Fix Hyper-V Error | Cannot Install Windows 11 – Does not meet the system requirements

Basically I went to spin up a VM the same way that I normally would & I got a message saying that the PC doesn’t meet the system requirements to run Windows 11…

TLDR – Enable TPM in VM Settings

So what I ended up doing was adding more RAM to the VM but that didnt help. Then I figured out that Windows 11 has brought in the need for a TPM Module. Another little tidbit is that you need to have a generation 2 Hyper-V VM to actually enable the TPM module.

If you configure a Hyper-V Virtual Machine and you get the message – “This PC can’t run Windows 11 – This PC doesn’t meet the minimum system requirements to install this version of Windows. For more information visit https://aka.ms/WindowsSysReq”
More then likely what is going on is that you have not enabled the Trusted Platform Module (TPM) inside of your Hyper-V Virtual Machine setttings. TPM is requirment of Windows 11, but it hasn’t been with Windows 10.

To fix this issue make sure your Hyper-V Virtual Machine is setup as a Generation 2 virtual machine then:

  • You will need to open the Virtual Machine settings
  • Go to Security.
  • Then under Encryption Support should be the option to Enable Trusted Platform Module, tick the box next to it
  • Now your virtual machine should work as long as it meets the rest of the system requirements.
Read More →
Replies: 0 / Share:

if ((Test-Path -LiteralPath "Registry::\HKEY_CURRENT_USER\Software\Policies\Google\Chrome") -ne $true) { 

New-Item "Registry::\HKEY_CURRENT_USER\Software\Policies\Google\Chrome" -force -ea SilentlyContinue 
};
if ((Test-Path -LiteralPath "Registry::\HKEY_CURRENT_USER\Software\Policies\Microsoft\Edge") -ne $true) { 

New-Item "Registry::\HKEY_CURRENT_USER\Software\Policies\Microsoft\Edge" -force -ea SilentlyContinue 
};
HKEY_CURRENT_USER\Software\Policies\Microsoft\Edge
New-ItemProperty -LiteralPath 'Registry::\HKEY_CURRENT_USER\Software\Policies\Google\Chrome' -Name 'DefaultNotificationsSetting' -Value '2' -PropertyType DWord
New-ItemProperty -LiteralPath 'Registry::\HKEY_CURRENT_USER\Software\Policies\Microsoft\Edge' -Name 'DefaultNotificationsSetting' -Value '2' -PropertyType DWord
Read More →
Replies: 0 / Share:

Do this at your own risk. This is not supported and does come with risks. If you do not do this correctly you could corrupt your database or accidentally send emails with invoices to people that are not correct. If you implement this YOU ARE RESPONSIBLE FOR WHAT HAPPENS!! So make sure you understand what you are doing and do not blame me if you break something!

So I wanted to always have a copy of the ERP that we use (Jim2 by Happen Buinses) so then if I wanted to test out something I can just open the yesterday database & then I can use it.

THIS IS NOT SUPPORTED. YOU ARE RESPONSIBLE FOR WHAT HAPPENS!! So make sure you understand what you are doing

Now there is an inbuilt feature of Jim2 where you have a training database but the issue with this is everytime you want to do some testing, you need to log into the server and restore the backup from last night to the Training Database, this is quite cumbersom when you are doing a lot of testing.

So what I did first was created a new database which is quite easy, I just followed the instructions in the help article. Then I restored a backup to it, now this is when I had the following issues:

  1. Emails are still active – So the database that was just restored starts trying to automatically download any connected email accounts and also if you do any test invoices it would send them because emails are still enabled. This could be extreamly bad if someone was testing things and they actually went to the clients.
    When you restore the training database, the restore proceedure disables all of the emails so I needed to figure out how.
  2. The colour of the screen was the same so you cannot easily tell which database you are in
  3. No Jes services come across so you cannot do any automatic meter read testing

I knew I can just add another Jes service, so thats no worries but I did have to figure out how Jim2 handles the emailing and the colour.

I did some digging through the database & couldn’t find anything that stood out. Then I thought about running the SQL Server Profiler and changing the settings and seeing if I can see any SQL commands that will point me in the right direction.

And bingo – I found them.

Turns out there is a heap of options in the table JimOptions.

So I ran a select command on the JimOptions table and orderd it by the Opt field.

SELECT * FROM [JimOptions] ORDER BY Opt

And I found the EmailSMTP & EmailProcessing in that table, when I compared it would change when I change the settings. Then I had a thought. What if I just copy this whole table out of the training, as the training Database has this changed properly (and who knows what else it does when you do it).

I first tried using the copy database wizard, but it was annoying and ended up using a backup & restore instead.

So I just ran the following commands.

TRUNCATE TABLE [Jim_Yesterday].[dbo].[JimOptions];
INSERT INTO [Jim_Yesterday].[dbo].[JimOptions]
SELECT *
FROM [Jim_Training].[dbo].[JimOptions];

Then I tested it – It had disabled the emails but now the colour of the database was the same colour as the training. I want it to stand out & be a different colour then the live one.

Anyway so I just ran through the same process. Turns out the colour is changed by the values in General_SkinName there is some changes in both Columns for Value1 and Value2

UPDATE [Jim_Yesterday].[dbo].[JimOptions] set Value1 = '1' where Opt = 'General_SkinName';
UPDATE [Jim_Yesterday].[dbo].[JimOptions] set Value2 = '2' where Opt = 'General_SkinName';

These two values make it an orange colour.

So then I had all of my testing done and I was ready to script it out.

The Actual Scripts

So this is my SQL script, which I have saved as CopyJim2Yesterday.sql to make it work, I had to change the DB to Single User mode and back out which is in the script.

BACKUP DATABASE [Jim_Production]
TO DISK = 'c:\temp\Jim_Production.bak';

BACKUP DATABASE [Jim_Production#Doc]
TO DISK = 'c:\temp\Jim_ProductionDoc.bak';

ALTER DATABASE [Jim_Yesterday] SET SINGLE_USER WITH ROLLBACK IMMEDIATE
go
RESTORE DATABASE [Jim_Yesterday] FROM DISK = 'C:\Temp\Jim_Production.bak'
go
ALTER DATABASE [Jim_Yesterday#Doc] SET SINGLE_USER WITH ROLLBACK IMMEDIATE
go
RESTORE DATABASE [Jim_Yesterday#Doc] FROM DISK = 'C:\Temp\Jim_ProductionDoc.bak'
go

ALTER DATABASE [Jim_Yesterday#Doc] SET MULTI_USER;
ALTER DATABASE [Jim_Production#Doc] SET MULTI_USER;
go

/* This changes the table with the options to make it the same as the training DB. To disable emailing */
TRUNCATE TABLE [Jim_Yesterday].[dbo].[JimOptions];
INSERT INTO [Jim_Yesterday].[dbo].[JimOptions]
SELECT *
FROM [Jim_Training].[dbo].[JimOptions];

UPDATE [Jim_Yesterday].[dbo].[JimOptions] set Value1 = '1' where Opt = 'General_SkinName';
UPDATE [Jim_Yesterday].[dbo].[JimOptions] set Value2 = '2' where Opt = 'General_SkinName';

Then I have a daily scheduled task that runs on the server just in a batch file. This needs to run as a user that has access to the database which I have running on a dedicated service account.

net stop Jes$Jim_Yesterday

sqlcmd.exe -S SVRNAME -i c:\Scripts\CopyJim2Yesterday.sql -o c:\Scripts\CopyJim2YesterdayLog.txt

net Start Jes$Jim_Yesterday

del C:\Temp\Jim_Production.bak
del C:\Temp\Jim_ProductionDoc.bak

Now, that should give you enough to go on. I’m sure this same strategy will work for any other ERP that uses an SQL backend as well. Just to note this is on Jim2 4.3 – This may not work on other versions & also it is not supported by the software developers, DO THIS AT YOUR OWN RISK!!

Read More →
Replies: 0 / Share:

Blogs, YouTube and forums I use as an MSP

I keep up to date with IT and MSP news and information & I thought I would share with you some of the places on the internet that I hang out, either watching videos, reading blogs or gathering information.

I thought I would share these resources with the world so you can see where I learn & what I am watching to keep up to date with things.

R/MSP

https://www.reddit.com/r/msp/

Reddit. The MSP subreddit is a great place to hang out on the internet. It has people who work in and own MSP businesses (If you do not know MSP is Managed Service Providers, or outsourced IT Providers). People are often sharing scripts, best practices and problems they are facing.

I really enjoy getting involved on this sub reddit, I honestly didn’t really use reddit until I found the MSP subreddit. Now I am on there most days reading and interacting with people on there.

CyberDrain.com

https://www.cyberdrain.com/

Cyberdrain is ran by Kelvin Tegelaar who is CTO of Lime Networks. Kelvin shares mostly (if not only) powershell scripts for MSP and IT Service Providers.

There are some really great scripts on here and Kelvin must be a really smart cookie as he has some really great resources. If you are working in an MSP I cannot recommend Kelvin’s blog enought, there are some things on there that I have implemented into our MSP and also has given me inspiration to create my own monitoring scripts.

Honestly reading and and implementing some of these scripts has really helped me up my PowerShell game and has made practicle improvements into the MSP business that I work in.

The monitoring with PowerShell that Kelvin puts out on here is AWSOME!!. You can also find Kelvin on reddit as Lime-TeGek.

Lawrence Systems

https://www.youtube.com/channel/UCHkYOD-3fZbuGhwsADBd9ZQ

Now Tom Lawence, he is running weekly livestreams that are interesting and entertaining.

Tom puts out a lot of info on UniFi and also other networking and security.

I watch most of the Lawrence Systems videos mostly for entertainment but also because I like the stuff that he talks about, a lot of it is freestyle and he just discusses topics that he is interested in.

Eli The Computer Guy

https://www.youtube.com/channel/UCD4EOyXKjfDUhCI6jlOZZYQ

Listen on spotify

Eli’s earlier videos really helped me learn IT, when I was back in TAFE (Australia’s trade scholl system) I used Eli’s videos to learn practicle skills that helped me gain employment in the IT industry. I really liked the Windows Server videos and the networking videos that he put out.

Eli used to have an outsourced techology company before the global recession (not corona, the one that was caused by the financial crisis) and then he got onto youtube and started making videos.

Now most of his stuff is just him talking about stuff that is in the news and looking at it from the view of a technology professional.

If your just getting into IT his older catalogue is still relevent and will help you get a firm grasp on network and server administration. I give his videos to new techs who are starting with us so they can learn as well.

Read More →
Replies: 0 / Share:

Export a list of Office 365 users, their licenses and MFA Status in all customer tenants with delegated administration

Here’s a script that I have been using to get all users with their MFA Status & what licenses they have been allocated.

I modified the script from Elliot Munro GCITS for exporting a list of users licenses to include the MFA status, the orignal script is available here.

You will get the output of the CSV like this, I usually use it in excel and format as a table, then filter from there.

Output of the CSV file

How to Export all office 365 Users to the CSV

  1. Copy and paste the code into PowerShell ISE
  2. Save it as a .ps1 file
  3. Run the script
  4. Enter your account credentials that has deligated admin permissions
  5. Leave the script to run
  6. See all users and their MFA status along with their licence allocations at C:\Temp\UserLicenseReport.csv

The Script

$customers = Get-MsolPartnerContract -All
Write-Host "Found $($customers.Count) customers for $((Get-MsolCompanyInformation).displayname)." -ForegroundColor DarkGreen
$CSVpath = "C:\Temp\UserLicenseReport.csv"
  
foreach ($customer in $customers) {
    Write-Host "Retrieving license info for $($customer.name)" -ForegroundColor Green
    $licensedUsers = Get-MsolUser -TenantId $customer.TenantId -All | Where-Object {$_.islicensed}
  
    foreach ($user in $licensedUsers) {
        Write-Host "$($user.displayname)" -ForegroundColor Yellow  
        $licenses = $user.Licenses
        $licenseArray = $licenses | foreach-Object {$_.AccountSkuId}
        $licenseString = $licenseArray -join ", "
        Write-Host "$($user.displayname) has $licenseString and MFA: "  -ForegroundColor Blue
		Write-Host "$user.StrongAuthenticationRequirements.State "
        $licensedSharedMailboxProperties = [pscustomobject][ordered]@{
            CustomerName      = $customer.Name
            DisplayName       = $user.DisplayName
            Licenses          = $licenseString
            TenantId          = $customer.TenantId
            UserPrincipalName = $user.UserPrincipalName
	    MFAStatus		  = $user.StrongAuthenticationRequirements.State 
        }
        $licensedSharedMailboxProperties | Export-CSV -Path $CSVpath -Append -NoTypeInformation   
    }
}

MFA Status’s??

If your unsure about what the different states for MFA Status they are available here: https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-userstates

Read More →
Replies: 0 / Share:

This script was orignally posted on Solvia which is managed by Christian Casutt. https://blog.solvia.ch/2020/05/28/install-windows-10-upgrade-2004-from-command-line/

I have changed the script a bit and now am pushing it out directly with our RMM tool.

The script downloads & installs the Windows Upgrade Assistant (which you can run manually if you want). Then it runs it silently in the background.

Once the upgrade is installed it pops up with the Windows prompting the user to restart or it automatically restarts after half an hour.

# Solvia GmbH, Christian Casutt
# Update Windows using Windows Update Assistant
# Link https://go.microsoft.com/fwlink/?LinkID=799445 -> delivered the latest WUA Version as of today, November 7th of 2020 -> 20H2!
# Script Version 1.0 - 2020-05-28
# Script Version 1.1 - 2020-11-07
 

#set computer to not go to sleep
powercfg.exe -x -monitor-timeout-ac 0
powercfg.exe -x -monitor-timeout-dc 0
powercfg.exe -x -disk-timeout-ac 0
powercfg.exe -x -disk-timeout-dc 0
powercfg.exe -x -standby-timeout-ac 0
powercfg.exe -x -standby-timeout-dc 0
powercfg.exe -x -hibernate-timeout-ac 0
powercfg.exe -x -hibernate-timeout-dc 0


function Write-Log { 
    [CmdletBinding()] 
    param ( 
        [Parameter(Mandatory)] 
        [string]$Message
    ) 
      
    try { 
        if (!(Test-Path -path ([System.IO.Path]::GetDirectoryName($LogFilePath)))) {
            New-Item -ItemType Directory -Path ([System.IO.Path]::GetDirectoryName($LogFilePath))
        }
        $DateTime = Get-Date -Format ‘yyyy-MM-dd HH:mm:ss’ 
        Add-Content -Value "$DateTime - $Message" -Path $LogFilePath
    } 
    catch { 
        Write-Error $_.Exception.Message 
    } 
}
Function CheckIfElevated() {
    Write-Log "Info: Checking for elevated permissions..."
    if (-NOT ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole(`
                [Security.Principal.WindowsBuiltInRole] "Administrator")) {
        Write-Log "ERROR: Insufficient permissions to run this script. Open the PowerShell console as an administrator and run this script again."
        return $false
    }
    else {
        Write-Log "Info: Code is running as administrator — go on executing the script..."
        return $true
    }
}
 
# Main
 
try {
    # Declarations
    [string]$DownloadDir = 'C:\Temp\Windows_FU\packages'
    [string]$LogDir = 'C:\Temp\Windows_FU\Logs'
    [string]$LogFilePath = [string]::Format("{0}\{1}_{2}.log", $LogDir, "$(get-date -format `"yyyyMMdd_hhmmsstt`")", $MyInvocation.MyCommand.Name.Replace(".ps1", ""))
    [string]$Url = 'https://go.microsoft.com/fwlink/?LinkID=799445'
    [string]$UpdaterBinary = "$($DownloadDir)\Win10Upgrade.exe"
    [string]$UpdaterArguments = '/quietinstall /skipeula /auto upgrade /copylogs $LogDir'
    [System.Net.WebClient]$webClient = New-Object System.Net.WebClient
 
    # Here the music starts playing .. 
    Write-Log -Message ([string]::Format("Info: Script init - User: {0} Machine {1}", $env:USERNAME, $env:COMPUTERNAME))
    Write-Log -Message ([string]::Format("Current Windows Version: {0}", [System.Environment]::OSVersion.ToString()))
     
    # Check if script is running as admin and elevated  
    if (!(CheckIfElevated)) {
        Write-Log -Message "ERROR: Will terminate!"
        break
    }
 
    # Check if folders exis
    if (!(Test-Path $DownloadDir)) {
        New-Item -ItemType Directory -Path $DownloadDir
    }
    if (!(Test-Path $LogDir)) {
        New-Item -ItemType Directory -Path $LogDir
    }
    if (Test-Path $UpdaterBinary) {
        Remove-Item -Path $UpdaterBinary -Force
    }
    # Download the Windows Update Assistant
    Write-Log -Message "Will try to download Windows Update Assistant.."
    $webClient.DownloadFile($Url, $UpdaterBinary)
 
    # If the Update Assistant exists -> create a process with argument to initialize the update process
    if (Test-Path $UpdaterBinary) {
        Start-Process -FilePath $UpdaterBinary -ArgumentList $UpdaterArguments -Wait
        Write-Log "Fired and forgotten?"
    }
    else {
        Write-Log -Message ([string]::Format("ERROR: File {0} does not exist!", $UpdaterBinary))
    }
}
catch {
    Write-Log -Message $_.Exception.Message 
    Write-Error $_.Exception.Message 
}
Read More →
Replies: 0 / Share:

When running multiple Virtual Machines on a single host you may want to enforce limits on how much IO your virtual machine has on the disk.

I am not talking about limiting the amount of storage capicity that is avaialble but how much read and write speed that you have available on your virtual machine.

To achieve this you need to setup the QOS settings in your Hyper-V Manager with the following steps:

  • Right click the Virtual Machine & Click Settings
  • Expand out the Plus sign next to the Hard Drive
  • Select Quality of Service
  • Click Enable Quality of Service Management
  • Input how many IOPS that you need
  • Click Apply

Done.

You now have limited the IOPS that are available on the VHD file for your virtual machine.

I actually found this information on the Charbel Memnom blog which you can read here. This has a fair bit more information on managing your Hyper-V IOPS and also all of the PowerShell commands available to measure your IOPS and setting it up automatically.

Read More →
Replies: 0 / Share:

Veeam is a backup software company that offers two community editions of backup software that you can use for free.

Veeam Agent for Windows

The Veeam Agent for Windows is a pretty good solution for backing up a single endpoint. This can be either a Windows Desktop computer or a Windows Server computer.

You will need to download the Veeam Agent for Windows from the Veeam website, you will also need to make an account to get the download but all of that is pretty straight forward.

Once downloaded you just need to configure your backup job. Some things to note is that you can setup backup notifications via email & you can also encrypt your backups so if they end up in someone elses hands they will not be able to get into your data.

Follow this video to find out how to install & configure the Veeam backup.

Veeam Backup & Replication Community Edition

Backup & Replication is what you can use to backup multiple workloads. The community edition allows you to use it for free but it does have some limitations:

You can download Veeam Backup & Replication from the Veeam Website for free, same as before you will need to create an account to get the download. But once downloaded you can install it and start backing up.

All in all I find Veeam to be a pretty solid product, it seems to work pretty consistently and the ability to encrypt the backups is a real advantage over Windows Server Backup.

Read More →
Replies: 0 / Share: