GTO455's Posts

GTO455 · ‎10-25-2018

UEM Dev, I'm afraid its still not working for me. Maybe I am missing something. To recap I have An Argument Based Privilege Escalation entry in UEM: A Shortcut in UEM: And a Bat...

UEM Dev, I'm afraid its still not working for me. Maybe I am missing something. To recap I have An Argument Based Privilege Escalation entry in UEM: A Shortcut in UEM: And a Batch File with the following content: C:\Windows\System32\sc.exe config Forwarder start= auto C:\Windows\System32\net.exe start Forwarder Is that right? After login I see the service is still set to Disabled. The only Condition Sets I have are that the file exists in the directory specified.

GTO455 · ‎10-24-2018

Hi Guys, Thanks for the replies. I am using Hash and Publisher-based Privilege Elevation in a couple of other scenarios and it works well. I never thought to try Argument-based. UEMDev, I t...

Hi Guys, Thanks for the replies. I am using Hash and Publisher-based Privilege Elevation in a couple of other scenarios and it works well. I never thought to try Argument-based. UEMDev, I tried your suggestion but it still doesnt seem to be working. Contents of startfwder.bat" sc config Forwarder start= auto net start Forwarder I can see the batch file run at login, but it appears the "SC" and "Net Start" commands within the file is generating an Access Denied error. So I tried creating another Argument based PE containing SC.exe and the arguments following the command above and that doesnt seem to be working either. Within the VM if I manually try to run the file as an ordinary user or user with Admin rights on the VM (in a CMD window-non elevated) it fails with the following: [SC] OpenService FAILED 5: Access is denied. System error 5 has occurred. Access is denied. If I elevate CMD with Admin user account on the VM and manually run the file, it runs successfully. Any other suggestions to try?

GTO455 · ‎10-23-2018

Can you please expand on this? I'm essentially trying to do the same thing as epa80; I've created a shortcut within UEM to kick off a batch file within a VDI session to change an existing serv...

Can you please expand on this? I'm essentially trying to do the same thing as epa80; I've created a shortcut within UEM to kick off a batch file within a VDI session to change an existing service from Disabled to Automatic, and then trying to start the service. However, its not working for an ordinary user, but if I log in with an account that has Admin rights to the system it works.

GTO455 · ‎10-11-2018

Hello we're using the built in UEM templates for MS Office 2016 within UEM and all apps appear to be working fine with the exception of OneNote. For some reason, the OneNote application will not ...

Hello we're using the built in UEM templates for MS Office 2016 within UEM and all apps appear to be working fine with the exception of OneNote. For some reason, the OneNote application will not retain its settings after a user logs out. We are NOT using O365, it is the full version of MS Office 2016 installed on the image. I can create a notebook, save it to My Documents (redirected) and the file is created, but after logging out and back in, OneNote fails to list the file in recently opened documents. I have added the following entries into the Import/Export settings, but they haven't seemed to help. Has anyone else run into this? HKCU\Software\Microsoft\Office\16.0\OneNote\Place MRU HKCU\Software\Microsoft\Office\16.0\OneNote\Place MRU\Change HKCU\Software\Microsoft\Office\16.0\OneNote\Options\Paths HKCU\Software\Microsoft\Office\16.0\OneNote\RecentNotebooks

GTO455 · ‎09-28-2018

When I redirected the APpData folder in my Dev environment, all sorts of weird things started happening; Desktop icons went away, folders stopped redirecting, etc. So I made the decision not to u...

When I redirected the APpData folder in my Dev environment, all sorts of weird things started happening; Desktop icons went away, folders stopped redirecting, etc. So I made the decision not to use it in Production. It is essentially a roaming profile at that point. Even the Vmware Technician suggested we not use AppData redirection in UEM.

GTO455 · ‎09-28-2018

You can open your writable within the VM it is mounted to. Just open File Explorer and type C:\SnapVolumesTemp and the writable will open up. It's just a hidden directory in Windows. You can a...

You can open your writable within the VM it is mounted to. Just open File Explorer and type C:\SnapVolumesTemp and the writable will open up. It's just a hidden directory in Windows. You can also open up your writable in 7Zip, and I find it easier to read this way. Copy the writable vmdk file (the 10GB file not the metadata file) to a different location (i.e., your local hard drive) and install 7Zip on your PC. With 7Zip installed, just right click on the vmdk file and select Open with 7Zip. Very cool! BTW- Using the LoginVSI Template in OSOT does make login times a bit slower, but at least you have a snappy Start Menu. Trade-offs I guess!

GTO455 · ‎09-26-2018

As far as a UIA+Profile, we have been told that we shouldn't use them (think roaming profiles) and to stick with the UIA only with UEM profile redirection (no AppData), which we have done. Suppos...

As far as a UIA+Profile, we have been told that we shouldn't use them (think roaming profiles) and to stick with the UIA only with UEM profile redirection (no AppData), which we have done. Supposedly, UIA+Profile can create havoc with Windows upgrades and updates. We have enough problems already, so if I can eliminate one ahead of time, I will. Also had the same problem with the Start Menu that you are having. Used this KB to fix it , but it was still flaky after the fix, (there was a significant delay when you clicked on the Start Menu before it loaded), but it worked. I finally found a thread that pointed the issue to the Windows 10 Default Template in the OSOT being the problem. I changed over to using the Login VSI template for optimization and that fixed the problem completely. No more delays and the Start Menu now loads normally. I can completely relate to your pain, you fix one thing and it creates three others. It's not even close to being consistent. Nothing but problems with App Volumes. It's killing my login times, and I have only 1 App stack and a writable loading for every user. I have a thread on here that has gone unanswered that involves a firewall command that runs during the writable mount that takes 50 seconds to run in my environment. From what I can understand from it, it runs as an elevated cmd process that; 1. Deletes the current Windows Firewall config file it (AppVol) creates (See #3), 2. Export the current firewall config, and then 3. imports the firewall config it just deleted. It does this EVERY TIME a writable loads. Whut? Why? The other problem I'm having is if delete my writable and have it recreate at login, the first and second login time is great with the new writable, and then it gets progressively worse with subsequent logins until I delete it and recreate it again. Hope this helps. Chuck

GTO455 · ‎09-22-2018

Hey Folks, I'm having an issue with app Vols and hope someone else has seen something similar and can help out. Environment ESXi 6.5 App Volumes 2.14 VMware Horizon 7.5 (Instant Clones)...

Hey Folks, I'm having an issue with app Vols and hope someone else has seen something similar and can help out. Environment ESXi 6.5 App Volumes 2.14 VMware Horizon 7.5 (Instant Clones) VMware UEM 9.4 Windows 10 Enterprise Build 1709 When we have writable volumes enabled, we're seeing excessive login times upwards of 2 minutes, and get worse with subsequent logins. First issue is that reviewing the svservices.log, it appears the enabling of the Windows Firewall by the App Vol agent takes an excessive amount of time. If I run the command from an elevated CMD prompt (within the VM after it has loaded), it takes close to 50 seconds to run, but runs successfully. This is an example of the firewall launch and completion times [2018-09-21 22:09:27.158 UTC] [svservice:P1600:T1328] Successfully launched: C:\WINDOWS\system32\cmd.exe /c del /q /f "C:\Program Files (x86)\CloudVolumes\Agent\Logs\cvfirewall.cfg" 2>NUL && netsh advfirewall export "C:\Program Files (x86)\CloudVolumes\Agent\Logs\cvfirewall.cfg" && netsh advfirewall import "C:\Program Files (x86)\CloudVolumes\Agent\Logs\cvfirewall.cfg" (wait -1 ms) [2018-09-21 22:10:54.641 UTC] [svservice:P1600:T1328] ExitCode 0. Finished waiting for "C:\WINDOWS\system32\cmd.exe /c del /q /f "C:\Program Files (x86)\CloudVolumes\Agent\Logs\cvfirewall.cfg" 2>NUL && netsh advfirewall export "C:\Program Files (x86)\CloudVolumes\Agent\Logs\cvfirewall.cfg" && netsh advfirewall import "C:\Program Files (x86)\CloudVolumes\Agent\Logs\cvfirewall.cfg"" (WaitStatus 0) The second issue I have found that if I delete the writable, and recreate it, the login time decreases dramatically. Subsequent logins after the creation are better, but then they get increasingly worse. It's only until I delete the writable again that things get better. Has anyone seen anything like this? I had opened a call with VMware support, but they havent been able to solve the problem. Any help you can provide would be much appreciated!

GTO455 · ‎03-02-2018

Correct. However I found that DOMAIN\Username wasn't good enough. It continued to fail until I changed it to 'user@domain.name' (no quotes) and then it completed successfully.

All

GTO455's Posts

Re: Starting a Disabled Service

Re: Starting a Disabled Service

Re: Starting a Disabled Service

Cannot get MS OneNote Settings to Retain in UEM 9.4

Re: Unstable environment with UIA+profile writable volumes, appstacks, UEM

Re: Unstable environment with UIA+profile writable volumes, appstacks, UEM

Re: Unstable environment with UIA+profile writable volumes, appstacks, UEM

Long login times with writable enabled on Instant Clones

Re: Problems while trying to add vCenter Server and Composer