The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

    Mastodon

  • Twitter Updates

  • My Flickr Stream

    20140508-Delphi-2007--Project-Options--Cannot-Edit-Application-Title-HelpFile-Icon-Theming20140430-Fiddler-Filter-Actions-Button-Run-Filterset-now20140424-VMware-Fusion-6.0.3.-no-reclaimable
    More Photos

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,862 other subscribers

Archive for the ‘Windows 7’ Category

« Previous Entries
Next Entries »

Use the System File Checker tool to repair missing or corrupted system files

Posted by jpluimers on 2021/09/30

[WayBack] Use the System File Checker tool to repair missing or corrupted system files:

Read the rest of this entry »

Posted in Development, Power User, Software Development, Windows, Windows 10, Windows 7, Windows 8, Windows 8.1, Windows Development | Leave a Comment »

Digging Through Event Log Hell (finding user logon & logoff) – Ars Technica OpenForum

Posted by jpluimers on 2021/08/31

This helped me big time finding failed logon attempts: [WayBack] Event Log Hell (finding user logon & logoff) – Ars Technica OpenForum

Alternatively, you can use the XPath query mechanism included in the Windows 7 event viewer. In the event viewer, select “Filter Current Log…”, choose the XML tab, tick “Edit query manually”, then copy the following to the textbox:

Code:
<QueryList>
  <Query Id="0" Path="Security">
    <Select Path="Security">*[System[EventID=4624] and EventData[Data[@Name='TargetUserName'] = 'USERNAME']]</Select>
  </Query>
</QueryList>

This selects all events from the Security log with EventID 4624 where the EventData contains a Data node with a Name value of TargetUserName that is equal to USERNAME. Remember to replace USERNAME with the name of the user you’re looking for.

If you need to be even more specific, you can use additional XPath querying – have a look at the detail view of an event and select the XML view to see the data that you are querying into.

Thanks user Hamstro!

Notes:

Related:

–jeroen

Posted in Development, Microsoft Surface on Windows 7, Power User, Software Development, Windows, Windows 10, Windows 7, Windows 8, Windows 8.1, Windows 9, Windows Vista, Windows XP, XML/XSD | Leave a Comment »

The Windows key has no Unicode equivalent, so use ⊞ like Wikipedia and many others do

Posted by jpluimers on 2021/08/23

lFor Mac keyboard keys, almost all (except the old solid and open Apple logo’s) have a Unicode code point, see for instance the modifier keys from the [WayBack] List of Mac/Apple keyboard symbols · GitHub (the “Alt” column has a solid Apple logo in the bottom right; on non-Mac systems it will look differently as it is in the Unicode private range: [WayBack] Unicode Character ” (U+F8FF): ‘<Private Use, Last>’):

Sym Key Alt
Control
Option
Shift
Command

These are the code points for the “Sym” column:

Keys on many platforms

Read the rest of this entry »

Posted in Microsoft Surface on Windows 7, Power User, Windows, Windows 10, Windows 7, Windows 8, Windows 8.1, Windows 95, Windows 98, Windows NT, Windows Server 2000, Windows Server 2003, Windows Server 2003 R2, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, Windows Vista, Windows XP | 1 Comment »

The continued Windows PrintNightmare saga: no more printer Plug&Play for end-users on Windows

Posted by jpluimers on 2021/08/12

It was fun while it lasted, and puts other operating systems at an advantage.

[Wayback] Jeroen Wiert Pluimers on Twitter: “Bye bye printer Plug & Play on Windows for end-users: … Though MacOS has its share of printer driving issues (like only printing monochrome to colour printers), this is a serious step back on Windows compared to MacOS.”

More on the MacOS printer woes in a later blog post.

Web related:

Twitter related:

–jeroen

Read the rest of this entry »

Posted in Hardware, Power User, Printer drivers, Printers, Windows, Windows 10, Windows 7, Windows 8, Windows 8.1 | Leave a Comment »

How to turn on automatic logon in Windows

Posted by jpluimers on 2021/08/09

[WayBack] How to turn on automatic logon in Windows

Describes how to turn on the automatic logon feature in Windows by editing the registry.

Most archivals of the above post fail with a 404-error after briefly flashing the content, but this particular one usually succeeds displaying.

It is slightly different from the one referenced in my blog post automatic logon in Windows 2003, and because of the archival issues, I have quoted most of it below.

A few observations, at least in Windows 10 and 8.1:

  • Major Windows 10 upgrades will disable the autologon: after each major upgrade, you have to re-apply the registry patches.
  • If the user has a blank password, you can remove the DefaultPassword value.
    • Empty passwords allow local logon (no network logon or remote desktop logon), no network access and no RunAs, which can actually help improve security. More on that in a later blog post
  • For a local machine logon, you do not need the DefaultDomainName value either (despite many posts insisting you need them), but you can technically set it to the computer name using reg add "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v DefaultDomainName /t REG_SZ /d %ComputerName% /f
  • If another user logs on and off, the values keep preserved, so after a reboot, the correct user automatically logs on
  • you need a full reboot cycle for this to take effect
  • The AutoLogon tool does not allow blank passwords

I wrote a batch file enable-autologon-for-user-parameter.bat that makes it easier:

if [%1] == [] goto :help

:enable
  reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v AutoAdminLogon /t REG_SZ /d 1 /f
:setUserName
  reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v DefaultUserName /t REG_SZ /d %1 /f
:removePasswordIfItExists
  reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v DefaultPassword /f
if [%2] == [] goto :eof
:setPassword
  reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v DefaultPassword /t REG_SZ /d %2 /f  
  goto :eof

:help
  echo Syntax:
  echo   %0 username password

The article quote:

Read the rest of this entry »

Posted in Batch-Files, Development, Microsoft Surface on Windows 7, Power User, Scripting, Software Development, Windows, Windows 10, Windows 7, Windows 8, Windows 8.1, Windows 9, Windows Server 2003, Windows Server 2003 R2, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, Windows Vista, Windows XP | Leave a Comment »

Custom Resolution Utility (CRU)

Posted by jpluimers on 2021/07/16

This tool can help resetting monitor/display configurations for when your machines gets out of suspend/sleep/shutdown mode and resets the displays to wrong defaults (especially wrong scaling).

Documentation and download: [WayBack] Custom Resolution Utility (CRU)

Custom Resolution Utility (CRU) allows custom resolutions to be defined for both AMD/ATI and NVIDIA GPUs by creating EDID overrides directly in the registry without dealing with .inf files. Download:

Note the requirements:

Old version at [WayBack] GitHub – radamar/Custom-Resolution-Utility-ToastyX: Custom Resolution Utility for Windows by ToastyX, duplicated so the source won’t be lost..

Short instructions (but be sure to read the long ones above as well) slightly rephrased for readability:

  1. For each monitor
    1. Disable all of the default “Established Resolutions”
    2. Delete all of the default “Detailed Resolutions”
    3. Delete all of the default “Standard Resolutions”
    4. Add a new “Detailed Resolution”
    5. Under new “Detailed Resolution” I left all of the settings the same except for the active horizontal and vertical pixel dimensions, which is obviously where you set your desired screen resolution.
  2. Once all monitors are configured properly, close CRU and run the restart.exe or restart64.exe included with CRU and you should be good to go!

Read the rest of this entry »

Posted in Power User, Windows, Windows 10, Windows 7, Windows 8, Windows 8.1, Windows Vista | Leave a Comment »

VMware VMRC: connect to a remote console without the vSphere Client

Posted by jpluimers on 2021/06/21

Interesting tool: https://www.vmware.com/go/download-vmrc.

Back when scheduling this post in 2019, this was the most recent version: [WayBack] Download VMware vSphere: Download VMware Remote Console 10.0.4

From [WayBack] ovf – How to connect ESXi vm console from ESXi host console – Stack Overflow:

Example of vmrc.exe command :

"C:\Program Files (x86)\VMware\VMware Remote Console\vmrc.exe" vmrc://<ESXi host username>@<ESXi host IP>/?moid=<VM ID>

Basically it uses the vmrc scheme to start a connection to the remote screen for a specific MoRef ID. On ESXi, this is actually the VM ID that you get from vim-cmd vmsvc/getallvms. In that sense this is very similar to getting a single screenshot for the VM from the ESXi host by using the https://%5BHOST%5D:%5BPORT%5D/?id=%5BVM-MOREF%5D like described in ESXi and VMware Workstation: quick way of getting Console screenshots in PNG format; some URLs on your ESXi machine.

 

In MacOS, starting VMware Remote Console is slightly different as you have to start it through a URI using using the vmrc scheme from either a browser or with the open command on the console.

The reason is that there is no vmrc binary on MacOS.

  • [WayBack] Using VMware’s Standalone Remote Console for OS X with free ESXi | Der Flounder:

    vmrc://@[HOST]:[PORT]/?moid=[VM-MOREF]

    • HOST = the hostname or IP address of the ESXi server
    • PORT = the HTTPS port of the ESXi server, which is usually 443

    open 'vmrc://@server_name_here:port_number_here/?moid=vmid_number_here'

  • [WayBack] Standalone VMRC now available for Mac OS X:

    just provide the following URI which will prompt for your ESXi credentials

    vmrc://@[HOST]:[PORT]/?moid=[VM-MOREF]

    Once you have generated the VMRC URI, you MUST launch it through a web browser as that is how it is passed directly to the Standalone VMRC application. In my opinion, this is not ideal especially for customers who wish to automatically generate this as part of a VM provisioning workflow to their end users and not having to require a browser to launch the Standalone VMRC application. If you have some feedback on this, please do leave a comment.

    In the mean time, a quick workaround is to use the “open” command on Mac OS X along with the VMRC URI which will automatically load it into your default browser and launch the Standalone VMRC application for you.

    open 'vmrc://@192.168.1.60:443/?moid=vm-18'

On one of my test systems, for VMID 3 (see below), this comes down to this:

open 'vmrc://@192.168.71.94:443/?moid=3'

Note you have to accept the ESXi self generated TLS certificate once on MacOS:

After this, these processes were started (note there is no vmrc like on Windows):

± ps -ax | grep -i "\(vmware\|vmrc\)"
65239 ?? 0:04.15 /Applications/VMware Remote Console.app/Contents/MacOS/VMware Remote Console
65343 ?? 0:00.01 /Applications/VMware Remote Console.app/Contents/Library/services/VMRC Services 3 4
65360 ?? 0:00.16 /Applications/VMware Remote Console.app/Contents/Library/vmware-usbarbitrator
65363 ?? 0:00.01 /Applications/VMware Remote Console.app/Contents/Library/services/VMware USB Arbitrator Service 3 4
65393 ?? 0:01.29 /Applications/VMware Remote Console.app/Contents/Library/vmware-remotemks -@ vmdbPipeHandle=42; vm=_7FD2A461E8E0_3; gui=true -H 44 -R -P 2 -# product=256;name=VMware Remote Console;version=10.0.1;buildnumber=5898794;licensename=VMware Remote Console;licenseversion=10.0; -s libdir=/dev/null/Non-existing DEFAULT_LIBDIRECTORY
65872 ttys001 0:00.00 grep -i \(vmware\|vmrc\)

VM IDs (or VM-MOREFs)

You get the VM IDs using the vim-cmd vmsvc/getallvms command; they appear in the left column:

[root@ESXi-X9SRI-3F:/] vim-cmd vmsvc/getallvms
Vmid         Name                                 File                               Guest OS       Version   Annotation
1      Lampje             [EVO860_250GB] Lampje/Lampje.vmx                       opensuse64Guest    vmx-14              
3      X9SRI-3F-W10P-NL   [EVO860_250GB] X9SRI-3F-W10P-NL/X9SRI-3F-W10P-NL.vmx   windows9_64Guest   vmx-14

Note that in practice, this is much harder so I wrote a script for that which you can find in VMware ESXi console: viewing all VMs, suspending and waking them up: part 1.

bundle files

I did not know about bundle files, but they seem to be sh scripts that precede a binary: [WayBack] What is a .bundle file and how do I run it? – Super User.

Inspecting such a files, shows it starts with this code:

#!/usr/bin/env bash
#
# VMware Installer Launcher
#
# This is the executable stub to check if the VMware Installer Service
# is installed and if so, launch it.  If it is not installed, the
# attached payload is extracted, the VMIS is installed, and the VMIS
# is launched to install the bundle as normal.

# Architecture this bundle was built for (x86 or x64)
ARCH=x64

if [ -z "$BASH" ]; then
   # $- expands to the current options so things like -x get passed through
   if [ ! -z "$-" ]; then
      opts="-$-"
   fi

   # dash flips out of $opts is quoted, so don't.
   exec /usr/bin/env bash $opts "$0" "$@"
   echo "Unable to restart with bash shell"
   exit 1
fi

–jeroen

Posted in Apple, ESXi6, ESXi6.5, ESXi6.7, Mac OS X / OS X / MacOS, macOS 10.12 Sierra, macOS 10.13 High Sierra, Power User, Virtualization, VMware, VMware ESXi, Windows, Windows 10, Windows 7, Windows 8, Windows 8.1 | Leave a Comment »

Error 0x8007232b or 0x8007007B occurs when you try to activate Windows

Posted by jpluimers on 2021/06/18

Since [WayBack/Archive.is] archival of Error 0x8007232b or 0x8007007B occurs when you try to activate Windows fails (the first indicates cookies need to be enabled, the second archives a page without support content), and the Google cached URL returns a 404, here is the full content:

Error 0x8007232b or 0x8007007B occurs when you try to activate Windows

Applies to: Windows 10 Pro released in July 2015Windows 8 Enterprise NWindows 8 EnterpriseWindows 8 ProWindows 8 Pro NWindows 8.1 EnterpriseWindows 8.1 ProWindows 8.1 Pro NWindows Server 2012 R2 DatacenterWindows Server 2012 R2 StandardWindows Server 2012 DatacenterWindows Server 2012 DatacenterWindows Server 2012 FoundationWindows Server 2012 FoundationHyper-V Server 2012 R2Windows Server 2012 StandardWindows Server 2012 StandardWindows 7 EnterpriseWindows 7 Enterprise NWindows 7 ProfessionalWindows 7 Professional NWindows Server 2008 R2 DatacenterWindows Server 2008 R2 EnterpriseWindows Server 2008 R2 FoundationWindows Server 2008 R2 StandardWindows Vista BusinessWindows Vista EnterpriseWindows Vista Business 64-bit EditionWindows Vista Enterprise 64-bit EditionWindows Server 2008 StandardWindows Server 2008 EnterpriseWindows Server 2008 Standard without Hyper-VWindows Server 2008 for Itanium-Based SystemsWindows Server 2008 Enterprise without Hyper-V Less

Home users: This article is intended for use by support agents and IT professionals. If you’re looking for more information about Windows 10 activation error messages, see the following Windows website:

Get help with Windows 10 activation errors

Symptoms

When you try to activate a Windows installation (client or server), you receive one or more error messages that resembles the following.

Error message 1

Activation Error: Code 0x8007232b
DNS Name does not exist

Error message 2

Windows could not be activated.
Key management services (KMS) host could not be located in domain name system (DNS), please have your system administrator verify that a KMS is published correctly in DNS.
Error: 0x8007232b
Description: DNS name does not exist.

Error message 3

Error: 0x8007007B
The file name, directory name, or volume label syntax is incorrect

Resolution

To resolve this problem, use one or more of the following methods, as appropriate for your situation.

Method 1: Change the product key to an MAK

If KMS activation will not be used, and if there is no KMS server, the product key should be changed to an MAK. For Microsoft Developer Network (MSDN), or for TechNet, the stock-keeping units (SKUs) that are listed below the media are generally volume licensed-media, and the product key that’s provided is an MAK key.

To change the product key to an MAK, follow these steps:

  1. Open an elevated command prompt. To do this, use one of the following methods, as appropriate for your OS.
  2. At the command prompt, type the following command, and then press Enter: 
    slmgr -ipk xxxxx-xxxxx-xxxxx-xxxxx-xxxxx

    Note The xxxxx-xxxxx-xxxxx-xxxxx-xxxxx placeholder represents your MAK product key.

Method 2: Configure a KMS host server for the clients to activate against

KMS activation requires that a KMS host server be configured for the clients to activate against. If there are no KMS host servers configured in your environment, install and activate one by using an appropriate KMS host server key. After you configure a computer on the network to host the KMS software, publish the Domain Name System (DNS) settings. For information about the KMS host server configuration process, see Set up a KMS host on a Windows Server 2008 R2 machine.

For more information about how to set up a KMS server and how to publish the DNS settings, go to the following Microsoft websites:

Method 3: Manually create a KMS SRV record in a Microsoft DNS server

If your network has a KMS host computer set up, and if the client cannot locate a KMS host on the network for activation, follow these steps:

  1. Verify that the computer that has the KMS host installed and is activated by using a KMS key that’s registered in DNS. To do this, follow these steps:
    1. Open an elevated command prompt.Windows 7 or Windows Vista (Windows Server 2003)

      Select Start > All Programs > Accessories, right-click Command Prompt, and then select Run as administrator. If you are prompted for an administrator password or for confirmation, type the password or provide confirmation.

      Windows 8.1 and Windows 10 (Windows Server 2012, Windows Server 2012 R2)

      Press Windows logo key+X, and then select Command Prompt(Admin), or right-click the Start button, and then select Command Prompt(Admin). If you are prompted for an administrator password or for confirmation, type the password or provide confirmation.

    2. At the command prompt, type the following command, and then press Enter: 
      nslookup -type=all _vlmcs._tcp>kms.txt
    3. Open the KMS.txt file that’s generated by the command. This file should contain one or more entries that resemble the following entry: 
      _vlmcs._tcp.contoso.com                            SRV service location:                  priority       = 0                  weight         = 0                  port           = 1688                  svr hostname   = kms-server.contoso.com
    4. If these “_vlmcs” entries are present, and if they contain the expected KMS host names, go to Method 4.
  2. Check the registry to determine whether the KMS host server is registering with DNS. By default, a KMS host server dynamically registers a DNS SRV record one time every 24 hours. To check this setting, follow these steps:
    1. Start Registry Editor.Windows 7 or Windows Vista

      Click Start, type regedit, and then press Enter.

      Windows 8.1 and Windows 10

      Right-click Start, select Run, type regedit, and then press Enter.

    2. Locate and then click the following subkey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SLIf the DisableDnsPublishing subkey is present and has a value of 1, the KMS service does not register in DNS.

      a If the DisableDnsPublishing subkey is missing, create a new DWORD value named DisableDnsPublishing. If dynamic registration is acceptable, change the subkey value to 0. To do this, right-click DisableDnsPublishing, click Modify, type 0 in the Value data box, and then click OK.

    Note By default, this registry key has an undefined value that results in the dynamic registration every 24 hours.

If the DNS Server service does not support dynamic updates, or if dynamic updates are not occurring, the “VLMCS._TCP, SRV” record can be manually registered.

To manually create a KMS SRV record in a Microsoft DNS server, follow these steps:

  1. On the DNS server, open DNS Manager. To open DNS Manager, click Start, click Administrative Tools, and then click DNS.
  2. Click the DNS server where you have to create the SRV resource record.
  3. In the console tree, expand Forward Lookup Zones, right-click the domain, and then click Other New Records.
  4. Scroll down the list, click Service Location (SRV), and then click Create Record.
  5. Type the following information:

    Service: _VLMCS

    Protocol: _TCP

    Port number: 1688

    Host offering the service: <FQDN_of_KMS_Host>

  6. When you are finished, click OK, and then click Done.

To manually create SRV records in a BIND 9.x Compliant DNS server include the following information when you create the record.

Note If your organization uses a non-Microsoft DNS server, you can create the required SRV records as long as the DNS server is BIND 9.x compliant.

  • Name=_vlmcs._TCP
  • Type=SRV
  • Priority = 0
  • Weight = 0
  • Port = 1688
  • Hostname = <FQDN or A-Name of the KMS host>

Note The Priority and Weight fields are not used by KMS and are ignored by the KMS client. However, they must be included in the zone file.

To configure a BIND 9.x DNS server to support KMS auto-publishing, configure the BIND server to enable resource record updates from KMS hosts. For example, add the following line to the zone definition in Named.conf or in Named.conf.local:

allow-update { any; };

Method 4: Manually assign a KMS server

By default, the KMS clients use the automatic discovery feature and query DNS for a list of servers that have published the _VLMCS record within the membership zone of the client. DNS returns the list of KMS hosts in a random order. The client picks a KMS host and tries to establish a session on it. If this attempt works, the client caches the server and tries to use it for the next renewal attempt. If the session setup fails, the client picks another server randomly. We highly recommend that you use the automatic discovery feature. However, you can manually assign a KMS server. To do this, open an elevated command prompt on the KMS client.

  1. Open an elevated command prompt.Windows 7 or Vista (Windows Server 2003)

    Click Start, type cmd in the Start Search box, right-click cmd.exe in the results list, and then click Run as administrator. If you are prompted for an administrator password or for confirmation, type the password or provide confirmation.

    Windows 10 and Windows 8.1 (Windows Server 2012 R2, Windows Server 2012)

    Press the Windows logo key+X, and then select Command Prompt(Admin), or right-click Start, and then select Command Prompt(Admin). If you are prompted for an administrator password or for confirmation, type the password or provide confirmation.

  2. Use the following commands at an elevated command prompt:
    • To assign a KMS host by using the FQDN of the host, type the following command: 
      cscript \windows\system32\slmgr.vbs -skms <KMS_FQDN>:<port>
    • To assign a KMS host by using the version 4 IP address of the host, type the following command: 
      cscript \windows\system32\slmgr.vbs -skms <IPv4Address><:port>
    • To assign a KMS host by using the version 6 IP address of the host, type the following command: 
      cscript \windows\system32\slmgr.vbs -skms <IPv6Address><:port>
    • To assign a KMS host by using the NETBIOS name of the host, type the following command: 
      cscript \windows\system32\slmgr.vbs -skms <NetbiosName><:port>
    • To revert to automatic discovery on a KMS client, type the following command: 
      cscript \windows\system32\slmgr.vbs –ckms

Method 5: Automatically publish KMS in multiple DNS domains

If the previous methods have not resolved this problem, the problem may be related to the ability of the client to resolve the DNS name of the KMS server or to connect to the KMS server. If this is the problem, follow these steps:

Note Unless otherwsie stated, do the following steps on a KMS client that has experienced the error that is mentioned in the “Symptoms” section:

  1. At a command prompt, type the following command, and then press Enter: 
    IPCONFIG /all
  2. From the command results, note the assigned IP address, the DNS server address, and the default gateway address.
  3. Verify basic IP connectivity to the DNS server by using the ping command. To do this, run the following command. 
    ping <DNS_Server_IP_address>

    Note If this command does not ping the server, this problem must be resolved first.

    For more information about how to troubleshoot TCP/IP issues if you cannot ping the DNS server, see the Microsoft TechNet topic Troubleshooting TCP/IP.

  4. Verify that the search list of the primary DNS suffix contains the DNS domain suffix that the KMS host registered.For the computers that have joined the domain, the DNS automatic discovery of KMS requires that the DNS zone contains the SRV resource record for the KMS host. This DNS zone is the DNS zone that corresponds to either the primary DNS suffix of the computer or to the domain of the Active Directory DNS.

    For workgroup computers, the DNS automatic discovery of KMS requires that the DNS zone contains the SRV resource record for the KMS host. This DNS zone is the DNS zone that corresponds to either the primary DNS suffix of the computer or to the DNS domain name that is assigned by the Dynamic Host Configuration Protocol (DHCP). This domain name is defined by the option that has the code value of 15 as defined in Request for Comments (RFC) 2132.

  5. Verify that the KMS host SRV records are registered in DNS. At an elevated command prompt, type the following command, and then press Enter: 
    nslookup -type=all _vlmcs._tcp>kms.txt
  6. Open the Kms.txt file that was generated by this command. This file should contain one or more entries that resemble the following: 
    _vlmcs._tcp.contoso.com SRV service location:
priority = 0
weight = 0
port = 1688 svr hostname = kms-server.contoso.com

    Verify the IP address, host name, and port of the KMS host.

    Note If the nslookup command finds the KMS host, it does not mean that the DNS client can find the KMS host. If the nslookup command finds the KMS host, and if you still cannot activate the KMS host server, check the other settings, such as the primary DNS suffix and the search list of the DNS suffix.

    The SRV records are registered in the DNS zone that corresponds to the KMS host domain membership. For example, assume that a KMS host joins the contoso.com domain. In this scenario, the KMS host registers its VLMCS._TCP SRV record under the contoso.com DNS zone. Therefore, the VLMCS._TCP.CONTOSO.COM record is created.

If the clients are configured to use a different DNS zone, automatically publish KMS in multiple DNS domains. To do this, follow these steps:

  1. Log on to a KMS host.
  2. Open an elevated command prompt.Windows 7 or Vista (Windows Server 2003)

    Select Start, type cmd in the Start Search box, right-click cmd.exe in the results list, and then select Run as administrator. If you are prompted for an administrator password or for confirmation, type the password or provide confirmation.

    Windows 8.1 and Windows 10 (Windows Server 2012, Windows Server 2012 R2)

    Press the Windows logo key+X, and then select Command Prompt(Admin), or right-click Start, and then select Command Prompt(Admin). If you are prompted for an administrator password or for confirmation, type the password or provide confirmation.

  3. At the command prompt, type regedit.exe, and then press Enter.
  4. Locate and then click the following registry subkey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SL
  5. In the navigation pane, select SL.
  6. Right-click a blank area in the details pane, point to New, and then select Multi-String Value.
  7. Type DnsDomainPublishList as the name for the new value, and then press Enter.
  8. Right-click the new DnsDomainPublishList value, and then select Modify.
  9. In the Edit Multi-String dialog box, type each DNS domain suffix that is published by KMS on a separate line, and then select OK.
  10. In the Edit Multi-String dialog box, type each DNS domain suffix that is published by KMS on a separate line, and then select OK.Note For Windows 7 and for Windows Server 2008 R2, the format for DnsDomainPublishListdiffers.

    For more information, see the Volume Activation Technical Reference Guide.

  11. Restart the Software Licensing service by using the Service administrative tool. This operation creates the SRV records.
  12. Verify that the host name that is returned in the last step can be resolved by using a typical method on the KMS client. When the name is resolved, also verify that the IP address that is returned is accurate. If either of these verifications fails, investigate this DNS client resolver issue.
  13. To use the KMS automatic discovery feature, run the following command at an elevated command prompt to clear any previously cached KMS host names: 
    cscript C:\Windows\System32\slmgr.vbs –ckms
  14. If you believe that you have an SRV record issue, you can troubleshoot it by using one of the commands that are documented in “Method 4” to statically specify a KMS host. The following commands can be used to determine whether this is a name resolution issue or an SRV record issue. If none of these commands resolves the problem, you may be encountering a blocked port or an inaccessible host (see the “More Information” section).Run the following commands: 
    cscript \windows\system32\slmgr.vbs -skms <KMS_FQDN>:<port>

cscript \windows\system32\slmgr.vbs –ato

    If these commands resolve the problem, this is an SRV record issue. To fix it, you must troubleshoot the SRV record.

    If these commands do not resolve the problem, run the following commands:

    cscript \windows\system32\slmgr.vbs -skms <IP Address>:<port>

cscript \windows\system32\slmgr.vbs –ato

    If these commands resolve the problem, this is most likely a name resolution issue.

The 1688 TCP port is used for the activation communication between the KMS client and the KMS host. If the communication seems to be blocked, check the firewall configurations or anything else that may block the 1688 TCP port.

More Information

This problem may occur if one or more of the following conditions are true:

  • You use volume-licensed media with a Volume License generic product key to install one of the following operating systems:
    • Windows Server 2012 R2
    • Windows Server 2012
    • Windows Server 2008 R2
    • Windows Server 2008
    • Windows 10
    • Windows 8.1
    • Windows 8
    • Windows 7
    • Windows Vista Enterprise
    • Windows Vista Business
  • The activation wizard cannot connect to a Key Management Service (KMS) host computer.

When you try to activate the system, the activation wizard uses DNS to locate a corresponding computer that’s running the KMS software. If the wizard queries DNS and does not find the DNS entry for the KMS host computer, the wizard reports an error. If you have a KMS host computer set up, the correct DNS entries are not seen by the client computer. If you do not have a KMS host computer set up, you must either set up a KMS host computer or switch to an MAK product key method to activate your volume license installation.

Microsoft Developer Network (MSDN) and Microsoft TechNet provide volume-licensed media for the following operating system stock-keeping units (SKUs):

  • Windows Server 2012 R2
  • Windows Server 2012
  • Windows Server 2008 R2
  • Windows Server 2008
  • Windows 10 Enterprise
  • Windows 8.1 Enterprise
  • Windows 8 Enterprise
  • Windows 7 Enterprise
  • Windows Vista Enterprise

The volume-licensed media does not prompt you for a product key during installation. If you do not change the product key to the MSDN key, you receive an error message when you try to activate the operating system. If you use MSDN or TechNet media, you must change the product key to the MSDN product key. Use the “Method 1” procedure in the “Resolution” section to change the product key.

Note The MSDN or TechNet product key is the MAK product key.

References

For more information about Volume Activation, see the following Microsoft Knowledge Base article:

929712 Volume Activation information for Windows Vista, Windows Server 2008, Windows Server 2008 R2 and Windows 7

For more information about volume licensing, go to the Microsoft Volume Licensing website.

For more information about how to activate copies of Windows Vista or Windows Server 2008 that were installed by using volume-licensed media, go to the Product Activation and Key Informationwebpage.

–jeroen

Posted in Microsoft Surface on Windows 7, Power User, Windows, Windows 10, Windows 7, Windows 8, Windows 8.1, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016 | Leave a Comment »

Still relevant for current Windows versions: hard drive – defrag /x – consolidate free space not really working – Windows Server 2012 – Server Fault

Posted by jpluimers on 2021/06/11

From my answer at [WayBack] hard drive – defrag /x – consolidate free space not really working – Windows Server 2012 – Server Fault

I’ve tried many tools, starting with defrag C: /X (which tries, but doesn’t give good results) and found out these steps give the best results:

  1. Perform an Ultradefrag full optimisation
  2. Perform a MyDefrag Consolidate free space script on the drive.

Note that MyDefrag (formerly named JkDefrag) is not maintained any more but the 4.3.1 version in the WayBack machine still works very well as the underlying defragmentation APIs in Windows haven’t changed.

References:

The original MyDefrag disappeared two times (temporarily in 2014 because the domain expired, then permanently in 2017 because the domain went off-line).

Luckily, the WayBack machine at archive.org has the latest version saved (not all the links from the archive.org search page have an executable as sometimes it shows the expired domain or a non-existing redirect when the domain got off-line):

Note that chocolatey install --yes mydefrag --version 4.3.11 fails because of the missing download. See [WayBack] Chocolatey Software | MyDefrag 4.3.1.

(The --version parameter trick is from [WayBack] Chocolatey – How to install hidden and unlisted package? – Super User, via [WayBack] “This package is unlisted and hidden from package listings.” – Google Search).

–jeroen

Posted in Power User, Windows, Windows 10, Windows 7, Windows 8, Windows 8.1, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, Windows Vista, Windows XP | Leave a Comment »

authentication – Bypassing Windows 10 password with Utilman.exe trick – fixed? – Information Security Stack Exchange

Posted by jpluimers on 2021/05/03

It is debatable if these tricks are vulnerabilities or not: [WayBack] authentication – Bypassing Windows 10 password with Utilman.exe trick – fixed? – Information Security Stack Exchange.

There are arguments that leaving a system open to physical access or allow operating system manipulation, it means it is busted.

On the other hand, making systems more resilient to modification, helps alleviate these problems.

So it pays for developers to harden operating systems against modification.

From the question:

Of the sethc.exe, Utilman.exe, and osk.exe ones in Windows, Utilman.exe seems to have been fixed.

Related:

–jeroen

Posted in Power User, Windows, Windows 10, Windows 7, Windows 8, Windows 8.1 | Leave a Comment »

« Previous Entries
Next Entries »