Backtrack:

showing posts tagged with 'windows'
by lunarg on January 22nd 2016, at 11:53

After uninstalling Malwarebytes Anti-Malware from a domain-joined computer, you may get the following error each time the computer reboots:

The program can't start because Qt5Widgets.dll is missing from your computer. Try reinstalling the program to fix this problem.

To resolve the issue, you need to manually remove a registry key using regedit:

• On 32-bit, navigate to the key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
• On 64-bit, navigate to the key:
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run

Remove the value with name Malwarebytes Anti-Malware.

by lunarg on January 12th 2016, at 10:22
When updating the ADMX Central Store from Windows 10 to Windows 10 v1511, you may encounter the following error when attempting to view or edit group policies:

Namespace ‘Microsoft.Policies.WindowsStore’ is already defined as the target namespace for another file in the store.

File \\domain.fqdn\SysVol\domain.fqdn\Policies\PolicyDefinitions\WinStoreUI.admx, line 4, column 80

A similar problem is referenced in KB 3077013 but basically also applies to this issue:

On a domain controller, using Explorer, navigate to the ADMX Central Store:...\SYSVOL\domain\Policies\PolicyDefinitions

Delete the file WinStoreUI.admx and all occurances of WinStoreUI.adml (under each la  ...
by lunarg on January 12th 2016, at 10:20
When updating the ADMX Central Store from Windows 10 to Windows 10 v1511, you may encounter the following error when attempting to view or edit group policies:

Namespace ‘Microsoft.Policies.WindowsStore’ is already defined as the target namespace for another file in the store.

File \\domain.fqdn\SysVol\domain.fqdn\Policies\PolicyDefinitions\WinStoreUI.admx, line 4, column 80

A similar problem is referenced in KB 3077013 but basically also applies to this issue:

On a domain controller, using Explorer, navigate to the ADMX Central Store:folder containing SYSVOL\SYSVOL\domain\Policies\PolicyDefinitions

Delete the file WinStoreUI.admx and all occurances of WinStoreU  ...
by lunarg on December 7th 2015, at 12:58

You can disable the keyboard shortcuts, the so-called sticky keys, through a group policy. This is a user setting, and although there's no true policy for this, you can disable it through a group policy preference registry entry:

HKEY_CURRENT_USER\Control Panel\Accessibility\StickyKeys\Flags="506"

Navigate to:

User Configuration → Preferences → Windows Settings → Registry

There, create a new entry:

• Action: Update
• Hive: HKEY_CURRENT_USER
• Key path: Control Panel\Accessibility\StickyKeys
• Value name: Flags
• Value type: REG_SZ
• Value data: 506
by lunarg on November 27th 2015, at 12:39
On a fresh install of Windows Server 2012R2, not joined to a domain, the first network connection (obtained through DHCP) is always treated as a Public network. Normally, when joining a domain, the network connection then becomes a Domain network, but if the server will not be joined to a domain, you probably will want to set it to Private. Unfortunately, the Public Network link in Network Center is not clickable, and thus, cannot be changed. But you can make the change anyway through the Local Security Policy.

Open Local Security Policy (Start → Run → secpol.msc

Under Security Settings, click Network List Manager Policies.

Look for the entry corresponding with your network (usu  ...
by lunarg on November 26th 2015, at 15:52
By default, when rebooting a server, Windows will wait for 20 seconds for services to shut themselves down, after which Windows will kill the service. For most systems, this "kill timeout" is sufficient but some applications require more time to do a graceful shutdown (e.g. Dell AppAssure is one of them).

You can change this timeout value by adjusting the string value WaitToKillServiceTimeout in the registry, located at:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control

WaitToKillServiceTimeout sets the timeout value in milliseconds. You can change it to whatever you like. For example: for 10 minutes, set the value to 600000.

Note that increasing this value does not mean the   ...
by lunarg on November 26th 2015, at 15:10
When scheduling the run of a Powershell script through Task Scheduler, it is highly recommended to set up the task to run accordingly:

powershell.exe -NoProfile -NoLogo -NonInteractive -ExecutionPolicy Bypass -File "path\to\script.ps1"

Scheduling Powershell scripts in this manner will prevent the dreaded 0x1 exit code from happening.

-NoProfile prevents loading of the user's profile, speeding up the startup of the script and preventing the script from depending on user-specific settings and scripts.

-NonInteractive will allow a script to exit rather than waiting indefinitely when a user prompt occurs.

Setting the -ExecutionPolicy to ByPass or Unrestricted will allow unsigned s  ...
by lunarg on November 18th 2015, at 12:44

From an IT management point-of-view, Google Chrome does not play nice: users that have limited rights on the computer system they work on (a standalone computer or on a Terminal server) can simply install Google Chrome without an admin's consent, totally bypassing any kind of approval. Luckily, this can be countered by setting up software restrictions through a group policy.

by lunarg on November 4th 2015, at 15:04
Outlook 2010 and newer have a "Tasks" Jump list, allowing you to quickly create new items by right-clicking the Outlook icon in the taskbar.

Sometimes, the jump list doesn't work properly or disappears altogether, usually after updates or a re-install of Office/Outlook. There are two workarounds to resolve this, both through the registry:

Unpin the Outlook icon from the taskbar.

Exit Outlook.

Open regedit.

Navigate to the key:HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Outlook

Delete the registry value LastUILanguage. You can optionally rename it to have a backup.

Start Outlook again.

Re-pin the Outlook icon to the taskbar.

Replace the number in blue with the numeri  ...
by lunarg on October 19th 2015, at 14:06
In a Windows Failover Cluster, you can move roles from one node to another node using the Failover Cluster Manager. Unfortunately, the GUI in 2008 R2 does not provide a way to move the quorum disk to another node. For this, you need to use the cluster command-line tool. This tool allows complete management of the cluster and its roles from the command-line, and this also includes moving the quorum disk.

Note that the cluster command-line tool no longer exist on 2012 and up. In that case, you need to use the Powershell cmdlets for Failover Cluster.

Each 2008R2 failover cluster comes default with two resource groups that are always present:

Available Storage contains all storage that hasn't  ...
by lunarg on September 23rd 2015, at 14:16
Since 2008, when a (local or domain) admin logs on a Windows Server, Server Manager is automatically started. This is often unwanted and tedious, especially with later versions, which take time to load and cannot be closed until they're done loading.

You can disable automatic startup of Server Manager through a group policy. Apply this to all your servers will prevent Server Manager from starting up, even on new servers and users logging on a server for the first time.

Create (or open an existing) group policy which gets applied to your servers.

In the policy, navigate to: Computer Configuration → Policies → Administrative Templates → System → Server Manager

Set Do no  ...
by lunarg on September 21st 2015, at 12:40

This one-liner will output a list of installed programs, similar to what you get when looking it up through Control Panel → Add/Remove Programs.

Get-WmiObject -Class Win32_Product | Select-Object -Property Name

The advantage of this cmdlet is that you can dump it to a text file:

Get-WmiObject -Class Win32_Product | Select-Object -Property Name > Software.txt

And through PS remoting, you can also run this on remote systems.

by lunarg on September 16th 2015, at 17:24
After demoting a domain controller, the related event logs (DNS Server, File Replication Service, and Directory Service) are not removed. While this is technically not an issue, it can potentially confuse monitoring systems (SCOM inadvertently detects a DNS server while there is none). Or, perhaps you should want to be tidy.

Open regedit.

Navigate to:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog

This key contains a subkey, one for each event log. Remove the following keys to remove the event logs:Directory Service

File Replication Service

DNS Server

You do not need to reboot the server. The logs are immediately removed from the Event Viewer.

Although the change is effe  ...
by lunarg on September 11th 2015, at 10:15

There are two methods to specifically target 32-bit or 64-bit OS'es in group policies.

### WMI filter

• For x64 (64-bit):
• Namespace: root\CIMv2
• Query: SELECT * FROM Win32_Processor WHERE AddressWidth = '64'
• For x86 (32-bit):
• Namespace: root\CIMv2
• Query: SELECT * FROM Win32_Processor WHERE AddressWidth = '32'

### Environment variable

Another method is to check the value of the %Processor_Architecture% variable:

• For x64 (64-bit): %Processor_Architecture% is AMD64
• For x86 (32-bit): %Processor_Architecture% is x86
by lunarg on September 10th 2015, at 13:10
Installation of certain Windows updates may fail to complete. Although the installation itself succeeds, the configuration part does not complete, and the changes are reverted, causing all updates to fail. When looking at the update history (Windows Update → View update history), the updates have failed with error code 0x800F0922:

The following updates are known to be affected by this, but there are probably others as well.

Windows 8/Server 2012: KB2756872, KB2770917, KB2955163

Windows 8.1/Server 2012 R2: KB2919355

The affected updates fail to install because the System Reserved partition (not the C:-drive) is full or nearly full.

In my case, a log file in the System Volume Infor  ...
by lunarg on September 9th 2015, at 11:43

A newer RSAT version is always backwards compatible with older server OS versions. For example, all Windows versions from 2012 R2 and below are fully supported by RSAT for Windows 10.

Older RSAT versions can manage newer server OS versions, but only features that are also present in older OS versions can be managed properly. For example, RSAT for Windows 7 partially supports 2012 R2: features that are present on 2008 R2 can be managed, but features unique to 2012 or 2012 R2 cannot).

by lunarg on September 8th 2015, at 11:20
When installing a lot of Windows updates, or a few very large updates (such as a service pack or KB2919355), the updates may fail and the system may revert the changes. If that happens, check the Windows Update history (Windows Update → View update history), and view the details of the failed updates.

If the error code is 0x800F0922, verify whether there's still enough free disk space available on the system drive (C:-drive). If the volume is almost full, there may be enough to download updates, but not enough to actually install them. Aside of the downloaded packages, the unpacking and installation of updates, additional space is needed for system restore points and the old versions  ...
by lunarg on September 8th 2015, at 09:44
If Windows Update mysteriously fails to install updates, it may become necessary to completely clear the Windows Update cache. This resets the state of updates, removes downloaded files and requires Windows Update to completely re-analyze your system to figure out what updates are required.

The procedure is non-invasive and can be performed on workstations and servers alike and without downtime.

Open an elevated command prompt.

Stop the Windows Update service: net stop wuauserv

Remove the SoftwareDistribution folder, containing the complete cache and downloads: From the command prompt: cd /d %windir%rd /s SoftwareDistribution

Or, remove the folder through Windows Explorer.

Start the   ...
by lunarg on September 4th 2015, at 13:57

The Microsoft File Checksum Integrity Verifier (fciv.exe) is a command line tool you can use to calculate MD5 and SHA1 hashes for files.

It is a suitable alternative to linux's md5sum, and eliminates the need for third party tools or Cygwin.

by lunarg on September 2nd 2015, at 10:02
Older versions of the Cisco AnyConnect VPN client seems to remove the Connections tab from Internet Options, whenever a VPN connection is made. The tab is restored upon a graceful disconnect of the connection. But sometimes, if the user abruptly closes the connection (e.g. the computer shuts down incorrectly), in which case, the Connections tab is not restored and stays hidden forever. Users are then no longer to go to Internet Options to adjust e.g. proxy settings.

AnyConnect creates a registry key to hide the Connections tab on a connect, and removes it on a disconnect:

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Control Panel] "ConnectionsTab"=dword:00000  ...
showing posts tagged with 'windows'
 « ‹ August 2017 › » Sun Mon Tue Wed Thu Fri Sat 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

Quote
« Stripes on a tiger are hard to change. »
The Noisettes