Systemctl enabling of OpenVPN

1. config file is in /etc/openvpn

sudo systemctl start/stop/status/enable/disable openvpn@[config]

2. config file is in /etc/openvpn/client

sudo systemctl start/stop/status/enable/disable openvpn-client@[config]

3. config file is in /etc/openvpn/server

sudo systemctl start/stop/status/enable/disable openvpn-server@[config]

extension of config should be .conf not .ovpn

Delete Team Project from the Team Foundation Server

C:\Program Files (x86)\Microsoft Visual Studio 11.0\VC>TfsDeleteProject /collection:https:[Team Foundation Service URL]/DefaultCollection [Team Project Name]
경고: 팀 프로젝트를 삭제한 후에는 복구할 수 없습니다. 모든 버전 제어, 작업 항목
추적 및 Team Foundation 빌드 데이터가 시스템에서 제거됩니다. 이 데이터를 복구하
려면 저장된 데이터베이스 백업을 복원해야 합니다. 팀 프로젝트 및 해당 데이터를 모
두 삭제하시겠습니까(Y/N)?y

Build에서 삭제하는 중...
버전 제어에서 삭제하는 중...
작업 항목 추적에서 삭제하는 중...
TestManagement에서 삭제하는 중...
ProcessManagement에서 삭제하는 중...
LabManagement에서 삭제하는 중...
ProjectServer에서 삭제하는 중...
경고. 보고서 서버 서비스를 찾을 수 없습니다.
경고. SharePoint 사이트 서비스를 찾을 수 없습니다.
Team Foundation Core에서 삭제하는 중...

C:\Program Files (x86)\Microsoft Visual Studio 11.0\VC>

Access Registry with PowerShell

Working with Registry is very similar to working with files and folders with PowerShell.
Set-Location cmdlet can set the current working location to registry.

PS C:\Windows\system32> Set-Location Microsoft.PowerShell.Core\Registry::HKEY_CURRENT_USER
PS Microsoft.PowerShell.Core\Registry::HKEY_CURRENT_USER>

The registry provider’s full name is Microsoft.PowerShell.Core\Registry, but this can be shortened to just Registry.

PS C:\Windows\system32> Set-Location Registry::HKEY_CURRENT_USER
PS Microsoft.PowerShell.Core\Registry::HKEY_CURRENT_USER>

In addation, PowerShell has two pre-defined registry ‘drives’:

PS C:\Windows\system32> Set-Location HKCU:

However, other registry roots are not defined.

PS HKLM:\> Set-Location HKCR:
Set-Location : 드라이브를 찾을 수 없습니다. 이름이 'HKCR'인 드라이브가 없습니다.
위치 줄:1 문자:1
+ Set-Location HKCR:
+ ~~~~~~~~~~~~~~~~~~
    + CategoryInfo : ObjectNotFound: (HKCR:String) [Set-Location], DriveNotFoundException
    + FullyQualifiedErrorId : DriveNotFound,Microsoft.PowerShell.Commands.SetLocationCommand


You can define other roots by yourself with New-PSDrive cmdlet.

PS HKLM:\> New-PSDrive -Name HKCR -PSProvider Registry -Root HKEY_CLASSES_ROOT
Name      Used (GB)      Free (GB)    Provider    Root    CurrentLocation
----      ---------      ---------    --------    ----    ---------------
HKCR                                            Registry  HKEY_CLASSES_ROOT

PS HKLM:\> Set-Location HKCR:

Modify File Time Stamps using PowerShell

(Get-Item [filename]).CreationTime = [date/time]
(Get-Item [filename]).LastAccessTime = [date/time]
(Get-Item [filename]).LastWriteTime = [date/time]

PS C:\> (Get-Item .\test.txt).LastAccessTime = Get-Date
→ This command converts 'last access time' of 'test.txt' to current date and time

PS C:\> (Get-Item .\christmas.tree).LastWriteTime = '2016-12-25 AM0:00'
→ This command converts 'last write time' of 'christmas.tree' to specific date and time
Batch Processing with ForEach:
Get-ChildItem | ForEach-Object { $_.LastWriteTime = Get-Date }

PS C:\> Get-ChildItem | ForEach-Object { $_.LastWriteTime = Get-Date }
→ This command converts 'last write time' to current date and time of all files in working directory

PS C:\> $i = 0; Get-ChildItem | ForEach-Object { $_.LastWriteTime = (Get-Date).AddDays(-1).AddMinutes($i++) }
→ This command converts 'last write time' to yesterday with increasing minutes

Check in/Check out files to/from the Team Foundation Server with command prompt

** Visual Studio 2017 Developer Command Prompt v15.0.26430.16
** Copyright (c) 2017 Microsoft Corporation
Microsoft (R) TF – Team Foundation 버전 제어 도구, 버전 15.112.26421.0
Copyright (c) Microsoft Corporation. All rights reserved.

지원되는 버전 제어 명령 목록을 보려면 tf vc help를 입력합니다.
지원되는 Git 명령 목록을 보려면 tf git help를 입력합니다.
지원되는 서버 설정 명령 목록을 보려면 tf settings help를 입력합니다.

C:\>tf checkin
체크 인한 파일이 없습니다.

C:\>tf get
모든 파일이 최신 상태입니다.


RunAs.exe with /netonly and /savecred simultaneously

RunAs allows a user to run specific tools and programs with different permissions than the user’s current logon provides.
However, the paremeter /netonly and /savecred cannot be used same time.
We can use windows API ‘CreateProcessWithLogonW’ instead.

#pragma comment(lib, "Advapi32")
#include <windows.h>

BOOL RunAsNetOnly(LPCWSTR szUser, LPCWSTR szDomain, LPCWSTR szPass, LPCWSTR szApp)

	// INIT
	ZeroMemory(&si, sizeof(si));
	ZeroMemory(&pi, sizeof(pi));
	si.cb = sizeof(si);

	return CreateProcessWithLogonW(szUser, szDomain, szPass, LOGON_NETCREDENTIALS_ONLY,

Get idle time from system services with windows API

There are several methods to get user idle time.

No 1. one of most widely used is GetLastInputInfo.
However, the API returns invalid values when called by system services, because system services are isolated to session 0 and no input triggers signaled.

No 2. second option is WTSQuerySessionInformation.
The 3rd parameter, WTSInfoClass can be set to WTSSessionInfo and WTSINFO structure could be obtained.
API itself can be used by system services, but LastInputTime would not be valid if the API’s called for local (Console) user.

No 3. third option is to build another user mode app with Inter Process Communication (IPC).
To achieve that, service process must launch a new user mode process and communicate each other.
To create user mode process, valid user token should be obtained by WTSQueryUserToken, and then call CreateProcessAsUser with acquired token.

No 4. Querying WMI
System service process can query WMI and obtain Last Input data.
ReadOperationCount would be changed if any keyboard or mouse input occurred.
Query Win32_process, csrss.exe
There were two process handle in my computer. '516' was session 0 (service process) and '12516' was Console session.
SessionId and ReadOperationCount can be found.