15 Jan

An error occurred while attempting to start the selected virtual machine(s) ***SOLVED***

Yesterday I came across an error with a client trying to start his virtual machines in Windows 10. The below error was displayed:

‘VirtualMachine’ failed to start.
‘VirtualMachine’ failed to initialize.

Error

There was not much to speak of in Event Viewer, so I started to scour the interwebs for an answer. Uninstalling and re-installing Hyper-V had no effect. Here is the solution that worked for me:

      1. Check the permissions of the folder and drive that your Hyper-V is stored in. Some people found that the VHDX was located on an external drive with insufficient permissions.
      2. Run the following from an administrative command prompt:
        net localgroup administrators
        net localgroup administrators LOCAL /delete
        net localgroup administrators SERVICE /delete
      3. Now, reboot

Once you reboot, you should be back in business!

Share this
05 Oct

How to setup Dell MFP Scan-to-Email to Office 365

Until the past couple years, Dell printers and scanners did not even offer the option to allow secured or authenticated connections via SMTP for the scan to email functionality on their MFP’s. Now that you can secure the connection and authenticate SMTP traffic, it is not very well documented how to get it to work with 3rd party SMTP providers, Office 365 being one of them. Here are a few easy steps to get yourself scanning:

  1. Login to the web GUI using your printers IP address
  2. Go to the “Print Server Settings” page, which can be accessed directly on the left navigation bar or in a tab under “Printer Settings”, then click E-Mail Server to access the server settings
    Dell-Email-Server-Settings
  3. Enter the following info:
    Primary SMTP Gateway: outlook.office365.com
    SMTP Port Number: 587
    E-Mail Send Authentication: SMTP Auth (AUTO)
    SMTP Login User: Email address of Office 365 account
    SMTP Login Password: Password of Office 365 email account
  4. Now that you’ve entered those settings, go to the “Security” tab, then “SSL/TLS”
  5. Under “SMTP – SSL/TLS Communication”, make sure STARTTLS is selected
    Dell-Email-Security-Settings
  6. Now try to scan. Everything should work as planned! The last step would be to go into the Address Book and add some email addresses.
Share this
24 Sep

Windows 10 Upgrade Hangs at 25%, 32% or 100%

Well, it’s been almost two months since the RTM release of Windows 10. So far, so good. It’s clean, the upgrade is easy as pie and there has been relatively little issues. It’s been a far cry from the Windows 8 issues I’ve experienced. However, we’ve had an issue with several laptops where the installation would appear to hang at either 25%, 32% or 100%.

My first advice would be to wait it out. Check your disk activity light and see if your hard drive is still thinking. If it hangs for more than 30 minutes at a certain percentage, you may have an issue. I had a laptop this morning that hung at 100% for an hour. Being the impatient being that I am, I decided to force power it off. Bad choice.

Upon reboot I received a blue screen with a “PNP_DETECTED_FATAL_ERROR” error. A little research brought up almost no results, other than this article from Microsoft. Obviously, this article was next to useless. But just thinking about the error indicated a Plug and Play issue. Plug and Play devices are typically devices that are USB connected that work directly out of the box, without a need for installing software or drivers directly.

If your computer gets hung during the Windows 10 install, disconnect any USB connected devices on the machine. Mine did not have anything connected, so my mind kept working…

Ah ha! This is a laptop with a wireless switch on the side of the machine, used to disable and re-enable wireless features, such as WiFi and Bluetooth. I powered the machine down again, switched the wireless switch off and powered the machine back on and voila! I logged in completely into my shiny new Windows 10 desktop and re-enabled the switch. The drivers for the PNP wireless device immediately installed and all was good in the world. I hope this saves somebody else some time.

 

Share this
11 Sep

How to configure Lync Server 2010 Hybrid with Lync Online / Skype for Business

Intro

There is very little documentation from Microsoft regarding a hybrid scenario in Office 365 for Lync 2010 on-premise and Lync Online / Skype for Business. On the other hand, there is tons of documentation for Lync Server 2013.

What are the ways to migrate users from Lync Server 2010 to Lync Online?

There are two ways to make your current Lync 2010 on-premise users available in Lync Online. We’ll discuss both.

  1. Hybrid
  2. Cut-over migration

In either scenario, if you haven’t done so yet, you may want Single Sign On (SSO) and User Sync (DireSync). In our environment, we had already setup ADFS internally with Single Sign-On as well as Azure AD Sync (DirSync) to sync our on-premise users to Office 365. These are optional, but if you want those features and you’ve not yet completed the steps to do so, you’ll probably want to do that first. I won’t cover that portion here, but here are some good links to get you started:

Synchronizing your directory with Office 365 is easy

Office 365 SSO: A Simplified Installation Guide

Hybrid:

In this scenario, we will be setting up our on-premise Lync 2010 server right alongside Lync Online / Skype for Business. Although it takes some work, this solution is much preferred as it allows you to move and test a few users at a time to make sure things are working right in a staged migration without having to move the entire organization at once. Another plus is that we can keep all of the users personal settings,  such as Contact Lists, Federated Users, Conversation History, Status Messages, etc.

Of course, there are some pre-requisites that you’ll need to have done before you can actually start:

  • You need an Office 365 tenant with Lync Online enabled
  • You’ll need an on-premise deployment of Lync 2010 with the latest Cumulative Updates. There has been some confusion regarding this in the past and some people believed you MUST have the Lync 2013 Edge. This is not true. Just install the latest Cumulative Updates (at least February 2014) to your Lync 2010 Front End and Edge servers and you will be good to go.
  • Lync 2013 Admin Tools. (You’ll need your Lync Server 2013 DVD/ISO). You can install these right on your workstation. More info here.
  • Lync Server 2013 Cumulative Update installer on the same computer you’ve installed the Lync Server 2013 Admin Tools and plan to run the PowerShell commands from. You can download here.
  • Microsoft Online Sign-In Assistant on the same computer you’ve installed the Lync Server 2013 Admin Tools and plan to run the PowerShell commands from. You can download here.
  • Lync Online PowerShell on the same computer you’ve installed the Lync Server 2013 Admin Tools and plan to run the PowerShell commands from. You can download here.

Once all the pre-requisites are in order, here’s how to get started:

  1. On the Lync Front End server, we need to verify that the “Hosting Provider” is setup correctly.
    Get-CSHostingProvider
    NameData
    Identity LyncOnline
    NameLyncOnline
    ProxyFqdnsipfed.online.lync.com
    VerificationLevelUseSourceVerification
    EnabledTrue
    EnabledSharedAddressSpaceTrue
    HostsOCSUsersTrue
    IsLocal False
    AutodiscoverUrlhttps://webdir.online.lync.com/Autodiscover/AutodiscoverService.svc/root
  2. If any of the values above do not reflect what you have listed, you need to modify or delete your current Hosting Provider and re-create to match with the following command:
    Set-CsHostingProvider -Identity LyncOnline -VerificationLevel UseSourceVerification -EnabledSharedAddressSpace $True -HostsOCSUsers $True -AutodiscoverUrl https://webdir.online.lync.com/Autodiscover/AutodiscoverService.svc/root
  3. Also on the Lync Front End server, we need to verify that “Access Edge” is setup correctly. These should already match. More info here.
    Get-CsAccessEdgeConfiguration
    NameData
    Identity LyncOnline
    NameLyncOnline
    ProxyFqdnsipfed.online.lync.com
    VerificationLevelUseSourceVerification
    EnabledTrue
    EnabledSharedAddressSpaceTrue
    HostsOCSUsersTrue
    IsLocal False
    AutodiscoverUrlhttps://webdir.online.lync.com/Autodiscover/AutodiscoverService.svc/root
  4. Now we need to setup your tenant to use the Shared SIP Address Space. This is where the magic of the hybrid deployment happens. Connect to an Administrative PowerShell (NOT Lync Shell) and run the following commands (more info here):
    Import-Module LyncOnlineConnector
    $cred = Get-Credential (Enter your Office 365 admin credentials)
    $cssession = New-CsOnlineSession –Credential $cred –OverrideAdminDomain "[YourO365Domain].onmicrosoft.com" Note: The -OverrideAdminDomain switch may or may not be required, depending on your scenario. If you get an error that states “Unable to discover PowerShell Endpoint URI”, you’ll need it. More info here.
    Import-PSSession $CSSession -AllowClobber
    Set-CsTenantFederationConfiguration -SharedSipAddressSpace $true
  5. Now that you’ve enabled your hybrid configuration, let’s move a user. More info here.
    Move-CsUser -Identity [username@domain.com] -Target sipfed.online.lync.com -Credential $cred -HostedMigrationOverrideUrl https://admin1a.online.lync.com/HostedMigration/hostedmigrationservice.svc
  6. Finally, wait a few minutes for the user to show up in your Lync Online Control Panel, login to your Lync/Skype client and you should be good to go!

Cut-over migration:

In this scenario, you literally take your on-premise users and cut them over to Lync Online / Skype for Business. There are some major drawbacks to doing this, however. A cutover migration only migrates the user – it does not migrate any of the users settings. These settings include things like Contact Lists, Federated Users, Conversation History, Status Messages, etc. On the plus side, it is appreciably faster and much less headache as you do not have to setup a hybrid scenario with Office 365 before the migration.

Now, let’s get started:

  1. Make sure your users are loaded into your Lync 2010 Front End server
    Lync 2010 Control Panel
  2. Disable the on-premise users by selecting the user, clicking Action, then clicking Remove from Lync Server (Note: By disabling the users, All the Lync data such as conversation history and contacts will be lost)
    Remove From Lync
  3. If you’re using DirSync, run a manual sync. Go to your DirSync installation path (C:\Program Files\Windows Azure Active Directory Sync) and open DirDyncConfigShell.psc1 and run the following command: Start-OnlineCoexistenceSync. Give it a few minutes to run.
  4. Make sure your users display in your Office 365 Control Panel and that you have a license assigned. Login to Office 365, go to Users > Active Users > Select your user and verify on the right pane that a license is assigned.
    O365 User License
  5. Make sure the user is enabled in Office 365 > Admin > Skype for Business
  6. Lastly, make sure you’ve modified your DNS settings to use Skype for Business. The DNS records you need to add are described in more detail here.

 

Share this
13 Aug

SCCM 2012 R2 SP1 Windows Defender Explained

Microsoft has made some major changes in recent months, most of which are very good. Coinciding with the release of Windows 10, Microsoft has also released System Center Configuration Manager 2012 SP2 and R2 SP1 to manage those clients. One of the cool features of SCCM is the ability to manage antivirus centrally. In 2007, the SCCM antivirus was called Forefront Endpoint Protection. Then came System Center Endpoint Protection. Now the antivirus built into SCCM has been integrated with Windows Defender. In some ways, this is pretty cool.

I personally do not have much faith in Windows Defender.

  1. It’s not very good at finding/remediating infections
  2. It’s very slow and bogs your system down
  3. The features are far, few and in-between

Now that Windows Defender is the new anti-virus, I’ve noticed several changes. Some of them are critical. At first glance, the GUI appears to be the same. See screenshot below.

Endpoint-vs-Defender

The first change I noticed is that I could not find my Quick Scan options. Where did those go? Also, the Settings tab is gone in Windows Defender, but there is now a Settings gear Gear you can click. When clicking that gear, you’ll find that the Settings for Windows Defender are now built directly into the PC Settings, which at first glance is also pretty sweet.

Defender-Settings

If you look closely, several features and settings have been removed. Quick Scan settings are gone (where you can create your own Quick Scan schedule), the ability to change the CPU usage the application can use is gone, real time protection settings are gone, and advanced scan features are all gone. I am certain many of these options can be centrally managed from the Site server, however giving the ability to the end-user to manage some of their own settings is critical. For example, the feature that prompted me to write this post was the missing CPU usage feature. I used to be able to limit CPU usage to say, 20% while a scan was running.

Endpoint-CPU-Usage

This was critical so my system wouldn’t get bogged down if I decided to work through my lunch break (scheduled quick scans are at noon daily). I REALLY hope Microsoft decides to add these back in future revisions.

 

Share this
20 Jun

Skype crashes in Windows 8 – App Microsoft.SkypeApp did not launch within its allotted time

Issue: Skype crashes immediately after attempting to open in Windows 8, bringing you back to the tile screen.

 

Event viewer may give you a couple indications of the application with Event ID’s 2486 (Error) and  1001 (Informational)

App Microsoft.SkypeApp_kzf8qxf38zg5c!App did not launch within its allotted time.

Fault bucket , type 0

Event Name: WWAJSE

Response: Not available

Cab Id: 0

Problem signature:

P1: Microsoft.SkypeApp_1.5.0.109_x86__kzf8qxf38zg5c

 

Resolution:

Several people have reported that Kaspersky was causing a problem and that adding Skype’s directories to the exclusion list resolved it. If you have Kaspersky, the resolution for that is located here. I do not have Kaspersky, so I had to keep searching. I was able to resolve it by doing the following…

Go to C:UsersUsername and grant Full Control permissions to “ALL APPLICATION PACKAGES” in the AppData folder. Note: AppData is a hidden folder, so you may need to go to Control Panel > Folder Options > and check “View hidden Files and Folders”

After you’ve granted the proper permissions, uninstall Skype and reboot your PC. After the reboot, reinstall Skype and you should be back in business!

 

Share this
01 Apr

SCCM 2012 Software Deployment – Unknown client check passed/active

Was having an issue where I deployed a Dell BIOS update to a new client and the client was not receiving the update. When checking the status of the deployment under Monitoring in the admin console, I noticed that 2 of the clients that it was deployed to were Compliant, but the 3rd was listed under Unknown, and said “Client check passed/Active”.

Obviously this was confusing because the client was successfully installed and was receiving other deployments, but was Unknown here. The difference was that this deployment in particular was for an UPDATE instead of a standard software deployment.

In checking the clients WUAHandler.log file, I saw these errors:

Group policy settings were overwritten by a higher authority (Domain Controller) to: Server http://DOMAINWSUSSERVER.domain.com and Policy ENABLED WUAHandler 4/1/2013 12:29:48 PM 8036 (0x1F64) Failed to Add Update Source for WUAgent of type (2) and id ({7AD3055F-D321-4E9E-9E2A-3E5336939F79}). Error = 0x87d00692. WUAHandler 4/1/2013 12:29:48 PM 8036 (0x1F64)

Failed to Add Update Source for WUAgent of type (2) and id ({7AD3055F-D321-4E9E-9E2A-3E5336939F79}). Error = 0x87d00692. WUAHandler 4/1/2013 12:29:46 PM 8588 (0x218C)

DUH! I forgot to put this client in the SCCM WSUS GPO that I created (we have a GPO in our domain for standard WSUS and SCCM WSUS). Added the client to the proper GPO, rebooted the PC, ran a Software Updates Scan Cycle and Software Updates Deployment Evaluation Cycle and the errors disappeared, the deployment succeeded and all 3 PC’s showed in the console as Compliant! Here’s for chasing my own tail.

Share this
25 Feb

Windows 8 Update – Your PC will restart in 2 days to finish installing Important updates

Recently had an issue with Windows 8 where I came back from lunch, went to logon to my machine, only to be greeted with a message that said “Your PC will restart in 2 days to finish installing Important updates”.

 

What?!?!?! So I looked for a logon screen and of course, there was none. I did not want to force a reboot given an awful recent experience with the famous Automatic Repair loop issue, so I started looking for another solution besides waiting 2 days. There are 2 possible solutions I’ve found – I personally used Solution #1.

Solution #1:

  1.  Logon to another PC attached to the same network and download Microsoft PSTools from HERE and extract the contents to your Desktop.
  2. Open an administrative command prompt and change directories to the PSTools folder.
  3. Run the following command to trigger a reboot on the remote machine: psexec -s \brokencomputername shutdown -r -t 0
  4. Be patient for a minute while the command runs. If the command ran successfully, you should get a message stating shutdown exited on brokencomputername with error code 0.
  5. Watch your Windows 8 machine for a few moments and you should be able to watch it reboot and install the updates it was waiting to install. When that’s done, you should get your logon screen as normal.

Solution #2:

  1. Logon to another PC attached to the same network and try to Remote Desktop into the machine having issues. Note: This didn’t work for me because I didn’t have RDP enabled yet and didn’t have the patience to do a remote Group Policy change enabling it.
  2. Reboot as you normally would, giving the machine the permission to install updates and upon reboot you should be able to log in.
Share this
20 Feb

Java 7 Installation Error 1603

I have been beating my head against a wall recently regarding a problem with pushing new Java versions to some of our clients and hopefully I can save some of my readers the headache I’ve had.

We are currently using SCCM 2012 SP1 to deploy Java to our client PC’s. Java 7 Update 9 seemed to have pushed without incident. I then pushed Java 7 Update 13 and most of the clients updated fine, but others were getting “Fatal error during installation” error code 0x643 within SCCM. You’ve likely also tried uninstalling Java from Programs and Features with no luck. Downloading the install directly from Oracle and running it from the command line with logging will probably show you “CustomAction  returned actual error code 1603“. The end-user in the Software Center just sees an error without much description, indicating the latest Java update is “past due-will be retried“.

Software Center Error

Googling this issue brought limited resolution steps. Before we go too crazy, we should try to repair the original installation first. If we can successfully repair, then we should be able to update to the latest version without issue. Unfortunately, you can’t repair from within Programs and Features, so we need to find the original MSI file. If you can’t find the MSI file, you’ll need to find its’ location in the Registry. First, you’ll need to get the exact version of Java that is broken on your machine.

  1. Go to Programs and Features, find and highlite Java 7 and write down the version on the bottom of the screen.Java 7 Version
  2. Open regedit and navigate to HKEY_LOCAL_MACHINE/Software/Microsoft/Windows/CurrentVersion/Uninstall. Press ctrl+f and search for your version (mine is 7.0.90). Once regedit finds the key, open Windows Explorer and navigate to the folder listed in the “InstallSource“.
  3. Find the MSI, right-click and Repair.

If the repair worked – GREAT! If not, you may get a message such as this…Java Repair

 If you do, that’s OK – we’ll just work in the Registry some more and delete more keys.

  1. Open regedit and navigate to HKEY_LOCAL_MACHINESOFTWARECLASSESINSTALLERPRODUCTS. Again, do a search for your version number. When  you find the key for Java, Export then Delete it.
  2. Now export and delete these two keys – HKEY_LOCAL_MACHINESOFTWAREJavaSoftJava Runtime Environment and HKEY_LOCAL_MACHINESOFTWAREwow6432nodeJavaSoftJava Runtime Environment
  3. Finally, go back to your original MSI and try to reinstall the original version. If all was done correctly, it should be successful. After that was successful, then try to update to the latest version. That should work, too!
Share this
18 Feb

BERemote doesn’t start on Microsoft TMG 2010

I have recently run into a troubling issue backing up our new Microsoft TMG server with Symantec Backup Exec 2010. The issue was with the remote agent – at first I was unable to get the remote agent to install because it claimed that the NDMP port default 10000 was in use by the Windows service wininit.exe.

After finding and following this article by Symantec, I changed the NDMP port to 10001 and I was then able to get the agent to install (Note: I was not able to push the installation from the Media Server – I had to copy the contents of the agent directory and install it manually). The issue then became that I was unable to browse the contents of the TMG server from our Backup Exec media server. This was because the media server is configured to communicate over port 10000.

For us, it was not feasible to change the port on every single server we were backing up, so I had to find a way to make our TMG server work over port 10000. Here is what we had to do…

  1. Make sure that you’ve specified port 10000 as the NDMP port in <systemroot>System32Driversetcservices
  2. Find what service is currently using port 10000. This can be done by opening an administrative command prompt and running netstat -ato > C:netstat.txt (This command may take a while to run on a production TMG server – be patient)
  3. Open the netstat.txt file and do a search for “10000”. You will likely find a PID number using that port. Open up Task Manager, go to the Processes tab and click the “Show Processes from All Users” button. To sort by PID in task manager, you need to add the PID column by clicking View >> Set Columns and checking “PID”.
  4. You will probably find that the PID listed in Netstat is being used by Wininit.exe. This process uses port 10000 because Windows by default starts its Dynamic Port Range to start at port 10000. To force the Wininit.exe service to use a different port, we need to tell Windows to start its Dynamic Port Range higher than port 10000. Open another administrative command prompt and run this command: netsh int ipv4 set dynamicportrange tcp startport=10010 numberofports=30000
  5. Now you need to reboot the TMG server for this to take effect. Upon reboot, you should now notice that the BERemote service is started and that you can back it up.
Share this

©2015 ProWeb Solutions. All rights reserved.