I used the tutorial and the PowerShell scripts in UefiSecureBootManualTests.zip(EnableSecureBoot.ps1 and append_LostCA_db.ps1) found here to sign an .efi file and enable SecureBoot to see if the system boots(it all worked well).
Now I'm trying to take the winload file from system32, sign it using the same scripts, and then overwrite the keys and see if SecureBoot lets me boot only with the winload I signed.
This time I am using the same scripts, except I modified Set-SecureBootUEFI command in the append_LostCA_db.ps1 deleting -AppendWrite parameter so it can overwrite.
But now I am receiving an error:
Set-SecureBootUEFI : Incorrect authentication data: 0xC0000022
At F:\SecureBoot\AllowNewCertificate\suprascriu_LostCA_db.ps1:13 char:5
+ Set-SecureBootUEFI -Name db -Time 2011-05-21T13:30:00z -ContentFilePath Lost ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (Microsoft.Secur...BootUefiCommand:SetSecureBootUefiCommand) [Set-Secu
reBootUEFI], UnauthorizedAccessException
+ FullyQualifiedErrorId : SetFWVarFailed,Microsoft.SecureBoot.Commands.SetSecureBootUefiCommand
How can I fix this?
I am using a HP desktop with Win8.1 x64
LATER EDIT: It would REALLY help if someone could give me an unsinged winload for 8.1 x64
One of the things that these signatures tell you is that the content has not been modified(that means it is still secure/valid/trustable). So that is the reason why I could not sign a file already signed(the loader used at boot and signed by Microsoft). That's why I was getting the UnauthorizedAccessException.
There is no workaround for this.
Related
Trying to limit the network bandwidth for a certain application, I came across such a thing as NetQosPolicy. I started trying to create new policies through PowerShell, but kept getting this error:
New-NetQosPolicy : New-NetQosPolicy : Invalid namespace string:1 character:1 + New-NetQosPolicy -Name TestPolicy -IPProtocolMatchCondition Both -Net ... + + CategoryInfo : MetadataError: (MSFT_NetQosPolicySettingData:ROOT/StandardCi...licySettingData) [New-Net QosPolicy], CimException + FullyQualifiedErrorId : HRESULT 0x8004100e,New-NetQosPolicy
I used this code: New-NetQosPolicy -Name TestPolicy -IPProtocolMatchCondition Both -NetworkProfile All -ThrottleRateActionBitsPerSecond 1200000
I thought I had made a mistake in the syntax and decided to look at the examples on the Microsoft website (https://learn.microsoft.com/en-us/powershell/module/netqos/new-netqospolicy?view=windowsserver2022-ps), but even their examples cause me the same error.
I haven't found a solution to this problem anywhere, so I'm asking on the forum. I will be grateful to anyone who knows how to solve this problem.
(By the way, I get the same error when I try to use the NetSecurity module (for example, the command: New-NetFirewallRule))
You might have a corrupt wmi repo, read this page but start with this check
Check if the repository is corrupted or not by running following command from command prompt with admin rights: winmgmt /verifyrepository
I am attempting to add a Host to a newly created Windows Service Bus 1.1 farm but regardless of what I do I eternally get the following error:
VERBOSE: [11/16/2018 2:54:06 PM]: Validating input and configuration parameters.
VERBOSE: [11/16/2018 2:54:06 PM]: Installing auto-generated certificate.
VERBOSE: [11/16/2018 2:54:16 PM]: Granting 'Log on as Service' privilege to the run as account.
VERBOSE: [11/16/2018 2:54:16 PM]: Windows Fabric configuration started.
VERBOSE: [11/16/2018 2:54:28 PM]: Windows Fabric cluster manifest generated.
VERBOSE: [11/16/2018 2:54:28 PM]: Running Windows Fabric deployment.
Add-SBHost : The system cannot find the file specified
At line:1 char:1
+ Add-SBHost -SBFarmDBConnectionString "Data Source=MYHOST;Initial C ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Add-SBHost], Win32Exception
+ FullyQualifiedErrorId : System.ComponentModel.Win32Exception,Microsoft.ServiceBus.Commands.AddSBHost
I had been struggling with configuring the initial deployment of the farm because my organization uses Azure AD. I was following this very helpful Blog post to get through the installation and deployment but the issue I am seeing now isn't covered.
A Google of the issue leads me to this page where they talk about inspecting a DLL. I tried inspecting the Microsoft.ServiceBus.Commands.dll from within the Service Bus installation folder but, I'll be honest, I didn't understand enough to know what I was looking for.
Has anyone else run into this issue before? All suggestions of where I can look to find this are very much appreciated!
Based on my research of what is actually happening in Add-SBHost command, this error may occur when:
Code is trying create new temp file in %userprofile%\AppData\Local\Temp directory for something called "ClusterManifest".
Code is trying to execute FabricDeployer.exe (with created "ClusterManifest" file path as parameter) in directory which is defined in registry path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Service Bus\1.1 for variable WinFabric in folder bin\Fabric\Fabric.Code.1.0. In my case, executable was placed in C:\Program Files\Windows Fabric\bin\Fabric\Fabric.Code.1.0\FabricDeployer.exe
Code is trying to remove temp file (created in 1 point) from %userprofile%\AppData\Local\Temp
After that steps and getting message VERBOSE: [09.08.2019 13:32:26]: Windows Fabric starting. no more file operations should be performed.
What to do?
First of all check if temp file is created in %userprofile%\AppData\Local\Temp directory (sort files by modification date in explorer, run script and wait) - probably file cannot be created because of lack of permissions.
If file is creating properly and has XML inside, then check if Service Fabric is installed and FabricDeployer.exe is present in directory. In my case it wasn't there so i had to remove Windows Fabric and Service Bus. After next installation i made sure that all files were in place.
After these steps script run was successful.
I hope it will help you :)
I'm working on some Ansible playbooks that have to run on Windows Server 2008 with Powershell 3.
As part of one of these playbooks I do a win_find to get a list of files in a directory:
- name: filecheck
win_find:
paths: C:\dev\envs
register: envs
When I try to run the playbook, it runs correctly through preliminary operations (eg printing some debug variables) but then errors out when the above operation is executed:
"module_stderr": "Exception of type 'System.OutOfMemoryException' was thrown.\r\nAt line:60 char:9\r\n+ If (-not $obj.GetType)\r\n+ ~~~~~~~~~~~~~~~~~\r\n + CategoryInfo : OperationStopped: (:) [], OutOfMemoryException\r\n + FullyQualifiedErrorId : System.OutOfMemoryException\r\n \r\n\r\n",
Now I don't see a scenario where a non-recursive find on a folder with three files would be able to consume 150MB of memory, let alone the 2048 that's been allocated to shells over WinRM.
Does anyone know how I can fix this issue or try and find the root cause?
I'm trying to use Powershell DSC's Package resource to install an exe... Perforce's P4V to be specific. Here's my code:
Configuration PerforceMachine
{
Node "SERVERNAME"
{
Package P4V
{
Ensure = "Present"
Name = "Perforce Visual Components"
Path = "\\nas\share\p4vinst64.exe"
ProductId = ''
Arguments = "/S /V/qn" # args for silent mode
LogPath = "$env:ProgramData\p4v_install.log"
}
}
}
When running this, this is the error Powershell gives me:
PowerShell provider MSFT_PackageResource failed to execute Set-TargetResource functionality with error message: The return code 1619 was not expected. Configuration is likely not
correct
+ CategoryInfo : InvalidOperation: (:) [], CimException
+ FullyQualifiedErrorId : ProviderOperationExecutionFailure
+ PSComputerName : SERVERNAME
According to documentation, return code 1619 means the MSI package couldn't be opened. However, when I manually log in to the machine and run "\\nas\share\p4vinst64.exe /S /V/qn", the install works flawlessly.
Does anyone know why this is failing? Alternately, can anyone tell me how to troubleshoot this? I pasted all the error information I got from the terminal, my log file (p4v_install.log) is a 0 byte file, and there are no events in the event viewer. I don't know how to troubleshoot it any further!
EDIT: I should note that I also tried using the File resource to copy the file locally, and then install it from there. Sadly, that met with the same result.
Daniel over at the Powershell.org forums was able to figure this out for me.
The P4V InstallShield setup wrapper puts the MSI file into wrong path if you execute as LocalSystem.
I’ve managed to develop a Configuration that works, see below. The key is the /b switch here which puts the MSI file into a defined location. I’ve added ALLUSERS=1 to get the shortcuts visible to all users and REBOOT=ReallySuppress to avoid a sudden restart (which will happen otherwise).
Configuration PerforceMachine
{
Package P4V
{
Ensure = "Present"
Name = "Perforce Visual Components"
Path = "C:\My\p4vinst64.exe"
ProductId = ''
Arguments = '/b"C:\Windows\Temp\PerforceClient" /S /V"/qn ALLUSERS=1 REBOOT=ReallySuppress"' # args for silent mode
}
}
Well, what happens here is that the package gets installed (not tested with p4vinst64.exe yet! So, not sure why it says pack cannot be opened as the error) but since you did not specify a ProductID value, the verification at the end of install fails. That is the error you are seeing. The Package resource is no good for installing .exe packages or even MSIs with no ProductID represented as a GUID.
You can use the WindowsProcess resource instead.
My original server was called xyz and the config was as follows:
\xyz\AppFabricConfig\ClusterConfig.xml
We renamed the server and it is now called 123, but the config is still pointing to
\xyz\AppFabricConfig\ClusterConfig.xml
And giving the following error when trying to load:
Use-CacheCluster : ErrorCode<ERRCMS0001>:SubStatus<ES0001>:Error while trying t
o load configuration: An error occurred loading a configuration file: Logon fai
lure: unknown user name or bad password.
(\\xyz\AppFabricConfig\ClusterConfig.xml)
At line:1 char:62
+ Import-Module DistributedCacheAdministration;Use-CacheCluster <<<<
+ CategoryInfo : NotSpecified: (:) [Use-CacheCluster], DataCacheE
xception
+ FullyQualifiedErrorId : ERRCMS0001,Microsoft.ApplicationServer.Caching.C
ommands.UseCacheClusterCommand
I've manually edited the following file:
C:\Windows\System32\AppFabric\DistributedCacheService.exe.config
And set: configuration/dataCacheConfig/clusterConfig connectionString="\123\AppFabricConfig\ClusterConfig.xml"
But its still trying to load from:
\xyz\AppFabricConfig\ClusterConfig.xml
Stumped - close to re-installing, but would really prefer not too!
In hind sight, best way to handle this would've been unconfigure the hosts with remove-cachehost and remove-cacheadmin, rename server and then run config wizard or run add-cachehost and add-cacheadmin.
The connection string is also present in registry, change there also: local machine\software\microsoft\appfabric\v1.0\configuration: connectionstring.
[Edit]
To remove/add the host from cluster configuration, Register-cachehost and unregister-cachehost also need to be run.