Prevent Windows from Automatically doing Updates

Don’t like your Windows performs automatically download, install updates and restart by itself?

Click Start and type in: ‘gpedit.msc‘.

Go to: Local Computer Policy -» Computer Configuration -» Administrative Templates -» Windows Components -» Windows Update -» Configure Automatic Updates.

Set from ‘Not Configured’ to: ‘Enabled‘.

Configure automatic updating: ‘2 – Notify for download and notify for install‘.

Click ‘Apply‘ then ‘OK‘.

See screenshot below:

Windows Automatic Update Policy

Control Panel crashes with Windows Explorer on Windows 10

So when you open Control Panel the Windows Explorer crashes?

If you have IDT Audio Drivers, use your File Explorer to get to:

C:\Windows\System32

And then remove: IDTNCPL.cpl and IDTNCPL64.cpl

Those files are remnants from the previous Windows Driver update and are safe to be removed, it has potential to crash Control Panel with the Windows Explorer (i.e. the explorer.exe process)

Tested on Windows 10 Creators Update [Version 10.0.15063]

See/Recover Stored Wi-Fi Password in Windows

So you want to recover the Wi-Fi password you previously stored on your Windows? It is very simple, you will just need to execute two easy commands below.

Firstly, open up Command Prompt by clicking Start -» type: ‘cmd‘ then press Enter.

Type in:

C:\Users\Andy>netsh wlan show profiles

Profiles on interface Wi-Fi:

Group policy profiles (read only)
---------------------------------
<None>

User profiles
-------------
All User Profile : CWMGuest5G
All User Profile : Mercury
All User Profile : SPARK-JVYXR4
All User Profile : Brick
All User Profile : Ellerslie
All User Profile : Telecom-8080
All User Profile : JR-WIFI
All User Profile : JEAL-WIRELESS
All User Profile : ANDY-IPHONE
All User Profile : Millennium Conference
All User Profile : BETHEL
All User Profile : CSC-Guest


C:\Users\Andy>

And then to see the password, type in:

C:\Users\Andy>netsh wlan show profiles WIFI-SSID key=clear

Profile BETHEL on interface Wi-Fi:
=======================================================================

Applied: All User Profile

Profile information
-------------------
 Version : 1
 Type : Wireless LAN
 Name : BETHEL
 Control options :
 Connection mode : Connect automatically
 Network broadcast : Connect only if this network is broadcasting
 AutoSwitch : Do not switch to other networks
 MAC Randomization : Disabled

Connectivity settings
---------------------
 Number of SSIDs : 1
 SSID name : "BETHEL"
 Network type : Infrastructure
 Radio type : [ Any Radio Type ]
 Vendor extension : Not present

Security settings
-----------------
 Authentication : WPA2-Personal
 Cipher : CCMP
 Authentication : WPA2-Personal
 Cipher : Unknown
 Security key : Present
 Key Content : thiswillbethewifipassword

Cost settings
-------------
 Cost : Unrestricted
 Congested : No
 Approaching Data Limit : No
 Over Data Limit : No
 Roaming : No
 Cost Source : Default


C:\Users\Andy>

Simply replace WIFI-SSID with your SSID you want to reveal the key.

Tested and working properly on Windows 10 Creators Update (Version: 1703 (Build: 10.0.15063.296))

Hope this helps, cheers!

Enable Windows Photo Viewer in Windows 10

Those you who have upgraded from Windows 7 or Windows 8.1 to Windows 10 probably have Windows Photo Viewer program in Windows 10. But some users are reporting that Windows Photo Viewer has gone missing after clean installing Windows 10.

If you are missing the Windows Photo Viewer, we can bring back the classic Photo Viewer to Windows 10.

  1. Copy and paste the following registry key and save as PhotoViewer.reg :
    Windows Registry Editor Version 5.00
    
    ; Change Extension's File Type
    [HKEY_CURRENT_USER\Software\Classes\.jpg]
    @="PhotoViewer.FileAssoc.Tiff"
    
    
    ; Change Extension's File Type
    [HKEY_CURRENT_USER\Software\Classes\.jpeg]
    @="PhotoViewer.FileAssoc.Tiff"
    
    
    ; Change Extension's File Type
    [HKEY_CURRENT_USER\Software\Classes\.gif]
    @="PhotoViewer.FileAssoc.Tiff"
    
    
    ; Change Extension's File Type
    [HKEY_CURRENT_USER\Software\Classes\.png]
    @="PhotoViewer.FileAssoc.Tiff"
    
    
    ; Change Extension's File Type
    [HKEY_CURRENT_USER\Software\Classes\.bmp]
    @="PhotoViewer.FileAssoc.Tiff"
    
    
    ; Change Extension's File Type
    [HKEY_CURRENT_USER\Software\Classes\.tiff]
    @="PhotoViewer.FileAssoc.Tiff"
    
    
    ; Change Extension's File Type
    [HKEY_CURRENT_USER\Software\Classes\.ico]
    
    @="PhotoViewer.FileAssoc.Tiff"
  2. Double-click on the saved PhotoViewer.reg file.

  3. Click Yes button when you see the following confirmation dialogue to merge it. Alternatively, you can right-click on it, and then click Merge option.

  4. Click OK button again when you get the following dialogue box and that’s it! You have just enabled the classic Windows Photo Viewer in Windows 10.

  5. Optionally you can also make it default for images.

Mac Spotify: Cannot Start Application

So you want to run Spotify.app on macOS with multiple users environment but it says that you ‘Cannot Start Application’

Multiple users environment is where you have one Mac, and it has more than one user using it.

Spotify updated their app and prevent us running the app from another user (it will only run on the user who installed it)

Since their previous version doesn’t have this issue, I investigated the issue and found out that it was caused by permission issue.

The following are the resolution:

  1. Download and install Spotify as normal;
  2. Quit the Spotify Application once it’s finished installing;
  3. Open the application called Terminal (Command Prompt for Windows computers);
  4. Change to the correct directory by typing this and then hit enter:
    cd /Applications
  5. Then, copy and paste this command, followed by enter:
    sudo find Spotify.app -exec chmod 755 {} \;
  6. When prompted, enter your Mac user’s password and hit enter;
  7. Open the Spotify.app.

It is obviously if you open Terminal before installing Spotify.app you’ll get the ‘No such file or directory’ message.

Note: If all of this still doesn’t work, I found another temporary solution by simply dragging the Spotify.app from the Applications folder onto a USB and running Spotify from there. This is because by default Mac ignores ownership on USB volumes.

Cheers!

3CX NZ Setup Guide & Tutorial

3CX Setup Guide for UFONE (Supported by 3CX) in New Zealand
Firstly, make sure that the computer/server power scheme is on 'High performance' -- this ensures that the computer operates at maximum performance and it will not goes into sleep mode after 30 minutes (Windows default).
  1. Computer Name format is CompanyName-3CX
  2. Assign IP and make sure that the server is configured for the client’s network (3CX Server IP is NOT designed to be changed after installation) — Add client’s IP as secondary IP if needed!!
  3. Go to https://www.3cx.com/phone-system/download-links/ — and download the latest 3CX Server
  4. After installation done, you will be asked whether you want to continue using web browser (press 1) or CLI (press 2)
  5. Windows Firewall popup might also occur and in that case; tick all network to make sure 3CX is allowed to connect to all the networks.
  6. 3CX Management Console credentials, setup the username (e.g. 3cxadmin) and you can also use the same password with Windows’.
  7. Public IP Address, open up https://www.whatismyip.com/
  8. Configuring FQDN: Select ‘I need a 3CX FQDN.’ — Enter Client’s Name as Subdomain and, Select a 3CX Domain: Select New Zealand (*.3cx.co.nz)
  9. Select Local IP and make sure to choose the client’s IP again here.
  10. ===WAIT=== it might take some time during the ‘Creating FQDN and certificates…’ process, that is perfectly normal.
  11. Set HTTPS port to 443 and HTTP port to 80 if those ports are not currently in use.
  12. Login to 3CX Management Console for the first time, the best practice is to use: ‘3 Digits (000-999)’ — be aware, this cannot be changed later!!
  13. 3CX Phone System Admin Email: your@admin-email.add
  14. Use mail server (necessary, I’d personally recommend using SendGrid):
    » Mail Server IP or FQDN: smtp.sendgrid.net
    » Reply To Address: 3cx@intra.saputra.local
    » Email: companysmtp (e.g. saputrasmtp)
    » Password: companysmtp’s sendgrid password
    » Enable SSL/TLS: ticked
    » Perform ‘TEST’ and make sure you get this message: ‘Mail sent’ in green colour.
  15. Select Country: New Zealand, Set the Time Zone: +12:00 New Zealand (Wellington, Auckland)
  16. Select Language: UK English Prompts Set (or select Aussie/NZ Prompts Set if available)
  17. Registration Details:
    License Key: (leave it alone)
    Contact Name: Systems Administrator
    Company Name: (e.g. Saputra Enterprises Ltd.)
    Email: use@real-email.here
    Phone: +64-9-xxxxxxx
    Country: New Zealand
  18. If there are any updates available (it will be indicated by red bubble on the Updates link)
  19. Go to Updates Page, tick ‘Automatic updates’, select ‘Weekly 0:00 every Sunday’ — DO NOT tick the 3CX PBX updates (this will make sure all clients/templates are updated while leaving the PBX system untouched to avoid undesirable unknown update effect)
  20. Add SIP Trunk / VoIP Provider:
    Country: NZ
    Provider: UFONE
    Main Trunk Number is the Main Phone Number, e.g. ‘649xxxxxxx’ — FORMAT MUST BE LIKE THIS, OTHERWISE WILL NOT WORK!!
  21. Trunk Details:
    Enter name for Trunk: leave it UFONE
    Registrar/Server/Gateway Hostname or IP: see credentials, e.g. ‘xxxxxx.sip.ufone.co.nz’
    SIM Cals: depending on the UFONE contracts, e.g. 2
    Authentication ID: see sip username
    Authentication Password: see sip password
  22. CREATE INBOUND RULES, put ‘UFONE’ as Inbound rule name just click OK to create (might need to repeat depending on how many numbers they have)
  23. CREATE OUTBOUND RULES:
    1. Emergency 111:
      » Calls to numbers starting with prefix: 111
      » Calls to Numbers with a length of: 3
      » Route 1: ‘UFONE’ / Strip Digits ‘0’ / Prepend ”
      » Route 2: ‘UFONE’ / Strip Digits ‘0’ / Prepend ’64’
      » Route 3: ‘BLOCK CALLS’ / Strip Digits ‘0’
    2. International:
      » Calls to numbers starting with prefix: 00
      » Route 1: ‘UFONE’ / Strip Digits ‘2’ / Prepend ‘+’
      » Route 2: ‘UFONE’ / Strip Digits ‘0’ / Prepend ”
      » Route 3: ‘BLOCK CALLS’ / Strip Digits ‘1’
    3. National + Mobile + Tollfree:
      » Calls to numbers starting with prefix: 0
      » Route 1: ‘UFONE’ / Strip Digits ‘1’ / Prepend ’64’
      » Route 2: ‘BLOCK CALLS’ / Strip Digits ‘1’
    4. Local 09:
      » Calls to Numbers with a length of: 7
      » Route 1: ‘UFONE’ / Strip Digits ‘0’ / Prepend ‘649’
      » Route 2: ‘BLOCK CALLS’ / Strip Digits ‘1’
    5. Catch All:
      » Route 1: ‘UFONE’ / Strip Digits ‘0’ / Prepend ”
      » Route 2: ‘BLOCK CALLS’ / Strip Digits ‘1’
  24. Go to Windows DHCP server, on IPv4 -» Scope [LAN_IP] [Domain] -» right click on Scope Options -» select Configure Options -» and tick option 66 (Boot Server Host Name), add provisioning http URL from 3CX (e.g. ‘http://192.168.1.3/provisioning/wsyeg9vhyqod7’)
  25. Back to 3CX Management Console, click Phones -» Add Phone -» Choose Extension (e.g. 303) -» Choose from available models (e.g. GXP-1628) and add the mac address of the phone (e.g. ‘000b82a347ab’) -» click OK and OK again to close the extension window.
  26. Go to that phone’s web interface using IP address, enter on browser (e.g. http://192.168.1.33) login using admin:admin and reboot the phone so that it will be provisioned on the next boot.
  27. Setup port forwarding on the router/firewall to the 3CX server IP address for the ports specified below:
    » Default SIP port is 5060 UDP and TCP;
    » Default RTP ports are 9000-9500 UDP only (please also open these ports in Firewall, and it will not make our network vulnerable as the RTP ports are on-demand, so 3CX will only open when it’s required)
    » Default Tunnel port is 5090 UDP and TCP;
    » Default https port 5001 or can also 443 TCP.

Another phone provisioning method:

» Configuring the provisioning server via the Grandstream GXP series web interface

Step 1: Configure the phone in 3CX

  1. Log in to your 3CX Management Console ⇒ Phones ⇒ press “Add Phone.”

  1. Pick an extension from the list to which the IP phone shall be assigned.

  1. Select the model and enter the MAC address of the device which can be found on the back of the device itself.

  1. Optional set the “Phone Display Language” and “Timezone” for the device.

  1. Take a copy of the “Provisioning Link” which needs to be entered into the Grandstream GXP in step 2.

Step 2: Enter the Information into the Web Interface of the device

  1. Open the Web Interface of the Grandstream phone and login (default password is admin).
  2. Navigate to “Maintenance” ⇒ “Upgrade and Provisioning.”
  3. Set the “Upgrade via” to HTTP.
  4. In “Configuration Server Path” and “Firmware Server Path” enter the provisioning link taken from step 1 and paste in without http://”
    (example: pbx.mybusiness.local/provisioning/pc56bscs195k)
  5. Press “Save and Apply” and “Reboot” which can be found in the top right corner of the Grandstream web interface.

Grandstream GXP1628/GXP2140/GXP2160 attended transfer fix:

Go to Phone UI -» Settings -» Call Features -» » Auto-Attended Transfer (by default: No) — set to “Yes”, and the phone will use attended transfer by default.

3CX Notes & Best Practices

I attended 3CX training on 6-7 March 2017 at the Grand Millennium Hotel, Auckland CBD. Here are my notes and tips for 3CX best practices, please feel free to add by posting a comment down below.

  • As of March 2017, Sonicwall Firewall requires a hotfix to be able to work properly with 3CX.
  • SIP port is used just for signaling, RTP ports used for audio and videos.
  • If 3CX is not on 5060, there will be NO PnP Provisioning.
  • STUN tells source IP of the 3CX.
  • Main trunk number = phone number.
  • Full cone NAT (i.e. static NAT) is required:
    » A full cone NAT (also known as a one to one NAT) is the only type of NAT where the port is permanently open and allows inbound connections from any external host. A full cone NAT maps a public IP address and port to a LAN IP and port. Any external host can send data to the LAN IP through the mapped NAT IP and port. If it tries to send data through a different port, it will fail. This type of NAT is also known as port forwarding. This NAT type is the least restrictive type of NAT; the only requirement is that the connection comes in on a particular port (the one you opened).
    Example –  A server has a website running on port 80. We create a one-to-one rule that maps the router WAN IP of 100.150.200.250 to 192.168.0.1 with port 80 to port 80. Any external host that sends data to 100.150.200.250 on port 80 is NAT-ed (and sent) to 192.168.0.1 port 80.
    Note: The port numbers do not have to be the same; We could run my website on port 8080 but create the NAT mapping to forward port 80 to port 8080. This port gives the appearance to the public Internet that my website is on port 80. A connection attempt on any other port is dropped.
  • Disable SIP ALG (Application Layer Gateway) at Router / Firewall (MUST DO, ELSE WILL CREATE ISSUES WITH 3CX!!)
  • » Default SIP port is 5060 UDP and TCP;
    » Default RTP ports are 9000-9500 UDP only (please also open these ports in Firewall, and it will not make our network vulnerable as the RTP ports are on-demand, so 3CX will only open when it’s required)
    » Default Tunnel port is 5090 UDP and TCP;
    » Default https port 5001 or can also 443 TCP.
  • 3CX version 15 requires .NET 4.6.1 — older .NET will cause unexpected behaviours.
  • Please run 3CX on a dedicated instance when possible, NEVER run these service along with 3CX:
    » Microsoft Exchange;
    » Microsoft SQL Server;
    » DNS Server;
    » VPN Server.
  • When there are around 50 simultaneous users, the best practice would be to run 3CX on a Server OS and not a Desktop OS, as Server OS handles network traffic better than a Desktop OS.
  • When configuring outbound dialling, replace + with 00.
  • Setup exclusion on 3CX Program Files and Program Data folders on Anti-Virus & Windows Firewall.
  • Disable any other NIC such as WAN Miniport, Wi-Fi, Bluetooth, etc.
  • Only >Pro version has the failover feature.
  • Do NOT change LAN IP of the 3CX server once setup finished — if setting up for a client on office, setup 3CX with their network configuration.
  • Create A record for the 3CX FQDN.
  • Turn on scheduled nightly backup plan.
  • Keep OS and 3CX on latest update as possible.
  • Uninstalling / Migration: Always copy backup folder before uninstalling 3CX server as the default backup folder will be deleted after the uninstall process finished.
    e.g. C:\ProgramData\3CX\Instance1\Data\Backups
  • Uninstalling: Release the IP from the 3CX Customer Portal: https://customer.3cx.com/
  • Maintenance: Always reboot Windows when there’s a chance so that 3CX can do its housekeeping.
  • SIP Fork is when more than one device on the same extension (e.g. already have IP Phone, installing 3CX client on computer)
  • Plan and add emergency numbers, ensure they are on the top of rules, avoid using extensions that being used by country’s emergency number, e.g. 111 (NZ emergency number) or 911 (US emergency number)
  • It is possible to set up sync between Office 365 & Google contacts and 3CX using the 3CX client.

Enable Verbose Service Startup/Shutdown Messages on Windows

Open up regedit.exe and head to the following key, creating it if the key path isn’t there:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System

Once you are there, create a new 32-bit DWORD on the right-hand side named VerboseStatus, giving it a value of 1.

Now when you start up or shut down, you’ll see more verbose messages telling you what is taking so long.

I have created lazy way to do it, just copy the code below:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
"VerboseStatus"=dword:00000001

Save as .reg file and run as administrator as we need to edit the HKLM.

I have tested this on Windows 7 SP 1, Windows 8, Windows 8.1 and Windows 10 version 1607 (Anniversary Update)

Bare Metal Recovery with LOGICnow MAX Backup

LOGICnow MAX Backup can be used to recover a system from scratch.

Bare metal recovery allows you to recover your system directly to bare hardware (or VM) without a prior OS installation and return to its previous state.

Supported operating systems (as of 2016-10-06):

  • Windows Vista
  • Windows 7
  • Windows 8 / 8.1
  • Windows 10
  • Windows Server 2008 / 2008 R2
  • Windows Server 2012 / 2012 R2

Operating system requirement applies to the source computer and to the computer on which the bootable media is created.

To get started:

  1. Go to MAX Backup Additional Tools page, from the ‘BARE METAL RECOVERY’ section, select either .EXE download (for creating bootable USB drive) or .ISO download (for creating bootable DVD drive)
  2. Install or burn the Bare Metal Recovery tool on your USB drive or DVD drive.
  3. Boot the USB drive / DVD drive you just created (Make sure the BIOS/UEFI settings are intact. If you boot in a mode that isn’t compatible with the firmware used on the source computer, the restore session will fail.)
  4. Configure or confirm network settings using the command line options (use number to perform the task)
  5. Backup Manager wizard will open in a chromium-embedded browser, enter the backup device configuration.
  6. Go to Restore » Bare Metal Recovery » adjust the settings as appropriate.
  7. Choose the data to restore.
  8. Finally, click ‘Restore’ to begin the restore process.

How to Repair a .pst file

This solution will usually also fix any Outlook that having stuck issues while on ‘Loading Profile’ screen
Outlook 2016 Loading Profile
Outlook 2016 Loading Profile
  1. Exit Outlook, and browse to <drive>:\Program Files — or, if you see a Program Files (x86) folder on the same drive, browse to that instead. For example, C:\Program Files or C:\Program Files (x86).For Office 2016 use this path: C:\Program Files\Microsoft Office\root\Office16
  2. In the Search box, type Scanpst.exe.

If the search doesn’t find Scanpst.exe, try searching in the alternative folder mentioned in step 2, above — Program Files or Program Files (x86).

  1. Double-click Scanpst.exe.
  2. In the Enter the name of the file you want to scan box, enter the name of the .pst file you want the tool to check, or click Browse to select the file.
  3. By default, a new log file is created during the scan. Or, you can click Options and choose not to have a log created, or to have the results appended to an existing log file.
  4. Click Start.

If the scan finds errors, you’re prompted to start the repair process to fix them.

The scan creates a backup file during the repair process. To change the default name or location of this backup file, in the Enter name of the backup file box, enter a new name, or click Browse to select the file you want to use.

  1. Click Repair.A copy of the log file is saved to the same folder as the .pst file.
  2. Start Outlook with the profile that contains the Outlook Data File that you repaired.
  3. Switch to the Folder List view in the Folder Pane by pressing Ctrl+6.

In the Folder Pane, you might see a folder named Recovered Personal Folders that contains your default Outlook folders or a Lost and Found folder. Although the repair process might recreate some of the folders, they may be empty. The Lost and Found folder contain any folders and items recovered by the repair tool that Outlook can’t place in their original structure.

You can create an Outlook Data File, and drag the items in the Lost and Found folder into the new data file. After you’ve moved all the items, you can remove the Recovered Personal Folders (.pst) file. This includes the Lost and Found folder.

If you can open the original Outlook Data File, you may be able to recover additional items. The Inbox Repair tool creates a backup file with the same name as the original, but with a .bak extension, and saves it in the same folder. You may be able to recover items from the backup file that the Inbox Repair tool couldn’t recover.

To recover items from the backup (.bak) file, make a copy of it and give the copy a new name with a .pst extension, such as bak.pst. Import the bak.pst file into Outlook, and then use the Import and Export Wizard to import any additional recovered items into the newly created .pst file.