Windows Enterprise Desktop


October 15, 2018  12:13 PM

Print Scan Drivers Move to Windows Update

Ed Tittel Ed Tittel Profile: Ed Tittel
Device drivers, Printer drivers, Windows 10

Here’s an interesting note, with interesting implications about Windows 10 version 1809. Entitled “What’s new in printing in Windows 10, Version 1809” (dated 10/4/2018) it explains that print scan drivers move to Windows Update. That note explains further:

Prior versions of Windows included basic printer drivers that enabled simple printing when a full feature driver was not available. To reduce the Windows footprint and provide more storage space to users, these drivers no longer ship with the OS and instead are available through Windows Update.

Print Scan Drivers Move to Windows Update.p&d

Until 1809, MS bundled most common printer drivers into install.wim. Starting with 1809 they’re no longer included, and must be obtained via WU.

Why Did Print Scan Drivers Move to Windows Update?

The short answer is: “Saves space.”  Previously, MS included a large number of print drivers with an OS image.  Add a lesser, but still substantial number of scanner drivers. It means multiple gigabytes of stuff (even highly compressed). Pushing them into Windows Update means they won’t load locally during the install process. Instead, the device enumeration after the upgrade picks them up. Then, Windows Update hooks them up with your printers. That’s why MS says “In most cases, there is no noticeable impact due to this change.”

Here’s an interesting tidbit. “When you upgrade to Windows 10, version 1809, your installed printers will continue to work using the same printer driver as before.” This speaks to my long-held belief that the installer grabs and saves currently installed drivers from the pre-upgrade OS. Thus, it can make them available in the post-upgrade OS. New print drivers will indeed come from WU going forward, though. If WU isn’t available, drivers aren’t installed automatically for new printers (except for Mopria (“modern Wi-Fi printers”) compatible devices).

Very interesting!

[Note: thanks to Sergey Tkachenko at WinAero.com who brought this change to my attention.]

October 12, 2018  5:21 PM

RunAsTool Elevates Privileges Per Application

Ed Tittel Ed Tittel Profile: Ed Tittel
Administrative privileges, Windows 10

I attended SpiceWorld earlier this week. There, I got into a discussion with some fellow SpiceHeads about how to avoid unnecessary elevation of privileges for users. Sure, you can give regular users admin accounts. But if your reason for doing so is to let them run one or more specific applications with admin privileges, there’s a better way. Sordum.org’s RunAsTool elevates privileges per application. Using this tool, you can create shortcuts for users that let them run individual applications with elevated privileges. Then you don’t have to grant them blanket admin access.

RunAsTool Elevates Privileges Per Application.admingui

Admins can drag and drop .exe files from File Explorer into RunAsTool to add them to the mix.

How RunAsTool Elevates Privileges Per Application

The tool has two user interfaces: one for admin accounts, the other for standard users. In the admin UI (only in admin accounts) one can drag and drop any program to grant it admin privileges. Once added, click the radio button to “Run as administrator.” (See  preceding screen cap.) Once defined, admins can right-click any such programs they’ve added and then create a shortcut on the standard user’s desktop. Those users can run the elevated program in the RunAsTool UI to take advantage of those enhanced capabilities and access.

Unnecessary elevation of accounts raises the risk of damage or compromise should if the account gets hacked or penetrated. It’s much safer to elevate only those applications that need (or won’t run without) elevated privileges. This prevents a hack of the account from granting a malefactor admin level access to the user’s PC (and possibly beyond). Security nerds call limiting access strictly to what’s required “the principle of least privilege.” It’s a principle worth following, if you ask me, and the RunAsTool helps to make that practical in environments where some applications need admin rights to run or work properly. ‘Nuff said.


October 10, 2018  10:50 AM

SpiceWorld 2018 Confirms Win10 Migration Intelligence

Ed Tittel Ed Tittel Profile: Ed Tittel

For the past two days I’ve been wandering the halls of the Austin Convention Center, along with two-plus-thousand fellow SpiceHeads. This humble Pimiento is palling around with Habaneros, Serranos, and a Ghost Pepper or two. I even saw two Pure Capsaicins achieve the spiciest of all designations Tuesday morning. More important, I interacted with a few dozen attendees one on one. From them, I’ve learned that Jeremy Moskowitz’s Win10 Migration survey — about which I blogged here on July 20 — captures this audience very well. And that’s why I say SpiceWorld 2018 confirms Win10 migration intelligence. In fact, I hope my presentation this afternoon on the Moskowitz survey will be well-received. (Note: registration required to download this 20-page PDF document).

SpiceWorld 2018 Confirms Win10 Migration Intelligence.showlogo

There’s nothing restrained or dainty about the SpiceWorld 2018 show logo. That’s in keeping with the company and its community of smart, opinionated and passionate IT pros.

Why Say SpiceWorld 2018 Confirms Win10 Migration Intelligence?

Moskowitz reports that smaller businesses are further along with migration than medium or large ones. Thankfully, this fits entirely with what I learned from my fellow show-goers. It also matches with results that Spiceworks analyst Peter Tsai compiled for the company’s 2018 State of IT report. If anything, SpiceHeads are ahead of this curve. (SpiceHeads is the self-mocking self-description that Spiceworks community members prefer most. As they gain community cred, pepper rankings move up the Scoville scale.)

That’s no surprise to me, considering how much these folks care about IT and related best practices, tools, and technologies. Helping SpiceHeads find the right vendors for technology acquisitions, and vice-versa, helps explain Spiceworks’ raison d’etre. Shortening the sales cycle, reducing wasted sales efforts, and sparing IT folks unwanted cold sales calls got multiple mentions during various keynotes.

Meaningful Uses for AI and Machine Learning

The online community of Spiceheads now numbers about 7 million, says Spiceworks’ Community Manager Sean Dahlberg. On its forums, the same questions and concerns repeat in posts, threads, and discussions. “That means some or lots of duplication” says Dahlberg. “We put AI to work to group similar items together and show them to community members in search responses.” Next, he goes on to observe that this aggregation takes some interesting parsing and organizing. However, recent tests show that combining answers and pointing to best replies saves readers time. How much? “About 8 person-years per month. That compares to old-fashioned search results that require members comb through numerous threads. They have to extract the good stuff themselves. New AI-based results present a summary of  threads, and show  best answers right away.”

To my thinking, this is great use of  intelligence that Spiceworks has collected for some time. According to SVP Manish Dixit, the company carefully anonymizes data before moving it into datasets. Only then are they used for machine learning, statistical analysis, and predictive analytics. In fact, Spiceworks is really keen on helping the community identify and find good advice, tools, technologies and partners. At the same time they want to provide value to sponsors and advertisers.

Ideally, Spiceworks wants to link vendors with self-selecting prospective buyers or clients before the parties meet. Helping buyers and sellers save time, make good connections, and find best of breed options are all good things. That’s the kind of market improvement that anybody can get behind. Overall, Spiceworks is doing a better job of this than most organizations that serve large technical communities in an ad- and sales-based revenue model. Great stuff!


October 8, 2018  10:30 AM

Alternate Win10 1809 Source During Hold Period

Ed Tittel Ed Tittel Profile: Ed Tittel
Windows 10, Windows Upgrades

Wow! What a wild ride at Microsoft last week for Windows 10. On Tuesday, October 2 1809 was released. By Friday reports of bugs – especially a nasty one that “lost” files from the C:\Users folder hierarchy – led MS to withdraw 1809 from circulation. Some people who successfully installed 1809 might need access to an 1809 ISO (the installer image file, to be more precise) for repairs. That’s why an alternate Win10 source during hold period (until MS lets go of another release) could be a life-saver. Check this out:

Alternate Win10 1809 Source During Hold Period.heidoc

Note that the Heidoc.net Windows ISO Download Tool still offers access to an 1809 ISO.
[Click image to see full-sized view.]

Heidoc.net: Alternate Win10 Source During Hold Period

I’ve blogged here before about Heidoc.net/Jan Krohn’s Microsoft Windows and Office ISO Download Tool. The foregoing screenshot shows that they’ve grabbed and still offer copies of the ISOs for 1809 for Home/Pro, Education, and more. Thus you can use this tool to obtain a copy of what MS has withdrawn from circulation. Because it does contain well-reported bugs, this is something you should consider carefully before messing around with. You should also make a complete image backup of your system drive and create recovery media before attempting an install in the face of possible gotchas. And please: don’t say I didn’t warn you!

If It’s Broke, Why Use It?

A TenForums poster this morning bemoaned the lack of access to an 1809 ISO this morning, because she wants to perform an in-place upgrade repair install to try and fix some Wi-Fi driver issues on a PC she’s already upgraded to that release. I recalled seeing an earlier post on a different topic that reported Heidoc.net still offered the 1809 ISO and used the program to produce the screen cap shown above. Proof positive that in this case, where there’s sufficient will and knowledge, there’s still a way to lay hands on an 1809 ISO.


October 5, 2018  10:36 AM

Check Those Win10 Installer UFDs

Ed Tittel Ed Tittel Profile: Ed Tittel
Windows 10, windows installer

Earlier this week, MS released the 1809 October 2018 version of Windows 10. This happened on Tuesday, October 2, in a somewhat less orchestrated fashion than for previous such releases. I blushingly confess I got caught in a snafu. Because the Download Windows 10 page said “Windows 10 October 2018 Update now available,” I assumed the Media Creation Tool (MCT) had likewise been updated as well. Wrong! That’s why it’s essential to check those Win10 Installer UFDs for version info before using them. In my case, that meant I did an in-place repair upgrade on one of my PCs from 1803 back to 1803. No harm done, however, and quickly replaced with 1809 when I realized my mistake. Sigh.

Check Those Win10 Installer UFDs.DLWin10

I didn’t realize that this message didn’t necessarily mean the MCT had also been updated. For a short while, in fact, that was a very bad assumption.

How to Check Those Win10 Installer UFDs

It couldn’t be simpler to check the Windows version for any Win10 installer. All you need to do is look at the details tab for the setup.exe file.

Check Those Win10 Installer UFDs.props

The details tab in setup.exe properties shows Product Version info. That’s the tell-tale!

To discriminate 1803 from 1809, you need to know that 1803 corresponds to version 10.0.17134.1, while 1809’s version is 10.0.17763.1. This is shown in the two side-by-side Properties windows above for each version’s setup.exe file.

If I’d only thought to check I could’ve avoided my mistake. By the time you read this, it won’t be possible to “accidentally” download the 1803 installer using MCT any more. But if you’re like me, you have numerous Windows 10 installer UFDs at your disposal. Now you know how to check what you’ve got for version numbers. Then you can use Microsoft’s Windows 10 release information page to map those numbers to the corresponding four-digit version IDs (1809, 1803, and so forth). Enjoy!


October 3, 2018  12:43 PM

Interesting 1809 Disk Layout Changes

Ed Tittel Ed Tittel Profile: Ed Tittel
Windows 10, windows 10 upgrade

Yesterday, MS released Windows 10 1809. It took them a while to get the release pushed out through all channels. I was able to get to it first through the Media Creation Tool on the Download Windows 10 page. But within an hour, the Update Assistant and Windows Update also proved viable as upgrade sources. After all the dust settled on this latest release, I noticed some Interesting 1809 disk layout changes for the OS boot/system disk. Here is a before and after shot (from 2 different PCs):
Interesting 1809 Disk Layout Changes.b4
Interesting 1809 Disk Layout Changes.after

Disk layout before upgrade above, after below. Note the new, 498 MB OEM partition that appears at right.
[Click either image for full-sized view.]

About Those Interesting 1809 Disk Layout Changes

Looks like the minimum or allowable size of the WinRE partition has gone up again, with the 1809 release. Both before and after shots feature a 450 MB OEM partition at the head of the disk. However, use of the reagenct /info command on before and after machines shows different WinRE locations. On the before PC, the partition is number 1 (first place from top figure above): a 450 MB NTFS partition. On the after PC, the partition is number 5 (immediately following the OS partition): a 498 MB NTFS partition.

Message traffic on TenForums also tells me that users who upgraded with WinRE partitions of 498 MB or larger  in size found their disk layouts unaltered. That tells me the existing WinRE partition was preserved and its contents replaced during the upgrade process. Those PCs, like mine, who had the “old standard” 450 MB WinRE partition will find a new and bigger (498 MB) WinRE partition in their disk layouts as well. Most likely, it will be positioned immediately following the OS partition (from which the installer steals the space necessary to accommodate the 498 MB disk extent).

Why Use Two Different Tools to Show Disk Layouts?

I used the MiniTool Partition Wizard (MTPW) to show the disk layout on an already-upgraded machine. I did that to confirm that the reagentc /info output was correct. It read:

\\?\GLOBALROOT\device\harddisk7\partition5\Recovery\WindowsRE

Because diskmgmt.msc does not show the 16MB Microsoft Reserved (MSR) partition, but MTPW does, you can count from left to right yourself, and confirm that the new 498 MB NTFS WinRE partition does indeed occur in position 5 on that drive. That’s why I highlighted (bolded) “partition5” in the preceding output string.


October 1, 2018  11:47 AM

Marginal Power Mars Win10 USB Flash Drive Access

Ed Tittel Ed Tittel Profile: Ed Tittel
SSD, USB Flash drives, USB ports, Windows 10

I’ve been struggling with an interesting problem lately. And by interesting I mean maddening, vexing and occasionally baffling. Let me explain. I have a number of mSATA SSDs at my disposal. Right now, I house them in Sabrent USB 3.0 drive enclosures (about US$18 at Newegg). I’ve been using them for years without issue, mostly with 250 GB Samsung EVO 840 units. Recently, I acquired 500 GB and 1 TB units, and things started going sideways a bit. And that’s how I learned marginal power mars Win10 USB flash drive access. The bigger-capacity drives would drop out from time to time, or they wouldn’t show in Explorer or Disk Management when plugged into a PC.

Normally these enclosures are dead simple to use: plug in the SSD, screw the holder into its cover, plug it in and off you go. But sometimes . . .

Why I Say That Marginal Power Mars Win10 USB Flash Drive Access

Only gradually did it dawn on me that my issues had to be power related. The bigger drives require more power because they have more circuitry to match greater capacity. While the small capacity units work without a hitch, the bigger ones sometimes don’t work on some of my PCs. This applies even for some powered USB 3 hubs. This came as something of a surprise to me, too. I figured a powered USB hub would be able to deliver maximum safe power to all of the devices it could accommodate. Not so, apparently.

Ultimately, I figured out what was going on. That happened when I switched from a direct USB 3 connection on a desktop to a PCIe Express plug-in card on an older Lenovo laptop. The desktop connection used an Asmedia 2115 USB 3 controller from the Asrock Extreme7+ motherboard. The laptop, an older Startech PCIe ExpressCard with an Asmedia 1153E USB 3 controller. Where the on-board AS2115 was iffy, the older AS1153E was rock-solid. It worked every time, with mSATA drives of 250 GB, 500 GB and even 1 TB. The newer AS2115 did not.

When in Doubt, Change the Hardware Configuration

A little online sleuthing showed me I was not alone in my issues with the AS2115. So I bought a Sabrent HB-UMP3: a 4-port, externally powered USB 3 hub, with individual power switches for each outgoing port. Using it also clued me in firmly and finally to power problems with the bigger mSATA drives. Even when using this device, I couldn’t hook up a second drive (or Ethernet adapter) to the hub when using a 500 GB or 1 TB SSD. Apparently, those suckers draw too much power to allow even an external, self-powered hub to service additional USB 3 devices when they’re plugged in.

Of course, what happened when I tried using more than one device through the hub told the story. The SSD dropped out as soon I plugged in another device. The moral of this tale, apparently, is that high-capacity USB 3 SSDs require an entire USB 3 controller channel to themselves, with all its power. My recent experience teaches me that trying to gang up USB 3 devices when one of them is an SSD of 500GB or more is not always workable. Go figure!


September 28, 2018  12:15 PM

Win10 WSUS Gets Smaller Downloads

Ed Tittel Ed Tittel Profile: Ed Tittel
Windows 10, Windows Update Management, WSUS

In a recent (9/27) post to the Windows IT Pro Blog, MS reports it will start releasing smaller update packages. This applies to “commercial customers using Windows Server Update Services (WSUS) or connected to System Center Configuration Manager.” Windows 10 versions affected include 1703, 1709 and 1803. How, exactly, is that Win10 WSUS get smaller downloads after all? By unbundling components and letting downloaders decide what they want or need.

Win10 WSUS Gets Smaller Downloads.bundled-pkg

Note this bundle mixes business and consumer editions, each in x86 (32-bit) and x64 (64-bit) forms.

User Selection Means Win10 WSUS Gets Smaller Downloads

The preceding graphic shows what goes into what commercial customers downloaded from MS through WSUS or via SCCM. MS states further that “x64 and x86 files were bundled together as a single download … approximately 4.8 GB in size.” The new regime lets downloaded choose to download the x64 file as a separate package. Given the extreme scarcity of x86 systems in commercial use nowadays, the reduced 2.6 GB package size for x64 only translates into an immediate reduction of 2.2 GB as compared to the old regime.

Note: feature updates represent the original RTM version of the OS. They don’t include cumulative updates, Features on Demand (FODs), nor language packs. Thus, admins must apply the latest cumulative quality update to bring systems fully up-to-date. The x64 files map to language versions available when RTM was released: e.g. en-US for English-United States. When 1809 is released, an x64-only feature update will be made available.

What Does This Change Mean to You?

If you’re a commercial Windows 10 organization and use WSUS or SCCM to deploy updates, this will save time and network bandwidth when downloading images from Microsoft to start the deployment process. But as the afore-cited MS blog post states “this change will not save bandwidth between the Configuration Manager and the client (PC) device” (that’s because only targeted, applicable downloads go from one to the other, as always). Also, organizations that DO need x86 feature updates will have to continue to use the old bundled packages. For them, nothing changes.


September 26, 2018  7:16 PM

Hard Disk Warning Prompts Win10 Tool Search

Ed Tittel Ed Tittel Profile: Ed Tittel
hard disk management, Hard drive failure, Troubleshooting, Windows 10

A few days ago, I was fooling around with a disk tool that Asrock offers motherboard owners. That Diskhealth utility provides basic information about storage devices. As I flipped through the list of drives on my production PC, I saw an amber “Caution” flag for my H: drive. Next thing, my disk hard warning prompts Win10 tool search to help me figure out what’s up. Here’s what the H: info looks like:

Hard Disk Warning Prompts Win10 Tool Search.driveH

Investigating errors in amber shows me this drive may have serious problems!

Why a Hard Disk Warning Prompts Win10 Tool Search

I saw the amber flags on two specific SMART values for the drive. In fact, those numbers matched for two items. First was Current Pending Sector Count and and second, Uncorrectable Sector Count (both at 200). But what does this mean? I turned to the SMART page at Wikipedia to learn the following (all text copied verbatim):

Current Pending Sector Count: Count of “unstable” sectors (waiting to be remapped, because of unrecoverable read errors). If an unstable sector is subsequently read successfully, the sector is remapped and this value is decreased. Read errors on a sector will not remap the sector immediately (since the correct value cannot be read and so the value to remap is not known, and also it might become readable later); instead, the drive firmware remembers that the sector needs to be remapped, and will remap it the next time it’s written.

However, some drives will not immediately remap such sectors when written; instead the drive will first attempt to write to the problem sector and if the write operation is successful then the sector will be marked good (in this case, the “Reallocation Event Count” (0xC4) will not be increased). This is a serious shortcoming, for if such a drive contains marginal sectors that consistently fail only after some time has passed following a successful write operation, then the drive will never remap these problem sectors.

Uncorrectable Sector Count: The total count of uncorrectable errors when reading/writing a sector. A rise in the value of this attribute indicates defects of the disk surface and/or problems in the mechanical subsystem.

What to Do about This?

As such things go, these errors are serious enough to indicate possible or even pending drive failure. So I ordered a new drive from Newegg to replace the current 750GB WD Blue drive that’s affected. It’s an older drive (27906 power on hours translates into almost 1163 days, or 3.18 years). If memory serves, I bought this back in 2012 or 2013. It’s also 5,400 RPM, so I’m replacing it with a 2 TB, 7,200 RPM drive with 64 GB of on-board cache.

What about those tools?

I went looking around for SMART monitoring and reporting tools. The freebie from Asrock wasn’t too bad. I quickly figured out that I wanted something that didn’t have to be installed. That means it should run as a so-called “portable” app. In other words, download an .exe file, launch it and it tells you the story you seek. For my purposes this meant that the .ZIP file version of CrystalDiskInfo also did the trick nicely. The (free) HDDScan utility also did a nice job. Actually, it also told me I had a number of UltraDMA CRC errors equal to the other two counts (which Wikipedia explains as “count of errors in data transfer via the interface cable as determined by interface CRC”).

There are plenty more such tools, but few of them run as portable apps. Because a disk monitoring/health assessment tool is something I’d rather run from an admin USB flash drive than install on each machine,

that’s just my preference. Hopefully, you too can find something in here you’ll like. If not, check one or both of these articles:

  1. Gizmo’s Freeware: Best Free Hard Drive Health Monitoring and Diagnostic Programs (May 2016)
  2. Lifewire: 14 Free Hard Drive Testing Programs (Updated September 2018)


September 24, 2018  3:08 PM

Logoff Disconnected Win10 Users Via Command Line

Ed Tittel Ed Tittel Profile: Ed Tittel
Command line, Windows 10

Saw an interesting question raised on TenForums.com this morning. The thread was entitled “Log off all but current user.” On a PC where multiple users share the same machine, but don’t always log out, the poster sought a way to log off all but the currently active user. Turns out the command line – which means either cmd.exe/Command Prompt or PowerShell – supports this ability. The key is to run either with administrative permissions. Then it’s simple to logoff disconnected Win10 users via command line instructions. Here’s how:

Logoff Disconnected Win10 Users Via Command Line.ps

A simple series of commands logs off all disconnected accounts.

Instructions to Logoff Disconnected Win10 Users Via Command Line

The preceding example shows PowerShell, but the same commands work at the Command Prompt (cmd.exe) equally well. Here’s a breakdown:

quser: Queries for users currently logged in. The State of the current login is “Active” and the state for all other logins is “Disc” (for Disconnected). Note also the ID column, which provides a single-digit shorthand for each associated account. (It’s much faster to type “3” than “administrator”!) The final quser command in the preceding window shows that only the active “etitt” account remains logged in.

logoff <ID>: logs the user account associate with the ID from the PC. We can string multiple such commands together using the pipe (vertical bar “|”) character on a single command line. Thus logoff 3 | logoff 4 | logoff 5 is the same as logging off administrator, localonly and xtraadmin accounts.

More Automation, Please!

A single, more eloquent PowerShell command will read the state for each user who’s logged in and log off any whose state equals “Disc” (for disconnected). It’s a beaut (please enter on a single command line; WordPress makes me break it into multiple lines for readability):

quser | Select-String "Disc" |
ForEach
{logoff ($_.tostring() -split ' +')[2]}

This command can be understood in terms of the following pseudo-code:

  1. Check all logged in users
  2. For each logged in user
  3. Log off user whose state = “Disc”

Pretty neat, especially for lab, library, kiosk, or other systems where one may routinely find numerous disconnected logins hanging ‘round. Good stuff!


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: