• If you can’t uninstall a Windows app, the ARPNOREMOVE property might be the reason. When installing software on Windows devices, common deployment mechanisms such as Configuration Manager can set a custom property to prevent users from deleting the package. Setting the ARPNOREMOVE property results in the RegisterProduct action blocking the program’s uninstall string from being written to the Registry.

  • The new FSLogix version, which was released in October, introduces a long-awaited feature: VHDX compaction. FSLogix is a standalone product acquired in late 2017 by Microsoft for profile management and application masking features. It is primarily used in virtual desktop or RDSH solutions to provide users with a persistent experience in nonpersistent environments.

  • Sysinternals Process Monitor runs on a Windows device and uses a filter driver to log real-time file system, registry, and process/thread monitoring. It is a vital tool for troubleshooting Windows and combines the capabilities of two older Sysinternals tools: filemon and regmon.

  • When you access a file share in Windows and the conditions for access are not met, you are normally presented with a generic access denied message. It is actually possible to customize the error message to provide more meaningful and understandable output that aids with dynamic access control, rather than the simple “contact your network administrator,” which will invariably result in a call to the service desk. However, there are a couple of limitations to this functionality.

  • GPOZaurr and other tools help you with consolidation in the short-to-medium term, but as you move forward, there are other changes you can make that will make things much simpler and easier to manage. To make a significant difference to these user KPIs, there are two areas that must be concentrated on—folder redirection and loopback policy processing.

  • GPOZaurr from Evotec IT is a PowerShell module that is very useful for consolidating and managing Group Policy. In this post, I will demonstrate how you can use GPOZaurr to create Group Policy reports and deal with broken, disabled, invalid, or inapplicable GPOs.

  • In this series of three posts, I will discuss various tools that allow you to manage and consolidate your Group Policy environment. In today’s article, I will make some general remarks and take a look at two useful GPO tools: Get-GpoReport and Advanced Group Policy Management.

  • A popular topic in security circles these days is preventing lateral movement. Network segregation for admin tasks, or what Microsoft calls PAW—privileged access workstation—is key here.

  • In this article, you will learn about all the things you have to consider when configuring screen locking policies for Remote Desktop Session Host (RDSH) and Virtual Desktop Infrastructure (VDI) environments without affecting users.

  • James Rankin's profile was updated 2 years, 8 months ago

  • Microsoft’s OneDrive application is making large inroads into enterprises as the Enterprise File Share and Sync (EFSS) tool of choice. While it’s easy to get up and running on personal devices, managing the OneDrive experience for users at any sort of scale can be challenging, particularly where users have limited storage or if they operate in Remote Desktop Session Host or VDI environments. Another option Microsoft gives you to help with these problems is a feature called Storage Sense.

  • In my last post, I discussed the preparations and process of migrating to OneDrive with Known Folder Move (KFM). Today, I’ll walk you through the corresponding Group Policy settings.

  • Known Folder Move (KFM) is a set of Group Policy Objects (GPO) settings that attempt to migrate user data into the OneDrive Sync Client with a minimum of user and/or administrator intervention. Data are moved automatically into the user’s OneDrive storage, allowing the user to then access this data from any device that either has the OneDrive application installed or can access the OneDrive web client. This post outlines the preparations for KFM, and the next post covers the Group Policy settings for the OneDrive Sync Client.

  • James Rankin changed their profile picture 2 years, 11 months ago

  • In Remote Desktop Session Host (RDSH) environments, such as Citrix, VMware Horizon, Parallels, or Windows Virtual Desktop, adopting OneDrive can often bring a unique set of challenges. Microsoft now recommends the use of their FSLogix solution to help address these challenges by providing a “local” cache essentially mounted to a remote container.

  • FSLogix would definitely help you get around this issue, but obviously it has a dollar value attached to it 🙂 Feel free to hit me up if you want more info

  • Microsoft deprecated the “TileDataLayer” model in the Windows 10 1703 Creators Update. In this post, I describe a hack that allows you to work with Start Tiles in roaming user profiles.

  • A Group Policy Object (GPO) has always allowed administrators to exclude folders from a roaming profile but not include them. I’d always assumed that the functionality of a roaming profile was more or less hardcoded, whereby it only captured data from AppDataRoaming. However, I have to admit I was mistaken, and I give big thanks to Raphael Schulz for pointing this out to me.

  • When you see the temp profile, is there a file lock for the VHD file showing on the file server?

  • It sounds like the server with the file share might not be fully patched. We had that issue very early on in testing but a patch remedied it.

    Are you using a Windows file server and is it fully patched? If not, it might be worth doing the patching or testing a Windows SMB file share for this…

  • Load More
© 4sysops 2006 - 2023


Please ask IT administration questions in the forums. Any other messages are welcome.


Log in with your credentials


Forgot your details?

Create Account