When custom disclaimer is added to the SCRIPT.JS file in C:inetpubwwwrootCitrixStoreWebCustom , Receiver for Mac breaks with the message ” Cannot Connect to Server. Please check your network and try again“.
Windows devices are not affected.
When custom disclaimer is added to the SCRIPT.JS file in C:inetpubwwwrootCitrixStoreWebCustom , Receiver for Mac breaks with the message ” Cannot Connect to Server. Please check your network and try again“.
Windows devices are not affected.
First impressions count!
The Very First Impression on the Windows 10 User: Shorter Boot up Time with SSDLittle things count with first impressions and there are good ones with Windows 10, beginning with the moment the user turns on his or her device. The speed of boot up time is remarkably shorter due to the dramatic improvements Microsoft has employed to make Windows 10 run fast with Solid-state Drive (SSD). Solid-state drives are also much more reliable, meaning less downtime due to failures. The next set of favourable impressions rely on ensuring all the user’s data and applications have been migrated to the new device. This sounds simple, but in practice the latter is proving to be the more difficult challenge although there is much commonality between the two. Migrating Data to Windows 10: EFSS and OD4BMost organisations are moving to an Enterprise File Synch and Share (EFSS) solution such as OneDrive for Business (OD4B) and looking to use it as part of the migration process. In theory, EFSS makes it easy for the user and less work for the migration team. The user logs in on their new device, configures the synch client and the data starts to replicate. The difficulty arises from the volume of data that we each store today and this will define the time to complete the synchronisation.
Synchronised files are available offline but those that are yet to be synchronised can only be accessed when the user is online. Partial synchronisation offers the benefits of a reduced time to complete and less space used on the device but forces the user to connect to get a cloud-only file. Migrating Applications to Windows 10: Configuration ManagerApplications are a tougher challenge to migrate and it will depend on whether you have chosen to Shift Left or Right as to how you address this. Broadly speaking, the challenges are the same, but the toolsets are different. Most of our customers are still using a tool such as Configuration Manager (ConfigMgr) to build their devices. I will talk about the differences seen with UEM toolsets such as Intune and Workspace One in the following section. In most current systems, the device is builtby a Task Sequence and brought under ConfigMgr management. So far, so good, but how do we ensure we have all the user’s applications on the device ready for them? To address this question, we first need to know:
Answering these questions affirmatively means we now have a library of applications ready for our users, but one question remains, and this is often the challenge for customers – which application is used by whom? Applications Installed Manually versus Technician or ConfigMgrWhether applications are installed manually by a technician or an automated process using ConfigMgr collections, it is only possible to know that the job is done, if you truly understand what the task called for. Furthermore, it needs to be an accurate list provided ahead of the deployment rather than asking the user two days before the anticipated device handover. This is because the list of required applications needs to be cross-checked with the answer to Question 4 above. If we have this list, the best way to make this work is to code the detail into ConfigMgr and use it to deploy applications to a specific device.
Targeting the device however, means we need to make the device user specific from the moment that it is first built. It is a workable approach when deploying in small quantities. For volume deployments, it is likely that the additional time for the deployment engineer/tech bar staff searching for the specific device for that user, will rival that of the user deploying their own applications. As a result, many organisations will choose to go to line of business or departmental application level rather than full user specificity to find the best balance between cost and benefit. User specific applications can be self-installed using the Software Center component in ConfigMgr. This approach means that the user can get started immediately, whilst their specific applications are installed in the background. Dell’s Connected Configuration Service: Making a User’s First Impression of Windows 10 GreatDell offers our Connected Configuration Service to enable customers to extend their ConfigMgr environments via a VPN into our logistics chain. This means that devices can be built using your task sequence, join your domain and applications be deployed as they would be using an onsite build facility. Once prepared, the devices are re-boxed and delivered to their new owner, using our logistics team. ![]() Figure 1: Dell’s Connected Configuration Service The Shift Right Approach: Impact of Unified Endpoint ManagementFor those that have chosen the Shift Right approach, the applications set will now be delivered via their Mobile Device Management (MDM) toolset of which the two main players are Intune and Workspace One (formerly AirWatch). The industry is moving to the terminology of Unified Endpoint Management (UEM) to denote that the toolsets have matured to allow both mobile (smartphone) and PC management by the same toolset. Regardless of the chosen tool, applications will be targeted to the device once the device enrolment process has completed and the device has been assigned a profile in the tool. In this case, the equation used for data can be rewritten as: As many desktop applications are of significant size and some users need many applications, the time to complete can often be measured in hours. This is where aligning the application distribution approach and user persona becomes important. In How to Modernize Your PC Management Approach, I argued that UEM tool sets were best suited for those users with the lightest on device application requirement i.e. if they rely most heavily on Software as a Service (SaaS) or web applications, this is less of an issue. Inevitably users will still require additional locally installed applications and we would prefer to preinstall those before the user gets the device to ensure the best first impression. If the tool is only able to distribute applications after the enrolment process has completed, but we need to deploy applications to a device before the enrolment process starts – how can we break this log jam? The answer lies in Dell’s ability to preconfigure devices before we ship them. Dell’s Dynamic Imaging: Making a User’s First Impression of Windows 10 Even GreaterDell offers our customers the ability to ship devices with a customer specific build preloaded onto them; a process we call Dynamic Imaging. Dynamic Imaging applies an image to the disk and injects into that image the driver pack for that device. This process enables us to support customers who want to maintain a single image for multiple hardware variants. Using Dynamic Imaging, customers can include common applications that apply to all users for example security tooling, Office and PDF reader applications. In the past, customers made this image very application rich to minimise the impact of installing user applications on their network. However, the image became bloated and difficult to manage. We therefore guide our customers to keep this image as lean as possible. So how is it that we meet our target of preinstalling user applications? Here at Dell, we regularly talk about the Dell Technologies Advantage, which is where different brands within the family come together and the result of that collaboration is a real customer benefit. In this case, our Configuration Services team have worked with the Workspace One part of VMware to bring forward a solution to the application pre-provisioning problem. Applications, or groups of applications, that are prepared for delivery via Workspace One can be exported to a PPKG file from the tool. The tool also provides an interface to build a Unattend.xml file to allow automated on premises (AD) domain join and enrolment with Workspace One. The combination of the PPKG and the Unattend.xml file are then transferred to Dell via a secure FTP service. ![]() Figure 2: Dell Configurations Services (Workspace One) A Dell Configuration Services technician then boots the device, applies the Windows 10 build, drivers and the PPKG file and places the unattend.xml file on the disk. The device is then placed back into its shipping carton and delivered to its new owner. When they receive the device, they now only need to install any applications from the Workspace One application store that they use over and above those specified in the PPKG file. For example, the PPKG file might be department specific, but they may require two applications that no one else in their department uses. These applications can be installed by the user. Importantly though, the user can do most of their work whilst those applications are provisioned. Dell and Your Device DeploymentDell has industry-leading Configuration Services which can give your users the best first impression when they receive their new Windows 10 device, whether that device be delivered using ConfigMgr or UEM tools. When these Configuration Services are combined with VMware Workspace One, the Dell Technology Advantage provides the best solution in the marketplace today to support the needs of your ultramobile users. ![]() Figure 3: The Winning Combination – Configuration Services + Workspace One + Dell Technology Advantage If this post has helped you formulate your best route to Windows 10, or if you have more questions, I would love to hear from you. You may be interested in these other blogs:Windows 10 Migration: Should You Shift Left, or Right? The post Windows 10 Migration: Best Practices for Making a User’s First Impression Great appeared first on InFocus Blog | Dell EMC Services. |
|
Update your feed preferences | |
To show the proper status, the IDM PassSync interface does a remote registry read from the machine where the driver runs. The registry read and other actions are done based on the rights of the logged in person doing the actions in the IDM PassSync interface. Always make sure that the person checking the IDM PassSync interface in Control panel is logged into the server with Domain Admin rights.
It does the following checks:
1 – The remote registry read is done to the key HKLMSYSTEMCurrentControlSetControlLsa. It does a query of the value “Notification Packages”. The query looks for the text “PWFILTER”. If it is not there, or if the logged in user does not have rights to the remote registry, IDM shows the filter as “Not Installed”. Once it is detected, it changes to Installed-Needs Reboot. The server must be rebooted at this point because changes to the Lsa key are only read at startup.
– Note: If after a reboot of the system, the filter still shows as Installed-Needs Reboot but PWFILTER exists, then there may be a rights issue to the registry key. Grant both the Authentication ID user (from the AD driver properties) and the user logged into the server, supervisor rights to the HKLMSOFTWARENOVELLPwFilter key and it’s sub keys (the Data key). Also, the user logged into the system must have file access rights to the system32 directory to copy in the files (pwfilter.dll and psevent.dll). Finally, if it seems like it is stuck on Installed-Needs Reboot, then reboot the system, remove the filter in the Control Panel applet, then reboot again. It should change to Not Installed. Then add it back in the Control Panel applet to where it says Installed-Needs Reboot. Then do a final reboot of the system.
2 – If PWFILTER is there and the proper rights exist, the Password Sync agent looks for a “Host Names” entry in the HKLMSOFTWARENOVELLPwFilter key. If it is missing or is pointing to an incorrect host name (or sometimes if it has multiple host names), it will show the status”Installed”. DNS problems with the entry may also cause the status to show “Installed”.
6 – If the “Host Names” entry is correct, and the pwfilter.dll file is in place, the status will change to “Running”.
– Note: If you choose to remove the filter in the Password Sync Applet, you must reboot the server where the filter was removed. This is so that the server will correctly clean up the PWFILTER entry in the Notification Packages line of the Lsa key. If a filter has been removed and re-added, always to a reboot of the server to make sure that any run-once commands are cleared out.
Note: If you receive a, Error reading registry (5), or An error was encountered while querying for the status of the filter. (5) Access is denied, error when trying to install the password sync filter, then when you launch the Identity Manager PassSync sync control applet, right click and make sure you Run as Administrator, when launching it. Additionally, make sure the following registry settings are correct.
– In HKLMSoftwareNovellPassSync is a REG_DWORD value named ‘DriverMachine’ with number 0 in it. On the server running thedriver (engine or RL server) this value should be 1.
– In HKLMSoftwareNovellPwFilter is a REG_MULTI_SZ value named’Host Names’ (without quotation marks). The DNS name of theserver running the driver should be entered in here. Forexample, ‘domaincontroller0.novell.com’ (without quotationmarks)
![alt text][1]
[1]: /answers/storage/temp/16201-untitled.png
Please suggest right syntax.
Event ID 5137 — IIS Protocol Adapter Availability
Updated: March 24, 2009
Applies To: Windows Server 2008 R2
An Internet Information Services (IIS) Web server responds to requests on a given protocol by using a listener adapter. The protocol-specific listener adapter communicates with the Windows Process Activation Service (WAS) by means of a protocol adapter. If an error occurs when WAS communicates with the listener adapter through the protocol adapter, the Web server may be unable to respond to requests on the given protocol.
Event Details
Product: | Internet Information Services |
ID: | 5137 |
Source: | Microsoft-Windows-WAS |
Version: | 7.5 |
Symbolic Name: | WAS_EVENT_REQUEST_QUEUE_FAILED_TO_START |
Message: | A worker process ‘%2’ serving application pool ‘%1’ failed to start a listener channel for protocol ‘%4’ in the allotted time. The data field contains the error number. |
Resolve
Stop and restart the application pool
Application pools occasionally need to be restarted in order to return to normal operation. Because application pools depend on the Windows Process Activation Service (WAS), you may have to restart WAS. If you restart WAS, you may also have to restart the World Wide Web Publishing Service (W3SVC), which depends on WAS.
To perform these procedures, you must have membership in Administrators, or you must have been delegated the appropriate authority.
Stop and start the application pool
To stop and start the application pool:
Stop or restart WAS
To stop or restart WAS:
Start the W3SVC
To start the W3SVC:
Verify
You can use an Internet browser to verify that a protocol adapter is functional by following these steps:
Note: If the protocol adapter is from a third party, refer to the documentation for the adapter. The documentation may have specific steps that explain how to verify the state of the service or process that hosts the protocol adapter.
Related Management Information
IIS Protocol Adapter Availability
Internet Information Services (IIS) 7.5
Event ID 5050 — Firewall Service API
Updated: January 9, 2008
Applies To: Windows Server 2008
Windows can detect when an application attempts to use an obsolete application programming interface (API) to disable the firewall.
When appropriate auditing events are enabled (http://go.microsoft.com/fwlink/?linkid=92666), Windows reports when applications attempt to use obsolete API calls.
Event Details
Product: | Windows Operating System |
ID: | 5050 |
Source: | Microsoft-Windows-Security-Auditing |
Version: | 6.0 |
Symbolic Name: | SE_AUDITID_ETW_MPSFIREWALL_CALL_UNSUPPORTED |
Message: | An attempt to programmatically disable the Windows Firewall using a call to INetFwProfile.FirewallEnabled(FALSE) interface was rejected because this API is not supported on Windows Vista. This has most likely occurred due to a program which is incompatible with Windows Vista. Please contact the program’s manufacturer to make sure you have a Windows Vista compatible program version.Error Code:%t%tE_NOTIMPLCaller Process Name:%t%t%1Process Id:%t%t%2Publisher:%t%t%3 |
Resolve
Notify application vendor of incompatibility with Windows Firewall
In Windows Vista and Windows Server 2008, some Windows Firewall application programming interface (API) calls, such as one used to programmatically disable Windows Firewall, have been removed from the operating system for security reasons. Because these APIs are not supported, the firewall service logs an event whenever an application attempts to use them, and then ends the call with a failure code. This might cause the application to fail at runtime.
Check with your application vendor to see if a newer version of the application that is compatible with Windows Vista or Windows Server 2008 is available.
Verify
Contact your vendor for the latest version of the application and ensure that it is compatible with Windows Vista or Windows Server 2008. Applications made for earlier versions of Windows might use application programming interface (API) calls that are no longer supported for security reasons.
Related Management Information
Windows Firewall with Advanced Security
Event ID 5020 — Miniport Driver Not Supported
Updated: April 17, 2008
Applies To: Windows Server 2008
Obsolete drivers are not supported in the versions of the Windows operating systems released after Windows XP.
Event Details
Product: | Windows Operating System |
ID: | 5020 |
Source: | E100B |
Version: | 6.0 |
Symbolic Name: | EVENT_NDIS_INVALID_DOWNLOAD_FILE_ERROR |
Message: | %2 : The download file is invalid. The driver is unable to load. |
Resolve
Update network adapter driver
The driver will not load because it is not supported by Windows operating systems released after Windows XP. Contact the hardware vendor for a driver that corresponds to the version of the Windows operating system you are using.
After you have obtained a new driver from the hardware vendor, use Device Manager to update the driver.
To perform this procedure, you must have membership in Administrators, or you must have been delegated the appropriate authority.
To use Device Manager to update the network adapter driver:
Verify
To perform this procedure, you must have membership in Administrators, or you must have been delegated the appropriate authority.
To use Device Manager to view the status of network adapters:
Related Management Information
Event ID 5018 — Miniport Driver Not Supported
Updated: January 7, 2009
Applies To: Windows Server 2008 R2
Obsolete drivers are not supported in the versions of the Windows operating systems released after Windows XP.
Event Details
Product: | Windows Operating System |
ID: | 5018 |
Source: | E100B |
Version: | 6.1 |
Symbolic Name: | EVENT_NDIS_INTERRUPT_CONFLICT |
Message: | %2 : There is an interrupt conflict at Interrupt %3. |
Resolve
Update network adapter driver
The driver will not load because it is not supported by Windows operating systems released after Windows XP. Contact the hardware vendor for a driver that corresponds to the version of the Windows operating system you are using.
After you have obtained a new driver from the hardware vendor, use Device Manager to update the driver.
To perform this procedure, you must have membership in Administrators, or you must have been delegated the appropriate authority.
To use Device Manager to update the network adapter driver:
Verify
To perform this procedure, you must have membership in Administrators, or you must have been delegated the appropriate authority.
To use Device Manager to view the status of network adapters:
Related Management Information
Event ID 5014 — Network Adapter Driver Not Supported
Updated: January 7, 2009
Applies To: Windows Server 2008 R2
Obsolete drivers are not supported in the versions of the Windows operating systems released after Windows 2000.
Event Details
Product: | Windows Operating System |
ID: | 5014 |
Source: | E100B |
Version: | 6.1 |
Symbolic Name: | EVENT_NDIS_ADAPTER_DISABLED |
Message: | %2 : The driver cannot open the network adapter because it is disabled. |
Resolve
Update the network adapter driver
The driver will not load because it is not supported by versions of the Windows operating system released after Windows 2000. Contact the hardware vendor for a driver that corresponds to the version of Windows you are using.
After you have obtained a new driver from the hardware vendor, use Device Manager to update the driver.
To perform this procedure, you must have membership in Administrators, or you must have been delegated the appropriate authority.
To use Device Manager to update the network adapter driver:
Verify
To perform this procedure, you must have membership in Administrators, or you must have been delegated the appropriate authority.
To use Device Manager to view the status of network adapters:
Related Management Information
Network Adapter Driver Not Supported