Replies

That is a question for the ages.  NTlite makes building your own quite easy, especially the paid version.  It automatically downloads the updates and integrates them.

Has there been any reports of GPO software deployment not working on Server 2016 with October updates applied?  I spun up two new servers and fully patched them before joining the domain.  Both failed to deploy MSI files until I manually installed one.  Something about manually installing fixed the deployment of others.  The same policies work fine on all other devices that haven’t been patched this month.

Specifically for business users, there are far better ways to handle system recovery actions than relying on shadow copies.  Critical systems should have nightly bare metal backups.  User profile data should be redirected to a central NAS with it’s own snapshot capability.  Performing system restore on a domain joined PC often breaks domain trust.  While that’s not very difficult to fix, it’s just not necessary to do if your infrastructure is setup right.  It’s been my experience that formatting a computer is significantly faster than trying to troubleshoot major problems 90% of the time.  When your user data is disjoined from the PC, the PC is disposable.

1 user thanked author for this post.

doriel

Some printers with Wifi like HP can print from email. When you register for the cloud print service you’re given a unique email address and any supported attachments sent to it will print. I’ve never tried that though.

That patch has already been exploited.  It’s effectively useless if you use Point and Print.

Linky

I suggest not broadcasting specific build numbers of all your software to the world. Hackers can use that information to target known exploits.

Kaspersky was programmed by a russian, but has no ties to Russia. They moved out of that country. They are my number one pick. I’ve deployed it to over 1000 computers and have never had a virus problem with it. Other products like Symantec, Trend Micro, Comodo, and McAfee were all disappointments. For the customers that can’t use Kaspersky due to government restriction I started using Panda. Watchguard owns them now, and so far it’s working great. Very easy to deploy and manage.

1 user thanked author for this post.

Alex5723

I guess they’re embracing what they do best: ruining your computer.  I haven’t met a computer yet with Norton that didn’t have crippling issues that magically disappeared as soon as Norton was uninstalled.  They may have been good in the early 90s with their Norton Utilities suite, but certainly not since.

4 users thanked author for this post.

wavy, LH, bbearren, Perturbance

Search for the video.  From my limited recollection, devices that know the hidden SSID send more information to connect than they would if the SSID were being broadcast.

Hiding your SSID is actually a security risk. Due to how wifi works, it actually gives hackers more information than they would otherwise have. There’s a very good video on YouTube explaining it in great detail.

2 users thanked author for this post.

wavy, AlphaCharlie

Most Asus routers support Asuswrt-Merlin firmware – https://www.asuswrt-merlin.net/.  It is based on stock firmware, but fixes all known bugs with frequent updates.  Some of their work has made it upstream to stock firmware.  I’ve been recommending consumer clients buy Asus routers compatible with that firmware.

3 users thanked author for this post.

wavy, AlexEiffel, Fred

Sometimes removing the Internet Explorer features also removes your ability to reinstall it.  It disappears from the features list and can’t be selected anymore.  It can still be reinstalled if desired from the command prompt.  You’ll need install media matching the release ID of your system (ex. 2004 or 20H2).  Adjust this command to the path of your media.

 

dism /online /add-package /packagepath:F:\sources\sxs\microsoft-windows-internetexplorer-optional-package~31bf3856ad364e35~amd64~~.cab

This problem is easily fixed with a file association registry fix.  The following sets the html default to Chrome.  Just save it to .reg and run.  There’s also a Microsoft FixIt available to correct this.

 

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.html]
@=”ChromeHTML”
“Content Type”=”text/html”
“PerceivedType”=”text”

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.html\OpenWithProgIds]
“ChromeHTML”=””

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.html\PersistentHandler]
@=”{eec97550-47a9-11cf-b952-00aa0051fe20}”

 

IETab plugin for Chrome works for all bank websites that depend on IE.  The rendering DLLs are always in the system whether IE is “installed” or not.

Yet I still have to disable that button because some users think the sky is falling if there’s updates available.  Computers patch when I tell them to, not when a user thinks they know better.