showing posts tagged with 'windows'
by lunarg on October 6th 2017, at 12:49

Although unsupported, it is possible to install Microsoft Security Essentials on a Windows Server 2012.

To do this, set the compatibility of the downloaded file to Windows 7, then start that file with the parameter /disableoslimit.

The installation goes without a problem, and as far as I can tell, there are no compatibility issues.

by lunarg on September 15th 2017, at 10:06
Sometimes it may become necessary to make changes to a DHCP scope on your Windows DHCP Server. Unfortunately, for existing scopes, not all scope options are editable, and it can become quite a hassle to recreate the scope, especially when there are a lot of reservations. Luckily, there's a workaround which allows you to edit the scope options, which is by using netsh.

It is not possible for netsh to directly edit scope options, but you can create a dump of the complete scope configuration (including all reservations), edit the resulting file, and import it back into the DHCP server. For this to work, you'll need admin (elevated) privileges on the DHCP server.

The procedure described  ...
by lunarg on August 22nd 2017, at 13:49
After successfully extending a partition on a VM, Disk Management shows the correct partition size but Explorer still shows the old size, even after a reboot.

The reason for this is that while the partition has been extended to the new size, the filesystem itself has not. Normally, Disk Management should first extend the partition, then the filesystem, but for some reason, the second part did not happen.

To resolve, perform an extension of the volume using diskpart.

Open an elevated command prompt and start diskpart (type diskpart and press Enter).

List all volumes to find out which volume number corresponds with the drive you need to resize: DISKPART> list volume

Select the volume  ...
by lunarg on July 24th 2017, at 10:06
Windows Server 2016 no longer has an option to enable Desktop Experience from Server Manager. Instead, most (but not all) features are enabled by default. One such feature is Windows Photo Viewer, which no longer seems to be available, and there's no clear way of enabling or installing it. Luckily, there's a workaround to get it enabled again.

First of, you need to check on Server 2016 whether the required files are already present. If you have selected to install the full UI, the required files should already be there:

C:\Program Files\Windows Photo Viewer\

C:\Program Files (x86)\Windows Photo Viewer\

They should already be present on a fresh install of Server 2016, but if not, then you  ...
by lunarg on April 3rd 2017, at 14:44

You can download the latest version of iSCSI Initiator for Windows 2000, 2003 and XP. This will upgrade any previously installed version to the latest version:

by lunarg on January 31st 2017, at 08:55
When installing Sonicwall NetExtender 8.0.241 or later on Windows 7, you may get the following error:

"Damaged version of net extender detected on your system. Please re download net extender"

The reason for this error is you probably are missing Windows Update KB3033929, which adds SHA256 support into Windows. Because SHA256 certificates are now the new norm, the latest Sonicwall certificates also use this hashing algorithm. Without the update, Windows 7 and Server 2008R2 do not have support for SHA256.

You can resolve the issue by installing the update, then reinstalling NetExtender:

Download and install KB3033929.

Uninstall Sonicwall NetExtender (via Control Panel).

Delete  ...
by lunarg on January 19th 2017, at 14:49
ADMT stands for Active Directory Migration Tool and is used to migrate AD objects (such as users, groups, computers, etc.) from one AD forest or domain to another, supporting complex scenarios in the process.

Why Microsoft hides their most useful tools is a mystery though. So here are the download links. You will need to accept some EULAs and have a Microsoft Account if you wish to download it though.

Navigate to

If you have not done so, you will have to log on with a Microsoft Account and join the program and accept its EULA things.

Then, you will be able to click through to the download page and download ADMT version 3.2, and, if req  ...
by lunarg on November 7th 2016, at 16:40
If your Windows 7 happens to be stuck in Startup Repair, where allowing it to repair your computer still results in going back to Startup Repair, and restoring a restore point doesn't help either, you could try to manually restore the Windows Registry to the last known good configuration.

Allow your computer to boot into Startup Repair, but rather than letting it perform the automatic repairs, click to go to the System Recovery Options menu. From there, you can open a command prompt.

Locate the system drive: this is usually the C: drive, but if not, navigate to other drivers and look for folders like Program Files, Users and Windows.

Once you've found the correct drive, navigate to the fo  ...
by lunarg on August 2nd 2016, at 09:54

Sometimes, being an Administrator just isn't enough. In that case, try being the SYSTEM account... You can run processes as the local SYSTEM account quite easily with PsExec (64-bit).

Use it as follows:

psexec -i -s cmd.exe

The command above would run a command prompt as the SYSTEM account. You can replace cmd.exe with something else, although from a command prompt, you can basically run anything else, all as the SYSTEM account.

Use with caution
Running processes as the SYSTEM account can be potentially dangerous as you will bypass several built-in security restrictions. But I guess that's the reason why you want to use the SYSTEM account...
by lunarg on August 1st 2016, at 16:36
QNSM stands for Quick Network Share Mounter and is a sort of bookmark and session management tool for network mapped drives. It was specifically designed for the ICT Administrator who visits a lof of different clients and thus, visiting a lot of different network setups. This tool works regardless of remembered passwords and to which domain you belong, and there are many advantages to this "crude" tool.

NOTICE: before reporting bugs, make sure you have the latest version installed.


Advantages and disadvantages

System requirements


Version history

There are two flavours of this tool available:

The installable edition, which is the recommended version for most  ...
by lunarg on June 27th 2016, at 09:42
If you're looking to uninstall a specific update, you'll find that it's quite tedicious to do this via the GUI. It shows an endless list of updates and it's very difficult to find the right one through its KB number. Fortunately, you can also uninstall updates from the command line, by specifying only its KB number, which is veeerry useful indeed.

Open an elevated command prompt and run the following command to uninstall an update by its KB number:

wusa /uninstall /kb:3035583

Replace the number with the number of the KB you wish to uninstall (the line above would uninstall the Windows 10 Upgrade prompt).

You can also add additional parameters:

wusa /uninstall /kb:3035583 /quiet /noresta  ...
by lunarg on June 6th 2016, at 16:24
While not recommended, it is possible to use one RDS gateway for multiple RDS farms, each with their own broker. In this case, the RDG must use the same FQDN in all deployments, and you should only make changes to its configuration from only one of the deployments.

In 2012, it is not possible to use one RDS WebAccess to service multiple brokers. It can only be used on a single deployment. Attempting to add the WebAccess server to another deployment will overwrite the configuration of the first deployment.

A better approach would be to create a single deployment with an RDS WebAccess, RDG and broker (single or HA), and add your "different deployments" as collections to the broker.  ...
by lunarg on May 23rd 2016, at 15:27
Internet Explorer 8 is the last version for Windows XP and 2003, but with them no longer being supported, the download links have been removed as well, making it difficult to download and install it. Although XP and 2003 are quite outdated, certain scenarios still require the use of XP and/or 2003.

A default install of XP/2003 contains Internet Explorer 6, so not being able to download IE8 would result in those systems running an even more outdated and unsecure browser. While IE8 isn't that much better, I consider it a tiny bit more secure, hence this article...

For the moment, the standalone installation files still exist on the Microsoft servers, but they are no longer linked to from the  ...
by lunarg on April 26th 2016, at 16:56
If you have an encrypted DMG on Mac and you need to access the contents on a Windows machine, you can use HFSExplorer!

Similar to Microsoft's Bitlocker, you can also encrypt entire drives/partitions with a high-grade security algorithm. And just like Bitlocker can encrypt virtual harddisks (VHD), Mac can encrypt volumes stored in a DMG. Out of the box, the two technologies are not at all compatible. But there are some third-party tools out there which allow you to access encrypted DMGs from Windows.

HFSExplorer is an open-source utility on Windows which can open any type of DMG and also supports opening encrypted DMGs. To install the software, you will need to have 32-bit Java installed (d  ...
by lunarg on April 22nd 2016, at 11:09

You may encounter the problem with Windows Update to take an extreme amount of time to search for updates. Additionally, the Windows Update process (part of svchost.exe) runs at 100% CPU time and uses a large amount of memory.

You can resolve this by installing the optional KB3102810.

If you are installing a fresh copy of Windows 7 / 2008R2, it is also highly recommended to install KB3112343 before searching for other updates. This considerably speeds up the search for updates.

by lunarg on April 21st 2016, at 16:43
During the installation of ADMT PES (Password Export Server), the installer reports the encryption key password is wrong, even though you're absolutely sure it's the correct password. Although KB2004090 states this is for 3.1, the problem also exists on 3.2.

The reason for this is that the MSI installer does not elevate the session. If you are not logged on with the Administrator-account, the elevation does not occur automatically and the error mentioned above will appear, without any mention of elevation requirements.

To work around the issue, you can follow the steps below. This will ensure the MSI installer runs in an elevated session and the installation will continue as normal. Altern  ...
by lunarg on April 20th 2016, at 15:47
A few steps to enable management of your Office 365 subscription using Powershell. One uses Powershell because not all configuration is available through the Office 365 Portal, and it's also useful for automation.

UPDATE (2016-04-20): updated links and information.

Download and install the Microsoft Online Services Sign-In Assistant.This is required in order to be able to sign in to Office 365.

Download and install Azure Active Directory Module for Windows PowerShell (64-bit version).Note: 32-bit users, see below.

Optionally, you can also download and install modules to manage Sharepoint Online and Skype for Business Online.

32-bit Azure AD Module
From October 20, 2014, the Azure Ac  ...
by lunarg on April 8th 2016, at 16:16

Windows checks its access to the internet by performing an HTTP GET to the following URL:

If the request succeeds, Windows determines that the connection to the internet is up. The mechanism uses whatever has been set up as an internet connection and will also use any configured proxy.

by lunarg on March 17th 2016, at 13:30
There are a variety of methods to enable Remote Desktop and Remote Management from a script. This is particularly useful if you have many Core Servers and no SCCM or some other deployment system.


(Get-WmiObject Win32_TerminalServiceSetting -Namespace root\cimv2\terminalservices).SetAllowTsConnections(1,1)Set-ExecutionPolicy Unrestricted -ForceEnable-PSRemoting -Force

This enables Remote Desktop with NLA (first param), adjust the required firewall rules (second param), and finally, enables Remote Management.


cscript %windir%\system32\scregedit.wsf /ar 0cscript %windir%\system32\scregedit.wsf /cs 1

Like the PS variant, this enables Remote Desktop while the second line   ...
by lunarg on March 14th 2016, at 09:51

It is currently not possible to directly map a drive letter to a redirected folder when connecting to a server using Microsoft RDP. Most programs do not require a drive letter but in case you do need a "local path", you can create a symlink in order to achieve this.

MKLINK /D C:\MyFolder \\tsclient\MyFolder

This will create a "symlinked" folder on your C-drive, which you can then use to work with files and folders of the redirected folder. The symlink is persistent across reboots.

showing posts tagged with 'windows'