You might get error 2147944018 Another installation is already in progress, while updating Win10 workstation to a higher version. This can be seen in updates deployment.log
This applies to Feature updates through SCCM.
Solution :
Kill the process setuphost.exe
Restart the update installation.
Recently, there was requirement that I needed to generate report on user logins from a specific DC. Then, based on usage, that DC could be taken down.
User logins are logged into the Security Evenlogs on a DC. So, you can check Security eventlog for event ID-4624.
Solution:
The basic script was taken from https://www.netwrix.com/how_to_get_user_login_history.html?var=b
But it outputs only to the console.Generating a report in CSV readable format was a challenge.So, modified it for this. CSV output is saved in output.txt
It scans through Eventlog for last 90 days logins.
The script:
# Find DC list from Active Directory
$DCs = Get-ADDomainController -Identity <your DC>
# Define time for report (default is 1 day)
$startDate = (get-date).AddDays(-90)
# Store successful logon events from security logs with the specified dates and workstation/IP in an array
foreach ($DC in $DCs){
$slogonevents = Get-Eventlog -LogName Security -ComputerName $DC.Hostname -after $startDate | where {$_.eventID -eq 4624 }}
$output = ""
# Crawl through events; print all logon history with type, date/time, status, account name, computer and IP address if user logged on remotely
foreach ($e in $slogonevents){
# Logon Successful Events
# Local (Logon Type 2)
if (($e.EventID -eq 4624 ) -and ($e.ReplacementStrings[8] -eq 2)){
$timegenerated = $e.TimeGenerated
$user = $e.ReplacementStrings[5]
$workstations = $e.ReplacementStrings[11]
Write-output "Type Local Logon,Date:$timegenerated,Status:Success,User:$user,workstation:$workstation" | out-file output.txt -Append
}
# Remote (Logon Type 10)
if (($e.EventID -eq 4624 ) -and ($e.ReplacementStrings[8] -eq 10)){
$timegenerated = $e.TimeGenerated
$user = $e.ReplacementStrings[5]
$workstations = $e.ReplacementStrings[11]
$IP = $e.ReplacementStrings[18]
Write-output "Type Remote Logon,Date:$timegenerated,Status:Success,User:$user,workstation:$workstation,IP address:$IP" | out-file output.txt -Append
}}
And, the settings, documents are not available.
Solution: The solution involves registry edit, so be careful and take a backup.
While signed in to the account with the temporary profile, open a command prompt.
Enter the command below into the command prompt, and press Enter.
whoami /userMake note of the SID (Security Identifier) for this current account. You will need to know the SID (ex: S-1-5-21-....-1001) for your account
If this account is a standard user, then you will need to sign out and sign in to an administrator account to be able to continue on with the steps below.
Open regedit.
Navigate to the ProfileList key at the location below in the left pane of Registry Editor.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
Find the userid
If it is listed as SID.bak, rename it without .bak
If it is listed as without .bak, then updated the "Profile Imagepath" Value name with correct path.
The whole solution is described at - Fix You've been signed in with a temporary profile in Windows 10 | Tutorials (tenforums.com)
Problem: Error Result = 0x87d00668 in Updatesdeployment log during patches installation
Solution: