Analysing BSOD Memory Dumps

Oh no! If you are able to catch it in action it might tell you the driver at fault, but how often do you get to see a reported BSOD in action?

We had re-imaged all devices to Win 10 Edu 2004, after testing everything worked in a couple of rooms. All good, then the first day with teachers back and we get multiple calls about computers crashing with BSOD while the interactive whiteboards are being used.

Whilst the user reported multiple crashes, when I went in person I wasn’t able to cause it to crash so couldn’t just look at the “What failed” bit on the Win 10 BSOD screen.

A quick look at the system event log on one of the computers in question shows nothing useful – just “the computer has rebooted from a bugcheck”. You can get the error code here too but no pointer as to what actually caused this.

In my case, the error was 0xA which we can look up here to see it’s the dreaded IRQL_NOT_LESS_OR_EQUAL which is something to do with drivers and memory. Continue reading “Analysing BSOD Memory Dumps”

Deploying Apps from the Windows Store

There’s a lot of apps in the Windows Store, and one of the best bits about them is we don’t have to worry about managing their updates. Luckily we can deploy these through MEMCM and it is fairly easy to do.

You will need a subscription which creates an Azure tenancy (e.g. Office 365) to link MEMCM with the Microsoft Store for Business (or Microsoft Store for Education) – the Business and Education versions are pretty much the same just with different phrasing in places. Continue reading “Deploying Apps from the Windows Store”

Enabling BitLocker with MEMCM

Enable BitLocker to protect your data in case of device theft.

MEMCM comes with a Bitlocker Management section (under Endpoint Protection), however as far as I can tell this just allows you to set the Bitlocker policy but not force drives to be encrypted – at least I couldn’t get it to do anything on devices it claimed were compliant.

I’ve got an OS deployment task sequence which installs Windows, and has a few BitLocker steps – however I forgot to set a variable telling it to use the TPM chips without additional PIN/password/keys for Bitlocker – so my computers built without Bitlocker being enabled.

Not wanting to go through the build process again for all these devices, I decided to push it out to existing devices through MEMCM. Continue reading “Enabling BitLocker with MEMCM”

Locking down the Win+X menu

The WinX menu displayed for teachers and pupils

Whilst the Win+X menu is really useful for sys admins, there’s quite a lot of items on there that I’d rather not have pupils clicking on (even if they’d not get anywhere due to not having access rights). It’s possible to customise this menu and remove items you don’t want from it.

The shortcuts are stored (per user) in %LOCALAPPDATA%\Microsoft\Windows\WinX in three folders – Group1, Group2 and Group3. I don’t think it’s possible to add custom shortcuts however deleting them will remove the corresponding item from the WinX menu. Continue reading “Locking down the Win+X menu”

Windows 10 Edition Upgrade – scripted without re-install

winver showing Education edition

We took delivery of 5 Surface Go tablets a while ago, as we are trialling a Surface Go paired up with a Microsoft Wireless Display adapter on the projector, to replace the traditional PC + interactive whiteboard. They came with Win 10 Pro pre-installed and I didn’t fancy re-imaging them (given at the time I didn’t have any Surface Docks, so no way to plug into the network). This post covers creating and running Powershell scripts through MEMCM as well as the script required to bump up the Windows edition.

Continue reading “Windows 10 Edition Upgrade – scripted without re-install”

Windows 10 and Super fast logon times

Could be in for a long wait… let’s see if we can speed things up a bit.

I’ve been working at really cutting down the initial logon times – started last year, and again with me rolling out Windows 10 2004 I’ve had to struggle to remember what I actually did, one of the main reasons for my blog is helping out future Katy as she is very forgetful 🙂

This has always been something that has bugged me, as I remember in 2003 at university there was a Windows 2000/XP network with some sort of NetWare back end. The Windows 2000 PCs (libraries etc mostly) logged on in about 2 minutes, nice and speedy, but in the computing labs they ran XP and it was a 13 minute logon (literally 13 minutes as I timed it). Subsequent logons were also 13 minutes. Extremely frustrating, yet means I’ve always been dismissive of people complaining of a 90 second logon time.

Continue reading “Windows 10 and Super fast logon times”

Removing Windows User Profiles

Just a quick one for today. I’m going through a bunch of laptops which have loads of old directories in C:\Users, in the form of Username, Username.Domain, Username.Domain.000, 001 etc. Most of these don’t exist as profiles if you query CIM for win32_userprofile (and aren’t in the registry at the HKLM\Software\Microsoft\Windows NT\CurrentVersion\ProfileList.

So I’ve knocked up a script which goes through the “official” profile list, deletes everything that isn’t System/LocalService/NetworkService or the user running the script, and then goes through clearing anything that is left on disk (excluding the above plus the Public folder). Continue reading “Removing Windows User Profiles”

Schrödinger’s Network Location – Direct Access client is both inside and outside corporate network at the same time?!

I’m currently working from home and managed to get myself locked out of a PC (Long story involving Bitlocker). Only way out from this was to re-install Windows and then rejoin to the domain.

Re-install is easy as I have WDS configured on my home network. Re-joining the domain is easy, I could either do an offline domain join with Direct Access policies embedded, or just connect the FortiGate VPN and join the domain and run gpupdate. I went with the latter as it seemed like it’d be the easier option. As I’d used WDS, the PC was now part of my home network domain, so I removed it from the domain, renamed and rebooted. I then went and connected it to the work domain and ran gpupdate, all fine, and restarted the PC. That’s when it got weird.

Continue reading “Schrödinger’s Network Location – Direct Access client is both inside and outside corporate network at the same time?!”

Windows 10, UEFI and PXE booting

Remember the good old days when Windows couldn’t change the boot order? Yeah…

I recently set up System Centre Configuration Manager to take over from MDT for imaging PCs. The end result I’m after is that all PCs attempt PXE boot when powered up, and then automatically image if there’s a task deployment waiting for them. (Bonus points is getting wake-on-lan to work with Win 10 so they’ll power themselves up too).

Thought this would be easy – surely just set network as the first boot device – only to discover that (on a UEFI booted system) part of Windows setup adds “Windows Boot Manager” and sets it as the first device in the boot list, no way to stop it. Continue reading “Windows 10, UEFI and PXE booting”