Apply Startup script locally on windows machines

Or, How to apply/execute logon script locally for a single user in Windows Machine?

Simply, Go to the start-up folder of the specified user’s profile and past your created script file there. Once the specified user will login next time, the script will be executed.

Go to the below-given folder path:-

C:\Users\%username%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

Past your script file here that you want to be executed at start-up.

Hope it helps, write me back if you have any query or feedback on this.

Windows Patches for Meltdown and Spectre remediation

Or, All you need to know about windows patches for Meltdown and Spectre vulnerabilities

Or, Microsoft Windows Operating Systems Patches for Meltdown and Spectre Vulnerabilities

Descriptions

Microsoft's process for releasing Windows updates addressing Meltdown and Spectre has been a good and well as problematic causing high-profile incompatibility issues with third-party antivirus (AV) software and AMD processors. In some cases, delivery of the latest security update has been restricted or suspended by Microsoft.

Reference MS Advisory: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002

More details and direct download links to the updates below:  

• Windows 10 Various Versions
• version 1507 — KB4056893 (issued 1/3/18)
• version 1511 — KB4056888 (issued 1/3/18)
• version 1607 — KB4056890 (issued 1/3/18)
• version 1703 — KB4056891 (issued 1/3/18)
• version 1709 — KB4056892 (issued 1/3/18)

• Windows 8 and Windows Server 2012
• Windows 8.1 and Server 2012 R2— KB4056898 (issued 1/3/18)
• No patches available for Windows Server 2012 non-R2 version
• Windows 7 and Windows Server 2008
• Windows 7 SP1 and Server 2008 R2 SP1 — KB4056897 (Security only, issued 1/3/18)
• Windows 7 SP1 and Server 2008 R2 SP1 — KB4056894 (Monthly rollup, issued 1/4/18)
• No patches available for Windows Server 2008 non-R2 version

What they addressed in these fixes

• Spectre variant 1, bounds check bypass (CVE-2017-5753)

• Meltdown, rogue data cache load (CVE-2017-5754)
  
  UPDATE (1/17/18): As readers have pointed out, it appears Windows patches for 32-bit systems (x86-based systems) do not provide Meltdown mitigations.
  Per Microsoft:

The existing 32 bit update packages listed in this advisory fully address CVE-2017-5753 and CVE-2017-5715, but do not provide protections for CVE-2017-5754 at this time. Microsoft is continuing to work with affected chip manufacturers and investigate the best way to provide mitigations for x86 customers, which may be provided in a future update.

What they don't address in these fixes:

• Spectre variant 2, branch target injection (CVE-2017-5715) — firmware updates are required to fully address Spectre variant 2. 

Known issues with AV agents (also explained in MS Advisory):

• AV compatibility issues: During tests, Microsoft discovered that a compatibility issue with "a small number of antivirus software products" was causing system crashes. As a result, the company has made delivery of the Windows security updates linked to above contingent on the presence of a special registry key, which it has instructed all AV vendors to add to customer devices only after they've confirmed their products are compatible.
  
  This deserves reiterating — Microsoft will not deliver the Windows update unless the following registry key exists (more details here):

Key="HKEY_LOCAL_MACHINE" Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat" Value="cadca5fe-87d3-4b96-b7fb-a231484277cc" Type="REG_DWORD”

Data="0x00000000”

This has created a lot of confusion, especially since the response from AV vendors has varied, with some setting the registry key for their customers and others recommending users set it, themselves, manually. The situation only gets more complicated considering many organizations have more than one AV solution installed. 

Update: Microsoft has clarified that Windows Defender Antivirus, System Center Endpoint Protection, and Microsoft Security Essentials are compatible with the update and do set the required registry key.

That means as long as you have one of these built-in Microsoft protections enabled the registry key should be set automatically — no further, manual action should be necessary. 

Be careful: If you are using third party software that Microsoft offically recognizes as AV, it is important to note that, by default, Windows Defender and Microsoft Security Essentials will turn themselves off. That means the registry key won't be added unless you or your AV actively do it. 

It’s better approach that, you first reach out to your AV vendor and ask for AV update/upgrade patches which ensures the compatibility with these MS updates. After installing AV patches, you should proceed with windows patches installation for smooth deployment. This means not that, you can’t update windows patches without updating AV.

Some Additional References:

ADV180002 | Guidance to mitigate speculative execution side-channel vulnerabilities

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002

Question: I have an AMD-based device and compatible antivirus software, but I am not getting the January 2018 Windows Security Update. Why is that?

Answer: Microsoft has received reports that some devices using certain AMD processors can enter an unbootable state after installing the January Windows security updates. To prevent this, Microsoft has temporarily suspended automatically sending the following Windows security updates to devices with affected AMD processors:

·         KB4056892

·         KB4056891

·         KB4056890

·         KB4056888

·         KB4056893

·         KB4056898

·         KB4056897

·         KB4056894

·         KB4056895

Microsoft is working with AMD to resolve this issue and to resume offering Windows security updates to the affected AMD devices via Windows Update and WSUS as soon as possible. For AMD device-specific information please contact AMD.

Server Operating Systems (Affected Table):

https://support.microsoft.com/en-in/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution

Operating system version	Update KB
Windows Server, version 1709 (Server Core Inst..)	4056892
Windows Server 2016	4056890
Windows Server 2012 R2	4056898
Windows Server 2012	Not available
Windows Server 2008 R2	4056897
Windows Server 2008	Not available

Windows Client:

https://support.microsoft.com/en-in/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in

AV Agent Relational Advisory by MS:

https://support.microsoft.com/en-us/help/4072699/january-3-2018-windows-security-updates-and-antivirus-software

Unbootable state for AMD devices in Windows 8.1 and Windows Server 2012 R2

https://support.microsoft.com/en-us/help/4073576/unbootable-state-for-amd-devices-windows-8-1-windows-server-2012-r2

Reference KBs

https://www.catalog.update.microsoft.com/Search.aspx?q=KB4073576

KB4073576 is not applicable for Intel platform

KB4073576 is applicable for Client machines on Windows 8.1 AMD platform

Cheers, Please write me back if you have any feedback or suggestions..

Windows 10 support end date announced, what’s the truth?

Or, Windows 10 expired? Facts must to know.

Or, Windows 10 end of life announced

Or, Support retired date for windows 10

Description: Guys, MS has announced the support end date for Windows 10 operating systems but its only for Windows 10 version 1507 build 10240 which is possibly the very first release of MS windows 10 operating systems.

So, if you are running on any latter version of Windows 10 operating system, you not need to worry about this announcement at all.

Windows 10 version 1703 is the most recent version of Windows 10 operating systems as on today (18^th Apr 2017).

To answer all your queries about Windows 10 versions and builds expiry date, you may refer below two Microsoft articles...

Windows lifecycle fact sheet

https://support.microsoft.com/en-in/help/13853/windows-lifecycle-fact-sheet

Windows 10 release information

https://technet.microsoft.com/en-us/windows/release-info.aspx

Cheers, Please write me back if you have any query or feedback.

Emails received today are being grouped as tomorrow's in outlook 2016

Or, Today’s emails are appearing in outlook inbox under tomorrow group…

Or, Why my emails are appearing in tomorrow date section in outlook

Or, Outlook today bug - it shows tomorrow as today (outlook 2016 with Office365 email server)

Descriptions: Guys, I had reported this issue to Microsoft O365 support as well as on Microsoft Answer community. They helped me with some good tools to check this issue but no luck at all. It was frustrating when my emails received today were appearing as tomorrows emails.

Reference error screenshot:

Environment Details:

Operating System:   Windows 10 Anniversary Update X64

Email Client:             Outlook 2016 Standard X64

What was the culprit?

Yes Guys, It was “Region and Language” Settings on Windows 10 and the Office365 online portal was different.

Solution:

Match the Time Zone Settings and Region & Language Settings on Windows Machine as well as on online Office365 portal.

In my case, the correct settings are as below.

On Windows Machine’s Side

On Office365 online account’s side:

Verify if the location of your computer is set to your correct location

You can also check out my thread on Microsoft community...

https://answers.microsoft.com/en-us/msoffice/forum/msoffice_outlook-mso_win10/emails-received-today-are-being-grouped-as/7e46c636-8469-43da-ab70-ff754eb0d503?tm=1489549378144

Updated: 13/04/2017
Guys, there are few cases where the above workaround is not solving the issue. In that case, you may try the below options:
1. Re-create your windows profiles (this should fix the issues, if not you can try the second option)
2. Re-install the Operating System

Updated: 02/06/2017
You can try to Downgrade or upgrade the MS office software, this may also help in resolving the reported issue.

Instead of performing an in-place upgrade, it's better to uninstall the current version of MS office and then install the newer or older version.

Updated: 12/09/2017
Another cool workaround we have found. You may try to Disable "Microsoft Exchange Add-in" from outlook and the issue should be fixed.

Updated: 23/02/2018
We have noticed the problem with some 'custom developed outlook Add-in' also. If any of the above solutions are not working for you, you must try to find out if you have any local custom developed outlook add-in installed. If yes, try to remove it and see if that works for you.

If removing the custom developed outlook is working fine, then you must consult with your local developers to get that outlook add-in code corrected.

Example: if you have below line written in your outlook code, try to comment it and see the result...

Function pPatternTime_AM_PM_array(txtRng, wList1Dic, wlError) 

Cheers, please write me back if you have any query or feedback.

How to delete windows users profile from registry?

Or, Deleting users profile from registry settings.

Or, Users Profiles registry path/location.

Or, Deleting temp profiles from registry.

Descriptions: This very common issue with windows user’s profiles that, sometime even if you delete them from C:\ drive, they still exist in registry entries. This also leads to temp profile creation of the affected users at every logon.  In many cases, temp profile becomes show stopper... It may not let you browse things properly, may encounter error while or after document savings etc...

In this kind of situation, most of the tech guys, delete user’s profiles from windows. Deleting temp profiles are required to be done at least at two level to make sure it is completely removed.

1. C:\ Drive’s Users Profiles folder and

2. Registry

Paths References:

C:\ Drive: “C:\Users”

Registry:  “HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList”

Steps: Deleting Users profiles from Windows C:\ Drive

Go to path “C:\Users” > Delete the User Profiles you want (in my case Techies_Sphere).

Steps: Deleting User Profile from Registry

Go to Run > Type Regedit > Press Enter > Navigate to registry path: “HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList”  > Check the keys entries one by one and looks for your user name > I found the techies_Sphere as shown in below screenshot > Delete complete Key folder(s-1-s-21-xxxxxx-xxxx-xxxxx) associated with your problematic user.

That’s it. You are done.

Cheers, if you have any query or feedback on this, please write me back...

Windows Time Service error 1290 – Windows Server 2008

Or, The Windows Time service failed to start due to the following error: Event ID 7000

Or, System error 1290 has occurred (Windows Time Service – Windows Server 2008)

Error Event in detail:

Log Name:             System

Source:                  Service Control Manager

Date:                     8/27/2016 9:33:13 AM

Event ID:               7000

Task Category:       None

Level:                     Error

Keywords:              Classic

User:                      N/A

Description:

The Windows Time service failed to start due to the following error:

The service start failed since one or more services in the same process have an incompatible service SID type setting. A service with restricted service SID type can only coexist in the same process with other services with a restricted SID type. If the service SID type for this service was just configured, the hosting process must be restarted in order to start this service.

Error Message when you try to start the Windows Time Service using services.msc.

System error 1290 has occurred.

The service start failed since one or more services in the same process have an incompatible service SID type setting. A service with restricted service SID type can only coexist in the same process with other services with a restricted SID type. If the service SID type for this service was just configured, the hosting process must be restarted in order to start this service.

Solution (Worked for me):

Just run the below commands on elevated command prompt and that’s it.

w32tm /register

sc config w32time type= own

Please start the Windows Time Service Manually after the command gets completed successfully.

How to export active directory users list without any additional tool, powershell or script?

Or, The easiest and the coolest way of exporting All AD users list to csv file.

Or, Getting list of all AD users using active directory GUI interface and exporting them to csv/txt file.

Or, How to export AD users list to a txt or csv file?

Descriptions:

I don’t know why Microsoft does not highlight these kind of features well to the techies across the world. Trust me, it has been too late if you really don’t know “you can export AD users, Computers, Groups, Disabled AD Users etc.. without any additional tool”. Yes, I am right, without any additional tool you can have such reports exported to a CSV or TXT file using Active Directory Query feature.

I am not surprised, if you are thinking where the hell this “Active Directory Query” features is and how to use this? Same thing runs in to my mind when I come to know about this feature for the first time. :)

Guys, have you noticed “Saved Query”, a small folder under “Active Directory Users and Computers”  tree when you open “Active Directory Users and Computers” management console either by opening it directly from Server Manager or by using “dsa.msc” from your local computer?

No??? Okay, No problem at all. Let me explain little bit about this.

What is this “saved query” folder for under “Active Directory Users and Computers” management console?

This folder is the one which contains the saved queries when you use any active directory based query to get Active Directory objects reports using GUI feature of Active Directory Query tool. From here, you can generate many kind of reports, let me say it most of the available reports in AD.

How to use this?

There is no scripting, programming or Powershell expertise required for performing this task. If you have basic idea about AD objects, you can perform these steps easily.

Warning:  If you are not sure about any feature or query you are selecting/executing, better you consult your seniors before going ahead. Proceed with further steps only if you understand the steps to avoid any accidents else ignore this.

Steps:

Open Active Directory Users and Computers Console > Right Click on “Saved Query” Folder

Click on New > Query

Give any friendly name > Make sure your domain in selected under Query root section > Make sure “Include subcontainers” is checked > Click on “Define Query”.

From the Find drop down menu, Select “Custom Search”

Click on “Field”

Choose the field you wish (in my case, Let’s take “User” field) > Choose “Display Name” in the sub-fields window

Make sure the first blank box is containing the field you selected (in our case, its Display Name) > in the value field, please put a single star (*) > Click on OK

You should be able to see the Query String section like as highlighted in below screenshot > Click OK

Wow...!!! here you have the list of all AD users of your domain.

To export them to a txt or csv file, right click on your query that you created (in my case its AllUsersMyDomain) > Click on Export List

Browse the computer location where you wish to save this file > Select the desired file format > Click on Save.

That’s it Guys… want to explore more on this query tool? Just follow the same steps and select any other custom field.

Cheers, please write me back if you have any query or feedback about this article.