Archive

Archive for April, 2013

Latest Microsoft Update Causes Issues For Some

April 12, 2013 7 comments

For some, Microsoft’s latest set of patches for April 2013 has caused headaches. Microsoft is investigating behavior where systems may not recover from a restart or applications cannot load after installing security update KB2823324. This marks Microsoft’s second botched update this year. Microsoft recommends that customers uninstall this update. As an added precaution, Microsoft has removed the download links to the KB2823324 update while they investigate.

If you have installed this update but have not yet restarted your computer, you can uninstall the update by going to Control Panel > Programs and Features > View Installed Updates. Select “Security Update for Microsoft Windows (KB2823324)” and choose uninstall. If you manage a large number of machines, you can create a script to uninstall it with the command:

wusa.exe /uninstall /kb:2823324 /quiet /norestart

or by using Microsoft’s Sysinternals PsExec

Psexec -d -s \\remotemachine wusa.exe /uninstall /kb:2823324 /quiet /norestart

If you were among the unfortunate who installed the update, rebooted, and received a blue screen of death, chkdsk or other type of error, try one of the following procedures:

I suggest you try these in order. All of these require using ‘System Recovery Options’. You can get to this by pressing F8 during startup and choosing ‘Repair your Computer’ or by booting from a Windows 7 DVD or USB bootable media. The first two recover windows using System Restore points. The third tries to uninstall the update from the command line.

  1. Use ‘System Restore’ to restore Windows to an earlier point in time (before the Microsoft Update was installed)
  2. Use ‘Command Prompt’ and issue the command ‘dism /image:C:\ /cleanup-image /revertpendingactions’
  3. Use ‘Command Prompt’ and issue the command ‘dism /image:C:\ /remove-package /PackageName:Package_for_KB2823324~31bf3856ad364e35~x86~~6.1.1.1’

Reboot your computer after performing each step and hopefully you will be able to boot again normally. Good luck.

For more information visit: You receive an Event ID 55 or a 0xc000021a Stop error in Windows 7 after you install security update 2823324

EDIT: Microsoft has released KB2840149 to address the security issue that was suppose to be fixed by the botched update.

The original update created a conflict with certain third-party software installed on user machines. This resulted in system errors that caused the reboot loop. Microsoft immediately pulled the update to prevent any more issues from coming up. Microsoft eventually released a secondary update which removed the first update. If you are running Windows 7, head over to Windows Update to download the latest security fix. If you have automatic updates enabled, you probably already have it.

Using Network Time Protocol with Windows Server

April 2, 2013 1 comment

We all know that time synchronization is a crucial aspect for all the computers on the network, especially servers. In Windows, client computers obtain the time from domain controllers and the domain controllers obtain their time from the domain’s primary domain controller operation master. The primary domain controller obtains its  time from an external source, usually Microsoft (time.windows.com). If you would like to have your primary domain controller synchronize with a NTP server, the process is fairly simple. My department maintains our own SNTP servers but you could use one from the NTP Pool Project.

For my fellow administrators in the North American continent, you would use:

  • 0.north-america.pool.ntp.org
  • 1.north-america.pool.ntp.org
  • 2.north-america.pool.ntp.org
  • 3.north-america.pool.ntp.org

I recommend you use the DNS name instead of an IP address because the IP addresses may change in the future for what ever reason. Now lets configure our primary domain controller to synchronize with our NTP server.

      1. Sign into your primary domain controller with Administrator credentials. If you do not know which of your domain controllers is the primary domain controller, you can query a domain controller using netdom. Use the command ‘netdom /query fsmo’.
      2. Open a command prompt window.
      3. Stop the W32Time service by using the command ‘net stop w32time’.
      4. Now it is time to configure the external NTP source. Use the command: w32tm /config /syncfromflags:manual /manualpeerlist:<NTP Servers here> /reliable:yes
      5. Start the W32Time service again by using the command ‘net start w32time’.

NOTE: If you are going to use more than one NTP server, you must enclose them in quotes and delimit each entry with a space. Ex: “ntp1.domain.com ntp2.domain.com ntp3.domain.com”.

The Windows Time Service should begin to synchronize the time with external NTP server you chose. You can view your current configuration by using the command ‘w32tm /query /configuration’ and check your Event Viewer for any error messages.