Fix Elevated applications not having access to mapped drives

Fix Elevated applications not having access to mapped drives

One of the side effects of UAC is the inability to access the mapped (over net use) network drives from the applications running in privileged mode (Run As Administrator). This means that when you run the command prompt or an application (like SpecWin) with elevated privileges, they won’t display the disk letters of the mounted network shares.

A quick way to show what this looks like. Open command prompt, as a regular user, not an administrator and run/enter:

net use

Your screen should look something like this:

clip_image002

And if you change directories and looked at what’s there, it would look something like this

clip_image004

If you run the command prompt ‘As Administrator’ the prompt will look something like this:

clip_image006

If you try and change drives you will get something like this:

clip_image008

This behavior of the system can lead to some inconveniences when trying to run apps elevated often.

Why does it happen? This peculiarity is connected with UAC mechanism for a user with the local administrator privileges. The matter is that when this user signs in, two access tokens are created: the first token provides access without the administrator privileges (the filtered access token, with which most apps are run) and the second is the administrator token with full privileges in the system (all apps approved elevated in UAC are run using it).

When connecting shared network folders, they are associated with the current session for the current process access token and are not available with another token.

There is a solution. To implement it, you have to make some changes to the registry:

Open the registry editor (regedit.exe)

Go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System

Create a new parameter (DWORD type) with the name EnableLinkedConnections and the value 1

clip_image010

Restart your computer

After the computer has been restarted, make sure that you have access to the network drives from the apps run with the administrator privileges.

How it works. After you enable EnableLinkedConnections parameter of the registry, LanmanWorkstation and LSA will check if there is the second access token associated to the session of the current user. If this token is found, the list of the mounted network drives will be copied from one token to another. Thus, the network drives mounted elevated will be seen in the standard mode, and vice versa.

Ref:

https://support.microsoft.com/en-us/help/3035277/mapped-drives-are-not-available-from-an-elevated-prompt-when-uac-is-configured-to-prompt-for-credentials-in-windows

https://technet.microsoft.com/en-us/library/ee844140(v=ws.10).aspx

https://social.technet.microsoft.com/Forums/en-US/49e551df-8e18-45fa-b4bf-923b5a317337/windows-8-issue-with-drive-mapping-and-uac-enabled-enablelinkedconnections?forum=w81previtpro

Creating Customized Windows 10/8.1 Media (ISO, WIM, Flash Drive)

Creating Customized Windows 10/8.1 Media (ISO, WIM, Flash Drive)

In the Enterprise environment Windows Operation Systems are usually created, captured and deployed via MS SCCM, WDS or other imaging deployment technology. This allows for an Operating System to be deployed that is updated to the latest version(s) and standards of the organization along with any other software (Office suites, AV etc.) or configurations required by that organization. These system images can be ‘pushed’ out to machines, ‘pulled’ across the network via network (PXE) boot, or be placed on portable media to be installed by technicians (usually USB drives).

I also personally install a lot of Operating systems for my SMB clients, friends and family. This requires me to have install media that is as up to date (patch wise) as possible so that I do not have to spend hours, or often days, downloading security updates and patches just to install a system and get it safe.

I used to have a full server farm (including SCCM) on my home server/workstation so creating custom images (.wim) was not too much work. However, that machine physically gave up the ghost a while ago. So for personal images I decided to create a custom image on my laptop using Microsoft Hyper-V (available on Windows 8.1 and Windows 10).

Below is how I created my latest Windows 10 fully patched image. After following these steps you will have a UEFI capable ISO and the ability to produce a UEFI bootable flash drive.

So here we go…

You will need a Microsoft Windows 10 (or 8.1) installation ISO. If you don’t have your Windows 10/8.1 installation media available or someone else’s (just iso not license key needed) it is possible to find the .iso files via a good search.

[Note: you will need a valid installation key once you install your image to a machine to activate it. Or use a KMS server/volume license.]

Download and install the Microsoft Deployment Toolkit here.

image

image

image

Download and install Windows 10 (1607) or Windows 8.1 ADK with these options; you can get them here.

image

Next let’s enable and configure the Microsoft Hyper-V Platform on your workstation.

You can go to the Control Panel and click on Program and Features or hold the Windows key + X and select Programs and Features at the top.

Select Turn Windows features on or off.

image

Select Hyper-V and click OK. When prompted, click Restart now.

image

Once rebooted, open the Start Screen and type "Hyper" > Open Hyper-V Manager.

image

Select your host (computer name) on the left and then click Virtual Switch Manager. (on the right)

image

Select New virtual network switch on the left and External under the type to create. Click Create Virtual Switch.

image

Name the switch something appropriate (I’m using "Main").

Select External Network > Select your main NIC (wireless or wired).

Check Allow management operating system to share this network adapter and click OK.

image

Click Yes on the notice prompt.

image

Create the Staging VM

Now that you’re prepped, within Hyper-V Manager select New > Virtual Machine and then click Next.

image

Type a name for your staging VM (I’m picking stage01) then click Next.

image

Select Generation 1 and then click Next.

image

Enter an appropriate amount of memory (I’m entering 4096 MB), UNselect Dynamic Memory and then click Next.

image

Choose the Network Connection you previously created and then click Next.

image

Designate an adequate amount of storage for your VM (not less than the total GB of all applications you will be installing) and then click Next.

image

Select Install an operating system from a bootable CD/DVD-ROM > Select Image File (.iso) > Find and select the Windows ISO you downloaded earlier > Click Next > Click Finish.

image

image

Back at the Hyper-V Manager, right click stage01 and select Connect… (This will open the console of the VM.)

image

Navigate to Action and click Start.

image

Install Windows 10 by accepting the EULA and choosing Custom > selecting the entire virtual disk and clicking Next.

image

Then let the setup continue until it reboots and you get to the first ‘customization’ screen.

Enter Audit Mode and Install Applications

Start Windows installation normally. After reboot or two Windows is installed and process stops waiting your input. At this point we need to click on the Use express settings button. On next dialog you should not type a username, so don’t enter it. – STOP.

image

Instead, press and hold down the CTRL+SHIFT+F3 keys combination. Windows will now reboot to a special customization mode, the Audit Mode.

When presented with the System Preparation Tool window, click Cancel

image

You’re now in Audit mode. Audit mode is used to add customizations to Windows images. When you use audit mode, the system does not have to apply settings in Windows Welcome – things like creating user accounts, read and accept the Microsoft® Software License Terms, and select their language and time zones etc. It is designed specifically for preparing Windows images for deployment.

Okay so now let’s prepare and update the system. In Windows 10 (and 8.1) you can forcefully check for updates here:

image

OR you can use PowerShell to update – as in my previous article. I’d make sure ALL the updates are done – reboot several times (clicking ‘Cancel’ each time) until you’re sure that there are no more updates.

You may also want to uninstall any Windows ‘Store’ apps per this article.

Here is where you will download/install any software you wish to be on your image.

I install things like Office Suites, Acrobat, 7-zip, Java, different Browsers (Chrome Firefox etc.), plugins (Flash, Shockwave etc.) and such.

Once done with all your installs you should clean up all temp files (I use CCleaner portable) and run Disk Cleanup too.

So now let’s finalize and Sysprep the disk.

Shutdown your Staging VM.

Create a Checkpoint

Click Action > Checkpoint.. > Enter "Ready for sysprep" > Click Yes

Power your Staging VM back on.

When logged in, do not close the System Preparation Tool window this time.

Select Enable System Out-of-Box Experience (OOBE)

Checkbox Generalize

Select Shutdown

Click OK

image

Now we’re going to create the WIM file that we’ll use for creating our install media. The WIM file is a compressed image which is deployed during Windows installation. The install.wim file is the actual source used when installing Windows 10. Thus, we need to create our own WIM file, and replace the stock one with it. To do this, we need to "capture" the last Checkpoint – the one named ‘Complete’.

We’ll use the DISM tool to capture a mounted hard drive.

So we first need to mount the VHD (virtual hard drive) of our very last/updated VM – the checkpoint we named complete.

Once your VM is shut down, create another Checkpoint named "Complete". 
Do NOT power your VM back on.

As mentioned above, the install.wim file is the actual source used when installing Windows 10. Thus, we need to create our own WIM file, and replace the stock one with it. To do this, we need to "capture" the last Checkpoint.

On your host (physical machine), open up Disk Management. 
WIN+X > Disk Management

image

Navigate to Action > Attach VHD

image

Click Browse

image

Navigate to the directory where the virtual disks are stored for stage01. By default this directory is: C:\Users\Public\Documents\Hyper-V\Virtual hard disks/

In the bottom right, change Virtual Disk files (* .vhd, * .vhdx) to All files (* . *)

image

Select the file with the most recent Date Modified – this is your Complete Checkpoint!

image

Click Open

Check box Read-only and then click OK.

image

At this point you will see one new disk with two partitions. Make note of the second partition drive letter (in my case, the F: Drive).

image

Now the capture!

Open the Command Prompt with Administrator Rights.

WIN+X > Command Prompt (Admin)

image

Type:

dism /capture-image /imagefile:c:\customInstall.wim /capturedir:F:\ /name:"Windows 10 Enterprise – Customized by: Darth Sidious" /Description:"Windows 10 Enterprise – Customized by: Darth Sidious" /compress:maximum /checkintegrity /verify /bootable

replacing F: with the second partition drive letter you made note of earlier – and replacing "Customized by: Darth Sidious" with whatever you want.

Depending on your processing power, this may take a little while. When complete, you will see "This operation completed successfully." You should now see a file named "customInstall.wim" at the root of your C:\ Drive.

image

Build the Customized Media

Open/Double click the stock ISO you used to install Windows in stage01 to mount it within File Explorer.

Open This PC and double click the newly mounted drive.
(In my case, Drive E: SW_DVD5_WIN_ENT_10_1607_64BIT_English_MLF_X21-07102.ISO)

CTRL+A (to select all) and CTRL+C (to copy)

Create a new folder named WinExtract off your C:\ drive

(Another location is fine too, but these instructions will be assuming C:\)

Navigate to C:\WinExtract\ and CTRL+V (to paste).

image

After the copy completes, navigate to C:\WinExtract\sources\ and delete the install.wim file.

image

Move C:\customInstall.wim (your custom WIM) to C:\WinExtract\sources\.

Rename C:\WinExtract\sources\customInstall.wim to install.wim.

image

At this point, you are ready to create your ISO.

Create UEFI Bootable ISO:

Open Admin Command Prompt

Change directory (cd) to:

C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\Oscdimg

Then enter and run:

oscdimg -m -u2 -bC:\WinExtract\boot\etfsboot.com C:\WinExtract\ C:\Windows10Updated.iso

Once complete, you now have a UEFI bootable ISO named Windows10Updated.iso

[If you are making a Windows 8.1 image you will need to use the right directory for the ‘Windows Kits/adk selection]

You should now test your .iso by using it to create a new VM. Verify that it installs and works. Then you can create a bootable USB drive.

I use Rufus Portable to create my bootable USBs. Portable download here.

One of the first cool things about Rufus Portable is that no installation is necessary to run it. When you run it, setting it up is simple. Select the USB drive you want to use. To make sure your drive will boot on most devices including newer UEFI ones select the ‘MBR partition scheme for BIOS or UEFI Computers’ and also ‘Use Rufus MBR’ option.

Then select the disc icon next to the ISO drop-down and navigate to the location of your newly created Windows 10 ISO.

image

After that click Start and you should be good to go, within minutes.

image

Hope this helps some. I put this up here, like most of my stuff, mainly so I have a place to remember what I did. 😛

Happy image building.

Fix "The trust relationship between this computer and the primary domain failed" error

This is something that happens very often in large organizations with remotely connected sites (whether via MPLS nodes, connected VPNs or remote VPN users).

If you’ve spent any time in the desktop support arena you’ve likely had this error/issue dozens of times.
Here are some surefire ways to fix this fairly quickly.

MANY, many sites will tell you to remove the PC from the domain, delete the computer account and then re-join the computer. This does work – SOMETIMES and can bring on even more problems when it fails.

A simpler solution, that actually works, is to use PowerShell to resolve the issue.
You will need to log into the computer as a local administrator (or possibly you can use the cached domain admin credentials if that’s still an option)

Here are the commands to use in order of preference.

Depending on what version of Windows you are on and how up to date it is you should first download the latest Windows Management Framework (WMF). this contains the latest versions of PowerShell, DSC, WMI, and WinRM for downlevel versions of Windows and Windows Server. Here’s that link

1st try this one from an Admin Powershell:

image

Test-ComputerSecureChannel -Repair -Credential (get-credential)

After that completes restart computer and try domain login.

If that doesn’t work try this one:

Reset-ComputerMachinePassword -Server <ClosestDomainControllerNameHere> -Credential <DOMAIN\domain.admin>

Make sure to specifiy you DC and your domain user name, you’ll be prompted for you password.
The script will run and you’ll be back to the Powershell prompt.
Then just restart machine and try domain login.

An older method you can also try the NETDOM way ( most useful on some non upto date Win7 machines).
You’ll likely have to download the Microsoft Remote Server Admin Tools from here.  Install and then

use the following from an elevated cmd prompt:
netdom.exe resetpwd /s:dc-hostname.domain /ud:domainadminusername /pd:* (enter the domain admin password when prompted)

Hope this helps some.

Completely Uninstall Default Windows Store Apps in Windows 10 (8/8.1 too)

I am NOT a fan of the Windows Store or ‘Charm’ apps. If I want an application – I’ll seek out and get it myself. I don’t like being force fed a bunch of useless stuff I don’t want or need. With the advent of Windows 8 through Windows 10 MS has pushed their default/charm style applications. I use none of them. So I set out to remove them. Here is what I’ve found. Hope it helps.

If you wish to uninstall individual apps in Windows 10, run the following command in an elevated PowerShell window:

Get-AppxPackage | Select Name, PackageFullName

You will be able to see the list of all installed apps and its PackageFullName information.

image

Note down the PackageFullName and replace it in the following command:

Get-AppxPackage PackageFullName | Remove-AppxPackage

So the command to remove some of the apps will look as follows:

Uninstall 3D Builder

Get-AppxPackage *3dbuilder* | Remove-AppxPackage

Uninstall Get Office app

Get-AppxPackage *officehub* | Remove-AppxPackage

Uninstall Get Started app

Get-AppxPackage *getstarted* | Remove-AppxPackage

Uninstall Get Skype app

Get-AppxPackage *skypeapp* | Remove-AppxPackage

Etc…

Run the command to uninstall the particular pre-installed default Windows 10 Store app and then restart your computer.

If you want to uninstall the particular pre-installed app from all user accounts, use the following command format:

Get-AppxPackage -allusers PackageFullName | Remove-AppxPackage

Seems some people lost the Windows Store and wanted/needed it to get Window apps.

Another fully scripted way to remove everything BUT the Windows Store is here:

Get-AppxPackage

-AllUsers | where-object {$_.name –notlike "*Microsoft.WindowsStore*"}

| Remove-AppxPackage

Get-appxprovisionedpackage –online | where-object {$_.packagename –notlike "*Microsoft.WindowsStore*"}

| Remove-AppxProvisionedPackage –online

There are some tools available that will assist users in doing all this via a Graphic Intereface – Notably theWindowsClub’s 10AppsManager for Win10; it’s a freeware that will allow you to easily uninstall and reinstall the default, built-in, preinstalled Windows Store apps in Windows 10. It can be downloaded here.

How to remove a printer and its drivers from Windows 8/10

How to remove a printer and its drivers from Windows 8

Press the keyboard shortcut Win+q. Find Printer Management in the section Administrative Tools and launch it.

clip_image002

Removing a printer

Open Custom Filters, All Printers, select the printer you want to remove and click on Delete.

clip_image004

Confirm it by clicking Yes.

clip_image006

Removing drivers

Go to item All Drivers. If you have installed your driver from a standalone installer, it is recommend you to Remove Driver Package… . If you have simply selected the driver from a list offered by Windows when installing the printer, it is recommend you to Delete it.

clip_image008

If you are trying to remove the driver without removing the printer beforehand, or the driver is used also by another printer than the one you removed, the system won’t allow you to remove the driver.

clip_image010

If you resolved the previous problem or you haven’t encountered it, system will show you which packages and drivers will be deleted.

clip_image012

After you click on the button Delete, the packages and drivers will be erased from the system. By clicking on the button OK on the summary window, the process of removing drivers will be finished.

clip_image014

If you removed all drivers you wanted, close the Print management.

Remove Network Printers from Windows via Registry Editor

Step 1: Click on Start, Run and then type in regedit and press Enter. This will open the registry editor.

clip_image016

Step 2: Navigate to the following key in the registry:

HKEY_CURRENT_USER – Printers – Connections

Here you should now see a list of all network printers with the server name first, then a comma, and then the name of the actual printer.

clip_image018

Go ahead and click on the printer in the left menu and press the Delete button or right-click and choose Delete. Unfortunately, that’s not all! You also have to delete the printer from one more location in the registry:

HKEY_LOCAL_MACHINE – SYSTEM – CurrentControlSet – Control – Print – Providers – LanMan Print Services – Servers – Printers

Now under the servers key, you should be able to expand it and see the name of the print server that actually hosts the printer you want to delete. Go ahead and expand the print server key and delete the printer from the list.

clip_image020

Now close the registry editor and reboot your computer. The undeletable network printer should now be gone! Note that the method above is just for network printers. If you have a local printer and want to remove it the same way via the registry, you need to go to the following registry keys below:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Environments\ Windows NT x86\ Drivers\Version-3\

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Printers\

Using PowerShell to Manage Windows Updates

Using PowerShell to Manage Windows Updates:  PSWindowsUpdate

Often we have to update computers that have not – for whatever reason been updated in a long time. AND we often have to create new deploy images using sysprep. What usually happens is that Windows update will hang at ‘checking for updates’ for a very long time and either error out or never complete. A secret I found to deploying Windows Updates when this happens or from within Audit Mode is an excellent PowerShell module created by Michal Gajda. This module, aptly called PSWindowsUpdate, allows managing Windows Update on any computer running PowerShell 2.0 or higher. This module even enables Windows admins to check for and install updates on remote PCs and servers. PSWindowsUpdate is particularly handy for installing updates on Server Core machines that have no GUI, or in instances such as Sysprep’s Audit Mode where the Windows Update GUI doesn’t work.

· Get started by downloading the latest version of PSWindowsUpdate.zip.

image

· Once downloaded, extract the contents of the zip file to C:\Windows\System32\WindowsPowerShell\v1.0\Modules\.

image

Extracting files from PSWindowsUpdate.zip.

· Click Continue if a UAC prompt appears.

image

· When the files have been extracted into the PowerShell Modules folder, open an elevated PowerShell prompt. Change PowerShell’s Execution Policy to RemoteSigned. The RemoteSigned Execution Policy allows PowerShell scripts downloaded from the Internet to run on a PC as long as they are signed by a trusted publisher.

· Type Set-ExecutionPolicy RemoteSigned and press Enter. When prompted, confirm the change by pressing Y and then Enter.

image

Changing PowerShell’s execution policy

This completes the one-time configuration of the module! Now it’s time to put PSWindowsUpdate to use!

· If running PowerShell v2.0, type Import-Module PSWindowsUpdate and hit Enter. This isn’t necessary in PowerShell v3 and higher, but it doesn’t hurt anything either. This step simply guarantees that the modules cmdlets will be available to the PowerShell v2.0 session.

· Display a list of all the module’s available cmdlets by typing Get-Command –module PSWindowsUpdate and hitting Enter.

image

Using Get-Command -module PSWindowsUpdate.

· Possibly the most important function for getting and installing updates is Get-WUInstall. Help for each cmdlet is available, so to see full help for Get-WUInstall type Help Get-WUInstall –full and press Enter.

image

Looking at help for Get-WUInstall.

When applying updates, I prefer connecting to the Microsoft Update servers. Using these instead of the standard Windows Update servers allows installing updates to Office and other Microsoft products in addition to the normal Windows updates. Unfortunately, trying to connect to the Microsoft Update servers using the PSWindowsUpdate module from a fresh Windows installation will produce an error, as shown below.

image

· The reason for this error is because Windows is registered to use only the standard Windows Update servers by default. To use the Microsoft Update servers, the Microsoft Update Service must be registered on the computer. In the GUI, this is done by selecting the checkbox for Give me updates for other Microsoft products when I update Windows from the Control Panel – Windows Update – Change Settings applet.

· In the PSWindowsUpdate module, the same process is completed by using the Add-WUServiceManager cmdlet with the ServiceID for the Microsoft Update service specified. Type Add-WUServiceManager -ServiceID 7971f918-a847-4430-9279-4a52d1efe18d and press Enter. When prompted, confirm registering the service by typing Y and pressing Enter one more time.

image

Registering the Microsoft Update servers.

· List available updates from the Microsoft Update servers by typing Get-WUInstall –MicrosoftUpdate –ListOnly and pressing Enter. After a few moments, the system will return a list of the available updates for the current machine. No error this time!

image

· The same results are produced by typing Get-WUList –MicrosoftUpdate and pressing Enter.

image

· Type Get-WUInstall –MicrosoftUpdate and press Enter to go through the available updates, confirming installation of each one manually.

image

PSWindowsUpdate and Parameter Support

Another awesome feature of the PSWindowsUpdate module is its support of parameters. For example, using the –AcceptAlland the –AutoReboot parameters with the Get-WUInstall cmdlet changes the manual process into an automated one. Type Get-WUInstall –MicrosoftUpdate –AcceptAll –AutoReboot and press Enter. The system will download and install all available updates and then automatically reboot if any of the updates require a reboot.

image

Retrieving updates and installing automatically.

Don’t want a particular update to be installed? No problem! Use Hide-WUUpdate. Selection parameters such as –Title or –KBArticleID narrow in and hide specific updates. Feel free to use wildcards with these parameters. As an example, type Hide-WUUpdate –Title “Bing*” –KBArticleID “KB2673774” –MicrosoftUpdate –Confirm:$false and press Enter to hide the Bing Bar 7.3 update.

image

Hiding an unwanted update.

Notice that I used the –Confirm parameter, along with the $false switch, to automatically confirm hiding the selected update. In the future the update won’t appear when listing available updates.

Did you make a mistake and hide the wrong update? No problem! Hide-WUUpdate can unhide an update by using the –HideStatus parameter with the $false switch. To unhide the update hidden earlier, type Hide-WUUpdate –Title “Bing*” –KBArticleID “KB2673774” –MicrosoftUpdate –HideStatus:$false –Confirm:$false then press Enter. As before, I used the –Confirm:$false parameter to keep everything streamlined.

image

Unhiding a previously hidden update.

Once all the updates are complete make sure to open PowerShell (as Administrator) and set the Execution Policy back to ‘restricted’:

Type Set-ExecutionPolicy Restricted and press Enter. Then exit

Windows 8.1 is here

Windows 8.1 is here just a year after Windows 8. This update—free to existing Windows 8 users. The update is simple and hassle free through MS update.

I’d recommend it to anyone who has Windows 8 to make it more easily navigable and user friendly. Especially those of us in the business desktop world.

Some reasons to update can be found here.

Another pretty good review article is here.

My drumbeat. Backup with Images folks!

Once again I’ve had the frustration of dealing with failed hardware. The system was highly customized with special settings and configurations to enable unique line of business applications and data, plus the ‘regular’ business applications such as MS Office (with custom CRM databases) multiple email accounts and other applications installed after the system was first ‘fired up’. It was an HDD drive failure on a two month old HP laptop.

HP’s solution is to ‘just send the whole thing back and we’ll put the new HDD in with the ‘factory image’. A ‘factory image’ is what the new Laptop ships with; as if you just bought it. None of my installed applications, settings or files would/will be there. Meaning I’d have to finish the initial setup, update the Operating System to a Windows 8 Pro version (the ship version was Home Premium), install MS Office 2013 Pro (again from the MS Store – it didn’t come with system), install all the other business applications required for this user – 4+ separate ones each requiring special configurations to work with Windows 8, AND then get all the files and settings (like email accounts etc.) configured. Oh and of course there would be about a day and half worth of Windows and Application Updates and Patches to apply. Then hope that it all works as it did.

Had this system been IMAGED, I would have been able to remove the dying/dead drive, run down to the local PC store (Fry’s) and buy a replacement drive, install a clean/new one and restore that image to the new drive. The system would then be as it was when the image was created, apps, files, settings and all. Only time would have been the physical HDD removal and replacement and the time it takes for the image restore – that total time would probably have been only one day more or less.

I propose this to all of my clients. But for some reason they often don’t see the value till it’s too late. No matter my insistence. It is usually a, ‘yea, we’ll do that soon..just not now….. Sometimes it’s the capital cost (actually less than $200.00) or time (really very little – to install and setup). But in the end I guarantee that it will always cost more if they are out of business.

However in this case there was no image backup. The system was as a point where it was un-repairable via HP or MS Windows recovery tools and would not boot. I had to remove the HDD, place it in one of my HDD docks and use advanced disk recovery (forensic) tools just to get access to the data. I was then able to copy off nearly all the data to another drive. Note that I recovered data NOT the working system. So all the documents and files this person had are still accessible. But otherwise quite useless with out the applications and Operating system to use them.

I constantly hear the commercials for the many online backup services and their BS promises on the TV and radio. My clients do too. And they like most people do NOT understand that there is a WORLD of difference between a file backup and a full system backup that will enable complete system recovery; Operating System, Applications, Settings and all. It’s good to use some of these services to backup your documents and files (I do and recommend some – see my previous articles on cloud storage). But you must understand that if you SYSTEM fails you need some kind of system recovery, not just files.

I cannot state it emphatically or enough, PLEASE USE SOME KIND OF DISK IMAGING SOFTWARE TO CREATE YOUR BACKUPS!!

I have written many, many times about this. You can read here and here.

My go to imaging software is Acronis True Image. The cost is nominal (right now only $79.00 U.S. for the Home Premium version that includes ‘Universal Restore’. You can check out there deals here. Add to that the low cost of External USB HDDs – less than $100.00 U.S. in most cases, and you can assure that you will NOT be out of business longer than a day or two at most. VS having a to wait for a manufacturer to send out replacement part( s) , re-install and configure everything and HOPE it all works as it did.

Well there you go just another rant after spending a few whole days working my tail off to help one of my clients. Sigh..

Windows 8.1 news

If you are buying a new PC or laptop and you’ve been holding off because of the new Metro interface you might be in luck.

It looks like Microsoft is pulling a ‘New Coke’ here and admitting that the ‘Metro’ desktop and lack of ‘Start’ button was a VERY BAD MOVE. Especially for those in the business community.

I got this deal earlier this year and it’s still a great one. For those looking for a powerful Windows PC laptop that could easily replace an older high end workstation this is a pretty good choice.
I wrote an article about my original selection, purchasing and finally, my adventures in ‘downgrading’ it to Widows 7 Pro/Enterprise here. Many of the things I do with my system cannot be done efficiently, or at all, from the silly ‘Metro’ interface. And other applications simply wouldn’t run properly.

With Windows 8.1 (which it will release mid to late summer, it is said that Microsoft is going to bring back the traditional ‘Boot to Desktop’ feature along with the much missed ‘Start Button’. It looks like the start button will most likely look like the ‘Windows Charm’ in Windows 8.1 but it hopefully will be there. You can read about that here and here.

IF you are stuck with Window 8, don’t want to go through the hassle of downgrading it, and can’t wait for Microsoft to ‘fix it’, there is a fantastic solution to bring back the old Window 7 interface. It’s called Start 8 by Stardock Software It’s a great app and only costs $4.99 USD. It’s the first thing I install on clients Windows 8 machines when they tell me they can’t handle the Windows 8 Metro interface.

Peace, and be safe.

Install/Downgrade to Windows 7 from Windows 8 – HP laptop adventures

I’ve been without a good working portable/laptop computer for some time (had a couple liberated and another fail) and decided the time was nigh to purchase a very good one for my needs.

I did loads of research on specs and ratings etc. of course, that’s part of what I’ve been doing for a few decades. So I might have a pretty good idea of what I want and need.
For me I am primarily concerned with a system that can match or exceed the computing abilities of my workstation. That means a fast 64bit multi-core processor with Hyper Virtualization Technology built in – an i7, loads of fast RAM, a large fast HDD, dedicated video card and ample ports for devices and connections.

I found some good Dell’s, Asus’, and HPs. I am a huge fan of Amazon, New Egg and Costco and looked extensively on their sites too. I finally settled on an HP that Costco had for sale with bang up specs and a great price. In fact the price was way better than I could get configuring the device on HPs site or a comparable one on Dell’s site.

This, and most new systems; desktops and laptops now come with Windows 8 pre-installed. Windows 8 is a nice operating system and brings some nice ‘under the hood’ improvements in security and performance. AND it’s User Interface (UI) is very easy to navigate for those not that familiar with a Windows Operating system. All the ‘simple things’ – web, email, social media, games etc., are quickly accessed and controlled on the Metro ‘front page’. For those that are very familiar with older versions however it will definitely take some getting used to.

HOWEVER, I’m an IT guy. I use dozens of applications on a regular basis, usually daily. AND there are many network/system management applications that will not run on Windows 8 (yet, or ever). So I needed to be sure that whatever hardware I got that I would be able to downgrade/install Windows 7 Enterprise.

I made several calls to HP over the past couple months speaking with sales and tech people alike. I was finally assured by a level III tech manager that I would be able to install Windows 7 onto my machine with out ‘much’ difficulty. That the Windows 8 (and maybe some of the Windows 7 drivers from the just previous models) would/should work.

So I broke down and ordered a new laptop over a month ago. WELL… I finally got it. It had to be made in China exported to the U.S.A., clear customs in Alaska and finally make it to me.

That’s when things got even more fun. <sarcasm>

You see, most newer systems are now shipping with UEFI type of ‘bios’. UEFI allows for some great flexibility in hardware and configuration that wasn’t possible with the old style of BIOS. Here’s Microsoft’s take on it:

In addition to better interoperability, UEFI firmware provides several technical advantages:

  • Compatibility with operating systems that support only BIOS
  • Ability to boot from large disks
  • CPU-independent architecture
  • CPU-independent drivers
  • Flexible pre-OS environment
  • Modular design

Two of the most notable Windows features for UEFI systems are the following:

  • Multicast deployment, which enables large scale network-based image deployment in manufacturing and enterprise settings.
  • Fast boot and resume from hibernation, which improves user experience.

The rich UEFI interface provides ample room for innovation in the development of operating system features. Along with the other members of the Unified EFI Forum, Microsoft is investigating the following:

  • Rootkit prevention (theoretically)
  • Network authentication at the ‘BIOS/FIRMWARE’ level

But many Operating systems will not work – at all with this firmware. AND.. This also allows the manufacture to possibly ‘secure’ – read LOCK, the ability to install ANY drivers or Operating Systems that are not ‘properly signed’ or specifically ‘allowed’ by said manufacturer. Sounds great for ‘security’ but that fails when you wish to work on/configure your own hardware! [Wow sounds like an Apple product huh!] Thank goodness I was able to enter the System Setup/Bios (unlock/disable secure mode) and enable ‘legacy bios support. But then came some other issues…

HP is now throwing the PC enthusiasts under the bus. Computerworld  has said that they have again changed their support for ‘downgrading’ Operating System – specifically Window 8 down to Windows 7. What a bunch of crap! Users in the past always could downgrade, assuming they had the appropriate licenses — Windows 8 Pro — and media for Windows 7 Professional or Vista Business. The question was whether their machines would work after a downgrade. “The company retained its warning that if customers downgraded to Windows 7 and reached out to HP for support, they may have to restore the original Windows 8 OS to get help from the company.” Oh well, I’ve got a solution for that I’ll get to later.
Well I’ve already got my system so I might as well give it a go!

My solution was two fold. First I removed the original HDD before I even powered up the laptop and just put it aside in case I had to send the whole thing back as it was when I received it. I could just reset the BIOS to default, install my original Hard Disk and bam, just like new. Yes I know most wouldn’t go through this much trouble, and that is OK. You can just skip this part and wipe the drive that came with the system and move on from there. But me, I’m a tad extra careful and conservative and always make sure I have a complete ‘escape’ plan. I purchased a brand new Hard Disk Drive. I Picked up a 1 terabyte (1TB) 7200RPM HGST/Western Digital drive from Fry’s for just under $100. Being a Western Digital I know that the HP HDD drivers should work with it. And this drive was faster than what came stock – 7200 RPM vs. 5400RPM!

Second part of my plan was the actual installation of Window 7 (Enterprise in my case) to the laptop.

Some pre-requisites: Make sure you have a Windows 7-64 bit WITH SP1 install DVD. You can only use a 64 bit version of Windows AND it must have SP1 already incorporated (sometimes called ‘slipstreamed’) or you will not be able to install this on UEFI hardware. Also go to the manufacture’s web site and download ALL the Windows 8 64bit drivers for you model of system (for me it was HPs DV6t-7200) AND see if you can find the Windows 7 64 bit drivers for the model ‘just preceding’ the Windows 8 model you have – for me that was the DV6t-7000. After you’ve downloaded all the drivers extract each one to its own folder. If you use 7-zip (which you already should be) you can just right-click on the drivers self-extracting  ‘.exe’ file and then choose 7-Zip option to ‘Extract to “\drivername” folder\’ . Then copy all these to a DVD or USB drive you’ll need them once you get Windows booted to the point that you are booted to the desktop. Probably the most important ones are the Network Adapter drivers. You will certainly need to get online quickly to ‘Activate’ your Windows installation, Update you Windows installation and hopefully update your drivers automatically.

So now the semi easy part.

Boot into you bios/setup – usually it’s the ‘Esc’ key and then enter ‘Setup’ or System Setup. On some machines it might be F1, F2 or the like. But you need to get to the BIOS/Firmware options. You may even be prompted to enter a password! Thankfully as of now most manufacturers actually present that password – usually a number, right on the screen; enter it and then you will be in.

In the setup options use the arrow keys and enter to navigate (as described on the help window at the bottom of the screens.) and make sure you do NOT have ‘Secure Boot’ enabled. Usually you can use the  arrow keys to select this option and then once high-lighted press either F6, F5 or + or – to change the value. It must not be Enabled or you can not install Windows 7.

Then you have to to change Boot mode to LAGACY in BIOS. (Sometimes it is Legacy mode:Enabled). And in the Legacy section of the bios boot order make sure that the 1st boot device is UEFI DVD drive. Then Save Changes and exit.

The system will reboot. And hopefully if you’ve enabled legacy boot mode, made sure that the 1st boot device is UEFI DVD drive (And of course put your Windows 7 64SP1 installation DVD in the drive!), you should be able to install Windows 7!

Yay!! Then comes another fun part. After Windows is installed you will surely have to install a whole load for drivers. Open Device Manager (see all the yellow exclamation marks!), right-click on the devices and choose update driver. Then put in your DVD with all your drivers you made earlier and start finding the updated drivers.

OK, so that is a short version of an even longer winded version I originally had written about this project. I’ll be adding more articles as I can. Some will be how to dual boot Window 7 and Windows 8 – on separate partitions, how to decide I you can/should upgrade to Windows 8 and how to properly do it. I’ll also, from time to time put up more tips on navigating through Windows 8.

Hope this helps some. Peace out.

Update 05/09/2013: Costco is again offering this laptop I updated the link above or you can go here. And if you’re looking for a good HDD here is one.