Windows Updates to avoid: Adware to promote Windows 10: KB3035583

On Windows 7 SP1 and Windows 8.1, you might recently have got the update KB3035583. It installs folders and functions to promote the launch of Windows 10 and of course, it calls home to do that.

See more details in this article.

Luckily, you can un-install this update, or, if you have not installed it already, hide it in the "recommended updates" screen.

If you are on Windows 7 and don't plan to upgrade to Windows 8.1 or Windows 10 you can also uninstall:


Windows: Schannel error 40 and Internet Explorer

When I needed to access a secure page (HTTPS) from Internet Explorer 11 on a Windows 2008 R2 server, I always got a "Page cannot be displayed" error. I could, though, access that page from another machine or another browser on the same server.

Looking in the Event Viewer I saw:

Log Name: System
Source: Schannel
Date: 05.01.2015 12:11:58
Event ID: 36887
Task Category: None
Level: Error

The following fatal alert was received: 40.

Schannel error 40 means: SSL3_ALERT_HANDSHAKE_FAILURE

So I checked with SSL Labs which Ciphers my browser offers:

It looks like it was offering very old ciphers first


I checked the following Registry key:


It contained exactly the same old ciphers first!

So I looked at a Windows 7 client that was working and saw that there were the newer and more secure ciphers listed first:


I copied the Registry entry of the working machine to the server, rebooted the server and - Bingo - I could now access the web page.

ESXi 5.5: How to install an update via SSH

Download the current update (i.e. ESXi 5.5 Update 2) from MyVMWare. For HP Servers, download the special HP Version. Download the .zip file, not the .iso file.

Copy the .zip file to the datastore via vSphere client.

Login to ESX via SSH

Run the command

esxcli software vib update -d "/vmfs/volumes/datastore1/Install/VMWare-ESXi-

Reboot VMWare ESXi

Apple iOS8: How to download iOS updates manually

If you need to download the Apple iOS manually, do the following. Go to:

Choose the hardware model (e.g. iPad4 (GSM)

Then download the .ipsw file (this can be 2GB in size or more).

Place this file in the following directory (that's for Windows 7):

C:\Users\UserName\AppData\Roaming\Apple Computer\iTunes\iPad Software Updates

When you connect your iOS device to your computer and start iTunes, you can directly load the update.

Apple iOS 8: How to factory reset a locked iPad or iPhone

If you forget your device passcode or PIN, there is no way to get into it again. You have to do a factory reset of the device. For that, you need iTunes and a USB cable to connect your device to your PC.

Find below the steps to recover your handheld:

Important: These steps will wipe (delete) all your data and settings from your device.

  1. Remove all cables from your device.
  2. Switch your device off by holding the Standby button and swiping to the right.
  3. Hold the home button and connect your handheld to a running iTunes. Keep holding the home button until the "Connect to iTunes" logo appears on the device.
  4. In iTunes, click "Restore".
  5. In iTunes, click "Restore and Update".
  6. If you are shown an iOS Update screen, click "Next".
  7. On the License Agreement, click "Agree".
  8. iTunes now downloads the latest iOS software and puts your device in "Recovery Mode".
  9. The update and factory reset can take up to an hour.

Windows Active Directory: How to move the FSMO Roles via the GUI

All 5 FSMO roles of Active Directory can be moved via script, but lets see how it works via GUI (MMC):

RID Master, Infrastructure Master, and PDC Emulator

  1. Login to the target DC via RDP
  2. Open "AD Users and Computers"
  3. Right-click the Domain and choose "Operations Masters..."
  4. Choose the appropriate tab
  5. Click "Change..."
  6. Click "Yes" to confirm

Schema Master

Make sure you are member of the "Schema Admins" group. Being in the "Enterprise Admins" group is not enough!

  1. Login to the source DC via RDP
  2. Open "AD Schema"
  3. Right-click "Active Directory Schema" and choose "Change Active Directory Domain Controller"
  4. Choose the target DC
  5. Right-click "Active Directory Schema" and choose "Operations Masters..."
  6. Click "Change..."
  7. Click "Yes" to confirm

Domain Naming Master

  1. Login to target DC via RDP
  2. Open "AD Domains and Trusts"
  3. Right-click "Active Directory Domains and Trusts" and choose "Change Active Directory Domain Controller"
  4. Choose the target DC
  5. Right-click "Active Directory Schema" and choose "Operations Masters..."
  6. Click "Change..."
  7. Click "Yes" to confirm

Windows Active Directory: Who holds the FSMO Roles?

The easiest way to find out which Active Directory Domain Controller holds the FSMO roles is the following:

  • Open a CMD box
  • Type netdom query fsmo
  • The output is something like

    C:\Windows\system32>netdom query fsmo

    Schema master     
    Domain naming master
    RID pool manager  
    Infrastructure master

    The command completed successfully.

Windows: How to elevate the Command Prompt to System Rights

Have you ever tried to configure something on a windows system as Administrator and still got a permission denied?

While the Administrator is powerful, he still can't do everything. There is an account that is even more powerful, it is called SYSTEM. So how could you run something as SYSTEM? Here is how:

  • Start a command prompt as Administrator
  • From Sysinternals, download psexec.exe and put it on the C: drive
  • In the command prompt, navigate to the directory with psexec.exe
  • Run "psexec.exe -i -s cmd.exe" (without the quotes)
  • Now a second command prompt opens with SYSTEM privileges
  • Type "whoami" to confirm that you are SYSTEM

Be careful as with these rights, you can easily destroy a system.

HP ILO: Configure it via ESX

When you can't access HP ILO via Web Console anymore (e.g. because you have configured the IP address wrongly or enabled DHCP by accident), there is a possibility to configure the ILO IP settings via ESX.

Login to the ESX vSphere Client

Make sure that SSH is running on ESX (ESX host > Configuration > Security Profile > Services > Properties, Start SSH if it is not started)

Download Putty on the Windows machine where the vSphere Client runs. Start Putty.exe and use the IP address of the ESX host to login.

After you have entered the user name (root), it takes a while for the password prompt to be shown. Wait and then enter the password.

cd /opt/hp/tools

Export the current config: ./hponcfg -w /tmp/ilo_config.txt

Now, copy this file to the Windows machine (for example with WinSCP).

Open it with WordPad and change the following lines:


Copy it back to the ESX host (overwrite existing file)

./hponcfg -f /tmp/ilo_config.txt

Let the ILO restart.

You should now be able to login to ILO via the Web Console.


BES 5.0.4: How to add an administrative user

On BES 5.0.4, it is a bit tricky to add an administrative user. Normal Blackberry users are added under User > Create user, but admin users have to be added from a different menu.

First, login with BESAdmin. Then, you have to go to

Administrator user > Create an administrator user

BES Admin User 1

Then, fill in the fields, which are not self-explanatory:

BES Admin User 2

Display name: Use the display name from Active Directory
User name: Use the AD login name
Domain: Use the AD domain name
Administrator password: Use the password from BESAdmin, not from the user you are creating