How-To

How to delay the Windows 10 Spring Creators Update

As we edge ever nearer to the release of the Windows 10 Spring Creators Update, we must pause and think about what could possibly break in the process.  That said, it’s a good practice to allow yourself time to test these things before deploying out to your company.

Here are steps you can take locally – or via Active Directory Domain Services (ADDS) – Group Policy to defer the updates until a later time.

Requirement:  A version of Windows supporting the ability to defer feature updates

  • Windows 10 Pro
  • Windows 10 Enterprise 
  • Windows 10 Education

 

Steps:

  1. Open the Group Policy Editor (Local Windows) or Group Policy Management (for ADDS)
  2. Navigate to the following folder: Computer Configuration > Administrative Templates > Windows Components > Windows Update > Defer Windows Updates
  3. Double-click on “Select when Feature Updates are received” to open the policy setting. First thing you need to do is set the policy to enabled. This activates the options that are provided.
  4. Click on Enable
  5. Select the branch readiness level for the feature updates you want to receive – Current Branch
  6. Choose the number of days to defer receiving the updates.  – 90 days works for me

Ref: https://docs.microsoft.com/en-us/windows/deployment/update/waas-configure-wufb

 

Download a copy of your Facebook data

Recently we have all have been reading about Facebook’s breach of trust. Even Mark Zuckerberg, admitted that Facebook has made mistakes.

The issue: Cambridge Analytica, a U.K.-based political data-analytics firm hired by the 2016 Trump campaign, got its hands on data for 50 million Facebook users — without the users’ knowledge or consent. At this point, it’s unclear whether the uproar over Cambridge Analytica will lead to new legislation or government regulations but in my circles, I have noticed a significant exodus of companies and users.

Before you make the jump to delete your account.  Download a copy of your Facebook data.

The following steps should help:

  • Go to Facebook.com > Settings > General Account Settings
  • Click “Download a copy of your Facebook data.”
  • Click “Download Archive.”
  • It takes a short period of time for Facebook to generate an archive of your data.
    You will be alerted when the archive is ready.
  • Once notified of its completion, click “Download Archive”, and a zip file will download to your computer.
  • Browse through that archive by opening each file inside the folder.

In the archive, you’ll find your entire history on facebook including messages. In doing so, it’s clear how much Facebook knows about you.

 

Examples of what you will find

  • The index also contains information about every Event invite you got, every Poke and Message you’ve sent or received (even if you are not Facebook friends with the person, or if they are no longer on Facebook), any Facebook applications you installed (even if you don’t use them anymore), and any Facebook “Places” (locations) you may have created.
  • Profile section, you will find some basic information about your profile including any profile names you have had in the past, all your contact info, any pages and interests you liked, groups you joined, and any Facebook pages you are a page administrator for.
  • The Contact Info section contains all the contacts on your mobile phone.
  • The Timeline section contains all your status updates and posts from friends on your timeline. The Photos and Videos sections contain photos and videos you posted; the former also contains code about your Facial Recognition info.
  • The Friends section contains a list of all your Facebook friends along with the date you become friends. It also contains a list of friends you unfriended and when, friend requests you declined, a list of friend requests you sent that are pending being accepted, a list of people who “Follow” you by clicking the follow button on your profile, and anyone you are following.
  • There’s also a Security section tracking IP addresses, devices and browsers you logged in from with dates and timestamps.
  • The Ads section contains a list of Ad Topics you are being targeted for based on interests gleaned from Facebook pages you liked. There’s also a list of the recent ads you clicked on and any advertisers that have your contact information. You can find (and remove) additional ads and ad topics you are being targeted for by visiting: https://www.facebook.com/ads/preferences/.

 

Hyper-V, and Automatic Virtual Machine Activation in Windows Server 2016

Windows Server 2012 R2 introduced a feature called “Automatic Virtual Machine Activation” (AVMA), and now in Windows Server 2016, this feature has been carried forward. This feature was primarily designed for Web Hosters but found usefulness in internal Hyper-V server for testing lab machines.

What is Automatic Virtual Machine Activation (AVMA)?

Automatic Virtual Machine Activation is a feature that handles the activation process for an instance of Windows Server inside a Hyper-V virtual machine so it does not need to directly contact any other system to activate the Windows Server instance.

AVMA is engineered to digitally facilitate the guest virtualization rights allowance of the Windows Server Datacenter license. If the physical host is properly licensed to run Windows Server Datacenter, then any number of virtual instances running the same or a lower edition and the same or earlier version of Windows Server is included.

Requirements for Automatic Virtual Machine Activation?

You must have a Datacenter Edition of Windows Server 2012 R2 or Windows 2016 installed as the management operating system with the Hyper-V role enabled. AVMA is a feature of the operating system, not Hyper-V itself.

How to Configure a Virtual Machine for AVMA?

When prompted for a license key, you simply give it the key that matches the operating system of the virtual machine.

Guest Operating System’s and Keys

Windows Server 2012 R2 Essentials
K2XGM-NMBT3-2R6Q8-WF2FK-P36R2

Windows Server 2012 R2 Standard
DBGBW-NPF86-BJVTX-K3WKJ-MTB6V

Windows Server 2012 R2 Datacenter
Y4TGP-NPTV9-HTC2H-7MGQ3-DV4TW

Windows Server 2016 Essentials
B4YNW-62DX9-W8V6M-82649-MHBKQ

Windows Server 2016 Standard
C3RCX-M6NRP-6CXC9-TW2F2-4RHYD

Windows Server 2016 Datacenter
TMJ3Y-NTRTM-FJYXT-T22BY-CWG3J

These keys will be accepted by any operating system but if AVMA is not detected they will move into an unlicensed mode.

Ref: https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/dn303421(v=ws.11)

 

Windows Server 2016 Core: Active Directory Domain Services

To lower my memory footprint in my home lab I decided to move from into Windows Server 2016 Core.  That said running Active Directory Domain Service seems to be the perfect candidate to start with my new architectured lab environment.

There are several prerequisites required for enabling ADDS, but I am not going to get into those here as if your reading this, there is a good chance you already know what those are.

We will be installing what is commonly referred to as a new forest/domain.

Step 1: Validate your hostname, IP address, and DNS settings

  1. Log into the console of your Windows Server 2016 Core System
    You need to log in as an administrator and should arrive at a command prompt
  2. Enter the command Sconfig and press enter
    The Server Configuration tool interface should be displayed
  3. Use the setting options to validate your host’s configuration

 

Step 2:  Installing Domain Services 

  1. From the Windows Server 2016 Core command prompt type: powershell then press enter.
    This will change your shell mode to PowerShell allowing you to use additional commands.
  2. Type Install-WindowsFeature AD-Domain-Services -IncludeManagementTools
    This will install the ADDS roles on the Windows Server 2016 Core System
  3. When completed type: Install-ADDSForest -DomainName yourdomain.tld
    Here is where you choose the name of your domain to be installed.
  4. You will be required to provide a recovery password, please enter one and take note of it
  5. Next, you will be asked to confirm the pending changes and allow the server host to be restarted
    Click yes to continue
  6. Your server will be restarted and return as a Domain Controller

 

Step 3: Validate DC Services

  1. From the Windows Server 2016 Core command prompt type: powershell then press enter.
    This will change your shell mode to PowerShell allowing you to use additional commands.
  2. Issue the following command line: Get-Service adws,kdc,netlogon,dns
    This will return details on the installed services 
  3. Issue the command Get-SmbShare
    This returns details about available shares, specifically the systvol and netlogon shares
  4. Use the get-eventlog command to review logs
    Example: get-eventlog “Directory Service” | select entrytype, source, eventid, message

 

Windows Server 2016 Core: Apply Windows Updates, with SCONFIG

In my previous post ‘Windows Server 2016 Core Configuration, with SCONFIG‘ I stepped through how to use the sconfig tool to modify settings on Windows Server 2016 Core.  In this post, I will introduce you to how to go about running Windows Updates and applying them to your server.

Here are the steps I used:

  1. Log into the console of your Windows Server 2016 Core System
    You need to log in as an administrator and should arrive at a command prompt
  2. Enter the command Sconfig and press enter
    The Server Configuration tool interface should be displayed
  3. Select 6 from the Server Configuration List
    This opens the Windows update software, allowing you to search for updatable software
  4. Select from the list of results the software update that you would like to download and install.
    You can choose a single update or update them all
  5. Depending on the update you may be required to reboot your system, select yes to restart

That’s it – Congrats you have updated your Windows Server 2016 Core Server