Receiver for Mac – Error: “Cannot connect to server” when custom disclaimer is configured

When custom disclaimer is added to the SCRIPT.JS file in C:inetpubwwwrootCitrixStoreWebCustom , Receiver for Mac breaks with the message ” Cannot Connect to Server. Please check your network and try again“.

Windows devices are not affected.

Related:

Windows 10 Migration: Best Practices for Making a User’s First Impression Great

EMC logo


First impressions count!

This is the third in a series of blog posts looking at the enhancements and issues that our customers will experience when migrating data and applications to Windows 10, a process which is truly a transformation, a move to modern IT management. I’ll provide best practices to overcome respective challenges and also suggest a means to making a user’s first impression of Windows great.

The Very First Impression on the Windows 10 User: Shorter Boot up Time with SSD

Little things count with first impressions and there are good ones with Windows 10, beginning with the moment the user turns on his or her device. The speed of boot up time is remarkably shorter due to the dramatic improvements Microsoft has employed to make Windows 10 run fast with Solid-state Drive (SSD). Solid-state drives are also much more reliable, meaning less downtime due to failures.

The next set of favourable impressions rely on ensuring all the user’s data and applications have been migrated to the new device. This sounds simple, but in practice the latter is proving to be the more difficult challenge although there is much commonality between the two.

Migrating Data to Windows 10: EFSS and OD4B

Most organisations are moving to an Enterprise File Synch and Share (EFSS) solution such as OneDrive for Business (OD4B) and looking to use it as part of the migration process. In theory, EFSS makes it easy for the user and less work for the migration team. The user logs in on their new device, configures the synch client and the data starts to replicate. The difficulty arises from the volume of data that we each store today and this will define the time to complete the synchronisation.

All organisations have pockets of low bandwidth and even in well-connected offices, volume rollouts can put pressure on the links when the number of users simultaneously synchronising, reduces the available bandwidth.

OD4B addresses the low bandwidth issue by allowing users to partially synchronise their data with the local machine but they need to be educated to use this capability carefully.

Synchronised files are available offline but those that are yet to be synchronised can only be accessed when the user is online. Partial synchronisation offers the benefits of a reduced time to complete and less space used on the device but forces the user to connect to get a cloud-only file.

Migrating Applications to Windows 10: Configuration Manager

Applications are a tougher challenge to migrate and it will depend on whether you have chosen to Shift Left or Right as to how you address this. Broadly speaking, the challenges are the same, but the toolsets are different. Most of our customers are still using a tool such as Configuration Manager (ConfigMgr) to build their devices. I will talk about the differences seen with UEM toolsets such as Intune and Workspace One in the following section.

In most current systems, the device is builtby a Task Sequence and brought under ConfigMgr management. So far, so good, but how do we ensure we have all the user’s applications on the device ready for them?

To address this question, we first need to know:

  1. Which applications are in our estate today?
  2. Which of those applications are authorised to be in our estate?
  3. Of the authorised applications, which versions are Windows 10 compatible?
  4. Do we have a package containing our Windows 10 compatible version of each authorised application ready for distribution?

Answering these questions affirmatively means we now have a library of applications ready for our users, but one question remains, and this is often the challenge for customers – which application is used by whom?

Applications Installed Manually versus Technician or ConfigMgr

Whether applications are installed manually by a technician or an automated process using ConfigMgr collections, it is only possible to know that the job is done, if you truly understand what the task called for. Furthermore, it needs to be an accurate list provided ahead of the deployment rather than asking the user two days before the anticipated device handover. This is because the list of required applications needs to be cross-checked with the answer to Question 4 above.

If we have this list, the best way to make this work is to code the detail into ConfigMgr and use it to deploy applications to a specific device.

Whilst it is possible to target application deployment to the user, rather than the device, this would mean that the applications are deployed once the user logs on for the first time which is the type of experience we are hoping to avoid.

Targeting the device however, means we need to make the device user specific from the moment that it is first built. It is a workable approach when deploying in small quantities. For volume deployments, it is likely that the additional time for the deployment engineer/tech bar staff searching for the specific device for that user, will rival that of the user deploying their own applications.

As a result, many organisations will choose to go to line of business or departmental application level rather than full user specificity to find the best balance between cost and benefit. User specific applications can be self-installed using the Software Center component in ConfigMgr. This approach means that the user can get started immediately, whilst their specific applications are installed in the background.

Dell’s Connected Configuration Service: Making a User’s First Impression of Windows 10 Great

Dell offers our Connected Configuration Service to enable customers to extend their ConfigMgr environments via a VPN into our logistics chain. This means that devices can be built using your task sequence, join your domain and applications be deployed as they would be using an onsite build facility. Once prepared, the devices are re-boxed and delivered to their new owner, using our logistics team.

Figure 1: Dell’s Connected Configuration Service

The Shift Right Approach: Impact of Unified Endpoint Management

For those that have chosen the Shift Right approach, the applications set will now be delivered via their Mobile Device Management (MDM) toolset of which the two main players are Intune and Workspace One (formerly AirWatch). The industry is moving to the terminology of Unified Endpoint Management (UEM) to denote that the toolsets have matured to allow both mobile (smartphone) and PC management by the same toolset.

Regardless of the chosen tool, applications will be targeted to the device once the device enrolment process has completed and the device has been assigned a profile in the tool. In this case, the equation used for data can be rewritten as:

As many desktop applications are of significant size and some users need many applications, the time to complete can often be measured in hours. This is where aligning the application distribution approach and user persona becomes important. In How to Modernize Your PC Management Approach, I argued that UEM tool sets were best suited for those users with the lightest on device application requirement i.e. if they rely most heavily on Software as a Service (SaaS) or web applications, this is less of an issue.

Inevitably users will still require additional locally installed applications and we would prefer to preinstall those before the user gets the device to ensure the best first impression.  If the tool is only able to distribute applications after the enrolment process has completed, but we need to deploy applications to a device before the enrolment process starts – how can we break this log jam?

The answer lies in Dell’s ability to preconfigure devices before we ship them.

Dell’s Dynamic Imaging: Making a User’s First Impression of Windows 10 Even Greater

Dell offers our customers the ability to ship devices with a customer specific build preloaded onto them; a process we call Dynamic Imaging. Dynamic Imaging applies an image to the disk and injects into that image the driver pack for that device. This process enables us to support customers who want to maintain a single image for multiple hardware variants.

Using Dynamic Imaging, customers can include common applications that apply to all users for example security tooling, Office and PDF reader applications. In the past, customers made this image very application rich to minimise the impact of installing user applications on their network. However, the image became bloated and difficult to manage. We therefore guide our customers to keep this image as lean as possible.

So how is it that we meet our target of preinstalling user applications?

Here at Dell, we regularly talk about the Dell Technologies Advantage, which is where different brands within the family come together and the result of that collaboration is a real customer benefit. In this case, our Configuration Services team have worked with the Workspace One part of VMware to bring forward a solution to the application pre-provisioning problem.

Applications, or groups of applications, that are prepared for delivery via Workspace One can be exported to a PPKG file from the tool. The tool also provides an interface to build a Unattend.xml file to allow automated on premises (AD) domain join and enrolment with Workspace One. The combination of the PPKG and the Unattend.xml file are then transferred to Dell via a secure FTP service.

Figure 2: Dell Configurations Services (Workspace One)

A Dell Configuration Services technician then boots the device, applies the Windows 10 build, drivers and the PPKG file and places the unattend.xml file on the disk. The device is then placed back into its shipping carton and delivered to its new owner.  When they receive the device, they now only need to install any applications from the Workspace One application store that they use over and above those specified in the PPKG file.

For example, the PPKG file might be department specific, but they may require two applications that no one else in their department uses. These applications can be installed by the user. Importantly though, the user can do most of their work whilst those applications are provisioned.

Dell and Your Device Deployment

Dell has industry-leading Configuration Services which can give your users the best first impression when they receive their new Windows 10 device, whether that device be delivered using ConfigMgr or UEM tools.

When these Configuration Services are combined with VMware Workspace One, the Dell Technology Advantage provides the best solution in the marketplace today to support the needs of your ultramobile users.

Figure 3: The Winning Combination – Configuration Services + Workspace One + Dell Technology Advantage

If this post has helped you formulate your best route to Windows 10, or if you have more questions, I would love to hear from you.

You may be interested in these other blogs:

Windows 10 Migration: Should You Shift Left, or Right?
How to Modernize Your PC Management Approach

The post Windows 10 Migration: Best Practices for Making a User’s First Impression Great appeared first on InFocus Blog | Dell EMC Services.


Update your feed preferences


   

   


   


   

submit to reddit
   

Related:

  • No Related Posts

3976631: What determines the Status of the Filter in the IDM PassSync

To show the proper status, the IDM PassSync interface does a remote registry read from the machine where the driver runs. The registry read and other actions are done based on the rights of the logged in person doing the actions in the IDM PassSync interface. Always make sure that the person checking the IDM PassSync interface in Control panel is logged into the server with Domain Admin rights.

It does the following checks:

1 – The remote registry read is done to the key HKLMSYSTEMCurrentControlSetControlLsa. It does a query of the value “Notification Packages”. The query looks for the text “PWFILTER”. If it is not there, or if the logged in user does not have rights to the remote registry, IDM shows the filter as “Not Installed”. Once it is detected, it changes to Installed-Needs Reboot. The server must be rebooted at this point because changes to the Lsa key are only read at startup.

– Note: If after a reboot of the system, the filter still shows as Installed-Needs Reboot but PWFILTER exists, then there may be a rights issue to the registry key. Grant both the Authentication ID user (from the AD driver properties) and the user logged into the server, supervisor rights to the HKLMSOFTWARENOVELLPwFilter key and it’s sub keys (the Data key). Also, the user logged into the system must have file access rights to the system32 directory to copy in the files (pwfilter.dll and psevent.dll). Finally, if it seems like it is stuck on Installed-Needs Reboot, then reboot the system, remove the filter in the Control Panel applet, then reboot again. It should change to Not Installed. Then add it back in the Control Panel applet to where it says Installed-Needs Reboot. Then do a final reboot of the system.

2 – If PWFILTER is there and the proper rights exist, the Password Sync agent looks for a “Host Names” entry in the HKLMSOFTWARENOVELLPwFilter key. If it is missing or is pointing to an incorrect host name (or sometimes if it has multiple host names), it will show the status”Installed”. DNS problems with the entry may also cause the status to show “Installed”.

3 – When you either install the remote loader locally on the domain controller, or install the password filter with the Password Sync Applet, the install should also copy a PWFILTER.DLL over to the <windir>system32 directory. Sometimes the remote push fails to copy over the pwfilter.dll to system32. This is normally due to a lack of rights of the person logged in that is running the applet. Verify that the PWFILTER.DLL and PSEVENT.DLL are in the <windir>system32 directory. If not, copy them over from the C:NovellIDM_PassSyncw32 or w64 directory on the remote loader server to the <windir>system32 directory on the domain controller that is in a Installed-Needs Reboot state.

4 – If the PWFILTER.DLL file on a Domain controller is older than the PWFILTER.DLL file on the system running the remote loader, the status will be “Outdated” Please update all the Domain Controllers with the latest PWFILTER.DLL. After doing this make sure that the updated Domain Controllers have been rebooted.
5 – A status of “Unknown” will show up if the registry in the Domain Controller cannot be accessed or updated. Clicking on the “Properties” tab for that Filter will give a message Access is denied. Several things can cause this. Under Services of the Domain Controller, the “Remote Registry” service must be started. Another reason is where the user logged into the Remote Loader machine running the PassSync applet does not have rights to read or modify the registry on the other Domain Controller.

6 – If the “Host Names” entry is correct, and the pwfilter.dll file is in place, the status will change to “Running”.

– Note: If you choose to remove the filter in the Password Sync Applet, you must reboot the server where the filter was removed. This is so that the server will correctly clean up the PWFILTER entry in the Notification Packages line of the Lsa key. If a filter has been removed and re-added, always to a reboot of the server to make sure that any run-once commands are cleared out.

– Note: If the filter seems to be stuck in an “Installed – Needs Reboot” state and all the above settings seem to be correct, or if you are receiving a RPC error 0x00000005 error in the [PWD] remote loader trace, check to see if the following registry settings exist: “HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindows NTRpc” RestrictRemoteClients”=dword:00000001 and/or EnableAuthEpResolution”=dword:00000001. With these registry settings in place RPC is restricted and will cause the filters to be stuck in a Needs Reboot state. Disable or delete these registry settings.
This registry entry may also be 2 rather than one depending on how it was set. To change it without going into the registry, go into Group Policy Editory (gpedit.msc) and choose Computer Configuration, Administrative Templates, System, Remote Proceedure Settings. There is an option there called “Restrictions for Unathenticated RPC clients”. If the option is set to Enabled, Pwfilter will not work.

Note: If you receive a, Error reading registry (5), or An error was encountered while querying for the status of the filter. (5) Access is denied, error when trying to install the password sync filter, then when you launch the Identity Manager PassSync sync control applet, right click and make sure you Run as Administrator, when launching it. Additionally, make sure the following registry settings are correct.

– In HKLMSoftwareNovellPassSync is a REG_DWORD value named ‘DriverMachine’ with number 0 in it. On the server running thedriver (engine or RL server) this value should be 1.

– In HKLMSoftwareNovellPassSyncData is a REG_MULTI_SZ value named’Domains’ with the name of the domain with password synchronizationenabled in DNS format. For example ‘novell.com’ (withoutquotation marks).

– In HKLMSoftwareNovellPwFilter is a REG_MULTI_SZ value named’Host Names’ (without quotation marks). The DNS name of theserver running the driver should be entered in here. Forexample, ‘domaincontroller0.novell.com’ (without quotationmarks)

Finally, there is a new PassSync troubleshooting tool available to generate logs showing more detail. This utility started shipping with IDM 4.5 and is found on the IDM 4.5 ISO under products/IDM/windows/setup/utilities/PassSyncTroubleshootingTool

Related:

Running xiv_devlist on two different systems generate different output

I’m running the following command:
“xiv_devlist.exe -t xml -o all”
On two different windows hosts,
one of them returns the “serial” field in a different format then it is represented in the XIV storage.
For example:
I get in the host the following output:
7802FD43CD5
and on the storage I see the corresponding diskID in a different format:
diskID”>001738002FD43CD5

Related:

Watson text to speach not giving option for mp3 output

I am trying to convert some text to Mp3 format audio using IBM Watson text to speech API. Release of api also mentions that it is supported .But audio format does not have option for mp3.

![alt text][1]

[1]: /answers/storage/temp/16201-untitled.png

Please suggest right syntax.

Related:

Event ID 5050 — Firewall Service API

Event ID 5050 — Firewall Service API

Updated: January 9, 2008

Applies To: Windows Server 2008

Windows can detect when an application attempts to use an obsolete application programming interface (API) to disable the firewall.

When appropriate auditing events are enabled (http://go.microsoft.com/fwlink/?linkid=92666), Windows reports when applications attempt to use obsolete API calls.

Event Details

Product: Windows Operating System
ID: 5050
Source: Microsoft-Windows-Security-Auditing
Version: 6.0
Symbolic Name: SE_AUDITID_ETW_MPSFIREWALL_CALL_UNSUPPORTED
Message: An attempt to programmatically disable the Windows Firewall using a call to INetFwProfile.FirewallEnabled(FALSE) interface was rejected because this API is not supported on Windows Vista. This has most likely occurred due to a program which is incompatible with Windows Vista. Please contact the program’s manufacturer to make sure you have a Windows Vista compatible program version.Error Code:%t%tE_NOTIMPLCaller Process Name:%t%t%1Process Id:%t%t%2Publisher:%t%t%3

Resolve
Notify application vendor of incompatibility with Windows Firewall

In Windows Vista and Windows Server 2008, some Windows Firewall application programming interface (API) calls, such as one used to programmatically disable Windows Firewall, have been removed from the operating system for security reasons. Because these APIs are not supported, the firewall service logs an event whenever an application attempts to use them, and then ends the call with a failure code. This might cause the application to fail at runtime.

Check with your application vendor to see if a newer version of the application that is compatible with Windows Vista or Windows Server 2008 is available.

Verify

Contact your vendor for the latest version of the application and ensure that it is compatible with Windows Vista or Windows Server 2008. Applications made for earlier versions of Windows might use application programming interface (API) calls that are no longer supported for security reasons.

Related Management Information

Firewall Service API

Windows Firewall with Advanced Security

Related:

Event ID 5020 — Miniport Driver Not Supported

Event ID 5020 — Miniport Driver Not Supported

Updated: April 17, 2008

Applies To: Windows Server 2008

Obsolete drivers are not supported in the versions of the Windows operating systems released after Windows XP.

Event Details

Product: Windows Operating System
ID: 5020
Source: E100B
Version: 6.0
Symbolic Name: EVENT_NDIS_INVALID_DOWNLOAD_FILE_ERROR
Message: %2 : The download file is invalid. The driver is unable to load.

Resolve
Update network adapter driver

The driver will not load because it is not supported by Windows operating systems released after Windows XP. Contact the hardware vendor for a driver that corresponds to the version of the Windows operating system you are using.

After you have obtained a new driver from the hardware vendor, use Device Manager to update the driver.

To perform this procedure, you must have membership in Administrators, or you must have been delegated the appropriate authority.

To use Device Manager to update the network adapter driver:

  1. Click Start, type devmgmt.msc in Start Search, and then press ENTER.
  2. Expand Network Adapters.
  3. Right-click the network adapter, and then click Update Driver Software.
  4. Follow the steps in the Update Driver wizard.

Verify

To perform this procedure, you must have membership in Administrators, or you must have been delegated the appropriate authority.

To use Device Manager to view the status of network adapters:

  1. Click Start, type devmgmt.msc in Start Search, and then press ENTER.
  2. Click Network adapters in the Device Manager tree, and then verify that the network adapter is present.
  3. Right-click the network adapter, and then click Properties.
  4. Device Status should indicate This device is working properly.

Related Management Information

Miniport Driver Not Supported

Networking

Related:

Event ID 5018 — Miniport Driver Not Supported

Event ID 5018 — Miniport Driver Not Supported

Updated: January 7, 2009

Applies To: Windows Server 2008 R2

Obsolete drivers are not supported in the versions of the Windows operating systems released after Windows XP.

Event Details

Product: Windows Operating System
ID: 5018
Source: E100B
Version: 6.1
Symbolic Name: EVENT_NDIS_INTERRUPT_CONFLICT
Message: %2 : There is an interrupt conflict at Interrupt %3.

Resolve
Update network adapter driver

The driver will not load because it is not supported by Windows operating systems released after Windows XP. Contact the hardware vendor for a driver that corresponds to the version of the Windows operating system you are using.

After you have obtained a new driver from the hardware vendor, use Device Manager to update the driver.

To perform this procedure, you must have membership in Administrators, or you must have been delegated the appropriate authority.

To use Device Manager to update the network adapter driver:

  1. Click Start, type devmgmt.msc in Start Search, and then press ENTER.
  2. Expand Network Adapters.
  3. Right-click the network adapter, and then click Update Driver Software.
  4. Follow the steps in the Update Driver wizard.

Verify

To perform this procedure, you must have membership in Administrators, or you must have been delegated the appropriate authority.

To use Device Manager to view the status of network adapters:

  1. Click Start, type devmgmt.msc in Start Search, and then press ENTER.
  2. Click Network adapters in the Device Manager tree, and then verify that the network adapter is present.
  3. Right-click the network adapter, and then click Properties.
  4. Device Status should indicate This device is working properly.

Related Management Information

Miniport Driver Not Supported

Networking

Related:

Event ID 5014 — Network Adapter Driver Not Supported

Event ID 5014 — Network Adapter Driver Not Supported

Updated: January 7, 2009

Applies To: Windows Server 2008 R2

Obsolete drivers are not supported in the versions of the Windows operating systems released after Windows 2000.

Event Details

Product: Windows Operating System
ID: 5014
Source: E100B
Version: 6.1
Symbolic Name: EVENT_NDIS_ADAPTER_DISABLED
Message: %2 : The driver cannot open the network adapter because it is disabled.

Resolve
Update the network adapter driver

The driver will not load because it is not supported by versions of the Windows operating system released after Windows 2000. Contact the hardware vendor for a driver that corresponds to the version of Windows you are using.

After you have obtained a new driver from the hardware vendor, use Device Manager to update the driver.

To perform this procedure, you must have membership in Administrators, or you must have been delegated the appropriate authority.

To use Device Manager to update the network adapter driver:

  1. Click Start, type devmgmt.msc in Start Search, and then press ENTER.
  2. Expand Network Adapters.
  3. Right-click the network adapter, and then click Update Driver Software.
  4. Follow the steps in the Update Driver wizard.

Verify

To perform this procedure, you must have membership in Administrators, or you must have been delegated the appropriate authority.

To use Device Manager to view the status of network adapters:

  1. Click Start, type devmgmt.msc in Start Search, and then press ENTER.
  2. Click Network adapters in the Device Manager tree, and then verify that the network adapter is present.
  3. Right-click the network adapter, and then click Properties.
  4. Device Status should indicate This device is working properly.

Related Management Information

Network Adapter Driver Not Supported

Networking

Related: