Windows 10 – Reinstall Windows OS using HP Cloud Recovery Tool

February 22, 2019

First check here if your device is listed for a Cloud Recovery of your OS

https://ftp.hp.com/pub/caps-softpaq/CloudRecovery/crsupportedplatform.html

What you need is a USB drive of minimum 16Gb, and the serial number of the HP device.

Download the tool :

Download Cloud Recovery Client


Solution :

Follow these steps, to create the W10 USB bootable flash drive installer.

Select Download tool now, and select Run.
If you agree to the license terms, select Accept.
On the What do you want to do? page, select Create installation media for another PC, and then select Next.
Select the language, edition, and architecture (64-bit or 32-bit) for Windows 10. You want 64 bit.

Select which media you want to use:
USB flash drive.  Plug in a blank USB flash drive with at least 8GB of space. Any content on the flash drive will be deleted.

image

Once Finished you see that OS installation and drivers (Optional) on the bootable pen drive.

IMPORTANT :

1. Delete WIM’s

After completion it leave a copy of the WIM files on your %localappdata% Directory.

image

So best delete it afterwards, because it is a lot of GB’s waste…

Now that you have the bootable USB drive you can install the OS on your device.

2. BIOS Changes

It might be necessary to disable SECURE BOOT in the BIOS,

in order to start the computer using recovery media.

1. Go to System configuration / Boot Options

image

2. Use the down arrow key to select Secure Boot, press Enter,

and then use the down arrow key to modify the setting to Disable and press Enter.

3. Use the arrow keys to select Legacy Support and press Enter,

and then use the arrow keys to modify the setting to Enable and press Enter.

4. Press F10 to accept the changes and exit or use the left arrow key to select the Exit,

use the down arrow key to select Exit Saving Changes and then press Enter to select Yes.

5. The Computer Setup Utility closes and the Operating System Boot Mode Change screen displays,

prompting you to confirm the Boot Options change. Type the code shown on the screen,

and then press Enter to confirm the change.

6. The Computer Setup Utility closes and the computer restarts.
7. Turn the computer off and try to boot from the Recovery media.

Enjoy!


Windows – Using osQuery Tool

February 1, 2019

The osQuery Tool is a cross-platform tool to query your devices like a database for Windows, Linux and iOS.

Osquery uses basic SQL commands to leverage a relational data-model to describe a device.

You can dowload it here

osQuery installation on Windows is running the MSI to get it running.

After the installation you will see the binaries in C:\ProgramData\osquery

image

As you can see it has a few PowerShell scripts as well.

But most importantly is the osQuery Shell called osqueryi.exe

If you run the shell command you can see all features like this :

osqueryi .help

image

in the background it uses SQLite Smile

image

You can list all the tables that can be queried like this

image

image

Since you now have the list of the tables you can start using it in a Query.

How to use it :

Example :

osqueryi -line "select * from video_info"

image

osqueryi -line "select * from cpu_info"

image

PowerShell :

You can use osqueryi.exe in PowerShell like this

image

Enjoy !


Windows Server 2016 – CleanUp Stale Devices – DeviceSetupManager Event ID 121

February 1, 2019

How to cleanup stale devices on your servers …

On one of our servers that is running as a Hyper-V Host and using a non windows backup software to backup the VM’s I see a lot of VSS copies hanging around …. ?

When looking at the HIDDEN devices

image

I saw a lot of Generic volume Shadow Copies

See here to know why this is occurs

image

And as well INACTIVE Storage volumes

image

The know why this is happening see here

Solution :

1. CleanUp all stale devices and registry related entries

Download the DriveCleanup Tool here

image

You can run this command to run in TEST MODE

drivecleanup -t > dc-output.txt

You can see this detailed output

image

In my case it suggest these entries to be removed.

image

I could see a clear relationship between the Event ID 121 Errors and output of the drivecleanup tool

image

image

To delete the stale devices and Registry Keys you need to use the Admin Privileges

Make sure you have good backups before removing anything !

2. Remove all VSS copies

Run this command to cleanup

vssadmin list shadows

vssadmin delete shadows /all

Check again the Event logs after the next backups.

And in my case all disk errors where gone. Smile

Enjoy !


Windows – Stop a Windows Service when this option is GRAYED OUT

January 4, 2019

Sometimes you might encounter that all options of a Windows Service are greyed out ?

image

Solution :

In this case it is the Windows Module Installer

Open the properties of this service.

Copy the Service Name “TrustedInstaller

image

Run this command

sc queryex TrustedInstaller

Look for the PID and run this command

taskkill /F /PID 5984

image

Now you can start the service again. Smile

Success !


Windows 10 – User Profile Service Event ID 1534 Error

December 27, 2018

You might run into the User Profile Service Event ID 1534 Error.

Spamming your Event Viewer log, like this …

image

GUID refers to the tileobjserver and probably tiledatasvc.

It seems that tiledatasvc was removed in 1809 Upgrade. The removal of the Reg Keys is manual clean-up going forward.

 

Solution :

Open the registry and go to :

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileNotification\TDL

Check the GUID in the the CLSID Reg Key

 

image

Next go to :

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\ProfileNotification

 

image

 

Export these TLD Keys and next DELETE it.

Reboot the PC and check again.

 

Success !


Windows 10 – New SSD Disk use MBR or GPT Initialization ?

December 26, 2018

I’ve got hold of a new SamSung 860 EVO 1 TB SSD disk.

 

image

This disk is lightning fast up to 6 Gbps internal speed.

While this disk can be used to replace 2.5” internal disks.

 

You can buy a SATA III to USB connector, so you can use it as an external SSD HDD.

image

Once connected, you will need to go to the Disk Management

And you will see the unallocated disk of 1 TB SSD in my case.

image

It will bring up the popup to Initialize the Disk

You will need to choose between MBR or GPT ?

 

MBR is the old fashed Master Boot Record standard that dates back from the DOS ages.

So best choose the new GPT option that is also compatible with Linux and Apple… Winking smile

 

Success !


Windows Server 2016 – ServerEssentials DesignatedActiveDirectoryServerDown Event ID 1280 Error

December 20, 2018

After removing a DC and cleaning up the metadata I still got errors relating to DesignatedActiveDirectoryServerDown ?

I rechecked all settings and had still some references in the DNS.

But even after removing all of this it was still complaining ?

image

Solution :

Open the registry and go to :

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Server\ADContext

image

Key ConnectedDc was pointing to old DC server.

Correct the value and pointed the key to current  DC :

Correct the registry entry by overwriting with the proper value of the local server.

Restart the dashboard for the change to take effect.

Next go on searching for more references in the registry

image

https://support.microsoft.com/en-us/help/332199/domain-controllers-do-not-demote-gracefully-when-you-use-the-active-di

If there is an entry for Src Root Domain Srv, right-click the value and then click Delete.

This value must be deleted so that the domain controller sees itself as the only domain controller in the domain after promotion.

Remove these registry key

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NTDS\Parameters\Src Root Domain Srv 
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\NTDS\Parameters\Src Root Domain Srv 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters\Src Root Domain Srv 
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NTDS\Parameters\Src Srv objectGuid 
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\NTDS\Parameters\Src Srv objectGuid 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters\Src Srv objectGuid
Reboot the server and check again.

Enjoy!