Tips&Tricks – Opening CMD or Powershell Directly from the Explorer Folder

And here’s a nice tip that at least for me was a nice surprise. I think it only works since Windows 10 but I’ve not tested it yet.

There’s a lot of articles explaining how to tweak Windows so that when you right-click somewhere you can open command-prompt (CMD) or anything else.
For me this is not ideal because I need to use a lot of different computers and it’s more practical to know tips and tricks that work on any computer that is not mine.

So, imagine you’re on a folder using Windows Explorer and you need to open powershell or cmd there.
It’s as easy as write that up in the Explorer’s address bar.

And yes…is as simples as that! ;)

Tips & Tricks – Import/Export Windows Firewall Settings Command-Line

Here’s a nice tip for those that for some reason need to configure Windows Firewall (or Windows Defender Firewall on Windows 10).

The recommended way to do this should be using a group policy but because you may have a non-domain joined machine on your network, here’s how to do it.

1. First of all, configure everything you need in Windows Firewall on a reference machine
2. Then, open an elevated command-prompt and type the following command:
   netsh advfirewall export “C:\Temp\WindowsFirewallRules.wfw”
   
   
3. Now that you have the file, you can import it to any machine using the following command:
   netsh advfirewall import “C:\Temp\WindowsFirewallRules.wfw”
   
   

If for any reason you need to reset firewall rules to default values just type:
netsh advfirewall reset

Win10 – “Sets” – What belongs together, stays together!

So Microsoft eared all about it and developed “Sets”. This is not the final and definitive name but will be available soon for everyone on Windows Insider Program (WIP).

This new feature will allow users to have a similar experience with tabs like in Edge browser.
The new mantra for “Sets” is that what belongs together stays together.
Basically this means that you can aggregate on a single window everything you need about a subject.

For example, during a project, you need to browse some websites, edit your PowerPoint presentation and create a Word document, all this on the same window what should make you work faster.

Here’s a video from Microsoft showing off Windows “Sets”:
Microsoft Windows - Sets in Windows 10

Issues – Microsoft Office Excel 2016, 2013 Cursor Flickering with Windows 10 v1709 (Fall Creators Update)

After deploying Windows 10 v1709 (Fall Creators Update) and when opening an Excel spreadsheet I’ve noticed a strange behavior where even on a blank spreadsheet the mouse cursor seemed to flicker all the time.

Thought it was something related with my display driver so I’ve updated to a different one and still the same behavior. It’s something like the video below.

This is still an ongoing investigation like reported on Microsoft Office Support website:
Excel cursor flickers after updating to Windows 10 Fall Creators Update (v1709)

Tips&Tricks – Extracting MSI from Adobe Acrobat Reader DC

It’s been a while since Adobe stopped to distributing directly the msi files to install Adobe Acrobat Reader DC, but there’s a really easy way to extract it from the exe file.

Here’s a command-line example for the latest version 18.009.20044:

1. Download the *.exe as usual from the Adobe Acrobat Reader DC Distribution website
2. Now open an elevated command-prompt and navigate to where o saved the download file
3. Run the following command-line: AcroRdrDC1800920044_en_US.exe –sfx_o”C:\Temp\Adobe” –sfx_ne

(“C:\Temp\Adobe” should be replace for your preferred location)

And you’re done.

Windows 10 – KB4048955 - Cumulative Update – November 14, 2017

It’s now available the Microsoft Windows 10 Cumulative Update November 14, 2017.
The quality update KB4048955 sets Windows 10 build to version 16299.64.

Improvements and Fixes

• Addressed issue that causes the Mixed Reality Portal to stop responding on launch.
• Addressed issue that causes a black screen to appear when you switch between windowed and full-screen modes when playing some Microsoft DirectX games.
• Addressed a compatibility issue that occurs when you play back a Game DVR PC recording using Android or iOS devices.
• Addressed issue where the functional keys stop working on Microsoft Designer Keyboards.
• Addressed issue to ensure that certain USB devices and head-mounted displays (HMD) are enumerated properly after the system wakes up from Connected Standby.
• Addressed issue where the virtual smart card doesn't assess the Trusted Platform Module (TPM) vulnerability correctly.
• Addressed issue where Get-StorageJob returns nothing when there are storage jobs running on the machine.
• Addressed issue where applications based on the Microsoft JET Database Engine (Microsoft Access 2007 and older or non-Microsoft applications) fail when creating or opening Microsoft Excel .xls files. The error message is: “Unexpected error from external database driver (1). (Microsoft JET Database Engine)".
• Addressed issue where application tiles are missing from the Start menu. Additionally, applications that the Store app show as installed don't appear on the application list of the Start menu. Computers that have Internet connectivity and upgrade on or after November 14, 2017 will receive this preventative solution and avoid this issue. Machines that lack network connectivity or have already encountered this issue should follow the steps in the Microsoft Answers thread “Missing apps after installing Windows 10 Fall Creators Update”. Microsoft will release and document an additional solution in a future release.
• Addressed issue where Microsoft Edge cannot create a WARP support process and appears to stop responding for up to 3 seconds during a wait timeout. During the timeout period, users cannot navigate or interact with the requested page.
• Security updates to Microsoft Scripting Engine, Microsoft Edge, Microsoft Graphics Component, Windows kernel, Internet Explorer, and Windows Media Player.

Download
You can download this cumulative update from Microsoft Update Catalog

Tips & Tricks – IE11 Enterprise Mode – Forcing to Update Websites List

Sometimes you need to do a quick change to your IE11 Enterprise Mode site list and you also need to quickly test this change.

To force the update of websites list just do the following:

1. Do you changes using the Enterprise Mode Site List Manager
2. On your target machine, close all Internet Explorer instances
3. Open registry editor (regedit.exe)
4. Navigate to HKEY_CURRENT_USER\Software\Microsoft\InternetExplorer\Main\EnterpriseMode
5. Delete the entry called “CurrentVersion”
6. Open Internet Explorer again
7. Done!

Deploy Tips&Tricks – Removing Superseded Components After Base Image Creation

If you’re creating a base or golden image with a lot of updates, it’s good to cleanup superseded components before saving your new wim file.

Here’s a simple way using DISM command line tool:

1. Just before finish your image (on a task sequence for example)
2. Run the following command: DISM /Online /Cleanup-Image /StartComponentCleanup /ResetBase

This will cleanup the superseded components.
Just be aware that after running the DISM command all existing service packs or updates cannot be uninstalled.

For a complete list of available commands and options just type this on an elevated prompt:
DISM /Online /Cleanup-Image /?

Microsoft Store Will Let You Buy Surface Products - Take a Look!

It’s getting more and more clear that Microsoft will create a real “Microsoft Store” end to end. After change the store name from “Windows Store” to “Microsoft Store”, more than apps or games you’ll be able to buy almost everything from Microsoft, a new “trick” allows you to see what’s coming.

Just follow this quick and easy trick!

1. Open Run dialog box
2. Write down ms-windows-store://navigatetopage/?PageName=ShopSurface
3. And…take a look to all Surface Products you’ll be able to buy directly from Microsoft Store

VMware vSphere Web Client – Shockwave Stopped Working (Solved!)

It was noticed along the web and I’ve experienced this myself.

After updating Adobe Flash Player to 27.0.0.170 I couldn’t connect to vSphere Web Client (Flash version) with Google Chrome or Opera browsers.

You would get an “Shockwave Flash crash” similar to the one below:

Well, recently Adobe launched an update to Adobe Flash Player (27.0.0.183) that solves the issue.

You may also experience the same issue with Microsoft Edge. The new update that solves this issue.
Just run Windows Update or download the KB4049179 directly from Microsoft Update Catalog.

Win10 – What’s new for IT Pros in Windows 10 v1709 (Fall Creators Update)

Here’s a nice video from Microsoft about the new features of Windows 10 v1709 (Fall Creators Update) with focus on things that IT Pros need to know:

What's New in Windows 10, version 1709 for IT Pros

GPOs – Administrative Templates for Windows 10 v1709 (Fall Creators Update) Release

Well…this week of course is completely full of Windows 10 v1709 (Fall Creators Update) downloads!

So here are the new group policy administrative templates (.admx) for the new Windows 10 release:
Microsoft - Administrative Templates (.admx) for Windows 10 Fall Creators Update (1709)

Win10 Deploy – v1709 (Fall Creators Update) – You’ll Need to Change Your “RemoveApps” Script!

This new paradigm of Windows as a Service (Waas) really makes SysAdmins to change the way they work and also adapt really really quick.

Following the release of Windows 10 v1709 (Fall Creators Update), and if like me you use a Powershell script to remove provisioned apps during image deployment or golden image creation, you’ll notice…a lot of broken things on you script.

This happens because of changes on the apps version…so…or you create a more complex script that just looks for the beginning of the application string or you adapt your script to this new release.

So…you try to install you golden image with Microsoft Deployment Toolkit (MDT) and you get the following error when finishing:

Now…don’t close this Window right yet. Instead, follow this steps:

1. Open a Powershell prompt
2. Execute the following command: Get-AppxPackage –Online > C:\Apps.txt
3. This will create a file called Apps.txt on you C: drive with all the installed/provisioned apps. It will be something similar to this:
   
4. Now you just need to copy/paste the updated “PackageName” to your script and everything works fine again.

Just a quick note to remember that for example Microsoft 3DBuilder app was removed from Windows 10 v1709 so you may completely remove that line from your script.

Remote Server Administration Tools for Windows 10 v1709 (Fall Creators Update) Released

And again…following the wave of releases for Windows 10 v1709 (Fall Creators Update), Microsoft launched a new Remote Server Administration Tools (RSAT).

Just be aware of this additional information in the download website about some issues you may encounter with this version:

Go ahead and download the new RSAT here:
Microsoft - Remote Server Administration Tools for Windows 10

GPOs Settings Reference Spreadsheet Updates for Windows 10 v1709 (Fall Creators Update)

Following Windows 10 v1709 (Fall Creators Update) release, Microsoft updated their reference documents of Group Policy Settings.

These spreadsheets list the policy settings for computer and user configurations that are included in the Administrative template files delivered with the Windows operating systems specified. You can configure these policy settings when you edit Group Policy Objects.

Go ahead and download it here:
Microsoft Group Policy Settings Reference for Windows and Windows Server

Windows 10 – KB4043961 - Cumulative Update – October 17, 2017

And here’s the first cumulative update for Windows 10 v1709 (Fall Creators Update)!

This is Microsoft Windows 10 Cumulative Update October 17, 2017.
The quality update KB4043961 sets Windows 10 build to version 16299.19.

Improvements and Fixes

This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include:

• Addressed issue where, after removing apps, they're reinstalled on every restart, logoff, and login.
• Addressed issue where localization of the error output from a JET database is broken. Only English error strings are reported.
• Security updates to Windows kernel-mode drivers, Microsoft Graphics Component, Internet Explorer, Windows kernel, Microsoft Windows Search Component, Windows TPM, Windows NTLM, Device Guard, Microsoft Scripting Engine, Windows Wireless Networking, Microsoft Windows DNS, Windows Server, Microsoft JET Database Engine, and the Windows SMB Server .

Download
You can download this cumulative update from Microsoft Update Catalog

Windows 10 v1709 (Fall Creators Update) - Features that are removed or deprecated in Windows 10 Fall Creators Update

Like any other major release, or like it’s called nowadays, feature update, of Windows 10 there are some features that get removed or deprecated.

For Windows 10 v1709 (Fall Creators Update) here’s the list of features that changed:
Microsoft Support - Features that are removed or deprecated in Windows 10 Fall Creators Update

Windows 10 1709 (Fall Creators Update) Changes to Media (ISO) on VLSC – ATTENTION!!

Microsoft Windows 10 1709 (a.k.a. Fall Creators Update a.k.a. FCU) was launched today.

Like on my previous post, you can download the installation media (ISO) from the usual relevant distribution channels: the Volume Licensing Service Center (VLSC), Windows Update for Business, Windows Server Update Services and Visual Studio Subscriptions (MSDN).

Now…for the ISOs that you download from VLSC or MSDN, you need to be aware on some changes.

Instead of separated media packages for each SKU (WIndows 10 Pro; Windows 10 Enterprise; Windows 10 Education), the Windows 10 v1709 that you download, will include in the ISO a single WIM file with all this version.

So, when using this ISO in tools such as Microsoft Deployment Toolkit (MDT) or Microsoft System Center Configuration Manager (SCCM) make sure you select the appropriate image index in you task sequence.

Here’s the index table for your reference and…save you some time:

Image Name	Index
Windows 10 Education	1
Windows 10 Education N	2
Windows 10 Enterprise	3
Windows 10 Enterprise N	4
Windows 10 Pro	5
Windows 10 Pro N	6

Windows 10 Enterprise 1709 (Fall Creators Update) Now Available on MVLSC

It’s now available for download the new Microsoft Windows 10 Enterprise v1709 (a.k.a. Fall Creators Update a.k.a. FCU) through Microsoft Volume Licensing Service Center (MVLSC).

So go ahead to MVLSC website and download it today:
Microsoft Volume Licensing Service Center

Tips&Tricks – Google Chrome MSI Offline Installers

It starts to be a common thing for an enterprise to give their users the possibility to have two browsers.
One for their business applications and and alternative for all the other browsing and usually this means Google Chrome, that by the way, it’s getting stronger on giving better IT resources like GPOs to better control their browser on an enterprise environment.

It’s than important that SysAdmins have MSI files or offline installers so the deployment of Google Chrome gets smoother.

Thinking on this, Google has available a website for everything you need to correctly deploy and manage Google Chrome on you enterprise:

Google Chrome for the Enterprise

On the above you’ll find resources like the offline installers for the latest versions of Google Chrome but also bundles with the browser itself, GPOs Administrative Templates, and more.

Enjoy!

Tips&Tricks – Adobe Software – New Releases RSS Feeds

You’re a SysAdmin and need a way to always be up-to-date with new releases of Adobe Reader and Adobe Flash Player?

Just subscribe to this 2 RSS feeds:

Adobe Reader Releases

Adobe Flash Player Releases

Windows 10 Fall Creators Update – Improved Formatting for Windows Update Log

I must say…finally!

For those that needed to get Windows Update log using powershell with the cmd-let “Get-WindowsUpdateLog” there was a really annoying issue to read this “compiled log”.

Basically what happened was that after you run the cmd-let, and you opened the log file you’ll noticed that the formatting was completely a mess typically because the symbols weren’t there. That was usually a temporary situation, waiting for the symbols to be uploaded to a server and indexed.

Well….but if, for example, you were troubleshooting a machine that need to be out of the network? Than you’ll never get the correct formatting for the log file unless you copied it to a connect machine.

Now, with Windows 10 Fall Creators Update (v1710) or if you’re a Windows Insider with at least v1709, this issue was completely “fixed".
This means that running “Get-WindowsUpdateLog” you’ll automatically format the log file, without the need to have any network connection.

Here’s an example on how the log file looks with automatic formatting even without network:

Win10 – Windows as a Service – Wrap-Up and Resources

One of the most “dramatic” changes with Windows 10, specially for an enterprise, is the new (not so new now) Windows as a Service (Waas) model.

This basically means that Windows 10 is now on a continuous development, where users get feature and quality updates in a nice and defined timeline.

Feature Updates are deployed 2 times per year and does a in-place upgrade to the machine installing new features on Windows 10.

Quality Updates are monthly and cumulative updates for Windows 10 with no new features.
Just security updates; bug fixes; driver fixes; etc..

This new and continuous development presents a lot of new challenges for system administrators.
One of this challenges is to keep up with everything that changes on the Feature Updates and what’s fixed on the monthly Quality Updates.
There are a couple of things that should be done to anticipate issues and that’s have some users on the IT department as Windows Insiders so they can get the changes way before the corporate users.

Because there’s also a lot of information and things going on between this updates, it’s also important to have a centralized (well, in this case, various) points of information about the different releases and work in progress.

Here’s a list of important website to keep up-to-date with Windows 10 WaaS:

Windows 10 Roadmap

Windows 10 Update History

Windows 10 release information 

What's new in Windows 10

Windows 10 – KB4041676 - Cumulative Update – October 10, 2017

It’s now available the Microsoft Windows 10 Cumulative Update October 10, 2017.
The quality update KB4041676 sets Windows 10 build to version 15063.674.

Improvements and Fixes

• Addressed issue where some UWP and Centennial apps show a gray icon and display the error message "This app can't open" on launch.
• Addressed reliability issue that causes the AppReadiness service to stop working.
• Addressed issue where applications that use the Silverlight map stack stop working.
• Addressed issue where VSync prevents devices from entering Panel Self Refresh mode, which can lead to reduced battery life.
• Addressed issue where user customizations (like pinned tiles) made to an enforced partial Start layout are lost when upgrading to Windows 10 1703.
• Addressed issue where the Universal CRT caused the linker (link.exe) to stop working for large projects.
• Addressed issue that prevents Windows Error Reporting from saving error reports in a temporary folder that is recreated with incorrect permissions. Instead, the temporary folder is inadvertently deleted.
• Addressed issue where the MSMQ performance counter (MSMQ Queue) may not populate queue instances when the server hosts a clustered MSMQ role.
• Addressed issue with the token broker where it was leaking a token that caused sessions to remain allocated after logoff.
• Addressed issue where Personal Identity Verification (PIV) smart card PINs are not cached on a per-application basis. This caused users to see the PIN prompt multiple times in a short time period; normally, the PIN prompt only displays once.
• Addressed issue where using the Cipher.exe /u tool to update Data Recovery Agent (DRA) encryption keys fails unless user certification encryption already exists on the machine.
• Addressed issue where using AppLocker to block a Modern app fails. This issue occurs only with Modern apps that come pre-installed with Windows.
• Addressed issue with form submissions in Internet Explorer.
• Addressed issue with the rendering of a graphics element in Internet Explorer.
• Addressed issue that prevents an element from receiving focus in Internet Explorer.
• Addressed issue with the docking and undocking of Internet Explorer windows.
• Addressed issue caused by a pop-up window in Internet Explorer.
• Addressed issue where a Vendor API deleted data unexpectedly.
• Addressed issue where using the Robocopy utility to copy a SharePoint document library, which is mounted as a drive letter, fails to copy files. However, in this scenario, Robocopy will copy folders successfully.
• Addressed issue where MDM USB restrictions did not disable the USB port as expected.
• Addressed issue where creating an iSCSI session on a new OS installation may result in the "Initiator instance does not exist" error when attempting to connect to a target.
• Addressed issue where connecting to RDS applications published using Azure App Proxy fails. The error message is, “Your computer can’t connect to the Remote Desktop Gateway server. Contact your network administrator for assistance”. The error can occur when the RDP cookie size limit is exceeded. This update increased the size of the RDP cookie limit.

• Addressed issue where USBHUB.SYS randomly causes memory corruption that results in random system crashes that are extremely difficult to diagnose.

• Addressed issue that affects the download of some games from the Microsoft Store during the pre-order phase. Download fails with the error code 0x80070005, and the device attempts to restart the download from the beginning.

• Addressed issue where the ServerSecurityDescriptor registry value does not migrate when you upgrade to Windows 10 1703. As a result, users might not be able to add a printer using the Citrix Print Manager service. Additionally, they might not be able to print to a client redirected printer, a Citrix universal print driver, or a network printer driver using the Citrix universal print driver.

• Security updates to Microsoft Windows Search Component, Windows kernel-mode drivers, Microsoft Graphics Component, Internet Explorer, Windows kernel, Microsoft Edge, Windows Authentication, Windows TPM, Device Guard, Windows Wireless Networking, Windows Storage and Filesystems, Microsoft Windows DNS, Microsoft Scripting Engine, Windows Server, Windows Subsystem for Linux, Microsoft JET Database Engine, and the Windows SMB Server.

Download
You can download this cumulative update from Microsoft Update Catalog

Windows 10 – KB4040724 - Cumulative Update – September 25, 2017

It’s now available the Microsoft Windows 10 Cumulative Update September 25, 2017.
The quality update KB4040724 sets Windows 10 build to version 15063.632.

Improvements and Fixes

• Reliability improvements and fixes for cellular connectivity.
• Addressed issue in Microsoft Edge where on first launch after installing KB4038788, or periodically thereafter, users may observe performance issues or unresponsiveness until the next launch of the browser.

Download
You can download this cumulative update from Microsoft Update Catalog

Windows 10 – KB4038788 - Cumulative Update – September 12, 2017

It’s now available the Microsoft Windows 10 Cumulative Update September 12, 2017.
The quality update KB4038788 sets Windows 10 build to version 15063.608.

Improvements and Fixes

• Addressed issue where the color profiles do not revert to the user-specified settings after playing a full-screen game.
• Updated HDR feature to be turned off by default in the OS.
• Addressed issue where you can't open the Start menu when you add a third-party IME.
• Addressed issue with scanners that rely on inbox driver support.
• Addressed issue in a Mobile Device Manager Enterprise feature to allow headsets to work correctly.
• Addressed issue where some machines fail to load wireless WAN devices when they resume from Sleep.
• Addressed issue where Windows Error Reporting doesn't clean up temporary files when there is a redirection on a folder.
• Addressed issue where revoking a certificate associated with a disabled user account in the CA management console fails. The error is "The user name or password is incorrect. 0x8007052e (WIN32: 1326 ERROR_LOGON_FAILURE)”.
• Addressed issue where LSASS is leaking large amounts of memory.
• Addressed issue where enabling encryption using syskey.exe renders the system unbootable.
• Updated the BitLocker.psm1 PowerShell script to not log passwords when logging is enabled.
• Addressed issue where saving a credential with an empty password to Credential Manager causes the system to crash when attempting to use that credential.
• Updates to Internet Explorer 11’s navigation bar with search box.
• Addressed issue in Internet Explorer where undo is broken if character conversion is canceled using IME.
• Addressed issue with the EMIE where Microsoft Edge and Internet Explorer repeatedly switched between each other.
• Addressed issue where a device may stop responding for several minutes and then stop working with error 0x9F (SYSTEM_POWER_STATE_FAILURE) when a USB network adapter is attached.
• Addressed issue where some apps cannot be opened because the IPHlpSvc service stops responding during the Windows boot procedure.
• Addressed issue where spoolsv.exe stops working.
• Addressed issue where the Get-AuthenticodeSignature cmdlet does not list TimeStamperCertificate even though the file is time stamped.
• Addressed issue where, after upgrading to Windows 10, users may experience long delays when running applications hosted on Windows Server 2008 SP2.
• Addressed RemoteApp display issues that occur when you minimize and restore a RemoteApp to full-screen mode.
• Addressed issue that sometimes causes Windows File Explorer to stop responding and causes the system to stop working.
• Addressed issue that causes the Export-StartLayout cmdlet to fail when exporting the layout of tiles at startup.
• Addressed issue where the option to join Azure AAD is sometimes unavailable during the out-of-box experience.
• Addressed issue where clicking the buttons on Windows Action Center notifications results in no action being taken.
• Re-release of MS16-087- Security update for Windows print spooler components.
• Security updates to Microsoft Graphics Component, Windows kernel-mode drivers, Windows shell, Microsoft Uniscribe, Microsoft Edge, Device Guard, Windows TPM, Internet Explorer, Microsoft Scripting Engine, Windows Hyper-V, Windows kernel, and Windows Virtualization.

Download
You can download this cumulative update from Microsoft Update Catalog

Win7 Deploy – Adding NVM Express Support (KB2990941)

Microsoft Windows 7 SP1 and Windows 2008 R2 SP1 don’t support NVM Express (NVMe) devices that uses the PCI Express (PCIe) bus.
Therefore, when you try to deploy the OS on a machine with this devices, you’ll receive a Blue Screen of Death (BSOD).

To simply solve this, Microsoft has available an hotfix that adds the native NVMe driver support.

Here’s the download link:
KB2990941 - Update to add native driver support in NVM Express in Windows 7 and Windows Server 2008 R2

Powershell Tips – Get Users and Group from a GPO Security Filtering

Using security filtering on GPOs it’s a nice way to apply a GPO to specific groups or users.
But you may find yourself a little bit lost if you need to know every user or group you have configured.

Since Group Policy Management doesn’t allow you to export the users and groups, you’ll need to use a Powershell command to do it.

Here’s how:
Get-GPPermission –Name ‘GPO NAME’ -All | Where Permission –eq GpoApply

And…you’re done!

GPOs – Attention! MS16-072 May Cause Security Filtering GPOs to Fail !!

Here’s an important one!

If you’re using GPOs with users or groups security filtering you may need to make changes after installing MS16-072.

Basically the group policy just…stops working!

This happens because GPO is missing the Read permissions for the Authenticated Users group.

To resolve this:

• Open Group Policy Management Console (GPMC)
• Navigate to the GPO and click Delegation tab on the right
• Add the Authenticated Users group with Read permissions on the GPO

And the GPO works again!

Tips&Tricks – Trace and Analyze Windows Boot and Shutdown with Windows Performance Toolkit

Although most of us know Windows Assessment and Deployment Kit (ADK) for the..Deployment part, there is another great tool there called Windows Performance Toolkit.

This tool can help IT Administrators to analyze performance data in a very practical way using a graphical user interface that really simplifies reading the collected traces.

It’s specially useful when we need to troubleshooting boot or shutdown times.

After installing the tool it’s super easy to start using it to analyze a machine.

Here are some simple command-lines to startup (attention that all commands are case sensitive):

Boot Tracing
xbootmgr –trace boot –traceFlags BASE+CSWITCH+DRIVERS+POWER –resultPath C:\YourPath

Shutdown Tracing
xbootmgr –trace shutdown –noPrepReboot –traceFlags BASE+CSWITCH+DRIVERS+POWER –resultPath C:\YourPath

The above command will generate a the trace files that you can analyze to troubleshoot for example a long boot, and see if the issue is caused by any driver, software, service, etc.

For a very nice, complete and very very informative article about Windows Performance Toolkit please read the following post from MSFN website:
MSFN - Trace Windows 7 boot/shutdown/hibernate/standby/resume issues

Tips&Tricks – Protect Domain Joined Machines w/ Random Local Administrator Passwords and LAPS

It’s fairly usual on any kind middle/large sized enterprise, that the IT Department creates a local administrator to manage their domain joined machines. This could happen for example to make sure that even if there’s an issue with a machine that gets out of domain, the IT guy can still try to recover the machine, or for example if there’s any kind of suspicious activity from a virus for example, this can be useful to login on a machine disconnected from the network.

There’s a clear issue with this. Without the proper tools, the local administrator password will probably be the same on all machines, which it’s an obvious security issue.

With this in mind, Microsoft created a tool called “Local Administrator Password Solution” or…LAPS.

This effective and very useful tool provides a centralized storage of passwords in Active Directory (AD).
You don’t need any additional machines and domain admins can determine which users can read the passwords.

So, the main advantages of using LAPS are:

• Periodically randomizing local administrator passwords
• Centrally store passwords in AD
• Control access to this passwords with AD ACL permissions
• Transmit encrypted passwords from clients to AD (using Kerberos encryption, AES cypher)

Here’s also a diagram of the solution:

After LAPS is configured in your environment you just need a LAPS tool to get the passwords for a machine or use powershell cmd-lets to get them.

You can learn more about Microsoft LAPS on Technet:
Microsoft TechNet - Local Administrator Password Solution

Windows 10 – KB4034674 - Cumulative Update – August, 8 2017

It’s now available the Microsoft Windows 10 Cumulative Update August,8 2017.
The quality update KB4032188 sets Windows 10 build to version 15063.540.

Improvements and Fixes

• Addressed issue where the policies provisioned using Mobile Device Management (MDM) should take precedence over policies set by provisioning packages.
• Addressed issue where the Site to Zone Assignment List group policy (GPO) was not set on machines when it was enabled.
• Addressed issue where the AppLocker rules wizard crashes when selecting accounts.
• Addressed issue where the primary computer relationship is not determined when you have a disjoint NetBIOS domain name for your DNS Name. This prevents folder redirection and roaming profiles from successfully blocking your profile or redirects folders to a non-primary computer.
• Addressed issue where an access violation in the Mobile Device Manager Enterprise feature causes stop errors.
• Security updates to Microsoft Edge, Microsoft Windows Search Component, Microsoft Scripting Engine, Microsoft Windows PDF Library, Windows Hyper-V, Windows Server, Windows kernel-mode drivers, Windows Subsystem for Linux, Windows shell, Common Log File System Driver, Internet Explorer, and the Microsoft JET Database Engine.

If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.

Download
You can download this cumulative update from Microsoft Update Catalog

Tips and Tricks – Activating Windows 10 in 2 Different Ways

If for some reason you’re having trouble to activate Windows 10 (it also works for previous versions) here’s 2 different ways to do it:

Launch Activation GUI

• Click Start
• Type slui 3 and press Enter
• On the Windows Activation window type your product key and you’re done

Command Line Activation

• Launch command-line (cmd) as Administrator
• Type slmgr.vbs /ipk xxxxx-xxxxx-xxxxx-xxxxx-xxxxx (where xxxxxx it’s your product key)
• Press Enter and wait for the confirmation dialog box
• Done

Windows 10 – KB4032188 - Cumulative Update – July, 31 2017

It’s now available the Microsoft Windows 10 Cumulative Update July,31 2017.
The quality update KB4032188 sets Windows 10 build to version 15063.502.

Improvements and Fixes

• Addressed issue that causes a Microsoft Installer (MSI) application to fail for standard (non-admin) users when installed on a per user basis.
• Addressed issue to enable support in the DevDetail Configuration Service Provider (CSP) to return the UBR number in the D part of the SwV node. 
• Addressed issue where NTFS sparse files were unexpectedly truncated (NTFS sparse files are used by Data Deduplication—deduplicated files may be unexpectedly corrupted as a result). Also updated chkdsk to detect which files are corrupted.
• Addressed issue where the IME pad was not launching correctly in the Microsoft Edge browser for certain markets. 
• Addressed issue to allow Win32 applications to work with various Bluetooth LE devices including head tracking devices.
• Addressed issue in the Mobile Device Manager Enterprise feature to allow headsets to work correctly. 
• Addressed issue where device drivers are not loading.
• Addressed a reliability issue when playing specific types of spatial sound content.
• Addressed issue with a dropped key on Microsoft Surface Keyboard and Microsoft Surface Ergo Keyboard, and addressed Wacom active pen connection failures. 
• Addressed issue to improve stability for USB type C during device arrival and removal during system power changes. 
• Addressed USB host controller issue where the host controller no longer responds to the attached peripherals. 
• Addressed MP4 compatibility issue while playing content from a social media site in Microsoft Edge. 
• Addressed issue with audio headsets connected to a PC through Xbox 360 controllers.
• Addressed a reliability issue with launching a Settings app while another application is using the camera device concurrently.
• Addressed issue with notifications (SMS, Calendar) for an activity tracker. 
• Addressed issue with video playback artifacts during transitions from portrait to landscape on mobile devices.
• Addressed issue with Skype calls becoming unresponsive after about 20 minutes when using Bluetooth headsets with Hands-Free Profile (HFP) connections with negotiated mSBC codec (Wideband Speech). 
• Addressed issue where a service using a Managed Service Account (MSA) fails to connect to the domain after an automatic password update. 
• Addressed issue where, in some cases, a drive that utilizes on-drive hardware encryption would not automatically unlock at system startup. 
• Addressed issue where “cipher.exe /u” fails on client machines that are deployed with InTune, Windows Information Protection (WIP), and an updated Data Recovery Agent (DRA) certificate. Cipher.exe will fail with one of the following errors: “The request is not supported" or "The system cannot find the file specified”. 
• Addressed issue where a memory leak occurs in a nonpaged pool with the “NDnd” memory tag when you have a network bridge set up. 
• Addressed issue where you cannot add Work and School accounts in Windows Store, and you may get an error that reads, “We encountered an error; please try signing in again later.” 
• Addressed issue issue where if a Surface Hub enters Sleep mode and then resumes, it may require the user to sign in to Skype again. 
• Addressed issue where some Windows Forms (WinForms) applications that use DataGridView, Menu controls, or call a constructor for a Screen object experienced performance regressions in .NET 4.7. This was caused by additional Garbage Collections. In some cases, there was an empty UI because of a lack of GDI+ handles.Addressed issue where Magnifier Lens users cannot click on buttons or select web content in Microsoft Edge or Cortana results.
• Addressed issue introduced in the June updates where some applications may not launch when a device resumes from Connected Standby mode.

Download
You can download this cumulative update from Microsoft Update Catalog

Petya Ransomware – New Decryption Tool Available..for some strains

Malwarebytes made available a new decryption tool to help people attacked with some strains of Petya ransomware.

Although the tool doesn’t work with the recent variant of Petya outbreak that spawned from Ukraine in June and spread all over the world.

But, at least it can help people to recover files that were affected by the following variants:

• Red Petya
• Green Petya (both versions) + Mischa
• Goldeneye (boolocker + files)

You can download the tool here:
Malwarebytes - Petya Decryption Tool

Free Microsoft eBooks Giveaway!!!

And here’s a Microsoft “extravaganza”!
It’s seems strange…odd…but…Microsoft is giving away millions of ebooks to everyone!

The post on MSDN blog comes from Eric Ligman, Microsoft Director of Sales Excellence and yes…there are old ebooks like “Programming Windows 8 Apps with HTML, CSS, and JavaScript” there’s all kind of things from Azure to Office 2016 or System Center.

So go ahead and have a download spree!
MSDN Blogs - Largest FREE Microsoft eBook Giveaway!

Windows – GPOs – Removing IE Maintenance Settings with Windows 2012 R2

Here’s a tip to remove the “infamous” IE Maintenance gpo settings if you don’t have any way to get your hands on a Windows XP machine or simply wanna do it the “geek way” using Windows 2012 R2.

Follow these steps:

1. Open GPMC
2. Select your GPO
3. Now, on the right-side pane select Details tab
4. Copy, or take note, of the Unique ID
5. Close GPMC
6. Open Active Directory Users and Computers console
7. Make sure Advanced Features is turned on (View > Advanced Features)
8. Navigate to System | Polices
9. On the right-side pane, find the Unique ID you took note
10. Right-click on it and select Properties
11. Now, select Attribute Editor tab and scroll-down to gPCUserExtensionNames attribute and click Edit
12. In the dialog box find the following string and delete it (for proper editing copy/paste the entire string from the dialog box to notepad, delete what you need and copy/paste again to the dialog box)
    [{A2E30F80-D7DE-11D2-BBDE-00C04F86AE3B}{FC715823-C5FB-11D1-9EEF-00A0C90347FF}]
13. Click OK and…you’re done!

Win10 Deploy – Forcing Start Menu Layout and Allow Users to Pin Shortcuts

Following the previous article (Win10 Deploy – Customizing Start Menu and Forcing it with GPO) you could create a customized layout, force the layout to be applied but, the users could not pin any shortcuts they need.

If you want users to be able to do that, just follow these steps after exporting the xml file:

• Edit the xml file exported
• Located the tag “<DefaultLayoutOverride>”
• Change the tag to the following:
  <DefaultLayoutOverride LayoutCustomizationRestrictionType=”OnlySpecifiedGroups”>
• Save the xml file

And it’s all done.

Now, you’re Start Menu layout has the pinned shortcuts you want (locked) and users are able to add they’re own shortcuts.

Tips and Tricks – Outlook – Determine folder path for an email on search results

So…you’re proud ‘cause you have all your emails well organized in Outlook.

Sometimes it happens that with all that organized email structure you find yourself well…lost.
Then you search for other email with same subject, you find a lot of them but still don’t know which folder they’re in.

Here’s a quick tip!

Search the subject, select the email and use the keyboard shortcut “Alt+Enter” to get the folder they’re in!

Hope this saves you some time!