Windows 10 Start menu not working after joined to Domain

There may be many scenarios this could happen.  in this scenario you may be having a Windows 2008 R2 domain controller with this kind of group policy setting for registry (this is not a default group policy setting)



And These are the Default Permissions for this Registry Entry


The problem is For windows 10 “CLASSES_ROOT” need more permission to Access Windows Start menu settings

With Windows 2008 R2 Domain controllers this permission group is not available.If you need to add customized group policy settings for “CLASSES_ROOT” you need to have Windows 2012 R2 Domain controller or server 2016 domain Controller in your environment.


This is a screen shot from default settings for “CLASSES_ROOT” in Server 2016 Domain controller



What happen is When you modify that Registry entry with a Group policy in Windows 2008 R2 domain controller.Windows 10 Client PC will loss “ALL APPLICATION PACKAGES” FROM reading CLASSES_ROOT Registry permissions.

If your having only Windows 2008 R2 domain controller.

Delete This Group policy setting

Computer configuration > policies > Windows settings > Security Settings > registry > “CLASSES_ROOT”

run “gpupdate /force” on windows 10 Client PC

Login to Windows 10 PC As Domain Administrator

Go to Registry (Press Windows key + R and type regedit and press enter)

right click HKEY_CLASSES_ROOT And click permission and add “ALL APPLICATION PACKAGES” Group from LOCAL computer and give read only permission

Then click “Advanced” Button and tick “Replace all child object permission entire with inheritable permission entries from the object” and click apply it might take some time to apply OK and close registry editor and reboot.

If you have  introduced a 2012 R2 or a Server 2016 Domain controller to the existing domain with 2008 R2 you can just edit the Group policy setting for CLASSES_ROOT From 2012 R2 Domain controller Group policy editor and edit CLASSES_ROOT and click on “Add” Button > click “Location” Button > Select “LOCAL COMPUTER NAME” and Click OK.

Click “Advanced” And click “Find” then Select “ALL APPLICATION PACKAGES” Group click OK Twice and give “Read only” permissions for “ALL APPLICATION PACKAGES” Group.Click OK to save. run a “gpupdate /force” on the client computer and reboot.

that’s it, hope this will help to fix start menu not working problem in windows 10 ,even if your not in a domain environment you can just check this registry entry for correct permissions.



Windows 10 1803 Remote Desktop (RDP) Auto login not working

You may Face a problem with RDP Auto login is not working for saved Remote Desktop connection After Upgraded to windows 10 build 1803

or you will get this error message “Remote computer: This could be due to CredSSP Encryption Oracle Remediation”

What you have to do is edit local group policy settings.and go to

(To open Group policy settings go to “Run” And type “gpedit.msc” and press enter)

Computer configuration > Administrative Templates > System > Credentials Delegation

Edit “Encryption Oracle Remediation” and click “Enable” and change value in “Protection Level” to “Vulnerable” close Group policy and run “gpupdate /force” at command prompt.

Slow Outlook 2016 Autodiscover with Office 365 or Internal Exchange Server

In case you run into slow account setup with Outlook 2016, which can take up to 10 mins or more. To workaround this issue, you may use the following Registry settings to force Outlook to bypass the root domain discovery and redirect to the autodiscover CNAME or A record to resolve the address for autodiscover settings.

For Outlook 2016:

Windows Registry Editor Version 5.00

Note: For Office PC that has joined the Microsoft Active Directory, there is no need to amend the registry. This setting will be applied via the group policy when you login the system. and make sure Exchange Internal auto discovery DNS Entries are already created to auto discover internal Exchange Server


More Information Available at

PowerShell to FIX: the trust relationship between this workstation and the primary domain failed

Open PowerShell as administrator. Run this command sequence:
$credential = Get-Credential  (enter domain admin account when prompted)

Reset-ComputerMachinePassword -Server ClosestDomainControllerNameHere



Create a USB Drive for Windows Server 2016 Installation For UEFI Systems




The at least a 8GB USB drive has to be formatted in FAT32
The USB needs to be GPT and not MBR
Copy all files from the ISO to the USB drive

This is it, and here is how you do it:

First plugin your USB drive to your computer. The USB drive should be bigger than 6GB.

Open a CMD prompt or PowerShell using the Run as Administrator option and open diskpart. Now you can do list all this by using

list disk

Select the USB disk, in my case this was disk 1

select disk 1 (Be careful Select the correct Disk)

Clean the disk. Be careful this will remove all files and partitions on the USB media.


Now convert it to GPT

convert gpt

Create a new primary partition. But make sure the partition is not greater than 16GB otherwise it can be formatted with FAT32.

create partition primary

# If your USB drive is bigger than 16GB use the following command

create partition primary size=16000

Format the partition with FAT32

format fs=FAT32 quick

Assign a drive letter to the volume

assign letter=k

now you can exit the diskpart and copy all files from the Windows or Windows Server to the USB drive and boot it. This works with Windows 8, Windows 8.1, Windows 10, Windows Server 2012, Windows Server 2012 R2 and Windows Server 2016 or even Hyper-V Server in the same editions.


If Install.wim is larger than 4GB, you cannot copy the file to the drive, because of theFAT32 based partition limitation. The solutions for this is to split the wim file into smaller files.

split wim file using dism (you may have to change the drive letters):
dism /Split-Image /ImageFile:e:\sources\install.wim /SWMFile:k:\sources\install.swm /FileSize:4096

Your Account has been disabled after reconnect a Disconnected Mailbox in Exchange Server 2010


Thanks to Original Post at


Dears when an Exchange 2010 mailbox has been disabled it becomes a disconnected mailbox, may be you need to restore this mailbox and suddenly after restored you get the above message when you try to login through OWA “your account has been disabled”  but the mailbox already enable and to be sure you can list the disconnected mailboxes run the following PowerShell command

Get-MailboxStatistics -Database DBName | Where { $_.DisconnectReason -eq “Disabled” } | Format-List LegacyDN, DisplayName, MailboxGUID, DisconnectReason

Surprise!! Now the mailbox is simply disabledSad smile You have been guided to enable this mailbox by the following PowerShell command,

Enable-Mailbox -Identity UserName

Another Surprise !! you got the following Error message “This task does not support recipients of this type.” Sad smile And after Check the user type by the following PowerShell command

Get-mailbox UserName|Fl Recipient* you got the following results that mean no problem with the user type.

RecipientLimits            : unlimited
RecipientType              : UserMailbox
RecipientTypeDetails : UserMailbox

In this case if you try to export the user mailbox you will get the following error message: “Couldn’t connect to the source mailbox”

5-6-2014 9-53-48 AM

And this message let you make check on the MAPI if enable or not for this user by the following PowerShell command:

Get-CASMailbox -Identity UserName

5-6-2014 9-51-22 AM



And you found the MAPI enabled True that mean no problem by MAPI as the above figure.


At the End you need to say Haaaaaaa7Smile And solution is the following PowerShell Command after run it everything will be working normally SmileSmileSmile

Get-mailboxdatabase | Clean-mailboxdatabase


Enabling Disk Performance Counters in Windows Server 2016 Task Manager


In Windows Server 2012 R2 / 2016, disk performance counters were disabled by default because of a noted significant performance impact in collecting Disk metrics on a Server. This is due to the overhead Task Manager can cause when querying each Disk IO for each process/thread on the individual disk. Interestingly enough disk resource values are visible in the Processes view of Task Manager found on Windows 8.1.  Not to fret though, as enabling disk performance counters in Windows Server 2012 R2 / 2016  is far from being a daunting task.

Step 1: Enabling Disk Performance Counters

  1. Ensure Task Manager is closed.
  2. Launch the Command Prompt using the “Run as Administrator” option.
  3. Enter the following at the Command Prompt:diskperf -Y
  4.  Hit Enter.
  5. Close the Command Prompt.
  6. Re-open the Task Manager.

After running the diskperf command, the ability to view Disk performance statistics on the performance tab should now be visible.


Error 633: The modem is already in use or not configured properly – Windows 10



Issue: How to Fix Modem Error 633 after Windows 10 Creators Update?

I’ve installed Windows 10 Creators Update yesterday. Apparently it broke my modem because it gives me the error message “Error 633: The modem is already in use or not configured properly.” It seems that the VPN connection cannot be established, but I actually don’t know how to fix that. Help, please!

Solved Answer

“Error 633: The modem is already in use or not configured properly” is the Internet connection issue, which has occurred for hundred of Windows 10 users after the installation of Creators Update. Microsoft has already acknowledged this issue and is working hard to release the solution the near future. However, before the future update patching the modem Error 633 is released, Windows 10 users have to perform the fixes manually.

The “Error 633: The modem is already in use or not configured properly” is not bound to one specific device, so any model and PC model can be affected. The error message explicitly indicates the fact that the modem is malfunctioning due to the faulty configuration. However, Error 633 may also occur due to the multiple Internet connections set up on one device or communication port exploited by another application. Luckily, Microsoft officially revealed the instructions that people should use before the patch for “Error 633: The modem is already in use or not configured properly” is released.

Run Registry Editor

  • Press Windows key, type regedit, and press Enter.
  • Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasMan directory.
  • Find RequiredPrivileges key and double-click it.
  • Add the SeLoadDriverPrivilege at the end of the list of keys and click OK.
  • If a warning message shows up, click OK to proceed.
  • Finally, reboot the system.

This worked for me 🙂  Credits to : – UGetFix

Windows 10 – Cannot start Virtual machine because the hypervisor is not running

This post is just to fix if you cannot start a VM what was working previously perfect and suddenly it started to give Error

“Virtual machine [VM Name] could not be started because the hypervisor is not running”


I suggested running the following from an elevated command prompt: (Please run Command prompt as administrator)

bcdedit /set hypervisorlaunchtype auto

Shutdown the Computer , Unplug the Power code and wait for a while and switch on the computer.

Now try to start the VM

Additional info –


Second Level Address Translation is a technology introduced in both Intel and AMD flavors of processors. Both companies call their version of the technology different names, Intel’s version is called EPT(Extended Page Tables) and AMD calls theirs RVI (Rapid Virtualization Indexing). Intel introduced Extended Page Tables in its processors that were built on the Nehalem architecture, while AMD only introduced RVI in their third generation of Opteron processors codenamed Barcelona. Hyper-V uses this to perform more VM memory management functions and reduce the overhead of translating guest physical addresses to real physical addresses. By doing this, Hypervisor CPU time is significantly reduced, and more memory is saved for each VM.

How Do I Know If I Have SLAT?

Download Coreinfo from Microsoft Technet

[Mirror Download]

Run this command from a elevated command prompt

coreinfo.exe -v

if all ok it should be like this



Your system administrator does not allow the use of saved credentials to log on to the remote computer


If you’re a system administrator working with remote desktop a lot within a somewhat restrictive domain environment, you may be frustrated by the following message:

There are a few tutorials on the net that say to remove this you just need to go into Group Policy and disable ‘Do not allow passwords to be saved’, unfortunately that isn’t what this error message is related to. Instead, we need to change another part of Group Policy.

Hit Win+R to bring up the ‘Run’ dialog, enter ‘gpedit.msc’ and hit OK.

Run dialog with gpedit.msc

Go down the tree into Computer Configuration -> Administrative Templates -> System -> Credentials Delegation.

Group Policy -> Credentials Delegation

Now, you need to allow Allow delegating saved credentials and Allow delegating saved credentials with NTLM-only server authentication. For each, you’ll also need to allow a set list of servers that are explicitely allowed to save credentials, you can enter IP Addresses, Server hostnames, AD Domain name wildcards, or just any old wildcard. Since I wanted to be able to store credentials for everything, I just used a plain wildcard, and you can too!

Allow Delegating Saved Credentials with Wildcard

There we go, you’ll now automatically connect to your servers!

( source – )

Powered by WordPress and Bootstrap4