12 January 2022

Start Menu failing to open on RDS Server

I have recently noticed an issue with some clients using RDS whereby they're not able to open up the Start Menu when signing into a Session Host.

The following Event Log was reviewed:


We noticed that this was caused by Windows Firewall rules which were left over from when users sign in and out of the Session Host.

We were able to resolved his by navigating to the following location in Regedit:

Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules

Once you're in this location, you'll see a massive amount of firewall rules in between { }.  Go through and delete all those rules, leaving only the standard Windows Firewall rules there.  

Once this is done, that issue should then resolve itself.  You may need to log off and back on, however there shouldn't be a need to restart the server.

If you still have issues with this you can create a new DWORD with the following:

DeleteUserAppContainersOnLogoff=1

Save it here: Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy

11 May 2021

Export Group Policy (GPO) to a File

 I recently needed to export a list of all GPOs within a client's environment to HTML file.  Rather than going through each one individually and exporting out, I used this simple PowerShell command to get the job done.

I create a new folder called GPOExport within C: root (C:\GPOExport), then ran the following command:

Get-GPO -all | % { Get-GPOReport -GUID $_.id -ReportType HTML -Path "C:\GPOExport\$($_.displayName).html" }

08 April 2021

Switching to the Office 365 Monthly Update Channel

 The following registry change can be made if you'd like to update Office 365 software (i.e. Word/Excel/Outlook) from Semi Annual to Monthly Channel.  This is definitely the recommended setting if you have the Office 365 subscription to ensure you're always getting the most up to date software.

Open Regedit and navigate to the following:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Configuration


Search for CDNBaseUrl 


You can simply replace the URL within the key with one of hte above, depending on what you want to set.  Once you've done this, you can re-open the Office app and search for updates.  It'll start updating. 

16 December 2020

How to install Microsoft Access Runtime 2016 Silently

 I have recently needed to install Microsoft Access Runtime 2016 silently through SCCM.

Whilst you can install the software silently, it still shows up asking to accept the EULA, so subsequently SCCM will time out as it's waiting for user input.

In order to get around this, you can do the following:

  1. Extract files using AccessRuntimeXXXXX.exe /extract:ExtractedFiles.
  2. Open Notepad and copy the following in:
    <Configuration Product="AccessRT">
    <Display Level="None" CompletionNotice="no" SuppressModal="yes" AcceptEula="yes" />
    <Logging Type="standard" Path="C:\Windows\Temp\" Template="Microsoft_Access_2016_Runtime_Setup(*).log" />
    <COMPANYNAME Value="Company Name" />
    <Setting Id="SETUP_REBOOT" Value="Never" />
    </Configuration>
  3. Save this as config.xml
  4. When you create your application within SCCM, have the command line to run it as the following
    setup.exe /config /config/xml

14 December 2020

DISM to remove Win10 Appx apps from a .WIM file

Here's a great way to remove packages from a WIM file to ensure you don't have to build and capture another image within SCCM.  

This has come about due to a client having an image, and later requiring certain apps to be removed.

Create a new folder on your server called "Mounted_Image"

Mount your WIM file to that location with the following command:

Mount-WindowsImage -ImagePath "E:\SourceFiles\CapturedWims\CAPTURE001.wim" -Index 1 -Path "c:\Mounted_image"

Now create a PS1 file with the following, which will allow you to remove the various appx packages:

$apps=@( 	
	"9E2F88E3.Twitter"
	"ClearChannelRadioDigital.iHeartRadio"
	"Flipboard.Flipboard"
	"king.com.CandyCrushSodaSaga"
	"Microsoft.3DBuilder"
	"Microsoft.BingFinance"
	"Microsoft.BingNews"
	"Microsoft.BingSports"
	"Microsoft.BingWeather"
	"Microsoft.CommsPhone"
	"Microsoft.Getstarted"
	"Microsoft.Messaging"
	"Microsoft.MicrosoftOfficeHub"
    "Microsoft.MicrosoftSolitaireCollection"
	"Microsoft.Office.OneNote"
	"Microsoft.Office.Sway"
	"Microsoft.People"
	"Microsoft.SkypeApp"
	"Microsoft.Windows.Phone"
	"Microsoft.WindowsMaps"
	"Microsoft.WindowsPhone"
	"Microsoft.WindowsSoundRecorder"
	"Microsoft.XboxApp"
	"Microsoft.ZuneMusic"
	"Microsoft.ZuneVideo"
	"microsoft.windowscommunicationsapps"
	"Microsoft.MinecraftUWP"
	"ShazamEntertainmentLtd.Shazam"	
    "Microsoft.Xbox.TCUI"
    "Microsoft.XboxGameOverlay"
    "Microsoft.XboxGamingOverlay"
    "Microsoft.XboxIdentityProvider"
    "Microsoft.XboxSpeechToTextOverlay"
    "Microsoft.StorePurchaseApp"
    "Microsoft.Wallet"
    "Microsoft.WindowsAlarms"
    "Microsoft.WindowsFeedbackHub"
    	
)

foreach ($app in $apps) {	
	Get-AppXProvisionedPackage -path C:\Mounted_Image | where DisplayName -EQ $app | Remove-AppxProvisionedPackage
    }

That'll then go through and remove the various packages from the WIM file.

You can test after this by running the following command:

Get-AppxProvisionedPackage -Path c:\Mounted_Image

Once you are done, make sure you save the WIM file and dismount with the following command:

Dismount-WindowsImage -Path c:\Mounted_Image -Save


06 November 2020

Task Sequence: Image Capture Wizard has failed with the error code (0x00004005)

 If you have this error when you try to capture a image with SCCM

Task Sequence Error:

Running: Image Capture Wizard

Description:  Task Sequence: Image Capture Wizard has failed with the error code (0x00004005).

Solution: 

To overcome this 3 SYSPREP time limitation, following are the walkaround:

1. Open REGEDIT and look for:

HKEY_LOCAL_MACHINE\SYSTEM\Setup\Status\SysprepStatus\CleanupState\

Set to value: 2

HKEY_LOCAL_MACHINE\SYSTEM\Setup\Status\SysprepStatus\GeneralizationState\

Set to value: 7

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\SoftwareProtectionPlatform\SkipRearm

Set to value: 1  

Then, run the command:

msdtc -uninstall (wait a few seconds)

msdtc -install (wait a few seconds) 

Then, reboot the system and try to run SYSPREP again.

05 June 2020

Bypass WSUS to Install Server Features | 0x800F0954

I recently needed to install some Windows Server Features on a 2019 server, but received the following error when doing so: 0x800F0954

The server was trying to pull its updates from WSUS, which was obviously failing.  In order to get around this, you need to change the Registry:

Open Regedit and go to the following location:
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
I found that I needed to create the WindowsUpdate then the AU key as they didn't exist.

Create a new DWORD called UseWUServer



Reboot the server and then you should be able to install the relevant features.