deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 21:37:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge pull request #5840 from MicrosoftDocs/v-gmoor-fix-pr-5593

Browse Source 
Multiple fixes for layout and presentation
This commit is contained in:
Gary Moore 2021-10-14 20:35:16 -07:00 committed by GitHub
commit 00a063d0c0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 31 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
windows/client-management/manage-device-installation-with-group-policy.md
View File

@ -376,9 +376,9 @@ Creating the policy to prevent all printers from being installed:
1. If you have not completed step #9 follow these steps: 1. If you have not completed step #9 follow these steps:
- Uninstall your printer: Device Manager > Printers > right click the Canon Printer > click “Uninstall device”. 1. Uninstall your printer: Device Manager > Printers > right click the Canon Printer > click “Uninstall device”.
- For USB printer unplug and plug back the cable; for network device make a search for the printer in the Windows Settings app. 1. For USB printer unplug and plug back the cable; for network device make a search for the printer in the Windows Settings app.
- You should not be able to reinstall the printer. 1. You should not be able to reinstall the printer.
2. If you completed step #9 above and restarted the machine, simply look for your printer under Device Manager or the Windows Settings app and see that it is no-longer available for you to use. 2. If you completed step #9 above and restarted the machine, simply look for your printer under Device Manager or the Windows Settings app and see that it is no-longer available for you to use.

2
windows/client-management/mandatory-user-profile.md
View File

@ -68,7 +68,7 @@ First, you create a default user profile with the customizations that you want,
1. At a command prompt, type the following command and press **ENTER**. 1. At a command prompt, type the following command and press **ENTER**.
```dos ```console
sysprep /oobe /reboot /generalize /unattend:unattend.xml sysprep /oobe /reboot /generalize /unattend:unattend.xml
``` ```

26
windows/client-management/troubleshoot-tcpip-port-exhaust.md
View File

@ -39,7 +39,7 @@ You can view the dynamic port range on a computer by using the following netsh c
The range is set separately for each transport (TCP or UDP). The port range is now a range that has a starting point and an ending point. Microsoft customers who deploy servers that are running Windows Server may have problems that affect RPC communication between servers if firewalls are used on the internal network. In these situations, we recommend that you reconfigure the firewalls to allow traffic between servers in the dynamic port range of **49152** through **65535**. This range is in addition to well-known ports that are used by services and applications. Or, the port range that is used by the servers can be modified on each server. You adjust this range by using the netsh command, as follows. The above command sets the dynamic port range for TCP. The range is set separately for each transport (TCP or UDP). The port range is now a range that has a starting point and an ending point. Microsoft customers who deploy servers that are running Windows Server may have problems that affect RPC communication between servers if firewalls are used on the internal network. In these situations, we recommend that you reconfigure the firewalls to allow traffic between servers in the dynamic port range of **49152** through **65535**. This range is in addition to well-known ports that are used by services and applications. Or, the port range that is used by the servers can be modified on each server. You adjust this range by using the netsh command, as follows. The above command sets the dynamic port range for TCP.
```cmd ```console
netsh int <ipv4|ipv6> set dynamic <tcp|udp> start=number num=range netsh int <ipv4|ipv6> set dynamic <tcp|udp> start=number num=range
``` ```
@ -58,7 +58,7 @@ Since outbound connections start to fail, you will see a lot of the below behavi
- Unable to sign in to the machine with domain credentials, however sign-in with local account works. Domain sign-in will require you to contact the DC for authentication which is again an outbound connection. If you have cache credentials set, then domain sign-in might still work. - Unable to sign in to the machine with domain credentials, however sign-in with local account works. Domain sign-in will require you to contact the DC for authentication which is again an outbound connection. If you have cache credentials set, then domain sign-in might still work.
![Screenshot of error for NETLOGON in Event Viewer.](images/tcp-ts-14.png) :::image type="content" alt-text="Screenshot of error for NETLOGON in Event Viewer." source="images/tcp-ts-14.png" lightbox="images/tcp-ts-14.png":::
- Group Policy update failures: - Group Policy update failures:
@ -82,13 +82,13 @@ If you suspect that the machine is in a state of port exhaustion:
2. Open event viewer and under the system logs, look for the events which clearly indicate the current state: 2. Open event viewer and under the system logs, look for the events which clearly indicate the current state:
a. **Event ID 4227** 1. **Event ID 4227**
![Screenshot of event id 4227 in Event Viewer.](images/tcp-ts-18.png) :::image type="content" alt-text="Screenshot of event ID 4227 in Event Viewer." source="images/tcp-ts-18.png" lightbox="images/tcp-ts-18.png":::
b. **Event ID 4231** 1. **Event ID 4231**
![Screenshot of event id 4231 in Event Viewer.](images/tcp-ts-19.png) :::image type="content" alt-text="Screenshot of event ID 4231 in Event Viewer." source="images/tcp-ts-19.png" lightbox="images/tcp-ts-19.png":::
3. Collect a `netstat -anob` output from the server. The netstat output will show you a huge number of entries for TIME_WAIT state for a single PID. 3. Collect a `netstat -anob` output from the server. The netstat output will show you a huge number of entries for TIME_WAIT state for a single PID.
@ -107,7 +107,7 @@ You may also see CLOSE_WAIT state connections in the same output, however CLOSE_
4. Open a command prompt in admin mode and run the below command 4. Open a command prompt in admin mode and run the below command
```cmd ```console
Netsh trace start scenario=netconnection capture=yes tracefile=c:\Server.etl Netsh trace start scenario=netconnection capture=yes tracefile=c:\Server.etl
``` ```
@ -119,15 +119,15 @@ The key is to identify which process or application is using all the ports. Belo
### Method 1 ### Method 1
Start by looking at the netstat output. If you are using Windows 10 or Windows Server 2016, then you can run the command `netstat -anobq` and check for the process ID which has maximum entries as BOUND. Alternately, you can also run the below Powershell command to identify the process: Start by looking at the netstat output. If you are using Windows 10 or Windows Server 2016, then you can run the command `netstat -anobq` and check for the process ID which has maximum entries as BOUND. Alternately, you can also run the below PowerShell command to identify the process:
```Powershell ```powershell
Get-NetTCPConnection | Group-Object -Property State, OwningProcess | Select -Property Count, Name, @{Name="ProcessName";Expression={(Get-Process -PID ($_.Name.Split(',')[-1].Trim(' '))).Name}}, Group | Sort Count -Descending Get-NetTCPConnection | Group-Object -Property State, OwningProcess | Select -Property Count, Name, @{Name="ProcessName";Expression={(Get-Process -PID ($_.Name.Split(',')[-1].Trim(' '))).Name}}, Group | Sort Count -Descending
``` ```
Most port leaks are caused by user-mode processes not correctly closing the ports when an error was encountered. At the user-mode level ports (actually sockets) are handles. Both **TaskManager** and **ProcessExplorer** are able to display handle counts which allows you to identify which process is consuming all of the ports. Most port leaks are caused by user-mode processes not correctly closing the ports when an error was encountered. At the user-mode level ports (actually sockets) are handles. Both **TaskManager** and **ProcessExplorer** are able to display handle counts which allows you to identify which process is consuming all of the ports.
For Windows 7 and Windows Server 2008 R2, you can update your Powershell version to include the above cmdlet. For Windows 7 and Windows Server 2008 R2, you can update your PowerShell version to include the above cmdlet.
### Method 2 ### Method 2
@ -157,7 +157,7 @@ Steps to use Process explorer:
File \Device\AFD File \Device\AFD
![Screenshot of Process Explorer.](images/tcp-ts-22.png) :::image type="content" alt-text="Screenshot of Process Explorer." source="images/tcp-ts-22.png" lightbox="images/tcp-ts-22.png":::
10. Some are normal, but large numbers of them are not (hundreds to thousands). Close the process in question. If that restores outbound connectivity, then you have further proven that the app is the cause. Contact the vendor of that app. 10. Some are normal, but large numbers of them are not (hundreds to thousands). Close the process in question. If that restores outbound connectivity, then you have further proven that the app is the cause. Contact the vendor of that app.
@ -165,7 +165,7 @@ Finally, if the above methods did not help you isolate the process, we suggest y
As a workaround, rebooting the computer will get the it back in normal state and would help you resolve the issue for the time being. However, when a reboot is impractical, you can also consider increasing the number of ports on the machine using the below commands: As a workaround, rebooting the computer will get the it back in normal state and would help you resolve the issue for the time being. However, when a reboot is impractical, you can also consider increasing the number of ports on the machine using the below commands:
```cmd ```console
netsh int ipv4 set dynamicport tcp start=10000 num=1000 netsh int ipv4 set dynamicport tcp start=10000 num=1000
``` ```
@ -176,7 +176,7 @@ This will set the dynamic port range to start at port 10000 and to end at port 1
For Windows 7 and Windows Server 2008 R2, you can use the below script to collect the netstat output at defined frequency. From the outputs, you can see the port usage trend. For Windows 7 and Windows Server 2008 R2, you can use the below script to collect the netstat output at defined frequency. From the outputs, you can see the port usage trend.
``` ```console
@ECHO ON @ECHO ON
set v=%1 set v=%1
:loop :loop