RDP Error "CredSSP Encryption Oracle Remediation"

Problem

 Unable to RDP to Machine: CredSSP Encryption Oracle Remediation

Cause

 Windows Update: https://support.microsoft.com/en-gb/help/4093492/credssp-updates-for-cve-2018-0886-march-13-2018

Solution

The fix is to open your local group policy settings and do this.

Computer Configuration -> Administrative Templates -> System -> Credentials Delegation--Encryption Oracle Remediation

enable and set to 'vulnerable'.

If Windows Home edition reg key change...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters] "AllowEncryptionOracle"=dword:00000002

I had to create the CredSSP key, then the Parameters key, then the dword value as none of them existed.

Reference, Links and Imges

 https://blogs.technet.microsoft.com/mckittrick/unable-to-rdp-to-virtual-machine-credssp-encryption-oracle-remediation/

https://support.microsoft.com/en-gb/help/4093492/credssp-updates-for-cve-2018-0886-march-13-2018

Microsoft Outlook can’t start Microsoft InfoPath

Problem

When launching outlook you receive a popup saying "Microsoft Outlook can’t start Microsoft InfoPath"

Cause

Unknown

Solution

 Run Regedit & go to HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Outlook\Options\Mail

If the "Mail" kay doesnt exisit, create it.

Create a new DWORD called “DisableInfopathForms” & set the value to 1

Reference, Links and Imges

 http://www.cottenhamcomputers.co.uk/microsoft-outlook-cant-start-microsoft-infopath/ 

Install ADS Server for PICs by Pellcomp

Advantage Database Server (ADS) is a low-maintenance database server that sits alongside the PICS data files, and provides a connection to the database that is quicker and more reliable than standard Windows file sharing.
Installation Instructions

These instructions should be completed on the server where the PICS data is located.

Get your serial key from Pellcomp.

First, download this install shield and start the installation process. If asked if you want to remove the previous installation you should choose yes. You can install the software in any location provided this is on the machine where the PICS database is located.

The installer will prompt you for a serial and validation code which are listed above. Do not enter your validation code into the replication box, leave this blank! Enter the Registered Owner (your company name) & Startup Type (this should be Automatic).

Once the installation is complete, you should ensure that all installation windows are closed (click “Finish”), and the Advantage Configuration Utility will appear. You should see the screen shown below:

 If the Service Up Time shows “ADS Service not started”, click the “Start Service” button (bottom of the window) to start the service. You can then click “Exit”, which will leave the service running.

If you encounter any errors please contact the Pellcomp support desk on 01603 492620.

Security Settings

By default the Advantage Database Service runs using the built-in SYSTEM user account. This account must have full read/write/delete permission to the folder containing the PICS Database files.

Client machines need to connect to the ADS service on the server using UDP port 6262. You may therefore need to open this port on any firewalls you may be running.

PICS Settings (client machine)

  • Upgrade PICS to the latest version and start a copy of PICS. From the login screen select Help -> Options -> Allowed ADS Modes -> Remote. PICS will then restart in client server mode.
  • If you have PICS installed locally on each client machine you will need to set "Remote" on each copy of PICS.
  • If PICS is communicating with the server, after logging in you will see “C/S” after “PICS” in the PICS title bar.
  • Please note that you cannot mix modes. That is if one copy of PICS is open in the traditional Local Server mode then you won’t be able to log into any of the Client Server enabled copies of PICS and vice versa.

Steps to Migrate PICs application by Pellcomp

Backup the data:
The most secure way to move the data is to create a PICS backup and then restore the backup once PICS is installed on the new server. To create a backup, please follow these instructions...

From the PICS logon screen, go to the Tools menu and select Backup Database (Data Only).
When the backup screen appears, click on Start.
When prompted, save the file to a network share that is accessible to both servers.
Transferring via removable media is also possible at this point.

Copy miscellaneous files:
It’s possible that staff have saved various reports and files into the PICS Software or Data folders.  In particular you should look for any files in the Software folder which start ‘ILP_’ or end with a .ahl extension.  Any such files need to be copied and moved over to the new Software folder once it’s been created. 

If you have the optional Scheduled Reporting module then you will need to make a copy of the SchedRepData sub-folder which is also in the Software folder.

In addition to these standard PICS files, staff may well have saved general reports and documents so it’s best to check with them or look out for large numbers of Office documents which may require moving.

Install PICS Software on the new server:
Download the latest copy of PICS from the following link:
http://www.pellcomp.co.uk/pics_dl.php
Create a folder on the server called 'Pellcomp' and within there a folder called 'Software'.
Install the software on the server in the new 'Software' folder.
Once installed you will be prompted for the data path. Leave it there for now and go to the ‘Move the data’ section below.

Move the data:
Create another new folder in the 'Pellcomp' folder called 'Data'.
Set the folder permissions so that all users and the System account have Full Control.
Copy the backup from the network drive to the new 'Data' folder.

Restore the data:
Go back to the PICS screen and click on the Browse button.
Navigate to the Data folder we created earlier and click Select. Please note that the address used here needs to be an address that means the same to the client computers, so either a UNC path or a common mapped network drive.
When warned that no database exists, click on Accept.
Click the Restore button and then click on the folder icon (3 dots).
Find the backup file in the DATA folder and click on Open.
Click on Restore.
Confirm the details on screen and then click Yes.
The database will now restore.

Install ADS:
Please follow the instructions in the attached document.

Re-Create the client shortcuts:
Go to the 'Software' folder you created and installed the software into earlier.
Create a shortcut to PICS.exe in this folder. This is the shortcut that the client PCs will need on their desktops.

Finally:
You can now logon, but when you try to access the data you will be asked for a licence.  Please enter:

[PLEASE EMAIL PELLCOMP FOR YOUR LICENCE INFO]

The last thing to do is update the software to make sure it is fully up to date.
To do this follow the instructions below:

  1. Make sure everyone is out of PICS.
  2. Get to the Login Screen.
  3. Go to the ‘Tools’ Menu item, then ‘Software Updates’.
  4. Enter your usual username and password, when prompted. This is actually a password permission to be able to run Software Updates so it may be needed to be added to your user in Password maintenance, by the PICS supervisor.
  5. You should get another window pop up and the PICS login screen close. In this new window click on ‘Next’.
  6. This should then check the versions available and give you a list of the parts of PICS that need updating, click ‘Next’ again.
  7. This will run through downloading the different files. After it done click on ‘Next’ again.
  8. Click ‘Next’ on the next screen, which talks about Local Network Updates.
  9. This will then go through installing the updates and will display the message ‘Updates installed, press OK to return to PICS’. Click ‘OK’.
  10. Log into PICS as normal.

Finally, a Windows 10 VPN solution that doesn't make you want to blow your brains out!

As a system administrator, I use many VPN connections throughout the day. Windows 10 is great, but whoever was in change of the VPN client in windows 10 at Microsoft did not deserve his/her bonus for this edition of windows!! It's slow, buggy, gives you no decent error. Fortunately, Mr gates left the good old rasphone intact so we can use this. 

The problem is, its still clunky loading in Windows 10. It can take 3-10 seconds to load the Rasphone each time you open it.

I've written a PowerShell script to make a tidy folder of useable shortcuts that you can add the to tool bar. Here's how it works.

1. Create a folder called "VPNs" in c:\

2. Right click the task bar > Toolbars > New Toolbar

3. Navigate to the VPNs folder and select it and click 'Select Folder'.

4. Paste this PS Script to s txt file. Save it as a .ps1 file.

Remove-Item -Path C:\VPNs\* -Recurse -Force
$vpnlist = Get-VpnConnection | Select Name -Skip 1
ForEach ($vpnname in $vpnlist.Name ){
$Shell = New-Object -ComObject ("WScript.Shell")
$ShortCut = $Shell.CreateShortcut("C:\VPNs\$vpnname.lnk")
$ShortCut.TargetPath="rasphone.exe"
$ShortCut.Arguments="-d `"$vpnname`""
$ShortCut.WorkingDirectory = "c:\windows\system32\";
$ShortCut.WindowStyle = 1;
$ShortCut.Description = "$vpnname";
$ShortCut.Save()}

5.You can check the status (See what VPNs are connected) with this script.

Get-VpnConnection | Where-Object {$_.ConnectionStatus -eq "Connected" } | Select Name,ConnectionStatus,TunnelType,ServerAddress,SplitTunneling | Format-Table
Pause
Exit

6. You can disconnect all VPNs at the same time with this script.

$vpnlist = Get-VpnConnection | Where-Object {$_.ConnectionStatus -eq "Connected" }
ForEach ($vpnname in $vpnlist.Name ){

  rasdial $vpnname /DISCONNECT;

}