Blog Home  Home Feed your aggregator (RSS 2.0)  
Dave's MCT Stuff
Stuff from Microsoft Certified Trainers
 
# Saturday, June 27, 2015

image

User see this icon in their system tray and wonder what it is so they click it…

image

This opens the “How to Get Windows 10 for free” popup, and then the user clicks the “Reserve your free upgrade” hyperlink…

 

image

User now has the upgrade reserved. On July 29th, Windows 10 is downloaded and will ask the user to start the upgrade process.

 

image

 

However, there is the possibility that they have some device or software that won’t work without further updates/upgrades.  It doesn’t just have to be the Bluetooth Server, like this example, but any other thing, too.  In that case, the issue will need to be addressed.

 

However, if all goes well, they’re able to go into Control Panel’s Windows Update applet and see the following:

 

image

Note the View confirmation hyperlink.

 

Suppose the user decides they no longer want the reservation.  Well, in that case the can click the link to cancel it.  It takes a few steps to do so, but here they are:

 

Click the View confirmation hyperlink in the Control Panel Windows Update applet, and it will take you to this screen again:

 

image

 

Those three vertical bars are in the upper left is the Menu icon… Click it.

 

image

A menu comes up, click the “View confirmation” link…

 

image

 

The “Your Upgrade…” popup opens, click the “Cancel Reservation” hyperlink…

 

image

The “Wait, really?…” popup opens, click the “Cancel Reservation” button…

 

 

image

 

The “OK, reservation cancelled…” popup opens, click the “Close” button…

 

image

However, the Reserve Windows 10 offer is returned to the system tray…  It is kind of amusing, as you could wind up going in circles, especially if you are tech support and the user keeps reserving it!

Saturday, June 27, 2015 9:40:47 AM (Central Standard Time, UTC-06:00)  #    Comments [0]    | 
# Saturday, June 20, 2015

 

Found this table online. It is a list of all the .dll’s and some .exe’s that contain Microsoft Icons.

 

These icons are the real small ones we find in a corner of a Window, for example, like this:

clip_image002

 

The files are all found in the (default—you may have installed Windows to a different directory):

C:\Windows\System32

 

accessibilitycpl.dll

Accessibility Library

actioncenter.dll

Action Center

actioncentercpl.dll

Action Center Control Panel

acctres.dll

Microsoft Internet Account Manager Resources

admtmpl.dll

Administrative Templates Extension

audiodev.dll

Portable Media Devices Shell Extension

azroleui.dll

Authorization Manager

cmdial32.dll

Microsoft Connection Manager

comctl32.dll

Common Controls Library

compstui.dll

Common Property Sheet User Interface

comres.dll

COM+ Resources

ddores.dll

Device Category Information and Resources

devicecenter.dll

Device Cednter

display.dll

Display Control Panel

dmdskres.dll

Disk Management Support Snap-In

dsuiext.dll

Directory Service Common UI

explorer.exe

Windows Explorer

explorerframe.dll

Explorer Frame

fxsresm.dll

Microsoft Fax Resource

gameux.dll

Games Library

hh.exe

HTML Help

ieframe.dll

Internet Explorer

imageres.dll

Windows Image Resource

inetcplc.dll

Internet Control Panel

mfc40u.dll

MFCDLL Shared Library

mfc42.dll

MFCDLL Shared Library

mfc42u.dll

MFCDLL Shared Library

mmcndmgr.dll

Microsoft Management Console Node Manager

mmres.dll

General Audio Resources

moricons.dll

Windows NT Setup Icon Resources

msftedit.dll

Rich Text Edit Control

mshtml.dll

Microsoft HTML Viewer

mstsc.exe

Remote Desktop Connection Client

mstscax.dll

Remote Desktop Services ActiveX Client

netcenter.dll

Network and Sharing Center

netshell.dll

Network Connections Shell

pifmgr.dll

Windows NT PIF Manager Icon Resource Library

pnidui.dll

Network System Icons

rasdlg.dll

Remote Access Common Dialog API

regedit.exe

Registry Fragment

riched20.dll

Rich Text Edit Control

sberes.dll

Windows Recorded TV

sensorscpl.dll

Sensor Devices Library

setupapi.dll

Windows Setup API

shdocvw.dll

Shell Doc Object and Control Library

shell32.dll

Windows Shell Common

twinui.dll

TWINUI

uiribbon.dll

Windows Ribbon Framework

uiribbonres.dll

Windows Ribbon Framework Resources

urlmon.dll

OLE32 Extension for Win32

user32.dll

Multi-User Window User API Client

wdc.dll

Performance Monitor

wfsr.dll

Windows Fax and Scan Resources

wiashext.dll

Imaging Devices Shell Folder UI

wmp.dll

Windows Media Player

wmploc.dll

Windows Media Player Resources

wpdshext.dll

Portable Devices Shell Extension

wscript.exe

JavaScript / VB Script

wsecedit.dll

Security Configuration UI Module

wucltux.dll

Windows Update Client User Experience

xpsrchvw.exe

Microsoft Office XPS Source

zipflrdr.dll

Compressed (Zipped) Folders

Saturday, June 20, 2015 10:31:58 AM (Central Standard Time, UTC-06:00)  #    Comments [0]    | 
# Wednesday, February 04, 2015

I was teaching a Configuration Manager (Config Mgr) 2012 this past week, and there was a chapter covering using Config Mgr for Software updates.  Config Mgr uses the Windows Server Update Services (WSUS) Server role to preform these updates, where the WSUS becomes a gathering point back to the Microsoft Update site and the Distribution Point for the clients to actually get the updates.  The Config Mgr Management Console is used to manage the updates rather than the WSUS console, and the policy to receive updates and schedule them comes from the Management Point and these policies are stored on the Config Mgr database, along with the status of the updates and clients, such as are they still pending the update, has the update already run, etc.  The point is, Config Mgr become the central manager for updates, and all the information about the updates are stored and readily accessible from various reports and status messages.

Still, Config Mgr requires a lot of work and knowledge, and those who are only using WSUS for updates—and have developed expertise doing so—do not readily see the benefit of switching it over to Config Mgr.

My thinking on updates has changed over the years.  Simply put, I am much less likely to manage client updates and even certain server updates.  I know all the stories about the Update From Hell—that took down everyone’s computers, destroyed their data, and broke their software.  And so testing and managing updates became the solution for most organizations.  I was there with them, agreeing and making sure no update snuck in without the Administrator Seal of Approval.  I remember ensuring the configuration of the Critical Update Notification Tool was done on every Windows 98 computer…

But things have changed over the years.  In 2000, Microsoft introduced Automated Updates, which let users get updates directly form Microsoft, and then around 2005, when they introduced Software Update Services (SUS), which let these updates be managed centrally.  WSUS cam about a year or two later.  The administrative interface went from a console to a web page to a management console, but the functions remained similar.

Another issue that affected my thinking on the management of updates was the idea of the security patch, from which Microsoft introduced categories of updates; Critical Updates, Updates, Rollups, and Service Packs.  The general reason to identify certain updates as Critical was that idea that once a white hat hacker (someone who likes looking deeply into the components of software but does not do so for any exploitation, and then helps the software writer fix the vulnerability—if such people exist, and I’ve heard many an argument on this!) discovered a security vulnerability, the vendor would work quickly to fix their software, and then make it available to all the users of that software.  Quickness counted!  Around the same time word gets to the vendor, it also gets to the black hat hacker community—and worse than that, the  “script kiddies”.  Generally speaking, script kiddies might not be as knowledgeable as the black and white hats, but love running other peoples’ scripts designed to exploit a vulnerability, and not even understand exactly what it does or how much damage it can do.   There are supposedly a lot of script kiddies, far more than the more experienced, knowledgeable hackers.   So the whole thing comes down to a matter of time.  The likelihood of a script kiddie—or even a real hacker—running the vulnerability exploit against your system is, at first small.  The patch, when available, should be run as soon as possible, because the likelihood of getting exploited goes up as more and more script kiddies learn about it and start running the scripts.  The time from being relatively safe and into the “you are today's target” has been shrinking, too.  So rigorously testing a Critical update often becomes a fool’s errand.  You could well be damaged far more waiting to run the update while testing than any test would reveal for your systems.  Just run it, get them patched with the vulnerability fix, and wait for the next one, as there will surely be a next one.

And as it turned out, this is exactly what my students were doing.  All security updates are simply done—not tested, set in a queue somewhere for further review, but just let run.

“So why not the rest?”, I asked.  “Well…  All except service packs.”  So we discussed that at length.  Most did not do it this way, but with literally tens of thousands of driver updates, software updates for applications and apps, along with the security updates already mentioned, it is just a LOT.  Sometimes it is just too much to be managed.  And that was my point.  There really is a lot of client updates collectively, in a large enterprise, and just letting them run and deal with the few, rare, or not even likely failures, might just be an easier solution.

Wednesday, February 04, 2015 6:46:14 PM (Central Standard Time, UTC-06:00)  #    Comments [0]    | 
# Saturday, January 24, 2015

There are certain maintenance functions a computer user should do to keep their data safe and the system running at peak performance.  Certain functions, such as defragmenting the hard drives, backing up data, updating the system and running virus scans should be done often.  In the past, these functions had to be run manually, and if a user forgot to do them then a lot of bad things could happen, from slow, temperamental machines to lost data and compromised systems.  To that end, Microsoft started adding these functions as tasks that would run automatically without having to bother the user.  The tasks are scheduled to run in the middle of the night when most people are sleeping.

But what if you’re not sleeping?  What if you’re on the computer using it?  These tasks can consume a lot of resources, and therefore, won’t run when you’re actively using the computer—or if they do you’ll probably notice the slow down.

We can adjust the tasks and how they run from the Task Scheduler administrative tool, so that we can pick a better time to run the task and even specify under what conditions it will run or not run.

To start the Task Scheduler (TS):

First, be logged/signed on as an administrator account, or better yet, for security’s sake, use User Account Control to run the TS.

 

For Windows 7:

1.  In the Start menu, type Task into the Search Programs and Files textbox – do not hit the enter key, as we want to see the menu of items that comes up.

2.  Right click, in the top of the context menu, Task Scheduler.

3.  Select Run as Administrator, in the context menu.  You may have to type in your administrative account credentials, if you are not logged in as an administrative account (which is a good security practice).

Note the above steps in red, on the picture below:

image

The Task Scheduler will open, and looks like this:

image

There is so much you can do with the Task Scheduler!  The three main sections shown are the console tree, Summary Pane and the Actions Pane.  These views are context sensitive, so will change as you select things.  For example, if I expand the Task Scheduler Library node in the Console tree, and then expand Microsoft, then Windows, and finally select the Defrag node, I will get a detailed overview of the particular defragmentation task, such as when it will run, and in the Actions pane, steps you can take to run it or disable it, or other functions.

image

 

So I could easily modify the time the defrag is done to when I was sleeping—if I was a night owl—to 10:00 AM.

There are too many different tasks in the Task Scheduler to go over in this blog.  Do open it up and take a look!  You’ll be glad you did.

 

dave

Saturday, January 24, 2015 11:14:02 AM (Central Standard Time, UTC-06:00)  #    Comments [0]    | 
# Thursday, November 13, 2014

With Microsoft's current Windows client operating system at Windows 8.1, and the announcement of the release next year of Windows 10, a lot of people are asking what happened to Windows 9? In fact, some wags say that the "even" releases always fail, and the 'odd" releases are always good. Hence we have, as failures, Windows ME, Vista and 8; and as successes, Windows 98, XP and 7...Well, that means we forgot about—and failed to mention--Windows 3.0 and 3.1, Windows NT Workstation, and Windows 2000 Professional... But just for grins, some people like the idea that every other Microsoft OS is a dud.

So is Microsoft trying to break that by "skipping" 9? No. It's all about poor programming...


Underneath the hood of all Windows Operating Systems is the version. You can type the command "ver" into a Command Prompt window to see the version number of your current OS. Some programs might not run on--or even be written for--an earlier operating system, so a version check before the install is allowed is always a good idea.  It is best to check not only for the version, but ensure the version check uses the greater than or equal to, and not just the equal to operator.  So this

If Ver >= 6.1

Is better than this

If Ver = 6.1

 

That way, when a HIGHER version number is released, it doesn’t refuse to install or do whatever it is doing, when it only needs to ensure a minimum version numbered OS.


However, and especially back in the days when we were moving from the DOS-based monolithic mode kernel and continuing from 16-bit into the 32-bit protected mode kernel, there was some serious issues concerning platform compatibility, so some programs had a simple OS check based on the name. The code could be simplified as the following:


If OS = Windows 9x, abort install


Well guess what? There's still code out there that does that. Maybe no one is currently writing such statements, but perhaps buried in some module, these archaic statements mean that a more modern program would refuse to install on a Windows 9 operating system, because it thinks it just might be Windows 95 or 98!  So to avoid that type of confusion, Microsoft skipped Windows 9 altogether.


And now, as Paul Harvey used to say, you know the rest of the story...

Thursday, November 13, 2014 10:41:17 AM (Central Standard Time, UTC-06:00)  #    Comments [0]    | 
# Saturday, March 22, 2014

The XP operating system is based on the Windows NT 5.0 kernel that was developed in the late 1990’s. In fact, if you do a VER command on Windows XP it lists the version as 5.1. That is NT 5.1.

While NT 4.0 was the last of that name, originally, Windows 2000, the immediate predecessor of Windows XP, was to be called Windows NT 5.0, but Bill Gates had the name changed to better sell the Y2K fixes in Windows 2000.

 

The bottom line is that the 5 kernel is VERY old in the Tech world scheme of things, and every exploit that has gotten a patch over the years makes the kernel unwieldy and extremely difficult to patch any longer. From a security standpoint, it really has reached the end of its life. Every exploit from this point onward costs a great deal to remedy, and the codes is very difficult to maintain, and Microsoft has reached the cost of diminishing returns on the ability to patch XP. That’s it. End of life.

 

Don’t blame Microsoft. Blame the attackers for continuing a war and they are always on the lookout for new exploits. Nothing made by man is unbreakable by man. You wouldn’t expect a cavalry charge with soldiers on horseback to defeat a tank army, would you? How can you expect a 14 year old operating system to be able to survive 14 years of learning the code and exploiting it that the hacker community has now had? When do you decide that that system is no longer reasonably defendable? Microsoft as a sue-able corporate entity has to take into consideration that if an exploit can destroy or compromise someone’s data or financial information they could wind up in court being sued for allowing XP to continue. And believe me, Microsoft sees frivolous and BS lawsuits all the time from greedy lawyers hoping to scavenge some ready cash form tech ignorant juries and judges. Microsoft realized this when they set about creating the 6 Kernel (Vista/Windows Server 2008/Windows 7/Windows 8/Windows Server 2012) and they actually are hard at work on the series 7 kernel.

 

I expect some folks to be pissed at Microsoft when THAT is released, but it is required in this ending war.

Saturday, March 22, 2014 7:30:22 AM (Central Standard Time, UTC-06:00)  #    Comments [0]    | 
# Tuesday, December 03, 2013

As a part time Microsoft contractor, I can tell you there are a lot of good reasons to get off of XP.

 

First of all, the kernel is based on 15 year-old technology. It is version 5, as in NT 5.0, the planned successor to Windows NT 4.0, released in 1996. The then new kernel 5 was developed in 1998/99, but Bill Gates had the release name changed from Windows NT 5.0 to Windows 2000 in mid/late 1999. The name was changed as a gimmick to lead people to believe Windows 2000 had the Y2K problem fixed. If you type “ver” into a Command Prompt on Windows 2000, it shows as Version 5.0. Ver on Windows XP is Version 5.1, and Ver on Windows Server 2003 shows as Version 5.2.

The kernel was completely redesigned in 2006 as Longhorn, and released as Windows Vista in 2007 and Windows Server 2008 in early 2008. A ver on these machines show the kernel Version of 6000, which is 6 (why the zeros? I think they wanted to emphasis the big changes, but it is kind of ridiculous).

 

So why is this important? Well, we reached the point, sometime ago actually, where the V5 kernel cannot be patched to remedy sophisticated attacks that have had 15 years of legacy and development. Continuing to use XP makes you VERY vulnerable to these types of attacks, and puts your infrastructure and data at great risk. Why assume the risk?

The V6 kernel has removed the code that allows all kinds of unauthorized take-overs of system processes and services. No doubt as years go on there will be future exploits that may get around these changes but that does not change the high vulnerability of the V5 kernel.

 

Change is change. The tricks and loops that the V5 kernel had to do in order to run on the limited 1999/2000 era hardware doesn’t have to be done any longer—hardware has turned over several generations since then. The V6 kernel, in my opinion, is getting long in the tooth, and needs a complete redesign into V7, which will come soon. I imagined everyone will hate that, too, LOL!

It’s one thing to assume a risk on your home computing environment because you do not care for the new UI, but quite another to do so in the business world. It would be, in my opinion, close to malpractice for a business IT department to want to continue running a V5 kernel. I know it is a well known practice in the business world to replace desktops every 5-7 years and servers are kept not much longer (although I’ve seen some old boxes survive due to budget cuts). Why would you want to keep 15 year-old software around? There has been so many advances since, both in hardware and software!

 

Finally, the bottom line is that Microsoft will no longer support or provide updates, security or otherwise, for Windows XP after this coming June. For them, it is not so much as business decision based on new profits but rather on liability. Lawyers of companies that may lose a lot of money from a well-known attack being successful against them, try to blame the vendor of that software for their loss, and Microsoft will not continue to be in that position.

 

Get out of XP and upgrade to the V6 kernel!

Tuesday, December 03, 2013 12:30:38 PM (Central Standard Time, UTC-06:00)  #    Comments [0]    | 
# Tuesday, October 22, 2013

I have a Sony Vaio Tap20, one of the largest tablets in the world!  Sony_TAB_20_35477655_11_620x443SONY-TAP-20

Of course, I don’t use it like those guys; it’s too big and too heavy!  I use it like this:Sony_TAB_20_35477655_01_620x433  Which makes it just another desktop.

Well, it’s more than just another desktop, really.  It come with an i7 processor, 8 GB of RAM,a 1TB hard drive, a 20-inch touch screen, Bluetooth, wired and wireless LAN, USB 3.0; a pretty nice computer, and it is portable.  The battery is heavy and only last 1-2 hours, but technically, I can unplug it and lug it around or sit it in my lap while watching TV, like the gentlemen pictured above (except it’s so heavy it leaves a red skin mark where it rested on my belly or shoulder).

So, the Tap 20 came with Windows 8 shortly after Windows 8 was released.  I bought the computer as soon as it came out in November of 2012.  I really, really like it and it has been a wonderful work-horse for me.  Given the hardware specifications above, I even use it to run the Client Hyper-V that is available with Windows 8, and while it’s barely enough RAM to run a virtual machine or two, it works well.  I would use more RAM if it could fit in, but it doesn’t.  That is truly the only thing I dislike about it.

Now Windows 8 on this machine has been an experience.  The first thing I did on the machine was upgrade to Windows 8 Pro.  I mean, really, I need all the bells and whistles, not some substandard of an operating system.  Honestly, I hate some of the default Windows 8 apps, like Mail, but still use it all the time.  I also have Office 2013 Professional, and use Outlook 2013 for my more important mail activity.  The Calendar app was showing me birthdays and other events for people I simply didn’t care enough about to be reminded, and it took me a lot of time to fix that (calendar events are coming from the Windows account, Facebook, LinkedIn, etc.).

So on Friday, 18 October 2013, I went to the Windows Store and lo and behold! There was the Windows 8.1 Pro upgrade, which I ran.post-455563-0-55698000-1367437666

It took some time, but went perfectly.

It has new functionality in the Start icon—it is still not a Start button—which suits me fine. 

windows_blue_start_button_menu

I like the concept of the Start screen, which is a Start button and menu all in one.

Several important differences after the upgrade:

1.  The screen is much, much brighter.  Too bright, almost.  The screen sits kitty-corner to me at my desk, and when I’m using the KVM’ed monitor on my servers, the glare from the right-side of the Sony Tap 20 screen causes reflections in my eyeglasses, making it hard to read my KVM’ed monitor.  I tried to turn it down, but the Tap 20 was actually on the lowest brightness setting.  In fact, turning it UP seemed to make no difference, it was just as bright.  I found that If I leave it in a white backgrounded app it is too bright, so I usually leave it in the start screen, which, with its default dark blue background, is better.  But even so, the dark blue of Windows 8.1’s start screen is several shades lighter than the dark blue background of Windows 8! So I’m thinking that the driver was updated by Sony for the 8.1 release and needs some more tweaking.  Come on, Sony, you can do it!

2.  Annoyingly, because I have my university email in the Mail app, it is now requiring me to have the screen password locked.  This shouldn’t be a problem but it happens after only 15 minutes of inactivity.  I went into the local group policy and set all the settings* to an hour and a half, but it STILL locks after 15 minutes.  Since I often spend several hours at my desk (I work mostly at home now, writing & videoing mostly) this is getting to be a real PITA.

3.  The Mail app has been slightly improved.  Not enough for me, but a few of the more nasty “features'” are gone.  I’m not sure I want the Favorite (People) folder in the tree… 

4.  My Wireless network often loses it’s connectivity on the Tap 20.  This happened before the upgrade, too, so I’m not putting this in the Windows 8.1 column, but I did hope that this would be fixed.  I think it’s part of the overall inactivity settings I can’t seem to change, but maybe not.  I have to do more research on it.

 

All in all, the upgrade went very smoothly, and I am very pleased with Windows 8.1 so far!

 

Dave

 

* clip_image001

Tuesday, October 22, 2013 8:48:21 AM (Central Standard Time, UTC-06:00)  #    Comments [0]    | 
Copyright © 2015 2008. All rights reserved.
DasBlog 'Portal' theme by Johnny Hughes.
Pick a theme: