NCSI troubleshoot

Case: Windows 10 (virtual on vmware, virtual on Citrix, physical on laptops) have issues with NCSI test. Some of them. Below 10% of the whole number of hosts - total is above 10 thousands. Most of laptops work remotely (vpn), virtual machines of course should be treated like local machines.
Additional info: Windows 7 work perfectly.
Signs of problem: Citrix machines (virtual Windows 10) connectivity issues when staring Office 365 apps (no Internet connectivity on network status), after ipconfig /renew Internet connectivity is recognized well. For Windows 10 on virtual machines on VMWare and on laptops the only sign is huge number of requests to connecttest.txt on www.msftconnecttest.com per day. If workstation is working well - daily number of requests is below 10, if something is wrong is above 2-3 thousands. So if You multiply number of requests per workstation by number of wrong workstations there are above 400 thousands requests daily.

Steps to recover, to repair:
- dns record www.msftconnecttest.com is masked in internal - corporate DNS; no help
- www.msftconnecttest.com site is proxied locally in corporate server; it should be delivered better, but it's not; from this site I know exact number of requests no help
- UseGlobalDNS set to 1 no help
- disable offload for tcp/ip v4 - yes, it helped
- corrected manual entry of proxy - it is now recognized by system - visible in eventlog for ncsi

Important: only 10% of total number of hosts have this issue - all of them have the same set of patches, configuration, network configuration, firewall, antivirus and so on, so why only small fraction have this issue? I don't have a clue.

wifi in raspberry - roaming

from ubuntu manpage:
The only reasons for wpa_action to be explicitly executed by the user is to stop wpa_cli from controlling ifupdown or reload the wpa_supplicant.conf file after editing. wpa_action eth1 stop Otherwise, wpa_action is given as an argument to a wpa_cli daemon.

wpa_cli -i eth1 -a /sbin/wpa_action -B

 
This can be done by using the wpa-roam option in the interfaces file. wpa-roam takes one argument, a user provided wpa_supplicant.conf file.

sudo /etc/init.d/networking restart

Windows 10 backup disk with DISM

Dism /Capture-Image /ImageFile:P:\diskO.wim /CaptureDir:O:\ /Name:"DiskO"
Dism /Apply-Image /ImageFile:P:\diskO.wim /Index:1 /ApplyDir:R:\

MIM placeholder how to manage

I've got placeholder in connector space so new CS object couldn't be created. I've created some simple object (sql is datasource for this management agent), after import synchronization has started for this object.

november 2022 fixes

https://support.microsoft.com/en-us/topic/kb5021130-how-to-manage-the-netlogon-protocol-changes-related-to-cve-2022-38023-46ea3067-3989-4d40-963c-680fd9e8ee25
https://techcommunity.microsoft.com/t5/ask-the-directory-services-team/what-happened-to-kerberos-authentication-after-installing-the/ba-p/3696351
https://www.csoonline.com/article/3680512/how-to-reset-a-kerberos-password-and-get-ahead-of-coming-updates.html

Ledger Live is not opening or any other Windows app

Strange symptom - when I've tried to run Windows app, like Ledger Live on task bar there is a status of working app (and some view of window) but there is strictly no visible window. I've reinstalled app but without success, still the same result. After searching on Internet and some thinking (app is working perfectly on different laptop) - I've remembered that this machine was in multi monitor configuration. So... I call'ed system menu for this app (Alt + Space), choose Maximize and voile'la - it's working.

Windows Recovery Environment

When creating of rescue disk is impossible (information like We can't create a recovery drive on this PC. Some required files are missing):

reagentc /disable

reagentc /setreimage /path \\?\GLOBALROOT\device\harddisk0\partition1\Recovery\WindowsRE

reagentc /enable
Disk number and partition should be customized but on systems with single disk/partition it should work.