What is PortableBaseLayer Partition?

Some Windows 10 users with May 2019 update are seeing a new partition called PortableBaseLayer. If this is your first time, you might wonder what in the world is the PortableBaseLayer partition.

What is PortableBaseLayer Partition?

Before you ask me, no, PortableBaseLayer is not a virus, malware, or rouge partition.

PortableBaseLayer is a system partition created for Windows Sandbox.

When you enable the Windows Sandbox, the operating system will automatically create the PortableBaseLayer partition and places all the important files that are necessary to run the sandbox.

Depending on your usage, the partition size will be anywhere from 1GB to 10GB. Sometimes, it might even exceed that range too.

In case you don’t know, Windows Sandbox is what it sounds like. It is a built-in sandbox that lets you test programs and settings without affecting the host operating system. Compared to traditional solutions like VMware and VirtualBox, Windows Sandbox is lightweight, fast, and easy to use.

All pro and enterprise users can enable Windows Sandbox as long as the system meets the minimum requirements.

Can I Delete PortableBaseLayer Partition?

No, don’t delete the partition manually as it might corrupt the Windows Sandbox.

How to disable Sign-in screen acrylic (blur) background on Windows 10 May 2019 Update

How to disable Sign-in screen blur background using Settings

The easiest and safest process to disable the acrylic material effect in the Sign-in screen background is to use the Settings app, with these steps:

  1. Open Settings.
  2. Click on Personalization.
  3. Click on Colors.
  4. Turn off the Transparency effects toggle switch.

Once you complete these steps, the Sign-in screen will show a clear background like in previous versions. The only caveat to using this option is that you’ll also lose the transparency effects across the desktop and apps.

Read more »

Game DVR problem: “Sorry, this PC doesn’t meet the hardware requirements for recording clips.”

According to Microsoft These are the Requirements for “Game DVR On Windows 10”

Hardware requirements for Game DVR on Windows 10

To record game clips with Game DVR on Windows 10, your PC’s video card must support one of these encoders:

  • Intel Quick Sync H.264
  • NVidia NVENC
  • AMD VCE

To check the video card on your PC, go to the search box on the taskbar and search for “device manager.” In Device Manager, expand Display adapters.

Video cards that support NVidia NVENC include:

  • Most GeForce 600 series or later
  • Most Quadro K series or later

Please refer to NVIDIA NVENC Support Matrix for more details.

You always have the option to take a screenshot of your game, even if you don’t have one of these cards.

If your PC can’t record game clips, you’ll get a message like this when you try to make one:

Sorry, this PC doesn’t meet the hardware requirements for recording clips.

In that case, do one of the following:

  • Get the latest driver for your current video card (if your PC has more than one video card, make sure the drivers are up to date for both)
  • Install one of the video cards listed here

If your PC has multiple video cards and only one supports Game DVR, make sure you’re using the monitor connected to that card when you record your game.

If you have a supported video card whose driver is up to date and you still can’t record games, open Feedback Hub (a Windows 10 app) and add feedback so we can investigate.

for Original Source click Here

But i had all requirements on my Computer and i still get that error and this helped me to fix this issue.

1)Hold windows button and then press R to open RUN.
2)Type “regedit” and press enter
3)Go to HKEY_lOCAL_MACHINE/ SYSTEM/ CurrentControlSet/ Control
4)Change the entry PortableOperatingSystem from 1 to 0.
5) Reboot

 

 

Windows wouldn’t hibernate with Error Event ID 45: volmgr

Just to share my 3-day battle with Windows 7 32bit Pro after it was installed on the Kingston V+100E Self-encrypting SSD 64GB.

To be fair, the problem has little to do with the Kingston SSD actually. There may be incompatibility with Truecrypt 7.1 & Self-encrypting SSD, or it could be old registry entries left-over from my old encrypted HDD but I didn’t investigate further since I’ve solved my hibernation problem.

Update at the end of this article!

*******************************

System:

OS: Win7 32bit Pro (New install, not upgrade)

Laptop: Fujitsu T4215 with CPU upgraded to Intel T7200

HDD: WD Scorpio Black 320GB (Truecrypt 7.1 System FDE) -> Kingston V+100E 64GB (Self-encryption)

Drivers: (All updated to latest from manufacturer)

********************************

Everything seems to work well until I run Easy Transfer to transfer my account from my old HDD to the new SSD. My old WD Scorpio Black was encrypted using Truecrypt 7.1 so there were active Truecrypt registry entries which I’m not aware of & few people seem to know about. Google it & you would’t find many entries if any.

Hibernation will always fail with black screen. When KB/Mouse is touched, the login screen is shown. Event Viewer will show Event ID 45 Error caused by volmgr on \device\harddiskvolume2 (which is my C:\). What’s cryptic is the error is a crash dump driver error. What has crash-dumping in volmgr.sys got to do with hibernation?

A lot in fact, after kernel-mode drivers had crashed or unloaded, the only way the NT Kernel could do stuff is through special filters apparently. So to activate Hibernation, the Kernel has to unload everything & dump everything in RAM to HDD. What if you’re running Bitlocker or Truecrypt, which are software-based encryption?

The Kernel has to filter the RAM data thru these small programs so the Hibernation or Crash dumps are encrypted as well, else there’ll be a security risk. dumpfve.sys for Bitlocker & truecrypt.sys for Truecrypt 7. Unfortuntately I don’t see this documented anywhere. (I did not search SourceForge though.) I found out when I was hunting in the registry.

This registry key is where I found the offending entry.

HKLM\SYSTEM\CurrentControlSet\Control\CrashControl -> DumpFilters

In it, I found “dumpfve.sys” & “truecrypt.sys”. Now I did not install Truecrypt in the new system so the only way is thru’ Easy Transfer.

OK, fine, so I install Truecrypt 7.1 to make sure the proper files are installed. But after rebooting, Windows BSOD & I couldn’t see any crash dump! It may be that active Truecrypt registry is still there thinking the SSD was encrypted. Well I can’t have that! So I did a System Restore & booted up. I then remove the truecrypt.sys entry in all Registry keys, adjust my pagefile size, enabled crash dump 128KB & enabled hibernation with “-size 100”.

Hit the Hibernation button & it WORKS!!!

After that, whatever changes I did to pagefile.sys & crash dump size did not affect Hibernation.

So for those of you who have hibernation problems with Event ID 45 from volmgr. Check your crashdump filter.

Now I still need Truecrypt to access the old encrypted WD Scorpio Black, so what I did was to install Truecrypt in “Portable” mode & run the .exe files instead of an installation. Done!

Update (19/3/2012):

Recently I cleaned the registry of all entries with Truecrypt & install the latest 7.1a version & Windows did not BSOD so I’m a happy camper again. Seems like Truecrypt doesn’t leave many entries in Windows itself, which is a GOOD thing!

Thanks to (original source)

Switch Windows 10 License from KMS to MAK

 

First Make Sure your not having a OEM or Retail Version installed, before activate with a MAK Key

Run this command to find the Edition installed

slmgr -dli

License Type Description
Retail This when you buy a Full Packaged Product (FPP), commonly known as a “boxed copy”, of Windows from a retail merchant or purchases Windows online from the Microsoft Store. Product keys can be transferred to another PC.
OEM Product keys are issued by the original equipment manufacturer (OEM) and are not-for-resale and may not be transferred to another computer. They may, however, be transferred with the computer if the computer is transferred to new ownership. If the OEM PC came preinstalled with Windows 8 or Windows 10, then the product key will be embedded in the UEFI firmware chip.
Volume KMS Client and Volume MAK product keys, are volume license keys that are not-for-resale. They are issued by organizations for use on client computers associated in some way with the organization. Volume license keys may not be transferred with the computer if the computer changes ownership. This form of licensing typically applies for business, government and educational institutions, with prices for volume licensing varying depending on the type, quantity and applicable subscription-term. A volume license key (VLK) denotes the product key used when installing software licensed in bulk, which allows a single product key to be used for multiple installations. For example, the Windows Enterprise edition is activated with a volume license key.

Below are some commands that can be used to convert a Windows 7/8/10 machine from KMS licensing over to MAK by using a MAK key:

  1. Open an administrative command prompt (or run a remote psexec shell or remote PowerShell).
  2. Change directory to C:\Windows\System32
  3. Run the following command to uninstall the current product key on the system:
    cscript slmgr.vbs /upk
  4. Install the new MAK key using the following command:
    cscript slmgr.vbs /ipk TypeYourMAKkeyHereWith-
  5. Once the new key is installed, activate it using the following command:
    cscript slmgr.vbs /ato
  6. You can check the licensing status using the following command:
    cscript slmgr.vbs /dlv

Device manager shows disk is read only

The following steps will show you how to use Diskpart to look at these settings and also how to clear them.

1.       Open a command prompt, type in Diskpart and then press Enter.

2.       Run the command “List Disk” and press Enter.

 

3.       Decide which disk you want to look at and then run the command “Select Disk n” where n stands for the number you see from the previous command.  In this case, I am going to look at disk 2.

 

4.       To see the attributes of Disk 1 now that it is selected, run the command “attributes disk”.

 

As you can see, I had already set the disk to Read-only, so both the “Current Read-only State” and “Read-only” attributes are set to Yes.

5.       To clear the “Read-only” attribute, run the command “attributes disk clear readonly”.

 

As you can see, now the “Current Read-only State” and “Read-only” attributes are set to No and the disk is now writeable.  To exit Diskpart, just type the word “exit” and then press enter.

Hopefully this will help you understand these attributes and help you diagnose a read-only problem with your disk.

Windows 10 Start menu not working after joined to Domain

There may be many scenarios this could happen.  in this scenario you may be having a Windows 2008 R2 domain controller with this kind of group policy setting for registry (this is not a default group policy setting)

 

 

And These are the Default Permissions for this Registry Entry

 

The problem is For windows 10 “CLASSES_ROOT” need more permission to Access Windows Start menu settings

With Windows 2008 R2 Domain controllers this permission group is not available.If you need to add customized group policy settings for “CLASSES_ROOT” you need to have Windows 2012 R2 Domain controller or server 2016 domain Controller in your environment.

 

This is a screen shot from default settings for “CLASSES_ROOT” in Server 2016 Domain controller

 

 

What happen is When you modify that Registry entry with a Group policy in Windows 2008 R2 domain controller.Windows 10 Client PC will loss “ALL APPLICATION PACKAGES” FROM reading CLASSES_ROOT Registry permissions.

If your having only Windows 2008 R2 domain controller.

Delete This Group policy setting

Computer configuration > policies > Windows settings > Security Settings > registry > “CLASSES_ROOT”

run “gpupdate /force” on windows 10 Client PC

Login to Windows 10 PC As Domain Administrator

Go to Registry (Press Windows key + R and type regedit and press enter)

right click HKEY_CLASSES_ROOT And click permission and add “ALL APPLICATION PACKAGES” Group from LOCAL computer and give read only permission

Then click “Advanced” Button and tick “Replace all child object permission entire with inheritable permission entries from the object” and click apply it might take some time to apply settings.click OK and close registry editor and reboot.

If you have  introduced a 2012 R2 or a Server 2016 Domain controller to the existing domain with 2008 R2 you can just edit the Group policy setting for CLASSES_ROOT From 2012 R2 Domain controller Group policy editor and edit CLASSES_ROOT and click on “Add” Button > click “Location” Button > Select “LOCAL COMPUTER NAME” and Click OK.

Click “Advanced” And click “Find” then Select “ALL APPLICATION PACKAGES” Group click OK Twice and give “Read only” permissions for “ALL APPLICATION PACKAGES” Group.Click OK to save. run a “gpupdate /force” on the client computer and reboot.

that’s it, hope this will help to fix start menu not working problem in windows 10 ,even if your not in a domain environment you can just check this registry entry for correct permissions.

 

 

Windows 10 1803 Remote Desktop (RDP) Auto login not working

You may Face a problem with RDP Auto login is not working for saved Remote Desktop connection After Upgraded to windows 10 build 1803

or you will get this error message “Remote computer: This could be due to CredSSP Encryption Oracle Remediation”

What you have to do is edit local group policy settings.and go to

(To open Group policy settings go to “Run” And type “gpedit.msc” and press enter)

Computer configuration > Administrative Templates > System > Credentials Delegation

Edit “Encryption Oracle Remediation” and click “Enable” and change value in “Protection Level” to “Vulnerable” close Group policy and run “gpupdate /force” at command prompt.

Slow Outlook 2016 Autodiscover with Office 365 or Internal Exchange Server

In case you run into slow account setup with Outlook 2016, which can take up to 10 mins or more. To workaround this issue, you may use the following Registry settings to force Outlook to bypass the root domain discovery and redirect to the autodiscover CNAME or A record to resolve the address for autodiscover settings.

For Outlook 2016:

Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\AutoDiscover]
“ExcludeHttpsRootDomain”=dword:00000001

Note: For Office PC that has joined the Microsoft Active Directory, there is no need to amend the registry. This setting will be applied via the group policy when you login the system. and make sure Exchange Internal auto discovery DNS Entries are already created to auto discover internal Exchange Server

 

More Information Available at http://www.mistercloudtech.com/2015/12/08/how-to-resolve-slow-office-2016-autodiscover-with-office-365/

PowerShell to FIX: the trust relationship between this workstation and the primary domain failed

Open PowerShell as administrator. Run this command sequence:
$credential = Get-Credential  (enter domain admin account when prompted)

Reset-ComputerMachinePassword -Server ClosestDomainControllerNameHere