GoFileRoom Installation hangs on “Windows Installer Coordinator”

Installing GoFileRoom on Server 2016 Remote Desktop Session Host and during install it hangs on the window titled Windows Installer Coordinator and the message is please wait while the application is preparing for the first use.

To resolve this, I modified Group Policy for the Remote Desktop Services Host Application Compatibility

I set the following to Enable:

Computer ConfigurationAdministrative TemplatesWindows ComponentsRemote Desktop ServicesRemote Desktop Session HostApplication Compatibility — Turn off Windows Installer RDS Compatibility

See: https://support.microsoft.com/en-us/help/2655192/installation-can-fail-with-window-installer-coordinator-error

Allow ActiveX Controls Automatically over Group Policy

To enable and not prompt for ActiveX controls to download and run, use the following Group Policy settings at the Computer or User level.

Caution:  This can be dangerous!

Administrative Templates > Windows Components > Internet Explorer > Internet Control Panel > Security Page

Then select the zone the webpage loads from: Local Machine, Trusted-Sites, Internet

Find and enable the following:

  1. Download Signed ActiveX Controls Enable (Don’t select Prompt)
  2. Download UnSigned ActiveX Controls Enable

GPO Set Trusted Zone Websites

To add websites to Trusted Zones via Group Policy, follow the below in Group Policy Editor.

Computer Configuration > Administrative Tools > Windows Components > Internet Explorer > Internet Control Panel > Security Page and then double click to the “Site to zone assignment list“.

Enable it, click Show, add website as value name and 1, 2, 3 or 4 as value.

  1. Intranet zone
  2. Trusted Sites zone
  3. Internet zone
  4. Restricted Sites zone

Get RDS-CAL License Details (2008 RDS License Server)

Get current RDS-CAL details via PowerShell. Run this from your 2008 RDS Licensing server.

# Filename of the export
$filename = RDS-CAL-Report.csv
# Import RDS PowerShell Module
import-module remotedesktopservices

# Open RDS Location
Set-Location -path rds:

# Remove previous reports (Optional)
remove-item RDS:LicenseServerIssuedLicensesPerUserLicenseReports* -Recurse

# Create new RDS report
$NewReport = new-item -path RDS:LicenseServerIssuedLicensesPerUserLicenseReports -Scope DOM -Name Report

# Name is automatically generated
$NewReportName = $NewReport.name

# Get issued licenses
$IssuedLicenseCount = get-item RDS:LicenseServerIssuedLicensesPerUserLicenseReports$NewReportNameWin2K8-Win2K8R2IssuedCount
# Count issued licenses
$IssuedLicenseCountValue = $IssuedLicenseCount.CurrentValue

# Get installed licenses
$InstalledLicenseCount = get-item RDS:LicenseServerIssuedLicensesPerUserLicenseReports$NewReportNameWin2K8-Win2K8R2InstalledCount
# Count installed licenses
$InstalledLicenseCountValue = $InstalledLicenseCount.CurrentValue

# Installed - Issued
$Available = $InstalledLicenseCount.CurrentValue - $IssuedLicenseCount.CurrentValue
# Show percentage available
$AvailablePercent = ($Available /$InstalledLicenseCount.CurrentValue)*100
$AvailablePercent = {0:N0} -f $AvailablePercent

# Display info

Write-host Installed: $InstalledLicenseCountValue
Write-host Issued: $IssuedLicenseCountValue
Write-host Available: $Available [ $AvailablePercent % ]

# Add the information into an Array

[System.Collections.ArrayList]$collection = New-Object System.Collections.ArrayList($null)
$obj = @{
Installed = $InstalledLicenseCountValue
Available = $Available
AvailablePercent = $AvailablePercent
Issued = $IssuedLicenseCountValue
Date = get-date
}

# Exit RDS location
set-location c:

# Create PSO Object with the data
$collection.Add((New-Object PSObject -Property $obj));

# Export Data into a file
$collection | export-csv $filename -NoTypeInformation -Encoding UTF8

Quickly Check Domain Computers (Servers) for MS17-010 Patches

This content is 2 years old. Technology changes with time. Keep that in mind as you read this article.

I put this script together from a few different sources.  It basically enumerates Active Directory and checks any 2008+ server for existence of KB patch for MS17-010.

MS17-010 patches a critical vulnerability discovered in Microsoft Windows operating systems that involve SMB exploits from a ShadowBrokers NSA dump of leaked NSA hacking tools.  It’s been spreading from CPU miner payloads to Ransomware (WannaCry/WannaCry 2.0) etc.

import-module activedirectory

$ErrorActionPreference= 'silentlycontinue'

# *** SERVER VERSIONS ***
# Server 2016 / Win10 - NT 10
# Server 2012 R2 / Win8.1 - NT 6.3
# Server 2012 / WIn8 - NT 6.2
# Server 2008 R2 / Win7 - NT 6.1
# Server 2008 / WinVista - NT 6.0
# Server 2003 R2 / WinXP64 - NT 5.2
# Server 2003 - NT 5.2
# WinXP - NT 5.1

$computers = get-adcomputer -filter * -properties * | select-object name,operatingsystem

$computers | foreach {
 $hotfixes = @()
 $osdetect = $_.operatingsystem
 $computer = $_.name
 switch -wildcard($osdetect)
 {
 "*Server*2016*" { $hotfixes = @("KB4013429", "KB4019472", "KB4015217", "KB4015438", "KB401663") }
 "*Server*2012*R2*" { $hotfixes = @("KB4012216", "KB4015550", "KB4019215") }
 "*Server*2012" { $hotfixes = @("KB4012217", "KB4015551", "KB4019216") } # A bit of a hack, not sure how this displays...
 "*Server*2008*" { $hotfixes = @("KB4012212") }
 default {$hotfixes = NULL } # Do nothing if it isn't a server and not 2008-2016.
 }
 if ($hotfixes.count -gt 0) {
 $hotfixes | foreach {
 write-host "Checking $computer ($osdetect)..."
 if (!(get-hotfix -id $_ -computername $computer)) {
 write-host $computer "Missing ($_)"
 }
 }
 } else {
 write-host "Skipping $computer ($osdetect)..."
 }
}