How to install WinSCP with SCCM New Application Deployment Model

I had a student ask for some practical guidance on deploying software via SCCM application deployment model. So I decided to create one basic post about this topic.

Let’s start with brief overview. New model is using built in intelligence during deployment of software. Basically if software is provided by MSI file this is the easiest way to deploy, but we will speak about deploying  EXE file. When MSI file is deployed almost every configuration is not needed. The picture is different when we speaking for EXE software. That’s why we will discus EXE software deployment because the process is not so clear.

Let’s start with application creation in SCCM.

  1. Open Configuration Manager Console.
  2. Click the Software Library workspace, expand Application Management, and then click Applications.
  3. Right-click Applications, and then click Create Application.1
  4. In the Create Application Wizard, on the General page, ensure the Manual Specify the application information detect information about option is selected,  and click Next.2
  5. Enter Application details.3
  6. On the Application Catalog page, click Next.4
  7. On the Deployment Types page, click Add to add a deployment type.5
  8. On the Create Deployment Type Wizard (note that the Create Application Wizard is still visible in the background) page, ensure the manually specify the deployment type information option is selected, click Next. 

    Note: SCCM 2012 SP1 has introduced “Script Installer (Native)” as a deployment type. Select this from the drop-down menu. Note that “Manually specify the deployment type” remains selected.
  9. On General Information page, provide the application name, click Next.
  10. On Content page, provide the following information: Network location of the program files (\\Sources\Software\WinSCP\v5.7.7\) and configure the installation (“winscp577setup.exe” /VERYSILENT), uninstallation parameters. (“C:\Program Files (x86)\WinSCP\unins000.exe”  /VERYSILENT /NORESTART). Ensure the Run installation and uninstallation program as 32-bit process on 64-bit clients option is selected, click Next.9
  11. On Detection Method page, click Add Clause.

    Note: This is where we will manually configure a detection method. This is the tricky part. Most of the applications write into registry, so we can use this information for detection method. In our case registry for winscp is “HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\winscp3_is1”
  12. On Detection Rule page, ensure Registry is chosen from drop down menu Settings Type. Browse Local Machine registry hive for applications uninstall keys. Data Type is String. Ensure the This registry settings must satisfy the following rule to indicate the presence of the application option is selected and Operator: Equals, Value: 5.7.7 , click Ok. 11
  13. On Detection Method page, click Next.
  14. On User Experience page, click Next. 12
  15. On Requirements page, click Next.13
  16. On Dependencies page, click Next.14
  17. On Summary page, click Next.15
  18. On Completion page, click Close.17
  19. On Summary page, click Next.16
  20. On Process page wait for process to finish and, click Close.18

The Application has now been created and can be distributed and deployed with SCCM.

Hope this helps!


Technical References: How to Create Applications in Configuration Manager

How to install Web Server, PHP, MySQL and WordPress on Windows

Hello friends,

This piece is NOT mine but I know the engineer who stands behind it. With his permission I will share it. This is from the Windows posts. Later, I will write my own for Linux users!

You will find the source at the end of the post. Have fun and comment!




This is a step-by-step and a video guide on how to install Web Server (IIS) on Windows 7 (works on Win 8 and 10) then Install PHP, MySQL, phpmyadmin and then WordPress. All this in 40 minutes. From an empty Windows 7 machine to fully functional Web Server.

Please refer to the video but I also provide a written step-by-step instructions on what I do in the video with links to downloads.

0. Turn off User Account Control !
1. Install IIS from Programs and Features -> Turn Windows Features on and off. ChooseInternet Information Services and expand. Also check CGI and some more features from the Application Development sub menu.

Web Server







2. Open from Control Panel -> System and Security -> Administrative Tools
2. Test your web server with http://localhost. If you see the IIS picture – You have a working Web Server
4. Go to -> Downloads and download your desired PHP Version. Usually x86 threat safe zip download. For older versions and archives –
5. Copy the files in the zip file and paste them into C:\PHP. Create the folder PHP manually.
6. Go to and download the 64 (or 32) bit installer. Run the installer. If you are running a later version of Windows like 8 or 10 then your IIS version will also be higher and the installer won’t run. To work around this open regedit in Run and navigate toHKLM/System/CurrectControlSet/Services/W3SVC/Parameters and open the MajorVersion DWORD. Change the value from 10 to 9 or 8 and try to install again.
7. Open the IIS Manager and choose PHP Manager when selecting the Default Web site
8. Click on register new PHP version and choose the path where you unpacked the PHP files. In our case C:\PHP and point to the php-cgi.exe and click Ok.
9. Your IIS is now linked with PHP via FastCGI
10. Now while in IIS Manager go to Default Document and click Add on the right menu. Type index.php and click OK. Now with the arrows on the right menu put the index.php to the top of the list. Acknowledge any warnings that inheritance will break.
11. Go and test your php. Put an index.php file with some example php code inside in yourC:\inetpub\wwwroot directory and give it a try by opening your http://localhost in a browser.
12. If you see the php page – You have installed PHP successfully. If not leave a comment and I wil try to help you.
13. If you receive a Internal Server Error 500 – FastCGI process exited unexpectedly go to and download the32bit version of the Visual C++. Try opening the localhost again. Should be fine.
14. Time to get the MySQL. Go to On Select Platform choose Download on the MySQL Installer MSI.
15. Choose bigger installation
16. Click on No thanks just start my download and downlaod the file. It’s around 370 MB.
17. Run the installation file. – Choose Server Only and install.
18. Time to configure the MySQL install. For Config Type choose Server Machine if your Web server (like in our case) is on the same server as your MySQL and chooseDedicated Machine if your Web Server and MySQL are on different servers.
If you want your MySQL to use the least memory – choose Development Machine. It will assume that it’s not a production MySQL that will serve a lot of requests.
19. Leave the connectivity checks as they are. Go to Next.
20. Choose a password for the account “root”. You cannot change the root username but you choose the password. If you want to create your own user with special permissions go to MySQL User Accounts and click Add User and create your own user. Once Ready go to Next
21. Definately leave “Configure MySQL Server as a Windows Service” checked and the same for “Start the MySQL Server at System Startup”. Windows Service Name – change it if you want. No Impact.
22. On Run Windows Service as… leave it on Standard System Account. If you have a good reason to use a specific account – choose Custom User but i would Recommend staying with Standard System Account. Click Next and then Execute.
23. Now you need something to manage your MySQL with. I suggest using the freephpMyAdmin. Go to and download.
24. Go to C:\inetpub\wwwroot directory and create a folder called phpmyadmin and unpack all the files in it.
25. Open http://localhost/phpmyadmin. You should see the Phpmyadmin welcome page. For username use root and the password you’ve chosen on the MySQL install in step 20. Now you are inside your MySQL seen through phpmyadmin. Leave the page opened.
26. Now we are ready to install WordPress, Forums, joomla, Drupal and etc. Let’s install WordPress as an example. Go to and download the latest WordPress.
27. Unpack everything into your wwwroot directory.
28. Open http://localhost. You should see the WordPress Logo. Click Let’s Start.
29. Go back to your browser tab where you have http://localhost/phpmyadmin opened or open it again if you closed it. Go to Databases and create a new database. That’s it. We need it blank
30. Go back to your WordPress tab on http://localhost . Fill in the information :
Database Name: Use the name of the database you created in phpmyadin in step 29.
User Name: Use the username you login into phpmyadmin which should be the same as Step 20.
Password: And the password.
Database host: Leave localhost.
Table Prefix: leave the default – wp_
Click Submit.
31. It will say Sorry but I can’t write to wp-config.php file. Go to your wwwroot directory and create a file called wp-config.php. Open it with Notepad and paste the code from the WordPress page. Save
32. Go back to your WordPress page and click Run the Install.
33. Type in a Site Title (you can change later if you don’t like it), Type a Username andpassword for your new WordPress site (best to choose different from your MySQL logins). Type a fake or real email, it doesn’t matter. If you want search enginers to crawl
your site leave the check on Privacy and click on Install WordPress button.
34. If all goes fine you should see Success! and a Log in button.
35. Congrats! You have a WordPress blog now. The installations of Joomla, PHPBB, vBulletin, SMF, Drupal are almost identical to this installation so you should be good installing them easily.



Source: Djongov IT blog


As I said, Linux version is coming soon.

N.B. This is copy-pasted from the author’s site. If you want to copy it or use it contact him from the link above! If there are any mistakes, there are from the author’s side!

IPv6 Transition Technologies

Transitioning from IPv4 to IPv6 requires coexistence between the two protocols. Too many programs, apps and services rely on IPv4 for it to be removed quickly. However, there are several technologies that aid transition by allowing communication between IPv4-only and IPv6-only hosts. There are also technologies that allow IPv6 communication over IPv4 networks.

We will review three of these technologies today in order to learn how to make IPv4 and IPv6 to communicate. These three ways are ISATAP, 6to4, Teredo.


Let’s start with ISATAP. So, what is ISATAP?




The ISATAP address-assignment technology provides unicast IPv6 connectivity between IPv6/IPv4 hosts over an IPv4 intranet. IPv6  packets are tunneled in IPv4 packets for transmission over the network. Communication can occur directly between two ISATAP hosts  on an IPv4 network, or communication can go through an ISATAP router if one network has  only IPv6-only hosts.  Continue reading “IPv6 Transition Technologies”

PowerShell Cheat Sheet

Since I decided to get Microsoft certified associate, I reviewed the exam requirements. And .. for like 2 years from Microsoft included a lot of PowerShell questions. Which is good and bad at the same time. The questions are not like CISCO exams “Write down the command for ….”. It is more like “Which syntax for doing …… is correct?”. Really tricky but you don’t have to remember all the commands, all you need is to understand the PowerShell syntax. So, here you are a very detailed table with the basic PowerShell stuff:


Cmdlet Description
Add-ADCentralAccessPolicyMember Adds central access rules to a central access policy in Active Directory
Add-ADgroupmember PhoenixAdmins PhoenixAdmin01, PhoenixAdmin02 Add members to group
Add-ADResourcePropertyListMember Adds one or more resource properties to a resource property list in Active Directory
Add-Computer –DomainName Joins a computer to domain
Add-NetSwitchTeamMember Adds a network adapter member to an existing switch team
Add-PhysicalDisk Adds a physical disk to storage pool
Add-WindowsFeature Adds a role or feature
Configure-SMRemoting.exe –Enable Used to configure a computer running Windows Server 2012 for Remote Management
Configure-SMRemoting.exe –Get Used to find out if a computer is configured for Remote Management
Enable-ADOptionalFeature –Identity ‘CN=Recycle Bin Feature,CN=Optional Features,CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,DC=nuggetlab,DC=com’ –Scope ForestOrConfigurationSet –Target ‘’ Enable Active Directory Recycle Bin
Enable-NetFirewallRule Enables a previously disabled firewall rule to be active within the computer or a GP OU
Enable-PSRemoting Configures the computer to receive Windows PowerShell remote commands that are sent by using the WS-Management technology
Enter-PSSession remote server name -credential user name Establishes a PS session with a remote computer
Get-ADTrust Returns all trusted domain objects in the directory
Get-ADUser Gets one or more Active Directory users
Get-DNSServerGlobalQueryBlockList List of servers that it does not respond to when the DNS server receives a query to resolve the name in any zone for which the server is authoritative
Get-Help Install-WindowsFeature Gets the syntax and accepted parameters for the Install-WindowsFeature Cmdlet
Get-NetIPAddress Gets information about IP address configuration
Get-StoragePool Show storage pools
Get-VirtualDisk Show virtual disks
Get-VM –ComputerName <NAME> | Enable-VMResourceMetering Enable Hyper-V resource metering on Hyper-V host
Get-VM –ComputerName NAME | Measure-VM To get all VMs metering data
Get-WindowsFeature Used to get a list of roles and features installed on a computer running Server 2012
Import-GPO Imports a GPO
Import-Module Adds module to the current session
Install-ADDSDomain Installs New Domain
Install-ADDSDomainController Installs additional DC
Install-ADDSForest Installs new forest
Install-AddsForest –DomainName “ Used to promote a server to an Active Directory Domain Controller and make that new DC responsible for a new forest

(for remote computer add the –computer flag, as in Install-WindowsFeature <Feature> -Computer <ComputerName>

Adds a role or feature
Install-WindowsFeature –name AD-Domain-Services Installs Active Directory binaries
Install-WindowsFeature Migration Adds Migration tools
Install-WindowsFeature –Name Hyper-V –ComputerName<name> -IncludeManagementTools -Restart Installs Hyper-V on remote computer
Install-WindowsFeature Server-Gui-Mgmt-Infra Installs Minimal Server Interface from Server Core
Install-WindowsFeature Server-Gui-Mgmt-Infra, Server-Gui-Shell –Restart Switch from Server Core to Full GUI
Netdom renamecomputer %ComputerName% /NewName: <NewComputerName> Renames computer
New-ADGroup (with appropriate flags) Creates a new AD group
New-ADUser Creates new AD user
New-GPO Creates a new GPO
New-GPStarterGPO Creates a new starter GPO
New-NetFirewallRule New firewall rule
New-NetIPAddress –IPAddress –InterfaceAlias “Ethernet” –DefaultGateway –PrefixLength 24 Configures IP address- Server Core
New-SMBShare –Name Documents –Path D:\Shares Creates a new SMB Quick share named Documents with the drive label D:
New-StoragePool –FriendlyName –StorageSubSystemFriendlyName –PhysicalDisks Used to create a storage pool
New-NetRoute –InterfaceIndex 13 –DestinationPrefix 2001:ABCD: /64 –Publish Yes Configure Network Route for ISATAP Interface
New-NetSwitchTeam Creates a new switch team (for network traffic failover)
New-VM –Name “VMNAME” –MemoryStartupBytes <memory> -NewVHDSizeBytes <disksize> Create a Hyper-V virtual machine
Remove-ADCentralAccessPolicy Creates a new central access policy in Active Directory containing a set of central access rules
Repair-VirtualDisk Repair virtual disk
Reset-ADServiceAccountPassword Resets the password for a standalone managed service account. Reset is not supported for group managed service accounts.
Reset-PhysicalDisk Removes physical disk from storage pool
Restart-Computer Restarts a computer
Set-DnsClientServerAddress -InterfaceAlias “Ethernet” -ServerAddresses, Configure DNS address- Server Core
Set-DNSServerGlobalQueryBlockList Replaces all names in the list of names that the DNS server does not resolve with the names that you specify (if you need to resolve name  such as ISATAP or WPAD remove these names from the list).
Set-ExecutionPolicy Enables you to determine which Windows PowerShell scripts will be allowed to run on your computer
Set-NetFirewallProfile Enable Windows firewall
Set-NetFirewallRule Modify existing firewall rule
Set-NetIPAddress Modifies IP address configuration properties of an existing IP address
Set-NetIPInterface Modifies IP interface properties such as in DHCP, IPv6 neighbor discovery settings, router settings, and Wake on LAN settings.
Set-NetIPv4Protocol Modifies information about the IPv4 protocol configuration
Set-RemoteDesktop –Enable Enable Remote desktop connections to the server
Show-WindowsFeatures List of roles and features installed on a computer
Sync-ADObject Replicates a single object between any two domain controllers that have partitions in common
Test-ADServiceAccount Tests a managed service account from a computer
Uninstall-ADDSDomainController –ForceRemoval –LocalAdministratorPassword <password> -Force Demotes a domain controller
Uninstall-WindowsFeature –Name GPMC –Vhd “path” –Remove Features on Demand- removes binaries for Group Policy Management Console (can be used for any other feature).
Uninstall-WindowsFeature Server-Gui-Mgmt-Infra, Server-Gui-Shell –Restart (use –Remove before the restart to remove binaries) Switch from full GUI to Server Core
Uninstall-WindowsFeature Server-Gui-Shell –Restart Switch from Full to Minimal Server Interface; no IE, taskbar, Windows Explorer, or Control Panel


I will add more advanced cmdlets with the progress of my education for MCSA!


[Resources]Microsoft Certified Solutions Associate (MCSA) 70-410: Installing and Configuring Windows Server 2012

Hello to all !

I am about to start my MCSA training this weekend so I decided to speed up the process. So I started to, let’s say, discover useful tools/pages/lectures uploaded in the Internet.

I am going to update this post regularly with useful stuff. Let’s start the list:

  1. Online exam (25 questions with answers): Click
  2. PDF study guide: Click
  3. Official Windows Server 2012 R2 Test Lab Guide: Click
  4. MeasureUP exams (a little bit expensive): Click
  5. MCSA fan 70-410 blog: Click         !!NEW!!

[Quicks]How to hack RDP max sessions allowed

Hello, friends!

I have found a new workaround in order to walk through the annoying message:


Basically, you have to hack your own configuration if you don’t want to change your settings on the terminal server.

If using RDP 6 client or above:
mstsc /v IPADDRESS /admin
If using older than RDP 6:
mstsc /v IPADDRESS /console

With this command you can open one extra session. But if administrator is logged you cannot kick him our. This is valid only for regular users.

Open CMD/PowerShell:

net use \\server



net use /user:[username] \\server\share

Now we are executing commands for the server name/IP we have just enter info about.


query session /server:servername

With this command you will review all active sessions. You have to choose which user/administrator to kick out of the server in order to take his place inside. Once you did this, enter the following command:

reset session [ID] /server:servername

Other possible commands for session reset:

qwinstra /server:servername
rwinsta session [ID] /server:servername


[Quicks]Useful commands when migrating to a new DC

Howdy, friends!

One of my task recently was to migrate to a new DC ‘cuz the old one is totally broken. So I had to export somehow all the users, OUs and SG from the domain controller which was so damaged that I wasn’t able to list the roles installed. That’s why I had to use PowerShell in which I’m newbie. So .. the struggle was real and I decided to share my research and knowledge related to this topic!

As I understood, the best way to export users is CSV file because this is the easiest way to import them directly to the new DC with their old profile configurations.

Get-ADUser -Filter * -Properties * | Select-Object -Property Name,SamAccountName,Description,EmailAddress,LastLogonDate,Manager,
Title,Department,whenCreated,Enabled,Organization | Sort-Object
-Property Name | ConvertTo-CSV

With this command I am telling to PowerShell to export in a CSV file all users from the Active Directory with the following parameters: Name (Rosen Slavchev), SamAccountName (rslavchev or r.slavchev or whatever your sys admin decided to be), Description (“This is test account for our ERP system and ..”), Email (, LastLogonDate (the format is: 10:11:12 10.11.12 y), Manager (your manager’ name set in the AD), Title (Systems Engineer), Department (Technical), whenCreated (same format as LastLogonDate), Enabled (will list only ENABLED accounts from the AD), Organization.

After all of this you can open your .csv in Excel and you will be surprised with the good result.

Another command is exporting all Organizational Unites using LDIFDE tool. The command is:

ldifde -f c:\ExportOU.ldf -s domain.local -d “dc=emeneye,dc=co,dc=local” -p subtree -r “(objectcategory=organizationalUnit)” -l “cn,objectclass,ou”

In my case I used local DC but it can be public! The format here is different. I suggest opening with editor like Notepad ++ for best review.

Analog command to this but again in .csv is:

Get-ADOrganizationalUnit -filter * | Select Name, DistinguishedName | export-csv c:\AD_OU_Tree.csv -NoTypeInformation

I hope that this was helpful for PowerShell newbies like me. Do not hesitate to ask me anything regarding this.

[Quicks] PowerShell How-To find all disabled users in Active Directory

Hello folks!

I found something extremely useful while I was doing a research for another topic. Back in the days I tried couple of times to review all AD users, including deleted. I had a lot of headaches regarding this task. Now I want to share with you couple of PowerShell commands.

Get-ADUser -Filter {Enabled -eq $false} | FT samAccountName

With this command you will find all disabled users inside your AD.

Get-ADUser -Filter {Enabled -eq $false} | FT samAccountName, GivenName, Surname

This is the same as the command above but with extra parameters (GivenName, Surname). So this will output the samAccountName, first name, and last name of the disabled users.

Get-ADUser -Filter {Enabled -eq $false} 

If you want no formatting whatsoever and have AD spit a bunch of information back at you, try running just the Get-ADUser part with the filter applied.

Search-ADAccount -AccountDisabled

This can be used to find out the disabled users AND computers.