Archive for category Uncategorized

WinPE Nic Drivers for DELL Optiplex 7050

While running the latest version of SCCM 2012 and latest up-to-date Boot Image, network drivers for DELL OptiPlex 7050 need to be injected in order for WinPE environment to work.

Luckily, storage and network drivers for the OptiPlex 7050 model can be found on DELL’s support site.

The following screenshot will show you the file you need to download.

3-22-2017 10-34-49 AM

Once you’ve downloaded it the CAB file, then go ahead and update your Boot Image file(s).

Leave a comment

Vmware Port Mirror and MS Advanced Thread Analytics

The project was to install MS Advanced Thread Analytic Gateway in a virtual machine, in Vmware, to monitor a physical domain controller.

Hardware involved

  1. Domain controller (physical) – DCServer1
  2. DELL switch – switch1
  3. ESXi host – host1
  4. MS ATA Gateway – atagw1

Setup Port Mirroring at Physical Switch Level

DC server DCserver1 and ESXi host1 are physically connected to switch1. DCserver1 connects on port 40 and host1 connects on port 44 of the switch.

We’re going to configure port mirroring on switch1 as source being port 40 and destination port 44 and we’re going to use use both directions in our config. You can use the following link to configure port mirroring on DELL switches.

Configure Vmware for Port Mirroring

As mentioned before, host1 connects to switch1, and we’re going to use this connection (vmnic2) and create a new standard switch (that was my setup). So, at point, vmnic2 connects to port 44 on switch1.

Once your new standard switch is created (vSwitch2), then we’ll create a new port group (ATA-Capture). While creating port group ATA-Capture, make sure to enable Promiscuous Mode and set VLAN ID to All (4095) – this part crucial!

port-group

 

Configure Microsoft ATA Gateway VM

Your MS ATA Gateway will need to have two NICs. One NIC will be used for day to day work and the second NIC for capture. To make thing easier, rename the NIC to something like ‘Capture‘. Next, make sure that your Capture NIC belongs to the ATA-Capture port group.

At this point you should be able to install MS ATA Gateway software.

Leave a comment

Deploy iTunes 12 & QuickTime 7

The following are steps to deploy Apple iTunes  12.5.3.1 and Apple QuickTime 7.79.80.95 using System Center Configuration Manager.

Some of these steps were taken as tips from the following links:

  1. Link one
  2. Link two

I’m not going into details, but rather I’m going to point out some of my specific changes.

Get the MSI files for iTunes and QuickTime

Download the latest version of iTunes and QuickTime. In case you’re wondering why QuickTime, well, it’s a requirement for iTunes.

You’re going to get the MSI files for both applications by running the executable files (do not click the Next button in the installation wizard), once you run the executable files, then open file explorer and type %TEMP% in the location bar. Now look for a recently created folder and you’ll find the MSI files there, next, copy these files to your deployment folder. You’re going to perform these steps for iTunes and QuickTime.

Create QuickTime deployment

First, we’ll use Microsoft’s Orca tool to edit the QuickTime.msi file, we’re going to make the following changes:

  1. From View menu, select Summary Information. Within this window in languages field remove all but 1033, then press OK
  2. Click Property table and change the following fields:
    1. REGSRCH_DESKTOP_SHORTCUTS to 0
    2. REGSRCH_MEDIA_DEFAULTS to 0
    3. SCHEDULE_ASUW to 0
    4. Create a new row REENABLEAUTORUN and set this to 0 (disables auto-run)
  3. Click LaunchCondition table and drop the “NOT BNEWERPRODUCTISINSTALLED” row
  4. In the Checkbox table set all values to 0. If a manual install is done of the application then all the install options are uncheked by default
  5. Save the MSI

You’re now ready to create the application deployment task.

For my environment, I’m not using a script as the installation method (the links mentioned above use scripts), I use the MSI file; however, I’m using the following installation command:

msiexec /i “QuickTime.msi” ASUWISINSTALLED=0 SCHEDULE_ASUW=0 REGSRCH_INSTALL_ASU=0 /q

Create iTunes deployment

First, we’ll use Microsoft’s Orca tool to edit the QuickTime.msi file, we’re going to make the following changes:

  1. From View menu, select Summary Information. Within this window in languages field remove all but 1033, then press OK
  2. Click Property table and change the following fields:
    1. REGSRCH_DESKTOP_SHORTCUTS to 0
    2. SCHEDULE_ASUW to 0
    3. IAcceptLicense to Yes
  3. In the Checkbox table, we’re going to change the following:
    1. ChkOptInstASU to 0
    2. ChkOptInstShortcuts to 0
  4. In the Shortcut table, we’ll remove QuickTimePlayer_Desktop and QuickTimeUninstaller. This will remove those shortcuts
  5. From the LaunchCondition table drop NOT BNEWERPRODUCTISINSTALLED field
  6. Save the MSI

I tried using the MSI files to create the deployment, but it became too complex as iTunes requires all pre-requisite files to be on the system before iTunes gets to be installed.

Here’s the installation script I use:

@ECHO OFF
start /wait msiexec /i AppleApplicationSupport.msi /passive
start /wait msiexec /i AppleApplicationSupport64.msi /passive
start /wait msiexec /i AppleMobileDeviceSupport6464.msi /qn
start /wait msiexec /i Bonjour64.msi /qn
start /wait msiexec /i itunes6464.msi /passive

Here’s the removal scrlipt I use:

REM remove application support 32
start /wait msiexec /x {F2871C89-C8A5-42EE-8D45-0F02506385A6} /q

REM remove application support 64
start /wait msiexec /x {9BC93467-75D1-4AA4-BD58-D9C51D88DFAB} /q

REM remove mobile device support 6464
start /wait msiexec /x {55BB2110-FB43-49B3-93F4-945A0CFB0A6C} /q

REM remove bonjour 64
start /wait msiexec /x {56DDDFB8-7F79-4480-89D5-25E1F52AB28F} /q

REM remove itunes uninstall
start /wait msiexec /x {554C62C7-E6BB-40F1-892B-F0AE02D3C135} /q

 

Note that the product codes listed above are specific for the version of QuickTime and iTunes that came from the installation program downloaded from Apple.

Next, in Configuration Manager, make sure you the QuickTime deployment package as a dependency for the iTunes package.

As for a detection method, since we have an MSI, you can use that as your detection method.

2016-11-22_1029

Leave a comment

New Windows 7 Install Not Updating

There’s an issue with brand new installations of Windows 7. If you’re trying to patch/update a brand new Windows 7 installation, Windows Updates will sit there for days without patching anything.

It turns out that, a while back, Microsoft updated their patching servers and because of that, brand new Windows 7 installations will fail to patch until you install the following KBs:

KB3102810
KB3135445
KB3138612

Some of these KBs will not say that will not apply, but keep trying the others and one will fix the Windows Update issue with newly installed Windows 7.

A while back, I opened a Technet case on Microsoft’s forums and here’s the original link.

 

Leave a comment

Create Remote Desktop Farm Certificate For Single Sign-On

https://docs.google.com/document/pub?id=1Tl0DmgfRa7WXX8NFCzOu1TXKCgigES9LHOwq9JxERFs&embedded=true

Leave a comment

Private IPv6 Address Range Generator

Until one can actually get an IPv6 address range from your ISP, you may want to use “private” addresses for internal networks and testing; here’s a link that will generate one for you.

Leave a comment

The Argument against Disabling IPv6

The following was taken from this link.


It is unfortunate that some organizations disable IPv6 on their computers running Windows Vista or Windows Server 2008, where it is installed and enabled by default. Many disable IPv6-based on the assumption that they are not running any applications or services that use it. Others might disable it because of a misperception that having both IPv4 and IPv6 enabled effectively doubles their DNS and Web traffic. This is not true.


From Microsoft’s perspective, IPv6 is a mandatory part of the Windows operating system and it is enabled and included in standard Windows service and application testing during the operating system development process. Because Windows was designed specifically with IPv6 present, Microsoft does not perform any testing to determine the effects of disabling IPv6. If IPv6 is disabled on Windows Vista, Windows Server 2008, or later versions, some components will not function. Moreover, applications that you might not think are using IPv6—such as Remote Assistance, HomeGroup, DirectAccess, and Windows Mail—could be.


Therefore, Microsoft recommends that you leave IPv6 enabled, even if you do not have an IPv6-enabled network, either native or tunneled. By leaving IPv6 enabled, you do not disable IPv6-only applications and services (for example, HomeGroup in Windows 7 and DirectAccess in Windows 7 and Windows Server 2008 R2 are IPv6-only) and your hosts can take advantage of IPv6-enhanced connectivity.

1 Comment