Windows Enterprise Desktop


August 15, 2016  1:44 PM

Win10 Storage Diagnostics (StorDiag.exe)

Ed Tittel Ed Tittel Profile: Ed Tittel

It’s not often that new administrative tools for Windows come along, nor do they typically arrive in stealth. After reading about a “new” command line utility named StorDiag.exe on WinAero.com this morning, I dug in to find out when and how it popped up. According to Google, the earliest mention is an August 5 blog post from Mark Berry entitled “StorDiag Errors after Windows 10 Upgrade.” This post explores a class of events related to the Windows Storage Class PnP event log. In fact, StorDiag.exe captures such events in a file named “Microsoft-Windows-Storage-ClassPnp.evtx” when run. And like the original poster, I may also have issues with embedded SD card circuitry. Very interesting!

StorDiag.exe

Help info for Stordiag.exe shows only a few switches and options.

Here’s more on those arguments:

– collectEtw: collects a 30-second long event log for each storage device. Uses Event Tracing for Windows (ETW).
– checkFSconsistency: runs chkdsk and fsutil tools against all registered storage devices
– out <PATH>: writes a raft of files to the directory specified after this argument (by default, files appear in %windir%:\Users\<user-account>\AppData\Local\Temp)

What does StorDiag.exe Do, What Files Does It Create?

This utility creates a whole slew of files in a target or default directory. Here’s a description with some numbers:

  • LocalMetaData: a folder with 15 files, each related to event files it creates.
  • ChkDsk<Drive-Letter>.txt: ChkDsk output for all recognized drives. For my system that means ChkDskC.txt through ChkDskR.txt. Letters N through O map to flash drives not present on the system (15 files)
  • CDROM.reg, DiskDrive.reg, FileSystem.reg, HDC.reg, SCSIadapter.reg, VolMgr.reg, VolSnap.reg. Volume.reg: compilations of registry entries. These cover optical storage, disk drives, file systems, plus storage controllers and SCSI adapters present on the system, and entries for Windows 10 Volumes, its Volume Manager, and the Volume Snapshot facility (8 files)
  • Microsoft-Windows-<event-class>.evtx: A collection of 15 event trace files, all viewable in Event Monitor. They feature internal labels: DataIntegrityScan-Admin, DataIntegrityScan-CrashRecovery, DisakDiagnostic, Ntfs, Partition, Storage-ATAP, Storage-ClassPnp, StorageManagement-Operational, StorageSpaces-Driver-Diagnostic, StorageSpaces-Driver-Operational, StorageSpaces-SpaceManager-Operational, Storage-Storport, Volume, VolumeSnapshot-Driver, and System. They cover most aspects of Windows system and storage performance plus data and crash integrity.
  • PSLogs.txt: a complete summary log of all actions from the latest StorDiag.exe run with pointers to files created plus data, device, and object snapshots
  • Volume <Drive-Letter> Corruption.txt: FSutil output for all recognized drives; for my system that means Volume C Corruption.txt through  Volume R Corruption.txt. (15 files, 53 files total)

StorDiag.Exe: Interesting Output, But What Does It Tell Us?

In short, there are reams and reams of potentially interesting and useful stuff to be gleaned from the many files this utility spawns (11.3 MB worth, in the case of my production desktop). Thus, I’m hoping an enterprising Windows toolsmith builds a console to pluck the wheat from the chaff produced. It took me the better part of an hour to chew through those 50-odd files, with only a handful of errors and warnings worth further investigation. So while the StorDiag.exe utility is interesting and brings lots of potentially valuable information together, I’m not yet prepared to say that it’s also incredibly useful. Hopefully, we’ll see the aftermarket help out with this…

August 12, 2016  1:40 PM

TechNet Article: Win10 Deployment Tools Updated

Ed Tittel Ed Tittel Profile: Ed Tittel
Deployment tools, Windows 10, Windows Deployment Services

Although plenty of third-party options are available, Microsoft offers a pretty complete set of deployment tools for Windows 10. Given a recent update to its coverage and links, the TechNet Article: Win10 Deployment Tools demands a fresh read.  There’s a lot of new stuff to ponder here aimed at Windows 10. It should be quite interesting for those involved in or planning Windows 10 deployments.

TechNet Article: Win10 Deployment Tools

This recent TechNet article lays out new Win10 deployment topics.

“New and Improved” TechNet Article: Win10 Deployment Tools

Topics covered in this article include the following, most with recently updated pointers or links

By my reckoning, half of this content is either brand-new or substantially revised. Hopefully, that explains why I recommend revisiting what IT pros may think they already know. I tried to chase this newer stuff down with TechNet and MS website searches, and found links provided here fresher and more relevant than those search results.


August 10, 2016  10:53 AM

In Windows 10 Fix-Its MIA

Ed Tittel Ed Tittel Profile: Ed Tittel

Anybody who’s been around Windows for a while will recognize the icon for Micosoft Fix It items. AFAIK, it’s the company’s equivalent to Mr. Goodwrench. It shows a faceless person wearing overalls holding a great big open-ended socket wrench. But alas in Windows 10 Fix-Its MIA is the best way to describe their status. So I did a little poking around and found something very interesting.

Windows 10 Fix-Its MIA

Though Mr. Fix-It may lack facial features, he often brings relief to Windows users.

Why are Windows 10 Fix-Its MIA?

It seems that Microsoft is not going to support fix-it tools for Windows 10. As the company says in a support note entitled “Use a fix-it tool with Windows 10

Fix-it tools aren’t around anymore in Windows 10. Instead, use a troubleshooter to help solve problems with your PC.

Here’s what I’m guessing this means, reading between the lines. Given the rapid update cadence for Windows 10, MS doesn’t believe it needs to build separate troubleshooting tools any more. Instead (I imagine) the company will either tweak existing troubleshooters or add new ones to the OS, possibly as part of its monthly Cumulative Updates. If not then, such things should come for sure as part of its twice-yearly “feature updates.” This new terminology reflects those less-frequent updates — like the recent “Anniversary Update” — that are significant enough to invoke the Windows installer for a full-blown OS upgrade.

On the other hand, it will be interesting to watch future updates and fixes from MS. Could this policy of “no more Fix-it tools” be changed? Maybe, maybe not. Only if a problem whose fix requires an automated tool AND no troubleshooter pops up in response could I see the return of Mr. Fix-It to the scene. Microsoft says “ain’t gonna happen.” We’ll see!


August 8, 2016  10:36 AM

Windows 10 Fresh Start

Ed Tittel Ed Tittel Profile: Ed Tittel

The Windows 10 Anniversary Update introduces a new clean install option of potential interest to those purchasing a new PC. It provides the ability to create a Windows 10 fresh start. Find it by clicking Settings –> Update & Security –> Recovery. This produces the following display:

Windows 10 fresh start

The “Start Fresh” option replaces the current Windows install with a clean install from a freshly downloaded image.

Who Needs a Windows 10 Fresh Start?

This option is only of interest to those who don’t mind losing any installed applications, settings or preference changes, or other alterations performed post-install. That’s why it’s best for OEM PCs. OEM PCs are likely to include numerous additional software elements, often called “bloatware” or “crapware.” The “fresh start” option blows away the current Windows 10 install and replaces it with a clean Windows-only image. For some, this is better than a factory reset, because a factory reset restores those unwanted additional software elements as well as the OS.

A Windows 10 fresh start runs users through the Windows Media Creation tool. First they build a bootable UFD. Next, that device drives a clean install of Windows 10. Thus, a pristine Windows 10 install replaces the current installation. A Windows.old directory is available afterward, so that admins or power users can dig in to recover any necessary file. But any installed applications that users want must be reinstalled. And that, of course, is why this option is best applied to new OEM PCs immediately following their purchase.


August 4, 2016  5:25 PM

MS Cuts Win10 OS Rollback to 10 Days

Ed Tittel Ed Tittel Profile: Ed Tittel

There’s an interesting and unexpected change in the Windows 10 Anniversary Update (Version 1607). In earlier Windows OSes (8 and 8.1) users had 30 days to decide if they liked the new OS. If they didn’t, they could roll back to the previous release. This is where restoring Windows.old comes into play. But with Version 1607, Microsoft cut the Win10 OS rollback window to 10 days. Here’s a screencap from one of my Insider Preview machines that got this update awhile back:

Win10 OS Rollback

Oops! Just when you need a rollback, the old OS image is gone…

If you ask me, this is somewhat sneaky of Microsoft. According to Sergey Tkachenko at Winaero.com, MS says the change comes from observation of Win10 telemetry. Sergey reports “…they saw that most users would either rollback Windows 10 on their machines within the first couple of days or there were those who stayed with the new OS indefinitely. Which means Microsoft claims there were hardly any users who rolled back after more than 10 days.” OK, I get where they’re coming from. But for those who know about the old default, it’s underhanded to cut it without trumpeting that change.

News on the Win10 OS Rollback Is Covert

I can’t find any official word on this from Microsoft. In tracing the story, I found a piece at neowin.net that quotes Richard Hay at winsupersite.com. But there’s nothing about this in Microsoft changelogs or other information about the Anniversary Update. I’m sure this is unintentional, but I want to spread the word to make doubly darn sure nobody gets caught short. Consider yourself warned!


August 3, 2016  11:24 AM

Anniversary Update Post-Install Cleanup

Ed Tittel Ed Tittel Profile: Ed Tittel
Microsoft Windows Installer, Windows 10

Yesterday, on August 2, MS unleashed the Anniversary Update to Windows 10 Current Branch users. Because Windows Update is staggering update availability, various other means to grab an ISO also appeared. These include: MSDN (subscription required), and the Media Creation tool. Clicking “Learn More” on the Settings –> Update & Security –> Update Status page also helps. It points to a Windows 10 Upgrade advisor and can also fire off the upgrade process. However, Tech Bench, is currently not available. Having upgraded 5 machines from build 1511 to 1607 yesterday, I can report that some anniversary update post-install cleanup is required. Finally, here’s an interesting screen cap of a self-congratulatory notification from MS received yesterday (twice, in fact):

Anniversary Update Post-Install Cleanup

MS sent users this birthday greeting for Win10’s “bonne anniversaire.”

What Kinds of Anniversary Update Post-Install Cleanup?

First off, there’s the usual post-install stuff: modern Windows takes the previous install and moves it into the Windows.old folder, but also keeps the installer file around as well. These usually clean up nicely using Disk Cleanup (aka cleanmgr.exe), or with CCleaner. It’s also a good idea to use a file like DriverStore Explorer (aka rapr.exe) to check on Windows drivers, because some installs deposit duplicate drivers in profusion. For example, my son’s Dell XPS One 2720 had 81 copies of the Realtek HD Audio driver in the store, of which only 1 was needed.

For this upgrade, Windows.old did not disappear after those usual clean up maneuvers. I found some persistent files related to audio, display, and various Windows 10 apps on all 5 of my upgraded systems. That said, each system had a slightly different collection of persistent stuff, all in a size range around 4 MB. The easiest way to get rid of them turned out to be booting the systems from a bootable UFD. I used Command Prompt in the Computer Repair – Troubleshooting option to root them out. This required using the delete (del) command on actual files, and the remove directory (rmdir) command on directories. This took about 20 minutes per PC to handle, including booting into UEFI, selecting an alternate boot source, and command line activity.

Issues Unrelated to Anniversary Update Post-Install Cleanup

A few other snags came up in applying the Anniversary Update on the 5 target PCs. Three of them went without a single hitch, but I encountered issues on two machines. I built my UFD using Rufus with an image from MSDN. It worked flawlessly on my Lenovo X220 Tablet, but hung at 99% on processing updates on my Lenovo T420. I purchased both machines at the same time so they have the same CPU, equal RAM, and identical Plextor 256 GB mSATA SSDs. After forcibly shutting down and rebooting the T420, it moved into the next install phase and completed successfully. It was disconcerting that the progress on that next phase stayed at 0% complete until it finished and rebooted. But it jumped into the “Hi! We’re setting things up…” phase and finished as it should have.

I tried out the Upgrade Advisor method through Windows Update for my wife’s mini-ITX PC, but it only reached 94% complete after 2-plus hours. I canceled that upgrade, and used the UFD method instead. It completed in about 40 minutes, again without a hitch.

I also had to reinstall my Windows 7 Games for Windows 10 on my production PC after the upgrade completed. For some reason, this upgrade broke the earlier version of that software. I’m also noticing some file indexing and lookup issues, but initial problems with looking up contact info in the Outlook address book have already gone away. I expect this will subside once general indexing completes.


August 1, 2016  10:32 AM

Long NTFS Filenames in Anniversary Update

Ed Tittel Ed Tittel Profile: Ed Tittel
NTFS, Windows 10

Windows 10’s anniversary update brings an interesting if obscure change to the OS. Right now, long NFS filenames max out at 260 characters. The change busts through that limit and may eliminate it altogether. This limit includes the path specification and the filename itself, so 260 characters isn’t terribly generous. Consider these filenames, for example:

amd64_auditpolicygpmanagedstubs.interop_31bf3856ad364e35_10.0.10586.0_none_ae7acc7213cb54f7
amd64_c_magneticstripereader.inf.resources_31bf3856ad364e35_10.0.10586.0_en-us_da58d366ae7ebd06
amd64_desktop_shell-search-srchadmin.resources_31bf3856ad364e35_7.0.10586.0_en-us_e69986636926afeb

Where did I get them? Scrolling through the WinSxS folder for system files, I picked the biggest ones I could find. (Just for the record, the longest is 98 characters.) If I looked harder, I’m sure I could find longer. Adding a long path into the mix, it’s easy to see how the 260 character limit becomes a constraint.

long ntfs filenames

Here’s the Enable NTFS long paths pane from the Local Group Policy Editor in Windows 10 1607 Build 14393.5
[Source: TenForums.com]

But a new Local Group Policy Editor setting for NTFS long paths lifts this ceiling. Simply click the radio button labeled “Enabled” as shown. For more details see TenForums.com principal and Windows 10 MVP Shawn Brink’s  great tutorial. It’s entitled “How to Enable or Disable NTFS Long Paths in Windows 10.”

When the Ceiling on Long NTFS Filenames Is Raised…

I’m surprised that the default setting remains “Not Configured,”  though. That’s because Windows itself uses the longest filenames I could find. But perhaps that’s a change for a future Windows update? In the meantime, Win32 applications must also change to accommodate such filenames. Ultimately, this kills a long-standing Windows certification question about filename length limitations.


July 27, 2016  12:38 PM

Praising EasyBCD 2.3 (Admin Toolbox)

Ed Tittel Ed Tittel Profile: Ed Tittel
BCD, bcdboot, Windows 10

Those who run more than one operating system on a computer must learn to deal with multi-boot scenarios. Things are already interesting when multiple OSes come from a single maker (such as multiple Windows versions). They become even more so when Windows, Linux and perhaps even hackintosh join the mix. I believe in using good tools to save time and energy whenever possible. That’s why I skip the built-in bcdedit command and use a NeoSmart Technologies tool instead. My post today, in fact, is in praise of EasyBCD 2.3 (the current commercial version).

Meet the BCD in EasyBCD 2.3

For those not already in the know, BCD stands for Boot Configuration Data. BCD files create a specialized data store to describe boot applications and related settings. Objects and elements in the BCD data store do for modern Windows versions what boot.ini did for older ones. But working with bcdedit can be tedious and time-consuming, because I don’t use it regularly. Thus, I need to keep re-reading the documentation and relearning proper syntax and usage.

A simple and straightforward GUI in EasyBCD delivers all of bcdedit‘s capabilities, and then some. In my situation I changed boot order so that the default selection is the Insider Preview Windows 10. As it turns out, I upgraded the other image on that system from Windows 8.1 to Windows 10 Version 1511 recently. Shortly thereafter, the runtime promoted 1511 to default status entirely on its own. Because that’s not what I wanted, I switched things around:

EasyBCD 2.3 width=

Before I ran the program “Windows 10” was on top and default; now “Windows 10 TP” occupies that place and role.

The adjective in the EasyBCD 2.3 product name is both apt and well-deserved. The program makes editing and manageing the boot menu easy, with easy access to the UEFI command shell at boot-up. In fact, it works like a charm. Install it on a USB Flash Drive for portable use and you can run it on any Windows machine. It may seem a bit pricey at $30 or so, but once you start using it you’ll never regret the outlay. If you spend some time investigating the program, you’ll also learn to like its tools. These include BCD Backup and Repair, the ability to reset a BCD configuration or recreate boot files, and change the boot drive altogether. Lots of good stuff here!


July 26, 2016  2:29 PM

Microsoft lets down Windows 10 Pro users

Eddie Lockhart Eddie Lockhart Profile: Eddie Lockhart
Microsoft, Windows 10

In theory, anniversaries are a wonderful opportunity for couples to show each other how much they care about one another. In reality they can easily end in disaster if one side of the relationship forgets the special day or lets their partner down.

Well, if Microsoft were dating its Windows 10 Pro customers, it would be neck deep in some anniversary-based relationship hot water right now because the Windows 10 anniversary update does not include Application Virtualization (App-V) or User Environment Virtualization (UE-V) in Windows 10 Pro.

Organizations that went with Windows 10 Pro’s free upgrade (instead of paying for Windows 10 Enterprise) and rely on Microsoft App-V to deliver remote apps to their users or UE-V to allow users to seamlessly transition from device to device and maintain their app settings, are out of luck.

It is a particularly shady move by Microsoft because companies that upgraded to Windows 10 Pro really can’t go back to Windows 7 or 8.1 now. And, if they still want access to App-V and UE-V, they have to migrate to Windows 10 Enterprise. That means paying for the new OS and taking the time to move once again. Their other option is to integrate a brand new application virtualization product such as VMware ThinApp, but that change is a hassle too.

As frustrating as this trickery is for Windows 10 Pro shops, the anniversary update’s security improvements could help Microsoft patch things up with them. The update includes Windows Defender Advanced Threat Protection. This free antimalware service uses analytics tools to send data on previous attacks back to Microsoft. The company then applies that information to its security updates and patches to make the OS more secure.

In addition, the Windows Information Protection tool allows users to mark any content they create as personal or business related. If it is business related, the content is placed into an encrypted container. IT can take the choice out of users’ hands by designating content created on particular devices as corporate.

It’s not a perfect anniversary present and for many the aggravations of the update probably outweigh the benefits, but most companies probably won’t break up with Microsoft over it just yet.


July 25, 2016  10:38 AM

Win10 Slow-flow Anniversary Update

Ed Tittel Ed Tittel Profile: Ed Tittel
Windows 10, Windows Update Management, Windows Updates

Next week, MS will release the Windows 10 Anniversary Update on Tuesday, August 2. The company has already announced it will be staggering that release for users in the Current Branch. These are the folks who get the latest release via Windows Update. Mary Jo Foley of ZDNet cleverly refers to this it as “Release to Mainstream.” This new decoding for the RTM acronym works well for the world of continuous updates that Windows 10 now inhabits. I myself like to think of the staggered update mechanism as introducing a “slow-flow Anniversary Update.”

Slow-Flow Anniversary Update

Slow-Flow means that not all users will get the Anniversary Update offer from WU at the same time: some will get it sooner, others later.
[Source: Windows Insider Program 6/29/2016 blog post]

Why Is a Slow-flow Anniversary Update in the Cards?

It’s a little early to say how big the Anniversary Update will be, so I turned to a list of ISOs for a recent Insider Preview at WZOR.com. These particular ISOs come from the 14393.0 code base released two weeks ago. Those .esd files vary from a low of 1.93 GB to a high of 3.07 GB. 14393.3 appeared late last week, but should be close to the same size. Many Windows watchers, including me, think that 14393 represents the foundation for the upcoming Anniversary Update.

The reason for the slow-flow release is to keep update requests immediately following the release from swamping the Internet and download servers. Instead, Microsoft staggers its update offer across the current installed base. This helps them to manage huge flows from millions of users downloading multi-gigabyte updates all at once. Alas, it also means that some people will wait weeks before they receive an update offer that they can then exercise.

Working Around a Slow-flow Anniversary Update

For those too impatient to wait for an update offer to come their way, there are workarounds. For one, you can grab ISO files from MSDN (if you’re a member). For another,  they’ll be posted to Tech Bench (as soon as MS decides to put them there). It took two week before my test machines got a previous slow-flow Windows 10 update  to upgrade from 1507 to 1511. I was able to grab ISOs from MSDN within a day of the initial release of 1511. They hit TechBench about a week later.


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: