Windows 10 Automatically Uninstalls Problematic Software Updates

Patch Management is an important role of a Sysadmin in the Enterprise, because securing endpoints with security updates to keep systems secure and functional, receive fixes that resolve issues, and patch security holes is highly important. However, with the frequency of security updates which are released these days, patch management tasks feels like a full-time job!

For the most part, monthly patches are straight forward, however in recent months, they have been problematic where they have caused system crashes, blue screens, application functionality issues, and introduced other bugs. Some faulty patches are quickly reversed or rectified by Microsoft, while others go unfixed for a longer duration causing further duress and downtime in many organizations. This has been a major pain point for Sysadmins in the field.

Well, we may have some reprieve from these buggy patches. Microsoft has announced that it will start uninstalling problematic patches automatically from Windows 10 systems when it detects a startup issue due to incompatibility or issues stemming from a recently installed patch. The following notification will be presented:
“We removed some recently installed updates to recover your device from a startup failure.”

According to this KB4492307 posted by Microsoft, the problematic patch will not be reinstalled for 30 days to allow Microsoft and it’s partners to investigate and fix the issues. This process seems like a good proactive approach by Microsoft to get a handle of buggy patches, however more information is needed in terms of how this will work with detection, deployments, and compliance of these patches using ConfigMgr and WSUS as mechanisms for patch management in the enterprise. Time will tell, we hope!

Please like & share:

Free Microsoft Learning For AI

Microsoft is a leading edge company for Artificial Intelligence (AI) and has been working in this space for quite some time to bring AI into business processes including several Microsoft products.

Today, Microsoft announced via a blog post “Microsoft launches business school focused on AI strategy, culture and responsibility” that it is providing a free learning platform for AI at Microsoft AI Business School. This is going to be a hot sector in the Information Technology industry and now is a good time to get your feet wet with some AI knowledge. Happy learning!

Please like & share:

Fix WordPress “Destination Folder Already Exists”Issue

I encountered an issue with my WordPress hosted site when I was attempting to install a plugin, in this case the WP Statistics plugin. I know I had previously installed this plugin but it did not show up in my installed plugin list in the WordPress Admin dashboard. The installation fails with an error: “Installation failed: Destination folder already exists.”

When you install a WordPress theme or plugin, WordPress will extract and copy the folder from a zip file into the wp-content/themes or wp-content/plugins directory. If the folder already exist, then WordPress is unable to copy the files and therefore generates the error. This can happen if the theme or plugin files that are already installed are missing or corrupted.

Here’s the fix for this issue:

  • Use a FTP client such as FileZilla, and connect to your WordPress site.
  • Drill down into the wp-content/plugins directory and delete the plugins folder which you are having issues with. In my case the WP Statistics plugin folder.
  • Once the folder is deleted, go back to your WordPress admin site and reinstall the plugin. You should see a successful installation and at which point, you can activate the plugin and configure the settings if necessary.
Please like & share:

Enable Windows 10 Administrator Account

This post is not to emphasize or promote the use of the local administrator account or provide such level of access to your users. IT Professionals and security experts will tell you that providing local administrator account privileges for end users is risky as it can introduce lots of issues such as ransomware attacks, malware infections, risk of compromised systems, and Pass-the-Hash attacks to name a few.

The local administrator account on a Windows 10 system is disabled by default. If you need to enable it for troubleshooting purposes or for some management tasks, you can do so in 3 ways.

Option 1: Computer Management

  • Click Start > search for Computer Management
  • Expand Local Users and Groups
  • Expand Users
  • Right-click on Administrator account
  • Uncheck Account is disabled box > click Apply and OK
  • Right-click Administrator account
  • Click on Set Password
  • Click on Proceed
  • Enter new password as desired
  • Confirm password > click OK

Option 2: Command Prompt

  • Click on Start > search for Command Prompt
  • Right-click and Run as Administrator
  • Type the following command and press enter:

net user “Administrator” /active:yes

Option 3: PowerShell

  • Click on Start > search for PowerShell
  • Right-click and Run as Administrator
  • Type the following command and press enter:

Get-LocalUser -Name “Administrator” | Enable-LocalUser

To disable the local Administrator account:

Get-LocalUser -Name “Administrator” | Disable-LocalUser

Please like & share:

ConfigMgr Guidance For SQL CE Levels

What is Cardinality Estimation or SQL CE Level?
The Cardinality Estimator is a SQL Server Query Processor component that is responsible for predicting the number of rows that the query will return. Microsoft provides some great documentation about SQL CE which you can read more on Microsoft Docs.

As for how SQL CE works and it’s importance with ConfigMgr, Umair Khan of Microsoft has shared a great blog post explaining the details, which you can read more here:
https://blogs.technet.microsoft.com/umairkhan/2019/01/28/configmgr-current-branch-1810-guidance-for-the-sql-ce-levels-with-various-sql-versions

Please like & share:

PowerShell – Random Password Generator

ps-random-password

Generate random passwords using PowerShell.

Found this method from https://www.scriptjunkie.us/2013/09/secure-random-password-generation/ and modified by Sean Martin (myITforum.com PowerShell usergroup).

Please like & share:

Finding and Removing Unused VMware Horizon View Replica Virtual Machines

vmware-vr-1

Purpose

This article provides steps to find one or more unused replicas in the datastore and to safely remove them.

Resolution

If the parent virtual machine or snapshot is changed in the pool settings, a new replica virtual machine is created. The previous replica becomes unused and is deleted after the recompose completes. The View composer automatically deletes the replica from vCenter Server and the Composer database. Under certain conditions, the replica virtual machine information may exist in the Composer database and the vCenter Server Inventory after any linked clone associated with the replica is deleted. This results in an unused replica.

Finding and removing unused replicas

To find and remove unused replicas:
  1. In vCenter Server or the server where the composer is installed, stop the VMware View Composer service.Note: When this service is down, no recompose, refresh, or provisioning operations occur. Use a convenient maintenance window.
  2. Click Start, type Services, and Press Enter.
  3. Click VMware View Composer Service.
  4. Click Stop.
  5. Click Start > Run, type cmd, and click OK. The command prompt opens.
Note: In the Windows Server 2008 machines, the command prompt must be run as an Administrator.
To run the command prompt as an Administrator:
  1. Click Start > Run, type cmd, and click OK. The command prompt opens.
  2. Hold Ctrl + Shift, and press Enter.
  3. Navigate to the View Composer install directory.
    • On a Windows 32-bit server, navigate to C:\Program Files\VMware\VMware View Composer.
    • On a Windows 64-bit server, navigate to C:\Program Files (x86)\VMware\VMware View Composer.
  4. Run the sviconfig.exe command with the FindUnusedReplica operation:

    SviConfig.exe -operation=FindUnusedReplica -DsnName=DSN_Name -Username=User_Name -Password=Password

    Where:

    • DSN_Name is the name of the compose database DSN
    • User_name is the user name of composer database owner
    • Password is the password of composer database ownerFor example:SviConfig.exe -operation=FindUnusedReplica -DsnName=ComposerDB -Username=sa -Password=secretNotes:
    • If the DsnName contains spaces, use quotes around the value.
    • If there are two composer databases on the server due to an older database, and the command is run against the incorrect database, the currently used replicas is moved to the unused folder as the old database does not recognize them.

    To determine the Composer DB DSN, user and password:

    1. In the vCenter Server hosting the Composer service, Click Start > Programs > Administrative Tools > Data Sources (ODBC).
    2. Click the System DSN tab.
    3. Click the Composer database entry. This is the value you enter for DsnName in the sviconfig command.
    4. Click Edit.
    5. The username is visible and should match the entry in the Composer configuration in the View Manager.
  5. If the command finds any unused replicas, they are listed in a new file created in the current directory ( unused-replica-*.txt).
  6. Unused replicas can be unprotected and moved to a unique folder with the parameter:-move=trueFor example:SviConfig.exe -operation=FindUnusedReplica -DsnName=ComposerDB -Username=sa -Password=secret -Move=trueNotes:
    • When using the move=true option, you receive warning pop-ups. These are safe to ignore.
    • Note the UnusedViewComposerReplicaFolder is created automatically if it does not exist, and unused replicas are moved to this folder.
  7. Open a vSphere Client and connect to vCenter Server.
  8. Click Inventory > VMs and Templates.
  9. Remove the replicas located at the UnusedViewComposerReplicaFolder.
  10. Start the VMware View Composer service.
Note: To view the help file for findUnusedReplicas:
  1. Click Start > Run, type cmd, and click OK. The command prompt opens and navigate to the View Composer install directory.
  2. Run this command:SviConfig.exe -operation=findUnusedReplica

Additional Information

See Also

Please like & share:

PCoIP connections to VMware Horizon View 5.1.x / 6.1 Desktops With Multiple Network Adapters Fail

PCoIP connections to VMware Horizon View 5.1.x / 6.1 desktops with multiple network adapters fail (2062604)

Symptoms

  • Attempting to connect to Horizon View desktops with multiple network adapters fail.
  • You see errors similar to:
    • Unable to launch from Pool <pool> for user <domain/user>: There were no machines available that reported protocol [PCoIP] as ready
    • The Display Protocol For this Desktop is currently not available
    • The connection to the remote computer ended
Note: The issue can also be observed when connecting to View desktops having single network adapter.

Resolution

To resolve this issue, configure the subnet that the View Agent uses by setting the value for the subnet mask registry in Parent Virtual Machine.
Warning: This procedure modifies the Windows registry. Before making any registry modifications, ensure that you have a current and valid backup of the registry and the virtual machine. For more information, see Microsoft KB article 136393.
Note: The preceding link was correct as of June 17, 2015. If you find a link is broken, provide a feedback and a VMware employee will update the link.
To open the Windows Registry:
  1. Click Start > Run, type regedit, and click OK.
  2. Go to the registry key – HKEY_LOCAL_MACHINE\software\vmware inc\vmware vdm\node manager\subnet.

    For View 6.1 – Go to the registry key HKEY_LOCAL_MACHINE\software\vmware inc\vmware vdm \IpPrefix
  3. Set the value to n.n.n.n/m (REG_SZ). Note: where n.n.n.n is the TCP/IP subnet and m represents the number of bits in the subnet mask.
For more information:

Source: http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2062604

Please like & share:

Microsoft Deployment Toolkit (MDT 8456) Released

The Microsoft Deployment Toolkit (MDT) has been released and the most current build (8456) which can be downloaded from the Microsoft Download Center. This update requires the Windows Assessment and Deployment Kit (ADK) for Windows 10 version 1709 (10.1.16299.15) which is available for download on the Microsoft Hardware Dev Center.

The official MDT release note are available here:
https://docs.microsoft.com/en-us/sccm/mdt/release-notes

Some of the significant changes in this update include:

  • Supported configuration updates
    • Windows ADK for Windows 10, version 1809
    • Windows 10, version 1809
    • Configuration Manager, version 1810
  • Major changes
    • Nested task sequence support for LTI scenario
    • Modern language pack supportNote 1
    • Support for Configuration Manager version 1810Note 2
    • IsVM evaluates to False on Parallels VMs
    • IsVM = False when VMware VM is configured with EFI boot firmware
    • Gather doesn’t recognize All-in-One chassis type
    • MDT doesn’t automatically install BitLocker on Windows Server 2016
    • BDEDisablePreProvisioning typo in ZTIGather.xml

Check out Johan Arwidmark’s “A Geeks Guide for upgrading to MDT 8456” blog post for steps to upgrade MDT as a standalone and in ConfigMgr.

The following post provides some information on How to get help with MDT, in case you need it.

Please like & share:

Windows Server 2019 Now Available

The ISO download for Windows Server 2019 has been released and is now available from the Microsoft Volume Licensing Service Center (VLSC) portal. You’ll find the 64-bit ISO file with a download size of 4351 MB.


Here’s a short description of Windows Server as seen in the VLSC portal. To learn more about Windows Server 2019, such as features, deployment, management, system requirements, and more, read HERE!

Please like & share: