Navigate / search

Welcome / Willkommen

[EN] Welcome to my blog mainly focusing on Microsoft Windows client infrastructures. I've created this blog to share some of my knowledge with the community. I've personally benifit from so many great bloggers on the web that I just feel it's time to give something back.

[GER] Dieser Blog ist überwiegend auf Microsoft Windows Client Infrastrukturen spezialisiert, wie Sie in großen Unternehmen zum Einsatz kommen. Da ich selber größtenteils von Bloggern aus aller Welt profitiert habe, möchte ich mit diesem Blog meine Erfahrungen und Wissen an die Community zurückgeben. Die Themen sind in den meisten fällen auf Enterprise-Strukturen angepasst. Die Community ist überwiegend englischsprachig unterwegs, weshalb hier auch alle Themen auf Englisch behandelt werden.

AD GPO Backup Release V1.1 – Backup Group Policy Objects (GPO) linked to Oranizational Units (OU)

This is the newest Version of my AD GPO Backup tool. The download is now also available on GitHub.

When editing Group Policy Objects you should always be aware of taking backups before changing anything. But from time to time you need to backup multiple GPO. Sometimes you need to backup all GPOs that are linked to a Organizational Unit and all units below. There is no GUI tool from Microsoft supporting this case, therefore I’ve built a small PowerShell script that will support you.

 

Version 1.1

Thanks to the automatic zip compression your backups are now heavily reduced in size by default. Now it is also possible to turn off the recursive OU scan if you don’t need backups of linked GPO below the selected structure.

Github repository: https://github.com/beneckecloud/AD_GPO_Backup

New Features

  • Recursive Backup (include/exclude sub OU)
  • Zip Backup
  • Download available on Github

Modifications

  • New/simple file structure
  • Updated documentation part
  • New functionTest-OU”
  • New functionCompress-Path
  • Updated function “Backup-GPOCB” (Zip/Recursive support)
  • Updated function “Choose-ADOrganizationalUnit” (Zip/Recursive GUI support)

 

Download

Version 1.1

image Recursive Backup (include/exclude sub OU)

image Zip Backup

image Download available on Github

All Releases

Github repository: https://github.com/beneckecloud/AD_GPO_Backup

Version 1.1

image Recursive Backup (include/exclude sub OU)

image Zip Backup

image Download available on Github

Version 1.0

image Initial Release from March 10, 2019


Read more

Windows 10 1903 / 1909 – SCCM Language Pack Integration

As I’ve already described in one of my previous post, language pack integration could be a hell of a ride. Since Windows 10 Version 1809 Microsoft changed the way how language packs are installed. Microsoft now provides “LanguageExperiencePacks” that contain partially-localized language packs. These “LanguageExperiencePacks” that are provided as appx-packages still require base language packs.

Requirements

  • VLSC W10 1909 Image: Download the Windows 10 installation media from the “Volume Licensing Service Center“. Do not download the sources from other official Microsoft sites like https://my.visualstudio.com/ . The language pack integration with dism will fail if not using a VLSC image! Example Image: SW_DVD9_Win_Pro_10_1909.3_64BIT_English_Pro_Ent_EDU_N_MLF_X22-27457.ISO
  • VLSC W10 1903 Multi Language Pack: Even when installing W10 1909 the language pack for 1903 is required! Example: SW_DVD9_NTRL_Win_10_1903_32_64_ARM64_MultiLang_LangPackAll_LIP_X22-01656.ISO
  • VLSC W10 1903 Features on Demand: Even when installing W10 1909 the features on demand pack for 1903 is required! Example: SW_DVD9_NTRL_Win_10_1903_64Bit_MultiLang_FOD_1_X22-01658.ISO

 

Installation Order

  1. Install language packs (e.g Microsoft-Windows-Client-Language-Pack_x64_de-de.cab)
  2. Restart
  3. Install “LanguageExperiencePack” (e.g. LanguageExperiencePack.de-DE.Neutral.appx)
  4. Activate language pack for all users (e.g.  C:\Windows\System32\control.exe intl.cpl /f:”configuartion.xml”)
  5. Restart

 

Create SCCM Package

Start creating an individual SCCM package “MS_W10 1909 LanguagePack de-DE_x64_MU_01” containing all necessary content for language activation:

Read more

PowerShell Tool – Backup Group Policy Objects (GPO) linked to Oranizational Units (OU)

PowerShell GPO Backup Tool

When editing Group Policy Objects you should always be aware of taking backups before changing anything. But from time to time you need to backup not just one GPO. This could be easyly managed by MS standard tools. Sometimes you need to backup all GPOs that are linked to a Organizational Unit. There is no GUI tool from Microsoft supporting this case, therefore I’ve built a small PowerShell script that will support you.

The script is easy to handle. Just start it and select the OU your policies are linked to. The script will start backup of your linked GPOs (recursively).

I’ve used the “Active Directory OU picker” from “MicaH’s IT blog” for easy OU selection.


Download

This is the first release. Be carefull when using it in productive environments.

Always test before using in production!



[Update 02.06.2021] Download is now also available on Github.

Repository: https://github.com/beneckecloud/AD_GPO_Backup/

Download

Version 1.0

image Initial Release from March 10, 2019

All Releases

Github repository: https://github.com/beneckecloud/AD_GPO_Backup

Version 1.1

image Recursive Backup (include/exclude sub OU)

image Zip Backup

image Download available on Github

Version 1.0

image Initial Release from March 10, 2019


Read more

Windows 10 – Modify Settings Page

Windows 10 1803 Settings Page

The “Windows Settings” will replace the “Control Panel” in future Windows releases. Until version 1703 there were no possibilities to modify the standard view of the “Windows Settings”. Since Windows 10 1703 it is possible to modify the Windows settings menu similar to control panel settings.

Group Policy Setting: Settings Page Visibility

Read more

Windows Server 2016 – Office 2010 KMS Activation

Introduction

I was asked to install a KMS Server for Office 2010/2016, Windows Client (7/10) and Windows Server (2008/2012/2016). The intention was to replace all KMS servers that were build up in the last 10 years by a KMS server hosted on Windows Server 2016. I’ve started to install the KMS Keys for clients and servers as I’ve already explained for Server 2012 R2 in “Windows 10 / Office 2016 – KMS Activation“. For Office 2016 I’ve just had to install “Microsoft Office 2016 Volume License Pack” and the activation was working fine. In the last step I’ve tried to install “Microsoft Office 2010 KMS Host License Pack” that is necessary for Office 2010 KMS activation but I haven’t recognized that this package isn’t available for Server 2016.

“Windows Small Business Server 2003 and Windows Server 2016 are not supported.”

Nevertheless I’ve downloaded the Package and tried to install it on Windows Server 2016. As exspected I’ve received a error message.

Solution

I’ve noticed that the installation data is stored in “C:\Program Files (x86)\MSECache\OfficeKMS”. The installation is started by a vbs script that could be easily edited. After editing the script the installation worked fine. Here is how to do it:

Read more

Windows PE – SCCM/MDT Boot Image Modification (Double Commander Installation)

As we all know Windows PE is a very lightweight operating system containing only the neccesarry components for operating system installation. Operating Systems are usually installed by 1st Level Support that is not familar with the SCCM environment and sometimes they are really restricted in their administrative rights. Therefore it can be usefull to extend the Windows Boot Image.

In this example I’ll show you how to integrate Double Commander, a File Explorer alternative, in your Boot Image. Feel free to add other software products or custom scripts to your environment.

Preparation

Read more

Windows 10 – SCCM Language Pack Integration

I’ve tried so many different ways to deploy Windows 10 clients in different languages and there was only one way working for me, I like to share with you. Our aim was to deploy Windows 10 clients in 28 different languages, so our itention was to deploy these clients in English and to deploy the language packs afterwards. We didn’t want a client with 27 language packs installed that must be maintained with every Windows 10 Feature Update. But we got a lot of Problems with the Windows 10 UI that sometimes didn’t changed the language as exspected or the time and date formats were set comletelly wrong. The only way I figured out was to deploy language packs by the following order.

  1. Install the language pack during the OS installation using the dism command dism.exe /norestart /online /add-package /packagepath:.\lp.cab
  2. Restart the computer
  3. Run a script executing the following command C:\Windows\System32\control.exe intl.cpl /f:”configuartion.xml”
  4. Restart the computer

Step 3 is neccessary to set the installed language pack as activated and to install the corresponding “Input Preferences”.

Create Package – “MS W10 1703 LanguagePack de-DE”

Lets start with building a deployment package including the german languagepack *.cab file, a PowerShell script for setup and *.xml file that is needed for configuration.

SCCM 1707 – Create Package
SCCM 1707 – Create Package
SCCM 1707 – Create Package
Read more

PowerShell – How to build a GUI with Visual Studio

Sometimes PowerShell scripts are a way to comlicated to present your hardly gathered data to end users that are not familiar with the command line. Therefore I recommend to present data by Windows WPF forms that could be achived without being a coding expert.

With the help of Visual Studio everyone is able to build WPF forms even without coding expertise. In this tutorial I will show you how to generate a User Information script displaying Hostname, Username and Domainname. This is a basic tutorial showing how to build a graphical user interface within minutes. The script can be extended easily, for example you can display “Model Type” of your Hardware, “Network Drives” connected, “Outlook Profile” size, installed software and a lot more!

Visual Studio can be downloaded for free at Microsoft – https://www.visualstudio.com/downloads/

 

home Start a Project

Start Visual Studio (Express / Community / Professional) and open a “New Project …

Visual Studio – New Project

Select “WPF Appplication” and confirm with “OK“.

Visual Studio – WPF Application

Read more

Java Runtime Environment (JRE) – How to Import Certificates

A lot of company applications are actually using the Java Runtime Environment (JRE) and a lot of them are integrated in the Internet Explorer using local adresses. When you open these kind of applications you will receive an error message that the application can not be trusted eventhough you provided your own root certificates by group policies. One big problem of the JRE is that it completelly ignores the Windows certificate stores. Instead of using the windows certificate store it uses its own implementation.

Java certificates are stored in a file called cacerts located at C:\Program Files (x86)\Java\jre1.x.x_xxx\lib\security\ You can open javacpl.exe to get a graphical overview about the content:

Java Control Panel – javacpl.exe
Java Control Panel – Manage Certificates

Read more

Windows 10 – Remove Windows Store Applications (appx)

Even if you start installing a Windows 10 Enterprise (SAC) operating system there is still a bunch of applications installed you really don’t need in an enterprise environment. There are two ways of getting rid of these. First thing you can do is to disable the “Microsoft Consumer Experiences” (Application Set) that are automatically installed during the system deployment. That is the easiest way to get rid of apps like “Candy Crush” or “Xing”.

To get rid of the rest of applications like “Weather” & “Xbox” there is only one way to do that. You need to build a PowerShell script that is executed during your OS deployment. Eventhough the removing commands for appx packages are supported by Microsoft some applications are still not removed from the user interface completelly. I recommend to run the script during the OS deployment to avoid these kind of problems. If you start removing appx packages after the first user login sometimes the app will be removed completelly but the icon will stay in the start menu as long as you delete the user profile.

1. Hide Applications by Group Policy Settings

  1. Open/Create a new group policy object in the “Group Policy Management Editor”
  2. Navigate to Computer Configuration > Administrative Templates > Windows Components > Cloud Content
  3. Click on “Turn off Microsoft consumer experience
  4. Switch the status of the policy to enabled.

Computer Configuration > Administrative Templates > Windows Components > Cloud Content

Read more

Windows 10 / Office 2016 – KMS Activation

 

Required Windows Server Updates

The following update is required for Windows 10 activation:

The following update is required for Office 2016 activation:

Windows 10 / Server 2016 requires at least a KMS server based on Windows Server 2012. Activation via Windows Server 2008 R2 is not possible!


Activation by Command Line

Step 1

Type the following command to integrate your volume license key to the KMS server.

C:\Windows\System32>cscript slmgr.vbs /ipk XXXX-XXXX-XXXX-XXXX-XXXXX
Microsoft (R) Windows Script Host Version 5.8
Copyright (C) Microsoft Corporation. All rights reserved.
Installed product key XXXX-XXXX-XXXX-XXXX-XXXXX successfully.

If the key isn’t accepted by the server you will receive the error 0xC004F015.

For Windows 10 LTSB 1607 the Licence key “Windows Server 2016 Datacenter” is valid.
Read more

PowerShell – General Logging Script

Working in enterprise environments always requires a confidential log for scripting actions implemented in productive stages and even for testing it could be a great advantage. PowerShell offers a great possibility to log every action executed by a script. The CMDlets Start-Transcript  & Stop-Transcript will help you to achieve a successful logging script.

This will be just an example how you can easyly create a logging script. There are thousands of different ways to solve this. The Microsoft documentation can be found in the following link https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.host/start-transcript?view=powershell-5.1

The following script will write a general log file to C:\temp\logging.log containing all relevant basis information about the script execution.

Start-Transcript -path "C:\temp\logging.log" -Force

<# 
your CODE here
#>

Stop-Transcript

Result Read more