Tag Archives: windows

Windows Server 2022 Essentials – a good deal for small businesses but what is it really?

I have just installed Windows Server 2022 Essentials on a Gen 10 Plus HPE Server – a somewhat arduous experience mainly thanks to what seems to me HP’s buggy firmware and utilities. I optimistically tried to use Intelligent Provisioning; this is meant to update itself before use but got into a loop where it would not update, the solution being to download the latest version from HPE and install it from a USB stick. That worked but I still could not get Intelligent Provisioning to install Windows Server and ended up going a more manual route. Once installed you will need HP’s SUM (Smart Update Manager) to install drivers and update other bits of firmware; this runs as a local web application but when it attempts to open in the default browser (Edge) it hangs on “Loading”; the solution was to use Firefox. I also hit a documented problem where Windows reports virtualization as not enabled and Hyper-V therefore does not work. All fixed now and one thing that I do like about HPE servers is the ILO (Integrated Lights Out) and the ability to do everything remotely including changing BIOS settings.

The main focus of this post though is Windows Server 2022 Essentials, which I purchased with the new server.  Curiously it installs as Windows Server Standard and at first I thought something must be wrong. Not so; this is quite a different thing than previous versions. Windows Server Essentials is two things: a role in Windows Server 2012, 2012, and 2019; and an edition of Windows Server aimed at small businesses. The edition is a good deal for organizations that fit within its limitations since it is modestly priced and does not require CALs (Client Access Licenses),  though it seems you can now only buy it as OEM software. If you exceed the limitations, you have to upgrade to full Windows Server and add the CALs too.

The fact that Server Essentials is both a role and an edition leads to some hilarious confusion including this remark in the official documentation.

image

All that is irrelevant now though as the role has gone since Server 2019.

The consequence of these changes is that Server Essentials now has very little specific documentation. The features are the same as Windows Server Standard, other than the stringent hardware limits which are:

For Windows Server 2022 Essentials:

1 CPU socket, 10 CPU cores, 128GB RAM

For Windows Server 2019 Essentials:

2 CPU sockets, no core limit, 64GB RAM

In addition, the licensing terms state that “Up to either 25 unique users or 50 unique devices may access and use the software at one time” and that “Windows Server CALs are not needed to access the server software.  Some server software functionality may require special CALs.”

Finally, there is provision for virtualization of the server by installing both directly on the hardware and a further instance as a VM, provided that “if you run both permitted instances at the same time, the instance of the server software running in the physical operating system environment may be used only to run hardware virtualization software or provide hardware virtualization services.”

In every other respect, it is Windows Server Standard. A note here states:

With Windows Server 2022, the Essentials edition is available to purchase from OEMs only, however there is no specific installation media. Instead, an Essentials edition product key is used to activate the Standard edition of Windows Server 2022. You get all the same features.

I cannot see any requirement for it to be a domain controller or other such restrictions which apply to earlier versions – though in most cases it probably would be. You can also run Azure AD Connect on versions since 2019.

Windows Server Essentials is the last remnant of what used to be Small Business Server, which in its time was a great solution for small organizations when properly installed and managed. Microsoft now expects such businesses to use 365, though a local server is still handy for things like local user management, print management, local file shares, or applying group policy if you do not use InTune. Further, there is still plenty of business software that expects to run on Windows Server.

Windows Subsystem for Linux 2 will not start: a possible fix

I find that Windows Subsystem for Linux (WSL) sometimes fails to start after rebooting Windows 11. Once it is up and running it is fine.

Symptoms are that WSL fails to open and the wsl command hangs. VS Code, if set to open in WSL, fails to open the folder.

Rather than rebooting, you can also try the steps here. It is a matter of finding the process id for LxssManager:

tasklist /svc /fi “imagename eq svchost.exe”

then using End Process Tree in the Task Manager Details view for that process ID to terminate it. It will then restart automatically or you can use the wsl command as usual.

Notes from the field: virtualising an existing Windows server using UEFI and Secure Boot

Over the weekend I had the task of converting an existing Windows server running on HP RAID to a virtual machine on Hyper-V. This is a very small network with only one server so nice and simple. I used the sysinternals tool Disk2vhd which converts all the drives on an existing server to a single VHD or VHDX. It’s a nice tool that uses shadow copy to make a consistent snapshot.

The idea is that you then take your VHDX and and make it the drive for a new VM on the target host, in my case running Server 2019. Unfortunately my new VM would not boot. Generally there are three things that can happen in these cases. One is that the VM boots fine. Second it tries to boot but comes up with a STOP error. Third, it just sits there with a flashing cursor and nothing happens.

At this point I should say that Microsoft does not really support this type of migration. It is considered something that might or might nor work and at the user’s risk. However I have had success with it in the past and when it works, it does save a lot of time especially in small setups like this, because the new VM is a clone of the old server with all the shared folders, printer drivers, applications, databases and other configuration ready to go.

Disclaimer: please consider this procedure unsupported and if you follow any tips here do not blame me if it does not work! Normally the approach is to take the existing server off the network, do the P2V (Physical to Virtual), run up the new VM and check its health. If it cannot be made to work, scrap the idea, fire up the old server again, and do a migration to a new VM using other techniques, re-install applications and so on.

In my case I got a flashing cursor. What this means, I discovered after some research, is that there is no boot device. If you get a STOP error instead, you have a boot device but there is some other problem, usually with accessing the storage (see notes below about disabling RAID). At this point you will need an ISO of Windows Server xxxx (matching the OS you are troubleshooting) so you can run the troubleshooting tools. I downloaded the Windows Server 2016 Hyper-V, which is nice and small and has the tools.

Note that if the source server uses UEFI boot you must create a generation 2 Hyper-V VM. Well, either that or go down the rabbit hole of converting the GPT partitions to MBR without wiping the data so you can use generation 1.

For troubleshooting, the basic technique is to boot into the Windows recovery tools and then the command prompt.

I am not sure if this is necessary, but the first thing I did was to run regedit, load the system hive using the Load Hive option, and set the Intel RAID controller entries to zero. What this does is to tell Windows not to look for an Intel RAID for its storage. Essentially go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSetXXX\Services (usually XXX is 001 but it might not be) and find the entries if they exist for:

iaStor

iaStorAVC

iaStorAV

iaStorV

storAHCI

and set the Start or StartOverride parameters to 0. This even works for storAHCI since 0 is on and 3 is off.

The VM still would not boot. Flashing cursor. I am grateful for this thread in the Windows EightForums which explains how to fix EFI boot. My problem, I discovered via the diskpart utility, was that my EFI boot partition, which should show as a small, hidden, FAT32 partition, was instead showing as RAW, meaning no filesystem.

The solution, which I am copying here just in case the link fails in future, was (within the recovery command prompt for the failing VM) to do as follows – the bracketed comments are not to be typed, they are notes.

diskpart
list disk
select disk # ( # = disk number for the disk with the efi partition)
list partition (and note size of old efi or presumed efi partition, which will be small and hidden)
select partition # (# = efi partition)
create partition efi size=# (size of old partition, mine was 99)
format quick fs=fat32 label=”SYSTEM”
assign letter=”S”
exit

assuming C is still the drive letter assigned to your windows partition

type:

C:\Windows\System32\bcdboot C:\Windows

This worked perfectly for me. The VM booted, spent a while detecting devices, following which everything was straightforward.

Final comment: although it is unsupported, the Windows engineers have done an amazing job enabling Windows to boot on new hardware with relatively little fuss in most cases – you will end up of course with lots of hidden missing devices in Device Manager that you can clean up with care though I don’t think they do much harm.

Funbridge abandons its Windows app

It appears that Funbridge, an online bridge game, is discontinuing its app for Windows.

image

There is a bit of a sad story here. Funbridge used to have a Windows app that was a little messy but excellent. The company (GOTO Games) then came up with a mobile app for iOS and Android, which worked well on iOS and a bit less well on Android. This mobile app then migrated to Windows and Mac, in terms of look and feel; I  am not sure what programming framework it uses. The new-style Windows version has always been worse than the mobile versions for me, the UI is not really suitable for Windows, and I mainly play on iPad. Now it is going altogether, with users directed towards the web site.

I have always liked the Funbridge user interface on mobile and the asynchronous approach it users, so players can take as long as they like. Everyone plays against the computer and then compares their score with other humans playing the same cards. Funbridge is adding new real-time play though and will soon be adding audio and video online; this may relate to its retirement of the Windows application.

The abandonment of the Windows app is interesting in the context of Microsoft’s hope to boost Windows apps and the Microsoft Store in Windows 11. It looks as if GOTO Games will not be playing.

Windows Subsystem for Linux 2: Microsoft’s change of direction delivers better performance, worse integration

It is s feature which most users are not even aware of, but for developers and admins the Windows Subsystem for Linux (WSL) is perhaps the best feature of Windows 10. It gives you seamless access to Linux applications and utilities without needing to run a virtual machine (VM) or remote session. For example, I use it to develop and debug LAMP (Linux, Apache, MySQL, PHP) applications using Visual Studio Code on Windows as the editor. I also use it for running the Let’s Encrypt certbot utility as well as using Linux OpenSSL utilities. It solves Windows annoyances like path limitations and case insensitivity.

Now at the Build developer conference Microsoft has introduced WSL, advertising “dramatic file system performance increases, and full system call compatibility.” That is great, but there is a downside. Unlike the first version, WSL 2 runs in a VM:

WSL 2 uses the latest and greatest in virtualization technology to run its Linux kernel inside of a lightweight utility virtual machine (VM)

says the announcement from Microsoft’s Craig Loewen.

Although Microsoft also says that WSL 2 “still provides the same user experience as in WSL 1,” this is not altogether true. One specific difference is that currently I can run my LAMP application, fire up a Windows browser, navigate to Localhost, and there is my application. In WSL 2, the LAMP application will have a different IP number so this will not work. To be fair, when I discussed this with a member of the team I was told that they are working to address this and tinker with the networking so that localhost will work again. It also arguable that the different IP number is preferable behaviour, since it will not conflict with other endpoints on the Windows side. But it is different.

The use of a VM for WSL 2 is the conventional approach to this problem. In fact, you have been able to run a Linux VM on Windows for many years. The difference is the work Microsoft is doing to provide the fastest possible startup and deep integration with the file system so that it behaves more like the original WSL than like an isolated VM. In other words, the problem of running Linux binaries by redirecting system calls (WSL) has been exchanged for another.

image

Why the change of direction? There are several reasons.

The first is compatibility. No matter how well WSL worked (and it does work very well), there would always be something that did not work as users attempted to use more and more Linux applications.

Second, performance. Apparently:

Initial tests that we’ve run have WSL 2 running up to 20x faster compared to WSL 1 when unpacking a zipped tarball, and around 2-5x faster when using git clone, npm install and cmake on various projects.

Third, when WSL was first conceived it was intended to work on mobile devices which could not support a VM (maybe this was something to do with Android compatibility efforts on Windows Phone).

Finally, Hyper-V has improved to the extent that running WSL 2 on a VM is more feasible.

It does mean that Microsoft will ship its own (but open source) Linux kernel with Windows and update it via Windows Update, a good thing for security.

The reasons are good ones, but it would not surprise me to see other niggling integration issues. And it is just a little sad that the magic of the original WSL has been replaced by a more conventional approach.

I also feel that if you came to Build looking for support for a narrative that Microsoft is drifting away from Windows and towards Linux, WSL 2 would support that narrative.

Microsoft Build and the repositioning of Windows

Microsoft Build is under way in Seattle, with around 6000 attendees here to learn about the company’s latest developer technology. But what is the heart of Microsoft’s platform today? The answer used to be Windows – and this conference was originally the Build Windows event, distinct from the earlier Professional Developer Conference which was run by the Developer Division and had a wider scope.

image
Microsoft’s Satya Nadella introduces Build 2019 

  Today though it is not so clear. The draft Build 2019 press release hardly mentions Windows. Here is the summary of topics: 

In his opening keynote, Microsoft CEO Satya Nadella outlined the company vision and developer opportunity across Microsoft Azure, Microsoft Dynamics 365 and Power Platform, Microsoft 365, and Microsoft Gaming”

Windows is there of course. Azure uses Hyper-V, the Windows Server hypervisor. A Microsoft 365 license is a bundle of Office 365, InTune device management, and Windows Enterprise. Microsoft Gaming includes PC gaming, and Xbox gets its name from the Windows DirectX hardware accelerated graphics API. But no, this is no longer a conference about developing for Windows, and Microsoft seems happy for its operating system to be less visible. PCs remain the devices on which many of us get most of our work done, but it is not a growth market, and cannot really become one unless by some miracle Microsoft returned to mobile or wearables. That would be hard, especially since the Universal Windows Platform, originally conceived as an app platform for touch and mobile as well as desktop, has drifted away from that concept and become something of uncertain relevance unless you are targeting HoloLens or some other niche.

That said, Windows is still evolving and Build remains the best event to keep track of what is new. In the advance news on which this post is based, several key features were announced.

Windows Subsystem for Linux 2 (WSL) now supports Linux Docker containers as well as faster file I/O. This also integrates nicely with new Visual Studio Code Remote Development Extensions which let you edit and debug code in WSL, in Docker containers, or on any remove machine over SSH.

Windows Terminal is a new application for command lines including PowerShell, Cmd and WSL. It includes rich fonts (with hardware accelerated rendering), multiple tabs, and “theming and customization”.

React Native for Windows is an open source project on GitHub that will let you develop high performance Windows applications.

MSIX Core is the next step in Windows setup technology and lets you install MSIX packages on Windows 7 as well as Windows 10.

.NET 5 has been announced and seems to embrace both Windows Desktop and cross-platform – I will be unpacking the details of how this works shortly. .NET 5 will release in 2020.

Microsoft Edge (on Chromium) has new features announced included an IE mode tab (for running Internet Explorer applications/sites), three levels of privacy (Unrestricted, Balanced and Strict) which claim to control third-party tracking, and Collections which is a feature for collecting and sharing web information and integrates with Office.

Of course there is much more news on what Microsoft now sees as its top priority topics: Azure, AI, Microsoft Search, PowerApps, PowerBI, Cognitive Services, Bot Framework, Mixed reality, IoT and Edge computing, Cosmos DB, Azure Kubernetes Service, GitHub and more.

Windows? Still the best way to run Office, and excellent for developing applications. But this is Microsoft Build, not Build Windows.

image
Seattle, Washington the evening before Microsoft Build

How Windows 10 Ransomware protection can cause install failures, LibreOffice for example

While researching a piece on Office applications I needed to install LibreOffice. The install failed with a message about an error creating a temporary file needed for installation.

image

Fortunately I knew where to look for the answer. Windows Ransomware Protection is a feature which whitelists the applications allowed to write data to the folders likely to contain the data you care about, such as documents and pictures. The idea is that malware which wants to encrypt these folders and then demand a ransom will find it harder to do so.

image

Ransomware protection can have side effects though. Operations like creating desktop shortcuts may fail because the desktop is one of the protected locations. That is just an annoyance; but in the case of LibreOffice, setup tried to write an essential file to a protected location and the install failed completely.

Solution: turn off Ransomware protection temporarily and re-run setup.

image

Which application platform for desktop Windows apps? Microsoft has stated its official line, but UWP is still not compelling

One year ago I wrote a post on Which .NET framework for Windows: UWP, WPF or Windows Forms? which is still the most popular post on this site, indicating perhaps that this is a tricky issue for many developers. That this is a live question is a symptom of Microsoft’s many changes of strategic direction over the last decade, making it hard for even the most loyal developers to read the signals.

I was intrigued therefore to note that Microsoft has an official Choose your platform post on this subject. There is something curious about this post. It covers three frameworks: Universal Windows Platform (UWP), Windows Presentation Foundation (WPF) and Windows Forms (WinForms). Microsoft states:

UWP is our newest, leading-edge application platform.

implying that if you have an unconstrained choice, this is the way to go. Yet if you look at the table of “Scenarios that have limited support”, UWP has the longest list. It is not only Windows 7 support that you will miss, but also something called Dense UI, along with other rather significant features like multiple windows and “full platform support”.

What is Dense UI? I presume this is a reference to the chunkiness of a typical UWP UI, caused by the fact that it was originally optimised for touch control. This matters if, for example, you are writing a business application and want to have a lot of information to hand in a single window. It may not be ideal for cosmetics, but it can be good for productivity.

With respect to all three of these limitations, Microsoft does note that “We have publicly announced features that will address this scenario in a future release of Windows 10.” I am not sure that they are in fact fully addressed; but it is clear that improvements are coming. In fact, the promise of further active development is perhaps the key reason why you might choose UWP for a new project, that is, if you do not learn from the past and believe that UWP will still be core to Microsoft’s strategy in say five years time.

Take a look at the strengths column for UWP though. Anything really compelling there? To my mind, just one. “Secure execution via application containers.” Yet the security of UWP was undermined by Microsoft’s decision to abandon its original goal of restricting the Windows Runtime API (used for UWP) to a safe subset of the full Windows API. You can also now wrap WPF and WinForm applications using Desktop Bridge, getting Store delivery and a certain amount of isolation.

At the time of writing, Microsoft is still displaying this diagram in its guide to UWP.

image

This is now somewhat misleading though. Windows Mobile is on death row:

Windows 10 Mobile, version 1709 (released October 2017) is the last release of Windows 10 Mobile and Microsoft will end support on December 10, 2019. The end of support date applies to all Windows 10 Mobile products, including Windows 10 Mobile and Windows 10 Mobile Enterprise.

Windows 10 Mobile users will no longer be eligible to receive new security updates, non-security hotfixes, free assisted support options or online technical content updates from Microsoft for free.

As a developer then, would you rather have PC, Xbox and HoloLens support? Or PC, Mac, iOS and Android support? If the latter, you would be better off investigating Microsoft’s Xamarin Forms framework than UWP as such.

The truth is, many developers who target Windows desktop applications do so because they want to run well on Windows and are not concerned about cross-platform. While that may seem odd from a consumer perspective, it is not so odd for corporate development with deskbound users performing specific business operations.

I was at one time enthusiastic about Windows Runtime/UWP because I liked the idea of “one Windows platform” as illustrated above, and I liked the idea of making Windows a platform for secure applications. Both these concepts have been thoroughly undermined, and I would suggest that the average developer is probably better off with WPF or WinForms (or other approaches to Win32 applications such as Delphi etc), than with UWP. Or with Xamarin for a cross-platform solution. That is unfortunate because it implies that the application platform Microsoft is investing in most is at odds with what developers need.

If UWP becomes a better platform than WPF or WinForms in all important respects, that advice will change; but right now it is not all that compelling.

OneDrive Upload Blocked and the “Use Office 2016 to sync Office files” setting

For several years the story with Office 365 was that email (essentially hosted Exchange) works great but OneDrive cloud storage, not so good. The main issues were not with the cloud storage as such, but with the sync client on Windows. It would mysteriously stop syncing and require a painful reset process to get it going again.

Microsoft squashed a lot of bugs and eventually released a much-improved “Next generation sync client” (NGSC) based on consumer OneDrive rather than Groove technology.

In the 2017 Windows 10 Fall Creators Update Microsoft also introduced Files on Demand, a brilliant feature that lists everything available but downloads only the files that you use.

The combination of the new sync client and Files on Demand means that life has got better for OneDrive users. It is not yet perfect though, and recently I came across another issue. This is where you get a strange “Upload blocked” message when attempting to save a document to the OneDrive location on your PC. Everything works fine if you go to the OneDrive site on the web; but this is not the way most users want to work.

The most popular fix for this problem is to go into OneDrive settings (right-click the little cloud icon to the right of the taskbar and choose Settings). Then find the Office tab and uncheck “Use Office 2016 to sync Office files that I open.” But don’t do that yet!

If you check this thread you will see that over a thousand users clicked to say they had the same problem, and over 400 clicked to say that the solution helped them. Significant numbers for one thread.

image

But what does this option do? It appears that checking the option makes big changes to the way Office files are saved. Here is the explanation:

Similar to how Office opens files, saves start with the locally synced file. After the file saves, Office will upload changes directly to the server. If Office can’t upload because the device is offline, you can keep working offline or close the file. Office will continue to save to the locally synced file, and OneDrive will handle the upload once the device gets back online. In this integration, Office works directly with the files that are currently open, enabling co-authoring in Office apps like Word on the desktop, which no competitor offers. For files that are not open in Office, OneDrive handles all syncing. This is the key difference between the old sync client integration and the NGSC, and this lets us achieve co-authoring along with the best  performance and sync reliability.

We can conclude from this that the “upload blocked” message comes when Office (not OneDrive) tries to “upload changes directly to the server”. Office as well as OneDrive needs to be signed in. The place to check these settings in on the Account tab of the File menu in an Office application like Word or Excel. There is a section called Connected Services and you need to make sure this lists all the OneDrive locations you use.

I suggest that you check these settings before unchecking the “use Office 2016 to sync” option in OneDrive. However, if it still does not work and you cannot troubleshoot it, it is worth a try to get reliable OneDrive sync

If you uncheck the “User Office 2016” option you will lose a couple of features:

  • Real-time co-authoring with the desktop application
  • Merge changes to resolve conflicts

The first of these features is amazing but many people rarely use it. It depends on the way you and your organization work. The second is to my mind a bit hazardous anyway.

Desktop development: is Electron the answer, or a tragedy?

A few weeks ago InfoQ posted a session by Paul Betts on Desktop Applications in Electron. Betts worked on Slack Desktop, which he says was one of the first Electron apps after the Atom editor. There is a transcript as well as a video (which is great for text-oriented people like myself).

Electron, in case you missed it, is a framework for building desktop applications with Chromium, Google’s open source browser on which Chrome is based, and Node.js. In that it uses web technology for desktop applications, it is a similar concept to older frameworks like Apache Cordova/PhoneGap, though Electron only targets Windows, macOS and Linux, not mobile platforms, and is specific to a particular browser engine and JavaScript runtime.

image

Electron is popular as a quick route to cross-platform desktop applications. It is particularly attractive if you come from a web development background since you can use many of the same libraries and skills.

Betts says:

Electron is a way to build desktop applications that run on Mac and Linux and Windows PCs using web technologies. So we don’t have to use things like Cocoa or WPF or Windows Forms; these things from the 90s. We can use web technology and reuse a lot of the pieces we’ve used to build our websites, to build desktop applications. And that’s really cool because it means that we can do interesting desktop-y things like, open users’ files and documents and stuff like that, and show notifications and kind of do things that desktop apps can do. But we can do them in less than the bazillion years it will take you to write WPF and Coco apps. So that’s cool.

There are many helpful tips in this session, but the comment posted above gave me pause for thought. You can get excellent results from Electron: look no further than Visual Studio Code which in just a few years (first release was April 2015) has become one of the most popular development tools of all time.

At the same time, I am reluctant to dismiss native code desktop development as yesterday’s thing. John Gruber articulates the problem in his piece about Electron and the decline of native apps.

As un-Mac-like as Word 6 was, it was far more Mac-like then than Google Docs running inside a Chrome tab is today. Google Docs on Chrome is an un-Mac-like word processor running inside an ever-more-un-Mac-like web browser. What the Mac market flatly rejected as un-Mac-like in 1996 was better than what the Mac market tolerates, seemingly happily, today. Software no longer needs to be Mac-like to succeed on the Mac today. That’s a tragedy.

Unlike Gruber I am not a Mac person but even on Windows I love the performance and integration of native applications that look right, feel right, and take full advantage of the platform.

As a developer I also prefer C# to JavaScript but that is perhaps more incidental – though it shows how far-sighted C# inventor Anders Hejlsberg was when he shifted to work on TypeScript, another super popular open source project from Microsoft.