The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,888 other followers

Archive for the ‘Windows’ Category

xrdp

Posted by jpluimers on 2020/04/06

I totally missed this the last 5 years. Where have I been (:

[WayBack] xrdp: An open source remote desktop protocol(rdp) server.

It runs on top of either Xvnc (which I have used) or X11rdp and should be usable with any RDP client (like the excellent Microsoft RDP for Mac OS X).

Related

Via:

–jeroen

Posted in *nix, *nix-tools, Power User, Remote Desktop Protocol/MSTSC/Terminal Services, VNC, Windows | Leave a Comment »

ODCB settings in the Windows registry on 32 and 64 bit windows

Posted by jpluimers on 2020/03/27

  • While 32-bit applications can run on 64-bit machines, they cannot use 64-bit ODBC drivers. A 64-bit application must use a 64-bit ODBC driver, and a 32-bit application must use a 32-bit ODBC driver.
  • ODBC.INI registry paths for the various permutations:
    • User DSNs for for 64-bit and 32-bit applications
      • HKEY_CURRENT_USER\Software\ODBC\ODBC.INI
    • System DSNs for 64-bit applications on 64-bit Windows and 32-bit applications on 32-bit Windows
      • HKEY_LOCAL_MACHINE\SOFTWARE\ODBC\ODBC.INI 
    • System DSNs for 32-bit applications on 64-bit Windows
      • HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\ODBC\ODBC.INI

Via: [WayBack] Windows registry on 32 and 64 bit windows, which also explains ODBCINST.INI to define drivers.

–jeroen

Posted in Database Development, Development, ODBC, Power User, Windows | Leave a Comment »

Chocolatey and TLS since early 2020

Posted by jpluimers on 2020/03/19

I was upgrading a few older systems that had been off-line for quite a while.

When installing Chocolatey, I bumped into this error:

C:\bin>"%SystemRoot%\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -InputFormat None -ExecutionPolicy Bypass -Command "iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))" && SET "PATH=%PATH%;%ALLUSERSPROFILE%\chocolatey\bin"
Exception calling "DownloadString" with "1" argument(s): "The request was aborted: Could not create SSL/TLS secure channel."
At line:1 char:1
+ iex ((New-Object System.Net.WebClient).DownloadString('https://chocol ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
    + FullyQualifiedErrorId : WebException

So I tried [WayBack] chocolatey “The request was aborted: Could not create SSL/TLS secure channel.” – Google Search

Results indicated TLS 1.1 support was removed early February 2020 from Chocolatey because of security reasons, which impacts the installation on older systems:

Note [WayBack] Chocolatey install Error: The request was aborted: Could not create SSL/TLS secure channel – Stack Overflow with a temporary workaround for Microsoft Windows Server 2016:

Looks like the security protocol changed:

Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))

–jeroen

Posted in Chocolatey, Power User, Windows, Windows 10, Windows 7, Windows 8, Windows 8.1, Windows Server 2016 | Leave a Comment »

Why you should not use localised operaring system versions

Posted by jpluimers on 2020/02/10

Using localised operating system versions means you have a really hard time finding the cause of an error.

In my case, a net share command gave me a Dutch “Systeemfout 1332.” “Er is geen toewijzing uitgevoerd tussen accountnamen en beveiligings-id’s.”.

Obviously searching for “net share” “Systeemfout 1332.” and “net share” “Er is geen toewijzing uitgevoerd tussen accountnamen en beveiligings-id’s.” delivered nothing, as a did shorter “net share” “Er is geen toewijzing uitgevoerd” only found [WayBack] Welkom bij ronald.repareert.com ….. sites door vrienden en kennissen which got me the error code 1332:

[WayBack] Error code 1332: No mapping between account names and security IDs was done.

This allowed me to search for “net share” “No mapping between account names and security IDs was done.” which did return some meaningful results:

The command I used was this:

mkdir D:\tmp$
net share tmp$=D:\tmp /unlimited /grant:everyone,full

The adding factor was that this was done on a machine inside a domain.

Since there was no group everyone inside the domain, it could not be bound to a SID.

Replacing the last command with net share vincent$=D:\Vincent$ /unlimited /grant:.\everyone,full or  net share vincent$=D:\Vincent$ /unlimited /grant:.\users,full dit get the same error.

But this succeeded, as gebruikers is the Dutch translation for users:

net share vincent$=D:\Vincent$ /unlimited /grant:.\gebruikers,full

So in the end:

  • use localised group names
  • be careful with group names not existing in the domain

If you wonder why I started with everyone in the first place: [WayBack] The Difference Between Everyone and Authenticated Users

In this case, the group .\everyone did not exist, not even in a translated fashion iedereen. The command net localgroup gives you an overview of existing local groups on the machine:

C:\WINDOWS\system32>net localgroup

Aliassen voor \\MYPCINDOMAIN

-------------------------------------------------------------------------------
*Administrators
*Apparaateigenaars
*Back-upoperators
*Cryptografie-operators
*DCOM-gebruikers
*Externe bureaubladgebruikers
*Gasten
*Gebruikers
*Gebruikers van extern beheer
*Hoofdgebruikers
*Hyper-V-administrators
*IIS_IUSRS
*Lezers van gebeurtenislogboeken
*Netwerkconfiguratieoperators
*Ondersteuningsoperators voor toegangsbeheer
*Prestatielogboekgebruikers
*Prestatiemetergebruikers
*Replicatie
*System Managed Accounts Group
De opdracht is voltooid.

I am still not sure why group iedereen does not exist, as I expected that to be there: [WayBack] Windows Built-in Users and Default Groups – Windows CMD – SS64.com.

It might have to do with newer Windows versions not supporting it (this machine was Windows 10, and it looks like Windows Server 2012 also has a problem: [WayBack] An error occurs while sharing folder on WS 2012 with net share command).

–jeroen

Posted in Power User, Windows | Leave a Comment »

Fixing “one or more critical volumes is not having enough free space” also known as 0x81000033 during Windows backup

Posted by jpluimers on 2020/02/03

If you get this error:

Backup and Restore failed and you receive the following error message: The backup did not complete successfully. Check your backup: Windows Backup skipped backing up system image because one or more critical volumes is not having enough free space.

then you are dealing with error 0x81000033 which usually means your SYSTEM RESERVED partition is full, but might happen on other volumes you are backing up as well.

Windows tries to trick your mind, as the error actually indicates the disk you make your backup to, but in fact it is about one or more of the disks you are backing up.

Most often, this is the hidden partition SYSTEM RESERVED (sometimes called System Reserved):

The SYSTEM RESERVED partition (~100 megabyte on systems originally installed with Windows < 8 and ~350 megabyte afterwards) contains files relating to boot, recovery and BitLocker drive encryption. You find more information about it here:

The minimum free size for volumes when using Windows backup are these:

  • volumes less than 500 megabytes: 50 megabytes free space
  • between 500 megabytes and 1 gigabytes: 320 megabytes of free space
  • more than 1 gigabytes: at least 1 gigabyte of free space

That was indeed the case on my disk:

Freeing space on the System Reserved volume

A quick search for 0x81000033 reveals space issues usually are about the USN Journal which you can configuring using fsutil.

Even though the documentation doesn’t tell, fsutil accepts not just a drive letter as VolumePath, but also a VolumeName. [WayBack] 1_multipart_xF8FF_3_WolfC07.pdf (Chapter 7 of “Troubleshooting Microsoft Technologies: The Ultimate Administrator’s Repair Manual“) gets that right:

volumepath … specify the path to a logical volume (drive letter, mount path, volume name).

So you do not need a drive letter to disable the USN journal, the volumename suffices.

This volume name is the unique NTFS identification for a volume: [WayBack] NTFS Curiosities (part 2): Volumes, volume names and mount points – Antimail

You can find the volume name inside PowerShell by using Get-Volume | Format-List, then on an administrative command prompt running this:

fsutil usn deletejournal /D \\?\Volume{b41b0670-0000-0000-00e8-0e8004000000}\

In my case this wasn’t enough, so I had to assign a drive letter to see that there was a snapshots directory in the root:

Deleting that directory solved the problem.

Related articles:

–jeroen

Read the rest of this entry »

Posted in Power User, Windows, Windows 10, Windows 7, Windows 8, Windows 8.1 | Leave a Comment »

 
%d bloggers like this: