Tuesday, May 31, 2016

Uninstall .NET Framework 4.6.1 if you are installing older Microsoft Products - Exchange - SharePoint - Office Web Apps

I got into a bit of a freak out the other day.

I wanted to install SharePoint 2013 on a new server, but I couldn't because of .NET incompatibility. After some research I found that the problem was the same one that I had earlier had to unravel for my Exchange Server. It seems that unfortunately, the .NET Framework 4.6.1 is not compatible with many relatively recent Microsoft server products. If you are building images you'll want to make sure that you include images that do not include this component as it is not supported and may block new installations of products like these:

  • Exchange 2013, 2015
  • SharePoint 2013
  • Office Web Apps Server 2013
  • Skype for Business Server 2015

Block it before it gets there!

You want to stick with .NET 4.5.2, so here's how to prevent the installation of 4.6.1

Method 1:
  1. Back up the registry. (duh)
  2. Type regedit in the Start Search box, and then press Enter to open the registry editor
  3. Locate and click the following subkey:
    HKEY_LOCAL_MACHINE\Software\Microsoft\NET Framework Setup\NDP
  4. After you select this subkey, point to New on the Edit menu, and then click Key.
  5. Type WU, and then press Enter.
  6. Right-click WU, point to New, and then click DWORD Value.
  7. Type BlockNetFramework461, and then press Enter.
  8. Right-click BlockNetFramework461, and then click Modify.
  9. In the Value data box, type 1, and then click OK.
  10. On the File menu, click Exit to exit Registry Editor
Method 2:
  1. Back up the registry
  2. Instead of doing steps 2-10, create a text file with the following contents
    Windows Registry Editor Version 5.00
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\WU]
  3. Save the file as "BlockNETF461.reg" (remember adding quotes stops the .txt extension)
  4. Execute this file on any machine to block the installation until such time as you are ready for it.
Method 3:
  1. Configure group policy preferences in an Active Directory managed environment. If you're not familiar with this tool, check out this article where I show you how to manage mouse sizes with GPO preferences: http://majorbacon.blogspot.com/2016/04/customizing-your-mouse-cursor-using.html 
  2. In the GPO Management Console create a new GPO and link it to your OU of servers that you wish to prevent the installation of the .NET Framework 4.6.1
  3. Right click and Edit the GPO
  4. Expand the Computer -> Preferences -> Windows Settings -> Registry
  5. Right click and choose New Registry Item
    1. Change the Action to Create
    2. Enter the Key Path of SOFTWARE\Microsoft\NET Framework Setup\NDP\WU
    3. Enter a Value Name of BlockNetFramework461
    4. Select a Value Type of Reg_DWORD
    5. Enter the Value Data of 1
  6. Click OK and close the Group Policy Editor and Management Consoles. After the next group policy update on the affected servers the .NET framework will be blocked

But wait! .NET 4.6.1 is already installed!

If the .NET 4.6.1 update is already installed and you have not yet installed a server product (perhaps it is already in a baseline image) then you simply need to uninstall the update and run the repair tool

  1. First download the .NET framework verification utility from here: http://blogs.msdn.com/b/astebner/archive/2008/10/13/8999004.aspx
  2. Run the tool and use the drop down box to confirm that .NET Framework 4.6.1 is listed. (The tool shows all the versions of .NET that are installed.)
  3. Close the verification utility.
  4. Go to the add/remove programs control panel
  5. Select view installed updates (lefthand pane)
  6. find the entry for the dreaded KB3102467.
  7. Select and Uninstall the update.
  8. Reboot when prompted.
  9. Run the tool and use the drop down box to confirm that .NET Framework 4.6.1 is no longer listed. Verify that it is showing 4.5.2.  
  10. Repair the .NET 4.5.2 installation by downloading the offline installer, running setup and choose repair
  11. Reboot when setup is complete.
  12. Apply the following Security updates for .NET 4.5.2 from Windows update
    1. KB3122654 
    2. KB3127226
    3. Remember, Do NOT select KB3102467!!!!
  13. Reboot after installation.

But wait! .NET 4.6.1 is already installed AND I've already installed Exchange or SharePoint or Skype Server!

Don't Panic! The above steps still apply with just a few caveats

  1. Ensure you have rebooted since the installation of .NET 4.6.1 so that further management can occur.
  2. Stop all running services related to your product.
    For example, in Exchange using the Exchange Management Shell
    (Test-ServiceHealth).ServicesRunning | %{Stop-Service $_ -Force}
  3. Perform the steps listed above to remove the offending update KB3102467
  4. Unfortunately, Many services must recompile all of their NET assemblies, a long and CPU taxing process. To alleviate this burden, the folks at the .NET Blog have provided a speedup script to allow mscorswv.exe to use multiple threads and up to 6 cores. 
  5. Save the 7318.DrainNGenQueue.wsf script to the computer's desktop and execute it locally from the administrative command prompt using
    cscript <path>\7318.drainngenqueue.wsf

Is this forever?

Of course not. Eventually you will be using products that are compliant with .NET 4.6.1 because you are working with the next generation product or because Microsoft has updated the previous generation product to be supported by .NET 4.6.1. Then you can remove the GPO preference or reg hack and allow your systems to update normally.

Friday, April 29, 2016

Why doesn't my RF signal get through?

All of us who have to manage wireless signal, especially when trying to support a 802.11 network, have to overcome the initial challenge of understanding why the signal being emitted doesn't get to its destination like we thought it would. Radio Frequency (RF) signal travels (or "propagates") in waves. Therefore all of the things that cause disrupt waves in other formats, like a water wave or an earthquake shock-wave, will cause disruption in our wireless RF waves.

Here are some of those issues:

Free Path Loss:

In a perfect vacuum, you might think that with nothing to block an RF signal that it could keep moving away from the transmitter forever. Unfortunately, due to the laws of physics, the signal will attenuate (lose strength) as it travels.  In a uniformly circular wave around a transmitter, the wave has a certain amount of energy that is traveling outward in a circle. After a second the circle will be a certain distance away, then after two seconds it will have traveled twice as far, and so on. 

The problem is that the waves are broadening over space as they radiate from the transmission point, and RF waves are 3-dimensional! So it really moving out over a sphere. Imagine the difference between the strength of a an deflated balloon vs one you have stretched to maximum size - it is bigger but weaker now isn't it? RF signals will lose their strength as they are forced to cover a larger surface area.

One quick way estimate free path loss is called the 6dB rule: doubling the distance will decrease amplitude by 6 dB!

Attenuation through Absorption and Loss:

When we think about why signal doesn't just get from point A to point B, we usually think of absorption - something must have gotten in the way of the invisible signal and the energy was absorbed by that something, reducing the amplitude of the signal until eventually it reaches zero, and there is no effective communication. This is just like a wave crashing against a seawall, keeping people on the other side dry.
  • Cubicle Walls : -2 dB
  • Wooden Doors, Glass, Sheetrock, or Drywall : -3 dB
  • Open Metal Rack : -6 dB
  • Elevator and other metal obstacles : -10 dB
  • Brick, Concrete, Concrete Blocks, Foundation Walls : -15 dB


When we look into a smooth polished mirror, or plane of glass, or even water we can see a reflection of ourselves. Why is this? When the wave (light waves in this case) hits a larger smooth surface it may bounce in a new direction. 

With dealing with RF waves some of the initial energy that strikes the surface ("the incident ray") is going to bounce off at an equal angle in the opposite direction ("the reflected ray"). The amount of reflection depends on the smoothness and the material itself. Some of the RF energy will still pass through ("the transmitted ray"). We can expect to see this kind of reflection of our Microwave RF signals when hitting things like a metal door or file cabinet, or outdoors when hitting other buildings or a body of water.


The idea of scattering is similar to that of reflection, but occurring multiple times at a smaller level. When the wavelength is larger than the reflecting surface, rather than smaller we get scattering rather than reflection. Think of a nice smooth wave in the ocean that hits a smaller rock - The wave will have to split around the rock, a tiny bit of the energy is absorbed and the rest of the wave is reflected in different directions around it. Of course, the wave as a whole isn't disrupted, right? But now imagine a ton of rocks lining the shore, and how when the wave hits those rocks the energy is being scattered off of all of those rocks, interfering with each other, and basically mucking up the wave, dissipating some energy and making it ugly. 

Another way to think of Scattering is thinking of a laser pointer.
Light, even laser light, travels in waves - but a laser is a very tight wave that should just travel from point to point in the direction it is intended - you should see the dot on a wall or screen when using a laser pointer. But what if you are in a smoky room? Then the laser light gets scattered among the smoke particles and bounces in all sorts of directions. You can see the laser pointers light from the side as a "beam", but the signal will be weaker when it eventually hits the wall. (Pink Floyd laser light show fans, rejoice!)

In the world of wireless RF, the same thing can happen at a very minute level when encountering smog or a dust storm over longer point-to-point links. In a WLAN environment we could see this effect from the leaves of trees, rocky ground, or even chain link fences. The signal gets ugly, scattered, nonsensical, and can degrade it to a point of complete loss.


We know that some signal strength is reflected or scattered and some is absorbed when a wireless RF signal encounters a material. But what the energy that manages not to bounce off or be absorbed by the material - is the transmitted ray still the same? Sort of. It can also be just a little bent (no offense, RF) by the process of Refraction. 

Refraction (changing the angle of the transmitted ray) occurs because of changes in the density of the material through which it is passing. You see this when you observe a straw in a glass filled with liquid. The straw appears to be split because you are seeing the light of the straw without the liquid with one angle, and with the liquid at a refracted angle. 

In a wireless environment Refraction is usually due to changes in pressure, temperature, or water vapor in the air. With that said, in an outdoor setting the small change in angle can have a large effect over a distance, and some types of glass 
The difference between the angle of the transmitted ray and the and the original angle the ray would have taken is called the angle of refraction


We have described a lot of ways that signal can be altered from its original transmission beyond the simple free path loss or absorption. It might reflect, scatter, or refract, right? Or even all of the above. Plus some portion of the original energy may transmit unchanged from the source to the destination. 

What happens when some of the original signal AND the refracted signal AND the reflected signal AND the scattered signal all (eventually) get to the receiver? It depends, but most of the time there will be downfade. Downfade is when the signal is degraded because the same message is being heard but out of phase. If you've ever tried to sing with someone who knew the song but was always half a beat late to jump in then you've experienced this problem. It makes for poor karaoke and poor wireless too because the signal is distorted. If two signals arrive far enough out of phase then the uptick of the wave can occur at the same time as the downtick of a reflected wave, causing the signal to be nullified, just like noise cancelling headphones! It is also possible for there to be upfade where the signals arrive at the same time and build each other back up again, like a sweet duet!

Multipath on its own is considered a bad thing, but modern WiFi protocols like 802.11ac use multipath along with multiple antennas to improve WiFi transmissions and signalling!

I know that if I was taking a Cisco CCNA wireless exam, I would want to know all of the above. :)

Thursday, April 21, 2016

Customizing your Mouse Cursor Using Group Policy Preferences

When helping the young, the old, or the visually impaired, it may be important to make sure that your users start off with a larger cursor. In an Windows Active Directory environment this can be done using Group Policy, but in the past required configuration of the registry using some sort of logon script. Many scripts can now be replaced by the use of Group Policy Preferences, which makes the whole process much easier!

You can watch me set this up step by step on video here: https://youtu.be/WjdKPtog5QY

Or here's how to do it step by step:

1) Configure your mouse cursor settings using the control panel on a test machine

We're going to suck these settings out of the test machine and into Group Policy Preferences!

2) Open the Group Policy Management Console on a domain controller or a workstation where the RSAT tools for AD have been installed and create or edit a Group Policy is linked to the right OU to affect the desired users (or link it to the domain to affect all users)
Remember to link your GPO to the right node in AD

3) Navigate to the User -> Preferences Section -> Windows Settings -> Registry
Cursors are user settings, and there are no administrative templates in policy to configure this for us - so we go to GPO preferences!

4) Right Click and choose Registry Wizard
Registry Item = one setting by hand, Registry Wizard is a vacuum cleaner for preconfigured settings!

5) Select Local if you modified the Mouse Cursor settings on the local machine or choose the remote machine that you want to connect to (firewall settings must allow this)
Select the machine that has already been configured as your template

6) Expand HKey_Current_User Tree ->_ Expand the Control Panel Key -> Expand the Cursors Key
This is the tricky part - you have to know where to go in the registry!

7) Select all of the Values in the lower half and click Finish
Select all of the named values at the bottom to capture all cursor settings

8) You can expand out the registry key directory and see the key settings.

Each registry item is its own setting - and you didn't have to manually configure any of them!

9) These Group Policy Preference settings do not prevent users from changing their cursor, but it does reapply the registry settings at each logon - unless you tell it not to. To do that, open the properties of each setting and switch to the "common" tab and add the check mark to "Apply once and do not reapply"
GPO Preference Setting Dialog Box to change "stickiness"

10) Log off and log back on as an affected user to experience the new setting!

Original Size

Log Off

Log On - and notice the GPO Preference being applied!

Big fat juicy cursor, just they way I like it!
So... that's how you get your funky mouse cursor settings into Group Policy Preferences... but be creative! What other registry settings are tied to users or computers that you currently have to bake into an image (which get corrupted) or have to manually configure? Take advantage of this easy to use tool!

Remember, it's your job to "point" the way!

Wednesday, April 20, 2016

How to do Line Breaks in your PowerShell Script

Trying to get your code to look good when reading it later can be tricky

For line breaks in function scripts, there are two out-of-the-box options:

First, you can break a line after the pipe key, which is an elegant and easy-to-read approach.

Second, you can arbitrarily break a line with a back tick mark, which you will find left of the number 1 on a standard US keyboard.

It looks like this: ` 

But did you know that the back tick is a hack?

The back tick ` means, “literally interpret the next character,” or also said, escape the following character.”

For example, you might want to literally reference a quotation mark “ in a path name, but because it’s inside “” for strings, you need to literally interpret it: “`”PATH`”” – it’s hard to see, but squint.

But here’s another takeaway: if you use the back tick to create a line break, make sure there’s no space after it; otherwise, the space – not the carriage return – will be the escaped, literal character!

So here's are some examples of what works and what doesn't:

First, no line breaks - works like a charm, but if we add a few more pipes and parameters this could get ugly.

Next we have an example with a line break after the pipe, also functioning normally

Here we see the line break before the pipe, and the script fails

In this sample we use the tick immediately followed by a return. If we wanted to we could insert these ticks numerous times, before each parameter, for example

Finally we see the effect of using the back tick AND A SPACE before the carriage return - this one is tricky to find when troubleshooting, so don't let it happen to you!

A special thanks to Sarah Wischmeyer for the introductory comments on this one!

Keep your scripts snappy!

Monday, April 18, 2016

Majorbacon's Breakdown on Spanning Tree Protocol and Variants Part 1: The Problem

First, the Problem

Spanning Tree Protocol is one answer to a specific problem that occurs at a layer 1 & 2 levels - redundant connections between switches cause problems!

No Redundancy, No Problems

Now we've added a redundant connection enabling multiple paths for switch to switch communication

If a broadcast is sent out it will flood normally, but it will eventually also enter through the "back door" of the original switch that forwarded the broadcast, acting like a "new" message that needs further flooding, causing infinite flooding (remember this is layer 2, there is no time to live on a frame)

Worse yet, the broadcast actually went out both directions at the beginning of the flood, which means we actually have two broadcasts circulating the network infinitely!
The results of the unmanaged switching loop includes:
  • Broadcast storms - no room for valid traffic - packets will keep getting forwarded until the switches run out of memory and start dropping frames.
  • MAC Table Instability - remember that the source MAC address of a packet is used to update the switch's MAC address table - this means that eventually the first switch, the one connected to the broadcasting Server, will eventually believe that the server is attached to one of the other switches, since it will receive a broadcast from them with the Server's MAC address listed at the source. The switch will lose track of its own devices!
  • Redundant Frames - both broadcasts and unicasts may be received multiple times by destination endpoints, bogging down intermediate services like TCP and higher level application services

So now we know the problem... see the Spanning Tree Protocol and Variants Part 2 to start seeing the solution!