How to use Portable Visual Studio Code and GIT

I started to use Visual Studio Code as my primary Editor tool. I used portable version of Visual Studio Code and GIT to avoid installation and be able to quickly use different machines. For this purpose I also prefered to use “Workspace Settings” instead of “User Settings” in Visual Studio Code.

Download and install Visual Studio Code Portable from

Download and install Git Portable from

Open Visual Studio Code and create a “Workspace Settings” with path to portable GIT and in my case Proxy Settings:

// Place your settings in this file to overwrite default and user settings.
    // The proxy setting to use. If not set will be taken from the http_proxy and https_proxy environment variables
    "http.proxy": "",

    // Path to the git executable
    "git.path": "C:\\Data\\GitPortable\\App\\Git\\Bin\\git.exe"

If you develop in powershell with this repository make sense to add Powershell Extension ( and configure powershell as integrated terminal:

// 64-bit PowerShell if available, otherwise 32-bit

Open Visual Studio Code and initialize a GIT repository


Open GIT Portable, go to local repository path and config GIT repository:

git remote add origin
git config http.proxy "<a href=""></a>"
git config ""
git config credential.helper wincred

Check also to use Visual Studio Team Service as a provider.

How to Manage Firefox settings

Firefox is not our primary browser but I had to find a solution for changing the homepage settings on all our clients.

I explored how to manage Firefox via GPO. There is a Plugin for that ( but you should deploy this plugin on all clients.

Then i tried to use a central web server to deploy settings to all our clients.

First create a file with settings to deploy: autoadmin.js and publish it on a web server.
Then Execute on all your clients the script Invoke_FirefoxAutoconfig.cmd for configure the browser to download the settings from your central web server every time the browser is started.

Before deploy the script and the autoadmin.js file, change the settings according to your preferences and your environment:

on autoadmin.js change “browser.startup.homepage” with the correct homepage to deploy. Keep in mind that there is also a IF-ELSE Statement that deploy different homepages based on account name. You can remove it if not needed.

on Invoke_FirefoxAutoconfig.cmd adjust the path where Firefox is installed: on my case “%ProgramFiles(x86)%\Mozilla Firefox\”



If you want to deploy only homepage setting without use Central Enterprise Configuration, this is a script to deploy to all users (at logon or via GPO) that change the settings only to current user and do not require admin rights.


How to use Windows Photo Viewer on Windows 10

On Windows 10, Windows Photo Viewer by default is used only for open .tif and .tiff files. All the other graphic files (jpe, png, bmp, gif, ico, etc.) are opened with Photos App.

To open with Windows Photo Viewer also for example .jpe files add this reg key:

HKLM\SOFTWARE\Microsoft\Windows Photo Viewer\Capabilities\FileAssociations\.jpe

and set REG_SZ value to: PhotoViewer.FileAssoc.Tiff


This can be easily deployed with GPO Preferences.

Here an example of what you can associate to Windows Photo Viewer


How to solve Know Issue on MS16-072

Microsoft release MS16-072: Security update for Group Policy: June 14, 2016

MS16-072 changes the security context with which user group policies are retrieved. This by-design behavior change protects customers’ computers from a security vulnerability. Before MS16-072 is installed, user group policies were retrieved by using the user’s security context. After MS16-072 is installed, user group policies are retrieved by using the computer’s security context.

The issue was that all user Group Policy, including those that have been security filtered on user accounts or security groups, or both, may fail to apply on domain joined computers if the Group Policy Object is missing the Read permissions for the Authenticated Users group or if you are using security filtering and are missing Read permissions for the domain computers group.

To resolve this issue, use the Group Policy Management Console (GPMC.MSC) and follow one of the following steps:

  • Add the Authenticated Users group with Read Permissions on the Group Policy Object (GPO).
  • If you are using security filtering, add the Domain Computers group with read permission.


Doing that manually it’s a nightmare… but powershell can help. With this script you can deploy ‘Read’ permission for “Authenticated Users” on all GPOs or only where needed because “Domain Computers” group with ‘read’ permission and/or it’s a “Per-User Setting” GPO. If you what to be restrictive, enable -checkDomainComputer and -checkPerUserSetting.


How to Select an AD query on Powershell without AD cmdlets

I’m working on a script that should run on machines without powershell AD module, so I used objects from “System.DirectoryServices”. Working on that i experienced a bizarre performance problem. “Select-Object” on line 34 perform much better that the one on line 31:

…so I suggest to use Select-Object filtering on line 34

How to Collect Local Administrators Group

For auditing purpose was asked to collect [local]\Administrators group members on every machines.

I created a script (Get-LocalAdministratorsMember.ps1) for that and deployed via GPO to all clients. This script do not require admin rights, but a share where every users can write.

When you have all the reports of your clients on selected share, run Export-LocalAdministratorsReport.ps1 script for generate a CSV file for reporting.

Follow the Synopsis for change the settings.

Problem: “Dependecy Error” upgrading ESXi 6.0 to Update 2

Trying to upgrading ESXi 6 to update 2 with esxcli we received this error:

VIB VMware_bootbank_esx-base_6.0.0-2.34.xxxxx requires vsan << 6.0.0-2.35, but the requirement cannot be satisfied within the ImageProfile. VIB VMware_bootbank_esx-base_6.0.0-2.34.xxxxxx requires vsan >= 6.0.0-2.34, but the requirement cannot be satisfied within the ImageProfile.
Please refer to the log file for more details.

There is a KB from VMware that explain why.

This is what i did.

To check the profiles that are inside the ZIP

esxcli software sources profile list -d /vmfs/volumes/datastore1/


Then update the profile like explained on VMware KB:

esxcli software profile update -p ESXi-6.0.0-20160302001-standard -d /vmfs/volumes/datastore1/


Check the results with:

esxcli software profile get