This page is a collection of developer and configuration issues for any kind of Windows development in question and answer format that does not better fit in any of the other pages. Nearly all of these tips are for user-mode code or programs. Other than this, they may apply to the Win32 API, C#, scripting languages - anything on Windows.

Q: Marking a code segment in user mode as non-pageable does not work: when the process loads, the segment is neither locked nor allocated from the non-paged pool. How do I fix this?

A: The Windows user-mode program loader does not honor this attribute as it is intended for use in kernel mode. To accomplish the same effect once the program is loaded, you must manually mark a memory region as locked by doing the following:

    1. Determine the starting address and size of the regions to make non-paged. In user mode, this is called working set locked.

    2. Total the size above.

    3. If on a 32-bit system, you must call AdjustTokenPrivileges to enable SeLockMemoryPrivilege, and the system must have AWE extensions enabled. Neither are necessary on Win64.

    4. Call SetProcessWorkingSet with the total from step 2 plus some additional buffer to ensure other key areas - such as the stack guard page - are included. If this step is skipped, VirtualAlloc will fail with error code 1453 (0x5ad) or ERROR_WORKING_SET_QUOTA: Insufficient quota to complete the requested service.

    5. Call VirtualLock on the region(s) to lock.

The only commonly available tool that can report this locked user-mode memory is SysInternals VM Map! Task Manager and Process Explorer WILL NOT REPORT the locked pages! Both can display nonpaged memory, but these values show a process's consumption of the kernel-mode nonpaged pool. The user mode locked allocations are not backed by memory from this pool. Consequently, neither Task Manager nor Process Explorer will report them. To verify the locked status of the memory, run VMMap and checked the Locked WS column, for Locked Working Set. Note also that the SysInternals tool RAM MAP is unable to distinguish locked user-mode pages from any other pages.

Q: I can't capture the contents of a Internet Explorer 9 window or a DirectX window using the tried-and-true GDI method of copying the window contents using it's DC - I just get a black hole where the window contents should be. How do I fix this?

A: It may be impossible except on Windows 7. For any DirectX-based app, which now includes IE9, GDI is not aware of the windows contents. DirectX essentially cuts a hole out of the GDI surface and owns that part of the screen. If the window is visible, you can use the DirectX APIs to copy the front-buffer of the display surface and then extract the window contents from that screenshot. If the window is not visible, you're stuck, except on Windows 7. On Windows 7, it should be possible to get the contents using the new Desktop Window Manager. See this link for more information and sample code in C#, dependent on the SlimDX library on CodePlex. Other useful notes:

Capture via WM_PRINTCLIENT even if not supported

Three methods (classic, DirectX, Windows Media) for capture contents of visible window

Q: Outlook crashes when reading a message all of the sudden. How do I fix this?

A: There are many causes. Trying running outlook in safe mode, with /safe. If this doesn't work, try restarting the print manager. If this works, it's a printer driver issue, although the issue could be with any installed printer driver. First, check for any trial printer drivers that may have timed out and remove them. Next, do the following to resolve this on Windows 7:

    1. Go to Control Panel|Administrative Tools|Print Management

    2. Click All Drivers

    3. Select all listed drivers

    4. Right click and select Set Driver Isolation|Isolated.

For more possible solutions, see the Microsoft Outlook problem reference at

Q: How do I increase the VMWare BIOS boot screen delay so I can get into it?

A: Do the following:

1. Shutdown the VM, and if it is displayed in the VMWare GUI, close it.

2. Open the VMX file in the VM's directory

3. Add the following line:

bios.bootdelay = 20000

4. Save and restart the VM. You should now have a 20 second delay at the BIOS screen.

Q: How do I give a VMWare VM a static MAC address?

A: The steps in the VMWare user's manual are incorrect, but close. Follow these steps:

1. Close the VM. Otherwise, the file may be locked or your changes could be overwritten.

2. Open the VMX file in a text editor

3. Find and delete the following entries for the ethernet device you want to change. Replace N with the device #:



4. Change the ethernet<N>.addressType entry to static, so the line looks like:

ethernet<N>.addressType = "static"

5. Add a fixed MAC address using the format shown below. XX, YY, and ZZ must be hex values. XX must be <= 3F.

ethernet0.address = "00:50:56:<XX>:<YY>:<ZZ>"

Q: I installed VMWare on Windows 7, but host only networking isn't working. VMNet1 on my host shows with a 169 IP, although it's configured to use a static IP, and so I can't ping the host or vice-versa. Firewall is off. Why can't I communicate via IP?

A: Edit the properties for the VMNet7 connection and set a default gateway using the physical machine's IP in VMNet1. Windows 7 has categorized the VMNet1 connection as undefined, making it unreachable. VMWare unintentionally causes this by not setting a default gateway. This can also be caused if the connection is configured to use DHCP, but there is no DHCP server currently.

Q: I installed GT Suite on a Windows 7 machine, but it fails the self-test with "Generating combined dat file - Access Denied."

A: Run GT Suite as admin. GTI tries to open it's example file GTI\v7.1.0\examples\RunMeFirst.gtm for GENERIC_WRITE, but since GT isn't elevated and the file is under Program Files, the open fails. When run as admin, GT doesn't actually modify the file.

Q: In MATLAB, when I open a Simulink MDL file I get the error "Error using ==> open - <filename> is an invalid model name or the file <filename> does not exist". The file exists and works elsewhere.

A: Do one of the following:

1. Change the directory shown in the MATLAB Current Directory window to be the directory your file is in

2. Add the directory to MATLAB's search path by entering path(path, '<directory path>') at the MATLAB prompt, then run it by entering sim('file node name and ext>') at the MATLAB command prompt.

Q: In MATLAB, I get the error "Unable to open model file - ??? Error using ==> sim - Unable to load block diagram 'EngineController.mdl'"

A: The file format is invalid for this version of MATLAB. There are three causes:

1. 0-byte file

2. Newer file with old MATLAB. Reference point is Simulink 6.6/R2007a and newer.

3. Older file with new MATLAB. Reference point is Simulink 6.6/R2007a and newer.

In cases 2 and 3, the MDL file is using simulation components, called blocks, that this version of MATLAB doesn't support. The included blockset changed as of Simulink 6.6 (R2007a). If the file was created with a newer MATLAB/Simulink, download the update. You will need the license login and password to get access to the updates on the web site. If the file was built with an older MATLAB/Simulink, use this conversion tool to update it


Q: Where can I find documentation on the MATLAB file format?

A: MATLAB files:

Simulink MDL files:

Q: How do I install MATLAB 14 on Windows 7?

A: Set the display theme to Windows Classic, then run the setup.exe as administrator.

Q: When I uninstall MATLAB 14 on Windows 7, I get "Bummer - Uninstaller Error! - Exception calling main."

A: MATLAB 14 is not compatible with Windows 7, so your results may vary. To attempt to resolve this:

1. Go to Control Panel|Appearance and Personalization|Personalization|Change the Theme

2. Select Windows Classic

3. Start|Run the UninstallString for MATLAB so it is run elevated (HKLM\SW\Microsoft\Windows\CurrentVersion\Uninstall, search for MATLAB. If on Win64, HKLM\SW\Wow6432Node\...)


Q: When I open a MATLAB MDL file, I get the error "Warning: Unable to open model file '<filename>'", but the right file is in the same directory and GT Suite is installed and licensed. In the model, my GT node shows as red with the error "Bad Link." If I try too run the simulation, I get many warnings and the error "Failed to find the library 'gtlink70'..."

A: In MATLAB, select File|Set Path, click Add Folder, then browse to the directory where gtlink70.mdl is, typically GTI's v7.0.0\simulink directory. NOTE that this file changes between GTI revisions, so a MATLAB model using GT Suite 7.0 will not work if GT Suite 7.1 is installed on the machine.

Q: I get "Specified GT data file does not exist in the working folder" when running my MATLAB simulation embedding a GT Suite file. The filename is correct and the file exists in the right directory.

A: Double-click the GT node in Simulink and remove the ".dat" extension from the GT-SUITE Data File field.

Q: In the GT Suite Simulink Coupling tutorial, where do I find the SensorCon and ActuatorCon parts?

A: Select Window|Tile with Template Library to show the template library. The Template Library window is not visible by default and there is no control or menu item to "open template library".

Q: In the GT Suite Simulink Coupling tutorial, how do I create a link between parts?

A: Right click in the workspace and select Create Link Mode.

Q: In the GT Suite Simulink Coupling tutorial, how do I create the SimulinkHarness object? I can't drag and drop.

A: Right click the CONTROL\Components\SimulinkHarness node in the Mini Map and select Add Object, then enter a name and click OK. Next, drag the new object that appears underneat SimulinkHarness to the workspace.

Q: In the GT Suite Simulink Coupling tutorial, I can't find the menu option "Create .dat file"

A: It's under Run|Run Simulation Utilities|Create .dat file. The tutorial incorrectly describes it as being directly on the Run menu.

Q: In the GT Suite Simulink Coupling tutorial, where did the .sim file come from?

A: This is generated when you create the .DAT file.

Q: How do I create a SimuLink simulation?

A: Follow these steps:

1. Start MATLAB

2. Click MATLAB's Start button at the bottom of the MATLAB window

3. Select Simulink|Library Browser, then File|New|Model.

Q: Where are the parts for the MATLAB simulink_model in the Simulink library?

A: Desired Torque: Simulink\Sources\Sine Wave Function

Unnamed circle: Simulink\Commonly Used Blocks\Sum

PID Controller: Simulink Extras\Additional Linear\PID Controller

Saturation: Simulink\Commonly Used Blocks\Saturation

GT-SUITE Model: GT-Suite7.1\GT-SUITE Model

Unnamed block: Simulink\Commonly Used Blocks\Demux

Crank Angle: Simulink\Sinks\Scope

Avg. Torque: Simulink\Sinks\Scope

Q: Are some MATLAB model filenames invalid?

A: Yes. A MATLAB .mdl file node name must be a valid MATLAB model name. This excludes symbol characters such as -, #, =, !, ', ",

Q: I copied an MDL with supporting DAT to another directory and when I open them I get the error "Specified GT data file does not exist in the working folder"

A: Goto the MATLAB main window and click the browse (...) button in the toolbar to the right of the Current Directory control, then select the directory that the MDL file is in. Supporting files are expected to be in the current MATLAB directory. Opening a Simulink MDL does not change the working directory.

Q: What are the GTI file types?

A: They are:

GTM - GUI engine design

DAT - command line (solver) model. Export a GTM to get this.

Q: How do I create the Simlink MDL file used in the SimulinkCoupling tutorial?

A: Follow these instructions:

1. Create a work directory.

2. Copy the GTI Suite DAT file produced in that exercise to the work directory.

3. Start MATLAB.

4. Click the browse (...) button in the toolbar to the right of Current Directory and select the work directory created in step 1.

5. From the MATLAB Start menu, select Simulink|Library Browser. The window may come up in the background.

6. In the new model window, select File|New|Model.

7. Create the Simulink model by dragging nodes from the Library Browser window and dropping on the model window, then double clicking and configuring the new node. Drag out the following nodes and set the parameters listed.

Simulink\Sources\Sin Wave

Sine type Time based

Time (t) Use simulation time

Amplitude 20

Bias 50

Frequency 2

Phase 0

Sample time 0

Interpret vector parameters as 1-D OFF

Simulink\Commonly Used Blocks\Sum


Icon shape round

List of signs |+-

Sample time -1

Signal data types

Saturate on integer overflow ON

Simulink Extras\Additional Linear\PID Controller

Proportional 0.1

Integral 5

Derivative 0

Simulink\Commonly used blocks\Saturation

Upper limit 1000

Lower limit 0

Treat as gain when linearizing ON

Enable zero crossing detection ON

Sample time -1

GT-Suite7.1\GT-SUITE Model

Filename <DAT file node name no extension>

Number of inputs 1

Number of outputs 2

Simulink\Commonly used blocks\Demux

Number of outputs 2

Display option bar

Bus selection mode OFF


After creating, click the Scope label and rename to Avg Torque


After creating, click the Scope label and rename to Crank Angel

8. Connect the nodes. Input and output connections are shown as small in and out arrows. To connect two nodes, move the cursor over one of these, then click and drag to the other. Connect the nodes as follows:

Sin Wave -> Sum +

Sum Output -> PID Controller

PID Controller -> Saturation

Saturation -> GT-SUITE Model

GT-SUITE Model->Demux

Demux top -> Scope #1

Demux bottom -> Scope #2

Sum - -> (Line connecting Demux top to the Avg Torque Scope)

9. Select Simulation|Configuration Parameters and set Stop time to 1.0.

10. Save the file.

11. Select Simulation|Start to run the simulation.

Q: How do I setup Visual Studio remote debugging?

A: To enable native debugging, follow these instructions:

1. Build debug and copy the debug binaries along with symbols (PDBs) to the machine where the application will run (debuggee).

2. Login to the debuggee as a user with local administrative rights.

3. Install the VS2010 remote debugger on the debuggee.

4. You must grant local administrative rights on the debuggee machine to the account used on the debugger machine. If the two machines are not in a domain, to do so, create an account on the debuggee machine with the same username and password as used on the debugger machine with local administrative rights.

5. Browse to the debuggee from the debugger. You should be able to see the machine and not be prompted to login.

6. Run the Remote Debugger (NOT the configure Wizard) on the debuggee machine, elevated if on Vista+.

7. Select Tools|Options and set the Authentication mode to No authentication (native only), check Allow Any User to debug, and click OK.

8. At the debugger machine, start Visual Studio and select Debug|Attach to Process.

9. Set Transport to Remote (Native only with no authentication) and enter the machine name or IP of the remote in Qualifier, then hit Enter.

10. Select the process to debug.

For more information, see

Q: In Process Explorer, I can't see the Path, Command line, or current directory for the app I'm inspecting. Why?

A: Insufficient rights. Exit Process Explorer and re-run it elevated and with local admin rights.

Q: My Access 2007 Autonumber field is recycling previous values. Why?

A: Install Access 2007. On systems without access, using the Jet driver that ships with Windows, the Jet driver will do this. It is technically correct because AutoNumber is intended to provide a unique key number automatically.

Q: How do I reset a Jet/Access AutoNumber field?

A: Use ALTER TABLE <tableName> ALTER COLUMN <columnName> COUNTER (<starting ID>,<increment>). Also see

Q: I'm getting an "Error using ==> open '<filename>' is an invalid model name or the file" from MATLAB when opening a Simulink MDL, but the file exactly matches one that works.

A: Rename the file, removing any symbols, particularly the dash "-". Simulink does this in particular

Q: My application fails to start on Vista+ with "A referral was returned from the server" How do I fix this?

A: Set <requestedExecutionLevel uiAccess="false" /> in the manifest. Vista+ returns this error if it cannot grant this right. Granting this right requires the EXE to be signed and in Program Files and is only needed if you are driving the UI of another program. Alternatively, you can disable the ValidateAdminCodeSignatures machine policy (, but this is system wide.

Q: MATLAB rejects my Simulink file with an error, but the gti_fname file specified exists and is in the working directory. Why won't it work? The error is:

No GT data file specified specified GT data file does not exist.

A: Restart MATLAB. You previously attempted to load and run the same MDL file with a different, bad gti_fname value. MATLAB can sometimes get stuck in this state.

Q: Depends fails on Windows Vista or higher with a complaint about a missing IViewers.dll, but it is there.

A: Re-run depends elevated. IViewers hosts a COM object that depends registers per-machine.

Q: How can I make an action in a MSBUILD XML script conditional?

A: Add a Condition attribute to it. All tasks inherit this functionality, so it can be used almost anywhere. For example, to make an action only occur if a property is set on the command line, do the following:

1. Define the property in the PropertyGroup section by adding an element equal to the name for the property. This is not necessary, but is a good practice. For example:

< Incremental ></Incremental >

2. Modify the task line(s) to only run if the property is null. For example:

<Exec Condition="'$(Incremental)' == ''" Command="devenv .\source\Vision_VS2005.sln /rebuild Release" />

3. Specify the property on the command line to enable the functionality. For example:

msbuild /property:Incremental=ON MyProject.proj

Q: How do I programmatically check if Windows is activated?

A: There are two different methods, depending on if the OS is pre-Vista or Vista+. See the code below. In addition, you may need to copy several constants from slicpub.h, if your WIndows SDK version is set to Windows XP.

// From slpublic.h when Windows SDK mode is set to Vista.

#ifndef _SLPUBLIC_H_

typedef GUID SLID;

typedef enum _SL_GENUINE_STATE {






typedef struct _tagSL_NONGENUINE_UI_OPTIONS {

DWORD cbSize;

const SLID *pComponentId;








#pragma message("** Remove Windows SDK constants copied to " __FILE__ " that are no longer necessary **")


typedef int (__stdcall *LegitCheckFunction)(void);

typedef HRESULT (__stdcall *SLIsGenuineLocalFunction)( const SLID* pAppId, SL_GENUINE_STATE* pGenuineState, SL_NONGENUINE_UI_OPTIONS* pUIOptions );

#define OLDSLIC_DLL_FILENAME "LegitLib.dll"


#define SLIC_DLL_FILENAME "slwga.dll"


// Windows AppId for SLIC: {55c92734-d682-4d71-983e-d6ec3f16059f}

SLID SLID_WINDOWS = {0x55c92734, 0xd682, 0x4d71, 0x98, 0x3e, 0xd6, 0xec, 0x3f, 0x16, 0x05, 0x9f};

bool IsWindowsActivated()


HMODULE moduleHandle = NULL;

LegitCheckFunction legitCheck = NULL;

bool checkedWindowsActivated = false;

bool windowsActivated = false;

moduleHandle = LoadLibrary(OLDSLIC_DLL_FILENAME);

if (moduleHandle != NULL)


// Windows XP method

legitCheck = (LegitCheckFunction) GetProcAddress(moduleHandle, OLDSLIC_LEGITCHECK_EXPORTNAME);

if (legitCheck != NULL)


checkedWindowsActivated = true;

windowsActivated = (legitCheck() == 0);



moduleHandle = NULL;




// Windows Vista+ method

SLIsGenuineLocalFunction slIsGenuineLocal = NULL;



moduleHandle = LoadLibrary(SLIC_DLL_FILENAME);

if (moduleHandle != NULL)


slIsGenuineLocal = (SLIsGenuineLocalFunction) GetProcAddress(moduleHandle, SLIC_ISGENUINE_EXPORTNAME);

if (slIsGenuineLocal != NULL)


checkedWindowsActivated = true;

returnValHR = slIsGenuineLocal(&SLID_WINDOWS, &windowsLicensingState, NULL);

if (SUCCEEDED(returnValHR))

windowsActivated = (windowsLicensingState == SL_GEN_STATE_IS_GENUINE);



moduleHandle = NULL;



return windowsActivated;


Q: How do I make the C++ runtime use the user's current Windows locale?

A: Call setlocale(LC_ALL, ""); The RTL defaults to US English for legacy compatibility reasons.

Q: Visual Studio 2005 will not let me set a breakpoint in C++ code, but I know the symbols are correct. Why?

A: Detach the debugger, then bring up the Attach to Process dialog and change the Attach To to Native code. If the target program also uses managed code, Visual Studio will prefer attaching for managed debugging only by default. The VS2005 debugger cannot attach for multiple modes simultaneously.

Q: How do I remove a guideline I've added using the Visual Studio 2010 Productivity Power Tools?

A: On any line, space over to the column position of the guideline to create line content out to that position, then right-click that column and select Guidelines|Remove Guideline. If there is no line content at the guideline column, you cannot remove it. This is not obvious.

Q: In Visual Studio, how do I set a breakpoint on a Windows API call?

A: Select Debug|New|Break at Function..., then enter a specially formed string in the Function box. This is the crux of the problem, as the syntax for this string is not well described, and versions of Visual Studio older than 2010 require more verbose syntax.

{[<function>],[<source filename>],<module filename>}Location

For example, the following are valid breakpoint descriptions for Visual Studio 2010:

The most reliable syntax is to use the context operator {} to specify the module name and the name of the debug symbol for the function you want a breakpoint on. The later is an important clarifier, because the name used in the C++ source will normally not match the debug symbol, and may be quite different. There are several other exceptions:

0. Most symbol names have an _ prefix.

1. The Location string used for a 32-bit symbol may not work on a 64-bit build, and vice-versa.

2. Most functions have different symbol names depending on the type of strings the module was built with. If built for MBCS/DBCS, this is called an ANSI build since it char and TCHAR are 1 byte in size. ANSI functions have a postfix of A. If built for UNICODE, char is 2-bytes in size, and functions have a postfix of W.

3. The compiler uses the size of the parameters, in bytes, as a form of function overloading at this level. It's not as capable as C++'s name mangling, but has been around for longer. This is appended to the function name after the string-type postfix with the separator "@".

In general, a debug symbol name for 32-bit Windows API functions will be of the form _<function name>@<parameter size>.

Finally, note that the Visual Studio 2010 parser for breakpoint strings is more capable than older versions. In 64-bit mode, it will accept MessageBoxW instead of the more verbose, but equally accurate, {,,user32.dll}MessageBoxW.

One way to determine the symbol name used is to spin a build with a call to the API you want to break on, then perform a Go To Disassembly... to view the symbol used to perform the call. However, note that THIS symbol isn't quite the symbol you want - this is the implicit import stub used to call the target function. It will be prefixed with "__imp__", but otherwise should have the same name. Also, depending on your build and system configuration, this might not work. For example, the following are several call statements for different builds of a program calling MessageBox:

64-bit Debug:

000000013F5B1716 call qword ptr [__imp_MessageBoxW (13F61A7B8h)]

64-bit Release:

000000013F9F1579 call qword ptr [__imp_MessageBoxW (13F9F3190h)]

32-bit Debug

01114516 call dword ptr [USER32_NULL_THUNK_DATA (11773FCh)]

32-bit Release

010C1496 call dword ptr [__imp__MessageBoxW@16 (10C20D0h)]

Note that in the 32-bit debug build, the call is made through a thunk instead of via the __imp__ export.

For more information, see the following links:

MSDN's nearly nonexistant documentation on doing this

MSDN on the context operator

Q: How do I resolve problems when my manifest has multiple references to the same assembly as different versions? For example, Microsoft.VC80.CRT at 50727.762 and 50608.0.

A: See this MSDN article. It should be possible to write an app config file to specify a redirect from the old version to the new.

Q: I installed NuGet in Visual Studio 2010, but don't get any packages listed. When I go to Tools|Library Package Manager|Manage NuGet Packages for Solution... and select Online|NuGet official package source, I get the error "Could not load file or dependency 'TTVSAddinDotNet.resources.module' or one of it's dependencies. The system cannot find the file specified.

A: Go to Tools|Add-In Manager..., find the listing for the TestTrack add-in, then uncheck it's Available and Startup boxes, then restart Visual Studio 2010. TestTrack's Visual Studio AddIn is incompatible with NuGet - simply disabling it is insufficient. However, you can work around this by starting Visual Studio 2010 with TestTrack disabled and not started, running NuGet, then enabling the TestTrack add-in manually.

Q: How can I view a multi-line string in Visual Studio, without having to use NotePad or some other text editor?

A: Click the magnifying-glass icon in the value column when you are inspecting the value of the variable and select Text Visualizer. In the debug immediate and watch windows, it is on the right edge of the value column, but in the free-floating variable inspector, it is on the left edge. It is easy to overlook. The following screenshot shows the icon in the free-floating inspector window.

Q: How do I fix the date/time in a VMWare Workstation VM so it does not change?

A: You must make four changes. The order of the changes is insignificant.

1. Start the VM and open VMWare tools.

2. Disable the Time Synchronization check box and click OK.

3. Disable the operating system's network time synchronization. To do this in Windows:

a. Go to Control Panel|Administrative Tools|Services

b. Find the W32Time service, called Windows Time, and set it to disabled. Manual is insufficient.

4. Shutdown the VM and save changes.

5. In a text editor, open the .VMX file for the VM. This is the only file in the VM directory with the same name as the VM and the extension .VMX. Normally, it is the only .VMX file.

6. Find the line setting the value tools.synchTime. Set it to "FALSE" and add several other settings, as shown below.

tools.syncTime = "FALSE"

time.synchronize.continue = "FALSE"

time.synchronize.restore = "FALSE"

time.synchronize.resume.disk = "FALSE"

time.synchronize.shrink = "FALSE" = "FALSE"

7. Save the changes.

8. Start the VM and set the time to whatever you want it to be when the VM starts up. If this is not done, the date will always appear to be the current date/time when the VM is started.

a. Click the date/time in the taskbar.

b. Click Change date and time settings.

c. Click change date and time and respond with OK/Continue if prompted for elevation.

d. Set the new time.

e. Click OK, then click OK.

9. Shutdown the VM.

10. Take a snapshot of the VM. It is a good idea to optimize the disk before doing so.

When the VM starts, it will now report the current date/time as that set in step 8 at startup and will then advance time at the normal rate.

Q: Visual Studio 2010 refuses to add a reference to a type library with the error "This file may not be a managed assembly", but it is a valid TLB. How do I add it?

A: This can be caused by the Visual Studio 2010 Productivity Power Tools. To resolve it disable them. Go to Tools|Extension Manager, click Productivity Power Tools, click Disable, then Restart Visual Studio. Solution courtesy stack overflow.

Q: Why won't Visual Studio 2010 step through the NET framework source? I have everything configured correctly.

A: Your NET binaries have been patched. Microsoft does not post PDBs for patched binaries, only the major releases. To resolve this, create a VM with a distribution of Windows no newer than the release date of the NET framework you want to trace and do NOT apply any updates. Then install the framework you want to trace, if needed, and Visual Studio. Reference this MSDN posting.

Q: How do I disable the background image on a Windows 7 Starter netbook?

A: Use the Ease of Access Center to disable background images. To change the desktop color from black to something else, use Display|Change Color Scheme to change the background color. Source yahoo.

Q: In Visual Studio 2010, how do I jump to a matching brace?

A: Move your cursor to a brace, then hit Ctrl-]. Note that Ctrl-[ does not work.

Q: In Visual Studio 2010, how do I embed a resource in only one build configuration?

A: Edit the CSPROJ file directly and add a Condition attribute to the element for the resource. This cannot currently be done in the GUI. For example:

<EmbeddedResource Include="source.txt" Condition="'$(Configuration)'=='Debug'" />

Source Marc Gravell on

Q: How do I determine the help topic ID number that a program is displaying when I hit help?

A: Do the following:

1. Download and install the HTML Help Workshop, available here. Note that the latest version is 1.3 and is dated 2009 June.

2. Run HTML Help Workshop

3. Select View|HTML Help Compiled Messages

4. Start the program you are interested in.

5. Use the program to display a help topic.

6. The HTML Help Workshop will log the topic ID and path shown in the following format:

HH_HELP_CONTEXT: mk:@MSITStore:C:\Program Files (x86)\Accurate Technologies\ATI VISION 3.7.3 RC (build 40)\VISION.chm: 4150 (VISION_Doc/VISION-Common_Content/Common_Windows/VISION_Options_Properties_General_Tab.htm)

Q: I can't some kind of fields in a Word 2010 document. I get the error message "protected content". How do I delete this text?

A: There are several possible causes. One uncommonly known cause is the use of design-mode fields. To fix this:

1. Go to File|Options|Customize Ribbon and check the Developer ribbon tab so it is shown, then click OK.

2. Click the Developer tab.

3. Click Design mode.

4. Click on the field object. A title grab bar will appear with the name of the field.

5. Click the title bar shown in step 2.

6. Click delete

Q: If I use Google Chrome to search and click a link, the response is slow and I ultimately get a "Something went wrong" error. However, I can view the results in Internet Explorer.

A: This is a cookie issue. Clear your cookies in Chrome and it will work again. Re-signing in to MSDN does not appear to resolve this.

Q: When using the Surround SCM command line to checkin a file, I get the error "Unable to find mainline with branch ."

A: This can be caused when a repository (directory) is configured to require TestTrack defect attachments, but the account being used doesn't have rights to login to TestTrack. To resolve this either disable requiring attach to defect on checkin, or use a different account that has TestTrack and Surround rights. In the first case, check the properties of the repository (directory) the file is in for a "TestTrack Integration" tab. If this exists with Attach to defect = Required, then change the setting to "Enabled" or move the file to a different repository where this is not required. In the later case, use an account other than AutomatedBuild that has rights to both TestTrack and Surround.

Q: The monitor on my nVidia card has suddenly switched to greyscale. How do I get the color back?

A: Follow these instructions:

1. Go to the nVidia Control Panel

2. Find the settings for the problem monitor. Currently, this is in Display|Adjust Desktop Color Settings.

3. Set the Digital Vibrance back to 50% and click OK.

For current screenshots, see

Q: While debugging code in Visual Studio 2012, I get an error "Mixed mode assembly is built against version 'v2.0.50727' of the runtime and cannot be loaded in the 4.0 runtime without additional configuration information."

A: This occurs when debugging a NET 4.0 or above assembly that loads an older assembly targeting CLR 2.0 or previous. There are two ways to fix this:

1. Modify all child assemblies to use the same version of the .NET framework

2. In the App.config, set /configuration/startup[useLegacyV2RuntimeActivationPolicy] ="true".

Source: Marius Banicla.

Q: I get the error "Invalid argument or procedure call" when scripting the VMWare VIX API in a .vbs script run by the Windows Scripting Engine (wscript/cscript), but the code matches the VMWare example.

A: The most likely cause is that your script is using VBS constants for the VIX constants. The VBS engine creates variant values of type integer, but the WIX API only accepts variants of type long, regardless of the numeric value. This is an issue with the VIX API. If the same code works when run under Visual Basic (not just the scripting engine or VBA), this is most likely the cause. To resolve this, do one of the following:

1. Replace the constant definitions with clng calls, which will convert the variant integers to variant longs.

2. Use a WSF frame, import the VIX type library, and reference the constants from the type library directly. For example:

<job id="example">

<reference object="VixCOM.VixLib" />

<script language="VBScript">

Set lib = CreateObject("VixCOM.VixLib")

Set job = lib.Connect(VixCOM.Constants.VIX_API_VERSION, hostType, hostName, 0, hostUsername, hostPassword, 0, Nothing, Nothing)



Solution suggested by the VMWare Community.

Q: In Visual Studio 2012/2013, how do I order an item configured with Custom Build Tool so it is done before compilation or the resource compiler? The Execute Before box is greyed out.

A: Edit the vcproj file and add the following element to /Project/PropertyGroup[Label="Globals"]:


This will make all items configured to build with custom build tool to be performed before the C++ compiler runs. There may be other ways to do this too. Sources: MSDN forums, Visual Studio blog.

Q: In Visual Studio 2010/2012/2013/higher when debugging a 32-bit DLL run using rundll32, Visual Studio reports the error "The breakpoint failed to bind." How do I fix this?

A: Specify the full pathname of the 32-bit version of rundll32, in c:\windows\syswo64. On 64-bit Windows, the rundll32 in c:\windows\system32 is the 64-bit version. If it detects that your DLL is 32-bit, it will automatically launch the 32-bit version of rundll32 as a child process, but Visual Studio is attached to the parent instead where it cannot set the breakpoint, thus the error.

Q: How can you XPath query XML data that uses namespaces?

A: There are two basic ways to deal with namespaces in XPath queries:

1. Make the XPath querier aware of the namespace URL and the short name you'll use to refer to it in the XPath query string. Then use the prefix in your XPath query. This is the most typical solution when using the Java or .NET XML classes.

2. Use the local-name() XPath function to compare against the node/attribute name without namespace. This is less common but still effective. For example, given the following XML:

<Project xmlns="">





The xmlns attribute specifies that Project and all subnodes reside in the namespace This means that a simple non-namespace aware query like /Project/PropertyGroup/ProductVersionMajor will fail because the Project, PropertyGroup, and ProductVersionMajor specifications of the query have no namespace so do not match the apparently corresponding nodes in the sample XML. To resolve this, use the local-name() function to exclude consideration of the namespace in the comparison, as follows:

/*[local-name() = 'Project']/*[local-name() = 'PropertyGroup']/*[local-name() = 'ProductVersionMajor']

Note that local-name must be used for all nodes along the path, and that each term must be prefixed with *.

Q: I can't login to GitHub for Windows with the error "Unable to retrieve your user info from the server." However, I can login to

A: This is a bug in the GitHub for Windows client that occurs with old versions of the .NET framework. Install .NET 4.5 or above to resolve the issue. Courtesy github.

Q: I can't install NET 3.5 on Server 2012. I get the error "One or more installation selections are missing source files..."

A: This is a problem in Server Manager. To resolve this:

1. Start Server Manager

2. Select Add Roles and Features

3. At Installation Type, Select Role-based or feature-based

4. At Server Selection, select your server.

5. At Server Roles, click Next.

6. At Features, select .NET Framework 3.5 features, and any sub-features you need.

7. At Confirmation, click Specify an alternate source path.

8. Insert the Server 2012 DVD and note the driver letter.

9. At Specify Alternate Source Path, set Path=<DVD drive letter>:\sources\sxs. For example, D:\sources\sxs.

10. Click OK.

11. Click Install.

Courtesy Microsoft at this link.

Q: Server 2003 reports a specific certificate as invalid, stating: The integrity of this certificate cannot be guaranteed. The certificate may be corrupted or may have been altered." However, any operating system Windows Vista or above recognizes the certificate as valid. How do I fix this?

A: Server 2003 does not support the SHA-2 hash algorithm. This is described in Microsoft article 938397. To resolve this, goto this KB article, click Hotfix Download Available, select your platform, and follow the instructions at the bottom of the page to be emailed a link to the file. Note that by default the page shows only Server 2003 x64. Click the show all platforms link and find the Server 2003 English link to get the hotfix for a standard US English 32-bit Server 2003. Note this update will require a reboot.

An example of this error is shown below.

Q: I published a Computer certificate template, but cannot see it in the Certificates snap-in when I use Request New Certificate. Why?

A: This is due to an unobvious security conflict. The Computer certificate template's security is configured so only Domain Admins and Domain Computers can Enroll. However, when you create a Certificates snap-in for the Local Computer, that snap-in is run under the Local Computer account. If the local computer is a domain controller, then Request New Certificate cannot Enroll using the new template because the computer, a DC, is not in Domain Computers. To fix this:

Goto the Certificate Templates snap-in

Find the template in question, right click it, and select Properties

Click the Security tab.

Either click Add, specify Domain Controllers, and click OK; or select Authenticated Users.

Click Enroll.

Click OK.

Q: The Certificate Service caps the validity period of any cert I make at 2 years even though the request asks for a longer period. The root CA is valid longer than 2 years. How do I fix this?

A: The Windows Certificate Service caps the validity period at the lesser of the root CA expiration or an internal setting, which defaults to 2 years. To extend the built-in limit to 10 years:

Start an elevated command prompt.

Enter certutil -setreg ca\ValidityPeriod "Years".

Enter certutil -setreg ca\ValidityPeriodUnits 10.

Enter net stop certsvc.

Enter net start certsvc.

Courtesy Microsoft KB 254632 available here.

Q: JavaScript single-stepping and debugging is very slow in Internet Explorer. It takes 3-10 seconds between pressing <F10> and the step. How do I fix this?

A: This can be caused by the LastPass plug-in. To fix this, disable the plug-in, but note a restart is required for the fix to take effect. To fix this:

In Internet Explorer, if the menu is not displayed, tap the <Alt> key.

Select Tools|Manage Add-Ons

Select LastPass, then click the Disable button at the bottom of the Window.

Click Close.

Restart Internet Explorer.

Q: How do I get the serial number of a Yubikey?

A: There are several ways. Also, note the serial number is not the same as the Public Identity.

Since late 2010, the serial number has been printed on the key in text and as a DataMatrix 2D barcode (click here for source). For example:

It can be read electronically by their tools, although this can be disabled. To do so:

Run the YubiKey Personalization Tool

Insert the key and wait up to 5 seconds for the GUI to detect the device.

The serial number is shown on the About tab in the right-hand pane, as shown below.

Q: How do I use an environmental variable in Visual Studio 2010, 2012, 2013 for Start External Program?

A: Not supported. See this link. In 2013 and above, the following macro subset is supported: click here.

Q: In PowerShell, I get the error "cannot be loaded because the execution of scripts is disabled on this system" How do I fix this?

A: There are two ways. First, run the PowerShell script with the "-ExecutionPolicy ByPass" option. Second, change the PowerShell policy on this machine to permit execution by the following:

1. Run PowerShell elevated as a local admin

2. Enter "Set-ExecutionPolicy Unrestricted".

Source: TechNet.

Q: How do I run Hyper-V (in Windows Server) in a VM under VMWare Workstation 10+?

A: This can be done, but is considered unsupported by VMWare because it involves running a hypervisor within a hypervisor. The following instructions will work for a Server 2012 VM running under VMWare Workstation 10 or Server on a Windows 7 x64 host. They are claimed to work for Server 2008 VMs, but this could not be reproduced.

Create a Server 2008 x64 virtual machine with at least 1.5G of RAM

In Edit Virtual Machine Settings, select Processors and check Virtual Intel VT-x/EPT or AMD-V/RVI and Virtual CPU Performance Counters and click OK.

Browse to the directory that contains the VM files and open the .vmx file in a text editor.

Add the following lines, then save the file:

hypervisor.cpuid.v0 = "FALSE"

mce.enable = "TRUE"

vhu.enable = "TRUE"

If running Server 2008, after installing Windows, open an elevated command prompt and run "bcdedit /set xsavedisable 1", then reboot.

If running Server 2008, you may need to also install a Microsoft hotfix available here. Alternately, install SP1.


Detailed step-by-step article

Microsoft hotfix

Q: I get the error "linked to missing export" with my function template, declared in a header and defined in a CPP.

A: This is due to how C++ handles template functions. To solve this, do one of the following:

Relocate the definition to a header file. This is not recommended because it puts code in headers and increases code size, but is often done because it is easy.

Instantiate the template in the CPP file using all type(s) that are used in the project. For example, given the following template:

template<typename TCredentialType, typename TLogonMessageType>

void LogIfLogonTypeUnexpected( void* credentialInfoRaw, TLogonMessageType expectedLogonTypes[], ULONG noExpectedLogonTypes )

That is called with the type arguments KERB_INTERACTIVE_LOGON, KERB_LOGON_SUBMIT_TYPE and _MSV1_0_INTERACTIVE_LOGON, MSV1_0_LOGON_SUBMIT_TYPE, instantiate it like this anywhere in the CPP file:

template void LogIfLogonTypeUnexpected<KERB_INTERACTIVE_LOGON, KERB_LOGON_SUBMIT_TYPE>( void* credentialInfoRaw, KERB_LOGON_SUBMIT_TYPE expectedLogonTypes[], ULONG noExpectedLogonTypes );

template void LogIfLogonTypeUnexpected<_MSV1_0_INTERACTIVE_LOGON, MSV1_0_LOGON_SUBMIT_TYPE>( void* credentialInfoRaw, MSV1_0_LOGON_SUBMIT_TYPE expectedLogonTypes[], ULONG noExpectedLogonTypes );

Source is this C++ FAQ, among many.

Q: How do I set the binding order of network adapters on a multi-homed Server 2012 computer?

A: Microsoft has moved this to an unobvious, but not hard to get to, location. Follow these steps:

1. Goto Control Panel|Network and Internet|Network and Sharing Center

2. Click Change Adapter Settings.

3. If the menu is not displayed, tap the <Alt> key to activate it.

4. Select Advanced|Advanced Settings.

Courtesy this source.

Q: How do I enable copy/paste with a VMWare Server/vSphere VM?

A: This is disabled by default starting in Server 4.1.1, but can be re-enabled by editing the vmx file. To do so in vSphere 5.x:

Start the vSphere client and find the problematic VM

Find the problematic VM and make sure it is off.

Right click the VM and select Edit Settings.

On the Options tab, select Advanced|General and click the Configuration button.

Click Add Row and enter the setting name "" with a value of "FALSE".

Click Add Rpw and enter the setting name "" with a value of "FALSE".

Click OK, then back on Virtual Machine Properties click OK.

If the VM uses snapshots, note that this will not fix any existing snapshot. Source is this VMWare KB article.

Q: Is there a WMI browser or test utility built into Windows?

A: Yes, there are a few. The easiest to use is wbemtest.exe, a graphical WMI browser. Wbemtest is graphical, but is not a full browser: you can list the contents of a context if you know the context, but you need to know the name of some classes to display them.

Q: In Visual Studio 2012, the Solution Configuration box in the toolbar is too small, cutting off the text. How do I make it wider?

A: Follow these instructions:

In Visual Studio, goto Tools|Customize.

Click the Commands tab.

Select Toolbar, then select the Standard toolbar.

Under Controls, scroll to the bottom and select Solution Configurations.

Click the Modify Selection button on the right, then increase the width field, generally tripling it.

Source this MSDN posting.

Q: In Visual C++ 2012, I get C4995s reported as errors instead of warnings and cannot build. How do I fix this?

A: This is a result of a change to the Security Check compiler option. This cannot be fixed either in the usual way, by suppressing the C4995 warning via #pragma warning, or by setting any of the symbols such as _CRT_NON_CONFORMING_SWPRINTFS and _CRT_NONSTDC_NO_DEPRECATE, although it once could be. To resolve this:

Goto Project Properties.

Select Configuration Properties|C/C++|Command Line.

In Additional options, add /wd4995.

Alternately, disable the Security Check option under C/C++|Code Generation.

Source: this MSDN blog.

Q: How do I Url Escape/Encode in C++?

A: This is no single Win32 API to do this - for example, CoInternetParseUrl can handle %-encodings, but not space-to+ escaping. To do so via Win32 APIs, you must call two APIs successively. ATL provides AtlEscapeUrl, but it does not handle space->+ conversion or reversal.

Q: In C#, I can't write to a file whose handle is stored via SafeFileHandle using native APIs during a finalizer. The handle appears to already be closed. Why?

A: Even though a parent object may have a reference to a child object, at finalization time, there are no ordering guarantees for finalizer execution. If you need to log at finalization time, you cannot use SafeFileHandle or Streams and instead must use all-native I/O.

Q: When installing Exchange 2013 on Server 2012, I get the error "Unsupported Operating System", but 2012 is clearly supported. Why?

A: The Exchange 2013 install cannot tolerate the Remote Desktop Session Host feature on the same machine. Remove it to install Exchange. Courtesy this MSDN question.

Q: I can't get Exchange 2013 install, it fails for various reasons.

A: Increase the VM memory to 4G - 8G. 4G will most likely be enough. In practice, once installed, development (low traffic) Exchange servers work OK with 4G but are slow until NodeRunner is disabled. Microsoft's official minimum is 8G.

Q: How do I use the GITHUB GIT from a command line on a Windows machine connecting to an SSH GIT repository?

A: This can be done using the Git Shell icon installed with GITHUB, but this solution requires manually running the batch file once the command prompt comes up and so is typically undesirable. Alternately, to use GITHUB's GIT from any command line, automate the following steps:

Locate the first directory matching %LOCALAPPDATA%\GitHub\PortableGit*. This is the GIT directory.

Prepend the path with %gitdir%/cmd and %gitdir%/bin.

Run ssh-agent.

Note the two variables reported to STDOUT and set them.

Run "ssh-add %USERPROFILE%\.ssh\github_rsa" By default, GITHUB stores your SSH key in github_rsa. Change this if needed, or run again to add any other keys you have.

To test the connection to the server, run ssh -T <servername>. For example, ssh -T

To test the connection to the repository, run git ls-remote ssh://<repository pathname>. For example, git ls-remote ssh:// > nul

Q: Visual Studio or MSBUILD never end after running a batch file that runs and exits fine at command line. How do I fix this?

A: Most likely, the batch file is running a process that runs another process asynchronously. For example, for GIT.EXE to function on Windows with SSH authentication, it requires SSH-AGENT. The SSH-AGENT process spawns another copy of itself. MSBuild, used by Visual Studio, correctly waits for not just the root process - the shell processing the batch file - to execute, but also any processes started by them to execute. In other words, msbuild waits for the entire process group to exit. To resolve this, terminate the spawned process before the end of the batch file. For example, for SSH-AGENT, run SSH-AGENT -k to kill the spawned process. Then Visual Studio and MSBuild will see the process group has terminated and will continue with the rest of the build.

Q: Chrome on Windows hangs when I minimize, then restore when using it with multiple monitors between display changes. How do I fix this?

A: This is a bug in Chrome. Goto Settings|Advanced and disable "Use Hardware Acceleration When Available". Courtesy this post.

Q: What is the easiest way to test ADFS to verify it is working?

A: Start a browser and goto https://[serverFQDN]/adfs/ls/IdpInitiatedSignon.aspx. Note if you browse to this using IE it will use Kerberos for primary auth. Courtesy this site.

Q: In Windows 10, how do I get the F8 Startup Options menu to display?

A: By default, you cannot - it is now disabled. To manually enable it:

Start an elevated command prompt

Enter bcdedit /set {default} bootmenupolicy legacy.

Courtesy this link. Note the syntax in this MSDN link is very similar, but lacks the {default} keyword and implies it is unnecessary. However, the setting will not take effect without default.

Q: How do I set a breakpoint in DllMain when I am not sure where the function is defined?

A: Select Debug|New Breakpoint|Break at Function and enter "{,,[ModuleFilename]}DllMain". Courtesy this MSDN blog.

Q: How do I save a list of all trusted certs for the machine and current user to a file?

A: On Server 2012, use these commands:

certutil -store root >> machine.txt

certutil -store authroot >> machine.txt

certutil -store ca >> machine.txt

certutil -user -store root >> user.txt

certutil -user -store authroot >> user.txt

certutil -user -store ca >> user.txt

Q: Why does a _COM_SMARTPTR_TYPEDEF-defined smart pointer throw on Release if it has no pointer?

A: This is the default behavior, but is in contrast to the the smart pointers generated by #import using the typical raw_interfaces_only, however. To avoid this, use CComQIPtr or CComPtr instead.

Q: Does the Exchange team use exceptions in C++?

A: No, for technical reasons, as of 2009. See this Larry's comment in this link, and this other related link on Exception objects in c#.

Q: How do I get the boot menu options to display at boot-up on Windows 8 on demand?

A: There are two basic ways to do this: by restarting into it or displaying it during boot. To do the first, press <Windows>-I, select Change PC Settings, click Power, then hold <Shift> and click Restart. Click Troubleshoot, Advanced Options, Startup Settings, then click Restart. Windows will restart and display the boot menu.

The second method is practically impossible on machines or VMs with UEFI BIOSs, because the boot loader which monitors for F8 loads too quickly. To resolve this, install EasyBcd, click Edit Boot Menu, set Timeout Options to Wait for user selection, and click Save Settings, then reboot. A boot menu will now be displayed on every bootup.

Q: When I try to copy a 64-bit file from a Visual Studio post-build command, I get the 32-bit version instead. How do I fix this?

A: Use the sysnative alias. This occurs because Visual Studio is a 32-bit process, so the file system redirector redirects all accesses to c:\windows\system32 to the 32-bit c:\windows\syswow64 directory. To fix this, reference c:\windows\sysnative instead. Courtesy this Microsoft posting.

Q: When I reference the ProgramFiles(x86) variable in a batch file, I get a "file specified was not found" error. How do I fix this?

A: Set a temporary variable equal to the value of ProgramFiles(x86), as in: set programFilesx886=%ProgramFiles(x86). This is a problem specific to CMD.EXE when using variable names with parenthesis in them. Courtesy this link.

Q: Using ATL implementing an interface #import'd from a TLB, I get the errors static_cast' : cannot convert from '[Class]::_ComMapClass *' to '[Interface*]', followed by "cannot convert from 'ATL::_ATL_CREATORARGFUNC (__cdecl *)' to 'DWORD_PTR'". How do I fix this?

A: The class needs to inherit from this interface as well. This bizzare error is reported when the built-in offsetofclass operator, used in the COM_INTERFACE_ENTRY macro, fails because the interface specified is not implemented by the class. One cause may be that the interface is declared in IDL as inheriting from IUnknown, but the ATL class implementing it inherits using the IDispatchImpl template. To fix this, either change the IDL interface to inherit from IDispatch or change the ATL class to inherit from the class directly.

Q: When I use the Resource Editor in Visual Studio, it changes the macros in my RC file to their literal equivalents and reports an error about __useHeader redefined. How do I fix this?

A: Open the RC using the source code editor, then add a #include for the header that defines the #defines under TEXTINCLUDE 2, and above that add a line to #define #define _USING_V110_SDK71_ 1. Then also make the equivalent changes that these TEXTINCLUDEs are built into by the VS Resource Editor. The final result should look like this:



// Generated from the TEXTINCLUDE 2 resource.


#define _USING_V110_SDK71_ 1

#include "afxres.h"

#include "..\version.h"




"#define _USING_V110_SDK71_ 1\r\n"

"#include ""afxres.h""\r\n"

"#include ""..\version.h""\r\n"



Courtesy this MSDN forum posting.

Q: Exchange 2013 refuses to start, citing an error mounting it's database. How do I fix this?

A: Repair the database, then delete all the log files. To repair the mail database, you need the full pathname to the mail database, an EDB file. To find it:

Open a web browser to the ECP (hostname/ecp) and login

In the left hand nav bar, click Servers.

In the top nav bar of the right hand pane, click databases.

Click the one database listing to select it.

Click the pencil button to bring up the editor

Copy the Database Path field.

To repair the database:

Start the Exchange Management Shell (an Exchange Powershell session) from the Start menu

Enter eseutil /P "[DatabaseFilePathname]"

At the "This database is not up-to-date, are you sure you wish to update it?" prompt click OK.

Open explorer to the directory where the Mailbox database is.

Delete all files with the .log extension

Back in the ECP, Click the More Actions button "...", click Mount, and click Yes to confirm. The database should mount successfully.

Q: How do I get a static activation key for Visual Studio 2015?

A: In your MSDN subscription, request a product key for Visual Studio 2015. This is a personalized static key - it works as a static key, but can be traced to you. See the comment from James Rice at Microsoft dated 20 Jul 2015 9:04P on this page.

Q: I edited a web page with TextPad and now the raw source is returned. How do I fix this?

A: This web page is stored in UNICODE 16-bit characters instead of old-style 8-bit ANSI and TextPad has removed the 2-byte marker at the beginning of the file that indicates the endianness of the data. IIS appears to require the BOM. To restore it:

1. Start TextPad and goto Configure|Preferences

2. Select Document Classes|HTML.

3. Check "Write Unicode and UTF-8 BOM".

3. Under the Files in class list, click box button to add a new row, then enter "*.aspx".

4. Click OK.

Q: SmartGIt is fails to retrieve the SimpleSaml repository with "Could not read from remote repository", but it used to work. I am connected to the VPN. How do I fix this?

A: There's a problem with the auth configuration for To fix this:

In SmartGIT, goto Edit|Preferences, and select Commands|Authentication

Click the listing for, then click Remove.

Click OK

In SmartGIT, select your Duo SimpleSaml repository, then click Pull. If you don't have one:

Select duo_IIS

Expand DuoGIT and select simplesaml.

Select Remote|Properties, then copy the URL and click cancel.

In SmartGIT, select Repository|Clone and paste in the URL copied from step C and click OK.

At the SSH authentication prompt, click the Private Key File browse button and select your SSH private key file.

Click Login. If this doesn't work, the key is encrypted with a password. Enter that into the Passphrase field and then click Login.

Q: Exchange 2013 is generating huge logs in C:\Program Files\Microsoft\Exchange Server\V15\Logging\Monitoring\Monitoring\ActiveMonitoringTraceLogs. How do I stop this?

A: Open <ExchangeInstallPath>:\bin\MSExchangeHMWorker.exe.config in a administrative notepad

Find the Line <add key="IsTraceLoggingEnabled" value="true" /> and change to false and save. Reboot server and you can now clear the logs in the monitoring path and they will not regenerate.

Courtesy this source.

Q: How do I debug a Windows Credential Provider?

A: There's an easy way with limited but probably sufficient support and a hard way. The easy permits debugging of the authentication codepath only when a user is unlocking a workstation. To do this:

Get psexec from Microsoft's SysInternals site and install Visual Studio.

Backup the DLL and overwrite it with the debug build and copy in the PDB.

If necessary, copy the source files to this machine.

In an elevated command prompt as local admin, run psexec -dsx "<full pathname to Visual Studio debugger>".

In an elevated command prompt as local admin, run psexec -dsx cmd. This provides the ability to restore the DLL to the original in case the new code crashes or corrupts the heap.

Hit <Ctrl-Alt-Del>

Hit <Alt-Tab> to switch to Visual Studio, now running in the Secure Desktop.

In Visual Studio, select Debug|Attach to Process and attach to LogonUI.exe.

Place any needed breakpoints.

Hit <Alt-Tab>

Select Lock.

Hit <Ctrl-Alt-Del>. Note that after this point, you cannot <Alt-Tab> back to Visual studio.


After this, note that each time you hit <Ctrl-Alt-Del> to start the cycle over again, a new LogonUI.exe is started, but Visual Studio is still running on the secure desktop. So right after hitting <Ctrl-Alt-Del>, you must repeat steps 7-11.

Do NOT use the Switch user or Sign out menu options. These will cause LogonUI.exe and the secure desktop to be destroyed, killing Visual Studio. Source.

Full support requires setting up a kernel debugger and requires two machines. For more information, see this msdn link.

Q: Is it OK to use .NET to implement a credential provider or other Windows core security plug-in?

A: Originally Microsoft specifically recommended against this, and specifies that all such components should be implemented in unmanaged C++. See Microsoft KB article 841927. They have since changed this guidance for Windows 10.

Q: On a MacBook, VMWare Fusion fails to start any VM with the error "Could not open /dev/vmmon: broken pipe". How do I fix this?

A: This is a first-time run security issue. To resolve it:

1. Click the apple menu|System Preferences|Security and Privacy.

2. Click the lock in the bottom left to unlock and authenticate if required.

3. At the bottom of the window, there should be a message “Software from VMWare has been blocked” with an Allow button. Click Allow, then close the window.

4. If VMware Fusion was running before, restart it.


Q: How do I optimize the disk for a VM in VMWare Fusion?

A: VMWare fusion does not have separate Compact and Optimize functions - they are combined, and not located on the Disk info window. To optimize and compact in Fusion:

1. Open VM in a stopped state

2. Click Virtual Machine|Get Info

3. Click Clean Up Virtual Machine at the bottom.

Q: In Cmd/batch script, how do I determine if the current user is elevated?

A: Use whoami to check for membership in the High integrity level group named "High Mandatory Level". The security token of any process that is an elevated local admin (full abby) is a member of this dynamic group. For example:

set adminCheckOutputFile=%TEMP%\LocalAdminCheckTempFile.txt

if exist "%adminCheckOutputFile%" del "%adminCheckOutputFile%"

whoami /groups | find "S-1-16-12288" > "%adminCheckOutputFile%"

set /p localAdminElevatedGroup=<%adminCheckOutputFile%

if not defined localAdminElevatedGroup (

echo ==^> ERROR: The current user is not elevated.

goto :eof



Q: In Cmd/batch script, how do I determine if the current user is a local administrator?

A: Use whoami to check for membership in the local administrators group. For example:

whoami /groups | find "S-1-5-32-544" >nul

if errorlevel 1 goto ErrorNotLocalAdministrator

echo The current user is a local administrator

goto :eof


The current user is NOT a local administrator.


Q: In Windows 10, how do configure Start Menu "shortcuts" that will appear for all users?

A: This is no longer possible by simply creating shortcuts in an All Users\Start Menu directory as in previous editions of Windows, although you will find an equivalent directory on disk under Users. Instead, you must create a test user, export the start menu configuration, then deploy that configuration to new users via group policy or similar mechanisms.


Q: My Server 2019 install under VMWare Fusion fails with the error "Windows installation encountered an unexpected error. Verify that the installation sources are accessible, and restart the installation. Error code: 0xc0000000A". How do I fix this?

A: Follow these instructions:

1. If the VM is not shutdown, shutdown the VM.

2. Select Virtual Machine|Settings

3. ​Double-click Floppy Disk

4. In the bottom left, click Remove Floppy Drive.​

5. If you get an "Are you sure" prompt, confirm. This prompt will say the floppy should not be disconnected until after Easy Install completes. Easy Install does very little - just licensing, account creation, and VMWare tools installation - and those can all be done manually easilly. Also, when the VM boots up, you must manually hit enter so the VM will boot from the Windows ISO virtual DVD.​


Q: On MacOS, how do I edit a text file that I don't have access to even though I'm an admin?

A: You need an elevated text editor that is permitted to do so. Some editors, like the built-in Text Editor, are sandboxed. This means by design they are not able to be elevated (sudo). If you try, they will fail with "illegal hardware instruction." For example, if you don't yet have such a text editor:

1. Download TextPad for MacOS, then open the downloaded file.

2. Start Finder and click Applications.

3. Drag the TexPad app from the download to Applications. This installs the program.

4. Start a Terminal window.

5. Enter sudo /Applications/

6. Enter your password.


Q: On MacOS, how do I run Text Editor from command line?

This is easy, but note Text Editor will not function when sudo'd - it will fail with "illegal hardware instruction".

1. Start a Terminal instance

2. Enter /System/Applications/


Q: In VMWare Fusion standard, how do I give a VM a static IP?

A: This requires several manual steps to modify the VMWare DHCP server for static IP assignment. These steps may change slightly depending on your system configuration.

1. Start VMWare Fusion.

2. Goto Window|Virtual Machine Library,

3. Right-click the VM to allocate the static IP for and select Settings.

4. Click Network adapter.

5. Expand Advanced Options.

6. Record the MAC Address.

7. If necessary, install a text editor that can edit files you must be sudo'd (elevated) to change. Alternately, you can use a Terminal text-mode editor like nano.

8. Start your elevated text editor.

9. Open /Library/Preferences/VMware Fusion/vmnet8/dhcpd.conf

10. Find the subnet line and make a note of the subnet.

11. Locate the range statement within the subnet settings block. Pick an address OUTSIDE of that range that is also not 0, 1, or 255.

12. After the last host entry, add another host entry for your VM using it's name as shown in VMWare Fusion with all spaces removed. For example​:

host WindowsServer2019A {

hardware ethernet 00:0C:29:2F:23:8A;



13. Save the changes.

14. Restart VMWare Fusion. This means you must first shutdown all running VMs.


Q: In VMWare Fusion, how do I exit full screen mode?

A: There are two ways: [Ctrl][Cmd]F or the following GUI instructions:

1. On another monitor, click the VMWare Fusion icon.

2. From the Window menu, select Virtual Machine Library.

3. Click the listing for the full-screened VM. This changes the control context to that VM.

4. From the View menu, select Single Window.


Q: How do I determine if a file is a managed/.NET binary or not?

A: There are a couple ways. Run dumpbin /clrheader [filename] and check the output. Unfortunately this does not fail for non-.NET binaries, so the answer requires knowing what correct output looks like. If the module is a .NET module, dumpbin will report the file type followed by a "clr Header" header with managed information. If the module is NOT a .NET module, dumpbin will display the PE section summary, the same output as if run with /summary. An example of output for a .NET module is below.

Dump of file TestCredentialProvider.dll

File Type: DLL

clr Header:

48 cb

2.05 runtime version

32DC [ 6434] RVA [size] of MetaData Directory

9 flags

IL Only

Strong Name Signed

0 entry point token

9710 [ A88] RVA [size] of Resources Directory

A198 [ 80] RVA [size] of StrongNameSignature Directory

0 [ 0] RVA [size] of CodeManagerTable Directory

0 [ 0] RVA [size] of VTableFixups Directory

0 [ 0] RVA [size] of ExportAddressTableJumps Directory

0 [ 0] RVA [size] of ManagedNativeHeader Directory

Q: How do I fix the Ctrl-Arrow Key and other Ctrl-key combinations in Windows VMs in VMWare Fusion?

A: This must be fixed in two places: VMWare defaults and the keyboard mappings used by your virtual machines.

To change the VMWare fusion defaults to fix the Control key:

1. In VMWare Fusion, goto the VMWare Fusion menu and select preferences.

2. Click the Keyboard & Mouse tab.

3. Under Mouse Shortcuts, uncheck the Secondary Button mapping.

4. Under Mac Host Shortcuts, uncheck "Enable Mac OS Host Keyboard Shortcuts".

5. Close the windows.

To fix the Control key usage in the keyboard mapping profiles:

1. If the VM is not running, goto Window|Virtual Machine Library and select it.

2. If the VM is currently running, switch to it.

3. On the VMWare Menu, select Virtual Machine|Settings.

4. Click Keyboard & Mouse.​

5. Double click the select Profile.

6. Under Mouse Shortcuts, uncheck the Secondary Button mapping.

7. Under Mac Host Shortcuts, uncheck "Enable Mac OS Host Keyboard Shortcuts".

8. Close the window.

Every VM using the same keyboard profile will be immediately fixed.



Q: How do I export certificate templates from a certificate authority?

A: Use the following instructions, run on a Windows Server machine.

1. Start Certificate Authority and click Certificate Templates.

2. Record the name of the templates to be exported.

3. Right-click Certificate Templates and select Manage.

4. Locate the template in the list, goto Properties, and record the Template name field (NOT Template display name).

5. Construct the LDAP distinguished name for this Windows domain. For example, for alpha.local, this is DC=alpha,DC=local.

6. Start a command prompt and run the following command. Replace SmartcardUser in both places with the internal name of the template, and the "DC-impelix,DC=com" with the LDAP distinguished name for this Windows domain.

ldifde -m -v -d "CN=SmartcardUser,CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration,DC=impelix,DC=com" -f SmartcardUser.ldf​


Q: What is the correct DCOM Configuration for Certificate Services?

A: The default configuration should work fine. If in doubt, follow these instructions to check and repair the DCOM configuration:

1. At the CA, run DcomCnfg.

2. Navigate to \Component Services\Computers\My Computer, right click it, and select Properties.

3. Click the Default Properties tab and make sure Enable Distributed COM is checked.

4. Click the COM Security tab.

5. In the Access Permissions box, click Edit Limits and ensure both Everyone and Certificate Service DCOM Access are granted (have Allow checked) Local Access and Remote Access, then click OK.

6. In the Launch and Activate Permissions box, click Edit Limits and ensure that Certificate Service DCOM Access is granted (has Allow checked) Local Launch, Local Activation, Remote Launch, and Remote Activation, then click OK.

Source:​ response by Joson Zhou on Wednesday, March 31, 2010 8:20 AM.​​

Q: How do I determine which Windows Firewall rule blocked a packet?

A: Follow these instructions. There is GUI for this functionality as of 2020 October and likely never will be.

1. Start an elevated command prompt as a local administrator.

2. Enter auditpol /set /subcategory:"Filtering Platform Packet Drop" /success:enable /failure:enable

3. Enter auditpol /set /subcategory:"Filtering Platform Connection" /success:enable /failure:enable

4. Reproduce the issue as quickly as possible as the log file will be large.

5. Back in the elevated command prompt, change to a directory where you want to store the data file.

6. Enter netsh wfp show state

7. Open Event Viewer

8. Goto Windows Logs\Security.

9. Find the Audit Failure entries time stamped with when you reproduced the problem, then review these to find the entries for your issue as there will typically be noise to filter out. For example, an event log entry for a dropped UDP packet to port 137 looks like this:

The Windows Filtering Platform has blocked a packet.

Application Information:

Process ID: 0

Application Name: -

Network Information:

Direction: Inbound

Source Address:

Source Port: 137

Destination Address:

Destination Port: 137

Protocol: 17

Filter Information:

Filter Run-Time ID: 83470

Layer Name: Transport

Layer Run-Time ID: 13

10. Record the Filter Run-Time ID - this is the rule number that blocked the packet.

11. Open the wfpstate.xml file created in step 6.

12. Find the item XML element where the filterID child element equals that rule ID, then scan up to find the item's displayData child and record the name child element. THIS IS THE NAME OF THE FIREWALL RULE THAT BLOCKED THE PACKET. For example, in the snippet below, the name of the rule is Port Scanning Prevention Filter. This is unfortunately a new, built-in rule that can only be disabled by disabling Windows Firewall.


<name>Port Scanning Prevention Filter</name>

<description>This filter prevents port scanning. This many times means there are no listeners. If debugging ensure your scenario has one.</description>





Q: Can I use SysPrep to make a Windows Server image generic?

A: Almost certainly not. Many of the built-in commonly used server roles do not support SysPrep, in particular, AD Certificate Services which we need.


Q: Why Can't I DCOM to a Windows built-in object such as MMC Application (CLSID 49B2791A-B1AE-4C90-9B8E-E860BA07F889) on Windows 7 or above?

A: You can if you either drop Windows Firewall or [probably, untested] create a suitable rule. This is due to advancing security. Microsoft added a built-in rule to Windows Defender Firewall called the Port Scanning Prevention Filter that CANNOT be disabled. It was originally referred to as Stealth Mode. The purpose of this rule is to block access to ports that an application is not specifically waiting on. In this case, the DCOM TARGET machine sends a UDP NetBIOS name resolution request back to itself, but this action is blocked by the Windows Firewall Port Scanning built-in rule.



Q: My call to CoCreateInstanceEx failed with E_INVALIDARG, but all args appear properly supplied. What is the cause?

A: Most likely the MULTI_QI parameter is incorrectly initialized. This appears to be an out parameter, but is actually a REF parameter. It must be NULL initialized and the pIID field filled with with the IID to retrieve.

Q: Can Windows Server be safely run in a virtual machine?

A: Yes, with the following limitations in priority order:

1. Use Windows Server 2012R or later.

2. Disable hypervisor time synchronization or management, either in the VM host or in the tools installed in the guest.

3. Avoid DC pause and resumption - shutdown and restart instead. This is [basically] safe if no other machines are connected and/or no changes to the directory occur.

There are additional precautions and fixes if running on on virtualization server such as VMWare Server.



Q: Can I clone a Windows Server virtual machine configured with a directory (forest)?

A: Maybe - this is not supported as it is for Windows client due to inherint limitations of creating a directory/forest. The following limitations would need to be observed:

1. Windows Server 2012R2 or above must be used.

2. Both host and clone must operate on limited host-only networks that are not visible to any copies OR clients of copies.

3. Many roles such as Certificate Services may not be installed.

4. Sysprep must be run on each clone. before it is used.


Q: How do I stop a Windows Server 2016 or above from automatically updating?

A: Follow these instructions. Updates can still be applied if the user goes to Control Panel|Security and Updates and manually clicks Update. There are two other methods: disabling the GPO setting and manually stopping the services and setting registry entries. Of those, the first may not work, while the second is much more invasive, breaking manual update.

1. Start an elevated command prompt.

2. Run sconfig.exe

3. Select option 5.

4. Restart.


Q: Can I disable updates in Windows 10 Pro?

A: Only temporarilly. Microsoft purposefully prohibits consumer editions of Windows from permanently disabling updates to prevent another "windows XP" scenario where there are a millions of unpatched machines that nobody wants to expend the effort the update. Pro will permit updates to be suspened for 35 days without difficulty and possibly up to a year. This means a VM built with Pro in 2019 January will automatically self update to the latest patches if turned on anytime in 2020. The only way to permanently disable self update is to purchase an Enterprise edition.


Q: How do I configure my domain to trust the Enterprise Root Certificate?

A: Export the Enterprise Root Cert, then configure the default Domain Domain policy to deploy it to the Trusted Root Certificate Authorities machine store for all computers in the domain. To do so:

Export Enterprise Root Certificate

a. Start mmc

b. Select File|Add/Remove Snap-In, select Certificates, click Add, Machine Account, Local Computer, then click OK.

c. In the left-hand pane, goto Certificates\Personal\Certificates and locate the Enterprise Root Certificate. It's default name is [domain]-[CA Server Computer Name]-CA and has Intended Purposes=All.

d. Right click the enterprise root CA found in step C and select All Tasks|Export.

e. At the Welcome page, click Next.

f. At the Export Private Key page, take the default No and click Next.

g. At the Export File Format page, take the default DER encoded binary and click Next.

h. Enter a target filename and click Next.

i. At Completing the Certificate Export Wizard, click Finish.

j. At the Export Was Successful notification, click OK.

Deploy Certificate to Machine Trust Store of Domain Computers

a. At the Domain Controller, click the Start menu and enter "Group", then click Group Policy Management.

b. Expand the root node to Forest\Domains\<Domain Name>. At this "this affects all computers" prompt, click OK.

c. Right-click Default Domain Policy and select Edit.

d. In the left-hand pane, goto Computer Configuration\Policies\Windows Settings and click Security Settings.

e. In the right-hand pane, double-click Public Key Policies.

f. Right-click Trusted Root Certification Authorities and select Import.

g. At the Welcome page, click Next.

h. At File to Import, click Browse and select the file specified in Export Enterprise Root Certificate step h, then click Next.

i. At the Certificate Store page, take the default Trusted Root Certification Authorities and click Next.

j. At Completing the Certificate Import Wizard, click Finish.

k. At the import was successful notification, click OK.

l. In the left-hand pane, expand Forest\Domains\<Domain Name>\Domain Controllers.

m. In the left-hand pane, right-click Default Domain Controllers Policy and select Edit. At the "this affects all domain controllers" prompt, click OK.

n. Repeat steps D - J once.

l. Close the policy window, then close the Group Policy Management window.


Q: How do I generate a certificate for a web server?

A: Follow these instructions:

Grant Web Server Rights To Request A Web Server Certificate

a. Goto the Certificate Authority computer.

b. At the start menu, enter Cert and click Certification Authority.

c. Expand the domain, right-click Certificate Templates and select Manage.

d. In the right-hand pane, find the Web Server listing and double-click it.

e. Click the Security tab.

f. Click Add

g. Click Object Types, check Computers and uncheck everything else, then click OK.

h. Click Advanced, then Find Now.

i. In the Search Results pane at the bottom, click the listing for the web sever computer, then click OK.

j. At Select Users, Computers..., click OK.

k. Back at the Security tab, check Read and Enroll, then click OK.

l. Close the Certification Authority.

Generate Web Server Certificate

a. Goto the Web Server computer.

b. Right-click the start menu, select Run, and enter mmc

c. At the MMC window, select File|Add/Remove Snap-In

d. In the left-hand pane, click Certificates, click Add, select Computer Account and click Next, select Local Computer and click Finish.

e. Back at Add or Remove Snap-ins, click OK.

f. In the left-hand pane, right-click Certificates\Personal\Certificates and select All Tasks|Request New Certificate

g. At Before you Begin, click Next.

h. At Select Certificate Enrollment Policy, click Next.

i. Scroll down to locate the Web Server listing, check it, then click the "More information" link underneath it.

j. In the Subject Name box, set Type to Common Name, set Value to the web server's FQDN, and click Add. For example, winserver.alpha.local

k. In the Alternative name box, set Type to DNS, set Value to the web server computers FQDN, and click Add. For example, winserver.alpha.local

l. Click the General tab and set Friendly name to "Web Server", or something similar to make it easy to locate later.

m. Click the Private Key tab, expand Key Options, and check Make private key exportable.

n. Click OK.

o. Back at the Request Cetificates page, click Enroll.

p. Click Finish.

q. Close the Certificates window.


Q: How Do I Specify an SSL Certificate for IIS?

A: Follow these instructions at the IIS computer:

a. Click Start, enter IIS, and click Internet Information Services (IIS) Manager.

b. In the left-hand pane, expand the root node, then expand Sites, and click Default Web Site.

c. In the right-hand pane,click Bindings...

d. Click Add, then set Type to https.

e. At the bottom of the page, click the SSL certificate drop-down list and select the Friendly Name of the certificate to use. If needed, after selecting the certificate, click View to verify it.

f. Click OK.

Q: How do I disable the PowerShell Execution policy when running a script in the ISE?

A: Disable it for the current process by running the following: Set-ExecutionPolicy Bypass -Scope Process


Q: How do I fix Windows Activatiion failure with error 0x80070490?

Start an elevated command prompt, then run slmgr.vbs -ipk XXXXX-XXXXX-XXXXX-XXXXX-XXXXX​


Q: How do I copy huge files like VMs to AWS S3 on MacOS?

A: Files larger than 5G must be copied using the AWS multipart mechanism, which is supported by the high-level copy API. Follow these instructions:

1. Determine the target bucket path. This is typically s3://<bucket path> - for example,

s3://xxx-researchenvironments/Alpha/. If unsure, find the target bucket in the AWS web GUI, click it to display it's details page, then copy down the S3 URI field from that page.

2. Get a set of AWS API key access credentials. From the AWS Management Console, goto IAM, Users, click your user, click the Security Credentials tab, then click Create Access Key and record the API Access Key and it's corresponding Secret Key.

3. Install the AWS CLI v2 for MacOS by clicking this link​, then double-clicking the file and taking all the defaults for the wizard.

4. Start a terminal window.

5. Enter aws configure

6. Enter the API Access Key.

7. Enter the Secret Key.

8. Enter aws s3 cp <source filename> <target AWS s3 bucket path>. For example:

aws s3 cp "Windows 10 1909 STM Alpha.tar" s3://xxx-researchenvironments/Alpha/




Q: How do I copy a VMWare Fusion VM to an Amazon S3 bucket?

A: Export the VM to TAR, then copy the TAR file to S3. On MacOS, VMs use the built-in structured storage mechanism called packages or bundles. This causes them to appear to most file transfer tools as directories with hundreds of children, and on download they cannot be reconstituted into a VM bundle. To workaround this, export the VM to a tar file, then upload that file.

Q: I cannot type a tilde ~ or back apostrape ` in a Windows VM under VMWare Fusion - I get backslash or pipe instead. How do I fix this?

A: Follow these instructions:

1. While in the VM, goto the VMWare Fusion application menu and select Virtual Machine|Settings.

2. Click Keyboard & Mouse.

3. Double-click the highlighted keyboard profile.

4. Uncheck Enable Language Specific Key Mappings.

5. Close both Keyboard & Mouse windows


Q: How do I view a list of certificates revoked by the Windows Certificate Authority?

A: This is hidden unless the CA GUI is started with a special command line option. To display it, at the CA computer, do the following:

1. At the Start menu, click Run, then enter "certsvc .e"

2. Expand the root node to display the Certificate Revocation List entry.


Q: After installing macOS Big Sur, bundle Jekyll fails with "Could not find eventmachine-1.2.7 in any of the sources", and attempting to fix that results in "Gem::Ext::BuildError: ERROR: Failed to build gem native extension."

Both Homebrew and Xcode need to be updated. To do so in the safest way:

1. Uninstall HomeBrew by entering this command in a Terminal window:

/bin/bash -c "$(curl -fsSL"

2. Attempt to update the system Xcode command line tools by entering this command at Terminal.

softwareupdate --all --install --force

2B: If the above e command did nothing, enter the following two instead:

sudo rm -rf /Library/Developer/CommandLineTools

sudo xcode-select --install

3. Install Homebrew by entering the following command at Terminal:

/bin/bash -c "$(curl -fsSL"

4. Install rbenv

Brew install rbenv

5. Install ruby-build

Brew install ruby-build




Q: How do I send an Alt-PrintScreen keystroke to a Windows host running under VMWare Fusion on a Mac?

A: Create a key mapping for both Print Screen and Alt-Print Screen. Macs lack a dedicated Print Screen key, so there is no direct mapping. The Print Screen key on modern Mac keyboards is implemented as a macro and so cannot be directly mapped . Consequently, the best way to solve this requires an extended Mac keyboard, but it can be solved with the built-in MacBook Pro keyboard as well. To create the key mapping:

1. In VMWare Fusion, goto the applicaiton menu and select VMWare Fusion|Preferences.

2. Click the Keyboard & Mouse tab.

3. Click Key Mappings.

4. Click +.

5. If you have an extended keyboard, pick a key for the Windows Print Screen, such as <F13>. If not, use Shift-Command-3.

6. In the From selections, select the key combination to use. Note the rightmost key box does scroll down but scrollbars do not show by default, so use the mouse scroll button to scroll down to F13 or your chosen key.

7. In the To selection, scroll down to PrntScrn.

8. Click OK.

9. Back on Key Mappings, click + again.

10. In the From selections, select the same key as in step 5, but add the Option key, which normally maps to Alt in Windows.

11. In the To selections, enable Alt, then in the rightmost key selection, scroll down to Print Scrn and select it.

12. Click OK.


Q: How do I downgrade from Big Sur to Catalina without a bootable USB?

A: If your Mac came with Catalina installed, follow these instructions:

1. Backup all data

2. Plug your Mac into an Ethernet hardline. These instructions may work with WiFi, but they are untested.

3. Restart your mac and hold down Option-Command-R.

4. Select Disk Utility.

5. Find the listing for your MacOS primary partition, typically labelled Mac HD, and Erase it.

6. Exit Disk Utility.

7. At the recovery menu, click Reinstall MacOS.

8. Click Continue, Agree, and select the MacOS HD as the target.

Q: How do I prevent Big Sur from installing on my Mac?

A: Follow these instructions

1. Start a Terminal window.

2. Enter sudo /usr/sbin/softwareupdate –ignore “macOS Big Sur”​

3. If the above command worked, you are done. It probably won't. If that command failed, enter softwareupdate –ignore “macOS Big Sur”​


Q: When I clone a GIT repository in Visual Studio or GitHub, I receive errors mentioning "cygheap base mismatch detected" and incompatible cygwin1.dll. How do I fix this?

A: Disable ASLR for sh.exe and sed.exe. This error is caused by defects in the Cygwin code that Git is based on which are incompatible with the ASLR security feature. This feature is enabled by default starting in 2022. A previous cause was use of multiple incompatible cygwin-based binaries in the path.

Source: Git Bash Fix

Source: Git Imcompatible versions