troubleshooting

Published on TNWIKI: .Net Framework 3.5 Troubleshooting: installation errors (Permission issue)


Published at: .Net Framework 3.5 Troubleshooting: installation errors (Permission issue)

Applies to

  • Window Server 2016

Issue

.Net Framework 3.5 installation fails on Windows Server 2016

Troubleshooting

Tried many solutions like below

.NET 3.5 Uninstall detected

See:
MIM 2016 Troubleshooting: The installation just hanging without error, warning, log, Event-log

Windows Feature installation

See:
Windows Server 2012 R2 Troubleshooting: .NET Framework 3.5 installation failure (Offline/Online)

GPO Setting

See:
.Net Framework 3.5 Troubleshooting: installation errors (GPO)

Hotfix issue

See:
SharePoint 2013 Troubleshooting: NET 3.5 framework add feature error (the source files could not be found)

Solution

Grant read permission to the Everyone group on the installation files.

Check:
https://docs.microsoft.com/en-us/windows-server/administration/server-manager/install-or-uninstall-roles-role-services-or-features

 

Important

When you are installing feature files from a remote source, the source path or file share must
grant
Read permissions either to the
Everyone
group (not recommended for security reasons), or to the computer (local system) account of the destination server; granting user account
access is not sufficient.

Servers that are in workgroups cannot access external file shares, even if the computer account for the workgroup server has
Read permissions on the external share. Alternate source locations that work for workgroup servers include installation media, Windows Update, and VHD or WIM files that are stored on the local workgroup
server.

See also

References


 

Advertisements

Fresh on TNWiki: MIM 2016 Troubleshooting: The installation just hanging without error, warning, log, Event-log


Published on TNWIKI: MIM 2016 Troubleshooting: The installation just hanging without error, warning, log, Event-log

Credits

This issue was initially reported by
Guy Horn on LinkedIN
, republished with permission.

(Guy Horn’s LinkedIn profile)

Issue

When you try to install MIM, it continuously fails.

You can’t  add .NET Framework 3.5.

Symptoms

The installation was just hanging without error, warning, log, Event-log

Root cause

The problem was that some features were removed from the Windows Server Image.

Solution

NetFx3 should be specified and not ‘Net-Framework-Core’.

After re-adding the feature just ‘Add-WindowsFeature Net-Framework-Core’.

Detecting the issue

Run this PowerShell command, to find the removed features

# This command shows removed items from the Windows Azure Server 2016 Datacenter image.

Get-WindowsFeature
| Where-Object
-FilterScript {($_.installstate
-like “Removed”)}

Solution

Restore the optional feature

# This command restores the optional feature, MyFeature, to the Online Windows image. If the files are not found in the source image, this command specifies not
to check Windows Update for the source files.

Enable-WindowsOptionalFeature
-Online -FeatureName
“NetFx3” -Source
f:\sources\sxs -LimitAccess
-All

Add .NET FW core

# Add the feature

Add-WindowsFeature
-name net-framework-core

Script

# This command shows removed items from the Windows Azure Server 2016 Datacenter image.

Get-WindowsFeature
| Where-Object
-FilterScript {($_.installstate
-like “Removed”)}

 

# This command restores the optional feature, MyFeature, to the Online Windows image. If the files are not found in the source image, this command specifies not
to check Windows Update for the source files.

Enable-WindowsOptionalFeature
-Online -FeatureName
“NetFx3” -Source
f:\sources\sxs -LimitAccess
-All

 

# Add the feature

Add-WindowsFeature
-name net-framework-core

 


 

Using SPF to block mail account spoofing

Introduction

Did you ever got a mail from yourself, but you’re sure you did not send it?

This week I got that mail from a mail alias I’m using, so it’s actually not a native mailbox, but a mail forwarder address, which makes the claim that “the mailbox is hacked” pretty silly…

But if you got this message from a native mailbox, it does sound scary, isn’t it?

I already had some similar symptoms on other mail addresses in the same domain.

Symptoms

You get a mail from your own mail address… which is called mail spoofing.
And it looks like:

mailspoof

Spoofed mail message content

Hi!

As you may have noticed, I sent you an email from your account.
This means that I have full access to your account.

I’ve been watching you for a few months now.
The fact is that you were infected with malware through an adult site that you visited.

If you are not familiar with this, I will explain.
Trojan Virus gives me full access and control over a computer or other device.
This means that I can see everything on your screen, turn on the camera and microphone, but you do not know about it.

I also have access to all your contacts and all your correspondence.

Why your antivirus did not detect malware?
Answer: My malware uses the driver, I update its signatures every 4 hours so that your antivirus is silent.

I made a video showing how you satisfy yourself in the left half of the screen, and in the right half you see the video that you watched.
With one click of the mouse, I can send this video to all your emails and contacts on social networks.
I can also post access to all your e-mail correspondence and messengers that you use.

If you want to prevent this,
transfer the amount of $778 to my bitcoin address (if you do not know how to do this, write to Google: “Buy Bitcoin”).

My bitcoin address (BTC Wallet) is: 1GoWy5yMzh3XXBiYxLU9tKCBMgibpznGio

After receiving the payment, I will delete the video and you will never hear me again.
I give you 48 hours to pay.
I have a notice reading this letter, and the timer will work when you see this letter.

Filing a complaint somewhere does not make sense because this email cannot be tracked like my bitcoin address.
I do not make any mistakes.

If I find that you have shared this message with someone else, the video will be immediately distributed.

Best regards!

Root cause

The DNS setting of your domain is missing SPF records, that counter mail spoofing (an unauthorized mail server, user or hacker sending mail as “you”)…

Troubleshooting

When looking at the mail properties it’s pretty difficult (if not impossible) to find out who actually has sent the mail….

Solution

Basic domain settings

Add an SPF record to your domain DNS settings.

To get started, look up your mail provider or hosting provider’s name + SFP.

FYI, I’m hosting my domains at one.com, they’ve got some straight forward advise to configure the DNS. For any other domain, at any other provider it’s similar.

Office 365

When you buy a domain, but host your mail on O365, there are some additional settings to configure. But Office 365 will explain.

The easy part, logon to your O365 tenant, and check your domain health (see video below)

For more info, check these documents:

References

SPF tooling

Other security options

See also

Hotmail/Outlook.com Solving Mass Mailing Delivery Issues

Short URL: Http://aka.ms/outlook.com/help

While SPF is the first step, you should also consider DMARC and DKIM.

 

Please be aware of EUDT. BE unethical and dirty domain sales tricks (EN version)

fraudwarning

For the last 2 months I have been receiving some fraudulent, unethical and threatening mails from a company named “European Domains & Trademarks”, with the e-mail domain EUDT.BE, registered company name “Domeinnaam Register”.

The company is linked to: http://www.domeinnaamregister.com/ en http://www.nederlandsdomeinregister.nl/
In the Netherlands the company is registered as KVK: 64626679 and VAT: NL201158802B01. (as published on their website, the commerce register and DNS registrar).

The company is making false claims and is using unethical practices, and scaring people to extort money and scamming people into ridiculous expensive and fraudulent contracts.

The official registration owner of this URL and company is a Dutch company that is a very well known for very bad scamming practices.
And also the Belgian domain registration authority is warning for this company:
https://www.dnsbelgium.be/en/news/watch-out-domain-name-offers-domeinnaamregistercom

This is not their first warning, it already was reported in 2013 and 2016 (see below).

Also in the Netherlands, this organization is known and has been reported for the same malpractices before, like:

What it is about?

See full text at end of this post.

In short, he company contacts people, entrepreneurs, company owners pretending that they received a request to register a domain name (like company.nl) similar to the company domain you already registered (like company.com) and that they are legally forced to contact you to offer the first registration.

Next they say that they are obliged to register and protect the domain name for 10 year for €19.75 (ex VAT!) per year. And you need to pay this in one shot.

And a lot more bullshit in the mail…

What should you do?

  • DO NOT react to the mail, and ignore the mail,
  • before deleting the mail: report these practices to the authorities (eg Ministry of Economic Affairs)

If you really want that domain

  • DO NOT react to the mail, ignore the mail, delete the mail
  • contact your favorite, official and trusted registrar and by the domain via the regular / official channel

Why is this bullshit?

Please be aware that

  • domain registration is on a “first come, first serve” basis (unless it’s a malicious registration to harm a target company)
  • domains like .BE,  .NL, EU… cost about €6, €8, … 12 EUR per year.
  • Some registrars offer decent discounts, so it can be even cheaper.
  • You can renew domains YEARLY, no need to pay 10 years upfront.

See also

(BE-NL) Verkooptrucs met domeinnamen (*) (Credits: Dries Van Giel op 15 juni 2018)

More information

Credits: Dries Van Giel (*)

Belgium

Official warnings by DNS.BE

Official registrars

Warnings from official domain registrars and site hosters (no strings attached!)

Log a complaint at

If you’re already been caught by these #holes, you can register a complaint at: https://meldpunt.belgie.be/meldpunt/nl/welkommeldpunt.belgie.be

Netherlands

Full text (NL)

(Source: Happywebsites)

Geachte heer/mevrouw ,

Recent hebben wij telefonisch contact met u op proberen te nemen. Dit is tot op heden nog niet gelukt. We sturen u dus een email met daarin informatie over het volgende:
We hebben een aanvraag binnen gekregen om de website http://www.questforsecurity.eu te laten registreren. We zien in ons systeem dat u de eigenaar bent van http://www.questforsecurity.be. Helaas kan dit voor u in de toekomst verstrekkende gevolgen hebben. We zijn daarom dus wettelijk verplicht om contact met u op te nemen om u het eerste registratierecht te bieden. Dit houdt in dat wij de aanvraag van de derde partij afwijzen en de website:

http://www.questforsecurity.eu

Na een akkoord zullen doorlinken naar:

http://www.questforsecurity.be

Het komt er op neer dat u de eerste optie op de domeinnaam krijgt, dit om eventuele problemen in de toekomst te voorkomen. De aanvraag is gedaan vanuit de regio Antwerpen.
Doorgaans zijn wij verplicht om de domeinnaam voor 10 jaar vast te leggen en te beschermen. De jaarlijkse prijs voor de .EU extensie is € 19,75 per jaar. Dit betekent dus een eenmalig bedrag van €197,50. Wanneer de doorlink voltooid is, zal al het verkeer wat naar de .EU extensie gaat, automatisch op uw .BE extensie terecht komen. De verwerking hiervan duurt maximaal 24 uur. Deze domeinnaam is dan wereldwijd bereikbaar. De derde partij wordt afgewezen en deze kan niks met uw domeinnaam doen.
Overige informatie:

U ontvangt een eenmalige factuur van €197,50 exclusief BTW voor een looptijd van 10 jaar.

Na een jaar kan het ten alle tijden geannuleerd worden. U krijgt dan het resterende aantal jaren op uw rekening teruggestort.

Indien u hiermee akkoord gaat, stuur dan binnen 24 uur na ontvangen van deze email een akkoord per mail naar met daarin uw naam, en factuurgegevens naar; bart@eudt.be
Hierop volgend gaan wij de derde partij afwijzen en de doorlink in orde maken. U krijgt dezelfde dag nog alles per mail toegestuurd met alle informatie die u nodig heeft.

Met vriendelijke groeten,

Bart Mulder
European Domains & Trademarks
http://www.eudt.be
bart@eudt.be

And also


Reynaud Laurent
European Domains & Trademarks
http://www.eudt.be
reynaud.laurent@eudt.be

Better be smart.
Be safe.

And I hope these ### will be stopped sooner than later.

#MIM2016 Troubleshooting: SQL Connection issues

On TNWiki you’ll find my latest article on MIM 2016 troubleshooting.

MIM 2016 Troubleshooting: SQL Connection issues

This week I got (dragged into/) involved in a MIM 2016 performance troubleshooting, on a test / dev server, facing a large bunch of errors.

The first detection happened on the sync server, but apparently rather it’s twin brother was causing the issues.

It became pretty quickly obvious that MIM was not able to connect to (one of) it’s databases on the SQL server, so the sync engine was unable to pull information from the MIM service.

Also bizar, we could still work on the MIM sync GUI, but almost any MA action in the GUI failed…

Furthermore the Portal did not respond and finally the “MIM Service” service, didn’t behave as expected, not willing to start.

The event viewer contained the obvious amount of errors…

Finally,  the SQL DBA to the rescue.

I’ve added a lot of significant technical event info into the article, to make it easy to search for you, for later reference.

Read the tech details in: MIM 2016 Troubleshooting: SQL Connection issues

Note-To-Self: ICYMI, #MIM2016 Support for SQL Always On Availability groups

Based on a recent customer support experience with MIM (migrating from MIM 2016 RTM to SP1 latest hotfix), I ran into a few issues…

They have been documented here:

And also

While investigating the MIM Performance, we bumped into some SQL configuration issues, seriously impacting the MIM performance.
Finally ending up with staging the latest hotfix on MIM… (which is in general always a good idea and best practice).

But, talking the SQL performance, in that troubleshooting exercise another question popped up, again: Always on Availability groups.

And while this has been an issues for long time, the good news is : as of MIM 2016 SP1 (4.4.1459.0 or Later), Always On Availability groups are now supported.

You can find the announcement here: https://blogs.technet.microsoft.com/iamsupport/2017/03/22/microsoft-identity-manager-2016-sp14-4-1459-0-or-later-support-for-sql-2016-always-on-availability-groups/

Strangely enough it’s not mentioned in the KB article for the hotfix: SP1 March 2017 Hotfix (4.4.1459.0),

Still, the page on SQL Server availability solutions for Microsoft Identity Manager services databases, is not mentioning AoA, see here: https://support.microsoft.com/en-us/help/3200896/sql-server-availability-solutions-for-microsoft-identity-manager-servi

So, you need to keep that one in your MIM knowledge backpack.

#MIM2016 Troubleshooting: Uninstall fails with error – Administrator privileges are required to run installer. Please re-launch installer with administrator privileges.

I’ve got a new post up on TechNet Wiki about MIM2016 troubleshooting:

Full version at the TNWIKI: MIM2016/FIM2010 Troubleshooting: Uninstall fails with error – Administrator privileges required

Feel free to add useful information yourself, I’m looking forward to your feedback and cooperation to make it better.

The short version is below.

Rikard Strand Jump has published a similar article, which has served as baseline for this article. Rik’s article is focussed on DirSync, but the troubleshooting below is more widely applicable and even programs not related to FIM/MIM/DirSync…

When you try to uninstall or to change the component from the Control Panel > Programs (Uninstall a program), you get a error pop up, saying:

Administrator privileges are required to run installer. Please re-launch installer with administrator privileges.
There are some troubleshooting steps, including running the Control Panel in administrator mode.
If that doesn’t work, you need to find the uninstaller info in the registry and run the msiexec command with the uninstaller info.
Open the registry editor and navigate to

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\

In this directory you’ll find the installed programs with their GUID, which is mostly fixed per application.

Eg

  • MIM 2016: {5A7CB0A3-7AA2-4F40-8899-02B83694085F}
  • DirSync/AADConnect: {C9139DEA-F758-4177-8E0F-AA5B09628136}

And finally, the quick and dirty option is to kill the uninstall registry key before your run the uninstall from the control panel again

In case of MIM2016
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5A7CB0A3-7AA2-4F40-8899-02B83694085F}
You know the usual warning: I didn’t tell you to delete the registry key.