If you’re finding this post, it’s possible (or maybe even likely) that you’ve tried to install KB2871690 onto a Generation 2 Windows Server 2012 virtual machine on a Hyper-V host, and the installation failed. For those of you that haven’t run into this issue yet, you will if you attempt to install this particular update on a Windows Server 2012 (or Windows 8.0) Gen2 VM. It’s very frustrating to have a few hundred VMs patch, reboot, and fail to install a particular update and restart again… and then have the update offered again, and go through the cycle yet again because the admin installing updates was unaware this update wasn’t going to work, the update wasn’t pulled from WSUS or SCCM, etc. It happens.
Permanent link to this article: http://www.cluberti.com/blog/2014/02/17/kb2871690-hyper-v-server-2012-and-gen2-vms/
I’ve come across quite a few folks over the years that enable RDP by setting the registry values to do so manually, and enabling firewall rules the same way (or disabling the firewall service itself, which is not supported by Microsoft, so don’t). While neither of these things are “the right way” to do it (I found this out from dealing with Microsoft support on this, and apparently doing it manually via the registry can cause issues), the right way isn’t really called out as such very well that I can find either.
I’ve created a very simple PowerShell script (I put it in my MDT and SCCM task sequences when deploying machines as one of the first things done after the OS is deployed) that enables RDP for the Administrators group, opens the right port on the firewall, and can also be used to set it to NLA only if $NLAEnable = 1. Credit where credit is due, the script below was based on a script that does this same thing here. Thanks Robin!
Permanent link to this article: http://www.cluberti.com/blog/2014/02/12/enable-rdp-firewall-exceptions-and-nla-settings-via-powershell-and-wmi-aka-the-right-way/
Microsoft PFE Robert Smith has published a list of hotfixes recommended be tested and deployed, if no issues arise, on Windows 7 installations used for VDI. Find the data at the link, here:
Permanent link to this article: http://www.cluberti.com/blog/2013/11/12/windows-7-vdi-here-are-some-hotfixes-you-should-be-installing/
Are you running Server Core installations of Windows Server 2008, 2008R2, 2012, or 2012R2? If you can, you should be. And if you are, or just like using PowerShell for everything, you should really take a look at the Windows Update PowerShell module available from the TechNet Script Center, by MVP Michal Gajda. It’s gotten quite good over the last few revisions, and I find myself loathing working on systems where it’s not been installed.
If you want an easy way to go about updating your Windows installations from PowerShell (locally or remotely), consider giving this add-on a try. I think you’ll like it.
Permanent link to this article: http://www.cluberti.com/blog/2013/10/15/easy-windows-updating-on-server-core-from-powershell/
If you’re like me, you like to make sure the latest version of Internet Explorer supported by your organization is baked into the images you push into production, and IE10 on Windows 7 is no different. Whether you’re slipstreaming it into the base image, or (better) using MDT to rebuild your base image and including IE10 into it, Microsoft has provided a handy list of updates that you should have already included before you attempt to install IE10 on Windows 7 without internet access (as most image build environments should be – right? Right????):
How to obtain prerequisite updates for Internet Explorer 10 for Windows 7 that fail to install
That article lists 5 hotfix packages you will need – KB2533623, KB2670838, KB2729094, KB2731771, and KB2786081. However, the astute amongst you have probably noticed that the IE10 installer, when left to it’s own devices during install, actually installs 6 hotfix packages, not 5. That “extra” hotfix package is:
“0×00000050″ Stop error after you install update 2670838 on a computer that is running Windows 7 SP1 or Windows Server 2008 R2 SP1
Permanent link to this article: http://www.cluberti.com/blog/2013/08/19/installing-ie10-into-your-windows-7-image-youre-missing-an-update-or-two/
Microsoft Hotfix rollup and updates to attack Slow Boot / Slow Logon in Windows 7 SP1–plus some other things to help out
I get asked pretty often in my day job to help people troubleshoot / analyze / attack slow boot and slow logon issues they face in their Windows client or Windows terminal services environments, whether they be physical machines or VDI instances. I wanted to share a few of the very quick and easy plans of attack that I take when the client endpoints are Windows 7 SP1 or servers are 2008 R2 SP1.
1. Install the latest enterprise hotfix rollup for Windows 7 SP1 or Windows 2008 R2 SP1 on all of your endpoints involved in the boot or logon process – that includes DCs, file servers, infrastructure servers, virtualization hosts, etc:
An enterprise hotfix rollup is available for Windows 7 SP1 and Windows Server 2008 R2 SP1
Windows 7 SP1-based or Windows Server 2008 R2 SP1-based SMBv2 client computer freezes when the computer is under a heavy load
Permanent link to this article: http://www.cluberti.com/blog/2013/03/26/microsoft-hotfix-rollup-and-updates-to-attack-slow-boot-slow-logon-in-windows-7-sp1plus-some-other-things-to-help-out/
…or so says Microsoft. A colleague of mine at an unnamed company that makes Extenders and the like has confirmed this, and it appears Microsoft published a KB article in December of 2012 confirming this as well…
So, if you’re using a Media Center Extender, and it’s NOT an Xbox 360, do NOT upgrade your Windows 7 Media Center box(es) to Windows 8, or your Extender(s) will stop working.
Permanent link to this article: http://www.cluberti.com/blog/2013/01/02/media-center-extenders-for-windows-8-if-its-not-an-xbox-it-wont-work/
As the title says, I’m working on documenting some of the more tricky things I get asked about Windows 8 deployment, like Start Screen customization and branding. It may take me a bit to get right, but it’s coming. Hopefully sooner rather than later too.
Permanent link to this article: http://www.cluberti.com/blog/2012/08/29/working-on-a-windows-8-themed-mdt-post-stay-tuned/
As the title probably gives away, I’m a Windows Phone user. Why is that important? Well, I have a v1 Samsung Focus on AT&T, and I recently just got tired of waiting for AT&T to roll out updated builds post 7720 (aka Mango), which include things like the “disappearing keyboard” fix and security updates. AT&T has stated that they aren’t rolling out 8107 (or 7740 for that matter), but will roll out a “post-8107” update (probably “Tango”, or the “WP 7.5 Refresh”). The caveat is that they have not specified to which devices this update would be pushed to, and the v1 Focus is EOL (as are all v1 WP7 devices on AT&T), the relatively new Focus S/Focus Flash are soon to be EOL, and so far only the Nokia Lumia and HTC Titan II have any builds post-7720 on AT&T, so it’s hard to say for sure any devices prior to these two will actually be updated at any point in the future. The original WP7 promise was that all devices would get updates, and carriers could skip only one and had to release the next. Well, AT&T seems to say otherwise, and given 8107 has been available since January 2012 (and 7740 was available November of 2011 – AT&T didn’t push that one out either…) Guess that wasn’t true, huh. While I am pretty peeved at AT&T on this, I still have a functional device that works with everything in the marketplace – normally, I’d be OK with this decision (so far). However, as mentioned, build 8107 contains security updates as well as a pretty significant set of bugfixes for the “disappearing keyboard” fiasco and email threading issues with Exchange, this is really kind of a silly update to skip (not to mention it goes against the original “one release” skip promise.
Permanent link to this article: http://www.cluberti.com/blog/2012/05/03/tired-of-waiting-for-your-carrier-att-to-update-your-windows-phone-to-7-10-8107-do-it-yourself/
Sorry about that. Once MDT 2012 and ConfigMgr 2012 are RTM, I’ll have more content. For now, hopefully what’s here will satiate you until then!
Permanent link to this article: http://www.cluberti.com/blog/2012/01/05/wow-ive-been-absent/