Category: Windows OS-Level Issues

Upgrade Windows Server Standard (2008R2 and up) to Enterprise or DataCenter via DISM
article #1242, updated 33 days ago

It can be done, without install media or reinstall, via DISM:

Categories:   Windows OS-Level Issues   


The Windows Update Troubleshooter by Microsoft
article #1155, updated 67 days ago

Here it is, all current versions:

Categories:   Windows Installer and Updates   Windows OS-Level Issues


The WINS resolution information was not updated. The record format is corrupt.
article #1227, updated 81 days ago

This error often occurs when a longstanding Windows Server network is given a much newer domain controller. The WINS records embedded in DNS, don’t work anymore; when you try to delete them or change them, you get the error message in the title of this article.

The best thing to do, is PowerShell:

Remove-DNSServerResourceRecord -ZoneName dns_zone.local -Force -RRtype "WINS" -Name "@"

Try that (substituting dns_zone.local for your LAN DNS zone!), then right-click on the zone name, choose “All Tasks” and then “Reload”, then press F5 for refresh. The error-causing situation will go away, you can then reconfigure easily. If there are other zones, you’ll want to repeat for all of them. If there is a WINS record in a reverse lookup zone, the RRtype is WINSR instead of WINS.

Categories:   Windows OS-Level Issues   DNS


Mirror mapped drive letters to administrative processes in recent Windows
article #1218, updated 94 days ago

Administrative processes, including CMD, don’t see mapped drive letters anymore, unless you do this:

In this registry area:


create DWORD EnableLinkedConnections, value of 1.

Categories:   Windows OS-Level Issues   


Hyper-V integration services under Server 2016 Hosts
article #1211, updated 110 days ago

Integration services are no longer automatically installed or automatically available, to guests running operating systems older than 10, on hosts running 2016. They have to be installed by powershell or DISM, directly into the guest, not the host. I found DISM to work when powershell didn’t. The appropriate image addition is downloaded here:

and then installed thus, e.g. for Windows 7/2008R2:

DISM /Online /Add-Package /PackagePath:C:\storage\

Categories:   Virtual Machines & Environments   Windows OS-Level Issues


Windows 10 Universal C Runtime
article #1209, updated 114 days ago

This is something new to Windows 10/2016, a C runtime library different than the redistributables. It is a required additional install for some things to run on OS before 10/2016.

Categories:   Windows OS-Level Issues   Windows Installer and Updates


Group Policy Improvement, Part I: General
article #1148, updated 124 days ago

First in a series on improving Windows Group Policy. This apply to the whole Group Policy milieu on a network, all domain controllers.

  • Even if there is only one domain controller, change the replication from 180 minutes to 15 minutes. These are in the properties of the site links, in Active Directory Sites and Services, under Inter-Site Transport, under IP. If you have more than one site link enabled, do it for all. Obviously you should moderate carefully, if you are using SMTP or have bandwidth issues.

  • Set services fdPHost and FDResPub as startup Automatic, from Manual.
  • Add Subnet(s) to each Site in Active Directory Sites and Services. Then show subnets in the Group Policy Management Console, and map group policies there. Even if there is only one Site, this can help a lot.

Part II, Destrangulation, is here.

Categories:   Group Policy   Windows OS-Level Issues


Group Policy Improvement, Part II: Destrangulation
article #1203, updated 124 days ago

Second in a series on improving Windows Group Policy.

One very common Group Policy strangulator shows up in Windows event logs as SceCli, event ID 1202. When Group Policy processing encounters this, it can prevent many things from occurring.

The error, specifically, is a nonexistent user or group present in a GP configuration item. For instance, most recently there was a Group Policy including a security item which included “Domain Uers”, a typo of “Domain Users”, deep in computer-level security items, and this prevented the policy from doing anything, even though there were other, equivalent, items in the same area. I’ll repeat, the typo item had to be removed, before the entire policy would do anything; group policy processing is apparently not able to treat a nonexistent referent as irrelevant.

Finding the item is interesting too. It requires a file of this name and location:


It may not exist. If not, or if it’s not up to date, browse to this registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{827D319E-6EAC-11D2-A4EA-00C04F79F83A}

and set DWORD ExtensionDebugLevel to 2. Then run gpupdate, and the file will be created. Then in administrative CMD, run:

FIND /I "Cannot find"  %SYSTEMROOT%\Security\Logs\winlogon.log

The above will produce one or more invalid security group names or login names, included somewhere as a configuration item within a group policy. Once you have the name(s), run:


and examine all of its tree carefully, to find the error. That will lead you to the spot in GPMC where you will find the bad entry, to fix. Once you have fixed, try your gpupdate again, and your policy will apply, unless something else is wrong!

Part III, Copying Files, is here.

Categories:   Group Policy   Windows OS-Level Issues


Group Policy Improvement
article #1205, updated 124 days ago

In my experience, group policy is the only nearly indispensable tool on a Microsoft domain-controlled LAN which breaks very often and admits of almost zero solid documentation towards fix. Someday this may be thorough, Lord willing; for now, we have:

Part I, General
Part II, Destrangulation
Part III, Copying Files

Categories:   Group Policy   Windows OS-Level Issues


Install All Microsoft Redistributable VC++ Runtimes
article #643, updated 141 days ago

Here is the only complete method known to this writer to automatically download and install all current Microsoft redists. It uses this:


  1. You’ll need the PowerShell Gallery. Windows 10 and WMF 5.1 come with it.
  1. If you have 10, or once you have WMF installed, you can just run GETREDISTS.CMD (part of windows-tools ) as administrator. Alternatively, you can continue :-)
  1. VcRedist is the core, we’ll install that automatically as part of the procedure. In administrative PowerShell (the -Force takes in any new updates):
Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force
Install-PackageProvider -Name NuGet -Force
Install-Module -Name NuGet -SkipPublisherCheck -Force
Import-Module -Name NuGet
Install-Module -Name VcRedist -SkipPublisherCheck -Force
Import-Module -Name VcRedist
New-Item C:\VcRedist -ItemType Directory
Get-VcList | Get-VcRedist -Path C:\VcRedist
Get-VcList | Install-VcRedist -Path C:\VcRedist

The above installs all of the redistributables which Microsoft currently supports. Reportedly, some older ones (going back to 2005 at this writing) can be had using this:

Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force
Install-PackageProvider -Name NuGet -Force
Install-Module -Name NuGet -SkipPublisherCheck -Force
Import-Module -Name NuGet
Install-Module -Name VcRedist -SkipPublisherCheck -Force
Import-Module -Name VcRedist
New-Item C:\VcRedist -ItemType Directory
Get-VcList -Export All | Get-VcRedist -Path C:\VcRedist
Get-VcList -Export All | Install-VcRedist -Path C:\VcRedist

You may wish to delete the downloadables after the procedure:

Remove-Item C:\VcRedist -Recurse -Force

Categories:   Windows OS-Level Issues   Windows Installer and Updates