How to Enable Incognito Mode in Chrome for Windows and MacOS

Here is how to enable Incognito Mode in Chrome for both Windows and Mac OS X.

What Is Incognito Mode?

Incognito Mode in Chrome is Google’s implementation of private browsing. Users can activate this mode and surf the internet without Chrome recording any cookies, usernames, passwords, or history. This can be a concern for parents because it could allow children to view pornography or other inappropriate material without leaving behind any traces. Incognito Mode in Chrome is similar to Private Browsing in Firefox and InPrivate Browsing in Internet Explorer.

 

How To Enable Incognito Mode In Windows

  1. On your computer, open Chrome.
  2. At the top right, click More More  New Incognito Window.
  3. A new window appears. In the top corner, check for the Incognito icon Incognito.

 

You can also use a keyboard shortcut to open an Incognito window:

  • Windows, Linux, or Chrome OS: Press Ctrl + Shift + n.
  • Mac: Press ⌘ + Shift + n.

You can switch between Incognito windows and regular Chrome windows. You’ll only browse in private when you’re using an Incognito window.

How To enable Incognito Mode In Mac OS X

The fastest way to open incognito mode is with a keyboard shortcut. Hit Ctrl+Shift+n (Command+Shift+n on Mac) in Google Chrome, and a new incognito mode window will appear.

You can also activate incognito mode with Chrome’s user interface. Click on the three dots in the top right-hand corner of the window, and then click “New Incognito Window.”

Any time you launch a new tab with incognito active, you will see a message that says “You’ve Gone Incognito” in the middle of the screen.

How to fix errors when installing and uninstalling programs on Windows (sometimes including code 2502 or 2503):

Written by Ian Britten and Tibby Fielding

Are you having issues when installing and uninstalling programs on your Windows computer?

Sometimes, but not always, you may receive error messages that contain the code 2502 or 2503. A Windows computer has a built-in Windows account called Trusted Installer which assists in installing, modifying and removing updates and other Windows components. Over time your computer can become corrupted which causes the Trusted Installer to lose some of its access to the Temp Folder which holds temporary files used during installation. This can cause programs to stop installing or uninstalling all together.

To fix these issues, follow the steps below:

Step 1:

In the search bar type ‘cmd.’

Next, from the menu, right click ‘Command Prompt App’ and select ‘Run as administrator.’ 

Click ‘yes’ to the pop up.

Step 2:

Copy and paste the following commands in the command prompt box and press the ‘Enter’ key:

TAKEOWN /F C:\Windows\Temp /R

Icacls C:\Windows\Temp /Q /T /C /RESET

Step 3:

Open ‘File Explorer.’

Navigate to C:\Windows\Temp.

Right click the ‘Temp folder.’  and select ‘Properties.’

Step 4:

From the ‘Properties’ menu, select the ‘Security’ tab.

At the bottom of the Security Tab, select “Advanced.’

Step 5: 

At the top of the window, next to ‘Owner:’, select Change.

Step 6:

In the Advanced Security Settings Window, press the button named ‘Locations…’.

Step 7:

In the Locations window, select your device name under ‘Location:’.

Select’ OK’

Step 8:

In the textbox, ‘Enter the object name to select’ type: NT Service\TrustedInstaller

Next, select ‘Check Names’.

Step 9:

Once TrustedInstaller displays (with underline), select ‘OK’.

Step 10:

At the bottom of the Advanced Security window, click ‘Apply’ to set TrustedInstaller as owner.

 When you are finished giving Trusted Installer the access it needs, you should not have further issues installing or removing programs.

(Solved) 2502/2503 Error When Installing from a .msi File

Sometime, you will get a 2502/2503 error message when trying to install a program from a .msi file.

Here’s how to fix it.

  1. Log in as an administrator
  2. Navigate to the C:\windows directory in file explorer
  3. Find and right-click the temp folder in this directory
  4. Select properties from the menu and click the security tab
  5. Make a note of the permissions for the following:
    1. All Application Packages
    2. Creator/Owner
    3. Users
    4. Trusted Installers
  6. Click the edit button and change the permissions to full control for all of these
  7. Click apply and OK/close out of the temp folder properties windows
  8. You can now install the program without issue
  9. Once the program is installed and working, go back to the temp properties and change the permissions back to what they were before

(Solved!) How to Disable “You should only open attachments from a trustworthy source” in Outlook on Windows Remote Desktop Server

(Solved!) How to Disable “You should only open attachments from a trustworthy source” in Outlook on Windows Remote Desktop Server.   Recently we set up an RDP server for a client who moves around from location to location.  In their outlook profile when the user tried to open a PDF a message would pop up:

Solution:

  1. Login as administrator to your RDP server
  2. Promote the user having the issue to a local computer administrator on the remote desktop server.  (Control Panel, User Accounts, Manage User Accounts, Add, then select the user and domain if applicable and choose administrator)
  3. Log in as the user
  4. Hold Control and Shift then click on the Outlook icon.  Or right-click the Outlook icon and “Run as Administrator”.  Outlook will open in elevated status and should not ask for a username and password as you are logged in as a local administrator.  It will also load the correct Outlook profile.
  5. Open a PDF and the box will be able to be unchecked.
  6. Log off of the user and back into the domain admin
  7. Remove the  user as an administrator for the local remote desktop (we don’t want them to continue to be an admin)

Notice the “Always ask before opening this type of file” is greyed out.  This setting requires local administrator access and an elevated Outlook to get rid of the checkbox.  On a remote desktop server, this was a real issue as the local user isn’t an administrator.  When you tried to open Outlook as an administrator and use the network admin credentials, Outlook would not load the profile correctly so you couldn’t see any files which would bring up this error.

We perused the Googles for hours and couldn’t come up with a registry entry or anything that worked.  We finally fixed the issue.  What ended up helping was a post from Roady, a Microsft MVP.  His solution would work on a normal Windows machine but did not work in a remote desktop environment.

The key is, you need a local administrator to elevate Outlook to enable the checkbox.

https://answers.microsoft.com/en-us/msoffice/forum/msoffice_outlook-mso_win10/how-to-disable-the-warning-on-opening-any/b424facc-3855-4467-8225-cb0c9de44c11

As this is a computer-wide change, you can only change that option when you are running Outlook as an Administrator.

  1. Close Outlook.
  2. Hold CTRL+SHIFT while clicking on the Outlook icon.
  3. Accepts the security prompt and/or provide administrator credentials.
  4. Open the attachment and untick the “Always ask…” box.
  5. Close Outlook and start it normally.

Robert Sparnaaij [MVP-Outlook]

https://www.howto-outlook.com

https://www.msoutlook.info

How To: Setup Active Directory Roaming Profiles with Folder Redirection Server 2016, Server 2012, Server 2008R2

How to Setup Active Directory Roaming Profiles with Folder Redirection with Administrative access to files and folders and without user access to other people’s profiles.

First a warning.  Do not forward the App Data folder.  From our practical application, we found many programs require your App Data Local and App Data Roaming folder to be editable on the local computer and may respond incorrectly to different installations and configurations.  This includes most networked programs particularly requiring network connectivity like SQL based applications.  Also, MS Outlook can act erratically by not being able to read the folder on your local machine to find the profiles etc.

Setting up a server with Roaming Profiles can be a great benefit to your organization.  It allows users to log in to any computer and have their user settings and files follow them.  There are drawbacks to the default Roaming Profiles setup.  Windows Server, if you just use the profile settings which Microsoft defaults to in the Active Directory Users and Computers app, then you will end up with user profiles in a folder where you as an administrator cannot access.  Also, some backup software will have issues backing up the software because of the user permissions assigned.

In this tutorial, we’ll show you how to set up a Roaming Profile and set up proper Folder Redirection where the user cannot see the other users files, but the administrator can administer the files and assign other users like backup operators to be able to access and backup the files as well.  Some steps in this user guide will assume you have a basic knowledge of Windows Server software, File Permissions, and Active Directory.

Step 1 – Create two folders

Create two folders on your storage drive, this may be a separate drive or on your C:\ drive.  We will call this “Profiles” and “Users.”  You can name them what you want. We recommend you do this on a separate storage drive or partition for backup and working purposes.  The reason why we have two is one will hold our User Profile, and the other will hold our home directories, like Documents, Desktop, Downloads, Etc.

Step 2 – Permissions of the Profiles Folder.

Right-click on the Profiles folder and click “Share With” and then “Specific People”  Make sure the Administrator has Read/Write access.  Then click the Security Tab.  Change the Group or user names permissions by clicking Edit.  Click Add and type “Users”.  Hit enter and your box should look like below.

Step 3 – Permissions of the Users Folder

Right-click on the Profiles folder and click “Share With” and then “Specific People”  Make sure the Administrator has Read/Write access.  Then click the Security Tab. Make sure the “Users” is not on this folder as we do not want other users to be able to look at other people’s files.

Step 4 – Create Folder Redirection Policy in Group Policy

This setup is not scary!

Go back to your Administrator Tools and select Group Policy Management.  Open it to Forest/Domains/*your domain*.  It should look like below.

Now, right-click on your “Default Domain Policy” and select Edit

Navigate to User Configurations / Policies / Windows Settings / Folder Redirections

Here you can see the folders which can be redirected.  Right-click on each one, Select Basic – Redirect everyone’s folder to the same location

Then select the Root Path “\\yourservername\users”  **Make sure this is a UNC path and not a local C:\whatever

Then select the Settings tab.  Make sure the “Grant the user exclusive rights to *whatever* is UNCHECKED.

Do the same procedure for all of the folders you want re-directed.  Accept prompts.

Step 5 – Create a new user in Active Directory

Open the Windows Administrator Tools Window from the Control Panel

Open Active Directory Users and Computers

Click on Users and right-click.  Select New / User

Name your user whatever.  Here we named our user Test6

Click Next, Select Password, click ok

Step 6 – Profile paths in the User Profile section

Find the new user and right-click on the user then select Properties

Click the Profile tab

In the Profile tab, enter the UNC path to our first “Profile” folder  *in my test it was \\pfd-server\profiles\test6  -the pfd-server is your username and the test6 is the profile folder you want to create for this user.  We keep them the same.

Under the “Home Folder, select “Connect”, then select the U drive *or any drive letter* then type the UNC path to your users folder you created earlier.  *In my test, it is \\pfd-server\user\test6

Press Apply, and OK

Step 7 – Login as the User

When you log in as the user, you should now see a regular login screen but you should also see “Applying Folder Re-Direction Policy” which means it is copying the home folders to the “Users” folder you selected.  It may take a minute or two to copy.

Now you should see in your file explorer under your “This PC” a U drive with the username listed.  If you click on it, you should see all of your home folders there for the user.

Now if you log into the server, you should be able to go to your storage drive and go to users.  You can see below, I am logged in as the administrator but I am able to fully access the files and work with them.

Good luck out there!  Hope this helps you :).

Solved! Login Failed, slow logins, winlogon notification subscriber gpclient error taking 450 seconds to boot

A client was having an issue logging into their computer.  First was a blue screen with the login failed because the unique identifier is not supported.  After fixing that issue, We faced two errors today with our roaming profile.

Error 1:

First logon fails with “The universal unique identifier (UUID) type is not supported

Error 2:

Here is the winlogin notification about the gpclient in event viewer we received after taking 10 minutes to login.

The first part was solved by taking control of the gpsvc service then applying the command from here:

cmd /c reg add “HKLM\SYSTEM\CurrentControlSet\Services\gpsvc” /v Type /t REG_DWORD /d 0x10 /f

after we ran this command in an elevated command prompt, the error for the UUID went away, but it still took ten minutes to log in.  We did a little more research and found a beautiful script below.  We copied it into a winlogin.bat file, saved it on the C Drive.  After we saved it, we opened an elevated command prompt and ran navigated to the script to run it.  I found just double clicking the script or opening it did not work properly.

@Echo off
If EXIST "c:\Wbem.txt" GOTO END
:BEGIN
 Echo.Checking following services... 
Echo IPHelper (iphlpsvc) 
Echo SMS Agent Host (CcmExec) 
Echo Security Centre (wscsvc)  
Echo Windows Management Instrumentation (winmgmt) 
Echo.  

Set Service1="ccmexec"
Set Service2="iphlpsvc"
Set Service3="wscsvc"
Set Service4="winmgmt"

:CHECK
for /F "tokens=3 delims=: " %%H in ('sc query %Service1% ^| findstr "STATE"') do ( 
Set Service1State=%%H 
if /I "%%H" NEQ "STOPPED" (
echo.%Service1% still STOP_PENDING. Press Any key to check again otherwise Ctrl C out of the script
net stop %Service1% timeout 10 cls GOTO Check ) ) for /F "tokens=3 delims=: " %%H in ('sc query %Service2%  ^| findstr "STATE"') do (   Set Service2State=%%H if /I "%%H" NEQ "STOPPED" (    echo.%Service2% still STOP_PENDING. Press Any key to check again otherwise Ctrl C out of the script net stop %Service2% timeout 10 cls GOTO Check ) ) for /F "tokens=3 delims=: " %%H in ('sc query %Service3% ^| findstr "        STATE"') do ( Set Service3State=%%H if /I "%%H" NEQ "STOPPED" (    echo.%Service3% still STOP_PENDING. Press Any key to check again otherwise Ctrl C out of the script    net stop %Service3% timeout 10 cls GOTO Check ) ) for /F "tokens=3 delims=: " %%H in ('sc query %Service4% ^| findstr "        STATE"') do ( Set Service4State=%%H if /I "%%H" NEQ "STOPPED" (    echo.%Service4% still STOP_PENDING. Press Any key to check again otherwise Ctrl C out of the script    net stop %Service4% timeout 10 cls GOTO Check ) )  

:STATUS CLS Echo.%Service1% is %Service1State% Echo.%Service2% is %Service2State% Echo.%Service3% is %Service3State% Echo.%Service4% is %Service4State% echo. echo.All Services Stopped... Please Wait... Repairing WBEM Repository del C:\Windows\System32\wbem\Repository\*.* /q rd C:\Windows\System32\wbem\Repository* /q timeout 5 cls echo.Fix complete. Your computer will Restart in 60 seconds. shutdown -r -t 60 echo.WBEM Script Control > c:\WBEM.txt timeout 60  :END

After running this script, the boot time went down to 30 seconds instead of 5-10 minutes.  It seems when this problem happens you have to run this manually.  I’m sure you can set this up in a shutdown sequence.

Here are two resources I used:

https://support.microsoft.com/en-us/help/2976660/first-logon-fails-with-the-universal-unique-identifier-uuid-type-is-no

https://community.spiceworks.com/topic/324801-winlogon-notification-subscriber-gpclient-error-taking-605-seconds-to-boot

Synchronize time with external NTP server on Windows Server 2008, Server 2008R2

Here’s how to synchronize time with an external NTP server on Windows Server 2008 (R2).

Posted on 16 November 2009 by Marek in MicrosoftWindows Server 2008Windows Server 2008 R2

Time synchronization is an important aspect for all computers on the network. By default, the clients’ computers get their time from a Domain Controller and the Domain Controller gets his time from the domain’s PDC Operation Master. Therefore the PDC must synchronize his time from an external source. I usually use the servers listed at the NTP Pool Project website. Before you begin, don’t forget to open the default UDP 123 port (in- and outbound) on your (corporate) firewall.

  1. First, locate your PDC Server. Open the command prompt and type: C:>netdom /query fsmo
  2. Log in to your PDC Server and open the command prompt.
  3. Stop the W32Time service: C:>net stop w32time
  4. Configure the external time sources, type: C:> w32tm /config /syncfromflags:manual /manualpeerlist:”0.pool.ntp.org, 1.pool.ntp.org, 2.pool.ntp.org”
  5. Make your PDC a reliable time source for the clients. Type: C:>w32tm /config /reliable:yes
  6. Start the w32time service: C:>net start w32time
  7. The windows time service should begin synchronizing the time. You can check the external NTP servers in the time configuration by typing: C:>w32tm /query /configuration
  8. Check the Event Viewer for any errors.

How to show and hide a Windows Update or Driver Update from Windows 10

Recently I’ve had an issue with Windows Update where it wouldn’t install a particular update.  It would crash and make Windows boot screen stay in a perpetual startup or “Welcome” screen.  I was able to cancel the update by restarting which rolled the computer back to a time before the update, then it would re-download the update and crash again.  Unlike Microsoft Windows updates of old, there is no place natively to view updates and stop them from installing.  I found the following steps from the Microsoft article on how to prevent a driver update from reinstalling to be helpful.  In particular downloading the wushowhide.diagcab file did the trick for us.  We were able to hide the update and the system hasn’t been in a reboot loop since:

For Windows 10 Version 1607 (Anniversary Update)

  1. Start Device Manager. To do this, press and hold (or right-click) the lower-left corner of the desktop, and then select Device Manager.
  2. Locate and right-click the device that has the problem driver installed, and then select Properties.
  3. Select the Driver tab, and then select Roll Back Driver.

For Windows 10 Version 1511 (November update)

Important If you don’t have Version 1607 installed, we recommend that you update now. You can use Windows Update to get Version 1607 or go to https://www.microsoft.com/en-us/software-download/windows10, and then select Update Now.

  1. Start Device Manager. To do this, press and hold (or right-click) the lower-left corner of the desktop, and then select Device Manager.
  2. Locate and right-click the device that has the problem driver installed, and then select Properties.
  3. In the Confirm Device Uninstall dialog box, select the Delete the driver software for this device checkbox, if it’s available.

To temporarily prevent the driver from being reinstalled until a new driver fix is available, a troubleshooter is available that provides a user interface to hide and show Windows updates and drivers for Windows 10.

The following troubleshooter is available for download from the Microsoft Download Center (note, file will begin downloading once you click):

Download icon Download the “Show or hide updates” troubleshooter package now.

Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file.

When you click the download link, you’re prompted to open or save wushowhide.diagcab.

open or save wushowhide.diagcab prompt

To run the troubleshooter, open wushowhide.diagcab, select Next, and then follow the instructions in the troubleshooter to hide the problematic driver or update.

Getting files to show up in Network folder

Remove the following registry keys

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRemoteRecursiveEvents
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRemoteChangeNotify
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters]

“DirectoryCacheLifetime”=dword:00000000


Restart explorer and try again!

The keys didn’t exist for me, but I added them as DWord with a value of 0 (zero) and restarted Explorer and it worked.

http://www.teamas.co.uk/2012/02/windows-2008-r2-shared-files-do-not.html

https://social.technet.microsoft.com/Forums/windows/en-US/947489ae-dc86-45f0-ad5e-463a62e1d59f/files-not-showing-up-in-networked-drive