Replies

This happens on my work PC, a domain joined Windows 10 1809 PC, update KB4497934 (OS Build OS 17763.529).

These settings are being pushed via AD GPO, and that also apparently hides them. When I override them via local GPO, they become un-hidden again, though still grey’d out. It usually takes a gpupdate /force, a reboot, and occasionally even a little time for them to become hidden / un-hidden after enabling / disabling the local GPO.

This all makes me wonder, if some bug exists in 1903, that incorrectly causes them to be hidden as if they were set by an AD GPO, after they are set by the user?

What does everyone think?

In the Veeam GUI, just click the corresponding backup size bar to see the backup log. As long as it lists all volumes you want backups of, and completed successfully, she’s good. If you are interested, and it sounds like you may be, the log contains the size of data that was read from each volume (incrementals will be much less), and the stats at the top (restore point size) tell you how much actual storage space that backup run occupies (after deduplication and compression).

1 user thanked author for this post.

Slowpoke47

Wow, yeup, you are correct, lol. Honestly, just make sure the OS + filesystems you want to backup are supported, add the repo, install via package manager. It really isn’t horrible to setup. Think of it as an SSH text GUI of the Windows version 😉

The manual for the Linux Agent, or the full B&R solution? If memory serves, the manuals for the agents are much shorter…

I run the Linux agent on Debian. It also works great, zero complaints.

That is always awesome to hear!

Just a footnote, it may be a good idea to get a Veeam backup before you do anything more with updates, just in case.

Don’t forget to create recovery media! I have found the resulting ISO works well with YUMI in Fat32 added as “Try Unlisted ISO (GRUB)”:
https://www.pendrivelinux.com/yumi-multiboot-usb-creator/

1 user thanked author for this post.

Slowpoke47

After you make sure all your drives are healthy, I cannot recommend this enough:
https://www.veeam.com/windows-endpoint-server-backup-free.html

It is better than Windows Backup in every single way. Windows Backup has failed for me on backup, restore, consolidation, pretty much everywhere it could have, in multiple environments, and required manual intervention to fix.

VAFW has not failed on me one single time, and at this point I use it on far more endpoints and environments than I ever used Windows Backup on.

4 users thanked author for this post.

Slowpoke47, Microfix, Cybertooth, PKCano

I genuinely don’t see why Windows 10 is on the list of effected OS’s. No edition of Windows 10 supports installing the DNS server role. I think this is either a mistake, or simply patch overlap with the server editions. Note, that Windows 2012 R2 is listed, but Windows 8.1 isn’t.

MS says the vulnerability has not been publicly disclosed nor exploited. Unless you are protecting state secrets, it should be safe to hold off on patching, unless this status changes.

1 user thanked author for this post.

Mr. Natural

Imagine if Android had a 10 device limit per Google account (SMH)

1 user thanked author for this post.

WildBill

No, the registry can be updated live. MS doesn’t want to put the R&D into dynamically reloading updated OS components, and so forces a reboot to load updated components.

MS actually was going to make reboot-less updates a feature of Vista I believe, and (like many other significant Windows improvements) completely abandoned the project… I don’t recall reading anything that stated MS’s reason for doing the ole “mission abort” on this one…

2 users thanked author for this post.

Cybertooth, HiFlyer

I would bet the EoL of 1607 is a large contributor as well, especially since the following “bug” made it into the very last cumulative update for 1607:

only the latest Windows 10 feature update is returned as applicable. This prevents the deployment of previously released feature updates using ConfigMgr (current branch) and Windows 10 servicing plans.

This “bug” was fixed, in the very next update, that would not install on 1607. How convenient.

So, the only way to go from current 1607, to 1709, is to manually download the 1709 ISO / install files, and use them to upgrade. Yeah…

I’ll be doing this personally, but how many other users do you think will? I’d put money on much much less than 50% ;-D

1 user thanked author for this post.

woody

Microfix wrote:

2. How do these 3rd party patches affect the system integrity? sfc /scannow (verifyonly..etc)

0patch does not in any way effect filesystem integrity. It is strictly a memory patcher, i.e. all patching happens in RAM only, on demand (when the code to be patched is called into RAM). This is why patching & unpatching with 0patch is more or less instant, and extremely safe.

Microfix wrote:

Edit: does have an installer/ uninstaller

There’s just too many unknowns for people without VM’s and I’d happily advise those without a Windows VM not to use 3rd party patches, not everyone is a technical expert. Wait…MS will fix it (fingers crossed, based on last 5 months anyway) 

Normally I would not recommend 3rd party patches either, but 0patch is an extremely well structured, organized, and tested solution. Honestly, it’s exactly how every vendor should quickly roll out patches for in the wild exploits. Instant apply / unapply, in memory only, nothing is ever permanently modified, I could go on all day…

Patches from other sources, especially in persistent “modify on disk data” form, I would avoid like the plague.

2 users thanked author for this post.

columbia2011, Microfix

1507 and 1511 do have Server editions. They are pre-release, but they exist none the less. Meaning, additional Server testing was indeed happening for all versions, except 1703.

You may be spot on, about the mix, and 1709 having issues also. Time will tell…

Has anyone else noticed, that 1703, is both the only version to NOT have a Server edition based on it, and the only version (so far) to suffer the insane “sorry, we blatantly ignored your update settings / group policy / etc” recurring issue?

Fact check with the screen shot from:
https://www.askwoody.com/2018/will-win10-1803-be-called-yuck-spring-creators-update-yuck/

Ok, as long as we’re venturing down memory lane… WinHacker95 anyone? Best s**t ever…

Also, the only real thing that’s changed, *as far as DOS based firmware updates go*, is that we are now using USB devices, booting what is essentially an image of those old DOS floppies, rather than floppies themselves… AKA all that’s really changed, is the physical device itself, to boot and apply the update(s) from.

Coincidentally, this is one of the best methods to open up and apply the firmware reversions discussed earlier in the thread. The DOS utilities typically have CLI switches, to enable things like skipping the version compare.

2 users thanked author for this post.

Elly, Danster