Blog Image

Blog - Dries Willems - Freelance IT Consultant

About the blog

The main reason I use this blog, is to help myself tackling similar issues. You can see this as a very small online documentation library.
Also it is useful for others who experience the same issues.

Send Ctrl+Alt+Del to nested remote desktop session

IT Posted on Thu, November 29, 2018 12:30:44

Send Ctrl+Alt+Del to nested RDP session

Start Run

C:\Windows\explorer.exe shell:::{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}



Run Boot media without “Press any key to boot from…” message

IT Posted on Mon, October 15, 2018 16:50:06

If it is a traditional PC BIOS then the ISO uses the El Torito boot code (etfsboot.com). In this case deleting \boot\bootfix.bin will work.

If it is an EFI BIOS then the ISO should use EFI boot code (efisys.bin).
There is also a efisys_noprompt.bin boot code file that can be used when creating the ISO for EFI systems.
Use that file instead if you want to eliminate the prompt.

Microsoft Technet article: https://technet.microsoft.com/en-us/library/dd744321(WS.10).aspx

————————-

Steps:

Download Windows ADK
Install Deployment Tools

Copy original boot media iso to C:\Temp\NoPrompt
Copy oscdimg.exe, efisys_noprompt.bin and etfsboot.com to C:\Temp\NoPrompt

Run powershellscript below to generate noprompt boot media

—————

## variables ##
$sworkspace = “C:\Temp\NoPrompt\extractedISO”

# NEW ISO
$smynewiso=”C:\Temp\NoPrompt\pd_x64_1803.0.noprompt.iso”

# OLD ISO
$stheiso=”C:\Temp\NoPrompt\pd_x64_1803.0.iso”

$setfsboot=”C:\Temp\NoPrompt\etfsboot.com”
$sefisys =”C:\Temp\NoPrompt\efisys_noprompt.bin”
$soscdimg = “C:\Temp\NoPrompt\oscdimg.exe”

## start script ##
# mount the ISO
$mount = mount-diskimage -imagepath $stheiso -passthru

# get the drive letter assigned to the iso.
$drive = ($mount | get-volume).driveletter + ‘:’

# copy the existing iso to the temporary folder.
copy-item $drive $sworkspace -force -recurse

# remove the read-only attribute from the extracted files.
get-childitem $sworkspace -recurse | %{ if (! $_.psiscontainer) { $_.isreadonly = $false } }

# Create a bootable WinPE ISO file (remove the “Press any button key..” message)
Copy-Item -Path $setfsboot -Destination “$sworkspace\boot” –Recurse -Force
Copy-Item -Path $sefisys -Destination “$sworkspace\EFI\Microsoft\Boot” –Recurse -Force

# recompile the files to an ISO
# This is the part from Johan Arwidmark’s WinPE creation script:
$Proc = $null
$Proc = Start-Process -FilePath “$soscdimg” “-o -u2 -udfver102 -bootdata:2#p0,eb$setfsboot#pEF,e,b$sefisys $sworkspace $smynewiso” -PassThru -Wait -NoNewWindow

if($Proc.ExitCode -ne 0)
{
Throw “Failed to generate ISO with exitcode: $($Proc.ExitCode)”
}

# remove the extracted content.
remove-item $sworkspace -recurse -force

# dismount the iso.
Dismount-DiskImage -ImagePath “$stheiso”

—————

https://www.exitcodezero.ch/2017/12/17/boot-image-without-press-any-key-to-boot-from-message/



Automatically Backup MySQL Databases on Windows

IT Posted on Mon, September 17, 2018 11:46:39

Unlike on Linux, when MySQL is running on Windows, most of sys-admins including myself 🙂 found that backup MySQL Databases on Windows is little bit hard. When trying to automate it, then it would definitely become challenge . However there are lots of free and commercial tools are available to automate MySQL backup process on windows. Here we are going to discus how to achieve same using simple windows batch script. Later we discuss automate the batch script using Windows task scheduler

01) Create batch file

Open notepad and save following script as batch file (.bat) and make sure to change all SET parameters as you need. If you install XAMPP then mysqldump.exe location would be similar as below otherwise you need to change it.

@echo off

For /f “tokens=2-4 delims=/ ” %%a in (‘date /t’) do (set mydate=%%c-%%a-%%b)

For /f “tokens=1-2 delims=/:” %%a in (“%TIME%”) do (set mytime=%%a%%b)

SET backupdir=C:\xampp\htdocs\backup

SET mysqlusername=your_user

SET mysqlpassword=your_pass

SET database=database_name

C:\xampp\mysql\bin\mysqldump.exe -u %mysqlusername% -p%mysqlpassword% -v %database% > %backupdir%\%database%_%mydate%_%mytime%_.sql

02) Automate the MySQL Backup process

i) Open task scheduler

Open a command prompt. To open a command prompt, click Start , click All Programs , click Accessories , and then click Command Prompt .

At the command prompt, type Taskschd.msc .

For alternative options refer this :- https://technet.microsoft.com/en-us/library/cc721931.aspx

ii) Create New Task

Task Scheduler – Create Task

Click on “Create Task…” from right hand side. it will open up “create task” sub windows

please make sure to select “Run whether user is logged on or not” and tick “Run with highest privileges“. You may can change user but

recommend to select user with admin privileges , later you may need to provide credentials of that user.

iii) Schedule the time

From “Triggers” tab select how often back process should happen and it’s time

iv) Set backup process script

From the “Actions” tab select previously saved bat file.

v) Click “OK” and save the task

https://www.tectut.com/2016/04/automatically-backup-mysql-databases-on-windows/



Disk2VHD on a Hyper-V Generation 2 VM results in an unbootable VHDX

IT Posted on Fri, July 20, 2018 10:57:48

First of all create a new generation 2 VM that we’ll use with our new VHDX we created using Disk2VHD.
Don’t create a new vdhx but select to use an existing one and point it to the one we just created with Disk2VHD.
Rename it if needed to something more suitable.

Don’t boot the VM but add a DVD and attach the Windows Server ISO of the version your vhdx contains to the DVD

diskpart

lis disk

lis vol

select volume 3

assign letter L:

FORMAT FS=FAT32 LABEL=”BOOT”

exit

bcdboot C:\Windows /s L: /f UEFI

Disk2VHD on a Generation 2 VM results in an unbootable VHDX

Windows 10 bootrec /fixboot access is denied

https://answers.microsoft.com/en-us/windows/forum/windows_10-performance/windows-10-bootrec-fixboot-access-is-denied/747c4180-7ff3-4bc2-b6cc-81e572d546df?auth=1



Windows 10 V1803 update creates a new OEM Partition

IT Posted on Mon, May 07, 2018 11:53:32

Some people notice after upgrading to Windows 10 April Update, that there is a new partition (recovery partition with Windows PE). Due to the fact, that a drive letter is assigned, the logical drive will be shown in explorer. And Windows 10 starts with annoying notifications, that the disk is full. This forum post describes the situation:

Disk management is failing

The first idea many users have is to remove the drive letter from the disk management partition. If you want to use Disk Management to fix the issue and remove the drive letter from the partition, you will fail in most cases. The context menu does not support commands on this recovery partition.

Open the command prompt window with administrator privileges

diskpart

list volume

select volume <number of your volume>

remove letter=<drive letter of your volume>

exit

( not able to remove letter from drive windows 10 1803 )

Windows 10 V1803 update creates a new OEM Partition



AD: Simple count users in an OU

IT Posted on Sun, April 15, 2018 14:39:10

(Get-ADUser -Filter * -SearchBase “ou=Users,ou=London.UK,ou=EMEA,ou=Divisions,dc=bla,dc=com” -server “bla.com”).count



Run Hyper-V in a Virtual Machine with Nested Virtualization – Inception

IT Posted on Tue, February 06, 2018 14:36:19

Prerequisites

The Hyper-V host and guest must both be Windows Server 2016/Windows 10 Anniversary Update or later.

VM configuration version 8.0 or greater.

An Intel processor with VT-x and EPT technology — nesting is currently Intel-only.

There are some differences with virtual networking for second-level virtual machines. See “Nested Virtual Machine Networking”.

Configure Nested Virtualization

Create a virtual machine.

While the virtual machine is in the OFF state, run the following command on the physical Hyper-V host.
This enables nested virtualization for the virtual machine.

Get-VM

copy VMName

Set-VMProcessor -VMName <VMName> -ExposeVirtualizationExtensions $true

Start the virtual machine.

Install Hyper-V within the virtual machine, just like you would for a physical server. For more information on installing Hyper-V see, Install Hyper-V.

https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/user-guide/nested-virtualization



Secure Password with PowerShell

IT Posted on Tue, January 23, 2018 11:32:47

Command:
(Get-Credential).Password | ConvertFrom-SecureString | Out-File “C:\Temp\ABC_A1000001_PW.txt”

Script:

$username = “ABC\A1000001”

$password = Get-Content ‘\\server.domain.xyz\Scripts\Migration\ABC_A1000001_PW.txt’ | ConvertTo-SecureString

$cred = new-object -typename System.Management.Automation.PSCredential `

-argumentlist $username, $password



Windows 10: Default Start Menu Layout

IT Posted on Thu, January 11, 2018 14:27:22

The current Start Menu after a successful OSD looked a bit messy:

Software that is not installed on the PC doesn’t show up on the Start Menu. (We won’t see any “ghost” tiles or …)

Once they install for example Google Chrome or Office 2016, it will show up automatically on the Start Menu.

The Start Menu is also fully customizable for the end user.

They can move/remove/add everything they want.

The initial Start Menu is just a base where they can customize it to their own desire.

The Start Menu where the default xml is exported from:

Tasksequence step:

Package Content:


StartMenu.xml:
Open Powershell
Export-Startlayout –path C:\Windows\Temp\Startmenu.xml

ImportW10Layout.ps1:
Import-StartLayout -LayoutPath $PSScriptRoot\StartMenu.xml -MountPath $env:SystemDrive\
Copy-Item -Path $PSScriptRoot’\Internet Explorer.lnk’ -Destination $env:SystemDrive’\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories’

http://ccmexec.com/2015/09/customizing-the-windows-10-start-menu-and-add-ie-shortcut-during-osd/



Remove default apps in Windows 10

IT Posted on Wed, July 26, 2017 11:23:56

Remove 3D Builder, Alarms and Clock, Calendar and Mail, Contact Support, Cortana, Get Office, Get Skype, Groove Music, Maps, Microsoft Edge, Money, Movies & TV, News, OneNote, Candy Crush, Get Asphalt, People, Phone Companion, Twitter, Sports, Voice Recorder, Weather and XBOX.

Get-AppXPackage | where-object {$_.name –notlike “*store*”} | Remove-AppxPackage



Install Boot Camp on a old (not supported) Mac running Windows 10 Creators Update

IT Posted on Mon, May 08, 2017 13:17:34


Error: This version of bootcamp is not intended for this computer model.

Download Orca or InstEd It and open the BootCamp/Drivers/Apple/BootCamp.msi file using this software.

Find the table called LaunchCondition and select Drop table.

Save the file and run the BootCamp.msi from within Windows and it should start installing the drivers!

Reboot when prompted and you should be all set!



Hyper-V Manager: Access Denied. Unable to establish communication between … and …

IT Posted on Mon, December 12, 2016 18:27:44

Virtual Machines

Access denied. Unable to establish communication between ‘Hyper-V Server’ and ‘Hyper-V Manager’.

This is puzzling since the workstation has been connected to this particular Hyper-V server many times using other network profiles. The profile we created for the Microsoft folks was seemingly giving us the connection issue.

The fix took a bit of searching to find and needed to be accomplished on the Windows Vista system where the Hyper-V Manager was installed:

Close the Hyper-V Manager

C:\Windows\SysWOW64\dcomcnfg.exe

Right click on dcomcnfg and Run As Administrator.

Authenticate with the local admin credentials if UAC prompts for credentials, or
continue if it does not.

Open the Component Services node, then the Computers node, then right click on My Computer and click on Properties.

Click on the COM Security tab.

Click the Edit Limits button under Access Permissions.

Enable Remote Access for Anonymous Logon

Click Apply and OK.

Close the Component Services console and the Windows Explorer window.

Start the Hyper-V Manager and continue through the UAC.

The virtual machines, if any, will show up in the Hyper-V Manager console after that.

http://blog.mpecsinc.ca/2009/06/hyper-v-error-access-denied-unable-to.html



Alternative download location for HP Softpaq’s

IT Posted on Fri, September 30, 2016 15:29:12

I’ve got some corrupt softpaq downloads using
https://ftp.hp.com/pub/caps-softpaq/cmit/HP_Driverpack_Matrix_x64.html

ftp://ftp.hp.com/pub/softpaq/sp66001-66500/

This one is working

ftp://g4u0180.houston.hp.com/ftp1/pub/softpaq/sp66001-66500/



Install Windows XP on SSD with AHCI mode

IT Posted on Sun, June 05, 2016 17:06:52

Install first Windows XP 32bit on the SSD with IDE mode enabled.

Download Intel® Matrix Storage Manager

IATA89CD.exe

https://downloadcenter.intel.com/download/17882/Intel-Matrix-Storage-Manager

Open CMD
Navigate to IATA89CD.exe with cd

Extract:
IATA89CD.exe -a

Navigate to

C:\Program Files\Intel\Intel Matrix Storage Manager\winall\Driver

Copy/paste all files from that folder into C:\WINDOWS\system32\drivers

Open Device Manager

Go to IDE ATA/ATAPI controllers
Rightclick to update driver on one of them

Select “Install from list or specific location”

Select “Don’t search. I will choose the driver to install”

Select “Have Disk…”

Browse to C:\WINDOWS\system32\drivers

Select iaStor.sys

Click OK

Select driver from the list

“Intel(R) ICH9M-E/M Sata AHCI Controller”

Redo these steps on other controllers until you get a BSOD.

Be sure to change the BIOS to AHCI mode when rebooting the system!

Note: Use winsetupfromusb to load the ISO to your USB Thumb drive
http://www.winsetupfromusb.com/files/download-info/winsetupfromusb-1-6-exe/

———————————

SSD Enhancements

Disabling background disk defragmentation

Key Name:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Dfrg\BootOptimizeFunction\ Name: Enable Type: REG_SZ Value: N

Disable Background auto-layout:

Key Name: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\OptimalLayout Value Name: EnableAutoLayout Type: REG_DWORD Value: 0

Disable update of filesystem’s “last access timestamps”

“Key Name: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FileSystem Name: NtfsDisableLastAccessUpdate Type: REG_DWORD Value: 1

Disable Prefetch

Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters Name: EnablePrefetcher Type: REG_DWORD Value: 0

Optionally: Go to the system settings and disable the swap file (pagefile) unless you are very low on system memory, and disable the system restore service unless needed. You can also move the temporary and log files directories away to non-SSD media if available, see below.

Now, close the registry editor, reboot and you are done. Easy, wasn’ t it? Remember not use defrag utilities on SSD disks! For additional details, please refer to – http://msdn.microsoft.com/en-us/library/ms912916(v=winembedded.5).aspx — Some of above information is collected from there.

Partition alignment

Align your partitions so that they start and end at 4k disk blocks. E.g. read this post on Anandtech. Any modern partition tool will do this automatically. I recommend GParted. However the Windows XP partitioner is old and will do this wrong in most cases. The reason is that modern drives, including SSDs and hard disks, operate on 4k data blocks at a time. If the partition is misaligned all partition blocks stretch across disk blocks. If a partition block is processed the drive will need to actually process two disk blocks! This slows disk operations down.

File system settings

If you format the partition, make sure to set the file system allocation block size to 4k. For XP, it is best to choose NTFS as the file system and 4096 as the Allocation Unit Size, check Quick Format, and hit “Ok”. Am I missing something crucial? Please tell me, it will be appreciated.



Update group membership without reboot

IT Posted on Tue, December 08, 2015 13:27:43

One solution would be to reboot the computers in the environment. This would clear the Kerberos tickets from all session caches. However, rebooting a server is not always allowed in production and in some cases the server needs to be available 24×7.

klist -li 0:0x3e7 purge



Retrieve Windows 10 key after upgrade

IT Posted on Sun, November 01, 2015 18:26:06

Option Explicit

Dim objshell,path,DigitalID, Result
Set objshell = CreateObject(“WScript.Shell”)
‘Set registry key path
Path = “HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\”
‘Registry key value
DigitalID = objshell.RegRead(Path & “DigitalProductId”)
Dim ProductName,ProductID,ProductKey,ProductData
‘Get ProductName, ProductID, ProductKey
ProductName = “Product Name: ” & objshell.RegRead(Path & “ProductName”)
ProductID = “Product ID: ” & objshell.RegRead(Path & “ProductID”)
ProductKey = “Installed Key: ” & ConvertToKey(DigitalID)
ProductData = ProductName & vbNewLine & ProductID & vbNewLine & ProductKey
‘Show messbox if save to a file
If vbYes = MsgBox(ProductData & vblf & vblf & “Save to a file?”, vbYesNo + vbQuestion, “BackUp Windows Key Information”) then
Save ProductData
End If

‘Convert binary to chars
Function ConvertToKey(Key)
Const KeyOffset = 52
Dim isWin8, Maps, i, j, Current, KeyOutput, Last, keypart1, insert
‘Check if OS is Windows 8
isWin8 = (Key(66) \ 6) And 1
Key(66) = (Key(66) And &HF7) Or ((isWin8 And 2) * 4)
i = 24
Maps = “BCDFGHJKMPQRTVWXY2346789”
Do
Current= 0
j = 14
Do
Current = Current* 256
Current = Key(j + KeyOffset) + Current
Key(j + KeyOffset) = (Current \ 24)
Current=Current Mod 24
j = j -1
Loop While j >= 0
i = i -1
KeyOutput = Mid(Maps,Current+ 1, 1) & KeyOutput
Last = Current
Loop While i >= 0
keypart1 = Mid(KeyOutput, 2, Last)
insert = “N”
KeyOutput = Replace(KeyOutput, keypart1, keypart1 & insert, 2, 1, 0)
If Last = 0 Then KeyOutput = insert & KeyOutput
ConvertToKey = Mid(KeyOutput, 1, 5) & “-” & Mid(KeyOutput, 6, 5) & “-” & Mid(KeyOutput, 11, 5) & “-” & Mid(KeyOutput, 16, 5) & “-” & Mid(KeyOutput, 21, 5)

End Function
‘Save data to a file
Function Save(Data)
Dim fso, fName, txt,objshell,UserName
Set objshell = CreateObject(“wscript.shell”)
‘Get current user name
UserName = objshell.ExpandEnvironmentStrings(“%UserName%”)
‘Create a text file on desktop
fName = “C:\Users\” & UserName & “\Desktop\WindowsKeyInfo.txt”
Set fso = CreateObject(“Scripting.FileSystemObject”)
Set txt = fso.CreateTextFile(fName)
txt.Writeline Data
txt.Close
End Function



Hyper-V Server 2012 R2 Explorer

IT Posted on Tue, September 22, 2015 17:41:19

Configuring the firewall

I already explained Server Core acts as a file server without installing anything. All you need to do is permit file services through the firewall. In the standard firewall configuration there’s already a pre-built exception you can enable by typing the following command:

netsh firewall set service fileandprint

https://dirteam.com/sander/2007/09/19/getting-installation-files-onto-server-core/



Versions of Microsoft products

IT Posted on Tue, September 22, 2015 16:53:06

https://buildnumbers.wordpress.com/



Enable dotNet 3.5 on Windows 10

IT Posted on Mon, August 17, 2015 10:28:50

Windows 10 comes with .NET framework 4.5 pre-installed, but many apps developed in Vista and Windows 7 era require the .NET framework v3.5 installed along with 4.5.

These apps will not run unless you will install the required version.

When you try to run any such app, Windows 10 will prompt you to download and install .NET framework 3.5 from the Internet.

Here is how to install it offline using DISM from Windows Kits for Windows 10.

Dism /Get-WIMInfo /WimFile:S:\Temp\install.wim

Dism /Mount-WIM /WimFile:S:\Temp\install.wim /Index:1 /MountDir:S:\Temp\offline

Dism /Image:S:\Temp\offline /Enable-Feature /FeatureName:NetFX3 /All /Source:H:\sources\sxs /LimitAccess

Dism /Image:S:\Temp\offline /Add-Package /PackagePath:S:\Temp\de-de

Dism /Image:S:\Temp\offline /Add-Package /PackagePath:S:\Temp\fr-fr

Dism /Image:S:\Temp\offline /Add-Package /PackagePath:S:\Temp\nl-nl

Dism /Unmount-WIM /MountDir:S:\Temp\offline /Commit

Dism /Cleanup-WIM



Windows failed to apply the TCPIP settings

IT Posted on Thu, August 13, 2015 12:59:30

Remove the following file”C:\Windows\System32\GroupPolicy\Machine\Registry.pol”

run gpupdate /force



Accessing HKCU and HKCR from Remote Registry

IT Posted on Mon, August 03, 2015 12:04:26

When you open registry editor and connect to a remote system, the only hives you will see are HKEY_LOCAL_MACHINE and HKEY_USERS. The other two hives, HKEY_CLASSES_ROOT and HKEY_CURRENT_USER are there too, but are under the two visible hives. So for all purposes, I am only going to explain here how to access the once that are not openly evident.

HKEY_CLASSES_ROOT

This hive is located under HKEY_LOCAL_MACHINE\SOFTWARE\Classes

HKEY_CURRENT_USER

This hive is more tricky to find because you have to correlate what the SID is to the user. This can be done by going to HKEY_USERS and parsing through each SID. Ignore the SIDs that have only 4 sets of numbers (i.e. S-1-5-18). These are system accounts. The best way I found to parse through and find who the user is is to go to HKEY_USERS\<SID>\Software\Microsoft\Windows\CurrentVersion\Run. Under this key will be a list off applications that are set to run when the system is booted up. You can look at the data field and there will usually be a few apps that will say “c:\users\<username>”, which will give away who the user of that SID is.

There is another way and that would be to remotely run a WMI query to find out who the current user is and the SID for that user.

http://mickitblog.blogspot.be/2012/03/accessing-all-hives-from-remote.html



Virtual Machine tweaks for a better performance

IT Posted on Thu, February 12, 2015 14:19:28

Over the last couple of months I gathered the following tweaks for a better performance insight the virtual machine, besides disabling / uninstalling useless services and devices:

– Disable the pre-logon screensaver:

Open Regedit

HKEY_USERS\.DEFAULT\Control Panel\Desktop

Change the value of “ScreenSaveActive” to 0.

– Disable updates of the last access time attribute for your NTFS filesystem, especially for i/o intensive vm’s this is a real boost:

Open CMD

fsutil behavior set disablelastaccess 1

– Disable all visual effects:

Properties on your desktop

Appearance -> Effects

Disable all options.

– Disable mouse pointer shadow:

Control Panel -> Mouse

Click on the tab “pointers” and switch “enable pointer shadow” off.

– Uninstall Tablet PC Components, unless this feature is needed.

– Disable IPv6, unless it is needed.

– Use the File System Utility (fsutil) command to disable the setting that keeps track of the last time a file was accessed.

For example: fsutil behavior set disablelastaccess 1

– Start the Registry Editor (regedit.exe) and change the TimeOutValue REG_DWORD in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Disk to0x000000be(190).

– Shut down the guest operating system and power off the virtual machine.

Change the virtual machine video card RAM setting to 128 MB.

Power on the virtual machine.

https://pubs.vmware.com/view-50/topic/com.vmware.view.administration.doc/GUID-E712DAE6-88DF-4208-BEFA-09513A01A26E.html

Virtual Machine tweaks for a better performance



SCCM collection to list all the Laptop computers

IT Posted on Wed, January 28, 2015 17:07:42

You can identify if the computer is Laptop or Desktop based on its chassis Types.

Below are listed the Chassis types available to create SCCM collection or reports.

For Laptops Chassis Types : 8 , 9, 10, 11, 12, 14, 18, 21

For Desktop Chassis Type : 3, 4, 5, 6, 7, 15, 16

For server Chassis Type: 23

Below is the collection to list all the computers which are laptops which fall in above Chassis type. All these values are from SQL table called SMS_G_System_SYSTEM_ENCLOSURE .If you are looking to create SCCM report,you can create using Views(v_GS_SYSTEM_ENCLOSURE).

You can also replace the values with Desktop computers or servers also you can use joins to club these with AD groups for deploying the applications based on this.

select SMS_R_System.ResourceId, SMS_R_System.ResourceType, SMS_R_System.Name, SMS_R_System.SMSUniqueIdentifier, SMS_R_System.ResourceDomainORWorkgroup, SMS_R_System.Client from SMS_R_System inner join SMS_G_System_SYSTEM_ENCLOSURE on SMS_G_System_SYSTEM_ENCLOSURE.ResourceID = SMS_R_System.ResourceId where SMS_G_System_SYSTEM_ENCLOSURE.ChassisTypes in ( “8”, “9”, “10”, “11”, “12”, “14”, “18”, “21” )

Here are some sample reports/queries available which you can make use of it

http://myitforum.com/cs2/blogs/snorman/archive/2007/09/18/count-of-chassis-types-by-collection.aspx

http://wmug.co.uk/wmug/b/eskonr/archive/2010/11/16/sccm_2d00_collection_2d00_to_2d00_list_2d00_all_2d00_the_2d00_laptop_2d00_computers



MSI Products

IT Posted on Wed, January 28, 2015 11:14:22

HKEY_CLASSES_ROOT\Installer\Products

of

HKLM\Software\Classes\Installer\Products



Collection queries for SCCM 2012 R2 CU3 Update

IT Posted on Mon, January 19, 2015 17:10:44

COL_Devices_without_ClientUpdate_2012R2CU3

select SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name,SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System inner join SMS_G_System_COMPUTER_SYSTEM on SMS_G_System_COMPUTER_SYSTEM.ResourceID = SMS_R_System.ResourceId inner join SMS_G_System_SMS_ADVANCED_CLIENT_STATE on SMS_G_System_SMS_ADVANCED_CLIENT_STATE.ResourceID = SMS_R_System.ResourceId where SMS_G_System_COMPUTER_SYSTEM.SystemType = “x64-based PC” and SMS_G_System_SMS_ADVANCED_CLIENT_STATE.DisplayName = “CCM Framework” and SMS_G_System_SMS_ADVANCED_CLIENT_STATE.Version >= “5.00.7958.1000” and SMS_G_System_SMS_ADVANCED_CLIENT_STATE.Version < “5.00.7958.1401”

COL_Devices_with_SCCM_Console

select SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name,SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System inner join SMS_G_System_ADD_REMOVE_PROGRAMS on SMS_G_System_ADD_REMOVE_PROGRAMS.ResourceId = SMS_R_System.ResourceId where SMS_G_System_ADD_REMOVE_PROGRAMS.DisplayName like “%System Center 2012 R2 Configuration Manager Console%”

For 64-bit OS also use
or SMS_G_System_ADD_REMOVE_PROGRAMS_64.DisplayName like “%Applicationname%”



Redistribute a hidden package SCCM 2012

IT Posted on Mon, January 05, 2015 11:01:32

Redistribute a hidden package.

Apply the following powershell script

$SiteCode = “XXX”
$PackageID = “XXX00003”
$distpoints = Get-WmiObject -Namespace “root\SMS\Site_$($SiteCode)” -Query “Select * From SMS_DistributionPoint WHERE PackageID=’$PackageID'”
foreach ($dp in $distpoints)
{
$dp.RefreshNow = $true
$dp.Put()
}

https://social.technet.microsoft.com/Forums/en-US/d2e5366f-f7c3-4691-9011-ad35ed25ab74/configuration-manager-client-upgrade-package-missing?forum=configmanagerdeployment&prof=required



SCCM 2012: Failed to get client identity (80004005)

IT Posted on Mon, December 22, 2014 15:16:20

PXE keeps rebooting after “preparing Network connection”. Errors: “reply has no message header marker”, “Failed to get client identity (80004005)”, “Failed to request for client”

OSD Boot media cannot see TS

Resolution: Set correct time in BIOS!

cmd:
date
time

http://777notes.wordpress.com/2012/10/09/sccm-2012-failed-to-get-client-identity-80004005/



Change StagingDrive Offline servicing of Operating System Images

IT Posted on Wed, December 10, 2014 17:41:44

You can keep your operating system images updated with the latest software updates from Microsoft using the offline servicing feature of Configuration Manager. Here are a few facts you may not know:

Software updates content is not retrieved over the wide area network, rather it is obtained locally from the Configuration Manager content library on the site server where offline servicing is performed. This prevents excessive network traffic during the application of updates.

You can specify to continue if an error occurs while applying the selected updates to an OS image. As a result, if some updates fail to be applied to the image, servicing will apply the remaining updates.

Upon completion of the offline servicing process, you can specify that the updated version of the OS image is automatically distributed to all distribution points where it resides.

Offline servicing stages temporary data on the site server when the process runs, and uses the drive on which Configuration Manager is installed. One common request is to configure offline servicing to use the specified drive of the site server. Let’s say you want to specify the “F:” drive for offline servicing to stage and mount the OS image and store software updates files. Here’s how to do this using the Windows Management Instrumentation Tester utility (wbemtest.exe).

Launch wbemtest.exe.

Connect to the Configuration Manager namespace on the site server. For example, if your site code is “CCP”, connect to namespace “root\sms\site_CCP”.

Next click Query, enter the following, and then click Apply:

SELECT * FROM SMS_SCI_Component WHERE SiteCode=’CCP’ AND ItemName LIKE ‘SMS_OFFLINE_SERVICING_MANAGER%’

Double-click on the result.

Double-click on the “Props” property in the list.

Click “View Embedded”.

There will be four entries returned in the list. Double-click on each to find the one where the PropertyName field is “StagingDrive”.

Change Value1 in the list to “F:” (in this example).

Click “Save Object”.

Click “Close”.

Click “Save Property”.

Click “Save Object”.

Click “Close”.

Now the next time offline servicing runs it will stage all of its files in the folder F:\ConfigMgr_OfflineImageServicing.

–Vladimir Sorokin

http://blogs.technet.com/b/configmgrteam/archive/2013/07/15/customizing-offline-servicing-of-operating-system-images.aspx



SCCM 2012 Task Sequence – Install all updates

IT Posted on Wed, December 10, 2014 17:34:32

1: Scan for updates
powershell.exe -command “([wmiclass]’root\ccm:SMS_Client’).TriggerSchedule(‘{00000000-0000-0000-0000-000000000113}’)”

2: Wait for Scan to Finish
powershell.exe -command start-sleep 500

3: Install All Updates

4: Restart Computer

Re-apply these steps 3 times



How to Update the Surface Pro 3 Firmware Offline using a USB Drive

IT Posted on Wed, December 10, 2014 15:00:13

Today’s blog post is a collaboration between our PFE group and premier support. Joao Botto (PFE), Kyle Blagg (PFE), and Scott McArthur (Support) are writing about their favorite device. You will see this post in the askpfeplat and askcore blogs.

Some of you may know that we launched Surface Pro 3 before its gigabit network adapter and Docking Station were available, and that has led to some customers experiencing issues such as:

· Slow PXE performance downloading a boot.wim

· Surface Pro 3 not charging when in docking station

Both of these issues are due to older firmware. When you unbox a Surface Pro 3, there will be newer firmware available, due to the time difference between when the device is manufactured and finally makes its way to you.

This post focuses on the Surface Pro 3, but this same process can be utilized on the Surface Pro and Surface Pro 2 (but not the Surface RT/Surface 2 devices).

If you are deploying a custom image using Microsoft Deployment Toolkit (MDT), System Center Configuration Manager, or other deployment tool you may want to address these firmware issues before you deploy your custom image. We have developed a method to use a USB Windows PE drive that automatically updates the Surface firmware when you boot with it.

Other possible workarounds, instead of using the method describe in this blog post are to have a boot.wim on a USB drive instead of PXE, or go through OOBE and immediately use Windows Update to apply the latest Surface drivers/firmware.

Introduction

Firmware updates reprogram the chips inside your device, making it better than ever before. They are shipped in what we call capsules, but they look like regular drivers:

image

If this interests you, check out the blog post from the Surface Team about how Windows Update Makes Surface Better

Before you start this recipe you will need the following ingredients:

Latest Surface Pro Firmware Updates from the driver pack

Windows Assessment and Deployment Kit (ADK), specifically the Deployment Tools and Windows PE components of this kit

A USB flash drive

IMPORTANT:

· Do not try to update the Touch Firmware using this method.

· This guidance will not work if the Surface Pro disk was formatted (and a new Operating System wasn’t loaded) or if the disk is encrypted.

· To prevent accidental device shutdown, the firmware updates will only be applied when the device has 40% or more of battery. We strongly recommend you fully charge your battery before proceeding with the firmware update.

Drivers

Extract the Surface driver pack you previously downloaded, and select the EC, SAM and UEFI firmware updates. All these firmware capsules are in the Microsoft > FW folder.

image

Copy the EC, SAM and UEFI the firmware files to a folder. In my example I called this folder Pro3 and put it in C:\SurfaceFW\Pro3

Reminder: DO NOT try to update touch firmware using this process.

image

Windows PE

From the ADK you must make sure you have installed the Deployment Tools and Windows PE:

image

From that point you will have the Deployment and Imaging Tools Environment (which is essentially a command line window with additional tools in the path). Run it as Administrator.

image

At this point you’re ready to start preparing a version of Windows PE x64 that will be used to update the firmware. It’s very important to use the x64 version since x64 UEFI isn’t able to load an x86 OS.

When you install the ADK the default folder (on a x64 install of Windows) for Windows PE is C:\Program Files (x86)\Windows Kits\8.1\Assessment and Deployment Kit\Windows Pre-installation Environment

In that folder you will find the WinPE images for x86 and x64, and some scripts that make the creation of a WinPE flash drive extremely easy.

image

Change directory to this folder: cd “C:\Program Files (x86)\Windows Kits\8.1\Assessment and Deployment Kit\Windows Preinstallation Environment”

From the elevated prompt you will have to start by running the first script by executing the command copype amd64 C:\WinPE_amd64 to place the original WinPE image in that folder.

Then you will use the same elevated prompt to run MakeWinPEMedia /UFD C:\WinPE_amd64 E: (the E: drive is my flash drive, which will be reformatted, and C:\WinPE_amd64 is the working folder I supplied in the previous command).

image

The first step is to create a folder (in my case c:\mount), and then mount the mount the WinPE image using this command: dism /Mount-Image /ImageFile:E:\sources\boot.wim /index:1 /MountDir:c:\mount

image

Then you should inject the firmware updates into Windows PE: dism /Image:C:\mount /Add-Driver /Driver:C:\SurfaceFW\Pro3 /Recurse

You should see all firmware updates being successfully injected.

image

Note: Make sure all three firmware updates were successfully injected into Windows PE. You should see the “The driver package was successfully installed” message like in the example above.

To unmount the WinPE image just run the following command:

dism /Unmount-Image /MountDir:C:\mount /commit

image

You can now boot to your new WinPE environment by plugging the flash drive to your new Surface Pro (while it’s turned off) and then start the device with Power + Volume Down. Keep holding the volume down button until a few seconds after your device displays the Surface logo. Once WinPE loads, you’ll see a blank screen and a command prompt will automatically process the updates.

The firmware will be updated without any user interaction and your Surface will reboot automatically when it’s done. You will then see “Please wait while we install a system update” for a few minutes and your Surface Pro 3 will reboot again when it’s ready.

If you want to validate that the update was successful you can boot into the UEFI settings (start the device by pressing Power + Volume Up) and look under device information. If you see the Asset Tag field that would indicate your UEFI firmware was updated from the version that shipped in the original image. Over time this method may not be usable for validation since at some point the image that is shipped with the device will already have this version of the firmware by default. Another option for validating firmware versions is to press Shift+F10 at the first page of the OOBE and open devmgmt.msc to check the firmware versions. Note: If you use this process to update the firmware and then goto Windows Update, you will likely see a firmware update offered. This is normal. The firmware is updated but the driver currently installed is not up to date. The offered update will install the driver that shows the updated firmware

We will be improving this process over time so look for updates to this blog for some additional features such as automatically checking for battery level and other ways to determine the firmware was updated.

Scott “I fix all Surface Issues” McArthur, Kyle “my Surfaces are on TV” Blagg, and Joao “let’s do it!” Botto

http://blogs.technet.com/b/askpfeplat/archive/2014/10/20/how-to-update-the-surface-pro-3-firmware-offline-using-a-usb-drive.aspx



Create empty file for unique driver import in SCCM 2012

IT Posted on Wed, December 10, 2014 11:27:42

By simply adding a unique text file to the driver folder it creates a different hash value and allows you to import the same driver even if the actual drivers already have been imported.

Just put the above code into a batch file at the root of your directory structure for a given model and name it for that hardware model; e.g., name it Optiplex755.bat and put it in the root of the folders housing the Optiplex 755 drivers.

—————————————–

@ECHO OFF

for /f “tokens=*” %%G IN (‘dir /ad /b /s’) DO (

echo. > “%%G\%~n0.txt”

)

—————————————–

Executing this simple batch file will create an empty text file named Optiplex755.txt in every sub-directory.

Repeat as necessary for each model and each model’s top-level driver folder.

If you add or change any drivers for a model, just re-execute the script.

http://myitforum.com/cs2/blogs/jsandys/archive/2010/04/05/duplicate-drivers-helper-script.aspx
https://wbracken.wordpress.com/2009/09/26/adding-duplicate-drivers-to-sccm-sp1/



Excluding specific computers from becoming ConfigMgr 2012 clients

IT Posted on Sun, December 07, 2014 22:42:27

This registry editing trick has been around forever, but still works in ConfigMgr 2012! In fact, it’s the preferred way to keep the ConfigMgr client software from installing on specific computers in your organization.

A couple NOTEs: This only blocks ConfigMgr client software when using the site-wide automatic push method. You can still use any other method to install the client, ex. manually running CCMSetup.exe. Also, this does not exclude the computer from being “discovered”, just that the client software will not be installed once it is discovered liked non-excluded computers.

To do it…

On the ConfigMgr site server, run the Registry Editor.

Navigate to the SMS_DISCOVERY_DATA_MANAGER sub-key which is located within HKEY_LOCAL_MACHINE/Software/Microsoft/SMS/Components/SMS_DISCOVERY_DATA_MANAGER

Locate the ExcludeServers key and edit the Multi-String value.

Enter the NetBIOS name of each computer you want to exclude. Each computer name must be on its own separate line.

Hit OK and close out the Registry Editor.

http://myitforum.com/myitforumwp/2012/02/01/same-as-before-excluding-specific-computers-from-becoming-configmgr-2012-clients/



XCOPY Files / Folder

IT Posted on Thu, November 20, 2014 13:11:47

File
xcopy fzdefaults.xml “%ProgramFiles(x86)%\FileZilla FTP Client\fzdefaults.xml”* /I /S /Y /C /R

xcopy *.ora “c:\oracle\product\11.2.0\client_86\network\admin\”* /I /S /Y /C /R

Folders & Subfolders
xcopy .\swl\*.* C:\SWL /I /S /Y /C /R



Importing Existing Computers into a Device Collection

IT Posted on Thu, November 20, 2014 10:30:03

Main Installer

http://myITforum.com/myitforumwp/wp-content/uploads/2012/06/SCCMRCT1.0.zip

Updates for 2012

http://myITforum.com/myitforumwp/wp-content/uploads/2012/06/2012Update1.0.EXE.zip

Fixes the issue with restarting the ConfigMgr Agent Host on the client tools

http://myITforum.com/myitforumwp/wp-content/uploads/2012/06/2012Update1.21.exe

Fixes the issue with performing an Application Deployment Evaluation Cycle on both clients and collections

http://myITforum.com/myitforumwp/wp-content/uploads/2012/09/2012Update1.34.exe

Fixes the issue with files being copied to the wrong location.

https://social.technet.microsoft.com/Forums/en-US/c5aaaa8e-cdd8-400b-8749-8a233a3f0a52/importing-existing-computers-into-a-device-collection?forum=configmanagergeneral&prof=required

ConfigMgr 2012 – Powershell Right Click Tools Version 2.0

https://psrightclicktools.codeplex.com/



Speed Up SCCM TFTP Performance to PXE clients

IT Posted on Thu, November 20, 2014 10:24:29

It’s possible to change the size of the blocks used for the Trivial File Transfer Protocol (TFTP) transfer; the larger the block size, the greater the performance. Microsoft’s recommendation is to not set higher than 16384; in addition, you must use multiples of 4096, such as 8192, 16384, and so on. I got a huge performance boost from using a value of 16384. Perform the following steps:

Log on to the Configuration Manager PXE Windows Deployment Services (WDS) server.

Open the registry editor (regedit.exe).

Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SMS\DP.

From the Edit menu, select New, DWORD value.

Enter a name of RamDiskTFTPBlockSize and press Enter.

Double-click the new value.

Set the Base to Decimal and set the value (e.g., 16384).

Click OK.

Restart the WDS server service.

http://windowsitpro.com/configuration-manager/speed-sccm-tftp-performance-pxe-clients



Apply Operation System Failes SCCM 2012 Migration

IT Posted on Mon, October 27, 2014 17:13:23

Task Sequence problem after SCCM 2007 to SCCM 2012 R2 migration

Ran into some problem after I had migrated a SCCM 2007 site to SCCM 2012 R2 CU3

When running the Task Sequence I got the following errors in SMSTS.LOG

Empty location for package: _SMSTSXXX000F1 ApplyOperatingSystem

Installation of image 1 in package XXX000F1 failed to complete..

The system cannot find the file specified. (Error: 80070002; Source: Windows) ApplyOperatingSystem

Changing the operating system package properties under Data Access to “Copy the content in this package to a package share on distribution Points” would have been the solution to this problem.



Adobe Reader XI MUI Installation does only install English

IT Posted on Fri, October 17, 2014 11:53:23

My client had a problem with an update of Adobe Reader version 11.
After updating, only english was available.
The update was a MUI version …

After verifying the files and folders, I noticed that the “Locale” folder wasn’t created.
I installed Adobe Reader 11 MUI normaly (not in silent mode) and choose another language then English.
After the installation just copy the “Locale” folder in the Program folder of Adobe Reader.
C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Locale

I copied the “Locale” folder into the Customization Wizard and overwrote all files.



Disable Java Add-On in Internet Explorer

IT Posted on Fri, September 19, 2014 17:28:28

Computer Configuration (Enabled)

Policies

Administrative Templates

Policy definitions (ADMX files) retrieved from the central store.Windows Components/Internet Explorer/Security Features/Add-on Management

Policy Setting Comment

Add-on List Enabled

Add-on List

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} 0

{DBC80044-A445-435B-BC74-9C25C1C588A9} 0



Update NTP Server

IT Posted on Wed, September 17, 2014 10:57:46

w32tm /configure /manualpeerlist:”be.pool.ntp.org” /syncfromflags:manual /reliable:yes /update

net stop w32time

net start w32time

w32tm /resync /rediscover



Run VBScripts OSD Task Sequence

IT Posted on Wed, August 13, 2014 16:11:23

Backup Registry
REG EXPORT HKLM\Software\Microsoft\COM3 %temp%\com.reg /y

Change Registry Key
REG ADD HKLM\Software\Microsoft\COM3 /v REGDBVersion /t REG_BINARY /d 010000 /f

Move Computer to New OU
wscript.exe Move_Comp_To_OU.vbs “OU=New,OU=Computers,OU=XX,DC=XX,DC=XX”
Disable 64-bit file system redirection
PKG_XX_OSD_Scripts
XX.XX\srv-dom

Restore Registry Backup
REG IMPORT %temp%\com.reg



Install Fonts on Windows 7 OSD Task Sequence

IT Posted on Wed, August 13, 2014 16:07:48

Copy Fonts to Temp
xcopy *.ttf %SystemDrive%\Temp /Y /I /Q
PKG_XX_XX

Set PowerShell Execution Policy
Powershell.exe -noprofile -command “Set-ExecutionPolicy Bypass LocalMachine” -force

Run Add-Font.ps1
Powershell.exe -noprofile -file Add-Font.ps1 -path “%SystemDrive%\Temp”
PKG_XX_OSD_Scripts

Revert PowerShell Execution Policy
Powershell.exe -noprofile -command “Set-ExecutionPolicy RemoteSigned LocalMachine” -force

Remove C:\Temp
cmd.exe /c rmdir “%SystemDrive%\Temp” /S /Q



Disjoin of a domain computer

IT Posted on Fri, June 06, 2014 11:38:38

Windows 7:

Install Package KB958830

cmd /c start /w pkgmgr /iu:RemoteServerAdministrationTools-Roles-AD-DS-SnapIns;RemoteServerAdministrationTools-Roles-AD-DS;RemoteServerAdministrationTools-Roles-AD;RemoteServerAdministrationTools-Roles;RemoteServerAdministrationTools

run batfile ==>

@echo off

hostname.exe > __t.tmp

set /p host=<__t.tmp

del __t.tmp

c:\windows\system32\netdom.exe remove /d:mydomain %host% /ud:mydomain\serviceaccount /pd:P@ssw0rd

Windows Server 2012 R2:

DISM /online /enable-feature /featurename=ActiveDirectory-Powershell /all

@echo off

hostname.exe > __t.tmp

set /p host=<__t.tmp

del __t.tmp

c:\windows\system32\netdom.exe remove /d:data %host%



Run CMD within the App-V bubble

IT Posted on Tue, April 22, 2014 13:47:19

PS H:\> $appv=get-appvclientpackage -name *visio*
PS H:\> $appv

PackageId : 7828a894-5155-4f3d-923e-a0b91ce5835c
VersionId : a6ec2f50-114b-4cee-ba42-277cb70b6f46
Name : SDV_Microsoft_VisioPrem_2010SP2_01.00_EN
Version : 0.0.0.1
Path : C:\WINDOWS\ccmcache\57\SDV_Microsoft_VisioPrem_2010SP2_01.00_EN.appv
IsPublishedToUser : True
UserPending : False
IsPublishedGlobally : False
GlobalPending : False
InUse : True
InUseByCurrentUser : True
PackageSize : 1671256007
PercentLoaded : 100
IsLoading : False
HasAssetIntelligence : True

PS H:\> Start-AppvVirtualProcess -FilePath cmd.exe -AppvClientObject $appv



Sequence Visio 2010 with App-V 5.0 SP2

IT Posted on Tue, April 15, 2014 14:32:50

http://support.microsoft.com/kb/2830069

1. Install OffVirt

Office2010AppVKit-x64.exe
http://www.microsoft.com/en-us/download/details.aspx?id=10386

msiexec /i OffVirt.msi ADDLOCAL=OSpp,OSpp_Core,OSppWoW64 PROPLUS=1 VISIOPREM=1 PIDKEYS=CK796-QYJ67-JVKWX-QJ9GD-W3CKX USEROPERATIONS=1

2. Download and Extract the Office 2010 sequencing kit for App-V

Microsoft Office 2010 Sequencing Kit for Microsoft Application Virtualization 5.0.EXE
http://www.microsoft.com/en-us/download/details.aspx?id=38399

3. Start the App-V Sequencer

Click on Tools -> Options…

Open the “Exclusion Items” tab and add the following:

[{Common AppData}]\Microsoft\OfficeSoftwareProtectionPlatform

[{Common AppData}]\Microsoft\Windows

With Mapping Type = “VFS”



Remotely Unpublish and Remove App-V 5.0 Package

IT Posted on Mon, April 14, 2014 10:22:32

Run Powershell(x86) as an Administrator

Enter-PSSession -ComputerName LAP123 -Credential Labo\Admin

Get-AppvClientPackage -All

Unpublish-AppvClientPackage

PackageId

VersionId

Remove-AppVClientPackage

PackageId

VersionId

Don’t forget to remove the folder in the SCCMcache!
\\LAP123\c$\Windows\ccmcache\..



Detect Installed KB with Powershell & VBScript for SCCM 2012

IT Posted on Mon, March 24, 2014 10:13:57

get-hotfix | Where-Object {$_.HotFixID -match “KB2835517”}

wusa.exe “Windows6.3-KB2835517-x64.msu” /quiet /norestart /log:%WINDIR%\Temp\Install_SDC_Microsoft_MediaPack_1.0_01.00_ML.log

wusa.exe /uninstall “Windows6.3-KB2835517-x64.msu” /kb:KB2703761 /quiet /norestart /log:%WINDIR%\Temp\Uninstall_SDC_Microsoft_MediaPack_1.0_01.00_ML.log

_____________________________________________________________

<span class=”rem”>’Returns info if Windows Management Framework 3 in installed</span>

<span class=”rem”>’ ———————————————————-‘ </span>

<span class=”kwrd”>Option</span> Explicit

<span class=”kwrd”>Dim</span> objWMIService, strComputer

strComputer = <span class=”str”>&quot;.&quot;</span>

<span class=”rem”>’Run the query</span>

<span class=”kwrd”>Set</span> objWMIService = GetObject(<span class=”str”>&quot;winmgmts:&quot;</span> _

&amp; <span class=”str”>&quot;{impersonationLevel=impersonate}!\\&quot;</span> _

&amp; strComputer &amp; <span class=”str”>&quot;\root\cimv2&quot;</span>)

<span class=”kwrd”>Dim</span> QFEs

<span class=”kwrd”>Dim</span> QFE

<span class=”kwrd”>Set</span> QFEs = objWMIService.ExecQuery (<span class=”str”>&quot;Select * from win32_QuickFixEngineering where HotFixID like ‘KB2506143’&quot;</span>)

<span class=”kwrd”>For</span> <span class=”kwrd”>Each</span> QFE <span class=”kwrd”>in</span> QFEs

Wscript.echo <span class=”str”>&quot;Update KB2506143 was installed by &quot;</span> &amp; QFE.InstalledBy &amp; <span class=”str”>&quot; on &quot;</span> &amp; QFE.InstalledOn

<span class=”kwrd”>Next</span>

WScript.Quit



Sort by OS Language

IT Posted on Tue, March 11, 2014 11:53:26

DE: “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Nls\Language\InstallLanguage” (REG_SZ) equals “0407”

EN: “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Nls\Language\InstallLanguage” (REG_SZ) equals “0409”

FR: “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Nls\Language\InstallLanguage” (REG_SZ) equals “040C”

NL: “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Nls\Language\InstallLanguage” (REG_SZ) equals “0413”



Temp

IT Posted on Wed, February 19, 2014 14:45:48

setup.exe /Q /W /I setup.ini

msiexec /X {5783F2D7-D028-0409-0100-0060B0CE6BBA} MSIRESTARTMANAGERCONTROL=Disable /qb-!

http://forums.autodesk.com/t5/DWG-TrueView/DWG-Trueview-2013-silent-installation-on-different-path-Windows/td-p/3467892

http://usa.autodesk.com/adsk/servlet/pc/item?siteID=123112&id=9078813

——————-

http://www.itninja.com/software/xmind/xmind/3-5187

http://www.xmind.net/download/win/

Installation:

xMind 3.1.1.exe /S

Deinstallation:

%ProgramFiles%\XMind\uninstall.exe /S

No Upadate:

you have to create and copy the org.xmind.cathy.prefs file.

The file must include following rows:

eclipse.preferences.version=1

checkUpdatesOnStartup=false

and copy it to:

%AppData%\XMind\workspace-cathy\.metadata\.plugins\org.eclipse.core.runtime\.settings

No Dialog on Startup:

like no update. You need following rows in the net.xmind.verify.prefs file:

SUPPRESS_SIGN_IN_DIALOG_ON_STARTUP=true

eclipse.preferences.version=1

and copy it also to:

%AppData%\XMind\workspace-cathy\.metadata\.plugins\org.eclipse.core.runtime\.settings\

for version 3.2.1

in the “net.xmind.verify.prefs”

STARTUP_SIGN_IN_DIALOG_SHOWED=false



IE Default Searchprovider

IT Posted on Mon, February 17, 2014 13:58:47

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes]
“DefaultScope”=”{012E1000-F331-11DB-8314-0800200C9A66}”
“KnownProvidersUpgradeTime”=hex:1c,21,6c,bd,bf,2b,cf,01
“Version”=dword:00000003
“UpgradeTime”=hex:e4,ab,d7,bd,bf,2b,cf,01

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}]
“DisplayName”=”Google”
“URL”=”http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}”
“ShowSearchSuggestions”=dword:00000001
“SuggestionsURL”=”http://clients5.google.com/complete/search?q={searchTerms}&client=ie8&mw={ie:maxWidth}&sh={ie:sectionHeight}&rh={ie:rowHeight}&inputencoding={inputEncoding}&outputencoding={outputEncoding}”
“FaviconURL”=”http://www.google.com/favicon.ico
“FaviconPath”=”C:\\Users\\vantorre\\AppData\\LocalLow\\Microsoft\\Internet Explorer\\Services\\search_{012E1000-F331-11DB-8314-0800200C9A66}.ico”

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
“Deleted”=dword:00000001



Troubleshooting Application Catalog

IT Posted on Thu, February 13, 2014 13:53:50

Troubleshooting tips for client communication to the Application Catalog:

Ensure that the Configuration Manager client is successfully assigned to a site and operational by checking LocationServices.log and ClientIDManagerStartup.log.

Verify that the client can communicate with the management point. For example, check out any HTTP errors in the CcmMessaging.log file.

Check the LocationServices.log file for any errors during the time you browsed to the Application Catalog. One typical reason for Application Catalog failures in this log is client communication failures to the management point, indicated by the following error: “Failed to send web service info Location Request Message.” In this case, verify that the management point is operational and reachable from the client computer.

If you have recently installed the Application Catalog roles, the configuration on the site system server might take some time to complete. If you have a central administration site, make sure that sites are replicating successfully. In this scenario, information about the Application Catalog roles must replicate to the central administration site and then back to the primary site before the Application Catalog is fully operational. For example, until the replication is complete, users will not be able to request or install applications from the Application Catalog.

Ensure that the domain and user name that is displayed in the top right corner of the Application Catalog matches the user that is logged in to Windows, especially if Internet Explorer prompts the user for credentials.

Ensure that any required Internet Explorer plugins are enabled and not explicitly blocked in Internet Explorer. For more information, see Prerequisites for Client Deployment in Configuration Manager on TechNet.

If you have configured client settings to add the URL to the trusted sites and the URL is not added to the trusted sites zone, check whether the client successfully downloads client policy and also check group policy settings in your environment to ensure that the Configuration Manager client can add the URL to the trusted sites zone.

If the Application Catalog shows an error page, the error will also be displayed in the ConfigMgrSoftwareCatalog.log. You can find the log file by searching the user profile folder. For example, in Windows 7, you can find the log file inside the following folder:

%systemdrive%\Users\<username>\AppData\LocalLow\Microsoft\Silverlight

Note that the error in this log most likely indicates one of the issues mentioned previously.

If you see the following error message when you request or install software in the Application Catalog, ensure that the domain and user name that is displayed in the top right corner of the Application Catalog matches the user that is logged in to Windows. If you are prompted for a user name and password, do not specify a different account from the one that you used to log in to Windows. In addition, you will see the same error message if the client setting Install permissions prevents you from installing software (for example,this setting is configured for Only administrators and your account is not a member of the local Administrators group).



Deploy printer drivers during ConfigMgr task sequence

IT Posted on Wed, February 12, 2014 16:46:07

Last week it was needed to install printer drivers on already deployed Windows 7 systems. Because driver packages can be used only during OS deployment (within a task sequence) that was not an option. Lucky me I found another way for doing this, just use the PnPutil command to do this. Let’s have a look at the needed steps now!

Create a new software package (instead of a driver package) without a program, and per model. Add all the packages created to a task sequence, using the “Run command line” option. Put in a name, select the needed package (created before), select a account with enough permissions (because drivers cannot be installed with the system account afterwards), and add a command line:

xcopy *.* C:\Temp\Drivers\ /I /S /Y /C /R

from Package

cmd.exe /c PnPutil.exe -i -a C:\Temp\Drivers\*.inf

After that all .inf files available in the package will be scanned and needed drivers installed cq. injected in the Windows 7 driver store. In my opinion a very easy solution to install (printer) drivers on already installed systems. Hope it helps!

Source: danovich.com.au > Thanks for sharing!

http://henkhoogendoorn.blogspot.be/2013/07/deploy-printer-drivers-during-configmgr.html



Query OS+Program

IT Posted on Wed, February 05, 2014 15:41:11

select * from SMS_R_System inner join SMS_G_System_ADD_REMOVE_PROGRAMS on SMS_G_System_ADD_REMOVE_PROGRAMS.ResourceId = SMS_R_System.ResourceId where SMS_R_System.OperatingSystemNameandVersion = “Microsoft Windows NT Workstation 6.3” and SMS_G_System_ADD_REMOVE_PROGRAMS.DisplayName = “Adobe Reader XI (11.0.05) MUI”



Application Catalog and Software Center in System Center 2012 Configuration Manager

IT Posted on Mon, February 03, 2014 11:45:30

Object type

Collection resources

Deployment

Application Catalog

Software Center

Application

Users or groups

Available deployment,
does not require approval

Yes

After installation is initiated successfully from the Application Catalog

Users or groups

Available deployment,
requires approval

Yes

After the application is approved

Users or groups

Required deployment

No

Yes

Computers

Available or required deployment

No

Yes

Package and program

Users or groups

Available deployment

Yes

After installation is initiated successfully from the Application Catalog

Users or groups

Required deployment

No

Yes

Computers

Available or required deployment

No

Yes

http://blogs.technet.com/b/configmgrteam/archive/2012/03/31/introducing-the-application-catalog-and-software-center-in-system-center-2012-configuration-manager.aspx



SCCM User/System Query

IT Posted on Tue, January 28, 2014 16:31:46

Reminder for myself 😉

Device Collection:
select * from SMS_R_System where SMS_R_System.SystemGroupName = “DATA\\GG_SDC_IBM_Notes_ML_PROD”

User Collection (managedby):
select SMS_R_USER.ResourceID,SMS_R_USER.ResourceType,SMS_R_USER.Name,SMS_R_USER.UniqueUserName,SMS_R_USER.WindowsNTDomain from SMS_R_User where SMS_R_User.DistinguishedName in (select SMS_R_System.managedBy from SMS_R_System where SMS_R_System.SystemGroupName = “DATA\\Domain Computers”) and SMS_R_User.UserGroupName = “DATA\\GG_SDV_FreeMind_FreeMind_ML_PILOT”

AD Computer Object: Managedby field must be filled in!



SMSTS.LOG

IT Posted on Tue, January 28, 2014 12:07:14

Reminder for myself 🙂

During OS Deployment

Before your hard drive is formatted and partitioned

X:\windows\temp\smstslog\

After your hard drive is partitioned formatted

X:\smstslog\ and then is in C:\_SMSTaskSequence\logs\smstslog\

Within Windows

Within Windows before the SCCM agent is installed:

C:\_SMSTaskSequence\logs\smstslog\

Within Windows after the SCCM agent installed:

C:\windows\system32\ccm\logs\smstslog\

When the Task Sequence completes on a x86

C:\windows\system32\ccm\logs\

For x64 Systems

C:\windows\SysWOW64\ccm\logs\

You will need to enable your boot.wim with f8 support to retrieve the log if it bombs out before apply OS stage so that you can bring up the command prompt and copy the log to a share on the network.



Remove Welcome to Google Chrome window

IT Posted on Wed, January 22, 2014 16:43:15

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Policies\Google\Chrome] “SyncDisabled”=dword:00000001

You need to enable the StartUp Pages in the GPO. Enable Action on startup and the other, URLs to open at startup and enter the URL(s) you want to open.

and use GPO for settings

master_preferences does not work on 32.0 …



Enable dotNet 3.5 on Windows 8.1

IT Posted on Tue, October 29, 2013 14:54:48

Use the same OS when using DISM!

Offline Image:
Dism /Get-WIMInfo /WimFile:C:\Temp\install.wim
Dism /Mount-WIM /WimFile:C:\Temp\install.wim /Name:”Windows 8.1 Enterprise N” /MountDir:C:\Temp\offline
Dism /Image:C:\Temp\offline /Enable-Feature /FeatureName:NetFX3 /All /Source:D:\sources\sxs /LimitAccess
Copy languages to C:\Temp
Dism /Image:C:\Temp\offline /Add-Package /PackagePath:C:\Temp\de-de
Dism /Image:C:\Temp\offline /Add-Package /PackagePath:C:\Temp\fr-fr
Dism /Image:C:\Temp\offline /Add-Package /PackagePath:C:\Temp\nl-nl
Dism /Unmount-WIM /MountDir:C:\Temp\offline /Commit

Current Image:
Dism /Online /Enable-Feature /FeatureName:NetFX3 /All /Source:D:\sources\sxs /LimitAccess

Remember:
First add NetFX3 and add the languages later

dism windows 8.1 netfx3 80070490
Error when running DISM /Online /Cleanup-Image /RestoreHealth – error 0x800f0906
How to troubleshoot error 0x800F081F when installing roles and features
http://blogs.technet.com/b/askcore/archive/2012/05/14/windows-8-and-net-framework-3-5.aspx
http://support.microsoft.com/kb/2785188



Can’t boot from Win7 USB drive on Apple Computer

IT Posted on Sat, December 29, 2012 23:50:54

I can’t boot from a Windows 7 USB pen drive on my iMac begin 2008 (shortname IM81)

Verify Apple Computer Version on wikipedia http://en.wikipedia.org/wiki/Intel_iMac

If you have only 2 options in the boot camp assistant, or if bootcamp doesn’t recognize the windows installer disk when its on a bootable usb, it’s because bootcamp doesn’t recognize your MAC as a model that should install windows from a USB, its actually quite easy to fix, just follow these simple steps:

1. go to Applications>Utilities> right click on boot camp and click Show Package Conents, you’ll find a folder inside called Contents. Inside that folder exists a file called info.plist.

2. Right click on the folder containing the file > get info > change permissions so any user can read & write. Do the same for the file itself (right click > get info…).

3. Right click on info.plist and choose Open with > Text Edit.

4. at the end of the document theres a list of strings that contain different versions of Mac computers, the list is titled something like: “USB boot Versions”, add your Mac’s version to the string list ( MB40 ) if your version is Macbook 4,1 (you can see this by clicking on the System information App in the Utilities folder).

5. save the file and change back the permissions on the file and folder.

Now open boot camp and you should see the option to create a Windows 7 installler on a USB, and also bootcamp will look for a windows installation on any USB’s after you partition the hard drive.

That should get you past the bootcamp assistant phase, assuming your usb is indeed bootable, your mac should partition the disk and boot into the USB and start the installation (for some reason mine doesn’t recognize the USB as bootable but thats another issue)

FYI: Windows Official ISO’s http://www.mydigitallife.info/official-windows-7-sp1-iso-from-digital-river/



Increase Maximum Kerberos Token Size

IT Posted on Mon, December 03, 2012 11:52:07

The kerberos SSPI package generated an output token of size 12750 bytes, which was too large to fit in the token buffer of size 12000 bytes, provided by process id 4.

The output SSPI token being too large is probably the result of the user willdrie901@INTRA.*.*.* being a member of a large number of groups.

It is recommended to minimize the number of groups a user belongs to. If the problem can not be corrected by reduction of the group memberships of this user, please contact your system administrator to increase the maximum token size, which in term is configured machine-wide via the following registry value: HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Parameters\MaxTokenSize.

How to fix this …

REGEDIT:

HKEY_LOCAL_MACHINE\ SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Parameters

create New DWORD: “MaxTokenSize” with decimal value “48000”

reboot your machine



Export Certificate with private key

IT Posted on Sat, February 25, 2012 14:37:43

download (and launch with administrative privileges) http://blog.gentilkiwi.com/mimikatz (trunk version for last version)

privilege::debug (or not if you’re already system)

crypto::patchcng (nt 6)

crypto::exportCertificates CERT_SYSTEM_STORE_LOCAL_MACHINE “CA”

crypto::exportCertificates CERT_SYSTEM_STORE_LOCAL_MACHINE “My”

crypto::exportCertificates CERT_SYSTEM_STORE_LOCAL_MACHINE “…”

pfx files are passwords protected “mimikatz”

Greetings 😉



The request failed with HTTP status 407

IT Posted on Thu, February 23, 2012 16:15:56

System.Net.WebException: The request failed with HTTP status 407: Proxy Authentication Required ( The ISA Server requires authorization to fulfill the request. Access to the Web Proxy filter is denied. ).~~ at Microsoft.UpdateServices.Administration.AdminProxy.CreateUpdateServer(Object[] args)~~ at Microsoft.UpdateServices.Administration.AdminProxy.GetUpdateServer(String serverName, Boolean useSecureConnection, Int32 portNumber)~~ at Microsoft.SystemsManagementServer.WSUS.WSUSServer.ConnectToWSUSServer(String ServerName, Boolean UseSSL, Int32 PortNumber)

Solution

Remove following keys from the registry HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\InternetSettings\Connections\SavedLegacySettings



Driver for DP BACKPLANE SCSI Enclosure

IT Posted on Tue, February 14, 2012 11:52:14

Driver for “DP BACKPLANE SCSI Enclosure Device”

DellBPA05.exe (110KB)

http://www.dell.com/support/drivers/us/en/555/DriverDetails/DriverFileFormats?c=us&l=en&s=&cs=555&DriverId=R220657



Broadcom BCM5709S NetXtreme II GigE iSCSI Adapter Windows 2003 Driver

IT Posted on Mon, February 13, 2012 17:05:09

Drivers Broadcom BCM5709S NetExtreme II GigE iSCSI Adapter Windows 2003

http://www.broadcom.com/support/license.php?file=NXII/win_2k3_2k8-14.4.8.4.zip

Microsoft Storport Hotfix KB957910

A Windows Server 2003 SP2-based iSCSI boot server cannot generate dump files if the server uses a Storport virtual miniport as the LUN controller

http://support.microsoft.com/kb/957910

Broadcom BCM5709S NetXtreme II GigE iSCSI Adapter

B06BDRV\L4SC&PCI_163A14E4B06BDRV\L2ND&PCI_163A14E4PCI\VEN_14E4&DEV_163A
Code 37



LSI Logic Parallel Server 2003 driver

IT Posted on Wed, January 18, 2012 15:34:53

We had a problem installing Windows Server 2003 on a vm with LSI Logic Parallel but came up with a BSOD with message 0x…07B

So the Harddrive wasn’t recognized.

Here is the driver for vmware esxi 4.1

http://www.lsi.com/downloads/Public/SCSI%20HBAs/SCSI%20HBAs%20Common%20Files/LSI20320-R_xp_50700_01034132IT_1201800_1005239.zip

enjoy 😉



Install Microsoft Hyper-V Core op USB

IT Posted on Tue, May 31, 2011 10:51:27

Installatie OS op USB stick


In de volgende stappen bespreken we hoe je Microsoft Hyper-V Server 2008 R2 installeert op een USB stick.

Voorbereiding

Om dit proces te vervolledigen moet je de volgende zaken hebben.

– Een USB stick met minstens 8GB aan schijfruimte (Dit is de minimum vereiste voor Hyper-V Server 2008 R2

– ISO Hyper-V Server 2008 R2

– Windows Automated Installation Kit (WAIK)

– Een PC die Windows 7 of Windows Server 2008 R2 heeft

– De server moet een x64 processor hebben

1. Start CMD op als administratorWe maken een VHD op driveletter F: met een grootte van 14500 MB.

Een vast ingestelde grootte staat voor een betere performantie)

Diskpart

create vdisk file=F:\virtualharddisk.vhd maximum=14500 type=fixed

select vdisk file=F :\virtualharddisk.vhd

attach vdisk

list disk

select disk disknumber

create partition primary

select partition 1

active format fs=ntfs quick

assign

laat dit venster open en start een nieuwe CMD op als administrator 

2. Download en installeer Windows AIK from Microsoft (1.7 GB).

Hieruit haal je ImageX dat je straks nodig hebt.

3. Uit de WIM file haal je de versies die je nodig hebt

imagex /info E:\sources\install.wim

4. nu ga je terug naar de diskpart cmd

diskpart

select vdisk file=F:\virtualharddisk.vhd

attach vdisk

list volume

5. We kopieren de bootfiles van de vhd naar de USB stick.

bcdboot D:\Windows /s F: /v

6. Wanneer dit gedaan is keer je terug naar de cmd met diskpart

detach vdisk

exit



Install driver from cmd dos prompt

IT Posted on Wed, April 27, 2011 11:58:02

When installing a core server like Hyper-V Server or a regular windows server 2008 core you may have the problem that not all drivers are installed.

I installed hyper-v server on a dell system and thee network drivers weren’t installed.

The options are …

– slipstream the drivers in the iso

– install drivers from an usb stick via cmd

– …

just type in cmd

rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 c:\”where your inf file is located”

check your driveletters if you use a cd or usb stick

If that didn’t work … no worries

I placed the driver files on my c dir

(adding files to a core server ???? … I took the HDD and placed it in an Sata quickport pro from Sharkoon)

run cmd as administrator

these were my broadcom drivers

pnputil -i -a c:\b57nd60a.inf

pnputil -i -a c:\k57nd60a.inf

🙂