Monthly Archive


Windows 10

Windows sandbox

The recent Windows 10 Insider builds (18305) have introduced a Windows sandbox feature. This is a new light weight desktop environment for testing software. A new sandbox is created every time you need one and EVERYTHING in the sandbox is destroyed when you close it.

see for the initial announcement.

The IE fix KB4483214 seems to break the sandbox on build 18305.

I’ve tried it on build 18309 and it seems to work OK.

There are a few issues as explained in the blog post and the documentation

Note the requirement to enable nested virtualisation if you’re running the preview in a VM.

So far it looks like one of the more useful features to come out of the Windows 10 update process.

Windows 10 install wasting my time

I’ve just made the mistake of installing Windows 10 Insider preview build 18272 from the iso. The only thing I can say is that Windows 10 install wasting my time.


The install proceeds as you would expect but then once the basic OS installation is complete it crawls, at the speed of a overloaded truck with no engine, through a whole series of questions about settings.


If Windows got out of my way and let me perform the settings changes they’d have been done in a few minutes instead the windows install wasted the best part of 30 minutes taking me through its ridiculous setup dialog.


What’s worse is that its the Enterprise edition I was installing!


Microsoft please get out of my way and let me make changes. Every edition of Windows since Vista has made it harder and harder to actually make changes. The continuously changing settings menus mean that the settings you need are buried further and further under meaningless dialogs and when you do get the bottom you’re often using the old control panel!


The continuous feature update promised by Windows 10 is failing because its actually getting harder to do things. Contrary to your belief Microsoft you don’t know better than me how I want my machines configured – you’re applying a blanket best guess set of settings that are becoming more difficult to unravel.

Birthday present from Microsoft

I’ve had an early birthday present from Microsoft. They named the latest Windows version after my birthday - Windows 10 October 2018

Thank you.

The install media is available on MSDN and the update should start to be available next week.

Set active hours

Last time time you saw how to get the current active hours. This is how you set the active hours.

$sb = {
Set-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\WindowsUpdate\UX\Settings -Name ActiveHoursStart -Value 10 -PassThru
Set-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\WindowsUpdate\UX\Settings -Name ActiveHoursEnd -Value 22 -PassThru

Get-ADComputer -Filter * -Properties OperatingSystem |
where OperatingSystem -like "*Server*" |
select -ExpandProperty Name |
foreach {

Invoke-Command -ComputerName $psitem -ScriptBlock $sb -ArgumentList $psitem -HideComputerName |
select -Property * -ExcludeProperty RunSpaceId


The script block uses Set-ItemProperty to set the start and end of active hours. On Windows server 2016 you’re restricted to a 12 hour span for your active hours. Later Windows 10 builds allow up to 18 hours. I’ve used 10 for the start and 22 for the end to give me the best time spread that matches my activity – you can choose your own hours of course.


Getting the list of systems from AD and running the command remotely is as previously.

Get Active Hours

Windows 10 and Server 2016 (and later) have the concept of active hours. These are the hours you define as working hours in effect. This is how you get active hours for a system

$sb = {

$ahs = Get-Item -Path HKLM:\SOFTWARE\Microsoft\WindowsUpdate\UX\Settings

$props = [ordered]@{
ComputerName = $computerName
ActiveHoursStart = $ahs.GetValue('ActiveHoursStart')
ActiveHoursEnd = $ahs.GetValue('ActiveHoursEnd')

New-Object -TypeName PSobject -Property $props


Get-ADComputer -Filter * -Properties OperatingSystem |
where OperatingSystem -like "*Server*" |
select -ExpandProperty Name |
foreach {

Invoke-Command -ComputerName $psitem -ScriptBlock $sb -ArgumentList $psitem -HideComputerName |
select -Property * -ExcludeProperty RunSpaceId


The script block reads the registry key that contains the active hours information and outputs and object that contains the computer name, and start and end (in 24 hour clock) of the active hours.


I’m getting the information for all servers in the domain – use the OperatingSystem property on the computer to deselect non-servers. use Invoke-Command to run the command against the remote computer – hide the automatic computer name and runspaceid properties.

Windows update module

A Windows Update module is available on Windows versions 1709 and later. This includes Windows 10 Fall Creators Update, Windows Server 1709 and Windows Insider previews (Server and Client) post the 1709 release.

The module supplies the following cmdlets


The module is a CDXML module based on the root/Microsoft/Windows/WindowsUpdate/MSFT_WUOperations CIM class I discussed in a recent post.

If you’re working with these newer versions of Windows this module makes patching a good bit simpler. It shouldn’t be that much effort to backport the module using the MSFT_WUOperationsSession CIM class available on Windows Server 2016

Windows 10 Fall Creators Update

The Windows 10 fall Creators Update arrived this morning.


After the usual long download, install and then updating bits after I first log on (that last bit is really irritating – thought it was going away) I got into the machine.


First impression is that there are some minor cosmetic changes. Some icons (extensions) appear on the Edge menu bar that I didn’t have before and don’t want now so I have to waste my time undoing changes Microsoft, in their infinite wisdom, have imposed on me because they know better than I do how I want to work!  same with automatically adding the People icon to the taskbar. Stop changing my settings!


So what’s in FCU. Unless you’re a developer – on the surface there’s not a lot to be honest.


For Admins


For developers


Having feature updates every 6 months is a great idea but actually getting something useful would be better. Maybe some of the new features in PowerShell v6 being back ported would be a good one.

You have to laugh

Sometimes things just happen and you have to laugh.

So I decided I wanted to get back to working with the Windows 10 Insider previews (and Windows Server previews). This time I decided to use VMs rather than my working machine so that interruptions were minimised.

I created a new Windows 10 VM and as normal for VMs I set the initial memory to 512MB and used dynamic memory so that the machine could claim more RAM if required. Windows 10 installed with no problems. (Remember this).

I then went into Window Update and signed into the Windows Insider program. After triggering a scan fro updates build 16241 showed up and started downloading. Great.

It tried to install but failed with a message that 2GB of RAM was needed to perform the install!

So I can install from scratch with less than 2GB of RAM but I can’t update the build unless I have 2GB RAM.

Nice piece of joined up thinking there guys.

Sometimes you just have to laugh.

PowerShell Direct failure

PowerShell Direct is introduced with Server 2016/Windows 10. it enables you to create a remoting session from the Hyper-V host to a VM using the VM name or ID. I recent discovered a PowerShell Direct failure that I couldn’t explain until now.

Normally you do this:

PS> New-PSSession -VMName w16cn01 -Credential (Get-Credential w16cn01\administrator)

Id Name    ComputerName  ComputerType  State  ConfigurationName  Availability
-- ----     ------------  ------------    -----  -----------------  ------------
1 Session1       W16CN01  VirtualMachine  Opened                       Available

But on one particular machine I was getting this

PS> New-PSSession -VMName w16as01 -Credential (Get-Credential w16as01\administrator)
New-PSSession : [W16AS01] An error has occurred which Windows PowerShell cannot handle. A remote session might have ended.
At line:1 char:1
+ New-PSSession -VMName w16as01 -Credential (Get-Credential w16as01\adm ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo          : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [New-PSSession], PSRemotin
+ FullyQualifiedErrorId : PSSessionOpenFailed

I couldn’t find an explanation for this particular PowerShell Direct failure

I’ve been working with PowerShell v6 and OpenSSH the last few days and I noticed that the PowerShell directory had been removed from the system path by the installation of one of these pieces of software.

W16AS01 had been the first machine I experimented with PowerShell v6/OpenSSH and it was the first to experience this PowerShell direct failure.

I checked W16AS01 and sure enough the PowerShell folder was missing from the system path. Adding the Powershell folder back onto the path (and restarting the machine for luck) then retrying PowerShell Direct gives:

PS> New-PSSession -VMName W16AS01 -Credential (Get-Credential W16AS01\Administrator)

Id Name            ComputerName    ComputerType    State         ConfigurationName     Availability
-- ----            ------------    ------------    -----         -----------------     ------------
1 Session1        W16AS01         VirtualMachine  Opened                                 Available

Looks like I’ve found a solution for this particular PowerShell direct failure

Updating built in modules

Windows 10 and Server 2016 automatically install a module called Pester which is used for testing code. Its the foundation of Test Driven Development or Behaviour Driven Development using PowerShell.

The version  installed by default is 3.4.0.

Pester is originally an open source module that has been incorporated into Windows. The latest version from the PowerShell Gallery is 4.0.2

Normally you’d use Update-Module to install the new version BUT you didn’t install pester from the gallery using Install-Module so you’ll get a big fat error message.

The answer is to use

Install-Module pester –Force

You might still get an error message about the Pester module not being catalog signed. if you do and still want the latest version then use

Install-Module pester -Force -SkipPublisherCheck