Error Accessing Active Directory Tools in a Domain

I came across a strange error when trying to connect to active directory users and computers where I could not access the domain tool.

The error it's self was pretty generic, as shown below.

It turned out that there was an issue with a sysvol registration, we had just setup a new AD Controller and demoted and removed an old one.  To fix the issue modify the SysVolReady from 0 to 1 as shown below.

 Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters

Then you will be able to access your active directory tools again; and you can verify using run net share.  You should see a result like below if it is working properly.

Changing Apache Tomcat Catalina from using a jks keystore to a pfx keystore

I have an Apache Tomcat server that was using a jks keystore; but when I got a new certificate it was having an issue with the trust chain when I updated the certificate.  Since this is a tomcat server running on windows; I decided to move to a PFX certificate.  You can read my post on How to create a PFX Certificate if you need more information on how to do that.

For pathing the .pfx certificate is in the tomcat directory where the original jks keychain is. To change the certificate we have to update the server.xml file.  Specifically where we have the SSL Connector connecting.  When updating the connector be sure to stop the apache tomcat service and restart it after the update.

<!-- Define a SSL HTTP/1.1 Connector on port ****

         This connector uses the JSSE configuration, when using APR, the

         connector should be using the OpenSSL style configuration

         described in the APR documentation -->

    <Connector port="****"

               protocol="HTTP/1.1"

               SSLEnabled="true"

               maxThreads="150"

               connectionTimeout="20000"

               URIEncoding="UTF-8"

               compression="on"

               compressionMinSize="1000"

               noCompressionUserAgents="gozilla, traviata"

               compressableMimeType="text/html,text/xml,text/css,text/javascript"

               xpoweredBy="false"

               scheme="https"

               secure="true"

               keystoreFile="$KeystoreFile"

               keystorePass="$KeystoreFilePassword"

               clientAuth="false"

               sslProtocol="TLS"

               server="$SERVER.DOMAIN.CA"

               />

What we need to update is add the keystoreType to the serverXML file

    <!-- Define a SSL HTTP/1.1 Connector on port 8443

         This connector uses the JSSE configuration, when using APR, the

         connector should be using the OpenSSL style configuration

         described in the APR documentation -->

    <Connector port="8443"

               protocol="HTTP/1.1"

               SSLEnabled="true"

               maxThreads="150"

               connectionTimeout="20000"

               URIEncoding="UTF-8"

               compression="on"

               compressionMinSize="1000"

               noCompressionUserAgents="gozilla, traviata"

               compressableMimeType="text/html,text/xml,text/css,text/javascript"

               xpoweredBy="false"

               scheme="https"

               secure="true"

               keystoreFile="$Cert.pfx"

               keystorePass="$KEYSTOREPASSWORD"

       keystoreType="PKCS12"

               clientAuth="false"

               sslProtocol="TLS"

               server="$SERVER.DOMAIN.CA"

               />

Once the update is complete and Apache Tomcat has been restarted; you can check your certificate chain using SSL Shopper

How to create a PFX certificate file using OpenSSL on Windows

Here is how to create a .pfx certificate for use with a webserver be it IIS, Apache tomcat, what ever you happen to be using that can support a .pfx certificate.

I'm working in windows, so if you don't have it installed; install it from https://slproweb.com/products/Win32OpenSSL.html

I installed Open SSL to my C:\Program Files and set my working directory to the \bin directory.

You will need three files for generating the .pfx.

• Your key file, 
• the provided domain certificate 
• intermediate certificate file

Using cmd prompt or powershell go to your working directory in my case

cd "C:\Program Files\OpenSSL-Win64\bin"

The command is pretty simple; below is the command replace the blue text with what you want to generate your PFX File.

• $Certificate.pfx = what you want your cert name to be
• $domain_private_key.key = Your domain key for registering SSL Certficates
• $certficiate.crt = Your certificate file from your register for your domain
• $intermediate.crt = Your intermediate certificate provided by your registar such as godaddy

openssl pkcs12 -export -out $certificate.pfx -inkey $domain_private_key.key -in $certificate.crt -certfile $intermediate.crt

The certificate will be generate in the \bin directory so don't forget to clean up after yourself and remove your files.  My source files I put into a folder called source and the certs I put into a folder called certs

Upgrading Windows 11 From 23H2 to 25H2 causes error 0x800f0991

 I had a heck of a time upgrading my Windows 11 Pro System from 23H2 to 25H2 and I really did not want to do a clean install.  I really shouldn't have had a problem but it was; the issue had to do with Hyper-V and Windows Subsystem for Linux.

My system is an AMD Ryzen 9 with all the bells and whistles, and it was constantly failing windows update where the error was 0x800f0991.

Running DISM & SFC did not help at all with the results displaying everything was fine with the system.  Booting from USB and trying an offline scan also proved to be useless.

I do a lot of work with Hyper-V and upgrading from 21h2 to 23H2 was painless which is why I was so puzzled why I couldn't go from 23H2 to 25H2.  I figured it had to be something with windows virtualization; it was the only thing it could be.  I have a number of 3rd party software installed a game or two but with the changes in Hyper-V, the network virtualization stack, it made the most sense that was going to be the best place to start.

So I backed up my VM's exporting them before removing Hyper-V.  I had to remove Data Center Bridging, Hyper-V, Virtual Machine Platform, Windows Hypervisor, and Windows Subsystem for Linux.

Before removing the virtualization components in windows it failed the 6 times when I tried to upgrade though a booted USB and PC Health Check.

Once that was done I was able to upgrade using PC Health Check.

Now that I'm updated to Windows 11 25H2; unfortunately Hyper-V will not work and causes a continuous boot loop.  However the upgrade to 25H2 from 23H2 worked very well so long as Hyper-V was removed.

Autodesk 2026 Crashes Trying to open an AutoDesk 2023 file

I did a system upgrade of a Autodesk Revit Machine where the upgrade was a significant one  The system was 10 years old an Intel i7 2600K to an AMD Ryzen 5 9600X.  The CPU boost alone is significant but everything was just better.  Going from 32GB DDR3 to 64GB DDR4 and upgrading from an ATI FirePro 4800 to a Nvida RTX 5060.  The Storage also got a huge boost moving from a 1TB SATA SSD to a Gen4 M.2 2tb WD Black.

CPU Comparision

The system came together great, it loaded autocad, revit extremely quickly and rending files that would normally take hours took just a few minutes.  Then the SNAG happened.

A particular file that they were working with did not work on the new system.  It opened fine on the old system but it took a while to make changes and they wanted to migrate the job file to the new system and the new version of REVIT.  Given the generational changes in processing not to mention it being completely different CPU architectures, upgraded software, windows 11 pretty much anything could be causing the issue.  There was no other file that had an issue like this file.

With no other files seemingly being affected, and the old system did not have the problem with opening or rendering the file so I started looking into differences in the software and the system.  We even got autodesk involved, and they didn't have any trouble opening the file; however no one tried to render it.

We did as they asked and tried the following:

Please try this
1. Install all the updates for windows, and video card driver, restart computer
2. Close all Autodesk programs.
3. Run "Autodesk Access", sign in as your email
4. Install all the updates listed from bottom towards up
5. Restart computer.

If still not working, try the following 3 things:

1. https://www.autodesk.com/support/technical/article/caas/sfdcarticles/sfdcarticles/Clear-a-corrupt-damaged-C4R-model-from-the-system.html

2. https://www.autodesk.com/support/technical/article/caas/sfdcarticles/sfdcarticles/How-to-Disable-Add-Ins-for-Revit-Products.html

3. https://www.autodesk.com/support/technical/article/caas/sfdcarticles/sfdcarticles/How-to-reset-Revit-to-the-installation-defaults.html

Hope this helps, let me know.

When none of that worked; did some more research but came up empty.  Below are some of the things I tried to get the system to open the file.  Really the file opened but no changes could be made and the file would not render it was quite the issue.

Troubleshooting:

For Revit 2026, you can disable add-ins by using the built-in Add-Ins Manager, its standalone application, or by manually moving the add-in files from their installation directory. These methods allow you to manage add-ins individually, as a group, or disable them entirely. 

How to use the Add-Ins Manager

• Inside Revit: Click on the Manage tab, then find the Extensions panel and click Add-Ins Manager. From here, you can enable or disable individual add-ins, all add-ins, or macros. The changes will take effect after restarting Revit.
• Standalone Application: Search for "Revit Add-Ins Manager" in the Windows Start menu or navigate to the installation folder at <Revit installation folder>AddInsManager\RevitAddInsManager.exe. This is useful if a faulty add-in prevents Revit from launching.
• Cloud Models: If you are working with cloud models, you may need to deselect all items in the Add-Ins Manager and then recheck only the Autodesk Collaborate add-in before restarting Revit. 

How to disable all add-ins at once

For users who need to disable all third-party add-ins at once, you can modify the Revit.ini file. 

• Add a section called [API].
• Add the line DisableUserAddinsAndMacros=1.
• To re-enable the add-ins, change the value to 0.
• Restart Revit for the changes to take effect.

3. General System and Software Troubleshooting

• Disable Add-ins: Temporarily disable all third-party add-ins in Revit 2026 to see if a conflict is causing the crash.
• Update Graphics Drivers: Ensure your graphics card drivers are updated to the latest certified version from the manufacturer's website.
• Check System Resources: Verify your system meets the Revit 2026 System Requirements (16 GB RAM minimum, 100 GB free disk space for temp files recommended).
• Clean Reinstallation: If all else fails, a clean uninstall and reinstall of Revit 2026 may be necessary to resolve a corrupted installation.
• Check Windows Event Viewer: This can provide clues about the crash details. 

If the problem persists, gather your Revit journal files and submit a support ticket to Autodesk with the crash report number for further investigation. 

The default location for Revit journal files is: C:\Users\%USERNAME%\AppData\Local\Autodesk\Revit\<Autodesk Revit version>\Journals. This folder can be accessed by typing %LOCALAPPDATA%\Autodesk\Revit\<Autodesk Revit version>\Journals into the File Explorer address bar. If you cannot find the folder, it may be hidden, so you will need to enable "Show hidden files, folders, and drives" in Windows' folder options.  

• Default location: 

  C:\Users\%USERNAME%\AppData\Local\Autodesk\Revit\<Autodesk Revit version>\Journals. 
• To find it quickly: 

  Type %LOCALAPPDATA%\Autodesk\Revit\<Autodesk Revit version>\Journals into the File Explorer address bar. 
Replace the placeholder: 
Replace <Autodesk Revit version> with your specific version, such as Autodesk Revit 2024 or Autodesk Revit 2023. 

Crashes when opening of a Revit model

• Cloud Model: If the model being opened is stored on a BIM 360 or Autodesk Docs cloud project, see the following article: Crash with or without CER occurs when trying to open any model in Revit.

• Install Revit Updates: See the following article: How to keep Revit updated.

• Install clean Revit: How to Complete a Clean Uninstall of Revit products 

• Disable Add-ons: See the following article: Check if add-ons are causing unexpected behavior in Revit.

• Try opening the file with Audit.

• Open with worksets closed

  1. Open the model with the worksets containing linked models closed: Open Worksets.

  2. If the model opens, reload each link individually until the problematic link is identified.

• Crash on Windows 11 environment:

  • Crash when using steel connections: SQLDUMPER.EXE window opening and closing when launching or working in Revit or Advance Steel

  • Crash with update Windows 11 24H2: Crashes in Revit after updating to Windows 11 24H2

• Crash in Revit 2024 at conflicting/ corruption schemas when using mixed Revit updates: Schema Conflicts in Revit 2024

Note: See the following for Revit and AutoCAD links: 

• • "Data in file (file name).rvt is corrupt and needs to be manually recovered" when opening a file or syncing a file to central in Revit.

  • How to repair corrupt AutoCAD files.

More Troubleshooting

See the following link for more troubleshooting: Crash AND open.

For Revit 2019 and older

1. Rename or Delete the Flexnet files:

Close all Autodesk software, then rename or delete the following three files from this location: C:\ProgramData\FLEXnet

• • adskflex_<number>_tsf.data

  • adskflex_<number>_event.log

  • adskflex_<number>_tsf.data_backup.00

Note: Check if the files are not hidden using these steps: How to turn on hidden files and folders on Windows.

2. Locate and rename the ADUT folder:

   1. Go to C:\User\username\AppData\Roaming\Autodesk\ADUT.

   2. Rename the folder (for example, to "ADUT2").

3. Delete the contents of the folder: C:\ProgramData\Autodesk\CLM\LGS.

The Fix

The fix ended up being an issue with SteelConnections.  I paid careful attention to what the system was doing when it was trying to render and noticed it was crashing bringing up steelconnections.  So what I had to do was manually remove steelconnections from the addins folder.

Close Revit.

Browse to the folder C:\ProgramData\Autodesk\Revit\Addins\[Version].
eg  %PROGRAMDATA%\Autodesk\Revit\Addins\2026

Move the add-in files to another location to temporarily disable them. Renaming the files will not work. (eg moving steelconnections2026.addin to the desktop)

Restart Revit to confirm the add-ins are no longer available. 

That fixed the issue with the file.  The file rendered very fast taking only a few minutes on settings that use to take the older system hours.

*Note to re-enable the addin move it back to the addins directory

A powershell script to update rustdesk in action 1

For maintaining remote access for our IT systems we use a mix of action1 and rustdesk.  Though action1 has a very good remote web interface it can be slow at times.  I've setup a rustdesk server for additional security.  Below is a powershell script that I created.  

The script creates a folder for downloading rustdesk from github; and if it isn't there create it, download and install.  There is a else where if it is installed, uninstall rustdesk then create the install directory and install the latest version.

$Folder = 'c:\#NAMEOFFOLDER'

"Test to see if folder [$Folder]  exists"

if (Test-Path -Path $Folder) {

Remove-Item -Recurse -Force c:\#NAMEOFFOLDER\*.*

Remove-Item 'c:\#NAMEOFFOLDER'

Get-CimInstance -ClassName win32_product | Where-Object Name -Match "RustDesk" | 

    ForEach-Object -Process { 

        Invoke-CimMethod -InputObject $_ -Name Uninstall 

                            }

New-Item -Path "c:\" -Name "#NAMEOFFOLDER" -ItemType "directory"

Invoke-WebRequest https://github.com/rustdesk/rustdesk/releases/download/1.4.6/rustdesk-1.4.6-x86_64.msi -OutFile c:\saplit\rustdesk-1.4.0-x86_64.msi

$pkg = "c:\#NAMEOFFOLDER\rustdesk-1.4.0-x86_64.msi";

Start-Process msiexec "/i $pkg /norestart /qn" -Wait;

##Start-Process msiexec "/i $pkg /qn" -Wait;

##Start-Process msiexec "/i $pkg /norestart /qn" -Wait;

Start-Sleep -Seconds 30

Remove-Item -Recurse -Force c:\#NAMEOFFOLDER\*.*

Remove-Item 'c:\#NAMEOFFOLDER'

} else {

#uninstall rustdesk

Get-CimInstance -ClassName win32_product | Where-Object Name -Match "RustDesk" | 

    ForEach-Object -Process { 

        Invoke-CimMethod -InputObject $_ -Name Uninstall 

                            }

New-Item -Path "c:\" -Name "#NAMEOFFOLDER" -ItemType "directory"

Invoke-WebRequest https://github.com/rustdesk/rustdesk/releases/download/1.4.6/rustdesk-1.4.6-x86_64.msi -OutFile c:\saplit\rustdesk-1.4.0-x86_64.msi

$pkg = "c:\#NAMEOFFOLDER\rustdesk-1.4.0-x86_64.msi";

Start-Process msiexec "/i $pkg /norestart /qn" -Wait;

##Start-Process msiexec "/i $pkg /qn" -Wait;

##Start-Process msiexec "/i $pkg /norestart /qn" -Wait;

Start-Sleep -Seconds 30

Remove-Item -Recurse -Force c:\#NAMEOFFOLDER\*.*

Remove-Item 'c:\#NAMEOFFOLDER'

}

Removing a VM from Hyper-V High Availability cluster

 To remove a virtual machine from a Hyper-V High Availability cluster is really relatively trivial, so long as you don't have any system on the cluster in failover, you right click on the role and click remove

You will then be prompted; asking if you want to remove the role and you select YES.

Then the system is removed from the cluster and is operating on the host the VM was assigned to run to.

Automating SQL Data Dump and SFTP File Transfer with Powershell and WinSCP on Windows

We work with a third party that takes care of a few systems for us that we automated and to make that work we had to script an automated process to export data from our SQL server and automatically upload it to an SFTP Server.

For this setup we are using WINSCP for doing the file transfer and a combination of a bat file and powershell for exporting the data out of SQL and automating the process.  I am using windows for automating this process.

What will be required:

WINSCP

Powershell

So install powershell and WINSCP on to the system.  

Open powershell as and administrator and install the Clobber the WINSCP Module and the SQLServer module

Install-Module -Name PowershellGet

Install-Module -Name SQLServer

Install-Module -Name WinSCP

Once done we will make two files, they will be running from the same directory.

SQLDataExport.ps1 and gen_sql_data.bat

The powershell file is fairly straight forward. It essentially gets and runs the sql query and saves it to a directory as a txt or csv.

SQLDataExport.ps1

$serverInstance = "$address, $port" 

$databaseName = "$databaseName" 

$Username = "$databaseUser" 

 $Password = "$databasePassword" 

$filePath = "$PATH\$FILENAME" + (Get-Date).ToString("yyyyMMddTHHmmss") + ".txt" 

Import-Module SqlServer 

$sqlQuery = "$YOURSQLQUERY" 

Invoke-Sqlcmd -ServerInstance $serverInstance -Username $Username -Password $Password -Database $databaseName -TrustServerCertificate -Query $sqlQuery | Out-File $filePath -Encoding UTF8

BatFile (This is where all the FTP Magic happens)

@ECHO OFF

powershell.exe -executionpolicy remotesigned -File $PATHTOPOWERSHELLSCRIPT.ps1

timeout /t 120

echo "FTP Started" >> seed_exReport.rpt

date /t >> exReport.rpt

time /t >> exReport.rpt

echo option batch abort > ftpPutCmds.txt

echo option confirm off >> ftpPutCmds.txt

echo open sftp://$USERNAME@$SFTPURL -privatekey=$SFTPPRIVATEKEY.ppk -passphrase=$PASSWORD -hostkey=acceptnew >> ftpPutCommands.txt

echo option transfer binary >> ftpPutCmds.txt

echo cd seed >> ftpPutCmds.txt

echo put $SQLDATA_*.txt >> ftpPutCmds.txt

echo close >> ftpPutCmds.txt

echo exit >> ftpPutCmds.txt

"C:\Program Files (x86)\WinSCP\WinSCP.exe" /console /script=ftpPutCmds.txt /log="$PATH2Error.log" /loglevel=1* /logsize=5*100M

echo "FTP Finished" >> seed_exReport.rpt

IF EXIST *.txt (move *SQLDATA_*.txt Old\) REM move old file to a folder called old

date /t >> exReport.rpt

time /t >> exReport.rpt

echo. >> exReport.rpt

Once done you can setup the task scheduler to run the batfile.  You will need the script to start in the directory that the bat file and powershell file are in.

Allowing Windows 11 Access to Unauthenticated Shares

Windows 11 prevents you from accessing open SMB shares because they are a security risk.  However sometimes you need to access these unauthenticated shares for a variety of reasons.  Here is how you do that.

Method 1: Use the Local Group Policy Editor 

1. Open the search menu and type gpedit.msc, then select "Edit group policy" to open the Local Group Policy Editor.
2. Navigate to Computer Configuration > Administrative Templates > Network > Lanman Workstation.
3. Find and double-click the policy named "Enable insecure guest logons".
4. Select "Enabled," click "Apply," and then "OK".
5. Restart your computer for the changes to take effect. 
6. 
   
   

Method 2: Use the Registry Editor 

1. Open the search menu, type regedit, and press Enter to open the Registry Editor.
2. Navigate to the following path: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters.
3. In the right-hand pane, find the AllowInsecureGuestAuth value. If it doesn't exist, right-click in an empty space, select New > DWORD (32-bit) Value, and name it AllowInsecureGuestAuth.
4. Double-click AllowInsecureGuestAuth, set the "Value data" to 1, and click "OK".
5. Close the Registry Editor and restart your computer. 
6.