Export and import NTFS permissions

Save NTFS permissions to a file:

icacls C:\Folder /save C:\temp\ntfs_perms.txt /t /c

Restore NTFS permissions from a file:

icacls C:\Folder /restore C:\temp\ntfs_perms.txt /t /c

After selecting Restart, the confirmation window only refers to shutting down. The difference between restarting and shutting down is important, Microsoft - don't make it fucking ambiguous.

Manage group members from the command line

For local groups:

To list members of the local group "administrators":

net localgroup administrators

To add "jbloggs" to the local group "administrators":

net localgroup administrators jbloggs /add

To remove "jbloggs" from the local group "administrators":

net localgroup administrators jbloggs /delete

For domain groups:

To list members of the group "Domain Admins":

net group "Domain Admins" 

To add "jbloggs" to the group "Domain Admins":

net group "Domain Admins" jbloggs /add /domain

To create a new user "jbloggs":

net user jbloggs MyPassword123 /add /domain

Kill Winlogon to force a computer to restart

Often Windows likes to get stuck when shutting down or restarting. Working remotely, you can try forcing the machine to restart by killing the Winlogon process with PsKill:

pskill \\computername winlogon

Thanks to Ryan Steele.

List users and their security identifiers (SIDs)

Enter the following at the Windows command prompt to get a list of user accounts on the machine, along with their associated SID:

wmic useraccount get name,sid

Check shares and mapped drives via registry

Using the Registry, you can view the shares on a PC (and their local paths) here:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Shares

You can also view a user's network drives, and their mapped UNC paths, here:

HKEY_CURRENT_USER\Network

Disable highlighting newly-installed apps

Turn off highlighting of newly-installed applications in the Start Menu via the registry or GUI. This is for Server 2008 and Windows 7.

Via the registry, set DWORD Start_NotifyNewApps to 0:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\

Via the GUI, Taskbar and Start Menu properties > Start Menu tab > Customize button > Highlight newly installed programs.

Disable Autorun on all drives

By default, Windows runs the "autorun.inf" file in the root of a drive when it's mounted. Obviously no-one put any thought into the feature and it's now commonly used to spread viruses (particularly via USB flash drives). To disable Autorun for all drives, load our friend El Regedito:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDriveTypeAutorun
and
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDriveTypeAutorun

Set this to "ff" hexadecimal.

Sucks to be Microsoft.

UPDATE: Microsoft released an update to do this in February 2011.

Hide drives in Explorer

The first two letters of "Vista" are the Roman numeral for 6. The version before 7! MIND BLOWING.

Back to the sad reality. This ugly registry hack lets you hide drives from being displayed (but they are still accessible by applications and the command prompt).

To calculate the key value, you need to add up the drive letters you want to hide based on A=1, B=2, C=4, D=8, E=16, F=32 ... etc. So to hide drives A and E, the decimal value to use is 17.

1. Current user: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
   Everyone: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
2. Add 32-bit DWORD key name "NoDrives", with the appropriate decimal value.
3. Restart Explorer.

I created a fancy JavaScript form to help calculate the key value but Blogger chucked a fit with it.

Credit to How-To Geek.