The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

    Mastodon

  • Twitter Updates

  • My Flickr Stream

    20140508-Delphi-2007--Project-Options--Cannot-Edit-Application-Title-HelpFile-Icon-Theming20140430-Fiddler-Filter-Actions-Button-Run-Filterset-now20140424-VMware-Fusion-6.0.3.-no-reclaimable
    More Photos

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,854 other subscribers

Archive for the ‘Windows’ Category

« Previous Entries
Next Entries »

Searching for Windows shutdown messages in the event log

Posted by jpluimers on 2018/02/21

Searching for shutdown isn’t enough as frequent WAS messages also contain that search string.

Searching for shutdown of will work as they match both these:

The process C:\Windows\system32\shutdown.exe (COMPUTERNAME) has initiated the shutdown of computer COMPUTERNAME on behalf of user COUNTERS\Administrator for the following reason: No title for this reason could be found
Reason Code: 0x800000ff
Shutdown Type: shutdown
Comment: 

and

The reason supplied by user DOMAIN\Username for the last unexpected shutdown of this computer is: Other (Unplanned)
Reason Code: 0xa000000
Problem ID: ######
Bugcheck String:
Comment: VM host failure

–jeroen

Posted in Power User, Windows, Windows Server 2008 | Leave a Comment »

Cleaning up a huge “Console.log” file on SBS 2008

Posted by jpluimers on 2018/02/19

You might think the Console.log belongs Console.exe. That’s right, but that’s a different thing than the Windows Command prompt that many people call console, but is in fact C:\Windows\System32\cmd.exe on a default Windows installation.

C:\Program Files\Windows Small Business Server\Logs>dir console.log

It belongs to the SBS 2008 console which you can access using the https://sbs2008serverIP/remote (for more details, read [WayBackAccessing Windows SBS Console) and is served by:

C:\Program Files\Windows Small Business Server\Bin\console.exe

It is started when any user logs on (which is sort of odd) and never log-rotates the log file but keeps the log file locked when the process executes.

So the only way to get rid of a really big console.log file is this:

  1. Terminate console.exe in the Task Scheduler (taskschd.msc)
  2. Move away the old C:\Program Files\Windows Small Business Server\Logs>dir console.log file
  3. Start console.exe in the Task Scheduler or logoff/logon

Further reading:

–jeroen

Read the rest of this entry »

Posted in Power User, Windows, Windows Server 2008 | Leave a Comment »

Cleaning up a huge “DataServiceComponents.log” file on SBS 2008

Posted by jpluimers on 2018/02/19

When cleaning out an old SBS 2008 Servers, I saw a huge “DataServiceComponents.log” file. [WayBackSBS 2008 disk space and the DataServiceComponents.log file – Oxford SBS Guy indicated how to clean it up and pointed to [WayBackRecovering Disk Space on the C: Drive in Small Business Server 2008 | The Windows Server Essentials and Small Business Server Blog.

Both posts have the problem that many backslashes missing in the the various paths.

So this is how I cleaned the DataServiceComponents.log file using an UAC command prompt:

C:\Program Files\Windows Small Business Server\Logs\MonitoringServiceLogs
net stop DataCollectorSvc
"C:\Program Files\7-Zip\7z.exe" a -t7z -m0=lzma2 -mx=9 -aoa -mfb=64 -md=32m -ms=on -sdel DataServiceComponents-backup.7z DataServiceComponents.log
net start DataCollectorSvc

Note that DataCollectorSvc is the shorthand for the Windows SBS Manager service.

–jeroen

Posted in Power User, Windows, Windows Server 2008 | Leave a Comment »

Changing the network from public -> private in Windows 10 is way to convoluted (works for 8.1, 8 and 7 too)

Posted by jpluimers on 2018/02/05

I often wonder why do they make changing the network location more difficult in each Windows version.

Anyway: for Windows 10, the secpol.msc way still works even though by default you now need to use a command prompt or the Windows-R key-combo to start it as typing it in the “Ask me Anything” search often gets you to bing (the search is too slow to figure out it is available locally even if you’re running a machine with SSD).

So from [WayBackTop 10: Windows Firewall Netsh Commands (via: Windows Server content from Windows IT Pro), this still works in Windows 10:

a secpol.msc way that is easy:

  1. Press Win+R, then type secpol.msc
  2. Click on “Network List Manager Policies”
  3. Double-click on your network
  4. Optionally give your network another name
  5. Click on “Tab Network Location”
  6. Set “Location Type” to “Private”

Go back to Network and Sharing Center to check the result.

In Windows 10 there are half a dozen other ways: [WayBackNetwork Location – Set to Private or Public in Windows 10 – Windows 10 Tutorials

  • Option One: To Change a Network Location in Settings app
  • Option Two: To Change a Network Location in Registry Editor
  • Option Three: To Change a Network Location Local Security Policy
  • Option Four: To Change a Network Location in PowerShell
  • Option Five: To Change Network Location of Current Network Connection in PowerShell
  • Option Six: To Change Network Location of Current Network Connection using a VBS file

I like this PowerShell script too via [WayBacknetworking – How do I force Windows 10 to see a network as private? – Super User:

## Change NetWorkConnection Category to Private
#Requires -RunasAdministrator

Get-NetConnectionProfile |
  Where{ $_.NetWorkCategory -ne 'Private'} |
  ForEach {
    $_
    $_|Set-NetConnectionProfile -NetWorkCategory Private -Confirm
  }

–jeroen

 

Posted in Power User, Windows, Windows 10, Windows 7, Windows 8, Windows 8.1 | Leave a Comment »

Finding out when your domain password will expire :: Active Directory :: Admin Tips :: Windows 7 :: Windows Server 2012/2008/2003/2000/XP/NT Administrator Knowledge Base :: KBase Tips :: WindowsNetworking.com

Posted by jpluimers on 2018/02/02

Here’s how you can find out when your domain password will expire.

net user %USERNAME% /domain

It figures this out for the current logon domain (so it doesn’t work cross-domain) but it is a great help, especially when filtering out just the password information:

net user %USERNAME% /domain | findstr "Password"

This can be done in a more complex way with dsquery or adinfo that are tools to query

Read the rest of this entry »

Posted in Power User, Windows, Windows 10, Windows 7, Windows 8, Windows 8.1, Windows 9, Windows Server 2000, Windows Server 2003, Windows Server 2003 R2, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, Windows Vista, Windows XP | Leave a Comment »

Proxmox with Windows VMs and backups: why you want qemu-agent and how to install it

Posted by jpluimers on 2018/01/26

When running Windows VMs on Proxmox and you want to make snapshot backups you really want to run the qemu-agent inside the Windows VMs.

First of all you really want snapshot mode backups as of all backup modes they have the least downtime. By default they have a small inconsistency risk, but on Windows that can be alleviated by running qemu-agent as described in [WayBackBackup and Restore – Proxmox VE: Backup Modes

More on snapshot backup mode

Backup modes for VMs:

snapshot mode
This mode provides the lowest operation downtime, at the cost of a small inconstancy risk. It works by performing a Proxmox VE live backup, in which data blocks are copied while the VM is running. If the guest agent is enabled (agent: 1) and running, it calls guest-fsfreeze-freeze and guest-fsfreeze-thaw to improve consistency.

A technical overview of the Proxmox VE live backup for QemuServer can be found online here (https://git.proxmox.com/?p=pve-qemu-kvm.git;a=blob;f=backup.txt -> https://git.proxmox.com/?p=pve-qemu-kvm.git;a=blob;f=vma_spec.txt;).

Proxmox VE live backup provides snapshot-like semantics on any storage type. It does not require that the underlying storage supports snapshots.

On Windows the trick is that qemu-agent can use VSS to get a frozen state of the filesystem as described in [WayBackQemu-guest-agent – Proxmox VE:

In Proxmox VE, the qemu-guest-agent is used for mainly two things:

  1. To properly shutdown the guest, instead of relying on ACPI commands or windows policies
  2. To freeze the guest file system when making a backup (on windows, use the volume shadow copy service VSS).

So: installing qemu-agent.

Start with the VM options

Start with the VM options

Don’t make the mistake to start at [WayBackQemu-guest-agent – Proxmox VE: Installation; guest; Windows as it will give you a hard time. Always use the full [WayBackQemu-guest-agent Installation steps beginning at the[WayBackHost; these steps worked for me:

  1. Download a recent set of [WayBackWindows VirtIO Drivers – Proxmox VE
  2. Ensure the ISO image is in /var/lib/vz/template/iso on the Proxmox host so they show up as local:iso for mounting.
  3. Shutdown the Windows VM
  4. [WayBackQemu-guest-agent – Proxmox VE: Host; enable guest for VM: on the “Options” page for a VM, ensure the “Qemu Agent” setting is set to “yes”  
    • This will add a PCI serial device to your computer that Windows – after a fresh boot – sees as “PCI Simple Communications Controller”
  5. Mount the ISO image to a CD/DVD drive 
  6. Boot the Windows VM
  7. Start Device Manager (devmgmt.msc)
  8. In the Device Manager, observe a new device “PCI Simple Communications Controller” that doesn’t have drivers installed yet 
  9. Right click the”PCI Simple Communications Controller” device and select “Update Driver Software…” 
  10. Indicate you want to browser for the files (as opposed of Windows finding them on-line: they’re not on-line): 
  11. On the CD/DVD drive letter you mounted the ISO image to, select D:\vioserial\[OS-Version]\ where OS-Version is your Windows Version and ensure “Include subfolder” has a checkmark so it will find the Win32 or Win64 drivers depending on your processor architecture.
    • I used D:\vioserial\w7  
  12. Finish the driver installation 
  13. Observe it now has a driver installed
     
  14. From D:\guest-agent install either qemu-ga-x64.msi for Win64 or qemu-ga-x86.msi for Win32.
  15. During installation, confirm the UAC prompt for sofware by Red Hat, Inc.
  16. Start the Service Manager (services.msc) and execute from any command promt the following statments to verify the check if these services are running: 
  17. Now reboot the VM, logon and start the Service Manager again; now it should look like this 

Note you can obtain the same information from the console by executing these commands.

  • sc queryex "QEMU-GA"
  • sc queryex "QEMU Guest Agent VSS Provider"

Before the reboot, they should show output like this:

C:\Windows\system32>sc queryex "QEMU-GA"

SERVICE_NAME: QEMU-GA
        TYPE               : 10  WIN32_OWN_PROCESS
        STATE              : 4  RUNNING
                                (STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
        WIN32_EXIT_CODE    : 0  (0x0)
        SERVICE_EXIT_CODE  : 0  (0x0)
        CHECKPOINT         : 0x0
        WAIT_HINT          : 0x0
        PID                : 4444
        FLAGS              :

C:\Windows\system32>sc queryex "QEMU Guest Agent VSS Provider"

SERVICE_NAME: QEMU Guest Agent VSS Provider
        TYPE               : 10  WIN32_OWN_PROCESS
        STATE              : 1  STOPPED
        WIN32_EXIT_CODE    : 0  (0x0)
        SERVICE_EXIT_CODE  : 0  (0x0)
        CHECKPOINT         : 0x0
        WAIT_HINT          : 0x0
        PID                : 0
        FLAGS              :

After reboot it should have become this:

C:\Windows\system32>sc queryex "QEMU-GA"

SERVICE_NAME: QEMU-GA
        TYPE               : 10  WIN32_OWN_PROCESS
        STATE              : 4  RUNNING
                                (STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
        WIN32_EXIT_CODE    : 0  (0x0)
        SERVICE_EXIT_CODE  : 0  (0x0)
        CHECKPOINT         : 0x0
        WAIT_HINT          : 0x0
        PID                : 1680
        FLAGS              :

C:\Windows\system32>sc queryex "QEMU Guest Agent VSS Provider"

SERVICE_NAME: QEMU Guest Agent VSS Provider
        TYPE               : 10  WIN32_OWN_PROCESS
        STATE              : 4  RUNNING
                                (STOPPABLE, PAUSABLE, IGNORES_SHUTDOWN)
        WIN32_EXIT_CODE    : 0  (0x0)
        SERVICE_EXIT_CODE  : 0  (0x0)
        CHECKPOINT         : 0x0
        WAIT_HINT          : 0x0
        PID                : 1624
        FLAGS              :

Verification

Verifying the qemu-agent is reachable from the Proxmox host:

  1. Note the VM ID of the VM as #
  2. Reboot the VM (for instance by typing this on the command prompt: shutdown -r -t 0)
    • I’m not sure this step is needed under all circumstances; if the below steps don’t work then you definitely need it.
  3. Verify the Proxmox host can communicate with the qemu-agent on the VM:
    On the Proxmox host, start a terminal session, then type these commands where # is the ID of the VM (I’ve used 112 as an example here):

# socat /var/run/qemu-server/112.qga -
{"execute":"guest-sync", "arguments":{"id":1234}}

It should get you this result:

{"return": 1234}

Note there’s all sorts of nice stuff you can do with socat /var/run/qemu-server so maybe I’ll put more about it in a future blog post.

–jeroen

Some more links with background information:

Easiest is to download the ISO image to /var/lib/vz/template/iso on the Proxmox host so they show up as local:iso for mounting.

Easiest is to download the ISO image to /var/lib/vz/template/iso on the Proxmox host so they show up as local:iso for mounting.

Posted in Power User, Proxmox, Virtualization, Windows | Leave a Comment »

How can I reset a PC if I forgot the administrator password? – The Old New Thing

Posted by jpluimers on 2018/01/22

What I reboot three times is true.

[WayBackHow can I reset a PC if I forgot the administrator password? – The Old New Thing:

There is an emergency reset button that you can activate like this:

  • Turn off the computer.
  • Turn on the computer, but while it is booting, turn off the power.
  • Turn on the computer, but while it is booting, turn off the power.
  • Turn on the computer, but while it is booting, turn off the power.
  • Turn on the computer and wait.

After three failed reboot attempts, Windows goes into recovery mode and one of the options there is to reset the computer. One of the reasons for that option is to address this specific problem of finding an old machine that you forgot the password to, and you want to just reset the PC and start over clean.

–jeroen

Posted in Development, Power User, Software Development, The Old New Thing, Windows, Windows Development | Leave a Comment »

Microsoft guided walk through to Fix Windows Update errors

Posted by jpluimers on 2018/01/19

This one helped me to fix a 0x80243004 error: somehow the virtual network adapter didn’t work well and a reboot worked.

Use our guided walk through to help you resolve Windows Update issues using the error code you got while updating your version of Windows.

Source: Fix Windows Update errors

–jeroen

Posted in Power User, Windows, Windows 7 | Leave a Comment »

Provisioning Windows 7 test VMs with know users/passwords

Posted by jpluimers on 2018/01/16

The proxmox side

In Proxmox, ensure you have a named backup of your machine that starts with vzdump-qemu like this:

vzdump-qemu-Win7Sp1UK.vma.lzo

That way, Proxmox knows that it can restore from it.

Don’t forget to assign a new MAC address to the network adapter so it’s unique on the network.

The Windows side

I wanted to provision this with two test accounts: one regular and one with administrator access.

The latter needs to be added to the Administrators group using [WayBacknet localgroup.

Both need passwords that (for now) never expire. This is where [WayBacknet user add fails: even if you set the correct flag, it won’t be reflected, so you need WMIC UserAccount for that.

These two posts helped me a lot with the below batch file fragment:

After restoring, run a batch file like this with an UAC token:

  call :addUser regularTestUser regularTestPassword
  net localgroup "Remote Desktop Users" "regularTestUser" /add
  call :addUser administratorTestUser administratorTestPassword
  :: https://superuser.com/questions/515175/create-admin-user-from-command-line
  net localgroup administrators administratorTestUser /add
  goto :eof
:addUser
  :: https://superuser.com/questions/515175/create-admin-user-from-command-line
  net user /expires:never /add %1 %2 /expires:never
  :: https://serverfault.com/questions/710964/accounts-suddenly-expiring-when-created-with-net-user-add-expiresnever
  WMIC UserAccount where "Name='%1'" set PasswordExpires=FALSE
  goto :eof

The Remote Desktop Users tip is from [WayBackEnable remote desktop from command line (CMD) but that post has “beautified” double quotes in them, so net localgroup by default complains it cannot find the group. The code above should have regular quotes.

Finally the computer needs a new name. Again WMIC to the rescue here as Windows 7 only comes with PowerShell 2.0 which cannot rename a computer.

Again with a UAC token, execute something like this:

WMIC ComputerSystem where Name="%COMPUTERNAME%" call Rename Name=INNOSETUPTEST
%windir%\System32\shutdown.exe -r

This last tip was via [WayBackwindows 7 – Renaming computers via command prompt – Super User.

–jeroen

Posted in Power User, Proxmox, Virtualization, Windows, Windows 7 | Leave a Comment »

Proxmox – recovering a Windows 7 machine having “Missing operating system”

Posted by jpluimers on 2018/01/12

This is not what you like when you reboot a VM in Proxmox:

Booting from Hard disk...
Missing operating system

Booting from Hard disk... Missing operating system

Booting from Hard disk… Missing operating system

This case was a Windows 7 UK Professional x64 SP1 virtual machine.

Luckily the ISO is at https://archive.org/download/en_windows_7_professional_with_sp1_x64_dvd_u_676939_201606/en_windows_7_professional_with_sp1_x64_dvd_u_676939.iso via https://archive.org/details/en_windows_7_professional_with_sp1_x64_dvd_u_676939_201606 (later I found out I had the image in my backup vault as well).

I put that one in /var/lib/vz/template/iso so proxmox will automagically provide it in the local storage of iso images.

Now for some screenshots some based on what I learned at [Archive.isHow to use System Recovery Options for repairing Windows Vista or 7 installations:

Read the rest of this entry »

Posted in Power User, Proxmox, Virtualization, Windows, Windows 7 | Leave a Comment »

« Previous Entries
Next Entries »