OneDrive for Business 'Authentication Protocol Not Supported'

January 27, 2016 by Ed Sparks

OneDrive for Business (ODB) has become a major selling point of the Office 365 cloud platform for small and medium business, particularly as the service moved to virtually unlimited storage, and many of the limitations that remained from its SharePoint based architecture have been removed or improved upon.

Unfortunately, an ongoing low point of the experience has been the sync client. Based on outdated technology Microsoft acquired from the disaster that was Ray Ozzie and his Groove product, it has gone through a myriad of name changes and tweaks, none of which ever seemed to solve the problems. It would often throw errors and most egregiously in this era of Ultrabooks and small SSD drives, had no selective sync capability.

Thankfully, Microsoft is finally turning a corner with the overall reliability and functionality of ODB, and is at last merging and improving the client experience with the Next Generation Sync Client. However, this client is still only in 'First Release' stage, remains unavailable for Windows 8.1, and only supports ODB itself, not other SharePoint libraries. They've indicated all of these will be solved in the 'first quarter 2016' so here's hoping. If you're using only ODB and on Windows 7 or 10, we highly recommend using the Next Gen client.

However, for those on 8.1 or with more complex needs the (previous gen?) OneDrive for Business client remains the only choice, complete with bugs. One of the most frequent glitches we see - and there appears to be no consistency as to why it shows up or when - is the dreaded Unsupported Server message

The server you are trying to access is using an authentication protocol which is not supported by this version of Office

This often happens for users when they first logon and the OneDrive for Business client launches, but can also occur when setting up a sync for the first time. It's our hunch that this is related to TLS changes Microsoft made on the server side as part of discontinuing old ciphers and encryption, but there's never been any good communication or clarity from them on what changed. More frustratingly, there's also been no useful instructions from them on how to fix this.

We've therefore put together the following steps gleaned from numerous forum posts and tests that this consistently fixes the problem, albeit with a bit of work.

Shut down the OneDrive for Business Desktop Client (dark blue cloud icon), by right clicking and choosing Exit. This sometimes causes the client to crash, and then restart itself and perform recovery steps (which won't work). If so, simply repeat the Exit step and it should close correctly.
Close all Office 2013 or 2016 desktop applications - Word, Excel, etc.
Remove the following folders from the user's profile

c:\users\<username>\appadata\local\microsoft\office\sp
c:\users\<username>\appadata\local\microsoft\office\16.0\OfficeFileCache (if it exists) c:\users\<username>\appadata\local\microsoft\office\15.0\OfficeFileCache (if it exists)

These folders will be automatically recreated by a repair, and the applications.
Open Control Panel, and search for and open Credential Manager. Under the Windows Credentials section, find an remove any Generic Credentials related to the Office 365 account in question. These will be in the format
MicrosotOffice16_data:SSPI
or similar
In Control Panel / Programs and Features, find the Microsoft Office 365 Business or ProPlus install, then Right Click and choose Change.
Select an Online Repair and click Repair.
When the Online Repair is complete, click Start and search for OneDrive for Business desktop client, and open it.
OneDrive for Business should ask for the Office 365 account logon and password information, and then proceed to sync correctly.

Windows 8 Unexpectedly Closes Explorer Windows

October 29, 2015 by Ed Sparks

A strange quirk noted at several customer sites recently - and apparently fairly widely reported - is users with Windows 8.1 or 10 experiencing their File Explorer windows disappearing in the middle of using their system.

The cause is due to newly introduced behaviour in Group Policy Preferences (GPP) for Drive Mappings. Prior to Windows 8.1, GPP Drive Mappings would only get added or updated at logon. Now, the preferences will apply whenever the Group Policy Background Refresh cycle occurs.

A side effect of this new behaviour is that any Drive Mappings that are configured with an action of Delete or Replace will cause File Explorer to disconnect the drive (and thus handles to any open files!) and then recreate the drive mapping. While it does this, it kills the actual opened window for any folders on that drive. It happens quickly, so many users don't notice any other symptoms except their File Explorer windows disappearing, along with occasional inability in open files.

While it's understandable why Microsoft implemented this improvement to allow on-the-fly changes to Drive Mappings, this is poor default behaviour and not obvious to users. Even a warning popup would be nice.

The trick to resolve? Make sure the only action for GPP Drive Mappings you use is Update. The good news is this action works in almost all scenarios, including if a user were to map the same drive letter to some other resource themselves (while at home, for example). In this instance, the GPP will override their mapping. Update also creates a new mapping if it doesn't exist before (which isn't clear from the name 'update')

Of note, this issue obviously only affects corporate users, as home users don't normally use Group Policy. If you're seeing this on a non-domain machine, let us know in the comments.

Side Note: Love the 1990s era WIndows XP UI that still exists in Group Policy, Microsoft

Windows 10 Update Goodness

September 8, 2015 by Ed Sparks

Though on a slow boil since Microsoft first began announcing the changes to updating Windows 10, there's clearly some great thinking going on in this regard.

Two items we've found to be of great value in our first few weeks of Windows 10 are:

Cumulative Update Rollups
Like many of their Server products, Microsoft is now rolling all of the Windows 10 Updates into single packages that replace the previous, and are also smart packages that only download what's new and changed to an individual system. Plus, unlike older Windows releases that always promised to (but never really did) update during the Setup phase, this time it really does seem to work!

What's wonderful about both of these changes is you don't finish installing a brand new copy of the OS only to sit fore 6 hours longer installing hundreds and hundreds of updates. At most it's a few and a single reboot. For almost all consumers and small business this is a huge win!
Smart Updater
Unlike Windows XP, Vista or 7 which obsessively nagged with popups and prompts, or Windows 8 that didn't seem to tell you much of anything then would jarringly slap a full screen notification or do weird things with "Maintenance Cycles" that nobody understood, Windows 10 finally seems to have an updating system with some smarts.

The OS will quietly do its thing with updates in the background, then throw an alert in the notification center that it needs a reboot. You can go schedule a new time and - get this - if you're actually busy working away when the scheduled reboot time comes, it knows you're in the middle of work and just shuts up and goes away. It doesn't just mindlessly start rebooting! Genius.

It appears the system looks for interactive input on the machine, and silently reschedules in the background for later in the middle of the night. Good stuff!

Up Next!
Coming soon are a lot more changes as part of the Threshold 2 release (i.e. the real version of Windows 10) including the various Servicing Branches: Current Branch (CB), Current Branch for Business (CBB), and Long Term Service Branch (LTSB). Plus, the related back-end service Windows Update for Business. We can't wait!

We did, however, find it difficult to find documentation on the branches and what options and features comprise each. The best information we've found is on a Betanews page linked here. It includes information on what is forced by default, what can be delayed, what components and apps are included by default, the delivery options (i.e. WSUS, WUB, SCCM, etc.), and how long the various updates can be pushed back before the system mus be brought up to a certain build. The article includes a great Infographic from a company called Adaptiva which we've included below, as well.

What does seem consistent across the board is that for all branches except LTSB, security/critical updates will be pushed immediately - direct to the OS via WU/WUB or to WSUS/SCCM - regardless of the chosen options for "deferring upgrades" in Settings. So it should be relatively easy to stay secure, but test new features on a more leisurely schedule. (i.e. wait for others to have problems.)

Microsoft really would do well to talk and document more about this soon. Momentum is building, and some information would go a long way to inspiring confidence in this new system.

Lenovo Yoga on Windows 10

August 1, 2015 by Ed Sparks

Updated June 2016

It has often been a tricky process to locate all of the correct drivers for Windows-based systems after a clean install. Windows 10 is doing a much better job of this in general, and Microsoft - somewhat controversially - is collecting and pushing newer (and hopefully more optimized) drivers via Windows Update. What's different from the past when using the Home or Pro versions of Windows 10, is the inability for users to opt out of these updates, except via a recently published tool. We have to think this will get integrated into the OS UI directly at some point, but for now that's where things are at.
Update: they seem to have become much less aggressive at pushing these out, particularly video drivers. However, the Redstone builds still do not seem to have a native way to hide or block any updates, other than via delaying them via Windows Update for Business branches.

In our testing of the initial release of Windows 10 across various models, once again Lenovo consumer-class systems proved the most troublesome at getting all the functionality working smoothly. What's particularly frustrating is the missing drivers are for core parts of the Windows 10 experience. None highlight this more than the Yoga 2 Pro and 3 models..

As convertible laptop/tablets they are prime candidates to utilize the Continuum feature built into Windows 10 to smoothly switch between a desktop focused and a tablet-oriented experience. Fire up your freshly installed copy of Windows 10 on these, however, and...it doesn't work. Continuum has no idea you have a tablet, and flipping the screen around leaves you with a keyboard and mouse happily typing away from your knees. Wonderful.

Navigating Lenovo's support site - even the one dedicated to Windows 10 - presents a sea of circular links and pages, none of which ever bring you to a solutionLikewise their forums are the usual endless cries for help, and little valuable or official information. What also doesn't help is that Lenovo continuously changes the names and types of software that they arbitrarily bundle the required drivers with. "Yoga Mode Control," "Harmony (Picks)," "Energy Manager" etc. Good luck making heads or tails of that.

We have to again wonder why on an OS where user experience is so important, and meant to further push sales of these convertible systems, this is not BUILT INTO the OS? There can't honestly be that many different types of sensors and hardware that support this across the ecosystem.

So, what works? We've found the following are what's needed after Windows 10 to make these systems fully functional...for now. Note that these options seem to work across all the various Yogas and other Lenovo tablet like consumer products.

Install this (chipset) and this (DPTF) - to fix missing devices in Device Manager.
Update: These are often no longer needed in the newer builds of Windows 10 (1511 and Redstone 1607 Insiders).

Install ONLY this on a Yoga 3 ("Yoga Mode Control") or this on a Yoga 2 Pro ("Harmony") to restore tablet functionality. This software runs services that disable the keyboard and trackpad when you switch to tablet mode, and triggers Continuum to sense you have a two-in-one.
pdate: Install only one of the above that applies to the appropriate model. Yoga Mode Control itself (first link) has been known to blue screen older Yoga 2 Pro based systems. Harmony includes an older version of this driver.

Our advice: skip everything else on Lenovo's site, and let the OS handle the drivers. It's mostly junkware. Particularly their ridiculous "Energy Manager" and "OneKey Optimizer" software.

Creating a Bootable Windows 10 USB for Lenovo Systems

July 30, 2015 by Ed Sparks

Lenovo makes a great deal of excellent, well-engineered hardware, but Lenovo makes some of the world's most truly awful software. They seemingly could care less about the user experience.

Time and time again they prove this with crappy driver support, the unforgivable "Superfish" debacle, a dizzying array of pre-loaded bloatware (even on their corporate systems), confusing and slow websites and obscure design decisions. Who would think to make users hit a tiny pinhead button you can barely see to enter the System Settings. Better yet, make them hold down the FN key, instead of just hitting the F keys at startup.

For example, on a $1500+ high-end Ultrabook, they seriously provide this utility - in 2015 - to upgrade your firmware. Spare us.

Much of Microsoft's excellent work with Windows is undone by this consistently ignorant vendor, who is allegedly one of their biggest and best partners. With friends like these, hey?

It was no surprise then when we went to install Windows 10 on multiple Lenovo systems that, of course, the normal utilities didn't work. Even Microsoft's provided utilities to create a bootable USB to install from scratch failed on Lenovos. One of our systems even blue screened with INACESSIBLE_BOOT_DEVICE after attempting the upgrade.

By contrast, the Dell and HP systems we tried: smooth sailing.

The issue with booting from USB on Lenovo systems like Yoga 2 Pro, Yoga 3 Pro, etc. is that they use the newer (and now fairly common) UEFI instead of the old BIOS. But they, unlike many other vendors, very specifically need to boot from a USB disk formatted with a more obscure compatibility MBR Partition Scheme AND FAT32 file system. No other combination will work, and your shiny new Lenovo will happily and continuously ignore your USB drive at boot.

Ignore the other advice you may find online about switching to Legacy Modes and things of the such in the UEFI Settings. You'll get yourself in a bigger mess, and screw up Secure Boot and lower performance.

The solution is to download the excellent free utility Rufus, and use it to create the correctly configured USB disk.

1. Use Microsoft's utility to download the combination 32 bit and 64 bit ISO installer.
This was the only option we could consistently get to work correctly.Let Microsoft's 
utility create a USB drive, then copy all the files and folders in the root to a temporary 
folder on your hard drive.Incidentally, you can sure tell a lot of care and attention was
put into this utility, hey Microsoft? cestina? Great default.

2. Run Rufus and choose MBR partition scheme for BIOS or UEFI. Leave everything else the 
same and click Start.

3. When complete, copy all the files and folders from your temporary location back into the root of your USB disk.

4. Connect to your Lenovo system and it should boot correctly.If it's not set to boot from USB, power it off, then press the tiny tiny dot on the side to do a custom startup, and 
choose Boot Menu

Thanks, once again, for the adventure Lenovo.

Windows 10: Beautiful and Buggy

July 30, 2015 by Ed Sparks

Update: Another day after this was written, and we've upgraded a number of our main production Dell Windows 8.1 systems to 10.
The process was remarkably smooth, and kudos to Microsoft for how well everything migrated. It is now our belief that more of the issues noted below are specific to Lenovo hardware.

This will be a living document as we find and add new bugs, and those that are (hopefully) fixed by the rapid release cycle intended for Windows 10. Feel free to submit bugs you've found in the comments.

The change at Microsoft since Satya Nadella took over Microsoft has been swift, and impressive. While there are still some questionable decisions and priorities the overall direction, mood and product quality have taken a significant turn for the better.

Few projects show off this new Microsoft as much as Windows 10. In contrast to the black hole that was the Windows 8 development process - and the subsequent trouncing it received from the press and customers - Windows 10 was from the start a project run in a starkly open manner, and the right goals. For that, and what has resulted, it is being almost universally praised.

Through Twitter, forums and most importantly the Insiders Program, Microsoft showed they actually - finally - give a damn about their most visible and important product, and what those of us who use and support it might actually think about it and want. Profound.

We've been testing Windows 10 since the earliest of builds - which were ludicrously buggy and unpolished - but still showed a great direction. It's been enjoyable to watch it mature and develop into what's going to be a fantastic OS.

The problem? It's not going to be a fantastic OS until October; when it was originally planned to be released. Instead, in order to follow the current trend of release fast and often, and to hit the back to school season, it has been shoveled out the door to consumers. But oh my, is this thing overflowing with bugs. It's full of promise, but painfully quirky. More importantly, bugs that have persisted in Windows for literally years; and through multiple full versions; solider on untouched.

While it's exciting to see this released to the world, and it's a big step up from Windows 8, we fear that by rushing this thing out Microsoft has proven once again they can't make something that works right the first time. It also shows how - still - the PC vendors are the weak link in this entire thing. While an improvement over previous generations of Windows, it's still a frustrating disaster trying to get up to date drivers, and often endlessly searching horrible support sites for bits and pieces that may or may not work. It's both sad and ridiculous how badly Lenovo and the likes can continue to screw this stuff up.

The Reality

Here's the bugs we've found running it on three systems over the course of a few days since "the big day." This is using the July 29 10240 build - with all the patches - on modern Core i5 and i7 Ultrabooks and Convertibles.

Allegedly a Service Release 1 is coming within the next week. We can only hope, because, wow, just wow. Put this thing back in the oven.

The White Screens and Missing Apps

These happen very frequently when resuming from sleep. It appears to be bugs with the WWAHost.exe process, which is the actual host process that all Universal (formerly Metro/Modern) Apps run under. From our experience many times that process just crashes on sleep or resume, and takes down all the Apps with it. Other times WIndows.UI.Xaml.Dll - XAML being one of the fundamental building blocks of Universal Apps - appears to crash, and creates what we've dubbed "The White Screens." That is, the Universal App appears to be running, and still doing things, just the entire presentation layer is converted into one big white, unusable box. The only solution is to restart the App. This happens constantly in Edge, Mail and the Store.

I Can't Get No Sleep

There is a 205 page thread on the site EightForums discussing thousands of people - us included - who to this day cannot ever get Windows 8.x to reliably idle to sleep. This same fate befell Windows 7 before it, and I dare you to find more than a handful of Windows users who honestly believe their laptop will always sleep and wake up reliably. Apple has consistently nailed this (and power management in general) across their devices, but here we are on day one of "The Best Windows Ever" and a nearly new laptop sits wide awake until the battery nearly dies. There's a "known issue" with Cortana - one of the key features of the new OS - already causing this. The "SRVNET" networking glitch that's existed since Windows 7 - still going. Who knows what else!

This is flat out ridiculous BS. PLEASE FIX THIS FOR GOOD, MICROSOFT.

Touchy Touch Pad

Another area that Apple understands is SO important to the overall sense of polish, and ongoing satisfaction with the system is their exceptional touch pads. While this is mostly the computer manufacturer's fault, this just needs to get fixed once and for all. Microsoft needs to take control of these crucial drivers and experiences, and refuse to allow the bundling of the profoundly awful Synaptics software, and the like.

Why does this 1990s piece of junk still exist on this beautiful OS with the modern UI? — Why does this 1990s piece of junk still exist on this beautiful OS with the modern UI?

Not only that but they removed many of the touch gestures, so in programs like Edge we now can't swipe back and forth around web pages and apps, and the multi-finger touch pad equivalents appear to be gone as well, supposedly unless you have the new "Precision Touchpads" - available in the Surfaces and one Dell XPS 13 model. Bonus: The Synaptics drivers (freshly delivered from Microsoft Update) appear to crash a lot, and we then further lose the ability to even scroll with the touch pad until reboot.

Universally Different

Let's give credit where its due: the Universal Apps are, uh, universally much more attractive and functional than the ugly Fisher Price UI equivalents that were Windows 8 Apps. This almost HAS to go better for Microsoft this round, as it fits the look and feel of other platforms, and should attract developers. However, the first party Apps Microsoft has shipped are completely all over the map and rife with inconsistency. Some have black UI, some have white, some have shadows, some don't. The buttons are all in different places, and different looking, or don't have buttons at all. Some are dots, some are gears. Cut and Paste doesn't work very reliably (seriously). Even text selection is randomly different in the Mail app, than it is everywhere else. On it goes.

Plus, we seem to get this weird hangover of Windows 8 where randomly something will slide awkwardly from the right hand side. They're apparently still trying to target touch friendly devices, but we miss all the wonderful edge swiping UI in most other modern OSs, including when using Windows 10 Mobile. Windows 8's UI was completely non-discoverable. Now it's just partially non-discoverable.

Even the Shell/Windows Explorer has about six different UIs and shows just how completely mashed together this thing is. You even sometimes see windows come up first drawing the old school Windows GUI, then quickly covering it up with the newer style. It just feels so unpolished. Last, but not least, File Explorer looks like it's frozen in time from Windows XP, with horrendous icons, despite a barrage of negative feedback during the course of the Insider Program.

Groove to the CPU Fan

On the Lenovo laptops - no matter what we do with audio drivers - Groove Music takes 30-40% CPU. Constantly. Even not playing music. Generally this means we get to enjoy the fan, more than the music. It's not indexing or doing anything interesting. It can even just be sitting doing nothing.

The Edge of Frustration

The new Edge browser is fast and a huge step up from Internet Explorer, obviously, but it in addition to only being half done yet: no extensions, etc., it also has some glaring problems. We still find it slow at loading large sites where it seems to struggle to load the graphics and draw the pages if you scroll while it's loading. Chrome can load the same site without this problem.

The most glaring problem we found though is downloading files. On all of our systems, if you download a program executable, it will happily download (and annoyingly without any prompt or ability to choose where to put it), then present a Run button. Clicking this effectively locks up the browser, and the downloaded program isn't run.

The problem is it throws up a User Account Control prompt that gets stuck in a layer somewhere that won't interact with the user. The browser is then stuck for eternity waiting for a prompt that' can't be clicked and won't timeout. The only solution is to kill the process.

How did this honestly get released with such a showstopper?

OneHell

As noted pretty much everywhere online, OneDrive is a huge step backward. It lost placeholder support from Windows 8, and to this day the sync engine is terrible and constantly gets stuck. Microsoft is supposed to be creating a new sync engine and single client for OneDrive and OneDrive for Business. It can't come soon enough as this icon is all you'll ever see.

Overall we found the experience to be significantly worse on Lenovo hardware than on Dell, which seemed to upgrade and run smoother, but the quirks are just rampant the more you use this.

e love you Windows 10, but please get better, and fast. To our business customers - wait until October.

Networking via PowerShell

May 11, 2015 by Ed Sparks

PowerShell is clearly the way forward at Microsoft, particularly as more workloads are moved to the Azure cloud. Learning the language of POSH, as it's colloquially become known, is definitely one of the best investments in time an administrator can make. It always amazes me how powerful and consistent this language is compared to the multitude of obscure and non-standard tools of the past.

A great example is replacements for our old friends ping, tracert, ipconfig and the like.

There's a great article on Technet that describes some of the more useful and common ones.

Go forth and Get-NetIPConfiguration today!