PS without BS: Managing WSUS

In this blog, I will leave you with some scripting snippets on how to manage WSUS: Block 1: Connect to the WSUS server and set the configuration. We are first going to set the property “Download update files to this server only when updates are appoved”, turn off all update languages, and then set the…


Demystification of the ProtectedRoots Registry Key

Well, hopefully some demystification of the key at least. 🙂 Upon looking around, I had a hard time finding really any documentation for this key: “SOFTWARE\Policies\Microsoft\SystemCertificates\root\ProtectedRoots\Flags”. So, this blog is in hope my studies and notes help someone else. Some info on the registry key and value: The key was moved from Software\Policies to HKEY_USERS\.DEFAULT…


Removing a RemoteApp Session Host

Sometimes Windows Server features are not so straightforward, so here’s one for those who have had/are having this issue and are yet to figure it out. When removing a RemoteApp server from a server pool, I came back to Server with the following message: The following servers in this deployment are not part of the…


Troubleshooting SQL Error: 18456, Severity: 14, State: 5

In moving my dev system, an odd thing came up. This is usually an easy fix, but for those out there who love their “red herrings”, this can throw you, so I hope this helps someone else. When connecting to the database, I received this error: Error: 18456, Severity: 14, State: 5. Login failed for…


Don’t always blame the security guy

So, this one is for the security guys – the ones always blamed for something breaking. “Disable Antivirus, whitelisting, destroy your work” they say. Now, security guys aren’t always innocent, but they are not always to blame either. Short thought, when I was working on an issue with Internet Explorer not rendering, and saw other…


Invalid DeploymentType in MDT 8443

For those who may have updated MDT 2013 Update 2 to the new build, 8443, you may have noticed something odd. The message that comes up is “Invalid DeploymentType of “” “. Yes, there is a “”, as a blank deployment type. To remedy this, you will need to change a line in the DeployWiz_ProductKeyVista.vbs…


RemoteApp and Smartcard Authentication

For those who use Smartcards to log in, the RemoteApp website, known as RDWeb, can be a pain. But, there is hope. Instead of using the website, you can actually use native RemoteApp in Windows. Here’s how it works at a high level: You input the URL for your RemoteApp feed into Windows Log in…


PS without BS: Creating VMs in Hyper-V with PowerShell

Of all the things that sometimes drill me is having to do a web search for PowerShell cmdlets, and seems too often I am just looking for how to use a cmdlet, and after 10 pages of text, you ask yourself, how do I use this cmdlet again? 🙂 So it’s my hope to promote…


Overcoming the dreaded 0xc000014c message on start

I had a recent incident with my SCCM server (running Windows Server 2012 R2) in my lab that had an issue – it just shut down on me and came up with this infamous screen (truncated for all of our sake’s). Windows Failed to start. A recent hardware or software change might be the cause….


Detecting and remediating SMBv1

We have recently issued a Security Update (4013389) for Windows SMB. This does affect all supported versions of Windows at this time. SMB isn’t safe, and causes you to lose some key protections, among them: Pre authentication integrity, which new in Windows 10/2016. It improved “man-in-the-middle” protection against attacks tampering with SMBv2’s connections and authentication…