Category Archives: Windows 7

Remote Desktop Issue: “An authentication error occurred” “This could be due to CredSSP encryption oracle remediation”

You may get this error when trying to connect to a Terminal Server from Windows 10 or Windows 7.


The workaround is to add the following Registry key on the affected client PC.

This is NOT a fix. Doing this will bypass the fix for the security vulnerability. But it will get your users going while Microsoft readies a fix.


Windows previous versions documentation

This is the archive for older Windows 7, 8, Server 2012, 2008, 2003, R2 information that was previously on TechNet.

Meltdown and Spectre


Happy New Year … Not!

With the New Year comes a new class of malicious attack that can impact IT systems. This time, the attack is hardware based, affecting mostly Intel based systems, and to some extent, AMD systems as well.

Here is a list of resources that highlight what it is all about and how to mitigate against this new threat. In the words of Microsoft, “Don’t panic.”

Windows 7 SP1, Windows 8.1, Windows Server 2008 R2, Windows Server 2012, and WIndows Server 2012R2 Update Rollup all in a single package

Today, MIcrosoft announced the availability of a single update rollup package for Windows 7 SP1 and Windows Server 2008 R2. Some details for the rollup are as follows:

  • All security and non-security fixes since the release up to April 2016.
  • One installation package.
  • Optional install – not offered via Windows Update.
  • Monthly rollups after April 2016.
  • Security bulletins will continue to link to a direct update.
  • For Windows 8.1, Windows Server 2012, and WIndows Server 2012 R2, there will be monthly rollup updates.

Thanks, Microsoft, for listening!

To get the rollups, you need Internet Explorer 6 or higher (not Edge – since this is not an update package for Windows 10). Get the updates here –

At this stage, other browsers are not supported, although Microsoft have hinted that the site will be updated in the next few months.


Windows 7, 8.1, 10, SBS and Essentials Client Conntector – What works, and what doesn’t

The Essentials Server team have just published a blog post which gives you an at-a-glance look at what features are supported and not supported with the six current (and recently past) SBS and Essentials SKUs.

Read the blog post here –

How to rapidly create a Virtual Machine from WIM or ISO (WIM2VHD)

If you have DVD media or and ISO of your Operating System, you can quickly and easily create a sysprepped VHD or VHDX image. With this Virtual Hard Disk file, you can set up a Virtual Machine and boot it directly to the Out of Box Experience, thus saving about half an hour to an hour of installation time.

The process for doing this and PowerShell script called Convert-WindowsImage.ps1 is documented in the Technet Script Repository here –

Note: This latest release (v6.3) now supports the creation on Generation 2 VMs.

The trust relationship between this workstation and the primary domain failed

Every few months, this situation comes up somewhere amongst the plethora of Windows 7 workstations that are managed by my helpdesk. The standard fix is normally to remove the workstation from the domain, and rejoin it again.

I came across a blog post here – – which suggested that this problem was caused by a machine password being corrupted or lost.

A suggested fix for this was to use NETDOM.EXE to reset the machine password. You will need to install the Remote Server Administration Tools from Once it has been installed, turn the following feature on (from the Turn Windows features on or off applet in the control panel. (you might find some other useful server administrative tools there too!)


From an administrative command prompt, type the following command.

NETDOM resetpwd /s:[domain controller] /ud:[domain admin] /pd:*
[domain controller] = a domain controller in the joined domain
[domain admin] = a domain administrator with administrative rights to the machine

You will be prompted to enter in the password for the domain admin account specified.

Once the command is completed, restart the computer to log in.

NOTE: I did notice that some other settings on the workstation appeared to be corrupted or reset after the reboot. One of these itemms was the Outlook profile, which had to be reset and resynchronized.

Optimise Windows 7 with SSD drives

Jakub at has posted a blog on how to optimise Windows 7 when installed on SSD drives. He lists 9 tweaks that should be done to ensure maximum performance when using SSD drives here –

  • Enable TRIM (Should be enabled by default)
  • Disable Prefetch
  • Disable Superfetch
  • Disable Indexing
  • Disable Write Caching
  • Disable System restore
  • Disable Hibernate
  • Disable Page file (only if you have a lot of RAM)
  • Disable De-fragmentation

Windows 7 SP1 and Windows Server 2008 R2 SP1 Enterprise Hotfix Rollup (KB 2775511) is released

It appears that Microsoft are now moving towards a new way of deploying service packs. KB 2775511 is a hotfix rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1. This hotfix rollup contains 90 hotfixes that were released since service pack 1 and are noted to greatly improve performance and system reliability.

The main areas of improvement are in the Remote File System and Networking components, namely Offline Files, Folder Redirection, SMB and TCP Protocol services.

The hotfix rollup is described here – and can be downloaded from the Microsoft Update Catalog here –

The documentation also lists two Registry fixes that must be manually applied after the hotfix is installed.

  • To enable update 2581608, configure a REG_DWORD Value named RunLogonScriptsNormally under the following path, and set the value to a decimal value of 1:
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
  • To enable update 2752259, configure a REG_DWORD Value named BrmDisableOpc under the following path, and set the value to a decimal value of 0:
    HKEY_LOCAL_MACHINE \SYSTEM\CurrentControlSet\Control\Print



Using DISKPART to create a Bootable USB of Windows 8

Windows 8 was released today on MSDN and Technet. It will soon be released publically. With that comes the many GBs of downloads for the ISOs. Many may have newer Ultrabooks, which do not feature DVD drives anymore. Rather than burning the ISO to a DVD disc, why not put it on a bootable USB stick? There are many ways to do this, and I have found that the best way to do this is to use a command tool called DISKPART. The commands are fairly easy.

  1. Open an elevated Command Prompt and type DISKPART. You will open up the Diskpart tool, as evidenced by the DISKPART> prompt.
  2. DISKPART>LIST DISK <- This will give you a listing of the disks on your system. It is very important to identify the USB disk, as you really do not want to format your system drive.
  3. DISKPART>SELECT DISK n <- this will make select the USB disk n, as identified in step 2
  4. DISKPART>CLEAN <- This effectively does a quick format/wipe of the USB disk
  5. DISKPART>CREATE PARTITION PRIMARY <- This will create a primary partition on the disk
  6. DISKPART>SELECT PARTITION 1 <- Since there is only one partition, this will select it.
  7. DISKPART>ACTIVE <- This makes the partition active
  8. DISKPART>FORMAT FS=FAT32 <- This formats the disk and sets it up as a FAT32 formatted drive. This will take a while to complete
  9. DISKPART>ASSIGN <- This assigns the next drive letter to the drive
  10. DISKPART>EXIT <- To exit the utility

Once the USB drive has been prepared, you can now use a utility like 7-Zip to extract the ISO directly to the drive.

BTW. This process will also work when creating bootable USB disks of other Windows ISOs – Windows Server 2012, Windows Small Business Server 2011, Windows Server 2008 R2, Windows 7, and even Vista.