Timothy

Windows 10 Controlled Folder Access

Well this is an interesting feature I had not heard about until today.  I haven't been following the buzz about Fall Creators Update as closely as I should have, apparently.  With Controlled Folder Access, Windows 10 adds a type of second layer Access Control List to any folder you specify.  This is an interesting approach.  It differs from NTFS permissions in that you can whitelist applications, rather than users.  So even though I have Full Control / Owner of my OneDrive folder, if I add Controlled Folder Access, I will still get access denied when saving a file from Excel there unless I whitelist Excel.

It's not perfect.  You have to opt-in folders, presumably your most sensitive or precious (documents, pictures, etc.) and applications, which is a lot of effort.  Though there are GPOs to govern this feature, so it could be handy in the enterprise on strictly controlled machines.

What I would like to see added to this feature is automatic enrollment for an application's AppData folders.  For example, the installer or application could have a manifest that defines where they are putting their application data under AppData and what application is allowed to read and/or modify it.  Keep the ability of the user to control this from Defender, so you can manually opt-in other apps.

Source: https://www.bleepingcomputer.com/news/microsoft/windows-10s-controlled-folder-access-anti-ransomware-feature-is-now-live/

Timothy

System Center Operations Manager (SCOM) Community Management Pack Catalog

This is really great.  SquaredUp, the company behind the amazing third party web portal for SCOM/OpsMgr, has launched a new open source community effort to build a catalog for SCOM for free, open source, commercial, paid management packs.  This is something Microsoft has in the pipeline for the 2018 release, though only for large vendors, but there's nothing really that great out there right now.   I just finished the webinar about the launch of this effort.  I'm installing the MP now!  It works on SCOM 2012-2016.  The respository itself is hosted on Github.

Timothy

3.0 is coming...

RD Tabs ain't dead yet!  I've been working on the next version for about the past year here and there after taking way too long of a break from it.  What can I say, life happens sometimes.  But enough of that.  The new version has a lot of cool features in the works.  The UI is refreshed, there's PowerShell integration, colored tabs, full Windows 10 / Server 2016 support, no more .Net 2.0/3.5 dependency, better support for high DPI monitors, a TON of under-the-hood improvements, like dumping the .Net "settings" for a more reliable custom XML settings system with automatic settings history (no more corrupted user.config files!!), new command line options, better password security, automatic 64/32-bit support, locked aspect ratio scaling, too many fixed bugs to count, improved memory management, the new "Quick View" feature, better split screen support, improved exception handling, and a lot more I'm forgetting.

You can toss out the road map in the fourms (in fact I will later on), because it's been so long, I'm going to start with a clean slate right here with this new version being verison 3.0.  I'll start working on a new road map after relase.  One of the key takeways I've had over all this time is to not bite off more than I can chew.  I got too deep in major code refactoring in multiple areas of RD Tabs simultaneously and it got so boring and such a drag, I just gave up for a while.  Well, I've put it all back together and in the future I'm going to do smaller more agile releases.  After release you'll see bug fix releases for a little while, then I'll commit to just 2-3 features or major improvements for the next release.  That way I'm more likely to finish in a few months rather than years.  Hopefully, over the course of a year it will add up to be pretty significant.  After all, I use this tool daily too!  So I want to see improvements on a faster cadence.

And now the biggest announcement.  While RD Tabs will continue to be free to use, I'm going to also start building out a "Premium" version which includes priority support and enterprise features, like shared favorites, active directory integration, a portable thumbdrive version, help desk features, and more.

I know better than to assign an exact date, but let's just say the beta version is "coming soon."  So if you want to be a tester...

Stay tuned! 

Timothy

I Made Some Musical Instrument Themed T-Shirts

I was bored so I thought I'd have some fun with this.  The theme is "I work so I can buy..." and then a bunch of instruments and other music items.  :-)

Check it out!  https://teespring.com/stores/i-work-so-i-can-buy

Timothy

New Faster System Center Product Release Cadence

"The reports of my death are greatly exaggerated." - Mark Twain

For a few years now, there's been a lot of confusion about the future of System Center in the Microsoft product portfolio.  Updates had become less frequent and less impressive.  New product offerings on the Azure side seem to directly compete with classic System Center.  And a few products are clearly EOL (Orchestrator, most notably).

One big exception was Configuration Manager, which adopted a more frequent update cadence and in principle was not well-suited for the cloud (not that that has stopped Microsoft before).  Data Protection Manager (DPM) also stood out somewhat because it's 2016 release added a lot of long requested features, but it was still stuck in the long multi-year update cycle.

Well, it seems now Microsoft is getting back to showing System Center some love.  They are going to start pushing out the frequent update model to Operations Manager, Virtual Machine Manager, and Data Protection Manager.  This is great news for those of us with Hybrid and On-Premises deployments.  Azure is fantastic, and the new features which are rapidly rolling out are amazing, but not every workload can move to the cloud, nor should every workload move to the cloud (keep your tech stack diverse).  Plus, OpsMgr and DPM, in particular, are very useful in many Azure deployments.

As Microsoft makes this transition, they are also asking for feedback from OpsMgr users.  This is a good time to let them know the direction you want the product to take.

Timothy

Website Refresh!

I've updated the website theme with a brand new responsive design theme.  It seems to have fixed a lot of styling issues I never got to over the years.  There's still some tweaks to be done, but I'm pretty happy with it!  Let me know if any pages are unreadble.

Timothy

House Cleaning!

The forums have been long neglected and were overwhelmed with spam.  I cleaned it all up tonight.  I also did some software updates for the website.  There's still some work left to be done.  But, hopefully at the very least, the forums will be usable again if you need support on RD Tabs.

Timothy

Enumerating Nested Group Members in System Center Operations Manager Groups with PowerShell

I finally found a way to reliably return all members of a SCOM group, including members of subgroups (nested groups).  I don't know why Microsoft made this so difficult.  Anyway, other online solutions suggest using the GetRelatedMonitoringObjects() method on the group, but it was unreliable for and didn't work for all object types.  The method below seems to work for everything.  The main difference is that this PowerShell function recursively enumerates groups, but the trick is how do you reliably tell if a class is a group?  Well, thankfully, you can just pipe the class instance into Get-SCOMGroup and if it returns $null, it's not a group!  This function lets you enumerate groups by DisplayName or Class Instance object (from Get-SCOMGroup).

 Function Get-SCOMGroupMembers($group) {
    if ($group.GetType() -eq "".GetType()) {
        $group = Get-SCOMGroup -DisplayName $group
    }

    $group | Get-SCOMClassInstance | % {
        if (($_ | Get-SCOMGroup) -ne $null) {
            Get-SCOMGroupMembers $_
        } else {
            $_
        }
    }
}

Timothy

DPM 2016 + SQL 2016 and "An unexpected error occurred during the installation" ID: 4387

Microsoft System Center Data Protection Manager (DPM) officially supports SQL 2016 with UR2.  But, like previous System Center products, the only installer is pre-UR2, so SQL 2016 is not "officially" supported for an initial install, only as an upgrade install.  This is particularly annoying because it means you have to do a SQL 2014 installation, DPM installation, DPM upgrade to UR2, then a SQL upgrade to 2016.

The good news is that despite it not being officially supported, you can install DPM 2016 RTM with SQL 2016 already installed, then apply UR2. 

However, there is a big gotcha.

One I discovered is that if you have SQL 2016 SP1 installed, the DPM installer crashes with the error "An unexpected error occurred during the installation.  For more details, check the DPM Setup error logs. ID: 4387"

The logs aren't helpful at all.  There are numerous errors in the logs, that are actually safe to ignore, which causes a lot of false positives in your investigation.  At the very end there is a line that says "*** Error : CurrentDomain_UnhandledException" followed by an exception that appears after the installer is closed.

[2/8/2017 6:42:16 PM] * Exception : Invoking Watson with Exception:  => System.ArgumentNullException: Value cannot be null.
Parameter name: input
   at System.Version.Parse(String input)
   at System.Version..ctor(String version)
   at Microsoft.Internal.EnterpriseStorage.Dls.Setup.Inspect.InspectPrerequisites.CheckSqlServerTools(InspectContext context)
   at Microsoft.Internal.EnterpriseStorage.Dls.Setup.Inspect.Inspect.InitializeContext(String sqlMachineName, String sqlInstanceName, String reportingMachineName, String reportingInstanceName, ConnectionOptions wmiSqlConnectionOptions, ConnectionOptions wmiReportingConnectionOptions, Boolean isRemoteDb, Boolean isSqlClustered, List`1 sqlClusterNodes, Boolean isRemoteReporting, String oldSqlMachineName, String oldSqlInstanceName, ProductNameEnum productName, InspectModeEnum inspectMode, Boolean remoteTriggerJob)
   at Microsoft.Internal.EnterpriseStorage.Dls.Setup.Inspect.Inspect..ctor(String reportFilePath, String sqlMachineName, String sqlInstanceName, String reportingMachineName, String reportingInstanceName, ConnectionOptions wmiSqlConnectionOptions, ConnectionOptions wmiReportingConnectionOptions, Boolean isRemoteDb, Boolean isSqlClustered, List`1 sqlClusterNodes, Boolean isRemoteReporting, String oldSqlMachineName, String oldSqlInstanceName, InspectModeEnum inspectMode, InspectSkuEnum inspectSku, ProductNameEnum productName, InspectCCModeEnum ccMode, Boolean remoteTriggerJob)
   at Microsoft.Internal.EnterpriseStorage.Dls.Setup.Wizard.BackEnd.InstantiateInspect(String inspectFile, String sqlMachineName, String sqlInstanceName, String reportingMachineName, String reportingInstanceName, ConnectionOptions wmiSqlConnectionOptions, ConnectionOptions wmiReportingConnectionOptions)
   at Microsoft.Internal.EnterpriseStorage.Dls.Setup.Wizard.InspectPage.RunInspect()
   at Microsoft.Internal.EnterpriseStorage.Dls.Setup.Wizard.InspectPage.InspectThreadEntry()
   at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)

   at System.Threading.ThreadHelper.ThreadStart()

So I tried a lot of different things like different versions of SSMS (management tools), manually installing the Hyper-V PowerShell components, making sure all the WMI classes are registered (mofcomp all the .mof files manually), and the tips are this link.

What's happening as far as I can tell is that the installer's prerequisite checks fail due to an unexpected response from SP1.  The only way to get around this is to install SQL Server 2016 RTM, then install DPM 2016, then install DPM's UR2, then install SQL's SP1.  Done in that order, it works in my tests.

It's not as bad as having to install SQL 2014 first, then upgrade to 2016, but still a pain.  I wish Microsoft would released System Center products with updated installers for major milestones, like when a new version of SQL is supported.

Timothy

Seed Based Discovery for Exchange 2013-2016 OpsMgr Management Pack

One of the bad things about the Exchange MP it is uses a broadly scoped script based discovery (and it's a complex script, at that) that targets Windows Server.  So it runs on every server every four hours.  Kevin Holman made a little MP that does a simple registry discovery into a seed class that, via override, limits the servers the script runs on.  It's great, but I wanted one that was sealed, so it doesn't show up for overrides and nobody mucks it up.  I tried running fastseal on his XML, but it didn't work because of the way he coded the overrides.  So I just wrote my own that's sealed.  Enjoy!

Download link: http://www.avianwaves.com/Tech/Tools/ManagementPacks/Exchange2013SeedDiscovery.zip

Pages: Previous123456789...20NextReturn Top
Recent Comments
  1. Re: RD Tabs Security Advisory - 2.0 and 2.1 Beta
    Roman: Hi admin having same materiel as i need. Also get some extra stuff here: [url="hit5k.com"]Patch Applications...
  2. Re: RD Tabs Security Advisory - 2.0 and 2.1 Beta
    Roman: Hi admin having same materiel as i need. Also get some extra stuff here: Patch Applications
  3. Re: 3.0 is coming...
    Sean: Great news, can't wait!
  4. Re: DPM 2016 + SQL 2016 and "An unexpected error occurred during the installation" ID: 4387
    Funny Guy: To add my 2 cents - after a day of fight it appears that DPM installation uses WMI queries to detect...
  5. Re: DPM 2016 + SQL 2016 and "An unexpected error occurred during the installation" ID: 4387
    Funny Guy: To add my 2 cents - after a day of fight it appears that DPM installation uses WMI queries to detect...
  6. Re: DPM 2016 + SQL 2016 and "An unexpected error occurred during the installation" ID: 4387
    Funny Guy: To add my 2 cents - after a day of fight it appears that DPM installation uses WMI queries to detect...
  7. Re: DPM 2016 + SQL 2016 and "An unexpected error occurred during the installation" ID: 4387
    kAM aCOSTA: Thanks Edward !!!
  8. Re: 3.0 is coming...
    Dave: Very Cool!
  9. Re: In VB.Net, sending output to the console from a Windows "Forms" application
    clochardM33: Glorious
  10. Re: DPM 2016 + SQL 2016 and "An unexpected error occurred during the installation" ID: 4387
    Andreas Hagberg: Edward, you are the man. It solved the problem right at the first try. Many thanks for the post.