Bug: Applocker GUI in Windows Server 2012 R2 crashes when trying to select a user
This Windows Server 2012 R2 problem is identical to the following Win 10 problem I found on the forum, posted April 18, 2017.
Bug: Applocker GUI in win10 1703 crashes when trying to select a user
https://social.technet.microsoft.com/Forums/windows/en-US/78e035be-0357-42b3-b308-e01cde23bad7/bug-applocker-gui-in-win10-1703-crashes-when-trying-to-select-a-user?forum=win10itprosecurity
This problem occurs with RSAT/GPMC and Local Security Policy MMC.
I use AppLocker a lot, but only got bit by this issue this week. I initially thought it was related to June updates, but apparently not. The systems I have found to have this problem also have .NET 4.7 installed, which was just done last week, so quite coincidental.
If I run Local Security Policy on W12R2 systems which do NOT have .NET 4.7, but DO have all other Windows updates through June 2017, it appears to work so far (two such systems have been tested but not with RSAT).
I have seen the following "unhandled exception" in the Application Event log when this occurs, which suggests .NET involvement:
Source: .NET Runtime
Date: 6/19/2017 4:35:57 PM
Event ID: 1026
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: <Removed>
Description:
Application: mmc.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ArgumentException
at Microsoft.ApplicationId.RuleWizard.NativeMethods.IDsObjectPicker.Initialize(DSOP_INIT_INFO& pInitInfo)
at Microsoft.ApplicationId.RuleWizard.BrowseDSObjectsDialog.ShowDialog(IWin32Window owner, PickerTypes pickerType, Boolean multipleSelect)
at Microsoft.ApplicationId.RuleWizard.PermissionsControl.trusteeSelectButton_Click(Object sender, EventArgs e)
at System.Windows.Forms.Control.OnClick(EventArgs e)
at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)
at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)
at System.Windows.Forms.Control.WndProc(Message& m)
at System.Windows.Forms.ButtonBase.WndProc(Message& m)
at System.Windows.Forms.Button.WndProc(Message& m)
at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)
at Microsoft.ManagementConsole.Internal.SnapInMessagePumpProxy.OnThreadException(Object sender, ThreadExceptionEventArgs e)
at System.Windows.Forms.Application.ThreadContext.OnThreadException(Exception t)
at System.Windows.Forms.Control.WndProcException(Exception e)
at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)
at System.Windows.Forms.UnsafeNativeMethods.DispatchMessageW(MSG& msg)
at System.Windows.Forms.Application.ComponentManager.System.Windows.Forms.UnsafeNativeMethods.IMsoComponentManager.FPushMessageLoop(IntPtr dwComponentID, Int32 reason, Int32 pvLoopData)
at System.Windows.Forms.Application.ThreadContext.RunMessageLoopInner(Int32 reason, ApplicationContext context)
at System.Windows.Forms.Application.ThreadContext.RunMessageLoop(Int32 reason, ApplicationContext context)
at System.Windows.Forms.Form.ShowDialog(IWin32Window owner)
at Microsoft.Security.Srp.Ux.SrpUxRuleListView.CreateManualRule(RuleType ruleType)
at Microsoft.ManagementConsole.View.DoAction(Int32 actionId, Boolean selectionDependent, Int32 selectionId, IRequestStatus requestStatus)
at Microsoft.ManagementConsole.View.ProcessRequest(Request request)
at Microsoft.ManagementConsole.ViewMessageClient.ProcessRequest(Request request)
at System.Runtime.Remoting.Messaging.StackBuilderSink._PrivateProcessMessage(IntPtr md, Object[] args, Object server, Object[]& outArgs)
at System.Runtime.Remoting.Messaging.StackBuilderSink.SyncProcessMessage(IMessage msg)
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
at Microsoft.ManagementConsole.Internal.IMessageClient.ProcessRequest(Request request)
at Microsoft.ManagementConsole.Executive.RequestStatus.BeginRequest(IMessageClient messageClient, RequestInfo requestInfo)
at Microsoft.ManagementConsole.Executive.SnapInRequestOperation.ProcessRequest()
at Microsoft.ManagementConsole.Executive.Operation.OnThreadTransfer(SimpleOperationCallback callback)
at Microsoft.ManagementConsole.Executive.MmcThreadMessageWindow.OnThreadException(Exception e)
at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)
at System.Windows.Forms.UnsafeNativeMethods.DispatchMessageW(MSG& msg)
at System.Windows.Forms.Application.ComponentManager.System.Windows.Forms.UnsafeNativeMethods.IMsoComponentManager.FPushMessageLoop(IntPtr dwComponentID, Int32 reason, Int32 pvLoopData)
at System.Windows.Forms.Application.ThreadContext.RunMessageLoopInner(Int32 reason, ApplicationContext context)
at System.Windows.Forms.Application.ThreadContext.RunMessageLoop(Int32 reason, ApplicationContext context)
at Microsoft.ManagementConsole.Internal.SnapInMessagePumpProxy.Microsoft.ManagementConsole.Internal.ISnapInMessagePumpProxy.Run()
at System.Runtime.Remoting.Messaging.StackBuilderSink._PrivateProcessMessage(IntPtr md, Object[] args, Object server, Object[]& outArgs)
at System.Runtime.Remoting.Messaging.StackBuilderSink.SyncProcessMessage(IMessage msg)
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(System.Runtime.Remoting.Proxies.MessageData ByRef, Int32)
at Microsoft.ManagementConsole.Internal.ISnapInMessagePumpProxy.Run()
at Microsoft.ManagementConsole.Executive.SnapInThread.OnThreadStart()
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart()
I hope this is a known problem on W12R2 since it was discovered on W10 a few months ago.
- Edited by Rob.Ralston Wednesday, June 21, 2017 10:52 AM Typo
- Changed type Wendy Jiang Thursday, June 22, 2017 1:43 PM bug share
Reply:
I can confirm when I install the Group Policy Management Feature on a Windows 2012R2 machine which is updated through June 2017 Windows updates, but does not have .NET 4.7 installed, I am able to manage AppLocker rules normally for the Domain with GPMC. i.e., I can add/edit users in new and existing rules.
Look forward to an update on this. As .NET 4.7 gets rolled out this is going to bite a lot more businesses.
------------------------------------
Reply:
Thank you for the test and share, we would keep eyes on this case and report your share to related team.
And regarding the bug process, we also suggest to open up a case with Microsoft Technical Support to see if they have more details about this bug, here is the contact informatin:
https://support.microsoft.com/en-us/contactus/?ws=support
Best Regards,
Wendy Jiang
Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.
------------------------------------
Reply:
Waited for MS to acknowledge and correct this problem, but they have not.
While I could have spent the time and possibly money, to open a PSS case to look into this, I found I could successfully uninstall the .NET Framework 4.7 and any related "quality" updates, on the W12R2 server where I manage GPOs with GPMC. This resolved the problem for me. The .NET upgrade was in no way important to me on this particular machine.
At some point, MS will realize the impact on the AppLocker user selection control and fix this.
------------------------------------
Looking for a tester/contributor for my website.
I've removed my post.
Never mind.
- Changed type jrv Tuesday, July 25, 2017 9:24 AM
- Edited by Baswijdenesdotcom Tuesday, July 25, 2017 9:29 AM
Reply:
No. This is not the correct forum for web site issues. Post here: http://forums.iis.net
You site looks OK. The post can remain as many are looking to learn PS.
\_(ツ)_/
- Edited by jrv Monday, July 24, 2017 7:53 PM
------------------------------------
Reply:
\_(ツ)_/
------------------------------------
Reply:
Alright, I'll remove the message then.
I don't want to break the rules.
------------------------------------
Reply:
You don't need to remove anything. Just use IIS.net to get any assistance you need making your site work.
\_(ツ)_/
------------------------------------
Anyone know about DCM INDIA - Dream City Management India?
Station controller is not installed
- Edited by jose gregorio faneite Tuesday, July 25, 2017 12:56 AM
How to write a PowerShell script to check if PCs and/or Users are authenticating to the correct domain controller
I am tasked with writing a PowerShell script to determine which PCs and or Users are authenticating to the correct domain controller across our entire enterprise and to export the data into a report. I do not have any experience writing scripts and do not know where to begin. I have taken the initiative to secure some reading material but this journey is going to be a long one.
I would appreciate any assistance from any of you IT pros.
Thanks,
Kano
- Changed type Bill_Stewart Wednesday, September 13, 2017 9:05 PM
- Moved by Bill_Stewart Wednesday, September 13, 2017 9:06 PM This is not directory services forum
Reply:
Active Directory does not track which DC was used to authenticate users or computers. So a simple query of AD is not possible for this.
One option might be to enable auditing of logon events and run a script to parse the logs. Another is to use Group Policy to configure Startup (for computers) and Logon (for users) scripts that log the required information to a shared log file. Then a script could parse this log file to create a report.
I used a similar approach years ago to track sessions (logon and logoff events and total time logged on), where a session was defined as a user logged into a particular computer. The scripts I used are linked on this page, including the logon, logoff, startup, and shutdown scripts, and the scripts to parse the resulting log files for sessions. Just to give you ideas:
http://www.rlmueller.net/Logon5.htm
Edit: The scripts I linked are VBScript and do more than you need, in particular retrieving the IP address. The logon and startup scripts also make 3 attempts to append to the log files (with a pause between), in case more than one user logs on at the same instant. This is only necessary if very many users will logon at once (and rarely even then).
The logon script for your purpose could be as simple as the following batch file:
@echo off echo %date% %time%,%UserName%,%ComputerName%,%LogonServer% >> \\MyServer\MyShare\LogUsers.log
This creates a comma delimited file, which can be read into a spreadsheet for analysis. Or you could code a script to parse the file. Since everything you need is available in the environment, this works fine for users. Computers authenticate at startup, so I need to experiment if a similar batch file will work for computers (without %UserName%)
Richard Mueller - MVP Enterprise Mobility (Identity and Access)
- Edited by Richard MuellerMVP Friday, July 21, 2017 2:37 PM
------------------------------------
Reply:
To add to Richards excellent comments. AD login DCs are chosen dynamically. This is usually the closest DC to the workstation but network conditions and DC load can cause a different DC to be used. Each request to AD can select a new C for the request although once logged in there is generally no need to contact a DC.
If you are having login performance issues you should just check the performance stats for all DCs to see why they may be slow. All DC diags should be run to determine if the AD network is running correctly.
\_(ツ)_/
------------------------------------
Reply:
Good thing I tested. A startup script can log the %ComputerName% environment variable, but %LogonServer% is not available. In my tests. %LogonServer% is blank. I suspected this might be the case. I don't know how to retrieve the DC used during startup.
The DC that authenticates the computer might not be the same as the one that authenticates the user. In fact, if there is a delay before the user logs on, the DC that authenticated the computer could even be no longer available.
But the process jrv describes for selecting the DC is the same for computers and users. I suspect checking which DC authenticates users would answer questions anyone has.
Richard Mueller - MVP Enterprise Mobility (Identity and Access)
------------------------------------
Reply:
Thanks Richard and JRV. Next week I will try your suggestions.
Regards,
Kano
------------------------------------
Reply:
My question is, "what does 'correct domain controller' mean?"
Any domain controller can authenticate a user. As jrv pointed out, the domain controller that authenticates the user should be pretty efficient, if the AD sites are set up correctly and the domain controllers aren't overloaded.
But this is a directory services design and deployment issue, not a scripting issue.
-- Bill Stewart [Bill_Stewart]
------------------------------------
Reply:
Bill brings up an important issue. Many installation I have seen have failed to define sites and subnets. Sites and subnets help AD work more efficiently. The hosts will ask for service at the subnet level and never try to poll an AD that is off-subnet unless no DCs are on the subnet. Sites provide a geographical hint that tells AD that different sites are possible at some distance logically.
S&S also allows nodes to select the closest resources like printers and message queues. No need to fiddle with IP network calculations. Just retrieve the site and location then scan for the resource by location.
Be sure your subnets and sites are defined and defined correctly.
\_(ツ)_/
------------------------------------
Reply:
Bill,
The correct domain controller is the one for each of our branch locations. So the task I was given was to determine if PCs and users were authenticating to the domain controller for their respective location rather than authenticating to a domain controller from a different branch location. Hope this clarifies your question. My job is Desktop Support Level II and scripting is new to me.
Thanks,
Kano
------------------------------------
Reply:
The correct domain controller is the one for each of our branch locations.
The question is whether the idea in your mind of a "correct" domain controller matches how your domain's Active Directory sites and services is actually configured. That is an AD architecture/design question and is not within the scope of this forum.
-- Bill Stewart [Bill_Stewart]
- Edited by Bill_Stewart Monday, July 24, 2017 4:05 PM
------------------------------------
Reply:
All the the answers make sense to me. I think the IT Manager was asking for which domain controllers the PCs/users were authenticating to rather than the "correct" domain controllers. At least now I have a framework on where to begin.
Thanks,
Kano
------------------------------------
pivot table
hot to update the pivot table. i am entering the reports on daily basis , but when i go to report i am refreshing, but the new date is not coming.If i want to make any changes in settings, kindly guide me
- Edited by Veeramani Kaliaperumal Monday, July 24, 2017 12:37 PM
Reply:
------------------------------------
SharePoint 2016 online designer
Hi everybody,
I would like to receive automatically an e-mail alert signed by the name of the customer who makes a change in our common library, by extracting his name or E-mail address from his active session and putting it in the end of the E-mail. My 54 custumers use their own e-mail address (outlook, gmail, yahoo,....), to access of my soub/site. They are located in différents countrys and are all members of the site.
Reply:
Adnan Amin MCT, SharePoint Architect | If you find this post useful kindly please mark it as an answer. | http://mstechtalk.com
------------------------------------
Reply:
Thakn you Amin for your reply,
I've created the workflow bu not able to add email activity
Can you help me more by giving me some instruction (ie:command)
Aadiallo
------------------------------------
Reply:
basically, When i add "send an Email" in the workflow and finished typing the Email message, i'm not able to find the customer email address and put it in the end, like a sign.
Aadiallo
------------------------------------
Translate Powershell authentication String in C#.NET
Hi everybody,
I look for C#.NET translation of the following Powershell Authentication String. This is to send mail through o365 MX (mydom-com.mail.protection
No worry my Public IP is trusted in o365 and is add to SPF DNS record for mydom.com...
$Password = ConvertTo-SecureString "anyString"-AsPlainText -Force $Credential = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList "NT AUTHORITY\ANONYMOUS LOGON",$PasswordIf there is no translation exist, any c#.net code that allow me to send directly through o365 MX is welcome.
Thank you for your help
Orwell
- Changed type Bill_Stewart Wednesday, September 13, 2017 9:04 PM
- Moved by Bill_Stewart Wednesday, September 13, 2017 9:04 PM Possible help vampire
Reply:
Send-MailMessage can send through the SMTP port of your O365 account if you have enabled it.
For C# you ill need to post in a C# forum.
\_(ツ)_/
------------------------------------
Reply:
Here is an example of how to use SMTP mail with O365 accounts:
$splat = @{ From = 'xx.xx@dom.com' To = 'xx@dom.com' Subject = 'some subject' Body = 'some text' SMTPServer = 'smtp.outlook.com' Port = 587 UseSSL = $true Credentials = Get-Credential 'youro365account' } Send-MailMessage @splat \_(ツ)_/
------------------------------------
Reply:
Thank you JRV.
I know that but this is not for me directly this it's for an developer C#.NET so I need C#.NET code to do this.
This will be in Visual studio C#.NET application.
It seems there is no C# forum in French or English.
I you have link to any forum c# I can post my request on it.
Thank you
Orwell
------------------------------------
Reply:
It seems there is no C# forum in French or English.
I you have link to any forum c# I can post my request on it.
There is no need to be helpless. You can find information too, if you try. Example:
http://www.google.com/search?&q=C%23+forum
-- Bill Stewart [Bill_Stewart]
------------------------------------
whats the correct way to find inactive AD users
i'm testing this script to find inactive (30 days or more) AD accounts but are still enabled. it is showing me not the correct output because this morning i received an email from a user whose samAccountName happens to be listed by this script i'm working on. so it seems my script is not the right way.
Search-ADAccount -UsersOnly -SearchBase "ou=Users ,dc=ACME,dc=com" -AccountInactive -TimeSpan 30 | Where-Object { $_.Enabled -eq $true } | select samAccountName, name, enabled - Changed type Bill_Stewart Wednesday, September 13, 2017 9:04 PM
Reply:
Inactice does not mean diabled. It means incative - not active anymore for ... hours/days/month ... !! ;-)
You might re-read the help for this cmdlet again very carefully including the examples?
https://technet.microsoft.com/de-de/library/ee617247.aspx?f=255&MSPPError=-2147217396
Grüße - Best regards
PS:> (79,108,97,102|%{[char]$_})-join''
------------------------------------
Reply:
------------------------------------
Reply:
Search-ADAccount -AccountInactive -UsersOnly -TimeSpan (New-TimeSpan -Days 10) -SearchBase 'ou=Users ,dc=ACME,dc=com' | Where-Object {$_.enabled} | Select-Object -Property SamAccountName,Name Grüße - Best regards
PS:> (79,108,97,102|%{[char]$_})-join''
------------------------------------
Reply:
Timespan can be an integer number of days or a timespan. It is not correctly documented. The timespan is inaccurate for spans of less than about 14 days due to update cycles on AD.
\_(ツ)_/
------------------------------------
Reply:
Hmmm ... so if I got this right
-TimeSpan (New-TimeSpan (Get-Date).AddDays(-30))
and
-TimeSpan 30
should produce the same result, right? But it does not in my environment. The second version produces the same output as if I'm omit the -TimeSpan parameter completely.
(Environment: Win10 x64 Enterprise / DC: Win Server2012 R2 )
Grüße - Best regards
PS:> (79,108,97,102|%{[char]$_})-join''
------------------------------------
Reply:
Strange. It works for me on WS2008r2. Of course it always returns accounts that have never logged in which need to be separately filtered.
\_(ツ)_/
------------------------------------
Reply:
I just discovered that search no longer works correctly at all. Accounts are also not update lastlogondate for about 30 days so 30 misses those accounts. Weird that the timestamp is not getting updated at the 14 day interval. Accounts that have not logged in in more than 30 days all show up correctly with a timespan or an integer.
\_(ツ)_/
------------------------------------
Windows Server 2016 Print Server
We recently migrated our servers from a Windows Server 2008 R2 to 2016 version.
We are experiencing a problem with clients (RDS 2016) that retrieves shared printers on a 2016 server
Since migrating to Windows Server 2016, we are experiencing a printing problem that is disrupting our use ...
Randomly for users (15 minutes to 3 days) it is not possible to print after manual installation of the printer.
Symptoms include:
Note: Adobe Reader is the only application to indicate an error message. For other applications, nothing happens: the print progress bar and the print job icon disappear in the task bar.
- Disappearing the printer in Peripherals and Printers
A similar problem found here https://social.technet.microsoft.com/Forums/en-US/5531a55c-2691-47a8-ba5b-2d48314a4090/rds-problme-dimprimante-selection-par-defaut-et-multi-printer ? forum = windowsserver8fr
We also tested the printer installed with a PCL5 driver rather than PCL6.
Can you help me to solve this problem please?
Visual Studio and VB
I use Visual Studio for VB.
Therefore I want to ask why VB forum moderators always remove the signals for Off Topic by this kind of questions as soon as there is stated.
I use Visual Studio and VB
Not change the discussion in question while it are obvious questions, but only remove the signal for off topic.
Success
Cor
- Edited by Cor Ligthert Sunday, July 23, 2017 1:57 PM
- Changed type Zhanglong WuMicrosoft contingent staff Monday, July 24, 2017 6:48 AM
- Moved by KareninstructorMVP Monday, July 24, 2017 10:22 AM Moved from VB.NET
Reply:
Cor,
If you mean this one, I un-flagged the post and indicated that it needs clarification which means do they want to use just sql or sql in with vb.net code. Depending on their reply or lack of reply the post may be moved to the proper forum or off-topic forum.
Please remember to mark the replies as answers if they help and unmark them if they provide no help, this will help others who are looking for solutions to the same or similar problem. Contact via my Twitter (Karen Payne) or Facebook (Karen Payne) via my MSDN profile but will not answer coding question on either.
VB Forums - moderator
------------------------------------
Reply:
Karen,
I see that so often currently. What is in that discussion VB?
"In sql I would like to sort according to the Swedish alphabet."
Even less on topic than this thread.
You can move it to Off topic and if the user comes back and changes his question, you can move it back.
Otherwise ask the Forum administration to remove that "Report as abuse" button.
Every time it is done in this way, I get the idea that my actions are seen by moderators as done by an inferior kind of person.
Success
Cor
------------------------------------
Reply:
I see that so often currently. What is in that discussion VB?
Another example of a wild guess at the topic, almost certainly leading to it being moved again when the answers make no sense to the OP.
https://social.msdn.microsoft.com/Forums/en-US/adcf29bd-6b17-48b4-a8f5-0bf1cb48902b/looping-a-fields?forum=vbgeneral
------------------------------------
Reply:
Acamar,
Somehow it can be that moderators know that the knowledge of contributors in this forum is high and move the question.
However, if another moderator than starts giving base quick basic answers, then we should ask what kind of company CSG is.
Success
Cor
- Edited by Cor Ligthert Monday, July 24, 2017 9:02 AM
------------------------------------
Location Services over VDI
Hi,
Has anyone else enabled or got any success with enabling location services working with Lync running over VDI.
The problem here is that users connect from anywhere, home, resident office or while travelling they always access the same desktop and hit the same subnet all around the globe.
So assignment of subnets to a location doesnt work since the subnet will be of the server hosting the desktop , while the user can be anywhere around the world.
Any ideas...
Cheers, Shravan
Reply:
I don't think this is applicable with VDI,
cheers,
Please remember to click "Mark as Answer" on the post that helps you, and to click "Unmark as Answer" if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread
------------------------------------
Reply:
The problem is that the Lync client runs on the Server Instance and is located in the Data Center.
Location can only be leveraged by using Lync on the Physical Laptop (Application Virtualization would be possible too)
You may want to evaluate running the Lync client on the Laptop itself for users traveling a lot, also anything other than IM & Presence is not supported with VDI or Terminal Services so you are stuck if you want any UC features.
- Belgian Unified Communications Community : http://www.pro-lync.be -
------------------------------------
Reply:
The value of giving users VDI is that they dont need to lug a company laptop when they travel. With virtualizing my entire desktop, i dont need to worry about virtualizing individual applications.
Adds to the list of features that cant be used !!
Cheers, Shravan
------------------------------------
Reply:
Hi Shravan,
Location service is not available for VDI with the current Lync/SfB environment!
regards Holger Technical Specialist UC
------------------------------------
Windows 10 Enterprise Evaluation Edition Expiring Early
The TechNet Evaluation installation of Windows 10 Enterprise Evaluation Edition which was supposed to be active for 90 Days was displaying a message that the installation would expire in 10 days even though there should have been 30 days left on the evaluation period. After an automatically scheduled Windows Update the displayed message suddenly changed to "Expired" and the system shut down.
I have licensed utility and application development software installed in this system. I thought I had at least 10 days to figure out whether I would have to uninstall the products, backup my system or purchase a product key.
I had previously received and email from Microsoft with subject "Windows 10 Enterprise: Ready to Purchase?" which had a link "Purchase Options" that lead to the Volume License Service Center website that resulted in sort a catch 22 since I was registered but had no open volume license contracts. When I contacted the volume license sales center I was told I would have to purchase a minimum combination of 5-licenses to acquire a licensed copy of Window 10 Enterprise Edition, but I now understand I would still have to perform a clean install. This would result in the loss of my installed software and the associated license keys.
I understand that a backup might help me to save my installed software but even though I own and use backup software like "Acronis True Image 2015", I don't have the latest version and none is already installed on the Windows 10 Enterprise installation which is now already expired and shutting down automatically on its own.
It has occurred to me as I write this post that I might be able to use the backup capabilities of WinZip Pro 19.5 that is installed in the Windows 10 Enterprise Evaluation Edition software if I can get it to function in the already expired operating system. There was also a license key that was supplied with the original download that stated the key was not required and I believe the software did indeed install and function without the key.
In any case I'm very concerned and seeking help with the problem of early expiration of the Windows 10 Enterprise Edition Evaluation software and would deeply appreciate help with a solution to this problem that allows me to secure the full evaluation period and recover license keys by uninstalling purchased software I have installed in the evaluation edition of the Windows 10 Enterprise Evaluation Edition operating system software.
Thank you!
Cleave
- Edited by Cleave Monday, January 25, 2016 11:08 PM
Reply:
I'm not sure you're going to get much help about the whole evaluation expiring a few weeks earlier than it should have - I mean, it's going to expire no matter what. The evaluation is mainly designed to test out software -- and if your software was working for almost 60 days with the functionality you require, what more do you need?
As far as recovering your keys and software, Microsoft states on TechNet that "if you fail to activate the evaluation, or if your evaluation period expires, the desktop background will turn black, you will see a persistent desktop notification indicating that the system is not genuine, and the PC will shut down every hour." So the PC still works just fine - it just reboots every hour. This should be plenty of time to recover your software keys.
Hope that helps!
------------------------------------
Reply:
Thank You Q-Tech,
I'd had a personal issue arise (death in the family) during this evaluation that had affected my actual time spent actively evaluating the software and had just gotten back into performing my focused evaluation just a few days ago. However what you suggest makes sense.
I'll do what I can to recover whatever I can and call it a wash. I understand that evaluation software can again be downloaded and reinstalled and if I can recover my keys by uninstalling the software I should be ok.
Too bad though I'd spent a lot of time familiarizing myself with the latest tools, working on understanding capability and compatibility, acquiring, installing and configuring software development components that I should of still had time available to actually evaluate in the environment but only got to perform the most rudimentary of planned task because of this early termination. If I had expected 30 or 60 days instead of 90, I would have approached the goals with that in mind. With the unexpected early termination I didn't really get to evaluate the operating system as planned and have encountered unexpected consequences. I thought this issue might be important to the vendor and the evaluation team sponsors and that a solution might be available.
Again thank you!
Cleave
------------------------------------
Reply:
slmgr /rearm
Normally the Enterprise Eval is 90 days and you can extend it twice with the above command = max 270 days total...
Also I have read you could possibly clean reinstall it to start over freshly - but by that time a new version would be out anyhow so may as well install the new version cleanly each time released and essentially would have a perpetual eval system.
------------------------------------
Reply:
------------------------------------
Reply:
Microsoft supplied you with a free copy of the software for testing. If you were using it as your main OS for work I am not sure that Microsoft owes you anything.
Bill
------------------------------------
Get-CimInstance not showing updated values
I'm writing a script that essentially queries the "Device Name" & "Driver Version" of a specified hardware device on the local system, updates the device driver if it is required after doing some comparison operation and finally queries the "Device Name" & "Driver Version" again after the installation to validate the driver level is at the new version. What I am running into is that my second Get-CimInstance call is not returned the expected values, I keep getting the same values that were found with the first Get call. I have tried using the same variable for both calls and even separate variables for each call but its not working as expected. What am I missing?!?
# Get Driver Version: Pre-Upgrade $driverQuery = Get-CimInstance -ClassName Win32_PnPSignedDriver -Filter "ClassGuid = '{4d36e972-e325-11ce-bfc1-08002be10318}' AND DeviceName LIKE '%Intel%Pro%'" Write-Host $driverQuery.DeviceName Write-Host $driverQuery.DriverVersion # Do Stuff.... # Run Device Driver Installer (.exe) if client requires updated driver # Get Driver Version: Post-Upgrade $driverQuery = Get-CimInstance -ClassName Win32_PnPSignedDriver -Filter "ClassGuid = '{4d36e972-e325-11ce-bfc1-08002be10318}' AND DeviceName LIKE '%Intel%Pro%'" Write-Host $driverQuery.DeviceName Write-Host $driverQuery.DriverVersion Reply:
You will have to reboot or restart the driver after updating the driver. The installer is likely not doing a full restart of the driver.
It is also possible that the driver package does not have an update for your device but is only updating the utilities. You will have to contact the vendor to resolve this.
\_(ツ)_/
- Edited by jrv Sunday, July 23, 2017 4:21 PM
------------------------------------
Reply:
I'm using DPInst.exe to update the driver. I can confirm the "updated" driver in Device Manager and in the registry prior to any reboot so I know the driver update is completed.You will have to reboot or restart the driver after updating the driver. The installer is likely not doing a full restart of the driver.
It is also possible that the driver package does not have an update for your device but is only updating the utilities. You will have to contact the vendor to resolve this.
\_(ツ)_/
------------------------------------
Reply:
Yes but WMI has obviously not been notified of the change. The solution is to restart the PC.
\_(ツ)_/
------------------------------------
Reply:
One thing you can try is to use WBENTEST to open the instance. If it does not reflect the change then WMI has not been notified. Most WMI driver instances are created when WMI first starts.
You can also try recycling the WMI service to see if that forces a reload of the driver info.
\_(ツ)_/
------------------------------------
Reply:
\_(ツ)_/
------------------------------------
Reply:
Thanks jrv for pointing me in the right direction! Cycling the WMI service did it! I love a one liner solution.One thing you can try is to use WBENTEST to open the instance. If it does not reflect the change then WMI has not been notified. Most WMI driver instances are created when WMI first starts.
You can also try recycling the WMI service to see if that forces a reload of the driver info.
\_(ツ)_/
------------------------------------
Reply:
Great. That proves that the instances of some system items are only loaded at startup. You will have issues recycling the WMI service on systems where other service have a dependency on WMI. Be careful as some services may cause issues for users if they are recycled and forcing WMI to stop will not cause the dependent services to restart. This is why I recommended a reboot.
Good luck.
\_(ツ)_/
------------------------------------
Hover in Outlook 2016
I am using Outlook 2016 and since my latest update my "mouse hover setting" has changed. I looked in the Control Panel for Mouse settings but it is not there.
Please HELP me reset this. It is very annoying and makes Outlook cumbersome. I have a TRASH email problem and I need to get rid of them.
Frank
- Moved by CoolDadTx Sunday, July 23, 2017 8:47 PM Product support related
Reply:
------------------------------------
Reply:
They'll help you over here.
https://answers.microsoft.com/en-us/msoffice/forum/msoffice_outlook
Regards, Dave Patrick ....
Microsoft Certified Professional
Microsoft MVP [Windows Server] Datacenter Management
Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.
------------------------------------
good
JSON feature bugs
I found a bug which when using json_modify on unicode field it doesn't recognise unicode character in path expression(Cyrillic characters).
Example:
declare @json nvarchar(max) = N'{"Ө":"1"}'
select isjson(@json)
SELECT json_modify(@json,'$.Ө',0)
select @json
Result:
1
(1 row(s) affected)
Msg 13607, Level 16, State 4, Line 7
JSON path is not properly formatted. Unexpected character '?' is found at position 2.
Reply:
The '?' in the error message suggests the path literal was interpreted as a varchar string instead of Uniicode. The script works if you prefix the JSON path expression with N and enclose the property path in double quotes:
DECLARE @json nvarchar(max) = N'{"Ө":"1"}'; SELECT JSON_MODIFY(@json, N'$."Ө"', 0); I'm not sure why the property path needs to be enclosed in double quotes since the documentation (https://docs.microsoft.com/en-us/sql/relational-databases/json/json-path-expressions-sql-server) states that is needed only when the path contains special characters. Ө doesn't seem to fit that category.
Dan Guzman, Data Platform MVP, http://www.dbdelta.com
------------------------------------
Reply:
It seems here that in this context "special character" means anything that that does not belong to a very small set, to wit underscore, letters and digits in the ASCII range. Also, the first character must not be a digit. This fails as well:
declare @json nvarchar(max) = N'{"Å":"1"}'
select isjson(@json)
SELECT json_modify(@json, N'$.Å',0)
select @json
------------------------------------
Reply:
Reading the JSON doc, it looks like names in the JSON world are strings should be enclosed in double-quotes. Excerpt from http://json.org/:
A string is a sequence of zero or more Unicode characters, wrapped in double quotes, using backslash escapes.
SQL Server seems to be more lax on this requirement in the context of a JSON_MODIFY path expression but it seems following the double quote practice avoids surprises.
Dan Guzman, Data Platform MVP, http://www.dbdelta.com
------------------------------------
unable to upgrade in windows 8.1 from 8
Reply:
If you want to use Window 8.1, license and installation media would be required. I recommend to purchase Windows 10, instead of Windows 8.1.
Ashidacchi
------------------------------------
Reply:
unable to upgrade in windows 8.1 from 8
https://support.microsoft.com/en-us/help/15288/windows-8-update-to-windows-8-1
Don [doesn't work for MSFT, and they're probably glad about that ;]
------------------------------------
Sharepoint Site Address change
Reply:
A host-named site collection allows you to address a site collection with a unique DNS name, such as "http://fabrikam.com".
How to create host-named site collections:
Make sure you open the SharePoint 2013 Management Shell with the required permissions security admin and db_owner on DBs and administrator on the server which you will use.
Then write the following command:
New-SPSite 'http://site.company.com Jump ' -HostHeaderWebApplication 'http://<servername> Jump ' -Name 'Portal' -Description 'Customer root' -OwnerAlias 'domain\administrator' -language 1033 -Template 'STS#0'
When you create a new hostname site collection, the default alternate access mappings will still exist but cannot be used. Use Windows PowerShell commands to manage URL mappings for host-named site collections.
Journey Man
- Edited by zahidGhaffar Saturday, July 22, 2017 5:00 PM
------------------------------------
Reply:
Hi,
you can change the site address[hos header] from DNS, and update the new address in IIS site binding and AAM[Alternet Access Maping] in Central Administration
Karim... Please remember to mark your question as answered, if this solves your problem.
------------------------------------
SCOM has stopped triggering alerts for monitored agents
Its been 2 days my SCOM server has stopped triggering alerts
Health of the management server is shown as critical in the operations console
Snapshot:
Further troubleshooting the alerts, it said 'All management servers pool unavailable'
I have tried restarting the System Center Management Service but it didn't help.
Please provide assistance and next set of actions in order to fix this issue.
Thanks for help in advance
No comments:
Post a Comment