website suggested there is one. There’s a typo on the website. It’s not in HKCU but in HKLM (his screenshots says HKLM). The correct path is changing the string value ExecutionPolicy to Unrestricted in the key HKLM\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell
I cannot confirm when the registry files are loaded in NTLite. It could be too early or too late. (Looks like it’s too early to me since MDM fake enrollment registry files do not take effect and I had to use reg command script later).
So instead, I’ll do the registry change as a CMD script:
You’ll have to fake a MDM enrollment to get rid of the warning through registry entries, but loading the registry file in NTLite won’t work since it has to be processed after the unattended installation. This can be done by adding the registry entries with batch files to be run at Post-Setup
* Shallow assignment (transferring reference only) means the LHS does not have its own copy, so modifying the new reference will modify the underlying data on the RHS.
| Format-List -Property * or Format-List -InputObject
properties() methods() get()
List members (method and properties)’s prototypes
| Get-Member
Powershell specific
The UNCAPTURED output value in the last line of the block is the return value! Unary side effect statements such as $x++ do not have output value. Watch out for statements that looks like it’s going nowhere at the end of the code as these are not nop/bugs, but return value. This has the same stench as fall-throughs.
foreach() follows the last uncaptured output value return rule above doing a 1-to-1 map from the input collection to output collection (you can assign output to foreach() as it’s also seen as a function)
Powershell suck at binary operations between two arrays. Just an elementwise A+B you’d be thinking in terms of loops and worry about dimensions.
You can put if and loop blocks inside collections list construction, like this:
When used with classes and custom matrices/arrays, chaining fields/properties/methods by indices often do not work, when they do, they often give out only the first element instead of the entire array (IIRC, there are operator methods that needs to be coordinated in the classes involved to make sure they chain correctly). In short, just don’t chain unless in very simple, scalar cases. Always output it to a variable a access the leaf.
Negative (cyclic) indexing along with automatic descending range, along with the lack of ‘end’ keyword is a huge pain in the rear when you want to scan from left to right like A[5:end].
Instead, you’ll have to do $A[4..($A.length-1)] because the range 4..-1 inside A[4..-1] is unrolled as 4,3,2,1,0,-1 (thus scanning from right to left and wraps around) without first consulting with the array A like the end keyword in MATLAB does so it can substitute the ends of the range with the array information before it unrolls.
I am willing to bet that this behavior does not have a sound basis other than people thinking negative indices and descending ranges alone are two good ideas without realizing that nearly nobody freaking wants to scan from right to left and wrap around!
I had the same gripes about negative indices in Python not carefully coordinating with other combinations in common use cases which cases unintuitive behavior.
Range indexing syntax
# Powershell
1..10 # No step/skip for range creation
A[1..10] # No special treatment in array such as figuring out the 'end'
% MATLAB
A[start:(step):stop]
# Python
A[range(start,stop,step)]
# Slicing (it's not range)
A[(start):(stop):(step)] # Can skip everything
# In Python, A=X merely reassign the label A as the alias for X.
# Modifying the reassigned A through A=X will modify underlying contents of X
# To deep-copy contents without .Clone(), assign the full slice
A[:] = X
Hasthtable / Dictionaries
% MATLAB: Use dynamic fields in struct or containers.Map()
# Python: dictionaries such as {a:1, b='x'}
# Powershell: @{a=1, b='x'}
Structs
Powershell does not have direct struct or dynamic field name struct. Instead if your object is uniform (you expect the fields not to change much), use [PSCustomObject]@{}. You can also just use simple hashtable @{}, but for some reason it doesn’t work the way I expected when put into arrays when I try to reference it by array index.
Array rules surprises
Array comparisons are filtering operation (not boolean array output like MATLAB). (0..9) -ge 5 gives 5 to 9, not a list of False … False, True … True. To get a boolean array, use this shortcut:
(0..9) | % {$_ -ge 5}
Map-filter combo syntax is | ? instead of Map syntax | %
Monad (Cells in MATLAB) are unpacked and stacked by default (in MATLAB, I had to write a lot of routines to unpack and stack cells of cells). To keep cells packed (in MATLAB lingo, it’s like ‘UniformOutput’, false in cellfun), add a comma unary operator in front of the operation that are expected to be unpacked like this:
.$_.Split('_')
Set Operations
This is one of the WTF moments of Powershell as a programming language. Convenient set operations is essential for most of the routine boring stuff that involves relational data. A lot of Powershell’s intended audience works in database like environment (like IT managers dealing with Active Directory), they have Group-Object for typical data analysis tasks, yet they make life miserable just to do basic set operations like intersection and differencing!
Powershell has a Compare-Object, but this is as unnatural and annoying to use as users are effectively rebuilding all 4 basic set-ops (intersection, union, set-diff, xor) based on any two! Not to mention you have to sift through table to get to the piece you wanted!
Basically Compare-Object out of the box
is a set-diff showing both directions (A\B and also B\A) at the same time. If you throw away the direction info, it’s xor.
if you want intersection, you’ll need to add -IncludeEqual -ExcludeDifferent
(WTF!) If you just specify -ExcludeDifferent, by definition there’s no output because by default Compare-Object shows you ONLY the two set-diffs and you are telling it to not show any diffs!
Union is specifying -IncludeEqual only. But it’d rather stack both then do a | Sort-Object - Unique
Some people might suggest doing | ? {$_ -eq $B} for intersection (or is-member). This is generally a bad idea if you have a lot of data because it’s in the O(n*n) runtime algorithm (loop-within-loop) while any properly done intersection algorithm will just sort then scan the adjacent item to check for duplicates, which gives O(n log(n)) time (typical sorting algorithm takes up most of the time).
If you noticed, it’s set operations within the outputs of Compare-Objects with the Venn diagram of -IncludeEqual -ExcludeDifferent switches! It’s doable, but totally unnecessary mindfuck that should not be repeated frequently.
In MATLAB land, I made my own overloading operators that do set operation over cellstr(), categorical and tabular objects (I went into their code and added the features and talked to TMW so they added the features later), sometimes getting into their sort and indexing logic as necessary. This shows how badly do I need set operations to come naturally.
One might not deal with it too much in low level languages like C++ (STL set doesn’t get used as much compared to other containers), but for a language made to get a lot of common things done (i.e. the language designer kind of reads the users mind), I’m surprised that the Powershell team overlooked the set operations!
Sets are very powerful abstractions that should not be made less descriptive (hard to read) by dancing around it with equivalent operations with some programming gymnastics! If these basic stuff are not built in, we are going to see a lot of people taking ugly shortcuts to avoid coding up these bread and butter functions and put it in libraries (or downloading 3rd-party libraries)!
Powershell surprises
Typical symbolic comparison operators do not work because ‘>’ can be misinterpreted as redirection in command prompts. Use switches like -gt (greater than) instead.
Redirection’s default text output uses UTF16-LE encoding (2 bytes per character). Programs assuming ASCII (1 byte per character) might not behave as intended (e.g. if you use copy command merge an ASCII/UTF8 file with UTF16-LE, you might end up with spaces in the sections that are formatted with UTF16-LE)
Cannot extract string matches from regex without executing a -match which returns boolean unless we use the the $matches$ spilled into variable space. Consider [regex]::Match($Text, $Pattern).Groups[1].Value
Methods are called with parenthesis yet functions are not called with parenthesis, just like cmd-lets! Trying to call a function with multiple input arguments with parenthesis like f(3,5) will be interpreted as calling f with ONE ARGUMENT containing an ARRAY of 3 and 5!
Write-Host takes everything after it literally (white spaces included, almost like echo command), with the exception of plugging in $variables! If you want anything interpreted, such as concatenation, you need to put the bracket around the whole statement!
Libraries and Modules
Reload module using Import-Module $moduleName -Force
Sometimes I need to do a little bit of retro-computing (not with virtual machines) to support some ancient hardware.
As far as compatibility is concerned, I have yet run across any weird piece of software that specifically requires Windows ME, 2000, Vista or Windows 8 to run that cannot be run with an OS one step up.
Windows 98 SE generally displaces anything from Windows 95 to Windows 98.
Windows 2000/XP usually run anything that are meant for NT starting from 4.0.
Windows NT 3.51 usually run Win32s programs that works on Win 3.1, except it’s way more stable.
Installation Order
The OSes should be installed from old to new:
DOS/Win 3.1 + 98 (SE)
XP
Windows 7
Reorganize boot menu
Windows XP installs a NT52 style (NTLDR) boot menu that recognizes DOS as a partition to boot. Windows 7 installer will install a NT60 style (BCD) boot menu that that the NTLDR loader as an OS (it’s called Earlier version of Windows) instead of directly booting to Windows XP. This means to get to Windows XP / DOS, you’ll have to select twice.
We can fix this by EasyBCD, which rebuilds the bootloader options for the installed OSes. Doing it with bcdedit is a major pain in the arse. There are some quirks to watch out for in the process no matter which path you choose:
You might need to boot into safe mode if the current BCD is locked.
Whatever OS that you are currently in calls itself C: and everybody else shifted according to the partition order.
When setting drive letter for the boot menu item, observe the drive letter scheme currently seen by the host OS. i.e. use C: when referring to the currently booted OS
Do not take up on EasyBCD’s offer to detect the drive letter automatically. They are likely to be wrong guesses that won’t boot, likely because of the shifting C: issue.
While you are at EasyBCD, it also offer the option of booting ISO (optical drives) and IMA (floppy) images, which I find it convenient for making the PC a tech service station.
Note that the DOS menu provided by EasyBCD went through an extra layer of indirection called GRUB4DOS, so it’s not as native as going through NT60 (BCD) > NT52 (NTLDR) > DOS in the sense that it installed foreign stuff not made by Microsoft such as Grub.
Tip about bcdedit
Some old versions of bcdedit’s /? menu did not tell you about the /store switch, which is necessary to manipulate foreign BCD files instead of the host BCD (that you used to boot to the current Windows you are working in).
For some very old system that doesn’t support hardware USB CD-ROM (ISO) emulators (or it only has USB 1.1 ports which is begrudgingly slow), there’s a way to put your installer in a HDD/SSD (IDE/SATA) and boot the installer image on them. Turns out it’s quite easy. All you need to do is copy the set of entire Windows installation files in an MBR drive with partition set active, then write the boot sector to it!
Make sure your HDD is in MBR, not GPT
Make a partition that’s bootable (can be NTFS) by marking it as Active (Active partition only make sense with MBR. That’s why you should make your disk MBR)
Copy all the files from Windows CD image to the drive
Run the following code the build the boot sector for the drive. One interesting twist is that you must run this command from the drive letter you want to rebuild the boot sector (or it’ll refuse to run) yet you have to specify what drive letter to rebuild the boot sector! Let’s call the drive P:\
P:\:> bootsect /nt60 P:\
The /nt60 is the modern boot manager for Windows 7 and above. /nt52 is Windows XP and old NT style (NTLDR) boot manager. Miss the old days when I was using winnt /b!
Firewall exception for “File and Printer Sharing” is not enabled by default. Check the boxes below to enable CIFS/SMB sharing.
Enabling “File and Printer Sharing” also enables pinging into the said Windows 10 machine since this group also enable “Echo Request – ICMPv4) that the details can be seen in Advanced Firewall Config rules.
netsh advfirewall firewall set rule group="Network Discovery" new enable=Yes
netsh advfirewall firewall set rule group="File and Printer Sharing" new enable=Yes
Just out of good housekeeping, I’d like to move user folder to another drive letter so I can back it up quickly for re-installing Windows or plan program storage better (anything that can be re-installed, I don’t care to back it up).
There’s a lot of warning about messing with redefining where %userprofile% points to (which is %systemdrive%\Users\%username%) or using symbolic links (such as subst) for file redirection. So I’m sticking to the officially supported ways that doesn’t involve scripting or messing with the registry, i.e. move only the ones Microsoft expects users to be able to move it themselves.
I’ve identified these folders are safe to move:
The basic user shell folders
For a newly installed Windows 10, that’s basically every subfolders in %userprofile% itself!
Here’s the dumb way to do it which is taught nearly everywhere since Windows 7: using the location tab in these special shell folders:
They told you the hard and dangerous way modifying the registry, namely HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders:
It’d be a pain in the ass to do it for 13 folders in Windows 10 (much less in Windows 7 so it was reasonable to do it this way back in the days). Turns out through experimentation, I figured that you can just move the shell folders to your chosen the destination folder, and the shell folders (which are decorated with extra features) can figure out they are being moved register the notifiers (aka the registry) properly, which is all the steps in location tab condensed to one drag and drop!
I observed the registry location and see what are the impact of the moves. A bunch of new entries are created corresponding to the 13 subfolders being moved
I believe those are the unique names for the named folder as their superficial name can change without having program confused about their nature.
I noticed only 6 core subfolders (which are the bread and butter ones that was there since Windows 7) is updated with the new path.
The others that are not changed are heavily tied to programs you installed (AppData) and Windows Explorer config (start menu, right-click explorer context menus) and IE stuff (cache and cookies). These data do not relate to the typical files users must backup but the configuration files that store user preferences. This is why I’m not surprised when Microsoft tells people not to mess with them because old software cruft might not handle them in a unified way after 20+ years of evolution.
App/Tiles (Metro UI) data starting Windows 8
Easus’ blog page might have confused the shell folders with files for Metro UI (Apps) and thought this is another way of moving files, which isn’t. This is the additional step specific to Tiled App files:
What I forgot to annotate above is “New apps will save to:” will also generate a \WindowsApps\MutableBackup folder. Such “Program Files” is owned by ‘SYSTEM’ account and “WindowsApps” is owned by ‘TrustedInstaller’ account, which you cannot clean them up after you changed your mind without first taking ownership and give yourself full permissions. Here are the folders created by the first item of the “Change where new contents is saved” page:
It’s usually more convenient to move the shell folders to {target drive}:\%username% that’s shared with the special folders for the Apps with the same name so Apps and programs can share files with a common folder. But technically these are two split concepts and you are free to make them separate.
The registry is not where you should muck with the path. Please let Windows’s proper user interface (shell folder’s Location folder handling) do it as registry is just one of the many places they will manage the settings. Also remember moving these special (aka shell) folders do not move your %userprofile% which is your home folder that things like Powershell starts with by default (I had to change the working directory and there isn’t a variable associated with the {target drive}:\%username% because variables to those special folders do not manage their root.
