Thursday, November 28, 2013

Windows Security Update for Windows XP (KB2862330)

In this case, a colleague of mine was complaining that his old XP client pc was installing updates every day and was requesting to reboot the machine every day in last 30 days. Fortunately, there was a single problematic update KB2862330 that was trying to install every day and requesting to reboot the pc every day. According from KB article http://support.microsoft.com/kb/2862330/en-gb there are known issues regarding installation of this update. In this case the update was installing successfully, requesting for reboot, and after the reboot same update was offered as available update for installing in endless loop.
I tried to uninstall and install the update, but it didn't help the situation.
According from KB article Scenario 3, I have disabled all the USB Enhanced Host Controllers from device manager before installing the update, and enable them after the reboot, but same update was on list for available updates for installation again.
I've decided to check the update log (KB2862330.log) for this update, I've found a lot of error events:
.........................
SetupVerifyInfFile failed with error 0x490 for usbstor.inf of device USB\VID_058F&PID_6387\28197C13 
SetupVerifyInfFile failed with error 0x490 for usbstor.inf of device USB\VID_058F&PID_6387\2RNGA2U1 
SetupVerifyInfFile failed with error 0x490 for usbstor.inf of device USB\VID_058F&PID_6387\4H5SLQD0 
SetupVerifyInfFile failed with error 0x490 for usbstor.inf of device USB\VID_058F&PID_6387\5742D984 
 ....................... 

So, cryptographic service was set to run automatically, and I've decided to rebuild the catroot2 folder. Stopping the Cryptographic service, renaming the %systemroot%\System32\Catroot2 into catroot2-old, and restarting the Cryptographic service will regenerate new Caroot2 folder.

Now with disabled USB Enhanced Host Controllers, I ran the update KB2862330 again. The update log (KB2862330.log) was generating completely different lines. Something like :
............ 
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem3.CAT trusts inf c:\windows\inf\oem3.inf of device PCI\VEN_8086&DEV_24C2&SUBSYS_00C50E11&REV_01\3&61AAA01&0&E8 
.............. 
After the requested rebooted, I've enabled the disabled USB host controllers, and the update was not offered as available update for installation again anymore, and was finally successfully installed.

Monday, November 18, 2013

DPM encountered a retryable VSS error

In this case I was trying to backup P2V converted VM using DPM 2012 SP1. The VM was hosted on Hyper-V 2012 cluster. DPM Replica Creation Job was failing with following description:
DPM encountered a retryable VSS error. (ID 30112 Details: VssError:The writer experienced a transient error.  If the backup process is retried, the error may not reoccur. (0x800423F3))

The VM had Windows Server 2003 SP2 operating system installed. I've decided to check the VSS writers, and the vssadmin has returned empty list of VSS writers available on the VM:



According from following Microsoft article http://support.microsoft.com/kb/940184/en-us , I've re-registered the following dlls:

  • cd /d %windir%\system32
  • net stop vss
  • net stop swprv
  • regsvr32 ole32.dll
  • regsvr32 oleaut32.dll
  • regsvr32 /i eventcls.dll
  • regsvr32 vss_ps.dll
  • vssvc /register
  • regsvr32 /i swprv.dll
  • regsvr32 es.dll
  • regsvr32 stdprov.dll
  • regsvr32 vssui.dll
  • regsvr32 msxml.dll
  • regsvr32 msxml3.dll
  • regsvr32 msxml4.dll

  • Now, running the vssadmin list writers again, has successfully listed all the available VSS writers. I was hoping that DPM will successfully finish Replica Creation Job, but I was wrong. VM was having ISA Server 2006 installed with local MSDE. Someone has changed ISA Logging destination from Database into flat files, and to free some space on disk deleted the mdfs and ldfs files from logging directory. Now, VSS was failing with error event id 6013 with following message:

    Error message: Database 'ISALOG_.....' cannot be opened due to inaccessible files or insufficient memory or disk space. See the SQL Server errorlog for details
     
    Now I was looking for a way to dismount those old databases with deleted mdf and ldf files. Thankfully, Microsoft has publish a vbscript for dismounting old databases from MSDE, and here is the link from the source of the script http://technet.microsoft.com/en-us/library/cc302448.aspx .
    After running the script, the old databases were dismounted, and finally I was able to backup the VM using DPM 2012.

    Friday, November 15, 2013

    AD user password expiration

    This is quick one for reference, here is an example how to find out when will expire password for some AD user using powershell single liner (replace username with your AD user of interest):

    PS C:\Temp> [datetime]::FromFileTime((Get-ADUser username -Properties "msDS-UserPasswordExpiryTimeComputed")."msDS-UserPasswordExpiryTimeComputed")

    Monday, November 11, 2013

    Outlook 2013 gets Contacting the server for information ...

    In this case some Outlook 2013 users were complaining that sometimes their favorite email client was going into non responsive state, whenever they were replying to some email message. The Outlook 2013 was not responding with following message:
    Contacting the server for information ...
    They all had in common, that they were replying to same external contact with faulty picture (icon) in his(her) signature, even though Automatic Download Outlook settings were set not download pictures.
    One way to resolve this behavior was to ask this external contact to change this faulty signature, but this was not an option.
    Another way to resolve this situation was to change the email formatting when replying to emails to this contact into plain text, but this option is available only when email message is popped out from outlook causing again numerous "Contacting the server for information ..." messages.
    And finally the last, and I guess the easiest way was to block the access to this faulty link. The faulty link was on Internet, and after denying the access to this faulty URL, replying to email messages to this external contact with faulty signature was not a problem anymore.

    Wednesday, November 6, 2013

    Internet Explorer 11 opens Exchange OWA Light

    By default, Internet Explorer 11 will open OWA Light when accessing Exchange (2013,2010,2007) environment. The reason for this behavior is that Internet Explorer 11 does not include MSIE token in user-agent string.
    In order to avoid this behavior and let the Internet Explorer 11 to open OWA Premium by default, for Exchange 2013 there is CU2, and for other versions of Exchange the workaround is from client side:
    • Open Internet Explorer 11 in private mode
    or
    • Add OWA site in compatibility view list
    Microsoft has published KB for this Internet Explorer 11 behavior. For more info check http://support.microsoft.com/kb/2866064 .

    Friday, November 1, 2013

    SecureBoot isn't configured correctly

    After installing Windows 8.1 on my workstation, I have experienced following watermark on my Desktop:


    And, YES I'm aware that SecureBoot is not enabled, but I do not want that watermark to be present on my Desktop. Microsoft has responded on complains with following update http://support.microsoft.com/kb/2902864, which removes the watermark from desktop. After installing the update you will be prompted for restart, and after the reboot the watermark will disappear.

    Where is Group Policy Preference for Internet Explorer 11 ?

    After joining the Windows 8.1 enterprise into domain environment, I was expecting that GPMC will introduce new GPP template for Internet Explorer 11, but the latest version was still the Internet Explorer 10.
    So, how to apply settings to Internet Explorer 11 via GPP ?
    Fortunately, GPP for Internet Explorer 10 will also work with Internet Explorer 11. Why ?
    I opened GPP for IE10 xml file, and saw that file version filtering for iexplore is between 10 and 99.
    Here is the filtering part from the xml file:
    path="%ProgramFilesDir%\Internet Explorer\iexplore.exe" type="VERSION" gte="1" min="10.0.0.0" max="99.0.0.0"
    My opinion is that with this kind of file filter versioning for iexplore, the GPP template should be named Internet Explorer 10 and higher, not just Internet Explorer 10.

    Microsoft virtualization certification exam for free

    Sign up for free MVA online training on November 19 & 20 – then receive a voucher to take the new Microsoft virtualization certification exam for free!

    For more info please check http://www.virtualizationsquared.com/ .