Installing .NET 3.5 Framework on Microsoft Windows Server 2012

Error Screen:Windows Server .NET Framework 3.5 Install ErrorSolution:

1. Using the Add Roles and Features Wizard, specify an alternate source path using the link at the bottom of the wizard. For example, D: is my Windows Server DVD media.


2. Using PowerShell, specify the source files path when installing.
 Install-WindowsFeature NET-Framework-Core –Source D:\Sources\sxs
3. Using DISM from the command prompt, specify the source files path parameter:

DISM /Online /Enable-Feature /FeatureName:NetFx3 /Source:d:\sources\sxs

4. Using a file share containing the sxs folder, specify the unc share path:

Install-WindowsFeature NET-Framework-Core –Source \\ServerName\ShareName\sxs

Group policy scripts

Get-GPO -All | ForEach-Object {
    ([XML](Get-GPOReport -Guid $_.ID -ReportType Xml) | Where-Object {$_.GPO.User.ExtensionData -ne $null}).GPO.Name


Get-WinEvent -FilterHashtable @{Path=”C:\Windows\System32\Winevt\Logs\security.evtx”;ID=4624,4634,4647;data=”test”,”administrator”} | % {
New-Object PSObject -Property @{
MachineName = $_.MachineName
EventID = $_.ID
TimeCreated = $_.TimeCreated
User = $_.Properties[5].Value
Domain = $_.Properties[6].Value
WorkstationName = $_.Properties[11].Value
Keywords = $_.KeywordsDisplayNames -join “;”

Select MachineName,TimeCreated,User,Domain,EventID,WorkstationName,Keywords,message | ft

Event Log Filters

Get-WinEvent -FilterHashtable @{Path=”C:\Windows\System32\Winevt\Logs\Archive-Security-2017-05-11-11-28-38-673.evtx”;ID=4624,4634;data=”RRiad”} | % {
New-Object PSObject -Property @{
MachineName = $_.MachineName
TimeCreated = $_.TimeCreated
User = $_.Properties[5].Value
Domain = $_.Properties[6].Value
LogonType = $_.Properties[8].Value
SourceIP = $_.Properties[18].Value
Keywords = $_.KeywordsDisplayNames -join “;”
Select MachineName,TimeCreated,User,Domain,LogonType,EventID,SourceIP,Keywords | ft


Get-WinEvent -FilterHashtable @{Path=”C:\Windows\System32\Winevt\Logs\Archive-Security-2017-05-11-08-55-49-805.evtx”;id=4624,4647;data=”MNaqvi”}


How to parse Windows Eventlog

I want to look at the RID allocation table for a DC. What do I do?

  • Dcdiag.exe /TEST:RidManager /v | find /i “Available RID Pool for the Domain”

repadmin commands

repadmin /replsummary /bysrc /bydest GIL-GCKKOT-DC01

to track user logon/logoff

Step 1: Create the following two files using Notepad or your favorite text editor:

echo logon %username% %computername% %date% %time% >> \\sbs\share\logon.log

echo logoff %username% %computername% %date% %time% >> \\sbs\share\logon.log

Step 2: Update Group Policy to run the appropriate batch file. In Group Policy, go to:
User Configuration-> Windows Settings-> Scripts (Logon/Logoff)-> Logon

Step 3: As users log on and off, your log file should look something like this:

logon June VSXP Tue 22/02/2005 10:39:51.12
logoff June VSXP Tue 22/02/2005 10:41:08.45
logon MickM VSXP Tue 22/02/2005 10:42:01.07
logoff MickM VSXP Tue 22/02/2005 10:42:46.81

Powershell method:


%d bloggers like this: