There are times that moving personal computers to corporate environments, without applying a BYOD policy, drive us to replace the preinstalled OS of our computer. For instance there is the need to upgrade our OS from Home to Professional edition in order the computer to join a domain.
For Windows Up to the 8 edition, that was done, by formatting the computer and reinstalling by using the purchased Retail or other license of the desired Windows OS version. The upgrade was a rather hectic process and the older the OS, the more problems you had.
Things are different now with Windows 8.1 and 10!
You purchase a new laptop with a Windows 10 Home OEM license from your local distributor and you get down to upgrade to Professional. Bad luck! You can’t! Even if you totally wipe your HDD and put your legitimate Windows 10 Pro media and install, after the installation you pc will still boot on Windows 10 Home!
Let’s ask the experts….we called Microsoft, as partners and asked! Here’s the story.
Microsoft’s new policy for OEM computers that come with preinstalled Windows 8.1 and Windows 10 is to hardcode the OS Version and License Key within the computer’s chipset! This policy is applied by all computer manufacturing companies, therefore there is no way even by formatting the hard drive to install a different OS or even an alternate Version of the same OS. Microsoft’s “safety” mechanism will come forth and will install the same OS Version as the OEM (e.g Home) even if you try to install another Version of the same OS (e.g. Pro) via DVD or USB. If you try to install a complete different OS (e.g Windows 10) than the OEM (e.g Windows 8.1) then hardcoded OS License Key conflicts with the OS License Key that you installed and renders your OS as not Genuine. The same applies even if you just swap the OEM HDD with a preinstalled HDD that has a different OS version than the OEM.
Fortunately there is a workaround regarding this matter. The following steps show the way.
Let’s assume for this example that you purchased a laptop that came with preinstalled Windows 10 Home and you want to upgrade it to Windows 10 Pro.
By using your newly purchased laptop or a different computer you need to download the MediaCreationTool.exe from HERE .
This tool will guide you to download a Windows 10.iso file that is suitable for your computer.
After you download the ISO file, open it with an ISO editing application (Ultra ISO or a similar).
Then you need to create two files that will allow the new OS to be installed.
For the first file create a .txt file and copy in it the following:
Save it as EI.cfg .
P.S. In channel type RETAIL if the OS License Key is a retail acquired license.
For the second file create a .txt and copy in it the following:
Save it twice, one as PID.txt and one as PID.cfg
Copy the three files (EI.cfg, PID.txt and PID.cfg) to the Sources folder of the iso file that you downloaded.
Recompile or save the .iso file and either burn it into a bootable DVD or create a bootable USB stick.
Restart the computer and boot either from your media.
Complete formatting the HDD and enjoy your new upgraded OS.
Cheers, till next time!
A custom (non paid) certificate is about to expiry and you are afraid that your web clients won’t be able to login, or have problems logging in due to that certificate expiration?
A great example of this would be OWA (outlook web access) certificates renewal.
1.Go to your IIS web server.
2.Right Click on the website having the expiring certificate and click properties
3.Click on Directory Security tab and then on Server Certificate and click next
4.Click on Renew the current Certificate and then Prepare the request now, but send it later.
5.The wizard will save the Certificate request on a file on your drive (c:\certreq.txt)
6.After the wizard finishes you should fire up your certificate authority web site. IE is recommended for this job!
This should look like this.
7.Click on Request a Certificate link and then on “advanced certificate request”
8.Click on the second link saying:
Submit a certificate request by using a base-64-encoded CMC or PKCS #10 file, or submit a renewal request by using a base-64-encoded PKCS #7 file.
Browse for a file to insert (take the file you created on your certificate request back on step 5). If your IE has its security settings enabled then you may just copy and paste the contents of the txt file created on step 5.
REMEMBER!!! Certificate template should be “Web Server”
Click on submit on your bottom right.
9.Download the certificate created and in case you need it in the future its chain as well.
10.Go back to your IIS that waits for the renewal. Do again steps 2 and 3 in order to go back to Security>Certificates configuration.
11.This time the server waits for the certificate you created and downloaded on step 9.
12.Proceed with submiting the certificate.
13.Export the certificate in pfx format directly from your IIS using the appropriate button on your Certificate Wizard. You will need this in order to publish this certificate again on your firewall/ISA/TMG
Now there is a case that in front of your web server you have an ISA or other Firewall to initially do the “talking” with your external clients. Therefore you need to install this certificate (step 13) to the “talker”
In case of an ISA/TMG:
14.Launch mmc>Add Certificates>LOCAL COMPUTER
15.Remove all old expiring certs from your Personal Directory
16.Import new pfx file (step 13)
17.Check your rule in OWA Publish in SSL/https Web listener –change Certificate.
Have a nice day 🙂
I came up on this issue lately.
On my beloved windows phone I have a set up of 5 email accounts. 2 exchange, 2 pops and 1 imap. My second exchange account stopped notifying me on my lock screen for new emails after I removed the account and put it again.
I won’t describe how I came up to this solution, since its not the cause of this article but I will try to describe the outcome.
Apparently windows phone shows notifications for ONLY THE FIRST THREE (3) ACCOUNTS you have installed. This means that for accounts 4, 5 etc you will never get notified while phone is in lock screen state.
Therefore an easy solution is to remove accounts 3, 4 and 5 and put as third the account that has the disappeared notification issue.
In my case my second Exchange account has 5th. I removed all 3 and 4 and immediately my exchange account became 3. Tested mail sending and notifications appeared on lock screen. Afterwards I re-established the deleted imap and pop accounts.
Ok, nice…what about if I wanna get notifications on the rest of the accounts. The answer to this lies on the linked inbox feature of windows phone. Link the accounts 3,4,5 and you will have your desired notifications. It’s not the best solution, but it’s something comparing to nothing!
No more rabbits in my hat for now:)
Today a new customer of mine complainted about his inability to connect to his HQs through CISCO VPN connection, when he goes over his home wifi connection, or some public/other home places wifi hot spots.
Well my answer was rather fast…
The customers lan ip addresses are dhcp pooled by a CISCO 800 family router that spreads a network of 192.168.1.0 255.255.255.0
How common….come on!!!!
Most of home/soho routers use this particular range. The problem and its cause is almost obvious…
Let’s have an easy example:
External client connected through home wifi has local ip address 192.168.1.100 and 192.168.1.254 as a gateway.
The user fires up a vpn connection (cisco/microsoft/etc) in order to connect to a server inside his corporate network that has an ip of 192.168.1.200
The client will try to find the recipient (stated in the packet header) in his local lan and not on the other side. That’s easy to understand if you simply hit a route print command on your cmd.
IPv4 Route Table
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.100 20
192.168.1.0 255.255.255.0 On-link 192.168.1.100 276
192.168.1.100 255.255.255.255 On-link 192.168.1.100 276
192.168.1.100 255.255.255.255 On-link 192.168.1.100 276
The first line says that for any destination ask your gateway
The second says that for any ip address in your family ip range ASK YOURSELF-NOT THE GATEWAY, eg. find the recipient server in your lan. Of course the second rule supersedes the first….
As you may understand any try to connect to the remote server will fail, even if the vpn is connected, since the packet will never leave the gateway and will never reach the other end.
The customer, has a complete AD inside his corporate lan and lot of remote sites going around. Personally I think it was quite stupid to use a commercial/home ip range for this type of network…. Now since I cannot change any of the ip ranges inside the corporate lan I have only 2 options
- Visit his house and change the ip range pooled by his home router. Pretent that problem is fixed and wait till he visits another network with the problematic range (a hotel or another hot spot). Sorry not my type….
- The second option is to chase my NPS (Network Philosophers Stone), using nats, other router pools and God help us what else….
Be very cautious on your network designs…Someone in the future may curse you!!!!
The idea that users are bored to write the full address of the website they want to visit, on their browsers address led to another IT “headache”. Actually this is not too difficult to implement.
First step is to go on your DNS server, choose the zone you like (domain.com) and add a host (A) record, where you simplly LEAVE BLANK the “name (uses parent domain name if blank)”. Do not forget to add the ip address of your web server, cause inability to resolve will take place. This way you produce an A record of the simply “domain.com” with no text no front.
After doing this you should not forget to go on your webserver and edit your bindings. If you don’t have bindings enabled then you should add the “domain.com” plain with no www in front. V-hosts editing would simply do the same job on non MS web servers.
Same actions should be taken if you use publishing and routing on your firewall.
Till next time….bb
Most of you, using Windows Phone 7 or Windows Phone 8 with at least 2 accounts on your device may face the following issue…
All new calendar entries default to Windows Live. Wait a minute…I have an exchange account…and I want to see that calendar in my company’s Outlook!!! Windows live? I assume this is done by purpose since Microsoft wants to boost its new company coordination regarding services over the cloud.
Anyway there are 2 ways to overcome this:
The first workaround is to hit settings inside your Calendar and disable other calendars except the one you want to keep (simply slide the bar to the left…yea-yea this iPhone alike button 😛 ) . This will result that only your enabled calendar will be displayed, therefore whatever you add, it will only update your enabled calendar. After saving at least one calendar, AND SYNC, you may hit settings again and re-enable other calendars in case you want me. (For example I want my FB calendar to be displayed for events I participate). It seems that Windows Phone calendar default to the one LAST used!!!! I say it seems, since I think I have noticed otherwise as well….
The second way that appears to be handier is by pushing the (+) add button. Apparently I don’t use it since I tend to press on the calendar screen repeatedly in order to add a new appointment. Well eventually if you click (+) then the menu has an option for updating a specific calendar. Following up the previous solution, once you save on one calendar then Windows phone calendar defaults to the one last updated.
The truth is always out there Mr….trial and error will make you find it. Be creative…
This may appear when linking SQL tables in MS Access through ODBC.
Although Microsoft recommends connecting to tables through code, ODBC has always been a fast way to do it.
First of all don’t be upset, no truncation is actually taking place on your data backend, Access is just unable to display the numeric value’s, due to a change you did on the SQL table. Don’t be that sure that you did no change…since this may come from a query/view involving more than one tables. It needs at least one problematic field and the message appears.
I got a good workaround of this, without removing tables and relinking in Access which actually did not work for me. The idea is too find the problematic numeric field. My case was a change of a decimal (18,2) field simply to decimal (18,5). I found the view that was the control source of the form (linked in Access), copied aside the views code and removed the decimal fields that had the problem. Went back on Access and refreshed this problematic view only. Went back again on the Sql view and pasted the code as it was originally copied, NO CHANGE!!! Go back in Access and refresh this particular link and your problem is gone.
Let me go home now, or I will be a divorced poor IT guy…
- Always use a UPS when using such devices, power supply failures may lead to loss of data and unpleasant situations in general.
- Do not put another HDD, even another WD HDD, as long as you have the WD official firmware!!!!
- The device is NOT A HOT PLUG device!!!! Always shutdown prior to removing/putting HDDs.
- Remove the faulty HDD, package according to WD support in RMA procedures, ship to Germany and wait for the replacement.- DO NOT PUT ANOTHER DRIVE TYPE.
- After you receive the replacement Hard drive, shutdown the device and put the drive you received. Power up and check whether the RAID is rebuilding.
- The WD rebuilding process will take around 16-18 hours, so be patient. Have a coffee or a nap, try a long one. Don’t be frustrated if the result of the process is failure. There are ways to get the data back.
- A desktop- no gigabyte motherboard! Windows Installed
- A good PSU, at least 500Watt cause too many HDDs and devices will need to work hard, a ups would be a good thing to have
- A sata controller with 3+ SATA slots
- An external USB HDD with capacity enough to store the data you are about to restore.
- Free Software: ReclaiMe Free RAID Recovery. You need this in order to determine the exact RAID configuration of your device. I suggest not overcoming this part, by using my RAID info below, since this may be different in other firmwares.
- Cheap and Life Saving Software: Zero Assumption Recovery version 9
- Do not use a pc with Gigabyte motherboard. The one I used appeared to have an issue with 1 TB drives and damaged the disks’ size info. I had to go on using other tools in order to restore the correct disk size (I used HDD capacity Restore).
- I put the HDDs, no specific order on a pci (pci-xpress) sata controller. In my case that was a new RAID0/1 sata controller, but a simple would do the job. I should note that I put only 3 out of 4 HDDs, since the new I received from WD was brand new and putting him on would just delay the process.
- DO NOT CONFIGURE your sata controller for RAID!!!! This way you will just see the Hard drives in your device manager. DO NOT INITIATE THE HDDS, since this will damage the data on them.
- I downloaded ReclaiMe Free RAID Recovery. I used this application in order to determine the RAID characteristics. After the process I had all the necessary info for continuing with the recovery process. Copy-paste and save the outcome in a notepad file. It includes instructions, for your next steps. Mine looked like below (USE YOUR OUTCOME-NOT MINE!!! Cause the Array members Table/Start size may differ).
- You will never-ever see the web management interface of the device if the device boots up without HDDs.
- If the http://IP fails, try if https://IP works.
- The device always responds in ping on the 192.168.1.2, but it is not manageable if no HDDs are present. No telnet as well.
- In order to have a successful reset to defaults you have to put ZERO filled HDDs on it. Therefore after the restore process I endorse you to zero fill the drives and then put back to WD sharespace.
- Either there is no space left on –at least one of your VMs. Please note that free space for correct vss working should be at least 1GB for vhds of 100GB of space.
- Or at least one vss writer fails on one of your vms. Go back to step 1 and execute vssadmin list writers on every VM you have. At least one fails. On the one that fails (personally seen it on w2k3 Exchange VM were the Exchange Writer was on error) make a batch file containing the following (I have put some pauses in order to see who the procedure works out). Save the batch as whatever you like .bat and WATCH IT!!! Before Re-registering the vss and required dlls you have to switch your path to windows\system32!!! If you don’t, then the vss will not run actually and when you run vssadmin list writers nothing will come up. So pay attention!!!
Follow info on http://support.microsoft.com/kb/940349
Download and install update.
Open Cmd and run vssadmin list writers
No error should appear.
Check if backup works (It is likely it won’t, instead of running the whole W2k8 Hypervisor backup, try backing up the current VM by it’s own NTbackup, try system state or any folder)
If it does not work proceed to step3:
Locate and export the following key:
Export the key/folder somewhere in order to get it back if smt goes wrong
Now delete that key/folder (No worries Windows will recreate it)
Restart each of the following services in that exact order:
– COM+ Event System
– COM+ System Application
– Microsoft Software Shadow Copy Provider
– Volume Shadow Copy
If one of the services is on stop mode, change the startup type to automatic and start the service
Open Cmd and run vssadmin list writers
If errors still show up…go the last …step6
Watch it you have to switch your path to windows\system32 – otherwise you will see no writes in vssadmin.
Make a batch copy-pasting the following:
net stop swprv
regsvr32 /i swprv.dll
regsvr32 /i eventcls.dll
regsvr32 /i swprv.dll
Net Start vss
Net Start swprv
vssadmin list writers
Go back to your HyperV and try to back up.