I was preparing to remote into a virtual machine to do some maintenance when I encountered an error.
“An authentication error has occurred.
The function requested is not supported
Remote computer: [Computer Name]
This could be due to CredSSP encryption oracle remediation.
For more information, see https://go.microsoft.com/fwlink/?linkid=866660”
Information from the link in the error:
Credential Security Support Provider protocol (CredSSP) is an authentication provider that processes authentication requests for other applications.
A remote code execution vulnerability exists in unpatched versions of CredSSP. An attacker who successfully exploits this vulnerability could relay user credentials to execute code on the target system. Any application that depends on CredSSP for authentication may be vulnerable to this type of attack.
This security update addresses the vulnerability by correcting how CredSSP validates requests during the authentication process.
The bottom line is that in order to RDP into the target server both computers need to have the update installed. In my case, my local machine was updated, but the target machine was not yet updated. This target machine did not have automatic updates turned on and was an Azure VM. I could have contacted support, or turned on automatic updates from the portal, but the reality was I needed to get into the machine quickly to handle an emergency fix. Due to the simple architecture (stand-alone VM) I could not push the patch via SCCM or GPO.
Continue reading Can’t RDP to Server after Windows Patch (CredSSP)
Windows Vista and up has the administrator account disabled by default. In order to use it you have to enable it. One easy method I found was to use the command prompt, aka CMD.
1. Open command prompt (CMD) in administrator mode.
- Windows < 8: Start > Accessories > Right Click on Command Prompt > Run as Administrator.
- Windows >= 8: Right Click on Start > Open Command Prompt as Administrator
2. Execute this command to Enable:
net user administrator /active:yes
Next time you log in you should see a new option for administrator. I would recommend setting the administrator password if you have not already done so.
If you decide you want to disable the administrator account, execute this command:
net user administrator /active:no
While doing system troubleshooting I will sometimes come across an IP address which is causing some issue and is getting reported on an error log. It could be a server, or a network user, and it would be helpful to know the Hostname in order to dig in further.
The easiest method that I have come across is to use the windows command prompt.
- Start > Run > CMD
- ping -a [IP ADDRESS}
There are other methods such as using power shell, java, C#, etc, but if you are not trying to integrate this hostname into some other commands then CMD should be all you need.
I recently purchased a 250GB Solid State Drive made by Crucial to replace my 150GB VelociRaptor Hard Disk Drive for my Operating System. There are two routes I could think of to go about installing the OS on the SSD.
- Copy image from HDD to SSD
- Pros: Would allow a fairly seamless transition from one drive to another. No need to migrate files to a third disk and then reload to the new SSD.
- Cons: Any inefficiencies/growth Windows has created (software bloat), or any disorganization I have created will be carried over to the new SSD. Any corrupted files or disk sectors would be carried over to the new drive.
- Install fresh copy of OS on SSD
- Pros: A fresh OS always runs better because it has not had time to bloat.
- Cons: Time; I will have to migrated any files I want to keep to another drive, install Windows, install any applications/drivers I had previously, then migrate files back to main drive.
I decided to go with option 2; installing a fresh copy of Windows 7 to the new SSD. One of the cons of doing this is having to move the files you want to keep to another drive and then back to the main OS. This does not impact me because I already back up to google drive, a cloud service, and I also have a secondary 1TB disk drive where I save almost all files. Also, my current installation of Windows 7 has bloated quite a bit. I have done some work to remove the bloat but I like the idea of starting over with a new copy of windows.
Since I am reinstalling windows I will need the windows license key. Microsoft likes to make it difficult to find your license key. It is not located in any convenient place unless you have the original packaging or purchased a computer with the OS already installed and the sticker is still on the computer case which would contain the windows key. They probably claim to make it hard to find so that the key can not be easily stolen. However, if this were truly the case the key would not be placed on a sticker on the outside of many store bought cases. I personally believe they make it difficult to find the key so that it is hard to keep track of and then many users will just buy a new copy or if they are buying a new computer opt with bundling the OS with the new computer.
One way to find your windows license key is to use a VB script to read it from your registry and then decode it.
Below is the script I used which I obtained from howtogeek.com.
Direct link to article: http://www.howtogeek.com/206329/how-to-find-your-lost-windows-or-office-product-keys/
This article has much more information on this process, and also other processes for recovering your windows key such as third party software.
Paste the code into a text document, save the file with a “.vbs” file extension, close, and then double click the new file to run it. It should present you with a popup window that contains your windows key.
Set WshShell = CreateObject(“WScript.Shell”)
MsgBox ConvertToKey(WshShell.RegRead(“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\DigitalProductId”))
Const KeyOffset = 52
i = 28
Chars = “BCDFGHJKMPQRTVWXY2346789”
Cur = 0
x = 14
Cur = Cur * 256
Cur = Key(x + KeyOffset) + Cur
Key(x + KeyOffset) = (Cur \ 24) And 255
Cur = Cur Mod 24
x = x -1
Loop While x >= 0
i = i -1
KeyOutput = Mid(Chars, Cur + 1, 1) & KeyOutput
If (((29 – i) Mod 6) = 0) And (i <> -1) Then
i = i -1
KeyOutput = “-” & KeyOutput
Loop While i >= 0
ConvertToKey = KeyOutput