Out of Office Hours

Powered by
WordPress

  • Turn off the (new) Edge welcome page

    It seems like every time Microsoft adds something that shows up the first time you sign into Windows on a newly-deployed clean OS, you then have to search around for “how do I turn that off.” The new Edge (Chromium-based) is no different (now that it’s preinstalled in the latest Windows 10 release). The first-run…

  • Tanium 101

    It’s now been over three months since I left Microsoft and joined Tanium as a Global Technology Specialist. During that time, I’ve been through a lot of training, as well as hands-on work with the Tanium solution. And while I certainly have only scratched the surface of what can be done, I do at least…

  • Digging into the Windows Feature Experience Pack

    If you’ve not heard of the Windows Feature Experience Pack, here’s some catch-up reading for you: Releasing Windows Feature Experience Pack 120.2212.2020.0 to the Beta Channel Microsoft is testing out this new way of delivering Windows 10 features Releasing Windows Feature Experience Pack 120.2212.1070.0 to the Beta Channel Microsoft starts testing Windows Feature Experience Pack…

  • UEFI Secure Boot: Yes, again

    Last week, I posted about UEFI Secure Boot, showing how to look at the Secure Boot “db” on a UEFI device. To summarize, the certificates in the UEFI “db” variable are used by the UEFI firmware to determine if the current boot program (e.g. bootmgr.efi) is allowed to run on the device. But there is…

  • Scripting languages on Windows: a broader view

    If you spent your career in a Windows- and Microsoft-focused bubble, you probably worked with scripting languages like those I mentioned in my previous blog post. But those that worked in cross-platform environments, or in organizations that embraced open-source software, you might have a completely different list of scripting languages to consider. One of the…

  • Scripting languages on Windows: A brief history

    Those that have been focused on Windows for any decent amount of time will recognize that Windows has built-in support for multiple scripting languages (not including batch files, which I don’t consider to be a language — that goes for Unix/Linux shell scripts too). The three main contenders: VBScript. Initially created in 1996 (so almost…

  • UEFI Secure Boot: Who controls what can run?

    The idea behind the UEFI Secure Boot feature is to ensure that the device will only be able to run trusted code, at least until an operating system is up and running and can make that determination itself. The feature works at the firmware level and helps guard against root kits — as long as…

  • Booting your own Windows PE image

    My previous blog talked about how to create a Windows PE boot image. Next you need to know how to boot it. And there are plenty different ways to do that. These days, the most useful way is via a USB key on a UEFI system, so let’s start there. USB boot via UEFI UEFI…

  • Build your own Windows PE image

    Windows PE has been around for quite a while. (I’ll avoid getting into the history here, but I may revisit that with a future post.) But the instructions for creating a Windows PE image of your own have been pretty much stuck in time: simplistic batch files. Still, most people never worried about the process,…

  • Product Review: Lenovo ThinkStation P620

    I’ve done lots of posts, but never an actual product review. But enough people asked me about the workstation I am using to run virtual machines, so I thought it was a good time to start. First, I have used workstation-class machines for many years, running Hyper-V with a lot of RAM and disk space,…

  • Fun with VMware Fusion network adapters and Windows PE

    I’ve been doing some Windows 10 deployments on Mac OS running VMware Fusion (version 11.5.7) and have been struggling with DRIVER_PNP_WATCHDOG blue screens booting Windows PE. After some investigation, I narrowed it down to the network adapter on the virtual machine: Remove it, everything works fine. Leave it, and the VM blue screens after a…

  • Export-WindowsDriver doesn’t work?

    I needed a set of VMware drivers for Windows PE. The VMware documentation for doing that is rather ancient (and ineffective), so I went to plan B, extracting the drivers from a running VM. That should be pretty simple since PowerShell has an Export-WindowsDriver cmdlet, right? Well, if the cmdlet didn’t fail with a useless…

  • Turn off the Azure AD “Stay signed in?” page

    After years of clicking “yes” on the dialog: I finally decided it was time to turn it off. While it might be useful in web browsers, it’s generally not useful in the types of OS deployment and provisioning scenarios that I typically use because there is no “cookie” retained to remember that choice (and often,…

  • Using PSExec with Windows Terminal

    I’ve grown quite attached to using Windows Terminal to run PowerShell, cmd.exe, and various other command-line environments. As it implements a fairly standard console environment and can be customized, it’s pretty easy to add other things to it, e.g. Python. But what about PSExec? Easy enough to try by editing the configuration by clicking the…

  • Quick note: Windows 10 2004/20H2 and renamed Administrator accounts

    This one popped up on Twitter today, although it’s been around for about a month: https://support.microsoft.com/en-us/help/4592802/error-when-accessing-the-sign-in-options-or-users-mmc-snap-in The quick summary from how I read this: If you’ve renamed the local Administrator or Guest accounts and then upgrade to Windows 10 2004 or 20H2, Windows will happily create new accounts for you with the right names and…

  • Windows PE startup, revisited

    Way back when, I had to decipher the mechanism used in Windows PE to run stuff, i.e. to kick off the MDT/BDD processes.  It’s been years since I looked at that, because once you do it and it “just works” you don’t worry about it much any more.  But I had an opportunity recently to…

  • Geeking out with UEFI, again

    Last year, I published a blog that got into a fair amount of depth on UEFI that was surprisingly popular, both at the time I posted it and again last month after an open source newsletter included a link to it.  (Someone then copied the entire article and posted it on their site.  Grr.)  But…

  • What’s in a (Windows computer) name?

    The year was 1983.  A new set of APIs called NetBIOS was introduced, used by the IBM PC Network LAN software.  That API established a device naming convention that allowed for 15 character computer names, plus a one-character suffix to differentiate between types of devices.  That API was then later adopted for token ring, IPX/SPX,…

  • Setting up independent environments in Hyper-V

    It seems like I’ve always got a few different environments running in Hyper-V, each with their own DNS, DHCP, Active Directory, etc. running in them.  And in today’s cloud-connected world, they can’t just be isolated environments, they need to have internet access.  To simulate something close to “real-world” environments, I usually set up a server…

  • “Something went wrong” with OOBEAADV10

    Maybe you’ve seen this error before: The explanation is somewhat simple, even if the cause might not be: It means that there was some sort of error while loading the Azure AD authentication page. 99% of the time it’s going to be a network error – the page being displayed is effectively a web page…