Friday 30 September 2016

Get Last Windows Operating System Boot Time using Powershell

We can easily use powershell to query a computer to retrieve the time and date that windows last booted/started up.

We run a get-wmiobject query to retrieve the properties from the win32_operatingsystem class and store the results into the $osprops variable. We then run to ConvertToDateTime method on the LastBootUpTime property to return the result and store it in the $lastboot variable

$osprops = get-wmiobject -class win32_operatingsystem 
$lastboot = $osprops.ConvertToDateTime($osprops.LastBootUpTime)

The $lastboot variable will then provide an output like below;



This variable can be parsed through different methods to change the output to a different format. you can view all the different methods available by running $lastboot | get-member

Some examples.

$lastboot.ToShortDateString() will return the above date in the format of mm/dd/yyyy
$lastboot.DayOfWeek will only return the day of the week (eg. Monday, Tuesday, etc)

Thursday 29 September 2016

iPhone/iPad - Cannot send mail. A copy has been placed in your Outbox. The recipient was rejected by the server

Occasionally I've seen users experience an issue where they can no longer send emails to anyone from their iPad or iPhone, they get the below error message;

"Cannot send mail. A copy has been placed in your Outbox. The recipient %name% was rejected by the server"

The issue is usually caused by the authentication (ie. username and password) failing for the email account, because it is either missing or incorrect.

I've often seen this happen after iOS updates, as passwords for email accounts aren't always preserved during the update process. As a result, the password appears to be present (when you check the settings), but actually isn't, and therefore emails won't send any longer.

To fix the issue, do the following on the problematic device(s);


  • Go to Settings
  • Go to Mail

  • Select Accounts

  • Select the account that you are having problems sending from

  • Select the account again (first option at top of screen)

  • Update the Domain, Username and Password fields. Even if the password appears to be in there (represented by black circles), delete whatever is in there and re-type the password

  • Click Done from the top right corner. Settings should now be checked and you should get a list of ticks down the ride side of the page
If the settings saved successfully you can try sending emails again, it should now work correctly.

Wednesday 28 September 2016

Querying/Checking Windows Logical Disks using Powershell

Below is a script you can use to check/query windows logical disks using powershell. This can be useful to regularly check the free space on logical drives on a windows server or PC.

$diskreport = Get-WmiObject Win32_logicaldisk | Select DeviceID, MediaType, VolumeName, `
    @{Name="Size(GB)";Expression={[decimal]("{0:N0}" -f($_.size/1gb))}}, `
    @{Name="Free Space(GB)";Expression={[decimal]("{0:N0}" -f($_.freespace/1gb))}}, `
    @{Name="Free (%)";Expression={"{0,6:P0}" -f(($_.freespace/1gb) / ($_.size/1gb))}}

The script uses the get-wmiobject cmdlet to query the logical disks configured within windows. The results are then compiled into the $diskreport variable so they can then be further queried or exported to a .csv file.

Free space as a percentage is also calculated automatically as part of this script.

A sample output from the $diskreport variable is below (A:\ and D:\ are the floppy drive and DVD drive with no media loaded which is why they've returned values of 0)

Tuesday 27 September 2016

Querying/Checking Windows Event Viewer Logs with Powershell

Powershell has a cmdlet you can use to check/query the windows event log.  You can customize this cmdlet in several ways to refine the information that is returned.

For example, you can use the -after switch to only return event log entries after a certain date - such as events only returned within the past 1 day (24 hours)

You can also filter the type of entries that are returned. An example would be to only return warning or error entries, and ignore any "informational" type entries

Let's start with the basic command;

get-eventlog -logname "Application"

This command will return all entries within the Application log, which will usually be alot, and not very useful. You can also use "System" or "Security" as other default logs.

Let's refine the command further, to only return entries for the past day. To do this we will define the current date into the $date variable, and subtract one day from that value

$date = get-date
$date = $date.adddays(-1)

We can now use this $date variable to return all event log entries AFTER this date (using the -after switch)

get-eventlog -logname "Application" -after $date

The script will now return ALL events from the Application log from the past 24 hours. Let's refine it a bit further and filter the results so only Warning and Errors are returned

get-eventlog -logname "Application" -after $date | where-object {$_.entrytype -ne "Information"}

Of course you can store the results into a variable so it can be further queried using subsequent commands;

$events = get-eventlog -logname "Application" -after $date | where-object {$_.entrytype -ne "Information"}

Monday 26 September 2016

Active Directory User Account Audit including Status with Powershell

Here is a script I have created that searches for all users within an Active Directory domain and provides a report (.csv file) showing all account names and their status. The status is determined from the useraccountcontrol property contained within each account.

The useraccountcontrol property is stored as a number/integer - the most common numbers/values I've translated to their meanings as part of this script - eg. Enabled, Disabled, Password Expired etc.

You only need to change the value for $outfile variable if required - the script should work in it's current form on any windows/active directory domain

$report = @()
$outfile = "C:\temp\UserAudit.csv"

$searcher = New-Object DirectoryServices.DirectorySearcher 
$searcher.filter = "(&(objectCategory=person)(objectClass=user))"

$userlist =  $searcher.FindAll()

foreach ($user in $userlist)
    {
    $name = $($user.properties.displayname)
    $dn = $($user.properties.distinguishedname)
    $status = $($user.properties.useraccountcontrol)
        if ($status -eq "66050"){$status = "Disabled, password never expires"}
        elseif ($status -eq "66048"){$status = "Enabled, password never expires"}
        elseif ($status -eq "512"){$status = "Enabled Account"}
        elseif ($status -eq "514"){$status = "Disabled Account"}
        elseif ($status -eq "66080"){$status = "Enabled, password never expires, user cannot change password"}
    
    $report += new-object psobject -property @{Name=$name;DN=$dn;Status=$status}
    }
    
$report | select Name, Status, DN | export-csv -path $outfile -notype

The script could be further customized to include other values/properties from the account as required. In it's current form it includes the users display name, distinguished name and status.

Friday 23 September 2016

How to easily view/find the distinguished name for an Active Directory user account

The distinguished name for a user account is often required for scripting or other management/administrative tasks when working with Active Directory. It represents the unique identifier for every user account so is one of the best ways to work with user accounts (as opposed to just working off first name, last name etc).

They are difficult to remember, and nearly impossible to type using the correct format/syntax - so here's some simple instructions on how to quickly/easily obtain the distinguished name for a user account from Active Directory Users & Computers;

  1. Open Active Directory Users & Computers
  2. Ensure "Advanced Features" are enabled (go to View > Advanced Features)
  3. Open the Active Directroy User object you wish to view the DN for
  4. Select the Attribute Editor tab
  5. Scroll down to the locate the Distinguished Name value
  6. You can double click the entry then copy it to the clipboard from the "Value" field as per the screenshot below

Thursday 22 September 2016

Copy Active Directory User Group Memberships to Another User with Powershell

I have developed the below script to allow you to easily copy Active Directory user group memberships from one user to another. This can be handy if a user is a member of a large number of groups and you don't wish to manually copy them over.

This script is also beneficial in that it doesn't require the Active Directory modules to be installed in powershell for it to work.

In order for the script to work, you will first need to know the distinguished name (DN) for both the source and target user accounts. This can be easily obtained from Active Directory Users & Computers using the steps below;


  1. Open Active Directory Users & Computers
  2. Ensure "Advanced Features" are enabled (go to View > Advanced Features)
  3. Open the Active Directroy User object you wish to view the DN for
  4. Select the Attribute Editor tab
  5. Scroll down to the locate the Distinguished Name value
  6. You can double click the entry then copy it to the clipboard from the "Value" field as per the screenshot below

Once you have the source and target user distinguished names, replace the values for the $srcuserdn and $dstuserdn variables. Be sure to leave the quotes ("") in place

$srcuserdn = "CN=Mike,CN=Users,DC=morrissey,DC=local"
$dstuserdn = "CN=Peter,CN=Users,DC=morrissey,DC=local"
$dstuserldap = "LDAP://$dstuserdn"

$grouplist = dsquery user $srcuserdn | dsget user -memberof

foreach ($group in $grouplist)
    {
    if ($group)
        {
        $group = $group.substring(1,$group.length-2)
        $ldapcon = "LDAP://$group"
        $ldapgroup = [ADSI] $ldapcon
        $ldapgroup.add($dstuserldap)
        }
    }

Wednesday 21 September 2016

uTorrent - A newer version of uTorrent is already running

I've experienced this problem a few times with uTorrent - when attempting to open the application, or opening a new torrent file, the following error message is displayed;



"A newer version of uTorrent is already running. Please shut down uTorrent and try again"

After shutting down uTorrent and opening it again, the same message is displayed.

The Fix:
The issue appears to be related to uTorrent getting confused about which version it has installed, and wants to run.

Make sure uTorrent has been closed (you may need to kill the task from Task Manager)

Go to the uTorrent installation directory (usually %appdata%\uTorrent or C:\users\%username%\appdata\roaming\uTorrent) and delete the Updates folder (and everything within it). If you get an error advising the files are locked/cannot be opened, you will either need to kill the stuck uTorrent process from Task Manager, or simply restart your computer.

Try starting uTorrent again after removing the Updates folder - it should now open correctly

Tuesday 20 September 2016

iTunes Artist Icons/Thumbnails Missing

It appears there is a bug (or new feature) in the latest version of iTunes (12.5) and iOS 10 where a majority of artist icons/thumbnails/images for missing when in the Library > Artists view, as per the screenshots below - they only show a generic microphone icon/thumbnail.





I haven't been able to find a setting/option to fix this at the moment. After doing some research I'm certainly not the first person to notice this "bug".

Only "workaround" for the issue currently is to not use the artist view and instead use the "Albums" or "Songs" view which show album artwork correctly and do not utilize artist images.

Let me know in the comments if you've noticed this bug as well, or if you have found a solution. I'll continue searching and will keep this posted updated with any fixes I find.

Update: I've found an apple discussion thread that states that the artist photo only shows up if you've purchased an album from that artist from the Apple Music store.

https://discussions.apple.com/thread/7663488?start=0&tstart=0


IP Address/Ping Monitoring using Powershell

Here is a script I developed to monitor/check the online availability of an IP address using powershell. I've set this script to run every 10 minutes to check that a device on my network (WDTV Live) is online as it had a tendency to go offline occasionally.

$ip = the IP address you wish to monitor
$ping = utilises the test-connection cmdlet to attempt to contact the IP address (specified in $ip) using ICMP (ping) packets

If the ping test does not return a result (ie. the IP address does not respond), a "flag" is placed in the form of a file called "WDTV.Offline". This flag file is used/checked by the script to prevent repeat notifications being sent after the first notification that the device is offline (or is back online after previously being offline)

If the ping test does return a result (ie. the IP address responded to the ping request), the script checks to see if it was previously offline (by looking for the flag file mentioned previously). If the flag file is found, another notification is sent advising the device is now back online, and the flag file is deleted. This means the next time the script runs, if the device is still online and no flag file is present, no further notifications are sent


$ip = "192.168.0.150"
$ping = test-connection $ip -count 2

if (!$ping)
    {
    $flagtest = test-path "D:\Powershell\WDTV.Offline"
    if ($flagtest -eq $false)
        {
        new-item "D:\Powershell\WDTV.Offline" -type file
        $from = "user@gmail.com"
        $to = "user@gmail.com"
        $subject = "$ip Offline"
        $body = "$ip not responding to ping"
        $smtp = New-Object System.Net.Mail.SmtpClient("smtp.gmail.com", "587");
        # Uncomment the below row if your ISP´s outgoing mail server requires authentication.
        $smtp.EnableSSL = $true
        $smtp.Credentials = New-Object System.Net.NetworkCredential("username", "password");
        $smtp.Send($From, $To, $subject, $body);
        #write-host "Mail Sent"
        }
    }

elseif ($ping)
    {
    $flagtest = test-path "D:\Powershell\WDTV.Offline"
    if ($flagtest -eq $true)
        {
        remove-item "D:\Powershell\WDTV.Offline"
        $from = "user@gmail.com"
        $to = "user@gmail.com"
        $subject = "$ip Online"
        $body = "$ip now responding to ping"
        $smtp = New-Object System.Net.Mail.SmtpClient("smtp.gmail.com", "587");
        # Uncomment the below row if your ISP´s outgoing mail server requires authentication.
        $smtp.EnableSSL = $true
        $smtp.Credentials = New-Object System.Net.NetworkCredential("username", "password");
        $smtp.Send($From, $To, $subject, $body);
        #write-host "Mail Sent"
        }
    }

You will need to update the $from, $to and username/password fields within the $smtp.credentials variables in order for the email notifications to work, as well as the values for outgoing mail server and port within the System.Net.Mail.SmtpClient

You can refer to my previous blog post Here which contains some more information about sending SMTP emails using authentication with powershell

Monday 19 September 2016

iTunes could not connect to the iPhone because an invalid response was received from the device

I encountered this issue on my home PC after getting my new iPhone 7. I had previously sync'd the phone with my laptop, but upon connecting it to my PC, I got the error message;

"iTunes could not connect to the iPhone because an invalid response was received from the device"

I was pretty confident the phone wasn't the issue as it had successfully sync'd with another computer - I tried the following steps first which did not fix the issue;


  • Different USB/lightning cable
  • Different USB port
  • Rebooted computer
  • Rebooted iPhone
  • Ensured iPhone wasn't locked when connecting
  • Removed iPhone device from device manager
What ended up fixing the issue in the end was uninstalling and re-installing iTunes on the computer.

Apple iOS 10 Home Button Quick Unlock with Fingerprint - iPhone iPad

In the latest update to Apple's iPad/iPhone operating system (iOS 10), they have changed the behaviour of the lock screen.

You now need to press the home button your device in order to unlock it. There is a way however, to enable the functionality we had before iOS 10, where holding your finger on the home button (without pressing it) will unlock the device as well.

The option is somewhat hidden within the settings. To access it, do the following;

Go to Settings > General > Accessibility > Home Button and enable the option to Rest Finger to Open

Run/Trigger Powershell Script from Windows Task Scheduler

Windows built in Task Scheduler application can be used to trigger/run powershell scripts on custom schedules as required. Here's how to set it up.


  1. Open Task Scheduler (Control Panel > Administrative Tools > Task Scheduler)
  2. Right click on Task Scheduler Library and select Create Task

  3. Enter a name for the scheduled task. Select the option to Run whether user is logged on or not to ensure the task will still run even if you are not currently logged into the computer

  4. Go to the Triggers tab and click the New button. Set the task to run on the schedule as required (eg. daily, weekly, hourly, etc). I recommend setting the option to Stop the task if it runs longer than and set to 30 mins. This means if there is a bug/problem with the script it will terminate after this time and won't continue running in the background
  5. Select the Actions tab and click the New button. Configure as per below:

    Action: Start a program
    Program/script: C:\Windows\System32\WindowsPowershell\v1.0\powershell.exe
    Add Arguments: (Full path to your powershell script .ps1 file)

    Example path may be D:\Powershell\TestScript.ps1

  6. Other settings and conditions can be configured in their respective tabs as required, but the default settings within here will work

    Note: if you find that your scheduled task won't run, check out My Post on Powershell Execution Policies which may be preventing the scheduled task from running your powershell script

Friday 16 September 2016

Export/Audit All Exchange ActiveSync Devices using Powershell

Below are a couple of commands we can use in Windows Powershell to run a report on all mobile devices that have been synced with mailboxes within your exchange environment.

First step is to gather a list of users that have an ActiveSync Device partnership

$userlist = gt-casmailbox -filter {hasactivesyncdevicepartnership -eq $true -and -not displayname -like "CAS_{*"} | Get-Mailbox

This list of users is then used against the Get-ActiveSyncDeviceStatistics cmdlet to retrieve the associated ActiveSync devices with each users mailbox. We then select certain fields to reduce the amount of data and present it in the $report variable.

$report = $UserList | foreach { Get-ActiveSyncDeviceStatistics -Mailbox $_} | select Identity, LastSuccessSync, DeviceType, Status

You can also add the export-csv component onto the end of the command to export the $report contents to a .csv file

$report = $UserList | foreach { Get-ActiveSyncDeviceStatistics -Mailbox $_} | select Identity, LastSuccessSync, DeviceType, Status | export-csv -path "C:\ActiveSyncDevices.csv" -notype

Thursday 15 September 2016

View and Change Exchange Mailbox Calendar Permissions with Powershell

Permissions for mailbox calendars are managed separately to the actual mailbox permissions. You can use the below cmdlets in powershell to view and add/edit the permissions on a users mailbox.

To view current calendar permissions on a mailbox

get-mailboxfolderpermission -identity "name:\Calendar" | ft

To add new calendar permissions on a mailbox

add-mailboxpermission -identity "name:\Calendar" -User "usertogetaccess" -AccessRights "Accesslevel"


To modify an existing calendar permissions entry on a mailbox

set-mailboxfolderpermission -identity "name:\Calendar" -User "usertogetaccess" -AccessRights "Accesslevel"

To remove an existing calendar permissions entry on a mailbox

remove-mailboxpermission -identity "name:\Calendar" -User "usertogetaccess" -AccessRights "Accesslevel"

Name = the display name alias or email address you are setting the calendar permissions ON
Usertogetaccess = the display name, alias or email address you are granting calendar permissions TO
Accesslevel = the level of access to be granted. The available options are:
  • Owner
  • Publishing Editor
  • Editor
  • Publishing Author
  • Author
  • Nonediting Author
  • Review
  • Contributor
  • Free/Busy Time
  • None

Wednesday 14 September 2016

Check which Exchange Mailboxes a User has Full Access or Send As Permissions On using Powershell

As an exchange administrator, you may occassionally need to know which mailboxes a particular user has Full Mailbox Access or Send As permissions to. This may be required as part of an audit, or to simply copy an existing users permissions for a new user you are setting up/creating.

The script below helps to accomplish this, as there is no in-built/easy way to view which mailboxes a particular user has access to - ie. Full Mailbox Access, or Send As permissions

First you need to specify the user whose existing access we are checking, using the $user variable. We use the wildcard "*" to essentially match any name that contains what is between the *'s - the users first name, last name or alias should work.

$user = "*peter*"

Next we run the get-mailbox cmdlet against all mailboxes in exchange, to query the permissions on each mailbox to see if this user exists in the respective permissions list.

There are two separate commands to do this - one to check for Full Access permissions, and the other to check for Send As permissions

get-mailbox -resultsize unlimited | get-mailboxpermission | where {$_.user -like $user} | select Identity, AccessRights

get-mailbox -resultsize unlimited | get-adpermission | where {($_.user -like $user) -and ($_.ExtendedRights -like "*Send-As*")} | select Identity, ExtendedRights

If any matches are found, the results will be displayed showing their Identity (ie. name) and the Access Rights level they have

Tuesday 13 September 2016

Export All Exchange Mailbox Sizes with Powershell

Here is a script you can run on your exchange server to export a list of all mailboxes on the server and the size of each mailbox. This is useful for checking/monitoring mailbox size and usage.

First of all we need to get the name of the mailbox database to query

$mbdb = get-mailboxdatabase | select Name

Next, we use this database name in the get-mailboxstatistics cmdlet to query all mailboxes within the database and export the size from the TotalItemSize field. The list is then sorted alphabetically by display name and exported to a .csv file so it's easier to view

get-mailboxstatistics -database "$($dbname.name)" | select DisplayName, TotalItemSize | sort DisplayName | export-csv "C:\1GB-MailboxList.csv" -notype

You can also implement a "filter" of sorts so that you only export mailboxes that are bigger than a certain size. For example, you may want to know how many mailboxes you have that are larger than 1GB. To do this, we add a filter using the "where {$_.totalitemsize -ge $size}" where $size is the size value you need, in bytes.

So for the example of 1GB, the $size variable would be set to 1073741824 which is 1GB in bytes.

There is a handy utility you can use by following the link below to quickly convert the size you require from GB to bytes

http://www.convertunits.com/from/GB/to/byte

$size = "1073741824"

get-mailboxstatistics -database "$($dbname.name)" | where {$_.totalitemsize -ge $size} | select DisplayName, TotalItemSize | sort DisplayName | export-csv "C:\1GB-MailboxList.csv" -notype

Monday 12 September 2016

Windows Server - Unable to extend volume - There is not enough space available on the disk(s) to complete this operation

Came across this issue today on a virtual machine running in a VMware environment. After allocating additional hard disk space to the virtual machine (running Windows Server 2012), the following error appeared when attempting to extend the hard disk;



"There is not enough disk space available on the disk(s) to complete this operation"

Even though the space was showing as "unallocated" in disk management, this error still appeared when trying to extend the volume.

The fix - turns out it was quite simple. From within the Disk Management utility, go to Action > Rescan Disks then try running the extend disk again.


Friday 9 September 2016

Get ActiveSync Enabled Accounts/Mailboxes using Powershell

Here is a short/simple script you can use to obtain a list of all mailboxes within your Exchange environment that have the ActiveSync service enabled on them.

#Add Exchange Cmdlets
add-pssnapin *exchange* -erroraction SilentlyContinue

get-casmailbox -resultsize unlimited | where {$_.ActiveSyncEnabled -eq $true}

The output will now be displayed showing all mailboxes in your environment that have ActiveSync functionality enabled on them.

You can export your results to a .csv by adding a bit more to the end of the command as per below. You can of course change the output path as required

get-casmailbox -resultsize unlimited | where {$_.ActiveSyncEnabled -eq $true} | select Name, ActiveSyncEnabled | export-csv "C:\activesyncusers.csv" -notype

Thursday 8 September 2016

Exchange 2010 New Install - Nothing Showing Under Microsoft Exchange On-Premises

After installing Microsoft Exchange Server 2010 onto a Windows Server 2012 R2, nothing was showing under the Exchange Management Console after expanding "Microsoft Exchange On-Premises".

Everything under "Exchange 2010 Organizational Health" was showing as "Unavailable"



When selecting the option to "Collect Organizational Health Data", the below error occurs stating "MMC has detected an error in a snap-in and will unload it"



To resolve this issue you need to install the latest Service Pack (SP3) for Microsoft Exchange Server 2010 - available from the following URL:

https://www.microsoft.com/en-us/download/details.aspx?id=36768

You can then install Update Rollup 14 for Microsoft Exchange Server 2010 SP3 from the following URL:

http://go.microsoft.com/fwlink/p/?LinkId=820579

As you can see below, once SP3 has been installed, the Configuration options are now available/showing under "Microsoft Exchange On-Premises" after the updates are installed

Wednesday 7 September 2016

Restoring Files & Folders from Backup - Macrium Reflect

As outlined in my previous blog post, we have setup a full backup of your PC using a free and easy to use product called Macrium Reflect.

Once you have a full backup image file available, you can open, explore and restore files from it which is what we'll be covering in this blog post.


  1. Open windows explorer and browse to the location of your Macrium Backup image file (the file will have .mrimg on the end of it)
  2. Right click on the image file and select "Explore Image"

  3. Macrium will now load a "Backup Selection" screen where you can select which of the hard drives you backed up you wish to "mount" in windows explorer. In most cases (and this example), there will be one drive available (C:), so select it by placing a tick in the box next to it then click OK.

    You can also select the option to "Enable access to restricted folders" if you wish to access files that would normally be restricted (such as files in another users profile/account)
    Also note the "Drive Letter" that is specified - in this case H:\

  4. Windows Explorer will now mount the image and open Windows Explorer to show the files contained within it. As per the screenshot below, you can see H:\ is available and is called "Macrium Reflect Image". From here, you can view/browse all the files within the image. If you wish to restore/recover files from within this image, you can simply copy and paste them from this image drive, back to your C:\ or other folder as required

  5. Once you are done, you need to "unmount" the macrium image file. To do this, right click the macrium image drive letter (H:\ in this example), then go to go Macrium Reflect > Unmount Macrium Image

Tuesday 6 September 2016

VMware Workstation - Internal Error when Starting Virtual Machine (VM)

Upon opening VMware Workstation and attempting to power on any virtual machine I occasionally get the error below, stating "Internal Error."



The fix for this in my experience has been to start the VMware Workstation Server service. To view your services press the Windows Key + R (to open the Run prompt) then type services.msc and press Enter

As you can see, even though it is set to "Automatic", for whatever reason it doesn't always start automatically - usually after the computer has been restarted.



Simply right click the service and select "Start". Once the service is started you should be able to power on your VM's from VMware Workstation.

Monday 5 September 2016

Backing Up Your PC/Computer for Free

With the relatively low cost of computer storage (hard drives) these days, and the ever increasing risk of viruses and malware infections, there's really no excuse for not backing up your PC to an external hard disk drive on a regular basis.

Having a full backup of your computer ensures that all those important files you have on your computer (think photos, songs, documents, spreadsheets etc) are able to be recovered/restored in the event of a serious problem. Such problems could be a virus or malware infection (as previously mentioned), or your computer/laptop being lost, stolen or damaged, or could even be a random hard disk drive failure that can happen from time to time.

One of the best and easiest backup solution products available that is absolutely free for home/personal use is a product called Macrium Reflect. In this blog post I'll be outlining the process for downloading, installing and configuring Macrium Reflect to backup your computer.

Macrium's process for backing up is referred to as "imaging". It essentially takes a snapshot, or "image" of everything on your hard drive and stores it into a large, compressed "image" file.

Before we begin though, you will need an external hard disk drive (USB connected) for your backup to be stored on. These can be bought from any computer or technology store. A 1TB drive would typically be large enough to backup everything on most personal computers, but large drives are available if required.


  1. To begin the installation, open your web browser and go to http://www.macrium.com/reflectfree.aspx and click the "Download" button at the top of the page. Select the option for "Home Use" if prompted.
  2. A file called ReflectDL.exe will now begin to download. Once the download is finished, run/open the file to begin the installer
  3. Ensure the option for Free/Trial software is selected (it should be by default). All other default options can remain. Click the "Download" button to begin the download.


  4. Select "Yes" to proceed with the download. Note that the download is quite large and can take some time to complete (depending on the speed of your internet connection)
  5. The installer will automatically launch once the download is completed. Click the "Next" button to begin
  6. Click "Next" again to proceed past the welcome page and begin the installer
  7. Select "I accept the terms in the license agreement" and select "Next"
  8. Your macrium reflect free license key is automatically generated and displayed here. Click "Next" to continue


  9. Registration is optional. For the purpose of this tutorial we will select "No" then select "Next"


  10. Leave the default installation options then click "Next"


  11. Click "Install" to begin the installation then click "Finish" to complete the installation when prompted


  12. A shortcut to the Reflect application should have been placed on your desktop. Double click the icon to launch Macrium Reflect


  13. From the main Reflect window, ensure you are on the "Create a backup" tab. Select the disks/drives you wish to backup then click the "Image this disk..." option. For this example, we will only be imaging/backing up the C:\ (system drive). If you have multiple disks/drives you can select them from this screen.


  14. Select the destination folder for where the backup image file is to be kept. This should be the external hard drive you have connected to your computer. In this example, my external hard drive has drive letter G:\ assigned to it, and I'll store the backup in a folder called "Win10Backup" on the G:\. Click "Next" to continue


  15. From the next screen you can select a retention or schedule/policy for your backups. You can click the "Add Schedule" button and select the option for "Full". I recommend running a full backup on a weekly basis. Schedule the backup to run on a day/time where the computer is not being utilised (the computer will need to be left switched on for the backup to run). For this example, we'll schedule to run on Monday mornings at 2:00am




  16. Uncheck the options to "Define Retention Rules" and set the option to "Purge the oldest backup set(s) if less than 500GB remaining". Click "Next" to continue


  17. Review your settings and click "Finish" to complete the process
  18. Uncheck the option to "Run this backup now" then click "OK" to save the backup definition file you've just created


  19. You will now be taken to the "Backup Definition Files" tab where you can see the backup definition you have just created. From here you can make amendments/adjustments to the backup file if required


  20. From the "Scheduled Backups" tab you can also review the schedule for your backups and can make amendments if required



    Depending on the size of your hard drive(s) and the amount of data on them, it can take several hours for a backup to complete.

    Once a full backup has completed, you can check for a .mrimg file in the backup location you specified in Step 14 (above). If there is a file in this folder then you have successfully backed up your computer to an image file!



    Stay tuned for my next blog post where I'll run through the process of restoring/recovering files from a backup image file.