Manage System restore and Shadow Copies from the command line

thanks to

  • vssadmin list shadows – This command lists all existing shadow copies on the system
  • vssadmin delete shadows /for=c: /oldest – This command deletes the oldest shadow copy on drive C
  • vssadmin delete shadows /for=d: /all – This command deletes all existing shadow copies on drive D
  • vssadmin delete shadows /for=c: /shadow=ID – Deletes the selected shadow copy. The IDs are listed when you use the list shadows command.
  • vssadmin resize shadowstorage /for=c: /maxsize=2GB – Sets the shadow storage for drive C to 2 Gigabyte. May delete existing restore points starting with the oldest if space is not sufficient to store all System Restore points

Allow Users to bind machines to domains

Use the delegate Control wizard inside AD against the top level domain listing (not OU). You can then select “Join Domain” as a security option for your chosen user(s)/group(s).


Be sure to check for the group policy too, “Default Domain Policy” > Computer Configuration > Windows Settings > Security Settings > Local Policies > “Add Workstations to Domain”

Windows 2003+ domain – Prevent users adding computers to domain

1.       Open run and type ADSIEDIT.msc (may need to register adsiedit.dll on server first)

2.       Right click ADSIedit and choose connect to

3.       In the connection point section ,chose select A well Known Naming Context and ,from the drop-down list choose Default naming context

4.       Click OK

5.       Expand default naming context

6.       Right click the DC=mydomain,dc=local domain folder and choose properties

7.       Select ms-DS-MachineAccount Quta and click edit

8.       Type 0

9.       Click OK

WAIK Disable UAC

Addition to WAIK sysprep xml to disable UAC

<component name=”Microsoft-Windows-Deployment” processorArchitecture=”amd64″ publicKeyToken=”31bf3856ad364e35″ language=”neutral” versionScope=”nonSxS” xmlns:wcm=”” xmlns:xsi=””>
<RunSynchronousCommand wcm:action=”add”>
<Path>net user administrator /active:yes</Path>
<RunSynchronousCommand wcm:action=”add”>
<Path>cmd /c reg add HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem /v EnableLUA /t REG_DWORD /d 0 /f</Path>
<Description>Disable EnableLUA</Description>
<RunSynchronousCommand wcm:action=”add”>
<Path>cmd /c reg add HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem /v ConsentPromptBehaviorAdmin /t REG_DWORD /d 0 /f</Path>


trust relationship failed, windows domain


Change the value:



2016-07-21 UPDATE:

Discovered this thread which mentions using PowerShell to reset the machine password, if you haven’t completed the registry change:

Open PowerShell as administrator. Run this command sequence:

$credential = Get-Credential

(enter domain admin account when prompted)

Reset-ComputerMachinePassword -Server <<YOUR DC NAME HERE>>

Thanks to:

VBScript & Fonts on Windows 7

Some VBScript pulled from

This sub routine takes two inputs, filename (registry name of Font as found in
[HKLMSoftwareMicrosoftWindows NTCurrentVersionFonts]
) and the fully qualified filename of the font on the system and then deletes them both:

Remove_Font "Helvectiva XXXXXXXX", "c:windowsfontsHELNLTPR.TTF"

Sub Remove_Font(strFontName, strFile)

	Set oFSO = CreateObject("Scripting.FileSystemObject")
 	Set oShell = CreateObject("WScript.Shell")
	' If the file exists
	If oFSO.FileExists(strFile) Then
		' Delete the file
		oFSO.DeleteFile strFile, True
		On Error Resume Next
		oShell.RegDelete "HKLMSoftwareMicrosoftWindows NTCurrentVersionFonts" & strFontName
		If Err.Number = 0 Then
			MsgBox strFile & " was removed."
			MsgBox strFile & " was deleted, but the registry key still exists."
		End If
		On Error GoTo 0
		MsgBox strFile & " was not found."
	End if

	Set oFSO = Nothing

End Sub