Author: Bob Lin

1. Run services.msc. Disable Windows update and Windows Update Medic Services by navigating to Windows Update, and Windows Update Medic Services. then disable them.
2. Change the Setting of the Group Policy Editor. Run gpedit.msc. Go to Computer Configuration > Administrative Templates > Windows Components > Windows Update. Double-click Configure Automatic Updates. Select Disabled in Configured Automatic Updates on the left, and click Apply and OK to disable the Windows automatic update feature.
3. Disable Windows update by using Registry. Run Change the way of Windows 10 Updates Using Registry. HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows. Right-click the Windows (folder) key, select New, and then click Key. Name the new key WindowsUpdate and press Enter. Right-click the newly created key, select new, and click Key. Name the new key AU and press Enter. Inside the newly created key, right-click on the right side, select New, and click on DWORD (32-bit) Value.  Name the new key AUOptions and press Enter. Double-click the newly created key and change its value to 2. It’s for “Notify for download and notify for install”. Click OK. Close the Registry to complete the task.
4. Never check for updates settings.

Q: How do I check Windows 10 License information license, Production key channel, Activation ID, Application ID?

Chicagotech.net: run slmgr.vbs /dlv, for example as shown.

Q: Where and how to check last logon in Microsoft Active Directory?

Chicagotech.net: With Active Directory Users and Computers open, double click on the user. Click on Attribute Editor. If you don’t see Attribute Editor, make sure Advanced Feature in View is check. Navigate to Last Logon, you should have last logon info.

Q: How do you reboot or shutdown Palo Alto Firewall?

Chicagotech.net: Go to Device>Setup>Operations. Under Device Operations, you have options to reboot or shutdown the device.

Q: How do you export and import Palo Alto Firewall configuration?

Chicagotech.net:

1. To exported PA firewall configuration, you need to save named configuration by going to Device>Setup>Operation. Click on Save Named Configuration and enter the file name with .xml.

2. To export it, under Configuration Management, click on Exported named configuration snapshot. Select the saved name configuration in step 1.

Or From the CLI:
> scp export configuration [tab for command help]
For example,
> scp export configuration from 2014-09-22_CurrentConfig.xml to username@scpserver/PanConfigs

Note: A single ‘/’ specified after the username@scpserver denotes a path that begins in that user’s home directory. Using ‘//’ means a path that starts at the root of the file system.

3. To Import: From the GUI, go to Device > Setup > Operations and click Import named configuration snapshot and enter the Exported name configuration file.

This can also be done from the CLI:
For example:
> scp import configuration username@scpserver/PanConfigs/2014-09-22_CurrentConfig.xml

4. Load an imported configuration.

From the GUI, go to  Device > Setup > Operations and click Load named configuration snapshot. When the configuration has been selected, click OK and commit the configuration.

This can also be done from the CLI, for example:
> configure
# load config from 2014-09-22_CurrentConfig.xml
# commit
# exit
>

Note: 1. Make sure both firewall are running the same version of the software.

2. If they are not, some configuration may not work

3. Some hardware settings may not change, for example Ip address and S/N.

Q: We setup 4 Cisco ASA site to site VPNs. How can I check the status of these VPN?

Chicagotech.net: With Cisco ASDM running, go to Monitor>VPN>VPN Statistics>Sessions. Make sure the Filter by is IPSec site-to-site and All sessions. You should see all site to site VPN. If not, refresh it.

A: We are using office and Azure MFA.  How do I MFA authentication in Office 365/Azure?

Chicagotech.net: MFA is managed by Azure. Login Azure admin account. Go to Azure Active Directory>Users. Double click on the user, you should have option to modify the Authentication Contact as shown below screenshot.

For users, the can change it by themselves. Please follow this step by step video:

A: I need to change the Authentication phone number. How do I do that in Azure?

Chicagotech.net: Login azure admin account. Go to Azure Active Directory>Users. Double click on the user, you should have option to modify the Authentication Contact as shown below screenshot.

Q: Since Windows 2012 R2 doesn’t have Remote Desktop Services Manager, can I add Windows 2012 R2 Remote Desktop server to Windows 2008 R2 Remote Desktop Services Manager? If so, how?

Chicagotech.net: Yes, you can here are how.

1. Run Remote Desktop Services Manager from Windows 2008 R2 Server.
2. Right click on My Group and click Add to group.

3. Add the server hostname of Windows 2012 R2 Server. You should be able to Disconnect, Send Message, Remote Control, Reset, Status and Log Off a remote session on Windows 2012 R2.

Q: Can I use Skype share my iPad screen? If not, which app may be able to share iPad/iPhone screen?

Chicagotech.net: You should use Skype new version, Microsoft Team instead of Skype.

Here are how:

1. Go to Apple store download Microsoft Team.
2. After installing, click Team icon under apps.

3. Click three dots….

4. Click Share screen.

Here are other options you may try: Teamviewer, DisplayRecorder, Screenleap, olioli, join.me, GoToMeeting, Teamviewer.