Hello,

You need and easy way to get an inventory list of software installed on a machine via Powershell. What we need for a list is:

DisplayName;DisplayVersion;Publisher

We have two version of the scripts:

Here is how to easily extract the most important information from a .REG export from the UNINSTALL Registry HIVE. We don't want to run the PS directly on the server or via the server because of compliance. So, you can export the Registry Hives from a server as a .REG file, transport them through valid methods to the management machine, and then generate a semicolon-separated list for Excel import.

At the bottom, you will find a version we made if you want to retrieve the info directly from the local machine and directly from the Registry Hives (Without the way over the .REG export) (32 and 64-bit Hives):

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall

Output:

Here is the version which get the information direct from the local machine:

��

Introduction:

Event logs provide valuable insights into system operations, allowing IT professionals to monitor and troubleshoot potential issues. When dealing with Windows event logs, PowerShell is a powerful tool that enables event filtering, but it may not be everyone's preferred choice due to complexity and perceived security concerns. In this blog post, we will explore an alternative method - using the command-line filter of Event Viewer - to easily access Critical, Error, and Warning events from the Application log.

Advantages of the Command-Line Filter:

Familiarity: Many seasoned IT professionals prefer using a simple command-line approach they are familiar with, making it easier to find and work with event logs efficiently.

Accessibility: The command-line filter is available on all modern Windows operating systems, eliminating compatibility concerns.

Trustworthy: Since the command-line tool is a built-in Windows feature, there are no worries about third-party dependencies or security issues.

PowerShell Approach:

Before diving into the command-line filter, let's quickly review the PowerShell method. By leveraging the Get-EventLog cmdlet, one can filter events based on severity levels and display them in PowerShell console. The script would look like this:

Get-EventLog -LogName "Application" -EntryType Error, Warning, Information | Where-Object { $_.EntryType -eq "Error" -or $_.EntryType -eq "Warning" -or $_.EntryType -eq "Information" }

But we want it commandline style because most people with long term expierence are used to that tool/console to find and work.

eventvwr.exe /h

What? ;-)

Ok let's try:

Go to XML tab

Cut and paste into notepad

<QueryList>

<Query Id="0" Path="Application">

<Select Path="Application">*[System[(Level=1 or Level=2 or Level=3)]]</Select>

</Query>

</QueryList>

If you see this than all fine:

If you see this than you did not read 100% and checked all " > ' and the \ at the end or you try to

call together with /c:application (Channel) and Query (/f:)

Wrong sample:

Some Microsoft Links (One sample is wrong there and I did not understand what he tells at once and the eventvwr.exe /h is really nerdy? ;-)

https://techcommunity.microsoft.com/t5/ask-the-directory-services-team/advanced-xml-filtering-in-the-windows-event-viewer/ba-p/399761

Enhancing Outlook Debug Logging for Troubleshooting

Mike Butsch, www.butsch.ch

What we want to do and why

Outlook debug logging is a valuable tool for diagnosing and resolving issues within Microsoft Outlook. By enabling advanced logging, you gain deeper insights into the application's behavior, allowing for more effective troubleshooting. In this blog post, we will explore the process of enabling global and advanced logging for Outlook, along with additional steps to enhance the logging capabilities.

In conclusion, by enabling and leveraging Outlook debug logging, you can gain valuable insights into the behavior of Microsoft Outlook and efficiently troubleshoot any issues that may arise. Remember to exercise caution when modifying the Windows Registry and follow the necessary steps outlined in this blog post.

Some key points in this paper:

* Attention: Do not make user you analyzer Local Adminstrator

* How to make the KEY under another user Registry hive

* Your are admin or user how to generate the Registry Key

* How to find something or for what to search for in the Debug Logfiles you made:

* Analyze WPA and ETL files

* Outlook 2010 Debug Logfiles

* Outlook 2013 and Outlook 2016 Debug Logfiles

* What if you want to enable this for some computers automatic in your Windows Domain on-premise with GPO?

in addition to the steps mentioned in the documentation, there is an additional parameter that can be enabled to gather more detailed information. This parameter involves modifying a specific subkey in the Windows Registry. Please note that the following steps require careful attention to avoid unintended issues:

Attention: Do not make user you analyser Local Adminstrator, this will produce probleme related to Exchange, ActiveSync GPO and Azure sync (Infos not Synced back to local Domain from Azure for that user)

http://www.butsch.ch/post/Active-Directory-accounts-with-ADMINSholderadminCount-flag-%7C-No-syncback-from-Azure-ms-ds-consistencyGuid

Note: If the user experiencing the issue does not have sufficient permissions to create the key, it is important not to grant them local admin privileges without addressing the "ADMINSholder" flag attribute. Granting local admin privileges without correcting the "ADMINSholder" flag may lead to further complications. Refer to these resources for more information on the "ADMINSholder" flag:

Attention: https://www.butsch.ch/post/Activesync-with-Exchange-2013-does-not-work-ADMINSHOLDER-Flag-(an-old-bad-friend) or https://www.butsch.ch/post/Exchange-Activesync-1053-Event-4003-Error-2007201020132016-Adminsholder

Again a sample why you should not make the user Local Admin to explain: Also be aware that if you are in M365 Azure Hybrid Mode those account with ADMINS Holder Flag Set wan't sync back or to Azure.

Target what we need for the USER who has the OUTLOOK.EXE Problem. That may be a different user than the LOGGED on s non domain joined machine.

How to set key for another user?

It's important to note that the user encountering the "OUTLOOK.EXE" problem may not be the same as the one logged on to the non-domain joined machine. Therefore, we need to set the key for the relevant user. Here is a brief explanation of how to set the key for another user:

1. Create a CMD shortcut on the desktop.

2. Right-click on the shortcut while holding down the SHIFT key and choose "Run as different user."

3. A command prompt (CMD.exe) will open.

4. Launch the Registry Editor (regedit.exe) from the command prompt.

5. Locate the appropriate registry hive for the user you want to debug in Outlook.

INFO: Why not make him local Admin again because most don't understand impact if not corrected afterwards! Please read carefull above IF you have that idea.

How to make the KEY under another user Registry hive Explanation #1

Solution you need to run regedit.exe under a seperate LOCAL ADMIN or Service account to have the permission to CREATE that missing key structure per user. Also keep in MIND that existing POLICY/GPO will overwrite the settings within 15-X minutes if you may have those set in Domain enviroment.

Find the office version "SHORTY" the user has as exmaple "15.0", "16.0" etc.

Your are admin or user and how to generate the Registry Key Explanation #2

When troubleshooting Outlook issues for a specific user, there are two options to access the user's registry hive.

By following either of these options, you can access the user's registry hive and make necessary

modifications to troubleshoot the Outlook.exe problem. Remember to exercise caution and ensure you

have the appropriate permissions and authority to access the user's registry hive.

FastShutdownBehavior

Once you have made the necessary changes to the registry, log off and log back on to apply the settings. Launch Outlook, and you should now see the logging in action. This allows you to identify any problematic areas or errors that may be occurring.

Check the key again under the HKCU > OK

Start Outlook, yes loggin active and you see warning

Check the things that don't work to produce logs. Click around and open things and other Calendar from OAB adressbook as example.

Check the logs generates

Folders:

To gather relevant log files for troubleshooting purposes, you can focus on specific folders or actions that are not functioning as expected. These log files can be shared with Microsoft Support to assist in resolving the issue. To convert the log files (ETL format) into a more readable format, you can use the PowerShell command `tracerpt.exe FILENAME.ETL -lr`. You can then preview the converted files or open them using the Event Viewer (`eventvwr.exe`) to examine the events more closely.

Convert in Powershell to some TEXT/XML.

ETL > Event Viewer ;-) ???

You can then preview the converted files or open them using the Event Viewer (`eventvwr.exe`) to examine the events more closely.

Filter may help if there are any error?

How to find something or for what to search for in the Debug Logfiles you made:

When analyzing ETL or XML files for debug information related to free/busy functionality in Outlook, you can look for specific events and data related to free/busy operations. Here are some key points to consider:

1. Event ID: Look for events with specific event IDs that pertain to free/busy operations. These event IDs can vary depending on the version of Outlook and the specific scenario. Typically, you may find events with IDs such as 2000, 2007, or 2016, which are commonly associated with free/busy processing.

2. Provider Names: Look for events associated with providers or services related to free/busy functionality. These providers can include Autodiscover, Exchange Web Services (EWS), Availability Service, or any other components involved in free/busy data retrieval and processing.

3. Timestamps: Pay attention to the timestamps of the events and their sequencing. This can help you understand the flow and timing of free/busy operations. Look for patterns, delays, or any inconsistencies that might indicate potential issues.

4. Error Codes and Messages: Take note of any error codes or error messages associated with the free/busy events. These can provide valuable information about the nature of the problem or any specific errors encountered during free/busy processing.

5. Data Fields: Look for specific data fields or attributes that contain information related to free/busy functionality. These can include user identifiers, calendar data, availability status, or any other relevant data that helps in understanding the free/busy operations.

To locate this debug information within the ETL or XML file, search for the relevant event IDs, provider names, error codes, or specific data fields mentioned above. Use the search functionality in your text editor or XML viewer to locate and analyze the corresponding events. Additionally, you can filter the events based on the time range or other criteria to focus on the relevant information.

By carefully examining these events and data within the ETL or XML file, you can gain insights into the free/busy operations, identify any errors or delays, and troubleshoot any issues affecting the free/busy functionality in Outlook.

Analyze WPA and ETL files

Also read following KB on how to process the files further with WPA

https://learn.microsoft.com/en-us/windows-hardware/test/wpt/opening-and-analyzing-etl-files-in-wpa

https://learn.microsoft.com/en-us/message-analyzer/message-analyzer-tutorial

If you are specifically working with ETL files generated from Outlook.exe debug mode the files are binary files containing event traces, and parsing them requires specific tools and techniques.

To analyze ETL files generated from Outlook.exe debug mode, you can use Microsoft Message Analyzer (MMA) or Windows Performance Analyzer (WPA), which are powerful tools for analyzing event traces. These tools allow you to load the ETL file and apply filters to extract specific information or errors related to Outlook.exe.

Here's a high-level overview of the steps involved in using Microsoft Message Analyzer to analyze Outlook.exe ETL files:

1. Download and install Microsoft Message Analyzer from the Microsoft Download Center.

   https://learn.microsoft.com/en-us/message-analyzer/installing-and-upgrading-message-analyzer

2. Launch Microsoft Message Analyzer.

3. Go to the "File" menu and select "New Session" to create a new session.

4. In the "New Session" window, click on the "Live Trace" tab.

5. Select the "Microsoft-Windows-Diagnostics-Performance" provider from the list.

6. Click on the "Capture" button to start capturing events.

7. Reproduce the issue or scenario for which you want to capture the event trace.

8. Once the desired events have been captured, click on the "Stop" button to stop capturing.

9. Go to the "File" menu and select "Save As" to save the captured events as an ETL file.

10. Open the saved ETL file in Microsoft Message Analyzer.

11. Use the filtering and analysis capabilities of Microsoft Message Analyzer to locate the specific errors or information related to free/busy or any other aspect of Outlook.exe.

Please note that analyzing ETL files can be a complex task, and familiarity with Microsoft Message Analyzer or similar tools is recommended for effective analysis. The steps provided above are a general guideline, and the exact steps may vary based on the version of Microsoft Message Analyzer or other tools you are using.

Remember to always exercise caution when analyzing ETL files and ensure you have the necessary permissions to access and analyze the files.

What if you want to enable this for some computers automatic in your Windows Domain on-premise with GPO?

Be carefull with the GPO. The Debug Mode of Outlook will generate 50MB+ Files maybe per minute. That is

why we want to target that Policy to a ADS-Group with Computer accounts. If you are unsure hot wo do that leave it and do it manual.

Some links regarding this:

Outlook Debug Logging

https://support.microsoft.com/en-gb/topic/how-to-enable-global-and-advanced-logging-for-microsoft-outlook-15c74560-2aaa-befd-c256-7c8823b1aefa

MS Learn:

https://learn.microsoft.com/en-us/outlook/troubleshoot/performance/enable-and-collect-logs-for-profile-creation-issues

Logfiles reference for different Outlook version:

Note The log files are created in multiple folders. These folders vary, depending on the version of Outlook that you're running.

Outlook 2010 Debug Logfiles

Log files in the folder

Outlook 2013 and Outlook 2016 Debug Logfiles

Log files in the folder

Note You can sort by Date modified to find the files that were created most recently.

Starting march 2023, Microsoft EDGE will be the new Adobe Reader and Acrobat if you Opt IN

I just found some Information while searching for more Infos about the 02/2023 Windows Updates/Patches. This is interesting because we mostly do AutoUpdates for Defender and EDGE Updates while we analyse and test all other monthly CUMU updates per customer and then approved them in some schema from small to big customers.

This has worked great over the last few months where other companies had problems who just auto approve Updates.

Adobe is the company with the most PDF patents for advanced features in PDF files. All the free solution offer just a part of that or pay licence fees to Adobe, as we understood to date.

Starting in March, Auto Approved EDGE updates will include the Adobe Reader Engine in MS Edge, and it seems that the Adobe Acrobat (Writer) license will also be available via Edge. This eliminates the eternal discussion about the safest way to open PDFs from the web/email (not in Chrome with the Adobe Extension) and whether to use Reader, Acrobat (Writer), or the browser. If It's all the same and takes away the issue.

Acrobat Writer updates were often delayed because they were 170-500MB in size and didn't transfer quickly via Intunes or on-premise deployment to laptops. So one product was sometimes the older.

In addition, there was always the point who to fix with what to open .PDF. Adobe spent a lot of work in in Reader manuals and explanation for Enduser. Most of the times one single user in an enterprise want's it in another way and because he from QA changes the open with procedure via IT for all employee. Often because their Quality solution or add-on did not work with the Edge PDF engine.

Adobe and Microsoft have a new partnership to integrate the Adobe Reader Engine into the MS EDGE browser, as well as Adobe Sign (which is the digital signature) for MS Cloud things mentioned.

Eventually, Adobe Reader will disappear and MS software should then direct the Edge to display PDFs. No one knows what will happen to Chrome.exe. Google and Amazon are heavy against the Azure Cloud and the new licensing model for Microsoft server OS (As we understood it would be more expensive to run MS Server outside of Azure...)

 LINKS:

https://www.adobe.com/sign/pricing/plans.html?plans=teams

https://www.adobe.com/documentcloud/integrations/microsoft.html

https://techcommunity.microsoft.com/t5/microsoft-edge-insider/microsoft-edge-and-adobe-partner-to-improve-the-pdf-experience/ba-p/3733481

Genau so was will man wohl verhindern:

https://helpx.adobe.com/de/acrobat/kb/chrome-extension-not-working.html

 Some extracted info which seems interesting for us:

How do I use the advanced Adobe Acrobat PDF features in Microsoft Edge?

Activating the advanced features with the Adobe Acrobat PDF extension in Microsoft Edge requires a paid Adobe Acrobat subscription. To activate the features, in the PDF view in Microsoft Edge, navigate to the top right corner of the window and click the button with messaging to try the advanced features. From there follow the prompts best suiting your needs to complete the transaction. If you already have a paid Adobe Acrobat subscription, you can sign into your existing account to use the advanced features at no additional cost.

Can general users opt out of using Adobe Acrobat PDF capabilities in Microsoft Edge?

General users will be unable to revert to using the legacy PDF engine in Microsoft Edge after the Adobe Acrobat PDF engine launches.

How will this affect commercial organizations?

 When rollout begins in March 2023, there will be no changes to managed Windows devices in organizations unless you choose to opt in. Users on unmanaged Windows devices will see an unobtrusive Adobe brand mark in the bottom corner of their PDF view. These users will also see an option to try the advanced features, such as converting PDFs, combining files, editing text and images. If an organization chooses to opt in, users on managed devices will see the same changes. The built-in Microsoft Edge PDF solution with the Adobe Acrobat PDF engine will have full feature parity with the legacy Microsoft Edge PDF solution. No functionality will be lost.

Some braindumps from trying to learn new M365 things. Automation of Blender with Power Automate Desktop. I have long experience in AUTOIT but wanted to try the MS solution for once.

If you Install Power Automate desktop the Menu, content and also the Commands are in the primary APP language you have under your Regional settings.

So even if you have a W10/W11 in UK/EN but Preferred Languages for APP and Websites set to another language it will be displayed in those settings.

Currently that makes it almost impossible to search anything smart on google or in TechNet because 90% of the content and help is in English.

There are also commands that you have to guess in Germans like "Go to" for Jumps. There are other commands in German which are so misleading compared to the English syntax.

Then because OCR sometimes works and next time we open the app NOT (Same Resolution, maximized Window) we tried a trick where we check OCR first in a loop.

Like in old basic days we will use GO TO but had a problem not finding the syntax in the German version of PA. After we switched the language we also found out

That the LABEL handling simply does not work?

The GO TO command related to Label seems a bit strange anyway buggy? Deleted label, made label new, Select GO TO the label does not appear there.

Delay, lag in Power Automate

Above Solution: 5 minutes later without saving, reload or any change the label appeared in the selection list?

The Power Automate Desktop is CLOUD based. If this works like its right it's impossible to professional use it because of lag and delay.

That is the same delay we have seen in M365 Portal. But for coding if you have such delay it makes it impossible to use.

We also had the case a few days where during a UI Windows Selection with only 4 APPS open the W10 normal 100% stable crashed complete.

The only solution was to reboot the client you could not even hung up process with taskmgr.exe or remote debug.

Clearly all changes to the Power Automate script (2 hrs of works) where lost because you can ONLY save the connect to the cloud and it does not auto save.

Deutsch

English

Solution:

How to backup Power Automate Content Local

Select ALL, COPY and Paste all into an Text Editor like notepad.exe

You don't have any of the data local

August 08/2022 Patch KB5012170 Update for Secure Boot DBX problem 0x800f0922

Problem: You can't install August 2022 Update KB5012170 on some systems under certain condition where Secure Boot is enbled and not latest BIOS/UEFI Firmware . You will receive an Error 0x800f0922

Error: Package KB5015730 failed to be changed to the Installed state. Status: 0x800f0922.

The patch does a revert

System which is not affected

The updates fixes some secure boot problems as example:

CVE-2022-34301 | Eurosoft Boot Loader Bypass

CVE-2022-34302 | New Horizon Data Systems Inc Boot Loader Bypass

CVE-2022-34303 | Crypto Pro Boot Loader Bypass

Microsoft main link:

KB5012170: Security update for Secure Boot DBX: August 9, 2022 (microsoft.com)

https://support.microsoft.com/en-us/topic/kb5012170-security-update-for-secure-boot-dbx-august-9-2022-72ff5eed-25b4-47c7-be28-c42bd211bb15

What does the KB describe:

Describes the problem that certain firmware/Bios and GPO Settings should not patch KB5012170. The KB is very hard to dunerstand. We try to help a little. Please keep in mind that you can't update firmware without checking compatiblity on Laptops for docking station and maybe other things. In enterprise you can't can't just update laptop firmware over night and hope all is fine like microsoft thinks they can do with their M365/Azure solution and Autopolit clients. ;-)

So what does that mean if you don't have a post doc in IT?

Check if yout are affected with and have PCR7 active

You can find out the status of your UEFI / PCR7 / Bitlocker Setup with MSINFO32.exe (Elevated) or/and by running a DOS or PS command.

Some sample dumps and how to find out:

Affected product which has PCR7 mode shown:

Dell computer Precision 5530, Windows 10 21H2

msinfo32.exe commandline

shows:

Sicherer Startzustand    Ein    

PCR7-Konfiguration    Gebunden

DOS: manage-bde -protectors -get c:

Shows:

Automate checking client for PCR7:

You may use a) Your software Deployment b) PSEXEC from systernals c) Do not use GPO to deploy software if you are not 100% fireproof with scripting

With psexec:

PsExec - Windows Sysinternals | Microsoft Docs

Auotmate the msinfo32.exe with psexec

psexec -s \\computer001 C:\windows\system32\msinfo32.exe /nfo c:\edv\00_report\computer.txt /report c:\edv\00_report\computer_re.txt

Description of Microsoft System Information (Msinfo32.exe) Tool

Other samples not affected:

An HP Elitedesk 800 G3 (Older) with a NON UEFI BIOS

Binding not possible becauee older machine and NOT UEFI BIOS (Legacy used) because of better Deployment OS reasons.

DOS: manage-bde -protectors -get c:

PS:

Msinfo32.exe

Some newer Home system from HP Elitedesk with UEFI no Bitlocker GO or Bitlocker active (Out of the box enduser system)

BINDING POSSIBLE

manage-bde -protectors -get c:

Below you see under PCR7 that you did NOT run msinfo32 under "Administrative/Elevated" it says "Elevation required to view".

Here is msinfo32.exe with run as admin, PCR7 would be possible but is not activated

You can see in this specfic machine where PCR7 "Binding Possible" is shown there is not Bitlocker. That's why withou the Fimrware Update which was offered by HP this was the patch has installed.

Solution

1. Check that you have the latest Bios/Firmware
2. Check if you have PCR7 enabled like mentioned above

If not possible > as example because your docking station is not comaptible with latest firmware

Some further links and infos regarding the path:

ADV200011 - Security Update Guide - Microsoft - Microsoft Guidance for Addressing Security Feature Bypass in GRUB

Troubleshoot the TPM (Windows) - Windows security | Microsoft Docs

R730xd, BitLocker, Secure Boot, PCR7 issue - Dell Community

Event ID 7053,12072,12052,12042,12012,13042 on WSUS Server

ERROR:

Unable to open WSUS MMC or connect with Script/PS/Tools to the WSUS database. On Clients or Server your see an error when this happens because, the WSUS APP Pool on IIS is down.

What is the problem?

If this happens you will after a reboot of the server loose most of the APPROVAL or DENY on your WSUS backwards for years.

Solution:

Mostly 90% related to RAM memory the WSUS has and the Application POOL WSUS itself or you run out of space on your WSUS content drive.

Prelude:

In the past months, all long-time, running WSUS Server no matter on which OS they run seem to crash more often they did before. We first long time watched and thought this was related sporadic too:

• Multi usage of MMC Console (Several users checking WSUS)
• Space on D: drive (With all the Feature Update you are up to 1 Terra soon)
• Script, which we had running to maintain WSUS or best Clean up WSUS automatic after it, crashed again (Deny 12'000 Patches…)
• We also assumed it is caused by a mix of WID (Windows Intern DB/Different Version of SQL Express or STD > we updated some mixed used WSUS + EPO 5.10 to sql 2017)
• As always maybe AV Solutions, which pinpoint. But we use Mcafee ENS Endpoint with many Exceptions and it never blocked SQL or WID when configured right and not by beginners

None of that seemed the source of the problem.

It looks like the crashed are more often to memory handling of IIS Application Pools and total memory the HOST (VM) has.

Here are the errors we did see:

Solution:

1. Give the HOST on ESX/Hypervisor more memory. You could trace for hours to find out how much or you be smart and give it 16-20 GB RAM. It depends on history of WSUS (Like running for 5 years, amount of clients or patches, how you clean up the WSUS with Tools or scripts via SQL query).
2. Open IIS, Application Pools, WSUSPOOL, Advanced Settings, Change the "Private Memory Limit KB" to something under your ESX Memory you gave. (In our example the IIS APP process runs around 14GB RAM and we gave the Server 18GB)
3. Reboot and all works again

You can now see how much Memory the IIS APP poll is consuming on a larger WSUS with a lot of history over years (Lot of WID/SQL data…)

Mcafee posted a fixed version of the 10.7 june 20202 release. Hidden in the release notes you will find an important detail.

You can now EXCLUDE Signature/Exploit/IPS rules FOR certain Active Directory users or group by SID.

This is like a WMI filter for GPO Grou Policy to drill down more granular and to target Exclusion more effectiv.

A main problem until now is the exclusion with MD5 checksum wiuld be the safest and usefull. However if you

Have slerf updating software (Like a RAPID 7 Agent) you have changing MD5 Checksum.

That's no problem if you have an enterprise and Mcafee TIE-Server and ATD Sandbox which automatic sess

That there are older version of the Agent in history and checks several other things and then aproves the file for running or not.

For Exlcusion this will help to limit an Exlcusion for a certain file (Whout the MD5) to limit the exclusion to a certain user group or single user.

If "financetoolstupidcoder.exe" does hit 20 Exploit rules because it was so crappy coded then you can exclude all the Signature based rules

For the single user with the SID 5654654634338998888 (Your CFO who gives IT money). ;-)

We would like to point out that mcafee has the large solution with ATD (TIE-Server, ATD-Sandbox) which allows you to controll

EXE wiht MD5 but in SBS or even a 1000+ shop you sometimes simply can't handle a strict change and release managment.

This will help us all a lot.

Enteo V6.X Master Referenz Paket (Screensaver/Locked/User Fragen), Version 1.1 vom 10.10.2010

Alle Binaries sowie ein Export des Projektes von Enteo V6.2 sind unter dieser URL zu finden:

http://www.ntfaq.ch/home.aspx?seite=enteo62_Referenz_Paket_Butsch_Informatik

http://www.butsch.ch

Was macht das Paket?

Dieses universelle Referenz Paket soll zeigen wie man in einer reellen Deployment Umgebung auf das Environment und die User eingehen kann.

Bei vielen Software Deployment fehlen diese Optionen obwohl Sie an sich Grundbausteine einer Software Verteilung sind. Dieses Beispiel soll einen

Anstoss in die richtige Richtung und als Ersatz für eine ein fehlendes Beispiel von Enteo dienen. Zielpublikum:

Desktop Engineer mit mehreren Jahren Deployment Erfahrung und Basis Kenntnissen in Enteo. Enteo Quer‐Einsteiger z.B. von SMS, SCCM,

Altiris oder z.B. Highsystem. Nicht geeignet für Supporter, welchen man aus Unwissenheit die Software Verteilung mal Testweise übergibt.

Finger weg und zurück an den IT‐Chef geben und bitten, dass er das Kapitel ITIL‐Risk Management und Recovery besser durchliest;‐)

Pflichtenheft an das Master Paket: Das Paket soll folgendes erfüllen….

‐     Abfragen ob der Screensaver aktiv ist > Denn dann wollen wir nicht installieren

‐     Ermitteln ob der Client gelockt ist > Denn dann wollen wir nicht installieren

‐     Es soll Abfragen ob ein User gerade arbeitet und angemeldet ist (Ev. Geht es nur dann?)

‐     Soll wissen wie es Enteo seitig kommt (Serviceinstaller oder Autoinstaller)

‐     Soll den User Fragen ob Sie das Update wollen oder man möchte diese nur laufen lassen, wenn jemand angemeldet ist (z.B. Green‐IT‐Oeko Shop ohne WOL und mit Stromleisten!)

 Das Master Paket wird anhand eines Beispiels erklärt. In diesem Falls das Deployment von Adobe Flash 10.1.85.3 vom September 2010.

Das Paket macht eine Migration des Flash Players auf die aktuelle Version. Desktop Deployment und IT ist Migration und Wandel.

Frisch installieren kann jeder und ist einfach! Darum wird in einer Präsentation nie eine Migration von Flash Player sonder immer nur eine frische Installation gezeigt.

Im Package Folder haben wir folgende Binary Files. Alle kann man bei uns downloaden.

Dies wird z.B. hier verwendet:

Einzelne Teile des Enteo Skriptes erklärt:

Hier kontrolliere ich mit "locked.exe" ob der Client gelockt/gesperrt ist. Da wir z.B. für eine Flash/Adobe Reader Upgrade offene Apps (Internet Explorer)

zumachen müssen soll dies NICHT passieren wenn der User Weg von seinem PC ist (CTRL‐ALT‐DEL gemacht).

Mit dem Enteo Befehl ExitPROCEX; "UNDONE" verlassen wir das Script. Das "UNDONE" sieht man dann z.B. bei den Policies in der Enteo Konsole.

Der Vorgang wiederholt sich einfach beim nächsten Enteo Intervall oder Start der Maschine spätestens wieder.

 SYNTAX ERROR: Fun with Powershell commands copied from Blogs or KB-solutions

We often see that the "-symbol or the minus-symbol are malformed and it looks normal in notepad.exe or the PS-console. The "-symbol effect can be devastation because you may have other objects you handle with identical short names in complex commands.

Worst case: "room 140 left wing Barcelona" and he targets room then etc.

Several times we have seen such effects with Powershell if we copy PS commands direct and don't use the copy-code function that good blog platforms or even KB-platforms on Intranet should support.

Here is a sample:

You just see red. First you think the command is not there anymore in this version whatever. Then you think maybe the wrong shell 32/64? Or elevated. The you type it manual and it works ;-)

If you copy the two commands to NOTEPAD.EXE as it opens all looks fine.

You can see in WinWord already that there MUST be a difference (They are not exact the same horizontal length) ;-)

TO really see: If you open the two commands in Notepadd+ or any advanced editor.

Euro? Germany? So someone from European Union made the Blog (Not UK not Swiss/Switzerland/Suisse) no? ;-) A double minus or triple minus?

;-)