Remove Network Printers from Command Line or Script

Remove Network Printers from Command Line or Script

There are several options when it comes to removing printers via command line / script.The first option is to use the "rundll32 printui.dll" method. For this, open a command prompt and type:

rundll32 printui.dll,PrintUIEntry /dn /n \\printsvr\printername

if you want the operation to be silent, then use the /q switch at the end. this is especially useful if you have multiple printers that you want to remove via a batch file and/or if you are unsure if the printers are installed on the end users machines. If the printer is not currently installed and you attempt to remove it without the /q switch then you will receive an error. The figure below shows the command in its entirety:

The next method would be to use a VB script such as this :

to make the script work, just replace the \\PRINTSERVER\PRINTERNAME" field with the details of your network printer and save as a .vbs file. to call the script just open up an administrator command prompt and type in " cscript scriptname.vbs " where scriptname is the name of your script.

To delete more printers just another line to the  " Dim sPrinterName "  lines with the printer number at the end, and then again  add another objNetwork.RemovePrinterConnection sPrinterName2, True, True line that reflects the printer number you just added.

Likewise, to remove only one printer just remove one of the above lines.

Option Explicit

  Dim objNetwork, objPrinters
  Set objNetwork = CreateObject("WScript.Network")
  Set objPrinters = objNetwork.EnumPrinterConnections

  ' ### Delete selected network printer
  Dim sPrinterName1
 Dim sPrinterName2
  sPrinterName1 = "\\PRINTSERVER\PRINTERNAME"
 sPrinterName2 = "\\PRINTSERVER\PRINTERNAME"
  objNetwork.RemovePrinterConnection sPrinterName1, True, True

 objNetwork.RemovePrinterConnection sPrinterName2, True, True

I found with this method however that it will error out if that printer does not exist. im not enough of a VB guru to tell you if its possible to quieten it down to run silently.

When all is said and done, there is a much better way of doing this, and that is with Group Policy Preferences. this gives you centralized control over your printer environments, allowing you to add and remove and update printers for small groups or your entire organisation.

Group Policy Preferences will be covered for printers in an upcoming entry.

This article can also be located on our sister site DizzyIT.com at : http://dizzyit.com/2011/10/29/remove-network-printers-from-command-line-or-script/

This article can also be found on our You Tube Channel:

How to Set and redistribute a Static Default Route on a Cisco Router

How to Set a Static Default Route on a Cisco Router

A Static Default Route is used to provide a path to an external network, commonly an ISP or external network.

The syntax for a static default  route is quite simple:

ip route 0.0.0.0 0.0.0.0 (destination IP address)

e.g. to point to a default route of 8.8.8.8 then you you would use ip route 0.0.0.0 0.0.0.0 8.8.8.8 

Sometimes you may need to redistribute this to other routers in your infrastructure. To do so, you use the  redistribute static  command on the router. These routes will appear with a R* symbol when observed with  a show ip route command.

This article can also be found on our sister site Dizzyit.com at http://dizzyit.com/2013/03/31/set-static-default-route-cisco-router/

Set Interface Speed, Duplex and Description on a Cisco Switch / Router

Set Interface Speed, Duplex and Description on a Cisco Switch / Router

By Default, Cisco Switch Ports are set to auto negotiate. This means that the Cisco Switch / Router will agree on a speed determined by the line conditions with the end device. This works great for workstations and other end user devices as it gives freedom and flexibility without the admin needing to hard set speeds at both ends.

However, for key ports such as those to servers, other switches or routers, its often best to hard code in the speed and duplex, as well as provide a description to provide an explanation of what the port is used for.

In this example we will set the speed, duplex and a description on interface fast ethernet 0/3 .

The first step is to enter the configuration prompt for that switchport:

enable

config t

interface fa 0/3

From here, you can edit the configuration of the port.

To set the description, you use the description  command -  e.g description domain controller. Next, to set the Speed you use the speed command - e.g. speed 1000 . Finally, you set the duplex  with the duplex  command - e.g. Duplex Full .

This Article can also be found on our sister site DizzyIT.com at : http://dizzyit.com/2013/03/29/set-interface-speed-duplex-description-cisco-switch-router/

How to Erase the Config and VLAN Database on a Cisco Switch or Router

How to Erase the Config and VLAN Database on a Cisco Switch or Router

Erasing the config on a Cisco Switch or router becomes necessary at times for either disposal or re-purposing into a new location or lab environment.

NOTE: I highly recommend that before you delete any configuration from a switch or router you take a backup for the config and the vlan.dat . The one time you will need this is the one time you dont have it, and its good practice for archival purposes. 

Firstly, you need to erase the startup configuration. to do this two commands are used - either write erase or the newer erase startup-config. 

On a Catalyst Switch, you may need to to erase the VLAN database. To do this, type you type the command delete flash:vlan.dat 

From here you need to reload the router / switch. When running the reboot you will be prompted that system configuration has been modified, Save? [yes/no] Here, you should choose no . or you will write the running config back to the startup config and have to repeat the process!

This article can also be found at our sister site DizzyIT.com at: http://dizzyit.com/2013/03/29/erase-config-vlan-database-cisco-switch-router/

How to Set The IP Address on a Cisco Router Interface

How to Set The IP Address on a Cisco Router Interface

This article will discuss how to choose which interface needs to be configured on a Cisco Router, as well as how to go about configuring that interface

Setting the IP address on a Cisco Router interface is necessary for the router to be able to communicate with other networks, as well as its own network.

Prior to setting the IP address, the administrator needs to be aware of the address that will be allocated to the router. In many cases this will be dictated by a subnet mask that is already in use, or may be pre defined by either the network manager or service provider.

Secondly, the administrator needs to be aware of which interface needs to be configured. Most Routers only have a couple of interfaces and this is easy to determine, however some larger enterprise routers, such as those found in an ISP may have many interfaces. Configuring the wrong interface with the wrong IP address is a sure fire way to bring down your network and cause an outage.

Interfaces on modern modular routers are divided into slots, and these in turn are separated into interfaces. These are numbered on the back of a router to be physically inspected, and can also be listed from the command line with a show ip interface brief command

We can see that Interface FastEthernet 0/1 already has an IP address and that interface FastEthernet 0/0 is currently un-configured

Likewise, you would expect to have access to an up to date network diagram which should show you the ports and their connection partners. A show cdp neighbors command can also be used to determine who the routers existing neighbors are:

We can see from the above that we already have a connection to router R3 going out interface Fast Ethernet 0/1 . This confirms the information learned above with the show ip interface brief. 

It can also be a good idea to ping the IP address to be configured to ensure that its not in use.

Thus, It can now be determined with some certainty that interface FA0/0 is the interface to be configured

Once you have determined your interface to be configured, the actual configuration process is very easy. the syntax is as follows:

1. enable to enter into privileged mode. (enter any passwords required)
2. config terminal to enter into global configuration mode
3. interface (interface) to enter the configuration mode for the desired interface
4. no shutdown to bring the interface online
5. ip address (ip address) (Subnet Mask)  to assign the desired IP to the interface.

For a serial interface, especially in a lab environment you will need to set the clock rate for the port. this is done using the clock rate (clock rate)  command on the interface.

And that's all there is to it! for an inside facing interface, this is all that is required to bring the interface online and you should now have connection to the network. this can be tested with a ping command.

For an outside (external) interface, assuming that all is set up on the other end OK then connectivity will also have been established

Please note that this article can also be located at our sister site www.dizzyit.com at:

http://dizzyit.com/2013/03/24/set-ip-address-cisco-router-interface/

Thank you for reading and please check back in again soon for more articles.

Un install / Reset TCPIP stack in Windows Server, 8, 7, Vista, XP

Un install / Reset TCPIP stack in Windows Server, 8, 7, Vista, XP

by Graham Regan

In earlier versions of Windows (2000 and before) it was possible to remove and re install TCP/IP in Windows if there was a corruption / issue. this was done from add remove programs.

From Windows XP onwards, TCP/IP became a core component of Windows and cannot be removed. Instead, net shell is used to reset the stack.

The command to do this is (from the command prompt)

netsh int reset

e.g. netsh int reset c:\resetlog.txt

A reboot is then needed to complete the process.

the log file path is for logging the reset process  and can be used to troubleshoot / confirm that the reset has been performed correctly.

This command resets two registry keys, which has the same effect of removing and re installing the TCP/IP stack.

The registry key effected are:

system\currentcontrolset\services\tcpip\parameters and system\currentcontrolset\services\dhcp\parameters .

Set Basic Security and Passwords for Cisco Switches and Routers

Set Basic Security and Passwords for Cisco Switches and Routers

This article will cover setting passwords on a router / Switch at a CCNA level. TACACS and RADIUS will be covered in a future article.

The Enable password:

the Enable password protects privileged mode of the Router / Switch. This is where configuration changes can be made. This password can be cnfigured as an encrypted password or as plain text.

To configure in plain text use:
enable password  

To configure in encrypted mode use:
enable secret

The Enable Password is un-encrypted and can be seen in the running config in plain text as shown.

The Enable Secret looks like this in the running Config:

The enable secret password is encrypted with an MD5 hash and is very secure. In production, this is the password to use. There is no reason to have a plain text enable password in your config, as this will be over ruled by any enable secret that is in place. In a running config it looks like this:

You can encrypt plain text passwords with the service password-encryption command, however this is not as secure as the Enable Secret. The Service password-encryption command is a simple Vigenere cipher and is intended for line of sight protection. several websites are available that will break one of these passwords with no effort at all.

Console Password.

The Console Password protects the console port located (in most cases) at the rear of the router / switch. the syntax to set this password is:

line console 0
login
password

this password is stored in plain text in the running config and can be protected with the service password-encryption command

Telnet Password

 The Telnet password protects the router from remote access across a network.
Before setting this password i like to see how many telnet lines i have to play with. To do so, I use the line vty 0 ? command to verify how many lines are available.





Normally, passwords are set on the 1st 4 lines however you can do more if you wish. by not setting the password on the other lines you are not presenting a security vulnerability, you are just not presenting some of the available lines for telnet access

to set the telnet password the syntax is:
line vty 0 4
login
password

This command is stored in plain text in the running config and can be protected with the service password-encryption command:





There are two further security notes with this command.  Firstly, its not advisable under any circumstances to use the no login command here. this will allow access into the telnet ports without challenge. Secondly  telnet passes information in plain text which is an obvious security concern. For the uninitiated, this mean that the data can be intercepted by tools such as wireshark and easily exploited. instead SSH should be used as a transport protocol here. This will be covered on a further article.

The Auxiliary Password 

The Auxiliary port is only present on Routers, not switches. It is used traditionally as a port for remote access via a modem. it is more often used these days as a backup to the console port.

To protect the Aux port:

line aux 0
login
password

As above, this password can be encrypted with the service password-encryption command.:







This concludes the article on setting basic Cisco router and switch security. the information here was presented at a CCNA level. Further articles will go deeper into security hardening a Cisco device.

Thanks for reading!

PowerShell - Set Execution Policy - Files Could not be Loaded because the running of scripts is disabled on this system.

PowerShell - Set Execution Policy -  Files Could not be Loaded because the running of scripts is disabled on this system.

when using PowerShell you may get an error stating that " Files Could not be Loaded because the running of scripts is disabled on this system. Please provide a valid certificate with which to sign the files" as shown below:



This at a basic level means that your security settings in PowerShell are preventing you from running the script ( the execution policy.

To fix this, you need to set the execution policy to a more relaxed setting. these are as follows:

• Restricted - No Scripts can be run. Windows PowerShell can only be used in interactive mode.
• All Signed - Only Scripts signed by a trusted publisher can be run
• RemoteSigned - Downloaded scripts must be signed by a trusted publisher before they can be run
• Unrestricted - No Restrictions, any PowerShell script can be run

At the time of writing, PowerShell comes out of the box in restricted mode.

To check which execution policy your system is running type Get-ExecutionPolicy

To change to policy you type Set-Execution Policy . When you run and go to a less secure setting, you will get a large warning asking if you want to do so

e.g. Set-ExecutionPolicy RemoteSigned.

It's not recommended to use unsigned as this would allow anyone who accesses the system to run malicious or damaging code on your system. Most individuals will settle on Remote Signed, however before doing so in an organisation please ensure that this complies with your organisations security settings.

for a video walk through of this, please check this youtube video from our sister site www.dizzyit.com . The article can also be located there.