Posts

Showing posts from 2016

Windows 10 Credential Guard breaks WiFi

Recently, I ran into an issue with computers running windows 10 that would not connect to our WPA2-Enterprise encrypted wifi network.  When it failed to connect, there was no indication of why, only the message "Can't connect to this network."  The computers were able to connect to unencrypted networks and networks using a Pre-shared key for WPA encryption without issue. Checking the event logs on the RADIUS server to see why the comptuer failed to connect, there was no log entry for a connection attempt from the affected system.  The WLAN-Auto-Config log on the client listed a couple of errors, including Event ID 11006 and 12013, but other than showing that the failure reason was "Explicit EAP failure received", they didn't give much to go on: Log Name:      Microsoft-Windows-WLAN-AutoConfig/Operational Source:        Microsoft-Windows-WLAN-AutoConfig Date:          8/15/2016 1:11:20 PM Event ID:      11006 Task Category: MsmSecurity Level:         Err

Configuring Bitlocker and TPM on Server 2012R2 Core

Image
I've just finished configuring Bitlocker on a new server running Server Core 2012R2 with a TPM key protector.  I had to piece together bits from a few sources online to accomplish this, so I will bring together in this one post all of the steps I ended up using. Here's a high level overview of the steps required: Check TPM status Enable & activate TPM if needed Take ownership of TPM Create Bitlocker recovery password Backup recovery password to Active Directory Enable Bitlocker using the TPM as the key protector In order to do this, the server must have a TPM module installed.  Believe it or not, this is still not standard hardware for many servers.  For HP servers, a TPM add-on is available for about $50 as p/n 488069-B21.  If you do have to install a TPM, go into the BIOS and enable the TPM under the security settings, to save yourself some steps later. Now comes the tricky part.  Powershell version 4 added some handy new cmdlets for managing the TPM.  Unfo

Viewing Windows Update logs in Windows 10

Image
For many years, dating back at least to Windows XP, Windows Update has kept a text format log in the Windows directory, which could provide useful information when troubleshooting update issues.  Beginning in Windows 10, this log file (C:\Windows\WindowsUpdate.log) Is no longer used.  If you look for it in the Windows directory, you'll see that the file is still there, but is only 275 bytes, compared to the 1-2MB log files of the past.  The contents of this file now explain that it isn't used anymore, and list a powershell command to get a readable windows update log: As you can see, there is a simple solution in the form of a new powershell cmdlet.  Simply run "get-windowsupdatelog" in powershell, and wait.  You'll see various input and output files scroll by in the powershell window as it parses the new "ETW" (Event Tracing for Windows" formatted logs, located in "c:\windows\logs\windowsupdate\".  When the cmdlet finishes, it wil