Category Archives: Windows

Upgrade to Windows 10 20H1 (2004) BSOD

Today when I tried to upgrade my windows 10 1909 to windows 10 20H1, I got multiple BSOD.
Based on the information on the BSOD screen, the BSOD were caused by some drivers (aksdf.sys, hardlock.sys, aksfridge.sys)

bsod 1

bsod 2)

After investigation, looks like all these drivers were Sentinel Data Filter Device Driver/Aladdin HASP Data Filter Device Driver, Which provided by Safenet.
I have no idea how these driver got installed into my computer, and I can’t remove them from control panel.

The fix is to download the Sentinel HASP/LDK Windows GUI Run-time Sentinel HASP/LDK Windows GUI Run-time from thalesgroup website

Install, then uninstall it, reboot.

After reboot, I can upgrade to windows 10 20H1 successfully.

Update Domain Controller to Windows Server 2016/2019 and move FSMO roles to new domain controller

I’m still using Windows 2012R2 as my home lab’s domain controller. Since MS released Windows Server 2019, so I think it’s the time to upgrade my test lab to Windows Server 2019.
The first server I want to upgrade is my domain controller.

Even though you can mount the ISO and click setup.exe to upgrade Domain Controller to Windows 2016/2019, but after a test, I found that this kind of “upgrade” is a fresh installation…If you upgrade your DC in this way, you will find after reboot, your DC is gone…You will only have a standalone server running windows 2016/2019 which is in a workgroup… I don’t know why MS permit people doing “upgrade” in this way and don’t show any warning message at all…

So how to upgrade DC to Windows 2016/2019 in the right way?

The right way is to build a new server, and prompt it to domain controller, and then move all FSMO roles to it.

1. Install a new Windows 2016/2019 Server.
2. Install “Active Directory Domain Services” on the server
3. Promote the server to a domain controller. Make sure you also installed DNS services on it.
4. Reboot the server.
5. Once the serer is up and running. Open Server Manager, then open “Active Directory Module for Windows PowerShell”
6. Run below command:

Move-ADDirectoryServerOperationMasterRole -Identity "DC2019" -OperationMasterRole 0,1,2,3,4

Press Y to move all FSMO roles to this server.
7. Run below command to make sure all FSMO roles are migrated to the new domain controller


8. demote the old domain controller and then remove the old DC from domain. And then shut down the old DC
9. Change the new DC IP address to the Old one. Then run below command to make sure all DNS records are updated and also no error.

dcdiag /fix

Install / deploy Office Professional Plus 2019

Microsoft released Office 2019 yesterday. But it seems Microsoft push very hard to get people move from traditional office to office 365.

After I login Microsoft Volume Licensing Service Center, I found that Microsoft stopped to provide the ISO for Office Professional Plus 2019. And Microsoft only provides the deployment tool to deploy office 2019.

Office Professional Plus 2019 will be released with Click-to-Run installation technology only. We are not providing MSI as a deployment methodology for Office Professional Plus 2019.

Ok, then how can we install Office Professional Plus 2019?

First of all, download Office_Deployment_Tools_2019_MLF_X21-88134.exe from Microsoft website.

Then create an xml file as following:

  <Add OfficeClientEdition="64" Channel="PerpetualVL2019">
	<Product ID="ProPlus2019Volume" PIDKEY="#####-#####-#####-#####-#####" >
		<Language ID="en-us" />
		<ExcludeApp ID="Access" /> 
		<ExcludeApp ID="Publisher" /> 
		<ExcludeApp ID="Groove" /> 
		<ExcludeApp ID="Lync" /> 
		<ExcludeApp ID="OneDrive" /> 

Please be aware “ProPlus2019Volume” is the only available channel for office 2019 “ProPlus2019Volume”.

3. Run below command to get office 2019 installed

setup /configure configuration.xml

And you can also download a copy of the installation files if you want via below command:

setup /download configuration.xml

RDP failed, and got system event ID 36870 fatal error occurred when attempting to access the SSL server credential private key.

It’s a wired issue.
Port 3389 is open, and can telnet to it. But if try to RDP to the server, the RDP connection will failed immediately.
And in system event log, there is an error message said “Description: A fatal error occurred when attempting to access the SSL server credential private key.”

After investigation, found out this issue was caused by the incorrect file permission were set on files within C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys.

So the fix is, grant system full control access to folder C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys as well as all files within this folder.

Prevent Windows 10 from Locking When Monitor Turns Off

1,open the registry.

2. Browse the following path:


3. On the right side, double-click the Attributes DWORD.
Change the value from 1 to 2.
Click OK. the Power User menu and select Power Options.

5.Click the Change plan settings link for the selected plan. then click the Change advanced power settings link.

6 .On Advanced settings, scroll down and expand the Display settings.
You should now see the Console lock display off timeout option, change the default time of 1 minute to the time you want, in minutes.
Click Apply.

Click OK to complete the task.