Windows Enterprise Desktop

April 4, 2018  5:53 PM

MPP IT Support Track Offers Interesting Insights

Ed Tittel Ed Tittel Profile: Ed Tittel
IT jobs, Windows 10

In looking over the release notes for Insider Preview Skip Ahead Build 17639, I saw an interesting teaser. It led me to revisit the Microsoft Professional Program (MPP) of online training. In fact, it led me further than that. Right now, I’m about one-fourth of the way through a course meant to train up IT tech support support agents. That’s why I assert that the MPP IT Support Track offers interesting insights. It’s actually called the Microsoft Professional Program for IT Support track, for those who might wish to check it out for themselves. Here’s the snippet from the release notes that caught my eye:

MPP IT Support Track Offers Interesting Insights

You can audit the IT track’s courses for free or pay US$99 per course (4 total) for credit.
[Click image for full-sized view. Links to AI track and GeekWire article.]

How MPP IT Support Track Offers Interesting Insights

If you want to understand how Microsoft views tech support, you couldn’t find a better source of information than this course. It explains that the role of tech support pretty thoroughly. That role is not just to answer questions and deliver support though these things are important. It’s also equally important to champion consumption and help the organization achieve its business goals. Pretty lofty stuff for entry level tech support staff to dig into.

I found myself most impressed with the course’s emphasis on continuous learning, self-improvement, and staying ahead of the technology curve for Tech Support workers. It’s pretty good information and also inspiring for those in need of motivation to excel at and enjoy what they do for a living. I plan to work my way through all four courses in this curriculum over the next few days. If other gems emerge from this prospecting work, look for more of them to appear here in this blog. In the meantime, you could do worse than to check this resource out for yourself.

April 2, 2018  11:36 AM

Myerson’s Farewell Reveals Interesting Win10 Stats

Ed Tittel Ed Tittel Profile: Ed Tittel
Windows 10

Last Thursday (March 29), word emerged from Terry Myerson, EVP for the Microsoft Windows and Devices Group. He announced he would be leaving the company in April.  In a companion blog post on LinkedIn, Myerson’s farewell reveals interesting Windows 10 stats. He also shared some highlights from his 21-year tenure at Microsoft, including important bookends with Mr. Bill Gates himself. But to me, the stats he let slip are quite interesting.

How Myerson’s Farewell Reveals Interesting Win10 Stats

Here are some key snippets from Myerson’s farewell address that reveal interesting elements of the Windows 10 empire over which he presided (all are verbatim quotes):

  •  I was honored, and humbled to now be leading over 17,000 engineers and accountable for over $40B in revenue and $5B in operating income…
  • … that’s why we created the Windows Insider Program so we could build Windows 10 led by your feedback. Now with 15 million members, …
  • Today, we are now approaching 700 million active Windows 10 users, commercial usage is growing 84% year over year, Xbox One is running a Windows 10 core, Surface is leading PC innovation, HoloLens is bringing breakthroughs to computer vision, our universal Microsoft store enables Xbox GamePass, Azure reserved instances, and Office distribution, and the OEM ecosystem is revitalized with profitable growth. Last year, we finished the year with over $8B in operating income from our segment.
  • I’m sitting down next to Bill Gates for my last scheduled meeting as leader of Windows and Devices at Microsoft. My team is debating with him the future of Project Rome and Windows Timeline.

What These Snippets Tell Us Is…

The size and scope of the Windows effort at Microsoft is huge, but no longer represents the overwhelming focus or revenue center for the company. In fact, as of the end of January (see this VentureBeat analysis) Azure hit a $20B annual run rate and is growing more than 3 times faster than Windows. Some long-time MS followers see Myerson’s departure as a sign that Windows has lost its status as Microsoft’s primary focus, in fact. (See this fascinating blog post from Tim Sneath entitled “From Windows to the Cloud.”)

Beyond financials, the interesting numbers in the preceding quotes deal with the size of two important Windows populations. For the first time, an official MS source tells us that the count of Win10 users is “approaching 700 million.” I don’t have to go out on much of a limb to hypothesize that the count will meet and exceed that level this year, possibly sometime soon. It’s also fascinating to understand that the Windows Insider program includes 15 M participants. As beta programs go, this is mind-bogglingly enormous.

The mention of Project Rome is also quite tantalizing. There’s  more that one way to read this, though. Based on reading between the lines in Sneath’s afore-cited blog post, it’s possible that the future of the project may itself be in jeopardy. However, I think not. I actually think MS is hard at work figuring out how to create consistent development and runtime environments for a broad range of devices. That means computers, tablets, embedded and IoT devices, and even servers. I read Myerson’s concluding remarks as intended to hint at a continuing and brighter future for Windows going forward.

March 28, 2018  4:02 PM

Microsoft Edge web browser has a long way to go against Chrome

Alyssa Provazza Alyssa Provazza Profile: Alyssa Provazza
Google Chrome, Microsoft Edge, Windows 10

Google Chrome has seen numerous security enhancements over the past few months, and even a potential change in Windows 10 might not help Microsoft edge out the browser leader.

The Edge web browser debuted as the default with the release of Windows 10 in 2015, replacing Internet Explorer. With the latest build in the Windows 10 Insiders Program, Microsoft said it will test a feature that could force some users into using Edge. The browser’s integration with Windows and overall security capabilities are a draw for Windows 10 shops, but with Google ramping up enterprise security features in Chrome, Microsoft has its work cut out.

“Right now while not a lot of websites — comparatively speaking [to other browsers] — have full support for Edge, this is going to grow, and rapidly,” said Willem Bagchus, a messaging and collaboration specialist at United Bank, based in Parkersburg, W.Va. “It takes a while for manufacturers to retool their applications.”

It’s unknown how many web applications are currently incompatible or don’t work well on the Edge web browser, although organizations can use Enterprise Mode to open sites that are more compatible with Internet Explorer (IE). United Bank relies mostly on IE because workers use legacy apps that won’t function on other browsers, but as the company begins rolling out Windows 10 this year, IT will consider whether or not to default to the Edge web browser, Bagchus said.

Chrome vs. Microsoft Edge

If users have a choice, they’ll often pick Chrome for its fast web data processing and an extensive library of add-ons. Google Chrome holds a big lead in worldwide desktop browser market share at 67.45%, compared to Edge’s 4.05%, according to StatCounter.

That data includes both consumer and enterprise counts, however, so it’s possible that Edge sees more than just 4.05% in businesses specifically. Windows 10 shops may choose the Edge web browser because it’s built into the OS, meaning admins can manage it through Group Policy and have more control over updates, depending on the Windows update channel they subscribe to.

“Edge is just a manifestation of a huge amount of infrastructure that Microsoft built on their back end,” Bagchus said. “It’s far better security models, far better certificate models.”

Managing policies and updates to Chrome requires IT to use a separate application called Google Update. Plus, the ability to take advantage of other Microsoft features, such as integration with Cortana, makes Edge easier to use because they’re purpose-built for enabling productivity on Windows.

Reading Mode on Microsoft Edge

The latest in Edge, Chrome

Microsoft could be trying to fight back against Chrome with its testing of a new feature in Windows 10, which forces links that users click on in the Windows Mail app to open in Edge, even if the user has set a different browser as their device’s default. But Windows Mail — which allows users to access email services such as Exchange and Gmail — is not a common enterprise client, because it lacks advanced features such as integration with a calendar. So this feature likely won’t make a dent in the enterprise, where Windows shops typically rely on Outlook.

To make matters worse for Microsoft, the latest version of Chrome in December came with a few new enterprise features. Site Isolation, which IT can choose to enable or not, keeps separate the renderings of each website a user opens, so an infected site could not potentially infect something in another tab. Chrome also added more advanced policies for blocking unapproved browser extensions.

Google last week added the ability to require that users sign into Chrome before accessing any websites, by simply activating two new group policies — a way of preventing users from opening any corporate links on unapproved devices. The company said it will add a reporting feature in the future that allows IT to view information about users’ extensions and more. Google also upped its game with the release of the Chrome Enterprise Bundle last May.

But with Windows 10 adoption on the rise, the Edge web browser may see soon see its day in the sun.

“I know Edge is going to be the future,” Bagchus said. “You want to use the tools the way they were meant to be used. Microsoft is making tools that work better together.”

March 28, 2018  11:49 AM

Macrium Reflect Upgrade Cancels Backup Schedules

Ed Tittel Ed Tittel Profile: Ed Tittel
Windows 10, Windows Backup

Whoa! I got an unexpected shock in checking over my production desktop this weekend. Turns out that my recent upgrade from version 6 to 7 for Macrium Reflect Free came with certain consequences. That’s right: that Macrium Reflect upgrade apparently canceled my regular backup schedules. It left my primary machine, which I back up daily, without coverage for several weeks before I noticed that change. In fact, I only figured out updates weren’t happening by inference. I clean out backups every two weeks or so to keep the target drive from filling up. This time, I noticed the drive space hadn’t decreased much, if at all. And indeed, that’s how I learned that Macrium Reflect upgrade cancels backup schedules. Ouch!

Macrium Reflect Upgrade Cancels Backup Schedules

Disabled is the last thing you want to see when checking Reflect backup schedules’ status. Sigh.

Fixing Macrium Reflect Upgrade Cancels Backup Schedules

Of course, the fix is absolutely trivial.  I could have simply re-enabled my existing backup schedules, and they would have resumed that night on their regular schedules. But while I was at it, I created a new backup definition and lumped the imaging of my boot/system drive together with my primary data drive. That way my target drive won’t fill up as quickly and I’ll have ready access to my two most important storage assets. I also set up a weekly cloud backup so I can capture my entire production system off-site with less frequency.

The old saying goes: The only good backup is the one that restores successfully. I’m somewhat embarassed that it took me a couple of weeks to realize that a software change had disabled my backup environment. I offer my experience as a cautionary reminder to all IT professionals that regular checks on backups may be as important as making those backups. I am profoundly grateful, in fact, that I didn’t learn that my backups were disabled by needing one, and not having it at my disposal. Sigh.

March 26, 2018  10:24 AM

KB4089848 Poses Widely Reported Win10 Problems

Ed Tittel Ed Tittel Profile: Ed Tittel
Windows 10, Windows Update

On 3/22/18 Microsoft unleashed KB4089848. It upgrades build 1709 to 16299.334 and addresses a list of some 25 issues. This is documented in its MS Support KB article. But numerous sources indicate that KB4089848 poses widely reported Win10 problems, too. These cover a wide litany of woes that include the following (source:

  • Failed installs (either the download or the install processing for KB4089848 doesn’t complete successfully).
  • Post-installation, printing problems occur. HP printers seem particularly prone to such issues.
  • With KB4089848, some users report PC freeze-ups or performance hiccups.
  • Other issues also show up less frequently. Some users report issues with Outlook search, taskbar troubles, or homegroup failures.

KB4089848 Poses Widely Reported Win10 Problems

WU reports my production desktop Win10 is current, with confirmation from WUMT checks. Even so, here’s how KB4089848 shows up in my Update History. Sigh.

On one of my machines, despite a successful install of the update and multiple subsequent reboots, the update history still reports that a restart is needed. Reading through and social and answers forums at Microsoft this weekend, I saw these items pop up dozens, if not hundreds, of times from users around the globe.

If KB4089848 Poses Widely Reported Win10 Problems, What to Do?

This is a case where waiting before installing appears to have strong merits. How one might go about this is the subject of numerous tutorials including these items:

Turn On or Off Pause Updates for Windows Update in Windows 10

Enable or Disable Windows Update Automatic Updates in Windows 10

The Windows Update MiniTool (WUMT) along with a “wrapper script”  can also disable Windows Updates unless and and until this alternative access tool is used. It lets users pick only the updates they want to install, and provides complete control over Windows Update access and activity. I provided a pointer to this tool in a 2/26/18 post to entitled “Stop Windows 10 Updates Properly and Completely.” Subsequent discussion items in that thread makes mention of a MyDigitalLife item that covers this script in more detail “WUMT Wrapper Script — controls Windows Update Service.” It’s definitely worth reading — and for many users, it’s worth using, too.

March 23, 2018  5:15 PM

Script Out Your Win10 Build History Using PowerShell

Ed Tittel Ed Tittel Profile: Ed Tittel
history, Windows 10

I just came across a fascinating pair of PowerShell commands. Run in an administrative PowerShell session, they’ll tell you every build your system has had installed on it since the last clean install was performed. That’s why I say you can use these items to script out your Win10 Build History using PowerShell.

These commands come to you through an interestingly circuitous route around the Northern Hemisphere of Planet Earth. I got them from Russian blogger Sergey Tkachenko at He got them from somebody named (whose domain name, at least is in Germany and post was in German). Originally they came from user sizzlr at Reddit (location unknown, but who writes American English like a native speaker).

How to Script Out Your Win10 Build History Using PowerShell

All you need to do is cut and paste the content for each line item below from this blog post into an administrative PowerShell session. Copy Line 1 first, then paste it, then hit enter (only the monospaced text, please). Repeat that same process for Line 2 (ditto).

Line 1:cls

$AllBuilds = $(gci "HKLM:\System\Setup" | ? {$_.Name -match "\\Source\s"}) | % { $_ | Select @{n="UpdateTime";e={if ($_.Name -match "Updated\son\s(\d{1,2}\/\d{1,2}\/\d{4}\s\d{2}:\d{2}:\d{2})\)$") {[dateTime]::Parse($Matches[1],([Globalization.CultureInfo]::CreateSpecificCulture('en-US')))}}}, @{n="ReleaseID";e={$_.GetValue("ReleaseID")}},@{n="Branch";e={$_.GetValue("BuildBranch")}},@{n="Build";e={$_.GetValue("CurrentBuild")}},@{n="ProductName";e={$_.GetValue("ProductName")}},@{n="InstallTime";e={[datetime]::FromFileTime($_.GetValue("InstallTime"))}} };

Line 2:
$AllBuilds | Sort UpdateTime | ft UpdateTime, ReleaseID, Branch, Build, ProductName

Sampling a Win10 Build History

Here’s what the output from my production desktop looks like in PowerShell:

Script Out Your Win10 Build History Using PowerShell

The sequence captures my journey from Win 10 Pro to Enterprise Insider to Enterprise current branch.
[Click image to see full-sized view.]

I’m not sure that anybody really NEEDS this capability. But it is very interesting to look at the sequence of builds that have come and gone on most PCs. My fast ring PCs produce listings with 93(!) entries in that list, starting with Build 10547 on 10/17/2015 and ending with Build 17123 on 3/20/2018 (and that’s because I haven’t rebooted that machine to upgrade it 17128 just released this afternoon). Great stuff!

Here’s that lengthy list in all its glory:

March 21, 2018  11:14 AM

Reducing Win10 Upgrade Offline Time

Ed Tittel Ed Tittel Profile: Ed Tittel
Windows 10, Windows Update

Last week, the Windows Insider blog featured a notable bit of information. Under the somewhat bland heading of “feature update improvements” Joseph Conway (Sr. Program Manager, Windows Fundamentals (Deployment)) dropped some fascinating information. Talking about feature update installation, he reported that a new and improved model comes built-in when 1803 goes public in the near future. In fact, reducing Win10 upgrade offline time remains a major design goal for that release.

What’s Up with Reducing Win10 Upgrade Offline Time?

FYI, offline time means that a PC is unavailable/unusable. Simply put, reducing offline time during an upgrade means more time for the user do something while the upgrade is underway. The blog post includes a peachy table that shows old vs. new feature update models, so I reproduce it here:

Reducing Win10 Upgrade Offline Time

Items on upper right in dark black moved from offline into online processing explain a huge time difference.
[Click on image to see full-sized view; Source: Windows Insider Blog 3/16]

Offline Time Savings?

The numbers are pretty interesting. Under the old model offline time averaged 82 minutes for a Windows feature upgrade. The post explains that this number is based on telemetry during the millions of upgrades to version 1709 (aka the Fall Creators Update) late last year. For the upcoming 1803 release, which uses the new model, average offline time has dropped to 30 minutes. As the blog post proclaims: “That’s a reduction of 63% from the Creator’s Update!” I notice that the blog post fails to address whether or not the overall install time has changed, either for the worse or the better. Having been through dozens of such Insider installs for the forthcoming 1803 release, my personal impression is “Not much.” I don’t mean to diminish this accomplishment, but I must observe that for corporate/enterprise users, they probably won’t be using their PCs while they’re upgrading anyway.

The Real Value of These Process Models

To me, the real value of these process models comes from the details about what goes on during the feature upgrade installation process. By extension, in fact, this provides a pretty good model for Windows installation in general. Thus, either list of steps is a good one. I reproduce the NEW list verbatim, in numered form because it’s what Windows users face looking foward. For this list, I don’t much care which parts are online and which parts offline, either.

  1. PC checks for available feature updates (manually or automatically)
  2. Feature update payload is downloaded
  3. User content is prepared for migration
  4. New operating system is placed into a temporary working directory
  5. PC waits for a required reboot to begin update installation
  6. PC reboots to begin update installation process
  7. Drivers and other required operating system files are migrated
  8. User content is migrated
  9. PC reboots and completes the update
  10. OOBE begins

This new model gives us a nice timeline against which to plot errors. It also means when errors occur, one can make a good guess about the issue involved based on the current active phase. I’ll make ongoing, detailed observations over the next few months. Then, I’ll build and populate that map as best I can. Stay tuned: I’ll write this up when I have enough data to make it worth sharing.

March 21, 2018  8:11 AM

VMware Workspace One gets intelligent

Colin Steele Colin Steele Profile: Colin Steele
AirWatch, VMware, VMworld

Details have emerged about several new VMware Workspace One capabilities that IT pros got a preview of last year.

VMware Workspace One Intelligence, Mobile Flows and support for the Microsoft Graph API for Intune are now all generally available, VMware said today. The company originally announced the features at its VMworld conference last August.

Let’s take a look at the three components:

Workspace One Intelligence monitors and analyzes data from users’ devices and applications and enables IT to automate responses to security threats, application crashes and other issues. It uses technologies from VMware’s AirWatch compliance engine and Apteligent, an app analytics vendor VMware acquired last year. Applications must integrate with Apteligent’s APIs to provide performance and user behavior data to VMware Workspace One Intelligence, but the product can provide insights around user adoption, software licenses and more natively, VMware said.

Mobile Flows build common business processes directly into VMware’s mobile email app, Boxer. If a sales rep receives a request for a quote from a new customer, for example, he can create a new contact in Salesforce by pressing just one button in Boxer — instead of having to open the Salesforce app, sign in and then create a new contact. VMware plans to expand Mobile Flows into other apps besides Boxer, but those capabilities are not available at this time.

Support for the Microsoft Graph API for Intune enables IT to manage Office 365 mobile apps directly through AirWatch. But organizations must have both AirWatch and Intune licenses to use this feature.

Coming soon in VMware Workspace One

VMware also announced some additional capabilities that will be available later this year. The Workspace One Trust Network will allow third-party security vendors to feed data into Workspace One Intelligence, providing IT with even more insights into their users’ devices and applications to detect threats. Participating vendors today include Carbon Black, CrowdStrike, Cylance, Lookout, McAfee, Netskope and Symantec.

Another upcoming offering, AirLift aims to help IT more easily manage Windows 10 devices with VMware Workspace One and Microsoft System Center Configuration Manager (SCCM). Those co-management capabilities already exist, but AirLift will provide a console for administrators to select which tasks to perform with Workspace One and which tasks to leave to SCCM. The console will be available in April, VMware said.

March 19, 2018  3:28 PM

Logon times play key role in virtual desktop UX monitoring

Eddie Lockhart Eddie Lockhart Profile: Eddie Lockhart
published applications, VDI

Almost everyone who’s ever used a computer has sat, head in hand, frustratingly waiting for the desktop to start up. If this productivity loss runs rampant in a VDI deployment, it can have a real cost, so it’s important for IT to get a handle on logon times.

If users detect a decline in virtual desktop performance from what they were used to with physical desktops, they are likely to revolt against the technology. To quantify the effect bloated logon times can have, ControlUp, a monitoring software provider in San Jose, Calif., conducted a study on logon performance for virtual desktops and published applications. The results showed the importance of shorter logon times and consistency.

Gone in 31.9 seconds

The average logon time for virtual desktops was 31.9 seconds with a median of 23 seconds, according to the ControlUp study, presented in a webinar last week. The study, which tracked logons over almost two years across 876 organizations, defined desktop logons as the length of time from the instant a user enters his correct credentials to the moment the Start button becomes clickable.

The median indicates that half of the logons took 23 seconds or less, while the much higher average shows that there are significant outliers pulling the mean up — suggesting that many organizations have problems with logon consistency.

If logon times fluctuate significantly, users may be unhappy because they cannot rely on their desktops to start the same way every time. Time of day can be a key factor, as logons may take longer when more users within an organization are active at once. IT must allocate resources correctly throughout the VDI deployment to deal with peak usage times.

The discrepancy between the average and the median was not as significant for published apps, because they are less complex. The average time was 16.44 seconds, and the median was 12. Published app monitoring is important, because apps are the lifeblood of most users’ productivity.

Longer logon times for desktops and apps can be caused by oversized user profiles, resource contention issues, or misconfigurations after a storage array or network drive relocation. One way to reduce logon times is to use monitoring tools that can help pinpoint the source of slowdowns. In addition to ControlUp, products include VMware vRealize Operations for Horizon, Login PI from Login VSI, Goliath Technologies’ Logon Simulator and the Comtrade management packs for Citrix.

Quantifying the results

Organizations can get time and cost savings by reducing logon times.

OneWorld Community Health Centers in Omaha, Neb., used ControlUp’s monitoring tool to gather and analyze logon data, which revealed that the infrastructure had a VM sizing issue, said IT director Steve Elgan, in the webinar. His team added more processors with more RAM and changed the ratio of virtual CPU to physical CPU to one-to-one — reducing desktop logon times by 14 seconds. The company calculated that it saves about $10,000 per year because of time saved, and allows each doctor to see about seven extra patients each year.

March 19, 2018  3:26 PM

Understanding NTUser.dat in Windows 10

Ed Tittel Ed Tittel Profile: Ed Tittel
Registry, User Profile, Windows 10, Windows Registry

Saw a fascinating question on TenForums this morning, as I was making my “morning run” though the new threads there. It appeared in a thread named “ntuser.dat” and read “Why do I have so many ntuser.dat files?” Being one to look for evidence any time Windows quirks or behaviors are described, I immediately fired up voidtools’ (Search) Everything to look for that string in my file system. Right now, it turns up 60 objects, of which many are logs or pending registry transmissions (files of type .regtrans-ms). But there is also one file named ntuser.dat and eight more files named NTUSER.DAT. Obviously, there’s something interesting and useful going on with all these copies. And, as it turns out understanding NTUser.dat in Windows 10 hinges on understanding user profiles and typical accounts on a Win10 systems.

Understanding NTUser.dat in Windows 10

Of the 60 items with “ntuser.dat” in their names, these nine items shown take that name precisely on my production PC. What gives?

Why Bother Understanding NTUser.dat in Windows 10?

As it happens, each and every user profile created on a particular running instance of Windows 10 has its own NTUser.dat file. This file contains personal files and preference settings particular to each such user. As you can tell from looking at those files on my production PC (depicted in the preceding screenshot), this includes default and “behind-the-scenes” accounts as well as user accounts. That’s why we see a system account (…System32\Config\systemprofile), various service accounts (… NetworkService and …LocalService), and dot-NET accounts (dot-NET v4.5 Classic and dot-NET v.5), plus Administrator, Default and DefaultAppPool accounts. The only real user account is C:\Users\etitt. It reflects my Microsoft Account, which starts with the 5 characters “etitt”.

As it also turns out, messing with files with this name is NOT a good idea. Deleting an NTUser.dat file destroys the associated account’s preferences and settings and may even corrupt the associated user profile. Each such file has one or more backups, which appears as a file named NTUser.dat.log. If an error occurs in the master copy of NTuser.dat, Windows can use one or more log files to correct it. NTUser.ini files describe roaming profiles used in networked environments. You can rename this file But that changes the user profile from a user-controlled profile to a locked-down profile that users can alter only temporarily (changes are not saved when the user logs out).

Writing the NTUser.dat happens during login; essentially, it’s a copy of the Windows Registry’s HKEY_CURRENT_USER hive. The contents of the user profile changes constantly over time: it reflects changes that occur while Windows is running. Windows size and position, for example, changes each time you open, move, or resize an application window. And that’s just the tip of a very large iceberg of data that goes into keeping constant track of user activity.

How NTUser.dat Changes

Though user settings, preferences, and so forth change at runtime, NTUser.dat stays static. Rather, those changes go into a raft of  .regtrans-ms files that Windows 10 creates. Windows 10 processes these files whenever a user logs out, or the system shuts down or restarts. This controls and manages Registry writes, much like a “database commit” operation. (Note: database commit is a complex and interesting concept with many wrinkles, with much thought and effort required for proper implementation. For now, this means “changes either happen completely, or they don’t happen at all”. That keeps databases — including the Registry, in this case — consistent at all times.)

Thus, even when an uncontrolled shutdown or a BSOD occurs, NTUser.dat remains OK. User settings and preferences changes from the preceding session are lost. But user profiles remain intact and consistent.

I completely agree with long-time TenForums VIP and Guru member Bree (identified in the “ntuser.dat” thread mentioned at the outset of this blog post). Here’s his take on messing with or deleting files named NTUser.dat: “Best leave them alone then.” Well said, and advice worth following!

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: