Category Archives: Windows Client

How to fool Windows 8 into using your SD-card in the media applications

Running Windows 8? Want to use the SD-card slot with the Music or Movies-applications in Windows 8? Windows Media Player won’t include stuff in the library that’s stored on removable storage so here’s how to fool it!

Create a VHD on an SD-card (or USB, but that’ll stick out of your Slate (which I’m running)).

To create a VHD using diskpart follow these steps:

  1. Insert your SD-card or USB and note the driveletter it receives. Substitute “C:” below with that letter.
  2. Run CMD, start diskpart
  3. create vdisk file=”C:vdisksmediadisk.vhd” maximum=16000 (Creates a VHD on C: with maximum size 16000 MBs)
  4. attach vdisk (attaches it to your computer)
  5. create partition primary (creates a primary partition)
  6. assign letter=z (assigns the letter z to it)
  7. format fs=ntfs quick (quick formats the VHD with NTFS)

Start Notepad and copy and paste the script below, save this script into “mount.bat” or something similar.

set dpscript="%TEMP%dpscript.txt"
echo select vdisk file="w:mediadisk.vhd" > %DiskPartScript%
echo attach vdisk >> %dpscript%
DiskPart /s %dpscript%

To make sure your computer mounts your VHD automatically we’ll add the script to the startup scripts in the Local Group Policy Editor:

  1. Start it by pressing Windows+R and typing gpedit.msc into the box.
  2. Browse to Computer Configuration/Windows Settings/Scripts (Startup/Shutdown)
  3. Doubleclick Startup
  4. Browse to where you saved your script
  5. Ok all the way out to the MMC
  6. Reboot
  7. If it worked your VHD shall now be mounted with a driveletter









To get some content into your applications you’ll need to create some folders in your VHD. I’ve named mine “Movies” and “Music”. Into these I’ve copied, you guessed it, movies and music.

These folders then need to be added into the libraries in Windows 8.

  1. Do this by starting Explorer, browse to your directories, right click and choose “Include in library”.
  2. Select the appropriate library.
  3. To speed things up you can after this go into Windows Media Player to verify or rescan that your files are added.

Once they are, they’ll be included in the Movies and Music apps in Windows 8 too.

Adding your key to Windows 8 for successful activation

When you’ve installed Windows 8 it won’t let you edit certain settings until you’ve activated it. But to be able to do that you’ll need to enter your license key first. There’s no obvious way of doing that in the enterprise version, so just do it like it’s done in Server Core in three easy steps:

  1. Fire up CMD with administrative rights.
  2. Then you’ll just enter slmgr /ipk 12345-12345-12345-12345-12345<enter> Substitute 12345 with your key of course.
  3. When it’s done, just enter slmgr /ato to activate Windows.

Boom! You’re done!

If you liked this post or it helped you, please share!

New downloads from Microsoft

Monday morning and the downloads just pours out from Redmond!

A new beta of Windows Server 2012 Essentials is available at Now with some upped specs, from 25 users to 75. Which actually makes it quite useful. And no need to reinstall either like the old SBS.

The Virtual Machine Servicing Tool is available in a new and fresh version too. If you’re using this to keep your VM’s up to date it’s time to upgrade. Find it over at

Enable TPM in task sequence with SCCM and CCTK

During work me and a colleague have tested some utilities for handling hardware settings on both servers and clients. One of the more useful utilites we found was CCTK, Client Configuration ToolKit. This utility lets you change settings in BIOS, both during OSD and otherwise. The main usage we found for it was to enable and activate the TPM-chip on Dell client computers.

So how is it done?

You’ll need to download CCTK from Dells site.

And then run the script in the CCTK-folder to include it in your WinPE image. There’s one script for WinPE 2.1 and one for 3.0. This is due to the fact that the hardware driver needs to be local, it can’t be run from UNC.

Once it’s included you can run CCTK from command line in your task sequence.

The commands available can be found here or you can enable CMD-support in your WinPE and run it manually. It’ll then query BIOS for available switches and you can try it out before putting it in a task sequence.

Our TS looks like this:

All those reboots are because the computer needs to power cycle to both turn on and activate TPM. Once that’s done we apply our OS as usual and finish off with running the bdehdcfg.exe-utility which creates the necessary disk layout for Bitlocker and then we run the standard SCCM task “Enable Bitlocker”. If you don’t apply patches or anything else that’ll make the computer reboot you’ll need to have a “Restart Computer”-action after the disk has been configured.

Manage Out with Direct Access on UAG

Having implemented Direct Access with UAG (Microsoft Unified Access Gateway) at a customer location there were some questions when we were done. Their helpdesk is using SCCM (System Center Configuration Manager) and the remote management tools included, how would they go about managing the clients? Would that work even if the user wasn’t logged in? Well, after some research we found out that they could actually manage the client if someone was logged in. If nobody was, no remote management would occur.

The reason? Well, traffic initiated from the inside of the network have to go through the management tunnel if nobody is logged in. For that to happen the servers or workstations that wish to communicate have to be included in the management group. If you’re going to use a management server or workstation for your work it’ll have to be IPv6 capable too because DA / UAG won’t translate IPv4 to IPv6 for traffic initiated from the inside.

UAG configuration:

The UAG needs to include ALL the computers you want to use for remote management of DA clients where nobody is logged on. Ie using the management tunnel. As soon as a user logs on communication can occur on the user tunnel.

Client configuration:

If you’re using mobile connections you’ll need to make sure that they will register their address in DNS. If you don’t do this your clients won’t register, and you won’t be able to find them from your internal network.

(click for Lightbox)

Clients needs to have their firewall configuration updated with rules that allow the traffic you need, for example RDP. Please note that the profile you must use for this is the PUBLIC profile since that’s the one applied when the DA client is connected from the internet. You must also allow “edge traversal” for these rules to work over all tunnels.

(click for Lightbox)

More resources for manage out with Direct Access: