Thanks guy who wrote that.
It’s your friendly Windows helpdesk guy here.
We have an issue that seems random, where certain users fail to get the password prompt after hitting ctrl-alt-del combo at logon (LogonUI).
The culprits seem to be the combo of HP Z620 workstations + Matrox video card “drivers” or, simply, Matrox PowerDesk software.
I opened a case with Microsoft support due to the fact that I could not use xbootmgr to troubleshoot the issue, I did not understand where else to go.
They advised me to clear any Credential Provider other than the following list:
GenericProvider NPProvider VaultCredProvider PasswordProvider Smartcard Credential Provider Smartcard Pin Provider WinBio Credential Provider CertCredProvider
This includes the stupidly risky Credential Provider “Matrox.Pdesk.LogonRelocator64″.
I guess Matrox is trying to be helpful by creating a credential provider to move your LogonUI screen around; it’s quite clear that the cost of messing with Credential Providers to provide such a trivial benefit is too high.
Delete the above registry key to avoid the problem.
For some odd reason, MSFT didn’t code a straight item-level targeting rule to allow you to query local users. So, if you are renaming a local user, and it is already in existence (which it will be after you rename it), your client will log an error.
In order to avoid the error, you must check if the user exists using the following WQL:
select * from win32_useraccount where localaccount = 1 and caption like '%Administrator' select * from win32_useraccount where localaccount = 1 and caption like '%Guest'
Note that the caption property will return the computer name as the realm of the user followed by the user (like COMPUTER\Administrator); this is why it checks with a wildcard.
You’re neighborhood generic Windows Admin is here to talk about WSUS auto-approval policies.
Here is how WSUS “gets” updates:
1) a synchronization occurs in which WSUS fetches some info about available updates for the product classifications you’ve prescribed.
2) Updates are approved manually or by auto-approval policy.
3) Updates are downloaded by WSUS.
4) Updates are fetched by workstations.
When you adjust an auto-approval, but your classifications have already included a product, and the WSUS has already fetched info about the updates, your auto-approval policy will not affect these updates. As in, they will not be automatically set to “approved,” will not be downloaded by WSUS, and will not be available to your Windows Update clients. Why is this done? I have no idea. It seems like an option would be nice to retroactively approve updates according to current auto-approval policy (and I’m sure you can hack away at the WSUS SQL DB).
So, what do you do? For a few weeks, you’ll just have to slave away at manually approving updates.
I just “got upgraded” to 100Mbps down and 10Mbps up from time warner. Except that 100Mbps is more like 20Mbps thanks to measurement labs.
I had some trouble configuring JRE to allow me to run Measurementlabs’ NDT tool, so, for reference, below is an %userprofile%\appdata\locallow\sun\java\deployment\security\exception.sites file:
http://www.measurementlab.net http://ndt.iupui.mlab3.lga01.measurement-lab.org http://ndt.iupui.mlab3.lga02.measurement-lab.org http://ndt.iupui.mlab3.lga03.measurement-lab.org http://ndt.iupui.mlab3.lga04.measurement-lab.org http://ndt.iupui.mlab2.lga01.measurement-lab.org http://ndt.iupui.mlab2.lga02.measurement-lab.org http://ndt.iupui.mlab2.lga03.measurement-lab.org http://ndt.iupui.mlab2.lga04.measurement-lab.org http://ndt.iupui.mlab1.lga01.measurement-lab.org http://ndt.iupui.mlab1.lga02.measurement-lab.org http://ndt.iupui.mlab1.lga03.measurement-lab.org http://ndt.iupui.mlab1.lga04.measurement-lab.org http://ndt.iupui.mlab3.lga01.measurement-lab.org:7123 http://ndt.iupui.mlab3.lga02.measurement-lab.org:7123 http://ndt.iupui.mlab3.lga03.measurement-lab.org:7123 http://ndt.iupui.mlab3.lga04.measurement-lab.org:7123 http://ndt.iupui.mlab2.lga01.measurement-lab.org:7123 http://ndt.iupui.mlab2.lga02.measurement-lab.org:7123 http://ndt.iupui.mlab2.lga03.measurement-lab.org:7123 http://ndt.iupui.mlab2.lga04.measurement-lab.org:7123 http://ndt.iupui.mlab1.lga01.measurement-lab.org:7123 http://ndt.iupui.mlab1.lga02.measurement-lab.org:7123 http://ndt.iupui.mlab1.lga03.measurement-lab.org:7123 http://ndt.iupui.mlab1.lga04.measurement-lab.org:7123
Looks like I’ll have to give time warner a call.
I subscribe to DevOps Weekly. Not sure why, since I’m not in an agile system development or continuous delivery environment, but I guess I figure I can glean some useful stuff out of it.
This week, the dude linked to two useful things:
Huginn’s author states it to be “a light-weight infrastructure for building data-gathering and data-reacting tasks for your everyday life. Think of it as an open source Yahoo! Pipes, IFTTT, or Zapier.”
I finally am hopping onto the “activity tracker” craze with a recent purchase of the Jawbone UP24 (waiting for the Basis to get better and awaiting Samsung’s Gear Fit), and would love to use the data to automate a workflow.
I saw If this then that (IFTTT) about a year ago, and thought that it was way too… well.. scary. I mean, to have my UP data stored on Jawbone’s servers is enough to make me shiver, but then to use a third third party to take my “private” UP data and dump it to a Google Doc (which would require IFTTT to have access to both of those things in a non-restrictive way) is just too much.
Luckily, tonight some good fellow posted Huginn to Hacker News. Looks like a great way to keep automated workflows private. And maybe, when I have the time, I can work on storing Jawbone data as I wish.
Did I mention that you can, of course, write your own Huginns agents?
Since I started a new job, I’ve got a lot of stuff to master before I revisit implementing flow data.
With all the Heartbleed reaction craze, I noticed that some Snort defs were released the other day, and that means there are likely IOCs that can be found in historical flow data.
It is a useful replacement for the test-connection cmdlet, who’s timeout is more than desirably long.