We have machines that we want kept on Windows 10, we don’t want users urged over and over again to upgrade to 11. Run this Powershell, reboot (probably), and we’re good:
# Exit script if this is not Windows 10
If ((Get-ComputerInfo | Select OSName).OSName -notlike "Microsoft Windows 10*")
{
"This is not Windows 10. Exiting..."
Exit
}
# Proceed
Set-Location -Path HKLM:\SOFTWARE\Policies\Microsoft\Windows
If (-Not (Test-Path -Path WindowsUpdate)) { MKDIR WindowsUpdate }
Set-Location -Path HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate
New-ItemProperty -Path . -Name "ProductVersion" -Value "Windows 10"
"Done!"
Note that many so-called solutions out there set things so no further updates, including Windows 10 build upgrades, will happen at all. The above simply limits things to Windows 10.
Categories:
Windows Installer, Updates, Patching
HGSDiag is a command-line tool which can kill running VMs and do other interesting things. Highly recommended.
Categories:
Virtual Machines & Environments
There are only three methods for Windows, which appear to work reliably for Adobe Reader DC (among many others) at this time:
Ninite Pro – not free
Chocolatey – large community
RuckZuck – very interesting, based in Switzerland
Categories:
Tools
Windows Installer, Updates, Patching
This method uses Powershell module PsWindowsUpdate.
- Run this in administrative Powershell:
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
Set-Executionpolicy RemoteSigned -Scope Process -Force
Install-PackageProvider -Name NuGet -Force -ErrorAction 'SilentlyContinue' > $null
Set-PSRepository -Name PSGallery -InstallationPolicy Trusted
If (Get-InstalledModule -Name PsWindowsUpdate -ErrorAction 'SilentlyContinue') {
Update-Module -Name PSWindowsUpdate -Force
} Else {
Install-Module -Name PSWindowsUpdate -Force
}
Import-Module PSWindowsUpdate
- Then check the list of available updates:
Get-WindowsUpdate
- The next step is to actually do the updates. There are good reasons and multiple methods to be careful. Alas, thus far, there does not appear to be a way to install updates a given number of days after release, e.g., 30, so as to give Microsoft time to respond to issues. Here is a glancing overview of what we do have:
- Lots of firmware is being sent by Microsoft now, and some of this is more up-to-date than that available from the vendors. But there is risk in these, don’t forget. You may find that you want to install current Windows patches, but no drivers, firmware, services packs, feature packs, etc. To do this:
Install-WindowsUpdate -NotCategory "Drivers","Service Packs","FeaturePacks" -NotTitle "preview" -AcceptAll
And to do it while ignoring reboot:
Install-WindowsUpdate -NotCategory "Drivers","Service Packs","FeaturePacks" -NotTitle "preview" -AcceptAll -IgnoreReboot
The -IgnoreReboot ignores all relevant reboot automata. -NotTitle "preview" omits all updates with the word “preview” in their name.
But sometimes, e.g. with a new PC install, we’ll want to install all updates and reboot automatically:
Install-WindowsUpdate -AcceptAll -AutoReboot
- You may find that you want to omit granularly, e.g., specific build upgrades. If you found one marked KB1234567, you would install all and omit that one thus:
Install-WindowsUpdate -NotKBArticleID KB1234567 -AcceptAll
- If you wanted to do that, and explicitly not reboot if indicated:
Install-WindowsUpdate -NotKBArticleID KB1234567 -AcceptAll -IgnoreReboot
- If you had two KBs to omit:
Install-WindowsUpdate -AcceptAll -NotKBArticleID "KB1234567,KB7654321"
- There are other noteworthy items. Lots of firmware is being sent by Microsoft now, and some of this is more up-to-date than that available from the vendor. But there is risk in firmware updates, don’t forget. Some of the items don’t have KBs, and there are two other command-line arguments to omit those,
-NotTitle and -NotUpdateID.
Reset-WUComponents
- To get a full list of functions:
Get-Command -Module PSWindowsUpdate
Get-Help works for all of them.
Categories:
Windows Installer, Updates, Patching
Powershell
If you need to do diagnostics on a Dell server, download “OpenManage Server Administrator Managed Node”. Yes, I know all Dell divers already have this written on the insides of skulls…:-)
Categories:
Servers
Had a new one recently. A PC running Windows 10, up to date, was taking about 30 minutes to boot. Turning off Fast Startup seems to have fixed it. Reportedly this will do it:
powercfg /hibernate off
but I used a GUI method: Control Panel, Power Options, Choose what the power buttons do, Change settings that are currently unavailable, then unchecked “Turn on fast startup (recommended)”, then Save Changes.
The GUI method is reversible in GUI; the command-line method removed the GUI method from visibility.
Still not sure what the root cause of the situation is, or how to do prevention. But reportedly, a very large proportion of Windows users are in fact hibernating or similar, rather than turning off, and don’t know it, and this can cause Windows updates to fail and other issues related to networking.
Categories:
Power & Management
Windows OS-Level Issues
Categories:
Windows OS-Level Issues
- Open up an administrative Powershell. Run
IPCONFIG /ALL. That will get you a list of active NICs. DNS in use, is set for each NIC if you have more than one.
- The name of each NIC has a prefix that has to be omitted. There are a number of prefixes which are common. For a simple wired NIC, it’s usually “Ethernet Adapter”; on many HPE servers, IPCONFIG /ALL will therefore show the second NIC as
Ethernet adapter Embedded LOM 1 Port 2.
- So let’s say you have a LAN with three active DNS servers (10.11.12.13, 10.11.12.14, and 10.11.12.15), and you want your HPE server of the above description, with the first two NICs active, to use all of them. Here’s the Powershell commands:
Set-DnsClientServerAddress "Embedded LOM 1 Port 1" -ServerAddresses ("10.11.12.13","10.11.12.14","10.11.12.15")
Set-DnsClientServerAddress "Embedded LOM 1 Port 2" -ServerAddresses ("10.11.12.13","10.11.12.14","10.11.12.15")
- For a second example, let’s say we’re on a common workstation, and we want to change DNS from a static setting, to whatever DHCP will pass out:
Set-DnsClientServerAddress "Ethernet" -ResetServerAddresses
Categories:
Command Line
Powershell
Longstanding, works well unless BITS is corrupt:
Start-BitsTransfer -Source $URL -Destination $Path
On 1809 and up:
curl.exe -O $URL
A pure Powershell method:
(New-Object System.Net.WebClient).DownloadFile($URL,$Path)
Categories:
Powershell
Categories:
Tools