Category Archives: microsoft

Check KMS server licensing status

I recently had a KMS server go into unlicensed mode for its Office products for some unknown reason, but suddently I had quite a few clients that got activation errors and therefore had to solve it fairly fast.

So for later reference, as it took some minutes to find these specific activation IDs, I’ll list them here to find them more easily next time KMS makes trouble 🙂

Check licensing status: cscript slmgr.vbs /dlv “activation id”
Re-activate KMS licensing: cscript slmgr.vbs /ato “activation id”

Re-activate Office on clients:
C:\program files(x86)\Microsoft Office\Office15\cscript ospp.vbs /act

Activation IDs:
Windows2012R2_Win10 activation id: 20e938bb-df44-45ee-bde1-4e4fe7477f37
Office 2010 activation id:bfe7a195-4f8f-4f0b-a622-cf13c7d16864
Office 2013(OFFICE15) activation id: 2E28138A-847F-42BC-9752-61B03FFF33CD

Lesson learned – some audit policies cannot just be enabled simultaneusly

Today I learned that the some audit policies cannot be enabled at the same time.

To be able to audit logon events throughout our organization we have enabled the usual audit policies in the Domain Controller group policy:
auditpolicies
At some point someone decided to audit if there were happening changes to our audit policies, through the “Advanced Audit Policy Configuration”. This additional audit policy was made through the Group Policy Management Console on a Windows 2012R2 server. Here it’s possible, without issues or hints that it’s a bad idea, to make this policy. When this got enforced on domain controllers, they stopped logging the above events in their security event-logs. This made it impossible to help users that got locked out without knowing where from and why, because the typical “bad password” events did not get logged. This is where you get the client ip of the session that is giving the bad password, mostly because it’s been hanging around since before the user last changed their password.

If you look on technet, sure Microsoft mentions that if you enable both the audit policies and the advanced audit policies, it can cause odd behaviour – https://technet.microsoft.com/en-us/library/dd692792(WS.10).aspx

If the admin had looked and wondered about the explanation Microsoft put in the policy configuration, he would/should have made the change that is required to have both Audit Policy and the Advanced Audit Policy Configuration:

advancedauditpolicesHere it tells you to enable the “Audit: Force audit policy subcategory settings (Windows Vista or later)” under Windows Settings/Security Settings/Local Policies/Security Options. 

 

RSAT tools on Windows 8.1/10 and Trend Micro Officescan

About a month ago I had to quickly provision and prepare a new domain controller for a remote site, this went smooth and quite fast they had a new DC for logon/DNS and also acting as DHCP. One thing we had noticed before the upgrade was that if we tried to use Active Directory Users and Computers from the Remote Server Administration Tools package against the domain controller, then we were getting a “RPC Server is unavailable”. Since we have multiple sites and this was the only site we’ve noticed this issue, then when we started having other issues regarding replication and so on, we were quite quick to determine that the server needed to be replaced.

After the new server was brought up and was prepared, I tried again to use the remote tools to administer the server, but to my “horror” I was still getting this error… Now with the upgrade, I went for a 2012R2 version where the old was 2008R2, so I started thinking if there could be an issue with this for the new server. At the time I didn’t have other remote 2012R2 domain controllers, so for a while I settled with this and decided to come back and try to resolve it when I got some spare time – the DC was running perfectly on all other measures.

Today, a little over a month later, I got this extra time on my hands and decided to give it another look. Now, since last month, I’ve got a brand new site that holds a 2012R2 DC and of course this works fine with the remote tools – so something had to be messed up on the other site. I tried a quick search for RPC and RSAT tools and got some old Windows Vista KB that didn’t help me much, but then the second result took me in the direction, that some antivirus clients(or rather the Realtime-scan part) had a tendency to block RPC calls – so I tried to unload the Officescan client and voila -> The connection in ADUC switched over to the server that it couldn’t connect to previously…

Now this is all fine and dandy, but what I cannot get around is – how can it work against the other site’s DC without any issues???

The only thing I see different between the 2 sites is that the brand new site is VPN connected through Cisco ASA, and the other site that needs me to turn of Officescan is connected through our company MPLS…

If anyone can explain this to me – please do so in the comments below!

/
Dan

Windows 10 “display driver for Windows 8 crashed” issues

Having used Windows 10 for what seems a long time, and having upgraded whatever I could get my fingers on, issues sometimes appear. One of these have been going on through almost the entire lifespan of Windows 10, from the earliest builds. Depending on how/what I am doing on the PC, then a few times a day I’ve seen a 5-10 second stop in everything and then an error message, saying something like “Intel HD display driver for Windows 8 has crashed” – I’ve been blaming it on me running the insider build, but still I was annoyed that Intel/Microsoft did not fix at least the error message to show Windows 10.

But now mom has been upgraded, and she really only uses Microsoft Solitaire collection, 1 game-site online with Java-games and occasionally browse the net. She found that when playing the Spider solitaire game, she could force the crash message and her game needed to be restarted, but she could never get a game done.

Having this to search from, I quickly found that a lot of other people are playing these games 🙂 and they have seen many issues with these since Windows 10 came along. But in November, Intel finally stepped up at least on the beta channel – and provided what seems to be a fixed display driver, still though on the release notes, there are quite a few games that have issues, so be careful to read this.

Find the Intel beta download here: https://downloadcenter.intel.com/download/25541/Intel-Beta-Graphics-Driver-for-Windows-7-8-1-10-15-40-

This driver seems to work for most Intel current display adapters, but check the list below:

Intel® Iris™ Pro Graphics 5200 for 4th Generation Intel® Core™ Processors
Intel® Iris™ Graphics 5100 for 4th Generation Intel® Core™ Processors
Intel® HD Graphics 5000 for 4th Generation Intel® Core™ Processors
Intel® HD Graphics 4600 for 4th Generation Intel® Core™ Processors
Intel® HD Graphics 4400 for 4th Generation Intel® Core™ Processors
Intel® HD Graphics 4200 for 4th Generation Intel® Core™ Processors
Intel® HD Graphics 5300 for Intel® Core™ M Processors
Intel® Iris™ Graphics 6100 for 5th Generation Intel® Core™ Processors
Intel® HD Graphics 5500 for 5th Generation Intel® Core™ Processors
Intel® HD Graphics 6000 for 5th Generation Intel® Core™ Processors
Intel® HD Graphics 530 for 6th Generation Intel® Core™ Processors
Intel® HD Graphics 515 for 6th Generation Intel® Core™ M Processors
Intel® HD Graphics 520 for 6th Generation Intel® Core™ Processors
Intel® Iris™ Pro Graphics 580 for 6th Generation Intel® Core™ Processors
Intel® Iris™ Graphics 540 for 6th Generation Intel® Core™ Processors
Intel® Iris™ Graphics 550 for 6th Generation Intel® Core™ Processors
Intel® Iris™ Pro Graphics 6200 for 5th Generation Intel® Core™ Processors

Get BGinfo working on high resolution screens (Surface Pro 3 maybe?)

I’ve had BGinfo running on my work PCs forever, but since I got the Surface Pro 3 it hasn’t really looked great. Different scenarios, single or multiple monitors, the background picture always seems to get warped into something not pretty. Today I finally did a search to see if anyone got the same issue, and of course there were J

On the Spiceworks forums this showed up:

And with that little tweak in compatibility settings, now everything looks great again.

Windows 10 Mail-app thinks it’s on Windows Phone 10 OS?

I have an Exchange installation where I get a notification for all new devices that tries to connect, through the Exchange Quarantine functionality. Tonight I noticed a user tried to connect his Windows Mail Universal app, which can do ActiveSync(like the older version), but the newest version on Windows 10 now “mistakenly” reports the device OS to be Windows Phone 10.0.240, which is the RTM version of Windows 10 for PCs, build 10240 has not been released in to the Windows Phone Insider program as it had a serious bug. The curious thing is that on the Insider program we now in Windows Phone 10 get “Outlook Mail” as the mail-client application builtin…so the universal part…hmmm… 🙂

Not a big thing, but still funny and maybe we finally start seeing more Windows Phone OS connection in Exchange 😉

2015-08-12 19_59_03-Start

Upgrading the Surface Pro 3 from Windows 8.1 to Windows 10 Build 9956 Enterprise client

So yesterday morning, I got the crazy idea to just in-place upgrade my work Surface Pro 3 from Win8.1 to the newest available Windows 10 build, 9926.

Win10System

The upgrade process itself went more than smooth, it was just next,next – wait,wait – an hour later I think, it was ready to log in, still on the AD domain, desktop and apps are still installed and so far, all I’ve seen from the applications is Outlook, the re-ran the MSI-setup for 5 seconds on first start-up.

The first couple of hours were tough 🙂 The graphics driver for the Surface Pro 3 was missing, and manually trying to point Device manager to the files didn’t help. These files are for Windows 8.1 and couldn’t auto-detect. Finally I found a forum post, telling me that, of course, this could be fixed with WSUS. I remembered that my Win 8.1 had a few issues on the last firmware update a week or so ago. Because we are running an internal WSUS server, I needed to delete that key completely in registry:

HKLM:\SOFTWARE\POLICIES\Microsoft\Windows\WindowsUpdate

Less might have done the job, I tried to delete a few strings first and didn’t help, so ended up deleting it all and that got me in touch with Microsofts WSUS servers. Here I was offered a System Firmware update from 22/1/2015 and the first normal wsus-update for the technical preview.

After applying these, my graphics got up to speed and after a few hours, where I’m guessing Windows 10 is building up Prefetch and Onedrive and the likes, the PC has been running great and speedy. I was really in doubt these first few hours, if I should just do a complete reinstall, and I still think this is always the best idea, because the CPU was running at 50% constantly on system processes, resulting in the Surface’s fan to run all the time.

After the first 24 hours, here are my found issues:

  • Cisco Anyconnect SSL VPN, needs to be at version 3.1.05182
  • Internet Explorer, wouldn’t work, until I went into Internet Options and disabled all add-ons, started up IE it worked, and afterwards I enabled all add-ons one by one, and now IE works…go figure…?
  • I have to get used to new message functionality, where system messages (e.g. “Firewall is disabled, do something”) and applications opens up there also, like Outlook New-Email notification.

Findings:

  • Gestures:
    • Swipe 3 fingers across the touchpad, it brings up the ALT+TAB functionality and switches between open windows.
    •  Swipe 3 fingers downwards on the touchpad minimizes all open windows. Upwards brings them up again.
    • Swipe 2 fingers up or down equals scrolling.

 

Let me know if you want to know something specific or have me test something for you, I’ll be happy to help! 🙂

Campus Days 2014

So, this year i finally got to go the biggest danish Microsoft-tech conference Campus Days. I have been looking forward to this event for the last couple of months, as I’m not attending many MS events, mostly because they are mostly in other countries, but also previously it’s been hard to find out that there actually were events being held. This has improved lots with just the use of twitter and following the right people (@RasmusHaldDK is a great place to start).

I started my Campus Days a day early and arrived monday evening, I first wanted to be here Monday morning and attend the EWUG meeting at Microsoft DK, but a meeting got in the way unfortunately and had to reschedule. I stayed at WakeUp Copenhagen in Carsten Niebuhrs gade, which was recommended and perfectly placed to get to the conference in Cinemaxx with a 10 minute walk.

Tuesday was kicked of with the great Mary Jo Foley(@maryjofoley) where she did a 5 step walkthrough on the new Microsoft. With her great history on covering Microsoft and her insights, we really got a great view on how big the changes really are inside Microsoft. It seems to mostly be for the best, but she also had a few punches for some of the strategies, mostly the Windows Phone strategy – but she’s not alone on this – a lot of techies/journalists/commentators have been giving MS a lot of heat and suggesting many other ways that MS could attack the mobile market, time will tell if they’ll listen.

My first session was “Exchange 2013 upgrade and Coexistence” with Peter Schmidt(@petsch) and Jakob Østergaard Nielsen from EG. It’s always great to see they faces in real life that you follow online. This was a great session and this made me want to go home and upgrade our current Exchange 2010 setup, so I guess the sessions purpose was a success. It was great the Peter started with an overview and then Jakob went into details afterwards.

Next session was OneDrive for Business, with an MS guy, this was not nearly as technical as I had hoped, I should have maybe known this because of the level 200. We got a roadmap look for OneDrive in 2015, which was great and there’s is lots to look forward to.

The last session of Tuesday was “Performancetuning for the Accidental DBA” with Rasmus Glibstrup(@SQLGuyDK) from it-Craft. I had just found Rasmus on twitter and heard about it-Craft, so was looking forward to this. I’ve been the accidental DBA for quite a while now, and been looking a lot more into SQL than I thought I would ever do, it actually seems like an important area, but for now I’m mostly interested in the infrastructure part of SQL and not so much the coding/querying. This means this was pretty much the perfect fit for Rasmus’ session. He went through the different layers of SQL server and where to look for issues and what could be the cause. He also supplied scripts for our own use and I’m looking forward to trying these at home. Rasmus is a great presenter, funny and knows his stuff – best of all he’s from Jutland! 🙂

Wednesday started with a session from Microsoft about “Migrating from Home Drives and Offline Files to Work Folders and Web Application Proxy” by Craig Forster MS PFE. This was a session that was better than expected – Craig went through setup and configuring Work Folders, and demoed the functionality of Work Folders. He was great at presenting, funny and knew the tech. He double-jinx’ed the demo, so it worked as planned and Powershell scripts were thrown left and right and they all worked as well – to much a surprise to Craig 🙂

Second session was “Lync 2013 Enterprise Voice:Design of Infrastructure” by Jan Fredborg. Great content, a little technical for a non-PBX techie, with a lot of codecs mentions and the likes. I found out a lot and also it was comforting that no-one in the audience seemed to have bad experiences with Lync. This could be a future product when our crap PBX is going to be replaced. We are located in most of Europe and here Lync also seems to have improved with number tampering and other things we’re going to need.

Last session of the day was “What’s new and upcoming with OS Deployment in SCCM and MDT” with Ronni Pedersen(@ronnipedersen) from EG. This was completely new ground for me as I neither do deployment much and when I do it’s not with MS products. Ronni did a great walk through, he started out by showing the hydration kits from www.deploymentresearch.com, telling everybody how easy it is to set up labs with these – I’m definitely going to have a look at these, I’ve been playing a bit with Powershell Deployment Toolkit from MS and these seems much like that. I unfortunately didn’t get much out of the SCCM demoes as I can’t relate these to anything I’ve seen before – but this is on me and not Ronni. We had lots of questions and Ronni gave his views – he is very straight forward and put a few questions in my head also. I later read that the session went on for 2,5 hours (it should have been 1hr15min) but Ronni said he would stay for as long as there were questions!

After the last session the festivities began! First there was a choice to make, between watching “Dumb Dumber 2” or “The Imitation game”. I chose the latter as the other one seemed more like a family movie I could get to watch with the wife and it also had a great IMDB rating. I must say I wasn’t disappointed, Benedict Cumberbatch is a great actor and the plot with the history of World War 2, was truly great – so I can surely recommend this.

After the movie the venue had been turned into the US around the 1920s, with music, gambling, games and food. It was a little hard to get a conversation going as all attendees were almost all crammed in on one floor and the talk was loud. We got a couple of beers in and moved a little upstairs to be able to talk – and left for the hotel around 9pm.

Tomorrow is the last day, I’m planning to go to the following sessions:
9.00 – 10.15 “Enterprise mode for IE11” or “Lync Enterprise Voice – Do’s and Dont’s”
10.45 – 12.00 “Office 365 -Exchange Hybrid”
13.00 – 14.15 “Architecture for Mobility with EMS”
14.45 – 16.00 “Windows 10:Deployment” or “SCOM i den perfekte verden eller: Få fuldt udbytte af din SCOM installation og indfri dine kollegers forventninger”