Category Archives: Microsoft

Anything related to Microsoft and their products

Pässler PRTG 17.3.32.2478

I’ve been exploring Pässler PRTG on Microsoft Windows Server 2016 (Microsoft Imagine Premium) for the past couple of days. While the system is impressive and on the border of being overwhelming, it lacks complete IPv6 support.

The web interface is IPv4 only, and the NetFlow v9 collector only understands IPv4. PRTG can do PING, SNMP, etc, over IPv6, but you can only specify whether PRTG should contact a device using IPv4 or IPv6, not both. For as long as our networks remain dual-stack it makes sense to explore both network protocols simultaneously, in the same manner we can do with Icinga and Nagios, i.e. specify IPv4 and IPv6 addresses where applicable. A workaround is to register a device twice, once for IPv4 and again for IPv6. Be careful not to create too many duplicate sensors.

I wish PRTG would ask me if I wanted to run autodiscovery after installing it. PRTG detected our core switch as the DHCP (relay) service, duplicating all the sensors it could find.

Neither SNMP nor PRTG are ZFS aware, and in many cases it’s utterly pointless to monitor a lot of ZFS filesystems. Instead we should monitor ZFS pools, if only that were possible.

SNMP doesn’t convey whether a filesystem is diskbased or not, so I had to remove sensors for mountpoints such as /dev, /dev/fd, /proc, /usr/compat/linux/proc, /var/Named/dev, etc.

Network Connection Status Indicator (NCSI)

… Windows machines try to request two URLs (www.msftncsi.com/ncsi.txt and ipv6.msftncsi.com/ncsi.txt, the former over IPv4, the latter over IPv6) to ascertain whether a given network is routed to the Internet and if there is a captive portal in the way (NCSI stands for “Network Connection Status Indicator”).

Ref.: http://arstechnica.com/information-technology/2015/08/even-when-told-not-to-windows-10-just-cant-stop-talking-to-microsoft/

See also: https://blogs.technet.microsoft.com/networking/2012/12/20/the-network-connection-status-icon/.

Ad for Windows 10 camouflaged as a security update, how low can one sink?

KB3146449 is another update one should avoid installing.

From its own description:

Updated Internet Explorer 11 capabilities to upgrade Windows 8.1 and Windows 7

And:

This update adds functionality to Internet Explorer 11 on some computers that lets users learn about Windows 10 or start an upgrade to Windows 10.

Continue reading Ad for Windows 10 camouflaged as a security update, how low can one sink?

KB2977759 and KB2952664 now available in WSUS

A couple of KBs, KB2977759 and KB2952664, related to the dreadful Appraiser stuff, appeared in our WSUS instance this week. The former just made it on my list of KBs one should avoid. Both was promptly declined.

The list encompasses:

  • KB2952664, Compatibility update for upgrading Windows 7
  • KB2977759, Compatibility update for Windows 7 RTM
  • KB3022345, Update for customer experience and diagnostic telemetry (superseded by KB3068708, see below)
  • KB3035583, Update installs Get Windows 10 app in Windows 8.1 and Windows 7 SP1
  • KB3068708, Update for customer experience and diagnostic telemetry
  • KB3075249, Update that adds telemetry points to consent.exe in Windows 8.1 and Windows 7
  • KB3080149, Update for customer experience and diagnostic telemetry
  • KB3123862, Updated capabilities to upgrade Windows 8.1 and Windows 7

Another bad KB? KB3123862

Earlier this week Microsoft released another batch of Windows updates. Among them are KB3123862. As usual, the title displayed by Windows Update gives no clue to what this update actually does: “Update for Windows 7 for x64-based Systems (KB3123862)”. Clicking on the More information link reveal the following:

Updated capabilities to upgrade Windows 8.1 and Windows 7

This update adds capabilities to some computers that lets users easily learn about Windows 10 or start an upgrade to Windows 10.

“Easily learn about Windows 10”? “Start an upgrade to Windows 10”? I have an experimental laptop at work where I learn all I can about Windows 10 and the applications we use at work. That’s all I need at the moment.

No, thank you. I don’t want to install Windows 10 until I’m willing. Needless to say, this update was never installed on my Windows 7 computer at home, and the update was promptly hidden.

I feel really sorry for the computer illiterate. How are they supposed to know what’s good or bad for them?

The list of bad KBs when it comes to Windows 10 and its intrusiveness is expanded to cover:

  • KB2952664, Compatibility update for upgrading Windows 7
  • KB3022345, Update for customer experience and diagnostic telemetry (superseded by KB3068708, see below)
  • KB3035583, Update installs Get Windows 10 app in Windows 8.1 and Windows 7 SP1
  • KB3068708, Update for customer experience and diagnostic telemetry
  • KB3075249, Update that adds telemetry points to consent.exe in Windows 8.1 and Windows 7
  • KB3080149, Update for customer experience and diagnostic telemetry
  • KB3123862, Updated capabilities to upgrade Windows 8.1 and Windows 7