Category: Windows

Categories
Windows

Office LTSC (2016, 2019, 2021) Installation Guide (No Login Required)

Office LTSC (2016, 2019, 2021) Installation Guide (No Login Required)

This guide will help you install Office LTSC 2016, 2019, and 2021 versions without needing to sign in, using the Office Deployment Tool (ODT). This method is specifically for Volume License keys.

 

Step 1: Prepare the Office Deployment Tool (ODT)

 

  1. Download: Download the Office Deployment Tool from the official Microsoft site.
  2. Create Folder: Create an easily accessible folder on your computer (e.g., C:\OfficeKurulum).
  3. Extract Files: Run the officedeploymenttool.exe file you downloaded. When it asks where to extract the files, select the C:\OfficeKurulum folder you created.
  4. This folder should now contain the setup.exe file and your configuration-Office365-x64.xml file (or the file you are about to create).

 

Step 2: Edit the configuration-Office365-x64.xml File

 

This is the most critical step as it defines which version of Office you will install. Open your configuration-Office365-x64.xml file (located in C:\OfficeKurulum) with a text editor like Notepad.

Delete all existing content inside the file and paste one of the following code blocks, depending on the version you want to install.

IMPORTANT: You MUST replace PIDKEY="XXXXX-XXXXX-XXXXX-XXXXX-XXXXX" with your own 25-character product key for the specific version you are installing.

 

📦 Version 1: XML Code for Office LTSC Professional Plus 2021

 

XML

<Configuration>
  <Add OfficeClientEdition="64" Channel="PerpetualVL2021">
    <Product ID="ProPlus2021Volume" PIDKEY="XXXXX-XXXXX-XXXXX-XXXXX-XXXXX">
      <Language ID="en-us" />
    </Product>
  </Add>
  <RemoveMSI />
  <Display Level="Full" AcceptEULA="TRUE" />
  <Property Name="AUTOACTIVATE" Value="1" />
</Configuration>

(Note: This installs 64-bit, US-English LTSC 2021 Pro Plus.)

 

📦 Version 2: XML Code for Office Professional Plus 2019

 

XML

<Configuration>
  <Add OfficeClientEdition="64" Channel="PerpetualVL2019">
    <Product ID="ProPlus2019Volume" PIDKEY="XXXXX-XXXXX-XXXXX-XXXXX-XXXXX">
      <Language ID="en-us" />
    </Product>
  </Add>
  <RemoveMSI />
  <Display Level="Full" AcceptEULA="TRUE" />
  <Property Name="AUTOACTIVATE" Value="1" />
</Configuration>

(Note: This installs 64-bit, US-English Office 2019 Pro Plus.)

 

📦 Version 3: XML Code for Office Professional Plus 2016

 

XML

<Configuration>
  <Add OfficeClientEdition="64" Channel="PerpetualVL2016">
    <Product ID="ProPlus2016Volume" PIDKEY="XXXXX-XXXXX-XXXXX-XXXXX-XXXXX">
      <Language ID="en-us" />
    </Product>
  </Add>
  <RemoveMSI />
  <Display Level="Full" AcceptEULA="TRUE" />
  <Property Name="AUTOACTIVATE" Value="1" />
</Configuration>

(Note: This installs 64-bit, US-English Office 2016 Pro Plus.)

Don’t forget to save and close the XML file.

 

Step 3: Download Installation Files

 

  1. Open Command Prompt (CMD) as Administrator:
    • Click the Start menu and type cmd.
    • Right-click on “Command Prompt” and select “Run as administrator”.
  2. Navigate to Folder: In the black-and-white window that opens, navigate to your C:\OfficeKurulum folder. Type the following command and press Enter:
    cd C:\OfficeKurulum
  3. Start the Download: Now, tell the ODT to download the files based on your XML file. Type the following command and press Enter:
    setup.exe /download configuration-Office365-x64.xml
  4. Wait: The command prompt will move to the next line and blink. It may look like nothing is happening, but the files are downloading in the background. This can take 5-15 minutes depending on your internet speed. You will see a new folder named “Office” appear inside your C:\OfficeKurulum directory. The process is finished when the command prompt returns to the C:\OfficeKurulum> prompt.

 

Step 4: Install Office

 

  1. Once the files are downloaded, make sure you are still in the Administrator Command Prompt window.
  2. Type the following command and press Enter:
    setup.exe /configure configuration-Office365-x64.xml
  3. That’s it! An Office installation window will appear and begin the installation. When it’s finished, you can open an application like Word or Excel. It will not ask you to sign in, and if you entered your product key correctly in the XML file, Office should already be activated.
Categories
Articles Windows Windows Server

Evolution of SSL/TLS Protocols & Disabling TLS 1.0 and TLS 1.1 on Windows Servers while Enabling TLS 1.2

History of SSL/TLS

SSL (Secure Sockets Layer) and TLS (Transport Layer Security) are cryptographic protocols used to secure communication over the internet. They are similar but distinct security protocols and are often collectively referred to as “SSL/TLS.”

1.SSL (Secure Sockets Layer):

  • SSL was initially developed by Netscape Communications Corporation in 1994.
  • Its first version, SSL 1.0, was never publicly released due to numerous security vulnerabilities.
  • SSL 2.0 emerged in 1995 and saw more widespread use, but its lifespan was short-lived due to security vulnerabilities.
  • SSL 3.0, introduced in 1996, was more secure. However, over time, various security vulnerabilities were discovered, leading to the abandonment of SSL 3.0.

2.TLS (Transport Layer Security):

  • TLS is considered an enhanced and secure version of SSL.
  • TLS 1.0, introduced in 1999, is an improved version of SSL 3.0 with security vulnerabilities addressed.
  • TLS 1.1 arrived in 2006, and TLS 1.2 followed in 2008, both enhancing the protocol’s security.
  • TLS 1.3 was released in 2018, introducing numerous security and performance improvements. TLS 1.3 is faster and more secure compared to its predecessors.

SSL and TLS secure internet communication by encrypting traffic, ensuring the confidentiality of data exchanges, and updating security protocols. However, as vulnerabilities and weaknesses emerge, these protocols are continually updated and improved.

TLS 1.2 or TLS 1.3?

As of 2021, TLS 1.0 and TLS 1.1 have been officially deprecated.
Source

TLS 1.2: 

  • It is an older version and is supported by many applications and systems.
  • It is a good option for establishing a secure connection but may have some security vulnerabilities.
  • Security experts recommend using TLS 1.3 whenever possible instead of TLS 1.2.

TLS 1.3:

  • It is a more recent version and offers a range of security improvements.
  • It includes faster connection establishment times and more secure encryption algorithms.
  • Designed to address security vulnerabilities, it is supported by many modern browsers and servers.

The version you should use depends on the systems, applications, and requirements in use. However, generally, you might prefer TLS 1.3 if possible, as it is more secure and offers better performance. Nevertheless, compatibility issues with older systems or specific requirements may necessitate the use of TLS 1.2.

Web servers and browsers typically automatically use up-to-date and supported TLS versions. If you manage a web server, it is advisable to use the latest and supported TLS version. As users, keeping your browsers and systems up-to-date is essential for enhancing security and ensuring optimal performance.

In this article, we will explore how to address the general SSL/TLS warnings provided by https://www.ssllabs.com/ssltest, a platform used to check and score the SSL/TLS security levels of the web hosting platforms. Additionally, we will conduct these checks on the test website https://ahmetorhan.xyz for demonstration purposes. The article will simplify the steps to disable the RC4 protocol and TLS 1.0 and TLS 1.1, especially focusing on how to implement these measures on Windows Servers. As indicated in the output, we will observe the necessity of disabling these protocols for enhanced security.

  • Our objective here is to disable the deprecated TLS 1.0 and TLS 1.1, as indicated in the following sections.

SSL Security Registry Configuration

  • Paste the provided code into a text document named “security_enable.txt.” Rename the file to “security_enable.reg” and remove the “.txt” extension.
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client]
"Enabled"=dword:00000001
"DisabledByDefault"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server]
"Enabled"=dword:00000001
"DisabledByDefault"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client]
"Enabled"=dword:00000000
"DisabledByDefault"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Server]
"Enabled"=dword:00000000
"DisabledByDefault"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client]
"Enabled"=dword:00000000
"DisabledByDefault"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server]
"Enabled"=dword:00000000
"DisabledByDefault"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Client]
"Enabled"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server]
"Enabled"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client]
"Enabled"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server]
"Enabled"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\KeyExchangeAlgorithms\Diffie-Hellman]
"ServerMinKeyBitLength"=dword:00000800

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 128/128]
"Enabled"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 40/128]
"Enabled"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 56/128]
"Enabled"=dword:00000000
  • When we run the “security_enable.reg” file, all the entries above will be automatically added to the registry, and you can verify that they have been added as shown below.
  • Open regedit by following the path Start -> Run.

  • After completing these steps, you need to restart your server for the changes to take effect.
  • After the restart process is complete, I am initiating the test procedure again for the domain https://ahmetorhan.xyz. Initially classified as B, we now observe that it is categorized as A.

  • You can observe that the TLS 1.0 and TLS 1.1 protocols have been disabled.

  • If you want to revert the changes made in the registry, running the following entries and restarting will be sufficient.
Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0]

[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\KeyExchangeAlgorithms\Diffie-Hellman]
"ServerMinKeyBitLength"=dword:00000800

[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 128/128]
"Enabled"=dword:00000000

[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 40/128]
"Enabled"=dword:00000000

[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 56/128]
"Enabled"=dword:00000000

If you have any questions or details you would like to add, feel free to write me.

Categories
Articles Azure Windows

What is Azure CLI? How to use?

Azure Command-Line Interface (Azure CLI) is a command-line tool used for managing Microsoft Azure, the cloud service platform by Microsoft. Azure CLI is employed to create, configure, manage, and monitor Azure resources. It is compatible with Windows, macOS, and Linux operating systems.

Key features of Azure CLI include:
1. Cross-Platform Support: Azure CLI can be used on Windows, macOS, and Linux operating systems.
2. Azure Resource Management: Azure CLI facilitates the management of resources supported by Azure Resource Manager (ARM). This encompasses virtual machines, storage accounts, networks, application services, and many other Azure resources.
3. Command-Line Interface: Azure CLI operates as a tool in the command line, making it suitable for automation and scripting tasks utilized by software developers and system administrators.

  1. Installation of Azure Account and Azure CLI

Now that we have learned the basic information about Azure CLI, let’s examine how to install it on the Windows operating system.

Note: Azure CLI is available for use on Windows, macOS, and Linux operating systems.

Firstly, we navigate to the link provided below, where options for installation are displayed:

  • We download the 64-bit version by selecting “.msi”

https://learn.microsoft.com/en-us/cli/azure/install-azure-cli-windows?tabs=azure-cli

  • We run the downloaded setup file and complete the installation process by following the relevant steps.

  • Next, we open PowerShell as an administrator.

  • `Set-ExecutionPolicy Unrestricted` sets the minimum security level that allows the execution of script files in PowerShell. This enables you to run almost any script file on your computer or any script that comes your way.

  • We grant the necessary permission by selecting “Yes to All” or “A”.
  • Afterward, by running the “az” command, we complete the installation of Azure CLI.

2.Signing In and Selecting a Subscription

To use Azure CLI, you need to sign in to your Azure account using the az login command. Once signed in, you can choose the subscription you want to work with.

3. Creating and Managing a Resource Group

To manage resources efficiently in Azure, resource groups are utilized. Here is an example of creating and managing a resource group:

4. Virtual Machine Management

Azure CLI provides a comprehensive set of commands for creating and managing virtual machines. For example, to create a new Ubuntu virtual machine:

5. Managing Other Azure Resources

With Azure CLI, you can manage networks, storage accounts, databases, and many other Azure resources. Each resource has a specific set of commands.

6. Automation and Scripting

Azure CLI is an excellent tool for automating your workflows. By creating Bash or PowerShell scripts, you can quickly execute repetitive tasks, streamlining your processes.

7. Up-to-Date Documentation and Help

Always refer to the current and comprehensive documentation for Azure CLI. Additionally, you can use the az [command] --help command to see the usage of each command.

If you have any questions or details you would like to add, feel free to write me.

Categories
Articles Windows

The Secret to Swiftly Managing Windows Packages: Discover, Keep Up-to-Date, and Update All Programs with the WinGet Command!

winget
winget

Application management and update processes can become quite complex for users of the Windows operating system. But worry not, the solution is right here: Welcome to the magical world of Windows Package Manager (WinGet)! In this article, you will learn step by step how to use the WinGet command and discover how to streamline the application management process. You’ll find out how to accelerate the pace of managing your applications.

Microsoft Windows

What is WinGet and How to Use It?

WinGet is a package manager designed specifically for the Windows operating system. Here are some fundamental commands and examples:

winget
winget

1.Discovering Applications: You can search for any application using WinGet. For instance, quickly find Firefox:

winget search Firefox

2.Swift Installation: Installing applications swiftly is now incredibly easy! Let’s consider Microsoft Edge browser as an example:

winget install MicrosoftEdge

3.Clean Uninstall: Uninstalling unnecessary applications is a breeze. For example:

winget uninstall MicrosoftEdge

4.Updating All Applications: Ensuring your applications are running the latest versions is now achievable with just a single command:

winget upgrade -all

winget upgrade -all
winget upgrade -all

By using the command above, just like in the Command Prompt, you can swiftly update all the programs on your Windows operating system.

The Next Generation of Application Management

WinGet elevates application management to a new level. Now you can control your operating system more effectively, instantly download the applications you desire, and keep them up-to-date. Thanks to this next-generation package manager, wasting time is a thing of the past! With WinGet, you can take your Windows application experience to the highest level.

For More Information

If you have any questions or details you would like to add, feel free to write me.

Categories
Articles Windows Windows Server

Running Prometheus as a Service Using NSSM on Windows Server

In this guide, we will walk you through the process of running Prometheus as a service on Windows Server using NSSM (Non-Sucking Service Manager). Running Prometheus as a service allows you to automatically start and run it in the background smoothly. Here are the details on how to do it:

1.Preparing Prometheus

First and foremost, you need to configure Prometheus to work appropriately on Windows Server. Download the latest version of Prometheus from the official website and complete the configuration steps as instructed.

2.Downloading and Preparing NSSM

Download NSSM (Non-Sucking Service Manager) from the official website and extract it to a directory. NSSM is a tool that helps you turn your applications into Windows services.

NSSM download

3.Creating and Configuring a Service with NSSM

  • Open a command prompt as an administrator.

  • Navigate to the directory where NSSM is located.
  • Use the following command to create a new service:

4.Configure the following settings in the opened window:

  • Application: Path to the Prometheus executable file.
  • AppParameters: Path to the Prometheus configuration file.
  • Startup directory: Directory where the Prometheus executable is located.
  • Shutdown action: Select the action to be taken when the service is stopped (e.g., “Ignore”).
  • You can configure other settings as needed.

5.Starting and Monitoring the Service

  • Use the following command to start the service created by NSSM:

1.Installing Other Programs Using NSSM

NSSM is a versatile tool that allows you to convert various applications, not just services like Prometheus, into Windows services. Here are some tips on how to install other programs as services using NSSM:

2.Preparing the Program

Firstly, ensure that the program you intend to install is ready to function in the Windows environment. Make sure you’ve fulfilled the program’s requirements and configurations properly.

3.Creating a Service with NSSM

To create a new service using NSSM, open a command prompt as an administrator. Navigate to the directory where NSSM is located, and use the following command to create a new service:

Configuring the Service

In the opened window, configure the following settings:

  • Application: Path to the program’s executable file.
  • AppParameters: Add any additional parameters required by the program.
  • Startup directory: Directory where the program’s executable is located.
  • Shutdown action: Select the action to be taken when the service is stopped (e.g., “Ignore”).

You can explore other customization options and adjust them according to your needs.

4.Starting and Monitoring the Service

Use the following command to start the service:

Your new program should now be running as a service. Make sure the program functions as expected.

This method allows you to easily manage various applications as Windows services using NSSM. NSSM provides effective and straightforward service management capabilities.

If you have any questions or details you would like to add, feel free to write me.