Outlook Authentication Broken–Username and Password Missing

Posted on Leave a commentPosted in Authentication, windows 10, windows 7

I came across an issue recently where the Outlook security dialog box popup was broken. Rather than looking as below, the username and password fields where missing:

windows_security.jpg

The dialog box appeared as:

image

Notice that the username and password fields are missing! Also missing, and the key to this issue, is the picture is missing too. This is usually an empty box, but for some companies they use Group Policy to push out a different graphic.

That image is a bitmap stored in “C:\ProgramData\Microsoft\User Account Pictures”.

At a client of mine, the marketing department had requested the company logo replace the user picture and provided at 1MB file for this purpose. The file was deployed to all machines and overwrote the user.bmp by way of GPO preferences. Resizing user.bmp to under 48K in “C:\ProgramData\Microsoft\User Account Pictures\” on a single machine resolved the issue for users on that computer. We then changed the source of the image to under 48K centrally to fix all users.

Note that this was Windows 7 – different file sizes and dimensions exist for different versions of Windows. For example a user.bmp file on Windows 10 can be 448×448 and the default is just under 600KB. So again, the 1MB file mentioned above might also break Windows 10, but to fix the issue on that OS I probably dont need to reduce the file size so small.

Access Is Denied Message After Sysprep–How To Fix

Posted on 1 CommentPosted in 2003, 2007, 2008, 2008 R2, 2012, 64 bit, backup, bios, hyper-v, password, recovery, sysprep, windows, windows 2003, windows 2008, windows 7, windows server, workstation, x64, x86

If before you use Sysprep to prepare a Windows machine for imaging you set the administrators password “User cannot change password” then sysprep will not clear this setting, but will set the “User must change password at next logon” setting. Normally these two settings are mutually exclusive, but in the scenario for sysprep it seems they can both end up being set.

This means you get prompted to reset you password at first logon after sysprep completes and then find you have “Access Denied” as the response. There is seemingly no way around this Catch-22.

That is unless you use the Offline NT Password and Registry Editor. This tool allows password resets when booting the server from a CD or USB key (so physical access to the server is required). As the download for this is an iso file, it can also be used in virtual environments by configuring your virtual machine to boot from the iso you have downloaded.

To allow you to logon to your machine following the above issue, all you need to in the Offline NT Password tool is to blank out the administrators password and unlock the account. These are options 1 and 4 during the password reset stage. Full instructions with screenshots follow:

  1. Boot the server with the issue with the Offline NT Password and Registry Editor iso file:
    image
  2. Choose the correct boot option (or just press Enter for the defaults):
    image
  3. For Vista and earlier select the default of Option 1. For Windows 7 and Windows 2008 and later select Option 2 (to boot into the second partition on the disk). You might need to select a different option if you have more partitions. You need to select the partition that Windows is installed on.
  4. If the disk is marked as Read-Only ensure that the server went through a clean boot and was not shutdown incorrectly. Once the messages indicate a writable partition
    image
  5. Select the presented folder (by pressing Enter again). You can typically just press Enter through most of these stages. You will be asked what you want to do – we want to reset passwords:
    image
  6. Select Option 1 to Edit user data and passwords:
    image
  7. Press Enter to choose the Administrator account:
    image
  8. Type 1 to Clear (blank) user password. You should get back the message “Password cleared!”:
    image
  9. Press Enter again to reselect the Administrator account, and this time select Option 4 to unlock the account (even though this program tells you the account is already unlocked):
    image
  10. Once you see “Unlocked!” you can quit from this program. The process to quit requires you to save your changes. Note that the default setting is not to save changes, so you cannot now use Enter to select the default option.
  11. Enter ! to quit from the password reset program:
    image
  12. Enter q to quit from the script and to ask about saving changes:
    image
  13. Enter y to write back the files that have been changed:
    image
  14. You should have been told “***** EDIT COMPLETE *****”. Press Enter to finish the program scripts:
    image
  15. At this final screen you can remove the CD or unmount the iso image from your virtual machine and press CTRL+ALT+DEL to restart the server. The server should now boot into Windows and auto-logon as it has a blank password.
  16. Change the password and optionally untick the “User cannot change password” setting.

Running MOC Courseware Virtual Machines on Windows 7 RC

Posted on 4 CommentsPosted in virtual pc, virtualisation, windows 7

Once you have installed Windows 7 RC and downloaded Microsoft Virtual PC you might have the need to run Microsoft Official Curriculum courseware virtual machines. And therein is a problem.

The virtual machines are built to use Virtual Server 2005, but that cannot install in Windows 7, so you cannot use the Lab Launcher. Though you can install the courseware drives, you will need to run the installer in compatibility mode or the VHD installer will not run.

Once you have the VHD files unzipped you need to configure Microsoft Virtual PC to load them up. This though is a problem if you are not located in the same timezone as the creators of the base disks (PST timezone).

The steps to create a virtual machine when you are in a different timezone are:

  1. Start the virtual machine wizard and make a note of the location value. You will need to modify files in this location later on
    image
  2. Set memory and untick the network connections option
    image
  3. Browse to the exiting hard disks folder. Enable undo disks at this time as well
    image
  4. If you are in a different timezone you will get the following cryptic error
    image
  5. Click OK and modify the file used to point to either any of the “allfiles” disks (as these are not differencing disks) or create your own empty vhd for the time being
    image
  6. Complete the creation steps and then bring up the settings of the new virtual machine (with the wrong disk attached)
    image
  7. Modify the network settings to Internal Network and add any additional disks needed (this will be described in the full setup guide for the course) and close the settings dialog.
  8. Browse to the folder that contains the actual settings file (the vmc file). This folder is the location value from step 1 (defaults to C:\Users\username\AppData\Local\Microsoft\Windows Virtual PC\Virtual Machines).
  9. Open the vmc file in Notepad (or an XML editor) and change the settings to that which you require. These changes are for disks. Look for ide_controller 0 and ide_controller 1 (if present) and change the name of the vhd file to the correct disk name.
  10. Modify the time sync. settings as per disabling-time-synchronization-under-virtual-pc-2007. The virtual machines from Microsoft for training purposes have a grace period and if you bring them up with the current date/time on them (which Virtual PC 2007 does automatically) then you will need to activate them.
  11. Save the file when your changes are completed.
  12. Start the virtual machine. You will see this error message – Inconsistency in virtual hard disk time stamp detected – The virtual hard disk’s parent appears to have been modified without using the differencing virtual hard disk. Modifying the parent virtual hard disk may result in data corruption. It is strongly recommended that you mark the parent virtual hard disk as read-only to prevent this in the future. If you recently changed timezones on your host operating system, you can safely continue using this virtual hard disk.
    image
  13. This can occur for a number of reasons, but if the reason is timestamps then click OK. DO NOT click the option not to show the message again, or you will not be able to get past this error without modifying the options.xml file in C:\Users\username\AppData\Local\Microsoft\Windows Virtual PC.

The virtual PC will start, and will prompt you about updates to the integration components, but that is only a minor , so that can be ignored when you are presented with that error, unless you want the error to never show again per machine, in which case install (at your own risk and numerous reboots) the integration components.

Finally, you might need to reactivate some machines, as the hardware will have changed.