Error “Trust Relationship between Workstation and Primary Domain failed”

The Error “Trust Relationship between Workstation and Primary Domain failed” does not come up often but it is scary when it does.   The quick explanation for this error is that the Active Directory stores a password for the computers connecting to it and the machine that has this error somehow did not sync correctly while using that password.  Microsoft knows about this problem and made these tools specifically to fix it.

Most sites tell you to un-register the computer with the domain, then re-register it.  This, in most cases, will create a new user profile. You will then need to rebuild and copy files and configurations from the old user directories to the new. Fortunately, there is a simpler and easier way of doing this.

Both the above method and the one I am about to describe require you to login to the local machines’ admin account.   Here is a good time to point out that you should retain the username and password for all of your workstations administrator type account just for this purpose.

Up to Windows 2012

Up to Windows Server 2012, you can use the Netdom command from either an elevated PowerShell or command prompt.  In windows 10 and Server 2016 they dropped this command and instead use the Reset-ComputerMachinePassword in PowerShell to accomplish this.  Windows Server 2012 can use either method.

To use the Netdom command you will need to first login as a local administrative user.   If you forgot the password there are methods of recovering it but I won’t discuss them in this article.   After logging in you will need to open the command prompt with Administrator privileges.  Then run the command as follows:

netdom resetpwd /server:DC_NAME /userd:USERNAME /password:PASSWORD

You will want to change the following to match your system:

  1. DC NAME to the name of your Domain Controller.
  2. USERNAME to a domain user that has rights to join new computers to the Domain.
  3. PASSWORD to either the above USERNAME’s password or use an * to have the computer prompt you for it.

After this completes you can just reboot your computer and login again under your Domain.  Everything should work as normal.

Windows 2012 to current

For Windows 2012 and beyond the same method is accomplished in PowerShell using the Reset- ComputerMachinePassword commandlet

Again, you will need to login with a local Administrator privileged account.  Then Open PowerShell with Administrator Privileges.  Once PowerShell is open you will use the following commandlet :

Reset-ComputerMachinePassword -Server “DC01” -Credential Domain01\Admin01

You will want to change the following to match your system:

DC01 to the name of your Domain Controller.

Domain01\Admin01 to your domain before the \ and a user that has rights to join new computers to the Domain after the \.

This will then prompt you for the Password for the user you specified.

Afterwards exit PowerShell and reboot your computer and login in again under your Domain.  Everything should work as normal.

 

MSI installation fail

When you get:

“The feature you are trying to use is on a network resource that is unavailable”

During and installation of a MSI file you may just be dealing with a registry error.  MSI installations sometimes get messed up and won’t install.   One of the causes of this is prior installation attempts or removals that didn’t quite finish the job. 

Then this is likely the situation.   Along with the error above it will tell you it cannot find the file and ask you to search for it.  You probably won’t be able to find this file but there is a solution.   It involves using the registry so if you are uncomfortable with this I would advise having someone knowledgeable do this.  My usual advice would be not to attempt this yourself.

First open the registry editor and make sure you are at the root.  Once there, search for the file your program is requesting (program.msi).  It will be associated with a key that will look something like (example only not actual key) {ACDA0F20-94F0-449E-B81F-F8179E3DE605} You will need to delete the entire key that is associated with that MSI file.   There should only be one key in the registry so to make sure you may want to continue the search before deleting this key then start from the beginning to find it again before deleting it.

 

Disable automatic reboots for Windows Update version 7, 8 and 10

There are two ways of doing this without disabling automatic updates.  The first way will work on Home, Pro, and Enterprise editions.  The second method involves the Group Policy Editor and will only work in Pro and Enterprise editions.

The first solution involves making a registry modification.  I do not suggest this method since it involves modifying the registry and anything involving modifying the registry is not the best practice, since you can wreck your computer this way.

 

Open the registry editor.
Navigate to HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate\AU
(If the key doesn’t exist you will need to create it)
Create a new DWORD value called AUOptions and enter a value of either 2 or 3.
(2 = Notify before download)
(3 = Automatically download and notify of installation)

Restart your PC

 

The cleaner solution is to use the group policy editor as follows:

 

Open the Group Policy Editor (gpedit.msc)
Navigate to
Computer Configuration \ Administrative Templates \ Windows Components \ Windows Update
Open
Configure Automatic Updates
Enable the policy and make any changes here you want.

Optionally you may want to also enable
Re-prompt for restart with scheduled installations
and set the interval to the largest possible value (1440 which is 24 hours) just so you don’t keep getting the pop up every 10 minutes after it actually does an update.

Restart your PC

Note: Restarting or shutting down from the start menu doesn’t seem to trigger the install process after this.

 

WoL (Wake on Lan)

WoL is useful for remote computers that perform specific tasks that do not require users. It can also be used for remote maintenance: if you shut down your computer and the technician needs access to it with WoL they can start it up, do their maintenance, then shut it down.

There is the problem of getting it to work, however. With the introduction of Windows 8, Microsoft added a “Fast User Switching” feature. With this introduction came a system to completely shut down your computer without any monitoring. Imagine you turn off your TV then the remote will not turn it back on because it turned off even the circuit that monitors that. With “Fast User Switching” Windows does exactly that. You will need to go the power settings under “what the computer does when you press the power button” to turn off this feature.

Another problem with some computers that is not Windows related, but essentially does the same thing, is in the BIOS you can tell the computer to go into a very deep sleep. This effectively does the same thing but at the machine level. You will need to go into the BIOS and turn this off or to a less deep sleep. While you are there you will also need to turn on the network adaptors WoL feature.

You can find several good programs on the internet that will wake up a computer and some with timers that will turn them on and off on a schedule.

Mapping a network drive

There are several different ways to map a network drive in Windows. Each way is, although different, basically the same. They all achieve the same end result and can be used interchangeably.

1. Use Windows Explorer
2. Use command prompt “Net Use”
3. Use Group Policy Editor

In Windows Explorer there are actually two ways of doing this. The easiest is to expand the network and then choose the computer which has the directory you want mapped. Then just left click on the directory and choose map network drive. All that is left after that is to assign the drive letter. The second method is in the Explorer header there is an option to Map Network Drive. This option will open a similar window without a drive mapping already filled in. You can now either browse for the folder or can type it in directly using the UNC of the folder.

If you want to use the command prompt you can use a command “Net Use”. With this command you can map drive letters and printer shares. You just need to know what the share name is.

Ex: net use x: \\mysharedcomputer\sharename

There are more options with net use that you can use to enter login credentials and such you can get a list by typing “net use /?”.

The last option is with group policy manager. This option is great for a server side configuration. There are a lot of things you can do the group policy manager but for now let us concentrate that you can map network drives. The best reason for doing it this way is for multiple people that need to share the same resource. It transcends changing of both computers and people. Setup correctly the only thing you need to do with group policies enabled is to attach the computer to the network and everything else is done for you. You can map network drives, printers, establish login policies, create defaults for internet explorer, assign local privileges, basically almost anything can be tweaked to your desire here and automatically update when the user logs on. All of these things can managed down to granular settings either by user, computer or even operating system. Any one all three or any combination thereof.

On your server based Group Policy Management Editor under “User Configuration” go to “Preferences” / “Windows Settings” then use “Drive Maps”. You can also setup login scripts and use the “net use” command from within these scripts.

HOW TO MAKE SYMBOLS WITH KEYBOARD

HOW TO MAKE SYMBOLS WITH KEYBOARD

If you would like to insert symbols to something you are typing you can do it with one simple method.  Use the Alt key like a shift key and hold it down while you type any of the following number combinations.  When you release the Alt key you will see the corresponding symbol in your text.

 Alt + 0153….. ™… trademark symbol

 Alt + 0169…. ©…. copyright symbol

 Alt + 0174….. ®….registered ­ trademark symbol

 Alt + 0176 …°……degree symbol

 Alt + 0177 …±….plus-or ­-minus sign

 Alt + 0182 …¶…..paragr­aph mark

 Alt + 0190 …¾….fractio­n, three-fourths

 Alt + 0215 ….×…..multi­plication sign

 Alt + 0162…¢….the ­ cent sign

 Alt + 0161…..¡….. ­.upside down exclamation point

 Alt + 0191…..¿….. ­upside down question mark

 Alt + 1…….….smiley face

 Alt + 2 ………..black smiley face   

 Alt + 15…..…..sun

 Alt + 12………..female sign

 Alt + 11…..……m­ale sign

 Alt + 6…….…..spade

 Alt + 5…….…… ­Club

 Alt + 3…….…… ­Heart

 Alt + 4…….…… ­Diamond

 Alt + 13………..e­ighth note

 Alt + 14………… ­beamed eighth note

 Alt + 8721…. …. N-ary summation (auto sum)

 Alt + 251…..…..square root check mark

 Alt + 8236…..….. ­infinity

 Alt + 24…….….. ­up arrow

 Alt + 25………… ­down arrow

 Alt + 26…..…..r­ght arrow

 Alt + 27………..l­eft arrow

 Alt + 18…..……u­p/down arrow

 Alt + 29………lef­t right arrow

For a comprehensive list you could go here:
Facebook Symbols

 

Windows 10 Virtual Desktop

Like the Mad Hatter in Wonderland, Microsoft now has a built-in way of moving down for clean cups.   If you have even been in the middle of a project with windows open everywhere and suddenly needed to switch to something else but still needed all those lovely windows you will appreciate virtual desktops. They allow you to just switch to a completely clean desktop and start fresh. With the ability to switch back to the cluttered one you were so diligently working on.

Windows 10 taskbar snipitThere is a little symbol at the bottom of your screen that looks like a rectangle with a square on top of it. It sits next to the search window. If you click on this your screen will be put into a window and you will see two (more if you are already using this) miniature desktop screens on the bottom. One will be the cluttered one and the other a clean one. If you click on the clean one, then you will get a clean desktop that you can immediately start cluttering again. You can use this again to switch back to your original one. You will also see off to the right bottom a “+” button that will allow you to add more desktops as many as you desire.

While on this screen you can also drag an open program to any of the desktops you wish. This allows you to even organize all that extra clutter.

And for even quicker access there are keyboard shortcuts that allow you to move and switch without using the (dor)mouse.

Keyboard shortcuts for using Virtual Desktop in Windows 10:

  • WIN + CTRL + LEFT/RIGHT: Switch to previous or next desktop
  • WIN + CTRL + D: Create a new desktop
  • WIN + CTRL + F4: Close the current desktop
  • WIN + TAB: Launch task view

End of Free Windows 10 Upgrade

Microsoft has announced that it will be ending it’s Free upgrade to Windows 10 program as of July 29 this year.   This is no surprise since Microsoft originally announced that It will only last a year.  Times up folks!  It’s either upgrade now or pay for the upgrade after the 29th of July.  So if you have been hesitating do it now.

The good news, for all of you who don’t want to upgrade, Microsoft will phase out the annoying upgrade pop-up after July 29th as well.  It may take a month or two but Microsoft will finally stop nagging you.

As seen on InfoWorld.

As seen on PCWorld.

As seen on the Verge.

 

Windows XP and DNS

DNS or Directory Name Service is how your browser finds a website from a name.  For example when you type in csispecialist.com your browser looks it up on a DNS server and gets the correct address and then opens the page for you using that address.   It would be like asking where the local pub is and someone telling you it is on 712 Main Street so you can then can go to that specific address.

Most DNS servers today update their information every 2 hours and sometimes even less.  However when XP was around the servers only updated every 24 hours or more.  If you are still running XP you can change this value with a registry edit.  This edit works on newer systems as well but most current operating systems take the shorter time into account.

The registry edit is as follows:

Under:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\Dnscache\Parameters
Add the DWORD value: MaxCacheTtl

then set the value (in decimal) to:  7200

That sets it to expire entries that are 2 hours or older.


Another thing that DNS does is cache negative entries.  These are simply entries that did not resolve to a legitimate address.   If you use multiple DNS providers or are checking to see when a site comes up after setting it’s DNS this could also be useful.  To do this there is another registry setting you can put in.

 

The registry edit is as follows:

Under:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\Dnscache\Parameters
Add the DWORD value: MaxNegativeCacheTtl

then set the value (in decimal) to:  0

This will tell XP to stop caching stuff that’s not there.

After you have applied either or both of these registry settings you can reset the DNS cache on your computer by opening the command prompt and typing the following:

ipconfig /flushdns

Your computer should return:

“Windows IP Configuration

Successfully flushed the DNS Resolver Cache.”

Hibernate

If you are running a desktop computer you probably never put it into a hibernate mode.  Sleep is usually good enough since it does not have a battery to drain and computers wake up from sleep faster.

There is a file that is created on your computer made for hibernation that will completely save your desktop state called hiberfil.sys.    This file is hidden and on the root directory of your hard disk.   It contains everything you need to wake up from sleep.  However this file is not necessary if you never hibernate your computer and most desktops do not need hibernate mode.

Microsoft has more information on this as well as the means of turning if off and on.  It is on their website under Knowledge Base Article 920730.  Or if you want to just do it your self you can open the command prompt in administrator mode and type the following command:

powercfg -h off

If you want to turn it back on for any reason just use the same command with the word “on” instead of “off”.