-
James Rankin wrote a new post, Can't uninstall app: Delete or change Windows apps that have been flagged as non-removable 6 days, 20 hours ago
If you can’t uninstall a Windows app, the ARPNOREMOVE property might be the reason. When installing software on Windows devices, common deployment mechanisms such as Configuration Manager can set a custom property to prevent users from deleting the package. Setting the ARPNOREMOVE property results in the RegisterProduct action blocking the program’s uninstall string from being written to the Registry.
-
James Rankin wrote a new post, FSLogix VHDX compaction: Resize virtual disks 3 months, 3 weeks ago
The new FSLogix version, which was released in October, introduces a long-awaited feature: VHDX compaction. FSLogix is a standalone product acquired in late 2017 by Microsoft for profile management and application masking features. It is primarily used in virtual desktop or RDSH solutions to provide users with a persistent experience in nonpersistent environments.
-
James Rankin wrote a new post, Sysinternals Process Monitor: Real-time file system, registry, and process monitoring 4 months, 3 weeks ago
Sysinternals Process Monitor runs on a Windows device and uses a filter driver to log real-time file system, registry, and process/thread monitoring. It is a vital tool for troubleshooting Windows and combines the capabilities of two older Sysinternals tools: filemon and regmon.
-
James Rankin wrote a new post, Custom error message for access denied 5 months, 3 weeks ago
When you access a file share in Windows and the conditions for access are not met, you are normally presented with a generic access denied message. It is actually possible to customize the error message to provide more meaningful and understandable output that aids with dynamic access control, rather than the simple “contact your network administrator,” which will invariably result in a call to the service desk. However, there are a couple of limitations to this functionality.
-
James Rankin wrote a new post, Consolidating Group Policy, part 3: Loopback policy processing and folder redirection 1 year, 6 months ago
GPOZaurr and other tools help you with consolidation in the short-to-medium term, but as you move forward, there are other changes you can make that will make things much simpler and easier to manage. To make a significant difference to these user KPIs, there are two areas that must be concentrated on—folder redirection and loopback policy processing.
-
James Rankin wrote a new post, Consolidating Group Policy, part 2: GPOZaurr 1 year, 7 months ago
GPOZaurr from Evotec IT is a PowerShell module that is very useful for consolidating and managing Group Policy. In this post, I will demonstrate how you can use GPOZaurr to create Group Policy reports and deal with broken, disabled, invalid, or inapplicable GPOs.
-
James Rankin wrote a new post, Consolidating Group Policy, part 1: Get-GpoReport and Advanced Group Policy Management (AGMC) 1 year, 7 months ago
In this series of three posts, I will discuss various tools that allow you to manage and consolidate your Group Policy environment. In today’s article, I will make some general remarks and take a look at two useful GPO tools: Get-GpoReport and Advanced Group Policy Management.
-
James Rankin wrote a new post, Privileged access workstation (PAW) and lateral movement 1 year, 8 months ago
A popular topic in security circles these days is preventing lateral movement. Network segregation for admin tasks, or what Microsoft calls PAW—privileged access workstation—is key here.
-
James Rankin wrote a new post, Securing timeouts in Remote Desktop Session Host (RDSH) and Virtual Desktop Infrastructure (VDI) environments 2 years, 6 months ago
In this article, you will learn about all the things you have to consider when configuring screen locking policies for Remote Desktop Session Host (RDSH) and Virtual Desktop Infrastructure (VDI) environments without affecting users.
-
-
James Rankin wrote a new post, Manage OneDrive caches with Windows Storage Sense 2 years, 8 months ago
Microsoft’s OneDrive application is making large inroads into enterprises as the Enterprise File Share and Sync (EFSS) tool of choice. While it’s easy to get up and running on personal devices, managing the OneDrive experience for users at any sort of scale can be challenging, particularly where users have limited storage or if they operate in Remote Desktop Session Host or VDI environments. Another option Microsoft gives you to help with these problems is a feature called Storage Sense.
-
James Rankin wrote a new post, Known Folder Move: Part 2 – Group Policy settings 2 years, 10 months ago
In my last post, I discussed the preparations and process of migrating to OneDrive with Known Folder Move (KFM). Today, I’ll walk you through the corresponding Group Policy settings.
-
James Rankin wrote a new post, Assisting OneDrive migration with Known Folder Move: Part 1 – Preparations 2 years, 10 months ago
Known Folder Move (KFM) is a set of Group Policy Objects (GPO) settings that attempt to migrate user data into the OneDrive Sync Client with a minimum of user and/or administrator intervention. Data are moved automatically into the user’s OneDrive storage, allowing the user to then access this data from any device that either has the OneDrive application installed or can access the OneDrive web client. This post outlines the preparations for KFM, and the next post covers the Group Policy settings for the OneDrive Sync Client.
-
-
James Rankin wrote a new post, Managing OneDrive cache in Citrix Virtual Apps and RDSH environments using FSLogix Profile Containers 2 years, 11 months ago
In Remote Desktop Session Host (RDSH) environments, such as Citrix, VMware Horizon, Parallels, or Windows Virtual Desktop, adopting OneDrive can often bring a unique set of challenges. Microsoft now recommends the use of their FSLogix solution to help address these challenges by providing a “local” cache essentially mounted to a remote container.
-
FSLogix would definitely help you get around this issue, but obviously it has a dollar value attached to it 🙂 Feel free to hit me up if you want more info
-
James Rankin wrote a new post, Roaming profiles and Start Tiles (TileDataLayer) in the Windows 10 1703 Creators Update 5 years, 9 months ago
Microsoft deprecated the “TileDataLayer” model in the Windows 10 1703 Creators Update. In this post, I describe a hack that allows you to work with Start Tiles in roaming user profiles.
-
James Rankin wrote a new post, Include and exclude folders in roaming user profiles 6 years ago
A Group Policy Object (GPO) has always allowed administrators to exclude folders from a roaming profile but not include them. I’d always assumed that the functionality of a roaming profile was more or less hardcoded, whereby it only captured data from AppDataRoaming. However, I have to admit I was mistaken, and I give big thanks to Raphael Schulz for pointing this out to me.
-
When you see the temp profile, is there a file lock for the VHD file showing on the file server?
-
It sounds like the server with the file share might not be fully patched. We had that issue very early on in testing but a patch remedied it.
Are you using a Windows file server and is it fully patched? If not, it might be worth doing the patching or testing a Windows SMB file share for this…
- Load More