RunAs Issue? Check Secondary Logon Service.

RunAs Issue? Check Secondary Logon Service.

On Windows if you are having problems trying to perform an action as a different user via the RunAs command then it might be due to the ‘Secondary Logon Service’ not running. I recently had this problem on Windows Server and after some investigations found that the ‘Secondary Logon Service’ had been disabled, starting the service resolved the issue. By default it is set to ‘Manual’.

The error you get from the RunAs command may vary depending on OS version but will report a problem running a process or service. This is the error I get on Windows 10:

1058: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Cmder – A Better Windows Console

Cmder – A Better Windows Console
Whilst Linux treats console users as first rate citizens and provides many useful and powerful terminal emulators Windows has always lagged behind. This is evermore noticeable now that many developer and IT Ops workloads are done via the terminal. Modern web development and DevOps tooling requires at least some interaction with the terminal, and with the world moving to git for source control developers everywhere are having to embrace consoles.
Whilst Microsoft have traditionally neglected the Windows console they have started to add new features and improvements. For a background on the Windows Console and its architecture check out this blog series. Windows 10 has the best Windows console to date, but there are better out there from 3rd parties and I’ve really got into Cmder.
Cmder is a smart per-configured bundle of the ConEmu emulator software with some extras thrown in. To quote directly from their website:
 

Cmder is a software package created out of pure frustration over the absence of nice console emulators on Windows. It is based on amazing software, and spiced up with the Monokai color scheme and a custom prompt layout, looking sexy from the start.

It can be run portable on a USB Stick if you wish and it has full Git and Bash support. You can emulate the Windows Command Prompt or PowerShell, Bash, Windows SubSystem for Linux (WSL), even the VS Developer Command Prompt among others. All in a slick feature rich emulator.

cmder

It has hundreds of settings that can be tweaked to get everything just the way you like it and it also has the awesome Quake mode so it can slide down from the top of your display.
Cmder2
Support for Cmd, PowerShell, Bash and many more is included out the box, but if you are a Visual Studio user and want to emulate the Developer Command Prompt for VS2017 (reommended) then check out the simple instructions in this guide by Ricardo Serradas on Medium.
I’ve been using it for months and its been stable, performant and has also caught the eye of collegues due to those good looks which make it a pleasure to work in compared to the plain Windows console. Give it a try.

Calculate a file hash without 3rd party tools on Windows & Linux.

Calculate a file hash without 3rd party tools on Windows & Linux.

If you need to generate a hash of a file (e.g. MD5, SHA256 etc) then there are numerous 3rd party tools that you can download but if you are restricted to only built in tools or don’t need to do this often enough to install something then there are built in OS tools for Windows and Linux that can be used.

Windows:

For Windows there is “certUtil” which can be used from the command prompt console with  the “-hashfile” option to generate a hash for a supplied file:

CertUtil [Options] -hashfile filePath [HashAlgorithm]

The [HashAlgorithm] options are MD2, MD4, MD5, SHA1 (default), SHA256, SHA384 and SHA512.

For example to get an MD5 hash of a file use:

CertUtil -hashfile C:\ExampleFile1.txt MD5

More documentation for CertUtil can be seen here.

For those with access to PowerShell v4  and above (Windows 8.1 & Win Server 2012 R2) you can use the built in commandlet called get-filehash like this:

Get-FileHash C:\ExampleFile1.txt  -Algorithm MD5 | Format-List

The algorithms supported are SHA1, SHA256 (default), SHA384, SHA512, MACTripleDES, MD5 & RIPEMD160.

For Powershell versions prior to V4 there are numerous scripts available on the web that will work out the hash for you using various methods.

Linux:

For Linux use the correct  hashalgorithmSUM command in the terminal for the algorithm you are looking for, i.e. for an MD5 hash use md5sum or for SHA512 hash use sha512sum.

For example:

md5sum /home/rich/Documents/ExampleFile1.txt 
sha1sum /home/rich/Documents/ExampleFile1.txt
sha512sum /home/rich/Documents/ExampleFile1.txt

 

 

Disable Start Menu Web Search in Windows 10

Disable Start Menu Web Search in Windows 10

If like me you like the Windows 10 “start” menu to only provide applications and Windows settings in the search results and not web search results you need to configure it using these steps.

Using the Start Menu find “Cortana & Search Settings” , then click the settings icon (the cog),  turn Cortana off, and then turn off “Searh Online and Include Web Results”.

Boot into Safe Mode With Windows 8

Boot into Safe Mode With Windows 8

My laptop running Windows 8.1 decided not to boot this week but instead gave me a blue screen with the error “System Thread Exception Not Handled”. As I’d not installed anything new recently I guessed it could be related to a Video Driver issue, so I tried to Safe Boot – but wait where is Safe Boot in Windows 8? Google and Toms Hardware site to the rescue with this excellent article for resolving the issue. Note the use of in the article of BCDEDIT from the Command Prompt to turn on the legacy Windows boot menu (accessed via pressing F8 during boot).

At the C:\ command prompt:  BCDEDIT /SET {DEFAULT} BOOTMENUPOLICY LEGACY

You can dig a bit more into this command on the ‘Windows Developer Center’ site and check out the various options you can specify, including a useful ‘onetimeadvancedoptions’ option to only turn on F8 menu for a one time use on the next boot. For more detail on the Windows 8 Start-up settings including how to restart in Safe Mode from within Windows check out this page on the windows site. Also note that you can use MSConfig (Start > Run > “msconfig.exe”) to restart Windows in Safe Mode too.

To return to the standard Windows 8 boot menu (for faster boot times), once you have resolved your issue, you can run the BCDEDIT command again but this time set the BOOTMENUPOLICY to STANDARD:

At the C:\ command prompt:  BCDEDIT /SET {DEFAULT} BOOTMENUPOLICY STANDARD

If you get an ‘Access Denied’ message make sure the command prompt window is running as Administrator (right click the shortcut > Run as Administrator).

As for my laptop issue, I used Safe Mode to uninstall my video drivers, enabling me to boot normally and then successfully update the drivers.

Full Screen Remote Desktop Sessions

Full Screen Remote Desktop Sessions

Sometimes if you are on a new machine or using Remote Desktop for the first time you might find that the display size is not correct when you connect to a remote machine. If the remote machine session won’t go Full Screen it can be annoying. To resolve launch Remote Desktop (tip: Start > Run > mstsc is the easiest way) or via Start Menu (Start > Programs or All Programs > Accessories > Remote Desktop Connection). Once launched click ‘Options’ or ‘Show Options’ and then on the ‘Display’ tab adjust the size of your remote desktop screen. Move the slider all the way to the right for full screen.

image

Once you connect the settings becomes the default for all Remote Desktop connections and so you’ll only need to do this once. The settings are saved in a Default.rdp file, usually stored in ‘My Documents’ or ‘Users/<UserName>/Documents’. It is possible to save multiple versions of *.rdp files and pass them to MSTSC as a command line parameter if you need to connect to different machines with different settings.

The End Of TechNet Downloads Raises The Barrier To Entry For MS Techies

Microsoft unfortunately recently announced the demise of the TechNet Subscription. Whilst I appreciate that TechNet download abuse must contribute towards the availability of pirated products, I still think that this is a short sighted move by Microsoft. The MSDN subscription will continue  (for now) and anyone making money from privacy will be able to cover the extra cost of an MSDN subscription. Few individuals, however, are able to afford an MSDN subscription to feed their enthusiasm for Microsoft products. Nor would they want to with attractive alternatives being available from other vendors.

My concern is that the barrier to entry for being a Microsoft Technology IT Pro and Developer was just raised significantly. In my 2009 post on Microsoft making it too expensive for developers to experiment with Azure, I outlined how critical it is to make your products available to both current and future upcoming developers. Microsoft responded over the last few years by offering free Azure websites, reducing prices and offering improved MSDN offers. This has reduced the barrier to entry for Azure for developers, but Microsoft has now raised it for IT Pros and the enthusiast market. 

TechnetDownloadsAccording to Microsoft, evaluation versions of OSs will be available for download. I think that 90-180 day trials are very valuable but historically they have only been available for the latest products. Great if you want to try out Windows Server 2012 but not if you need to experiment with Windows Server 2008, which is a major flaw to this approach. Also short trial periods such as those found with client OSs are a real frustration. Virtual Labs are excellent for targeted training of specific features but are not a replacement for the real world experience of running a real instance.

But surely it’s all running in the cloud now anyway? Well perhaps in the future the idea of running servers locally will be a strange concept but we are a way yet from that being the norm. The Enterprise IT Pros and Developers of today and more importantly the near future will need to be skilled in running servers locally for some time to come. Running virtual servers in the cloud might be an option for some and may be the future but it’s expensive to do this currently and techies will not be exposed to those server maintenance activities that are abstracted away by cloud providers.

TechnetDownloads2There is a large home server enthusiast community that will rely on TechNet to evaluate and run Windows Server products. This is a vibrant, active community and one that happily shares detailed technical knowledge with the wider world and feeds the Microsoft Technology communities. With the death of Windows Home Server, and now TechNet, these enthusiasts will now start to look for alternatives. There are by comparison plenty of non-Windows choices in this space (Linux/BSD).

The cost of a TechNet subscription seems to have dropped to a bargain price over the last few years, perhaps too low, and Microsoft could have gradually increased the price over the next few years to make it less attractive to those looking to avoid buying retail versions and yet continue as a mechanism for Microsoft enthusiastic techies to access Microsoft Operating Systems. 

In summary I think that Microsoft have needlessly raised the barrier to entry for experimenting and learning Microsoft Technologies and makes alternative platforms more attractive. This move will in the long run surely push enthusiasts and young upcoming techies into the arms of Linux/BSD.

Software KVMs

Recently I have acquired an additional desktop machine on my desk and quickly saw the potential to expand the amount of screen real estate at my disposal (you can never have enough screens). So imagine I have a laptop physically connected to two screens and a desktop PC, with one screen connected, on the same desk. I want to be able to seamlessly control that desktop PC with my main keyboard and mouse that it physically connected to my laptop. That way I get to have three screens and twice the processing power. Remote Desktop tools of course are not useful here as we can already see the desktop PC’s monitor and we don’t want to control the PC through a window on the laptop. Instead we need Software KVM Applications (in fact without the V for Video as we can see the screen). These work by sending your keyboard and mouse movements over a network connection to the additional PC. They also transfer your clipboard contents so you can copy paste easily between the machines.

First I tried Synergy from http://synergy-foss.org/ which is fairly unique as it’s a cross platform offering that runs on Windows, Mac and Linux which is incredibly powerful if you have a mixed environment. Sy1I Sy2tried the latest stable build which was 1.3.6. I found it functional but basic and not that robust. The Synergy client would stop running on on several occasions (usually after locking/unlocking the PC). The UI is also very basic. That said it did the job and I have since found that the UI has been completely overhauled for the current BETA version. Whilst I don’t think it is quiet solid enough yet it looks to be a big player in this space and there is no doubting that for those with a mixed environment it is great.

In the end I decided on InputDirector, found at http://www.inputdirector.com/. This is a Windows only offering but is more mature than Synergy with a host of additional options. It is easy to configure with one PC being the master and one being the slave. You can right click the icon in the system tray and choose to enable/disable it and also to lock/shutdown the Master and Slave PC’s, which I find useful when I want to lock both PCs in one go. The best feature though is it’s stability as I have not found one issue with it yet and am surprised how effortlessly it handles the docking/undocking of my laptop which is acting as Master. Once the laptop is docked a message pops up on the system tray to notify me that master and slave are in communication again and all is well.

InputDirector screenshots below:

 ID_1ID1ID3