SID duplication / Replication check
Check against active directory server or local hosts (may be local administrator replication when creating VMs or deploying without sysprep)
SID
S-1-7-21-1279609549-3715731210-3247935832-500
wmic useraccount get name,sid
net localgroup administrators
net user administrator
run control userpasswords2
run control userpasswords
Acronis: How to perform recovery: https://kb.acronis.com/
Last update: 13-04-2022
This article instructs how to use Acronis True Image to recover Windows from a boot failure.
Use the present article only if the system is damaged to a state when you can't get to the Desktop screen and launch Acronis True Image normally. If you are able to access Acronis True Image within running Windows, please follow instructions from that article instead.
1. Acronis Bootable Media - a bootable USB thumb drive, CD or DVD with Acronis software on it. Click here for instructions on how to get it.
If you already have the bootable media, you can use it, including media created on a different computer. There is no need to create a new bootable media.
2. A previously created backup.
If you do not have a backup, you cannot restore the system using Acronis True Image. In such a case try Windows built-in recovery options.
Insert Acronis Bootable Media
Reboot the computer
If at this point the computer boots into Acronis Bootable Media environment, then click here to skip to the part of configuring the recovery task.
Otherwise, if you observe the same Windows boot failure symptom, instead of seeing Acronis boot menu, it means that you need to configure BIOS/UEFI to boot from Acronis Bootable Media.
Reboot one more time and pay attention to the text displayed on the screen. One of the first screens after the beep sound should be telling you which key to press on the keyboard to access UEFI or BIOS settings. The button to press varies across computer makes and models. Usually, it is either of the following: Esc, Del, F2, F9, F10, F11, F12. Press the indicated key quickly, before the message disappears.
For example, one of the initial splash screens may say: "Please press DEL or F2 to enter UEFI BIOS Setting". In that case you should press either Delete (Del) key on the keyboard or F2 quickly, while the message stays on the screen.
Once you are in the BIOS / UEFI settings, navigate to Boot Options, or Boot Order, or Boot Priority list - the name of the section varies across computer makes and models. Look for the section with "Boot" or "Storage" in the name. Follow on-screen instructions to navigate through the menu and put the device with Acronis Bootable Media at the very top of the boot order/priority list.
Verify that the system disk is still above other hard disks in the boot priority list, but below the device with Acronis Bootable Media.
Save changes and exit BIOS/UEFI setup utility.
The first Acronis Bootable Media screen looks different depending on whether the media was booted in 1) UEFI or 2) Legacy BIOS/CSM modes
If you see a black and white text menu (Acronis UEFI loader), press "1" on the keyboard to launch Acronis True Image application:
If you see a blue graphical menu (Acronis Legacy BIOS/CSM loader), move the mouse pointer over "Acronis True Image (64-bit)" or "Acronis True Image" and click it to launch the program:
When the main program window appears, click "My disks" just below "Recover" in the center of the screen. The recovery wizard will walk you through the settings.
Click the Browse button to locate the backup:
Disks and partitions in the selected backup version are listed at this step:
Locate the system disk and mark the checkbox next to it. To avoid unnecessary configuration steps further in the wizard, click on the checkbox next to the disk title, e.g. "Disk 1", and not on the checkboxes next to partitions (EFI System Partition, C:, Recovery partition, etc):
Click Next:
When the "Finish" step is highlighted on the left panel, that is the last chance when you can safely cancel the recovery and undo any changes made on the configuration screens before the program starts applying them:
Click Proceed to start the actual process of replacing the current failing system state with a healthy system state from the backup:
When the recovery finishes, take out Acronis Bootable Media and close Acronis True Image window.
Computer will reboot.
Windows will boot in a state as it was exactly when the backup was taken.
If possible, take notes and photos of the actions you undertake during troubleshooting. If you will be contacting Acronis directly for assistance, step-by-step pictures would help to resolve the issue quicker.
Click on the Log tab, then click on the plus sign to see the log of the failed operation. To facilitate further issue investigation and troubleshooting, save the recovery log and a system report:
1) Open the Log tab, right-click anywhere in the log, select "Save all" and save the log file.
2) Click on a small triangle next to the question mark in the upper top corner of the window, select "Generate System Report". When the report generating finishes, click "Save as" and browse to the same folder where the recovery log was saved previously.
CRC, Write and Input/Output (I/O) errors in the log may indicate the need of system disk replacement. Take the system disk out of the computer box, connect it to another computer and run diagnostic checks against it:
1) Free CrystalDiskInfo instantly reads the disk health status as reported by the disk itself and displays it as Good, Caution or Bad. It is the quickest way to identify a disk hardware failure.
2) Dedicated diagnostic utilities from the disk manufacturers take the longest time to complete the checks, but provide the most accurate methods of checking whether the disk is good or needs replacement:
- Western Digital drives: Data Lifeguard Diagnostic for Windows
- Seagate disks: SeaTools for Windows
- HGST disks: HGST Windows Drive Fitness Test (WinDFT)
- Intel SSDs: Intel Solid State Drive Toolbox
- Samsung drives: Samsung Magician
- ADATA drives: ADATA SSD ToolBox
- Kingston SSDs: Kingston SSD Toolbox, Kingston SSD Manager
- Transcend SSDs: Transcend SSD Scope
- Silicon Power disks: SP ToolBox
- Toshiba disks: Toshiba PC Diagnostic Tool Utility
If no issues were found with the disk, contact Acronis Customer Central for further help with system recovery as explained here.
Create Acronis Bootable Media, based on WinPE, using Advanced mode, as explained in this article. Then reattempt the restoration.
Click Cancel button to exit recovery wizard window, click on the Tools tab and use "Add new disk" wizard to quickly clear disk contents. Be careful when selecting the disk for "adding" as the tool completely deletes everything on the selected disk and that action cannot be undone.
Make sure that the disk, storing the backup is not formatted in ExFAT format. Acronis Bootable Media(Linux-based) is not able to read from ExFAT-formatted disks. If this is your case, either create a WinPE/WinRE-based bootable media, or use another computer to move your backups from ExFAT disk to some other location, re-format the disk in NTFS format, move backup back onto the disk and reattempt the restoration.
If you do not see the original disk in the list or it appears as two separate disks, it may be set to run in RAID mode, unsupported by the standard bootable media (Linux-based). In such case you need to get to a second computer and create a special WinPE-based bootable media there, with drivers for the RAID controller. The fastest way to get it is use MVP WinPE builder (choose Advanced version).
After the recovery is completed, installed programs and the system may seem to behave unusually slow, requesting reboots etc. These are required to complete the missed maintenance tasks, such as downloading and installing updates and running regular checkups. If that happens, just let the required operations complete and after one or several reboots the system should be back to normal.
Click "Resolve problem" button under Account tab, select "I have changed hardware..." option, then "Move license from another computer", click on the computer name and, finally, click "Move license". Click here for more information.
If the system disk failed and you had to replace it with a new one, installed software and Windows may or may not ask for their licenses reactivation after the recovery. It they do, that is due to a significant hardware change detected and cannot be and should not be prevented or avoided by Acronis software. Contact the respective third-party software vendors or Microsoft for help with license reactivation.
If the invitation to press a key to entier UEFI/BIOS stays on the screen forever after you press the key, it could indicate a failure of one of the computer components (hardware).
Power off the computer, physically disconnect the power cord (if it is a desktop), open the case and unplug the system disk. Then connect the power cable back and start the computer, press the required key and see if you get to the BIOS / UEFI setup screen. If this does not help - keep disconnecting other devices (all USB devices, SD cards, network cable etc) one-by-one until you find the culprit. The failing device then may need repair or replacement.
If you feel uncomfortable working with computer parts, bring the computer to a professional service center to diagnose and fix the issue with entering BIOS / UEFI settings.
Contact Acronis Customer Central if you have any questions or need help:
1) Sign into your Acronis account at https://account.acronis.com/. If you do not have one yet, click Sign Up to create it.
2) (step for perpetual licenses owners) If you have not registered your license key yet, click "Add keys" button in the upper top corner of the screen, copy and paste the serial number and click "Add" to register it.
3) Click on the Support tab on the left panel.
4) For technical questions and issues click "Technical issue". For all other matters click "Trial/Pre-sales/Licensing question".
5) Enter Live Chat ("Instant Chat") or submit a ticket by email ("Submit a ticket"). Owners of subscription and PPI licenses also get support by phone for technical issues. Providing us recovery log, system report, step-by-step screen photos and the list of the undertaken steps would allow for quicker issue resolution.
IT consultant
How to create Acronis Bootable Media: https://kb.acronis.com/
Last update: 27-03-2020
You can create a rescue bootable media - a standalone version of Acronis True Image that you can use to boot a crashed machine or a machine without any operating system and restore an image of your system. Follow these instructions to create a bootable media.
1. In the Tools section, click Rescue Media Builder:
2. Choose media creation method:
You can also download a Bootable Media ISO image file from your Acronis account: see How to download Acronis bootable media ISO. This ISO image is Linux-based.
To be able to recover to dissimilar hardware, create Acronis Bootable Media with Universal Restore. See Creating Acronis Universal Boot media and Restoring to dissimilar hardware with Acronis Universal Restore.
We recommend to test your bootable media so that you can be sure it will boot when needed: see User Guide for instructions.
We strongly recommend creating a bootable media immediately after the first backup; if the operating system crashes, the only way to restore it from Acronis True Image 2020 backup is restoring from the bootable media.
If your Mac includes the Apple T2 chip then you need to modify Secure Boot settings in order to boot from Acronis Bootable Rescue Media: see Acronis True Image on Mac: Changing startup options on Apple T2 chip
To create Acronis bootable rescue media:
1. Connect a removable drive to your Mac.
The drive must have 4 GB (or more) of free space. For example, you can use an external hard drive or a USB flash drive. Note that CD and DVD media are not supported.
2. Open Acronis True Image 2020.
3. In the File menu, click Create Acronis Bootable Media. The Acronis Media Builder window opens.
4. Select the drive that you want to make bootable.
5. Click Create Media. If the drive is not empty, Acronis True Image 2020 will ask you to confirm deleting all the data stored on the drive. To confirm, click Erase.
6. When the progress is complete, disconnect the media and keep it in a safe place. You can store your own data on the media, but make sure that you do not delete or modify the Acronis boot files.
We recommend that you create a new rescue media every time you upgrade your Mac OS X to a newer version. Otherwise, your rescue media may not work properly.
IT Consultant
The latest Windows 11 update may break your VPN connection
As per :
https://www.techradar.com/news/the-latest-windows-11-update-may-break-your-vpn-connection
Microsoft’s monthly update to Windows 10 and Windows 11, which came as part of the most recent Patch Tuesday, appears to be preventing the software's built-in VPN tool from establishing a connection, effectively rendering it useless.
Microsoft is yet to confirm the problem, which has already shared multiple times on Reddit. Besides the Windows VPN, it seems the problem also affects a couple of third-party VPNs, with SonicWall, Cisco Meraki, and WatchGuard Firewalls all seeing issues.
A security researcher told BleepingComputer that the bug affects the Ubiquity Client-to-Site VPN connections for those using the Windows VPN client, as well.
The two problematic updates are KB5009543 for Windows 10, and KB5009566 for Windows 11. At the moment, the only way to fix the problem is to remove the patches which, as the publication explains, can be done through the command prompt, with the following commands:
Windows 10: wusa /uninstall /kb:5009543
Windows 11: wusa /uninstall /kb:5009566
The problem with this approach is that Microsoft bundles all of its fixes, so removing this patch will not only allow Windows admins to re-establish their L2TP VPN connections, but will also expose them to multiple known security vulnerabilities.
And with remote working still being necessary for the majority of companies, they’ll have a tough time choosing a lesser evil between privacy and vulnerability exposure.
One of the flaws addressed through Patch Tuesday was a wormable Windows 11 flaw, found in the HTTP Protocol Stack. There’s yet no malware abusing this flaw out there, but Microsoft said it allows the attacker to execute arbitrary code, remotely, without much user interaction, making it extremely dangerous.
To protect vulnerable devices, disabling the HTTP Trailer Support feature will suffice.
The vulnerability is tracked as CVE-2022-21907. Besides this one, a total of six zero-days, and almost 100 different flaws, were addressed in the patch.
Via: BleepingComputer
FIX
Windows VPN broken updates FIX
https://docs.microsoft.com/en-us/windows/release-health/windows-message-center#2777
...
...
...
IT Consultant
