Microsoft released a new tool for analyzing and comparing sets of Group Policy Objects (GPOs). The tool is is deliverd in a .zip file and requires no installation.
A short guide for troubleshooting Windows Update Agent:
1. Download and execute//install “System Update Readiness Tool (CheckSur)” from https://support.microsoft.com/en-us/kb/947821.
Check the following log for errors C:WindowsLogsCBSCheckSUR.log
2. For any updates that could not be repaired by CheckSur, download the msu-package manually from Microsoft Catalog, http://catalog.update.microsoft.com/v7/site/Home.aspx or from Microsoft Download Center, http://www.microsoft.com/download
3. Create the folder C:WindowsCheckSurpackages if it doesnt already exists and move the downloaded updates there.
4. Execute “System Update Readiness Tool (CheckSur)” again.
5. Install updates from Windows Update.
MDT creates a partition named BDEDrive when it installs Windows OS. This drive is used with Bitlocker to boot the OS. If Bitlocker never will be used the BDEDrive can be removed using the following procedure:
1. Start an elevated command promt and execute the following command to copy startup files to the C-drive:
bcdboot C:Windows /s C:
2. Set partition C: as active:
select disk 0
select part 1
3. Reboot the computer:
shutdown -r -t 0
4. Delete the BCD Drive:
select disk 0
select part 2
There is a more indepth explanation at the following site:
Microsoft released KB2871997 to address the “Pass the hash” vulnerability, but according to the following blog post pass the hash is still possible using the local Administrator account (SID 500):
We are seeing the following errormessage in the systemlog on servers that has the SNMP features activated:
Log Name: System
Date: 2012-08-16 03:05:19
Event ID: 1500
Task Category: None
Description: The SNMP Service encountered an error while accessing the registry key SYSTEMCurrentControlSetServicesSNMPParametersTrapConfiguration.
The solution (acatually a workaround) is to create the registry key mentioned above as it is missing. More information can be found in Microsoft KB Article 2002303, http://support.microsoft.com/kb/2002303
I was looking for a way to find service accounts using PowerShell and found the following post on the “Hey, Scripting Guy! Blog”:
To summarize, you can use the Get-WmiObject cmdlet to retrieve information about service accounts as in the following example:
Get-WmiObject win32_service | format-table Name, StartName