Make windows 10 faster with Group Policy

Research

Debloat Scripts
 
https://github.com/Sycnex/Windows10Debloater
 
https://www.reddit.com/r/Windows10/comments/8jgrgr/guide_how_to_make_windows_10_less_intrusive_and/
 
GPO’s to add
 
 
.

 

Computer Configuration\Administrative Templates\Windows Components\Search
Allow CortanaDisabled
Prevent automatically adding shared folders to the Windows Search indexDisabled
Don’t search the web or display web results in searchEnabled
Allow Cloud SearchDisabled
Allow indexing of encrypted filesDisabled
Prevent clients from querying the index remotelyEnabled
Do not allow locations on removable drives to be added to librariesEnabled
Prevent automatically adding shared folders to the Windows Search indexEnabled
Prevent indexing files in offline files cacheEnabled
Prevent indexing public foldersEnabled
Stop indexing in the event of limited hard drive spaceEnabled
Do not allow web searchEnabled
  
Computer Configuration\Administrative Templates\Windows Components\Delivery Optimization
Download ModeLAN
  
Computer Configuration\Administrative Templates\Windows Components\Data Collection and Preview Builds
Toggle user control over Insider buildsDisabled
Allow Telemetry0 – Off
Disable pre-release features or settingsDisabled
  
Computer Configuration\Administrative Templates\Windows Components\App Privacy
Let Windows apps communicate with unpaired devicesDisabled
  
Computer Configuration\Policies\Admin Templates\Windows Components\Application Compatibility
Turn off Application Telemetry Enabled
Turn off Inventory Collector Enabled
  
Computer Configuration\Policies\Admin Templates\Windows Components\Endpoint Protection\MAPS
Join Microsoft MAPS Disabled
  
Computer Configuration\Administrative Templates\System\OS Policies 
Allow publishing of User ActivitiesDisabled
Enables Activity FeedDisabled
  
Computer Configuration\Administrative Templates\Windows Components\OneDrive\
Prevent the usage of OneDrive for file storageEnabled
Prevent the usage of OneDrive for file storage on Windows 8.1Enabled
Prevent OneDrive files from syncing over metered connectionsEnabled
Save documents to OneDrive by defaultDisabled
  
Computer Configuration\Administrative Templates\Windows Components\Cloud Content
Turn off Microsoft consumer experiencesEnabled
Do not suggest third-party content in Windows spotlightEnabled
Turn off the Windows Spotlight on Action CenterEnabled
Do not use diagnostic data for tailored experiencesEnabled
Turn off the Windows Welcome ExperienceEnabled
  
Local Computer Policy\User Configuration\Administrative Templates\Start Menu and Taskbar\Notifications
Turn off tile notificationsEnabled
Turn off toast notifications on the lock screenEnabled
Turn off notification mirroringEnabled

 

Set Explorer to My Computer not Quick Access


HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced

LaunchTo DWORD

1 = This PC 2 = Quick access

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

How to install .NET Framework 3.5 on Windows 10 via WSUS

Research

If your windows 10 machines get their updates from WSUS then you might get Error 0x800F081F while installing .NET Framework 3.5 on Windows 10. This is probably due to Windows 10 not being able to search your Windows Updates location for the Feature.


Approve these updates

Synchronise Server and try again

 

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Import-STFConfiguration : An error occurred configuring StoreFront diagnostics. Method invocation failed because

Research

Trying to import a Citrix Storefront Config produces the following Error

Import-STFConfiguration : An error occurred configuring StoreFront diagnostics. Method invocation failed because
[System.Collections.Hashtable+ValueCollection] does not contain a method named ‘Contains’.
At line:1 char:1
+ Import-STFConfiguration -configurationZip “c:\Temp\backup.zip” -HostB …
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Import-STFConfiguration], Exception
+ FullyQualifiedErrorId : System.Management.Automation.CmdletInvocationException,Citrix.StoreFront.ImportConfigura
tion

 

You need to wipe your Storefront Config using the below Commands


PS C:\Program Files\Citrix\Receiver StoreFront\Scripts> . .\ImportModules.ps1
PS C:\Program Files\Citrix\Receiver StoreFront\Scripts> Clear-DSConfiguration

Then retry import

 

I got then next error

 

Import-STFConfiguration : An error occurred configuring StoreFront diagnostics. The running command stopped because
the preference variable “ErrorActionPreference” or common parameter is set to Stop: Cannot remove item C:\Program
Files\Citrix\Receiver StoreFront\Receiver Clients\Mac\CitrixReceiver.dmg: You do not have sufficient access rights to
perform this operation.
At line:1 char:1
+ Import-STFConfiguration -configurationZip “c:\Temp\backup.zip” -HostB …
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Import-STFConfiguration], Exception
+ FullyQualifiedErrorId : System.Management.Automation.ActionPreferenceStopException,Citrix.StoreFront.ImportConfi
guration

 

Deleting 

C:\Program Files\Citrix\Receiver StoreFront\Receiver Clients\Mac

and 

C:\Program Files\Citrix\Receiver StoreFront\Receiver Clients\Windows

fixed this

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

How to restore a Domain Controller in a DR Situation

Research

Upon restoring a domain controller to a new or isolated network in example a DR environment, the domain controller will lose access to its other domain controllers for replication. You might find you cannot start the DNS server and or Active directory services.

To force the server to start without checking for others modify the below key and reboot the server

 Add the Following reg Key

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters
Value name:  Repl Perform Initial Synchronizations
Value type:  REG_DWORD
Value data: 0

You should then go into Active Directory Sites and services and remove the old Domain Controllers and Also go into the DNS server and remove any references in the Nameserver tabs for the Zones

_msdcs.domain.local

domain.local

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Sharepoint Online Classic View – Cannot show the value of the filter

Research

Recently a user was trying to use the Edit functionality of a Sharepoint Online List using Classic View with over 5000+ Items. To which they got when trying to change the view to modify the above error Cannot show the value of the filter

To fix this

  1. Create a new View and set the sort of this view to the users Sort

  2.  

    Filter the view to only get a select amount of items ( not the 5000+ all ) 

     
VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Cannot SysPrep Machine due to “Package was install for a user”

Research

Recently I was trying to SysPrep a machine ready for imaging , however I got the below

The app was : cannot remove 46928bounde.EclipseManager_2.1.0.21_neutral__a5h4egax66k6y becuase user does not have it installed

I removed all the user profiles on this PC which fixed the issue.

I then had this issue on another computer specifically Facebook_Facebook. Clearing the profile did not fix it. I had to run the below commands to reset the AppRepository Database on the mac

Stop-Service -Name "StateRepository" -Force
takeown /F C:\ProgramData\Microsoft\Windows\AppRepository\StateRepository-Deployment.srd
takeown /F C:\ProgramData\Microsoft\Windows\AppRepository\StateRepository-Machine.srd
Rename-Item C:\ProgramData\Microsoft\Windows\AppRepository\StateRepository-Deployment.srd C:\ProgramData\Microsoft\Windows\AppRepository\StateRepository-Deployment_corrupted.srd -Force
Rename-Item C:\ProgramData\Microsoft\Windows\AppRepository\StateRepository-Machine.srd C:\ProgramData\Microsoft\Windows\AppRepository\StateRepository-Machine_corrupted.srd -Force
Start-Service -Name "StateRepository"
VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

MYOB Outlook 2016 – A program is trying to access email-address Information

Research

outlook-security-popup

 

You will need to run the below as Administrator , if the use doesn’t have local admin you will need to change them to one then remove after  ;

  • Right-click on the Outlook shortcut holding the SHIFT key and choose Run as administrator
  • Go to File > Options > Trust Center > Programmatic Access
  • Set the programmatic access to Never warn me about suspicious activity (not recommended)

outlook-programmatic-access

 

IMPORTANT NOTE: If these option are greyed out, it usually means that you didn’t run Outlook with administrative rights.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\16.0\Outlook\Security
DWORD: ObjectModelGuard
Value: 2

As an alternative way, you can achieve the same result by altering your registry file in the following way:

  • Navigate through   (create the key if it doesn’t exist)
  • Add the following DWORD item:
    •  , with a value of 1.
    •  , with a value of 3.
    •  , with a value of 2.
    •  , with a value of 2.
    •  , with a value of 2.
    •  , with a value of 2.
    •  , with a value of 2.
    •  , with a value of 2.
    •  , with a value of 2.
    •  , with a value of 2.
  • Navigate through   (create the key if it doesn’t exist)
  • Add the following DWORD items:
    •  , with a value of 1.
    •  , with a value of 3.
    •  , with a value of 2.
    •  , with a value of 2.
    •  , with a value of 2.
    •  , with a value of 2.
    •  , with a value of 2.
    •  , with a value of 2.
    •  , with a value of 2.
    •  , with a value of 2.
VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

How to Share Office 365 Shared Mailbox Calendar Externally with Users

Research

With an account that has full access to the Shared Mailbox , login to Webmail and Choose “Open Another Mailbox”

Enter the Shared Maibox and Click OK

Next Click on the settings Icon and Choose “Publish Calendar”

 

Next Change the Details Below


Next Send the External party the HTML or ICS file

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Cannot Stop VPG in Zerto – Forcibly delete VPG in Error State : Undo Log Isn’t Empty can’t start new transaction

Research

Recently I tried to stop a VPG in Zerto after some DR testing, however, the Stop failed and the errors showing where : 

Forcibly delete VPG in Error State : Undo Log Isn’t Empty can’t start new transaction

After lodging a call with Zerto Support, we had to forcibly remove the VPG Via Powershell and Re-Add it back

**Before you do this I recommend you log down all the VM’s in the VPG and the Temp Data Drives

You will need to download and install the Zerto Powershell Tools : Zerto.PS.Commands.Installer for your version

After this is run you need to Open the Zerto Powershell and run 

ForceRemove-ProtectionGroup

Enter the VPG Name without Quotes

Enter the IP of the Zerto Server and username and password ( admin / password ) 

Once removed you can use the Zerto Virtual Replication Diagnostic Tool to import the VPG from the old setting file :

Then navigate to : 

C:\Program Files\Zerto\Zerto Virtual Replication\ExportedSettings

Find the latest backup and try and re-import the VPG

If this fails for whatever reason you will need to use the GUI at the customer side to recreate manually hence Note to backup VM names and Temp Data Drivers

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)