Some Notes on the Machines

Here is an excellent tool to check if your IP or domain is on a spam blacklist (a.k.a. RBL):

https://www.debouncer.com/

The current download site for MegaRAID (formerly LSI, Avago, et al.) drivers and Storage Manager now appears to be here:

https://www.broadcom.com/products/storage/raid-controllers/megaraid-sas-9361-8

A Lenovo-supplied method to update drivers, BIOS, and firmware in Windows.

https://support.lenovo.com/us/en/solutions/tvsu-update

Updates are being distributed to Windows 10 via peer-to-peer methods, in addition to cloud-to-PC. This will be essential to handle the big build files, 4 gigabyte plus, at many sites.

https://docs.microsoft.com/en-us/windows/deployment/update/waas-delivery-optimization

Small but mighty. Recently much improved. Lightweight, powerful, and appears nicely thorough.

https://snailsuite.com/

This one is from the amazing Rick Boatright. I saw the ancestor of this thirty-plus years ago in Unix System V, had no idea it had gotten so useful in Microsoft-land. The gist of it is:

• You have a batch file, and want to access something involving a UNC path, something like this: \\SERVER_NAME\share_name\dir1\dir2
• Default logic often involves storage of current location into a variable, CD, resumption of previous, blah, blah, blah.
• But we can do it in one command: pushd \\SERVER_NAME\share_name\dir1\dir2 This does multiple things:
• First, it creates a temporary drive letter for the server and share name. It chooses an available drive letter.
• Secondly, without any further ado, it changes the current working directory of the shell (of the script) to the very location you pointed at.
• So, if you did the pushd above, and if Z: were available, your current working directory suddenly becomes: Z:\dir1\dir2
  where Z: is mapped to \\SERVER_NAME\share_name !!!
• Then when you’re done with it, just put in popd, and Z: goes away and you’re back to the current working directory you had beforehand!

A great tool here:

https://www.niversoft.com/products/xml2nwc/

And another:

http://nwc2musicxml.appspot.com/

It is often helpful to update the Group Policy templates for a domain. The most current set can be found quite easily via a Google search:

https://www.google.com/search?q=Administrative+Templates+%28.admx%29+for+Windows+10&ie=utf-8&oe=utf-8&client=firefox-b-1-ab

They install as an MSI which does nothing but dump them into a folder here:

 C:\Program Files (x86)\Microsoft Group Policy

Once you have the above done, we have manual steps. The best way to approach this is probably in an administrative CMD.

First, look in here:

%WINDIR%\PolicyDefinitions

We will be wiping everything there. If there are many files with numbers at the end of their names, you probably have Microsoft Office templates as well as Windows templates, and you will have to replace them too. There are other templates which could be involved, so be warned and be ready.

For now, we are going to write as if you have just Microsoft default templates there. Wipe them all. Then replace them with all of the .ADMX files in the dump folder, plus just the language folder appropriate for you. The dump folder will have all of the language folders, you want just yours.

The second destination folder is:

%WINDIR%\SYSVOL\sysvol\<domain>\Policies

where is the name of the Windows domain. Do not delete everything here, if you do you will do harm to your GPO system. Do, however, remove all of the .ADMXes, and the language folder(s) here, and replace them as above.

Here’s a new one, seems to cover some good ground:

https://support.microsoft.com/en-us/help/10164/fix-windows-update-errors

A good thing to do, is to do cleanup/improvement steps, and then restart related services: