So fun! Testing Win11 Don’t care about any of the cloud, online, blah blah blah. Don’t have network access. Don’t want network access. So here I am again. Hence, my reminder to myself that this is the current (As of Sept 2023) to get to a local account on Win11 22H2 fresh install.
TLDR; oobe\ is a path. bypassnro.cmd is a batch file. Use shift+f10 to open a command prompt at the network configuration step and run oobe\bypassnro (no space).
When installing Windows 11, if you want to get around having to connect to the internet and login with a MS account, you can enter the command prompt and run: oobe\bypassnro
I always thought oobe was the command and \bypassnro was an option switch, and I found it completely odd there was no space in there. I was wrong. The command prompt opens in C:\Windows\System32. In \Windows\System32, is a folder called oobe. And inside the oobe folder is bypassnro.cmd. So, that is what you are running with the command oobe\bypassnro.
The bypassnro.cmd is a script which contains: @echo off reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\OOBE /v BypassNRO /t REG_DWORD /d 1 /f shutdown /r /t 0
So, it is really a registry key that causes oobe to not require a network, and then subsequently allow you to create a local account on a clean install.
I have sniffed around this solution for quite some time, but just last week came up against an immovable need and finally got serious about making it work. Specifically, I was looking to copy some files from an old server to my local disk for “safe keeping” (until I figure out what to do with the junk utilities I’d amassed), and simple file copy was failing (annoyingly, as it does, For Shame! Windows, that in 202x we STILL just get a failure instead of “continue & log for remediation” report!). For the first time in my career, I didn’t have another server to move “it” to, so…
Not quite a reproduction of Jacques’ post, but here ’tis.
Since Windows XP, support for drive mapping to the client during a Microsoft Terminal Services Connection (aka Remote Desktop) session, allowing file copy from the server to the client and vice versa via the file system.
To my knowledge, this is supported only in the Microsoft Remote Desktop Connection (aka MSTSC, RDP) application, and is not supported in the Microsoft Universal Remote Desktop App. I hope to find I’m wrong one day and correct this post, but meantime…
In the Microsoft Remote Desktop Connection (MSTSC) interface, “Local Resources” tab, “Local devices and resources” section, hit “more” to see options for “Drives”. Each volume (removable, fixed, or network) available on the client workstation is enumerated, and can be selected to be connected to the server during the RDP session. Each will show in the server’s Windows Explorer as “volume on computer name”, (e.g. “C on Computer1” for C: drive, or “F on Computer1” for F: drive). This makes for reasonably useful GUI browsing and file manipulation, but what about command prompt access?
I’m so glad you asked. Drives can also be addressed much like network shares via Universal Naming Convention (UNC), and/or mapped in a similar fashion if that suites the purpose. Volumes on the client are accessible to the server as \\TSCLIENT (note the client workstation’s machine name is not used, but is always referenced with the generic name “TSCLIENT”) followed by the volume’s drive letter, so using the same example as before “C on Computer1” could be connected through \\TSCLIENT\C or “F on Computer1” could be connected through \\TSCLIENT\F. We can display the content of C: drive on Computer 1 via UNC: DIR \\TSCLIENT\C and/or map a drive letter to it: NET USE Y: \\TSCLIENT\C We can also perform other command prompt actions, like copying files: COPY \\TSCLIENT\C\USERS\ME\DESKTOP\*.XLS D:\DATA\EXCEL or what I needed, Robocopying files: ROBOCOPY \\TSCLIENT\C\ME\DESKTOP D:\DATA\EXCEL *.XLS /Z /ETA ROBOCOPY Y:\ME\DESKTOP D:\DATA\EXCEL *.XLS /Z /ETA
Note from Jacques’ post, as I have not investigated this: the remote Terminal Services session inherits the user’s permission. So if you are logged on to the workstation as user A and you log in to the Terminal Services server as user B, the session will have access to the drives according to A’s permissions.
I hope this helps future me, and, with a little bit of luck, others out there seeking.
PS here’s another article I found while researching this, complete with some pictures. Thank you, Brandon Lee, even if your commenters feel that you did not write about what the title states. The pictures & process still helped me.
using your source (I chose to use a Windows 10 .iso file I had recently created using the Windows Media Creator Tool for another project…) and using an elevated command prompt, point dism at the “online” image and feed in the source (in my case, D drive housed my mounted .iso, so D:\Sources\SXS), thusly: dism /online /enable-feature /featurename:netfx3 /source:D:\Sources\SXS /limitaccess
===
The Longer Explanation
Many reasons, actually, might make a person wish to install/enable .NET Framework 3.5; so much so, this is now a “feature enable” option on Windows 10. However, nearly every “how to” do this demonstrates downloading the full (aka “offline”) installer from Microsoft’s download page and then just run the installation. Problem with this is that this kicks off the feature enable, and tries to download a package from Windows Updates to enable the feature. Which means you wasted your time downloading the offline, full installer anyway, but if that works, YAY you! If not… 😦
Usually we get some error, like “Error code 0x800F0954” which never seems to exist when researched but largely boils down to “unable to download/unzip/whatever the package”. In my case, with that error, it was traceable back to my WSUS server not caching the confounded package. No idea why it’s trying to do this, when I’ve downloaded the (full, offline) installer, but whatevs, yo! GRR!
So what to do about it? As noted at the beginning, we can simply use a cached .iso (or other source) for our installation set and dism. We just need to assemble the correct series of options/parameters, and wham-oh! In like Flynn.
This starts out pretty simple. Find your .iso or .wim. Mount it (double-clicking will suffice for .iso; dism must be used for .wim files). From there, most of the tutorials online only mention querying a specific .esd or .wim index, using a command like dism /Get-WimInfo /WimFile:F:\sources\install.esd /index:1 . The problem with this is it uses the index switch to tell dism which installer to check, and only (in my experience) returns THAT ONE in the case of multi-version images (which all of those downloaded for Windows Media Creator are, to my knowledge). Instead, one needs to ask dism what indices are available using a command more like dism /Get-WimInfo /WimFile:F:\sources\install.esd
I know they look very similar, because they are. But the big key difference is that the latter will show ALL indices, instead of just the ONE you’ve told it to look at. The difference can be astounding.
These are some of the sites I looked to when attempting to re-learn this little tidbit:
I was unable to find the ONE site I dug up once upon a time that laid this all out crystal clear, but thank you, anonymous blogger. Thanks to you, I know everyone else only gets it partially right.
Also, borrowing one of these images without permission. Thank you.
OWA is…well, to be frank, garbage, for those of us forced to use it because…well…whatever, but let’s say that your IT overlords have seen fit to NOT BOTHER fixing the problems with your tenancy, even if it were a simple call to THEIR overlords at Mickeysoft preventing an actual Outlook client from working in many of your workday scenarios. Among the mind-bogglingly idiotic discrepancies is the aggregated “Unread Items”. If you’re of a certain age, certainly, but even if not, you probably sort your email into folders for ease of finding later, etc. You probably have rules for helping with that, especially if you get auto-generated services messages that you want to have/keep/read when pertinent, but that do NOT need to be in your Inbox. How can you see these in OWA? Go digging. And good luck. And I’m sorry, Microsoft, but “conversations” is unwieldy at best, and search/filter from the inbox is equally useless. Seriously. Searching for an email that I have pulled up in one client, on another computer sitting on the same tabletop in OWA and it can’t be found. WTF?!? Wait. Why were we here again?
Oh yeah. Another exploitable bug feature of Desktop Lookout that until June 2020 or so was not available in OWA is delayed send. In a rare move, though, M$ actually made this one BETTER because it’s server-side. That means you can set the send time to a point in the future, and walk away, and the server will send your message at the appointed time (y’know, assuming everything works as-planned – a stretch, I know). On the desktop version, this is still client-side, meaning you have to have your computer turned on and the Outlook client has to be loaded. Otherwise, the server will simply ignore the future-send request once it becomes current, because it knows nothing about it. Very frustrating for those of us who became accustomed to building time-sensitive emails over a period of time, expecting the “send at” to trigger that send at the appointed time regardless of our being logged into a computer at all, because SOME vendors had the sense to make this server-side, as it should be and always have been, unlike M$ who, bafflingly, decided this needed to be client dependent. So what’s to know? Why am I here, instead of just pointing you to Pradeep’s post about Mike’s post? Here is the interface for the new bug feature:
Why did I feel the need to make a post, to remind myself sometime in the future about something I probably already know (but perhaps can’t remember just this moment)?
Here’s my screen:
Where is MY pulldown?
So…where IS my pulldown? I can see it in the “Attach” button, but nada on the “Send” button… I guess my tenancy has not, five months hither, been granted this glorious functionality…
Of course there’s a “gotcha”. And in a way that only Microsoft seems capable of doing, they exploit what is obviously a failure on my part, but in the most irritating way. I have NEVER used the OTHER send button. In fact, I did not even realize until today that there are multiple send buttons. I just use the one that is obvious. As encircled above. It turns out, if you look carefully, there is another at the bottom of the window.
Here, you will find the pulldown arrow, and can then schedule your email to send at some point in the future, whether your computer is on or not; whether you are logged in or not; whether your Lookout client is running or not. Ah. A small bit of relief in the sea of suck that is using OWA.
Thank you, Microsoft, for finally adding this feature to your bugfeature list.
This is pretty funny, and warrants more research. I cannot save this post to WordPress using a category of Microsoft with subcategory of Lookout.
Especially if you have a need to use an older browser for some specific reason, when the “snapshot” tools hadn’t been built-in, the dev tools go back a bit further, and have proven quite useful from time to time.
Thank you to Kari Söderhlom from whom I am plagiarizing this, from the comments on this web site.
I think it’s worth noting that you can also take full page screenshots in Chrome using the new Command Menu (you first need to have Dev Tools open to be able to open the Command Menu) by starting to type screenshot into the Command Menu and then select the option Capture full size screenshot from the auto completed list.
In Firefox there’s also been a similar command for a longer time by using the Firefox (this link is dead) Developer Toolbar (GCLI) (but this one works today). Just open the Developer Toolbar by pressing Shift+F2 and type in screenshot --fullpage filename.png (for my test on FF 43, which even in 2020 I still need for “some reason”, the syntax was screenshot filename.png --fullpage ). It has nice tool tips for all the parameters while you’re typing, but you can also get more info about the command by typing help screenshot. There are also command flags for saving the screenshot to the clipboard instead or posting it to Imgur.
To bring a more up-to-date vibe, FireFox has added the screeshot tool, which when invoked proffers “full page” or “visible region”, to accomplish roughly this task.
How To Geek has a nice writeup on to doing this in Chrome.
The short version:
Open Chrome
Browse to the web page you want to capture
Press Ctrl+Shift+I on Windows or Command+Shift+I on Mac to open the Developer Tools pane.
-OR-
Click the three dots “more tools” link on the browser window
Point to “More Tools”
Click on “Developer Tools”
press Ctrl+Shift+P on Windows and Command+Shift+P on Mac
-OR-
In the top right corner of the pane, click the three dots icon
Click “Run Command.”
Type “Screenshot”
Click “Capture full-size screenshot” from the list of commands available
The image should save automatically, but if you’re prompted to save the screenshot, select a destination on your computer, then click “Save.”
Thank you, to Sarthak Srivastava for being the one that caught my eye the first time; weirdly, his directions worked peachy my very first effort, and then never did again. The exact same Firefox 43 that I used the first time, following his directions, failed me the very next time (even though I found some OTHER site when I was trying to get back to that place I didn’t bookmark because “i’ll totally remember; it’s on Quora…”pffft. Hence, this site…).
( server 2008, R2, without SP1 (because that is what I was trying to get installed) had to use DISM.exe /mount-wim /wimfile:d:\sources\install.wim /index:1 /mountdir:c:\mount\ /readonly )
make sure this results in:
Mounting image
[==========================100.0%==========================]
The operation completed successfully.then you can run
To save having to mount the image beforehand change source to
“DISM.exe /Image:C:\ /Cleanup-image /Restorehealth /Source:WIM:*Install media letter*:\x64\sources\install.wim:1 /LimitAccess”
Depending on the install media you are using if it is only 64 bit install with no option for 32
“DISM.exe /Image:C:\ /Cleanup-image /Restorehealth /Source:WIM:*Install media letter*:\sources\install.wim:1 /LimitAccess”
Some installers use ESD instead of WIM so.
“DISM.exe /Image:C:\ /Cleanup-image /Restorehealth /Source:ESD:*Install media letter*:\x64\sources\install.ESD:1 /LimitAccess”
Still sometimes this fails and thats how i found myself here….
Anyone have any ideas as to why sometimes with a specified offline image /cleanup-image is not recognised as a command? or can someone please further correct my syntax if there are any errors? Thanks
I’m just placing this here, where I can find it again.
I’ll be doing this again, soon, and expect I’ll update here when I have a friendly reminder of what actually works. Funny thing, that, once something we do every 2 years or so works, we just move on. Til the next time…
Steps lifted from this website, which just happens to be the first one I found when I was digging for these instructions (again) recently. I do this kind of stuff about once every 2 years, it seems, so I always forget the details. SO here ’tis:
NOTE: Windows 10 1809 and later (to date) have different steps (included below) than prior versions (up until 1803) so watch for that.
Before the latest feature update of Windows 10, Windows 10 version 1809, users could boot into the recovery environment, replace utilman.exe with cmd.exe, and click on the “ease of access” button to spawn a command prompt window to change the user password.
In newer versions of Windows, extra steps are required. Here is the entire process, including both versions:
Load the recovery and troubleshooting environment, e.g. by clicking on “Repair your computer” during Windows Setup if you boot from Windows installation media.
Select Troubleshoot > Command Prompt.
Switch to the drive letter that Windows is installed on and there in the system32 directory, e.g. cd c:\windows\system32
Type rename utilman.exe utilman.bak.
Type copy cmd.exe utilman.exe.
Restart the computer and boot from the Window installation this time.
If you run Windows 10 version 1803 or earlier, click on the Ease of Access button to open a command prompt window.
If you run Windows 10 version 1809 or later, do the following first:
Hold Shift-key on the keyboard and click on the Power button to select Restart.
After the Restart, hold down the Shift-key again and select Restart from the Power menu again to boot into startup repair.
When the Startup Settings screen appears after the Restart, select 8) Disable early launch anti-malware protection.
Click on the Ease of Access button on the next start on the login screen to open the command prompt window.
Type net user to display the names of all user accounts.
Use the command net user [username] [password] to change the password of the account, e.g. net user bob badpassw3rd to change the password of the user bob to badpassw3rd .
I’ve used them for…well, since Windows XP, I think. There is a whole slew of “magic variables” made possible by the command shells expansion of “for” shorthand using the tilde (~) and some other metacharacters, that you can use in your Windows “scripts”, i.e. batch files, and the more modern substitutions for those. This document from Microsoft does a bad job of explaining them (like most of what Microsoft releases), but it’s nevertheless a reference for them. Check the “for” section. This website actually does a nice job of listing them, and is where I’m lifting the list, the reason for which I’m creating the post. I once had a very lovely chart of all these sitting on my desk (yep, in hardcopy) which I can no longer find. I can also no longer find the electronic version, and searching for this online has yielded little result. Thus, this post.
%~I – expands %I removing any surrounding quotes (“)
%~fI – expands %I to a fully qualified path name
%~dI – expands %I to a drive letter only
%~pI – expands %I to a path only
%~nI – expands %I to a file name only
%~xI – expands %I to a file extension only
%~sI – expanded path contains short names only
%~aI – expands %I to file attributes of file
%~tI – expands %I to date/time of file
%~zI – expands %I to size of file
%~$PATH:1 – searches the directories listed in the PATH
environment variable and expands %1 to the
fully qualified name of the first one found.
If the environment variable name is not
defined or the file is not found by the
search, then this modifier expands to the
empty string.
The modifiers can be combined to get compound results:
%~dpI – expands %I to a drive letter and path only
%~nxI – expands %I to a file name and extension only
%~fsI – expands %I to a full path name with short names only
%~dp$PATH:1 – searches the directories listed in the PATH
environment variable for %1 and expands to the
drive letter and path of the first one found
(but this would work only in called functions and
only for numbered variables)
%~ftzaI – expands %I to a DIR like output line
The way this typically manifests in batch writing is thus:
cd %~dp0
runfile.exe >> %~d\log.txt
If you’ve been following along, you already know the beast. Awesome piece of hardware, frankly, with decent firmware/software to boot. Buuuuut… One of the “updates” (I’ve forgotten which, and do not feel like looking it up) upgraded NFS from version 3 to 4. By default, NFS v. 4 adds “security”.
Which is fine and wonderful, except that I’m on an isolated network anyway, and NFS3 worked fine, and VMWare wasn’t ready for NFS 4 at the time. Thus, it had no provision for the directive NEED_SVCGSSD=yes found in the /etc/default/nfs-kernel-server configuration file.
So, to work around this, fast and dirty, enable “diagnostic mode”, then change this entry using vi (you do know how to use vi, right?) to “no”, and then restart the service with /etc/init.d/nfs-kernel-server restart
Baddaboom baddabing.
I’m not saying this is the RIGHT way to fix the problem; only that it works.
Oh, bad news. You have to re-do this each time the server is restarted (unless you can figure out how to get this change into the squashfs, which I’m not going into here).
sypak 