Windows Enterprise Desktop

February 17, 2017  11:53 AM

Disconnect Drives Before Multi-Boot Install

Ed Tittel Ed Tittel Profile: Ed Tittel
bcdboot, Dual booting, Windows 10

Anybody can learn stuff, but lessons learned the hard way are the ones that stick with you. Case in point: I’ve got a Windows desktop PC I use as a test machine. Furthermore, I’ve got it set up as a dual-boot environment. On one SSD I’ve got a bootable installation of the Win10 Current Branch release (1607.693). On the other SSD, I’ve got a bootable installation of the Win10 Insider Preview (Build 15031). A recent kerfluffle with installing 15031 on that machine forced me to wipe that second SSD, and perform a clean install. As I did that, I remembered that one should disconnect drives before multi-boot install on a Windows PC. That way, I corrected an earlier flub where my Current Branch drive booted up both Windows versions (because I didn’t disconnect the other SATA drives before performing that install).

Why Disconnect Drives Before Multi-Boot Install?

Apparently, if you add a second OS instance the Windows Installer simply updates boot entries for the Boot Configuration Data (BCD) table for the already-installed OS. Thus, it adds the partition information for the second OS to the boot table on the first OS drive. That’s how it shows up on the boot menu for the PC involved.

But if you disconnect all other drives on a system except your OS target drive, you get a clean setup. Then the new target drive has its own independent BCD table. Also, one boot drive isn’t dependent on another boot drive for the Windows bootloader that brings it to life. Of course, that also means you must rebuild the new BCD to take note of the prior Windows install so can boot it selectively as well.

Working with EasyBCD Instead of BCDEdit

Windows offers a built-in BCDEdit command line utility you can use to manipulate this information, but it’s a bit of a slog to use. Although it costs $30, NeoSmart Technologies’ EasyBCD is a worthwhile and friendlier replacement. After I wiped the second SSD, installed 15031, and got all the way through updates and cleanup, I fired up EasyBCD next and used it to add in data for the previous Windows data (shows up as “Win10 Current Branch” in screencap):

Disconnect Drives Before Multi-Boot Install

Entry #2 is for the old OS, and Reflect makes it easy to add a repair partition for image recovery.

As an added bonus, Macrium Reflect offers a facility to drop a recovery partition onto a boot drive. This lets you boot into that partition from the boot menu. Then you can run Reflect on its own to restore partitions from an image backup. A handy way to recover from serious Windows issues, but only if you have a current backup handy!

February 15, 2017  11:58 AM

Overcoming USB Flash Write-Protection

Ed Tittel Ed Tittel Profile: Ed Tittel
Troubleshooting, USB Flash drives, Windows 10

Last month, I was mucking around with my Asus RT-AC68U router. Among other experiments, I plugged in a USB flash drive into one of its ports to share it with the network. This morning, I unplugged it from the router to try to use it for recovery on a temporarily disabled test PC. No dice: instead of using it to reboot that machine, I found myself tasked with overcoming USB flash write-protection on that drive.

overcoming USB flash write-protection

Cute little sucker, but unfortunately dysfunctional.

What’s Involved in Overcoming USB Flash Write-Protection?

Good question! I turned to a tutorial on TenForums for my first set of answers. It’s entitled “Disk Write Protection – Enable or Disable in Windows.” The tutorial makes three basic prescriptions

Flip a physical switch: some UFDs (and most external USB drive enclosures) have a write-lock switch on them. It’s something like the old tab on floppy disks that turned off their write-ability. My Patriot Memory TAB 16GB USB 3.0 UFD lacked this tab, so this option was out.

Group Policy change/Registry hack: Pro, Enterprise and Education versions are amenable to a GPO setting or a Registry hack. Neither worked for me.

Use Diskpart to turn off readonly attribute: The syntax, after selecting the disk you wish to reset is: attributes disk clear readonly. Didn’t work either.

Bummer! None of the easy fixes worked. So I started poking around further. I soon found out that most UFD makers offer proprietary low-level formatting utilities to scrub their drives when they go south. A quick trip to the Patriot Memory Support forums showed a well-visited thread where owners can request a copy of their utility, and get it e-mailed to them. That’s what I did next.

Low-Level Formatting Madness

Being temperamentally disinclined to wait for much when troubleshooting, I kept poking around online and found a Website named They’ve got utilities from many vendors, including Patriot Memory, available for download. Their downloads also get a clean bill of health from VirusTotal (phew! the Internet can be a dodgy place). But none of the tools I could find there worked, either — the two I tried gave up when they discovered the UFD was write-protected. What good is a low-level formatting tool that pays attention to such things?

So now I’m waiting for Patriot to cough up their utility, and try that one out. If it works, I’ll restore the UFD to service. If it doesn’t, I’ll toss it out and buy another set of 16GB UFDs from Newegg the next time I order something from them. Looks like they go for $9-15 for the ultra-compact models these days. No great loss either way.

I’ll report back when I hear from Patriot as to whether their proprietary tool does the trick. In the interim, keep those fingers crossed!

February 15, 2017  9:44 AM

Anti-phishing training videos take users off the hook

Ramin Edmond Profile: Ramin Edmond
Desktop security, Email security, Phishing, Security training

Email phishing attacks against high-level executives increased at Tri-Counties Regional Center last year. To combat and boost awareness of the problem, CIO Dominic Namnath turned to user training videos.

“Your user is the most vulnerable point,” Namnath said. “Spoofing the CEO’s email asking him to check out a website, which is an attack website — it wouldn’t be hard to imagine something going wrong.”

Tri-Counties Regional Center, a nonprofit healthcare services provider in Santa Barbara, Calif., takes a layered approach to desktop security, using Sophos for endpoint protection and network security. But phishing attacks — which fool users into clicking a link to a malicious website or file — are still quite concerning, Namnath said.

The organization first hired an IT consultant to provide annual anti-phishing training sessions for users, but that wasn’t sufficient, Namnath said. Now, Tri-Counties uses Ninjio, a security awareness training company that provides animated videos based on real-life security breaches. Users watch one three- to four-minute video a month that explains how a specific type of threat occurs and how to avoid it.

For instance, one video shows a hospital network become infected with ransomware because a phishing attack duped an employee. The employee learns how to prevent an attack by hovering the cursor over a link in an email to see a preview of the URL.

At Tri-Counties, IT tracks how many anti-phishing training videos users watch and assigns them a quota to reach in a certain timeframe. If users don’t meet the goal, Namnath restricts their access to certain websites.

“Basically, they won’t be able to get to any fun stuff,” Namnath said. “Those who aren’t being educated are our biggest risks.”

Thirty percent of attempted phishing emails get opened by users, according to the Verizon 2016 Data Breach Investigation Report.

Zack Schuler, a former network engineer and founder of Ninjio, started the company in 2015 because other anti-phishing training videos were 45 minutes long and not very engaging, he said.

“If we could just educate people so they knew what they were doing and knew what to look out for, then we’d have this massive dent in security vulnerabilities,” he said.

February 13, 2017  12:38 PM

Build 15031 Brings Dynamic Lock

Ed Tittel Ed Tittel Profile: Ed Tittel
Locks, Windows 10, Windows Login

Cellphones are such a vital ingredient of modern life that we bring them with us everywhere we go. MS exploits this truism in the latest build of Windows 10, 15031. There’s a new facility in the Sign-In Options called “Dynamic lock” that detect when the phone is out of Bluetooth range and locks a paired PC in response. Here’s a screen cap showing this turned on for my Dell Venue Pro 11 and my iPhone. It shows just how Build 15031 brings dynamic lock to Windows 10:


As is so often the case with new software from Microsoft, this comes with a catch. The Bluetooth control panel widget is MIA in Build 15031 (you won’t find it, period). Thus, you must go through the “Devices and Printers” interface to pair your phone with your PC, then visit the Settings app under Accounts, Sign-in options. Once the device is paired, you can check the box next to “Allow Windows to detect…” This instructs the PC to switch to the lock screen, and blocks casual access to those lacking credentials.

I expect this capability will extend into production Windows when the Creator’s Update goes live in April. It will be a handy extension to desktop security for Windows, but only as long as you remember to take your (paired) cellphone with you when you walk away from your desk. My record on that is pretty good, though — as is most people’s — so this should work nicely.

February 11, 2017  3:04 PM

EI.cfg and PID.txt Install Windows License Info

Ed Tittel Ed Tittel Profile: Ed Tittel

If you frequently install Windows, here’s a trick to forestall version identification and license requests during the process. As documented in a TechNet article, you must out two files in \Sources to make this happen. The first is named EI.cfg, and stands for “Edition ID.” The second is named PID.txt, and supplies the product key for Windows. My guess is that PID stands for something like “Product ID.” Together, EI.cfg and PID.txt install Windows license info automatically, without requiring user input during the install process.

How Do EI.cfg and PID.txt Install Windows License Info?

I’ll provide basic info here. But you can consult TechNet for the details. The article is entitled “Windows Setup Edition Configuration and Product ID Files (EI.cfg and PID.txt).” And though it’s labeled as “…archived and … not being maintained,” it still works fine for Windows 10. At least, as of Version 1607 (production) and Insider Preview 15031 as I write this post.

Creating EI.cfg

Notepad or any plain text editor is what you want for both of these files, which should go into the \Sources directory on the installation media. Note: you can use the tool named UltraISO to deposit them directly inside an ISO file you may have built yourself or downloaded from MS. (Note: it costs $30 but is worth it, especially if you’re using a Volume License key which needs doing only once.)

The format of the EI.cfg file is as follows:

EI.cfg and PID.txt Install Windows License Info

The stuff in square brackets you leave alone, the stuff in curly braces needs replacing. For {Edition ID} use the name of the edition you’re installing (Home, Pro, Enterprise, or Education). For {Channel} the value must either be “OEM” or “Retail”. Unless you’re an OEM, that means retail. If you’re using a volume license, the value for {Volume License} must be 1, otherwise 0 (zero). That’s it!

Creating PID.txt

If you thought the EI.cfg file was easy — and it is — PID.txt is simpler yet. It contains two lines. The first reads “[PID]” (omit the quotes, they’re just there to show you what to type. The second reads “Value=XXXXX-XXXXX-XXXXX-XXXXX-XXXXX” where you’ll substitute an actual and valid 25-character Windows key for the string of X’s. And that’s that!

February 8, 2017  10:50 AM

Admin Tool: MS ISO Downloader

Ed Tittel Ed Tittel Profile: Ed Tittel
ISOs, MS Installer, Windows 10

Now and then, admins may need mountable ISO files for Microsoft OSes or programs (like Office). That’s when “find the ISO” can sometimes turn into a challenging game. Except for those with MSDN subscription access, running down ISOs can take a while. Itinerant programmer Jan Krohn provides a useful anoydyne through his Cambodia-based Website It comes in the form of a program named Microsoft Windows and Office ISO Download Tool. The tool covers all current Windows desktop versions (7, 8.1 and 10). It also covers Office 2007, 2010, 2011, 2013, and 2016. ISO downloads are available in multiple versions for all this software.

Take a Peek at MS ISO Downloader

Here’s what the program looks like, taking Windows 10 as its focus: MS ISO Downloader

Look at all those Windows versions! And all the flavors, too (Home/Pro, Single Language, Education, … but no Enterprise).

As you can see, there are numerous Windows versions covered. You’ll find not just 1607 and 1511, the major builds, but also 1604 and 1602 and others as well. There’s only one flavor of Windows 8.1 available, as befits its short release life. Ditto for Windows 7 in its various SP1 forms. Those who work with Office, or need older versions for whatever reason, will find these ISOs a treasure trove.
The code is portable and standalone (no installer needed). You can load it up on your traveling flash drive, and plug it into whatever machine you like. Enjoy!

February 3, 2017  12:32 PM

Keep USB Drives Humming

Ed Tittel Ed Tittel Profile: Ed Tittel
Backup and Recovery, Troubleshooting, Windows 10

Last weekend, I ran into an interesting problem on a couple of my laptops. Those were a Surface Pro 3 and a Dell Venue Pro 11, each with the same problem. As I ran Macrium Reflect to back each one up, it would fail to complete. This was on the same hardware: an external Eagle Consus USB 3.0 drive dock with an HGST 4GB 7,200 RPM HDD. The error messages were likewise the same. I would either get a “Write operation failed” or “Write operation timeout.” Because I like to keep USB drives humming along properly, I turned to the Macrium KnowledgeBase.

How Does One Keep USB Drives Humming Along Properly, Anyway?

Sure enough, I found a KB article there entitled “Backup aborted! – Write operation failed – The request could not be performed because of an I/O device error.” It told me what I needed to know. As it happens the secret is on the Policies Tab in a Disk Drive item in Device Manager, to wit:

keep USB drives humming

Select the radio button that reads “Better performance” to fix this issue.

According to the KB article, the default setting of “Quick Removal” is the culprit. It means that “Windows will disable write caching to the disk thereby slowing down throughput. All writes will go direct to the disk and throughput IO collisions can occur.” Backup is one of those situations where the IO channel gets pretty saturated. Obviously, it bumped the odds of a collision occurring to a certainty in these cases! After this setting change, a restart is also required.

I’m pleased to report that this fix did the trick. I was able to backup both machines without further issues after applying it. This is a per-PC item. Thus, unless you’re willing to write a GPO to change this setting globally, it must be applied on each individual PC.

February 2, 2017  4:56 PM

UUP Gets Teething Problems

Ed Tittel Ed Tittel Profile: Ed Tittel

Since last November, I’ve mentioned the Unified Update Platform 5 for Windows 10 five times in this blog. It made its debut with Insider Preview build 14959, and as of yesterday, we’re up to build 15025. It’s proving to be something of a pain, as I work with downloading and installing frequent Insider Preview builds. These are more like the transition from 1511 to the 1607 Anniversary Update for those outside the program, bigger and more time-consuming than a typical cumulative update. Recently, though, as UUP gets teething problems, it’s been a real slog to keep up with new builds.

uup gets teething problems

It all started on 11/3/16 when Bill Karagounis posted this to the Windows Insider blog.

When UUP Gets Teething Problems, What Gives?

Fortunately, there are two different workarounds to get past UUP problems. For me, these problems have recently manifested the following signs or symptoms (also reported by many other Insiders):

  • Long download times from Windows Update. I quit one download yesterday after waiting 2 hours, another after letting it run for 7 before giving up.
  • Download apparently hangs at various stages of completion: I’ve personally gotten stuck at 0% and 100%.
  • A variety of installation errors that result in a rollback to the previous build.

For a more complete litany of woes, see this thread on Announcing Windows 10 Insider Preview Build 15025 for PC. It gets pretty interesting in a hurry, and is the first such build to collect 30-plus pages of posts in recent memory.

How to Get Past UUP Issues: The Workarounds

There are two ways to get around the UUP download problems. One is to run a registry hack that instructs WU to provide the compressed ESD file format (older-style updates) instead of UUP’s large file collections. This hack is documented in a TenForums thread (post #728) entitled “Upgrading Windows 10 – ESD or UUP?” After installing this hack and rebooting your PC, downloads work better on some machines. This was the case for my Insider Preview desktop test machine. In fact, its MSI Z87-G45 motherboard has proven pretty resilient over the two years or so it’s served in that role.

For other machines, though, not even the ESD trick works. That, alas, was true for my Dell Venue Pro 11. It stubbornly resisted all attempts to let WU handle the upgrade install. I resorted to links posted at in a recent item entitled “Download Windows 10 Build 15025 ISO Images” instead. Title notwithstanding, this actually has one download the ESD file. Next, you’ll use a decrypter to turn it into an ISO. After that, you can mount it in the file system and run Setup.exe for an upgrade install.

I’ll be very glad to see Microsoft fix or improve UUP. I’d like to see it work like earlier iterations of Windows Update: slowly, but reasonably reliably. In the meantime, when UUP gets teething problems, savvy Insiders know to look for alternative arrangements until this baby settles down!

January 27, 2017  10:51 AM

Cloud Shell Rumors Hint Thin Client Model for Windows

Ed Tittel Ed Tittel Profile: Ed Tittel
Thin client, Windows 10, Windows RT

A fascinating rumor is making the rounds on Windows news and rumor sites. As best I can tell it originates with regular Brad Sams. His report is based “on documents I have seen,” not hearsay. This quote comes from a brief Petri 1/26 item entitled “Microsoft’s Cloud Shell Looks to Modernize Windows.” Other derivative reports on Cloud Shell are on and These rumors hint thin client model for Windows may be in the offing, an idea that makes excellent sense.

That idea goes as follows: the shell runs on a device with a standardized framework for ongoing interaction. This shell scales and adapts to work on devices that include smartphones, PCs, tablets, consoles, and more. In the cloud, a back-end VM provides necessary compute and storage capabilities to do actual work. This is a thin client model because it runs the GUI on the client and does the rest of the computing on a back-end server.


Windows 10 looks the other way in this reimagined early lockscreen graphic. That’s what Cloud Shell may also do.

When Cloud Shell Rumors Hint Thin Client Model, What Does It Mean?

According to Sams/Petri, Windows Store and UWP apps also have a role to play in Cloud Shell. What that role might be isn’t yet clear. Surely, though, it’s not too big a stretch to imagine it means general access to shared apps and storage? Sams and others have speculated this involves a more nuanced and capable return to the Surface RT model, now that scaffolding to support it is more solid. The Windows Store offers a large catalog of apps, and the UWP framework is well-defined and increasingly well-used. This is what leads Sams to speculate the following:

What would be more interesting is if Microsoft is truly trying to make a version of Windows for the masses that runs in the cloud and then streamed locally to your machine, much like a thin-client, but the details around Cloud shell are still a bit foggy.

There are still too many ifs and unknowns around the Cloud Shell to make out real details. But this could be an interesting and useful spin on the traditional desktop OS, updated for the 21st century. I’m sure we’ll all be watching for more information about this topic in the months ahead!

January 25, 2017  10:53 AM

ShowKeyPlus for Your Admin Toolbox

Ed Tittel Ed Tittel Profile: Ed Tittel

Admins will occasionally need to mess around with Windows licenses as they install new images or repair existing ones. For cases where digital licensing information from Microsoft doesn’t automatically activate such PCs, a key finding-tool comes in handy. While there are many such tools around, one particularly good — and free — such tool is ShowKeyPlus, from Superfly Inc. Unlike other key-finding tools I’ve used, this one sets off no anti-malware alarms, either.

What’s to Like about ShowKeyPlus?

A picture helps answer the foregoing question:


The keys are blanked for security but the OEM data is what’s particularly interesting.

As the image from my Surface Pro 3 PC shows, the tool digs into the PC’s BIOS to determine if an OEM key is in residence. If it finds such a beast, it reports that key as well. This is doubly helpful to admins seeking to manage (or re-use) keys for the following reasons:

  1. OEM keys for Windows 7 or 8.1 still activate Windows 10 clean installs
  2. OEM keys may not be transferred from one machine to another (but retail or volume license keys allow this)

What makes ShowKeyPlus even more useful, IMHO, is that it can also retrieve Windows product keys from backup images. To do this, however, one must mount the backup as a volume (it helps if it’s a virtual disk image of some kind), then navigate to the %windir%\System32\Config folder, and select the item named SOFTWARE there. Thus even when a system is inoperable, admins can still obtain some key information. Here’s a screencap I grabbed from a late 2015 backup image from my production PC:


Good stuff! Grab yourself a copy today.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: