All posts by admin

RDP Authentication Error Has Occurred – The Function Requested Is Not Supported

Uncategorized

We were stuck with this when trying to connect to an RDP host that was behind on its updates and had its NLA requirement enabled. Since we had no way to remotely connect to the host to install updates or disable NLA, we were able to override this requirement on the remote machine by modifying the registry on the remote machine:

REG ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters /v AllowEncryptionOracle /t REG_DWORD /d 2

This allowed the remote connection to succeed. This can be reversed after resolving the host problem with this on the remote machine:

REG ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters /v AllowEncryptionOracle /t REG_DWORD /d 0

Windows Update on Server Stops Working Properly

Uncategorized

We had a Server 2016 machine where Windows Update would get stuck at “Downloading 100%.”  Trying to install the updates manually would get stuck at “Copying packages to the update cache.” Here’s how we fixed it:

  1. Write down the KB numbers of the pending updates.
  2. Download the offline installers for the above KB numbers, if you haven’t already, from the Microsoft Update Catalog here: https://www.catalog.update.microsoft.com
  3. Open Services and change Windows Update Startup type to “Disabled.”
  4. Open an elevated command prompt.
  5. net stop wuauserv
    (If it cannot be stopped, find the PID for the service in Task Manager and kill it with
    taskkill /f /pid <PID for process>)
  6. net stop cryptSvc
    net stop bits
    net stop msiserver
    del /f /q “%ALLUSERSPROFILE%\Application Data\Microsoft\Network\Downloader\qmgr*.dat”
    del /f /s /q %SystemRoot%\SoftwareDistribution\*.*  (This may take a long time)
    del /f /s /q %SystemRoot%\system32\catroot2\*.*
    del /f /q %SystemRoot%\WindowsUpdate.log
  7. Go back to Services and change the Startup type for Windows Update to Manual
  8. Now back to the elevated Command window:
    net start cryptSvc
    net start bits
    net start msiserver
  9. Now manually install the updates from step #2 above
  10. Now change the startup for Windows Update to Automatic and start it if it’s stopped.

 

 

IIS broken when WSUS/WID role removed from server

Uncategorized

We set up a site in IIS on a Windows Server machine that had been configured with the WSUS/WID role. After the site was up and running, we removed the WSUS/WID role on the server. Thereafter, the IIS site was returning “HTTP Error 500″

Removing the WSUS role on the server removes almost all the files installed by the Windows Update Services but does not undo the changes to the configuration written in the ApplicationHost.config file. The Applicationhost.config file tries to call the .dll installed by the WSUS Server which no longer exists on the system.

From the Applicationhost.config file:

<scheme name=”xpress” doStaticCompression=”false” doDynamicCompression=”true” dll=”C:\Program Files\Update Services\Webservices\suscomp.dll” staticCompressionLevel=”10″ dynamicCompressionLevel=”0″ />

Running the following command will remove all references to the module installed by WSUS.

%windir%\system32\inetsrv\appcmd.exe set config -section:system.webServer/httpCompression /-[name='xpress']

RDP Printer Redirection not working or crashing with Windows 10 host

Uncategorized

When Windows 10 is acting as a host for Remote Desktop, redirected printers may stop working or cause the RDP client to crash (NT.DLL.)

This can happen when the “Easy Print” driver is installed by the host machine despite there being a proper printer driver installed. This unnecessary substitution can be turned off:

HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services

Add DWORD key UseUniversalPrinterDriverFirst and set value to 4

(Values are Enabled = 3, Disabled = 4)

In some cases, the host has to be rebooted for this to take effect.

UNC connections to C$ denied

Uncategorized

When attempting to attach to a C$ share with proper credentials, it may be rejected as “access denied.”

Example: \\machine\c$

On the target machine with the desired C$, Add/change this registry key and restart the Server service.

Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
 Value: LocalAccountTokenFilterPolicy
 Data: 1 (to disable, 0 enables filtering)
 Type: REG_DWORD (32-bit)

“The name limit for the local computer network adapter card was exceeded”

Uncategorized

We were seeing this error when trying to open a mapped network drive on a Windows Server (in this case, the drive was mapped to a share on the same server.) The server did not have Exchange installed.

This can happen if the number of dynamic ports available for assignment is too small, and this limit’s default value can be adjusted.

C:\>netsh int ipv4 show dynamicport tcp will display the current pool like this:

Protocol tcp Dynamic Port Range
---------------------------------
Start Port      : 49152
Number of Ports : 16384

This can be enlarged to the maximum with this:

C:\>netsh int ipv4 set dynamicport tcp start=1025 num=64510

Immediately after this, our problem was resolved. No reboot was required.

More information is here:

https://docs.microsoft.com/en-US/troubleshoot/windows-server/networking/default-dynamic-port-range-tcpip-chang

Remove Chromium Edge from Windows 10

Uncategorized

To remove Edge browser when it’s not possible from add/remove programs:

  1. Browse to “C:\Program Files (x86)\Microsoft\Edge\Application”
  2. There should be a folder with a numerical name (the current version of Edge installed) such as “88.0.705.63.” Open that folder.
  3. Find and open the “Installer” folder.
  4. While in this folder, click the “File” tab in the upper-left of the File Explorer window, then go to:
    File > Open Windows PowerShell > Open Windows PowerShell as administrator.
  5. Type:
    .\setup.exe -uninstall -system-level -verbose-logging -force-uninstall
    into PowerShell and press Enter to run the command and let it run.

“…could not create the work file. Check the temp environment variable”

Uncategorized

When switching to the 32-bit version of Office after installing the 64-bit version to accommodate a plugin or some other reason, uninstalling the 64-bit version leaves behind the registry entries associated with explorer’s preview pane. Then, Office programs will generate errors like these:

Word: Word could not create the work file. Check the temp environment variable.
PowerPoint: Access denied. Contact your administrator.
Excel: This file cannot be previewed.
Outlook: Outlook could not create the work file. Check the Temp environment variable.

To resolve this, delete the following registry keys (after exporting “just in case”):

[Word Preview]
HKEY_CLASSES_ROOT\CLSID\{84F66100-FF7C-4fb4-B0C0-02CD7FB668FE}

[PowerPoint Preview]
HKEY_CLASSES_ROOT\CLSID\{65235197-874B-4A07-BDC5-E65EA825B718}

[Excel Preview]
HKEY_CLASSES_ROOT\CLSID\{00020827-0000-0000-C000-000000000046}

After deleting these keys, logoff and login. Windows will now use the preview handlers registered under the HKEY_CLASSES_ROOT\Wow6432Node\CLSID\ branch. This should fix the preview issues in Office 32-bit version running on Windows 64-bit