SQL Query / SSRS Report for Missing Software Updates – From the Vulnerability Assessment Report in KB3153628

Hotfix KB3153628 was recently released for Configuration Manager 2012:

A new Vulnerability Assessment Overall Report is available for System Center 2012 Configuration Manager

This release corresponds to the recent release of the Vulnerability Assessment Configuration Pack (VACP)

I was curious to see what the report looked like and what kind of information it would provide, so I installed the hotfix in my lab to check it out.

In the console, the new report is located in Monitoring -> Overview -> Reporting -> Reports -> Vulnerability Assessment -> Vulnerability Assessment Overall Report. You can right-click -> Edit it there, or go to the report manager website, and open in Report Builder.

From there, you can look at the various dataset queries that make up the report:


I noticed that the software update portion of the report doesn’t actually depend on any data from the compliance settings baseslines and configuration items from the VACP. Here’s the query (I cleaned up the formatting a bit):


You can’t paste this query directly into SQL Management Studio and run it successfully because it will fail on the @UserSIDs and @MachineID variables. However, you can switch the UpdateComplianceStatus function to the non-rbac version, and specify a MachineID. If you run the report like that, you will likely see duplicate rows. This is because an update can be associated with multiple products.

I modified the query as follows to remove duplicate rows, and to be able to specify a machine name instead of a resource ID:

SELECT distinct 
	ui.BulletinID AS [Bulletin_ID]
	,ui.ArticleID AS [Article_ID]
	,ui.Title AS [Title]
	,ui.DateRevised AS [Date_Revised]

FROM fn_ListUpdateComplianceStatus(1033) ucsa
	INNER JOIN v_CIRelation cir ON ucsa.CI_ID = cir.FromCIID
	INNER JOIN v_UpdateInfo ui ON ucsa.CI_ID = ui.CI_ID 
	INNER JOIN v_CICategoryInfo ON ucsa.CI_ID = v_CICategoryInfo.CI_ID 
	INNER JOIN fn_ListUpdateCategoryInstances(1033) SMS_UpdateCategoryInstance
		ON v_CICategoryInfo.CategoryInstanceID = SMS_UpdateCategoryInstance.CategoryInstanceID

	AND Status = '2' --Required
	AND (SMS_UpdateCategoryInstance.CategoryTypeName = N'Product'
		AND SMS_UpdateCategoryInstance.AllowSubscription = 1)
	AND MachineID in (SELECT ResourceID from v_R_System WHERE Name0 = @SystemName)

ORDER BY ui.DateRevised

In addition to causing duplicate rows, the Product column isn’t necessary anyway because applicable products are listed in the Title column. The Description column is practically useless as well since the verbiage is usually too generic. I also got rid of the CI_ID column and changed the ORDER BY statement to DateRevised so the oldest updates would be at the top of the list..

With this modified query, I can now replace @SystemName with any computer name and get the list of missing updates. Also, an SSRS report can easily be created to prompt for the SystemName parameter. I did this in my production ConfigMgr environment without the hotfix installed and it worked perfectly.

I’m sure there are other similar queries/reports for missing software updates out there on various blogs and forums already, but I like the fact that this is from an “official” Microsoft report, and that you can take advantage of it without actually installing the hotfix or deploying the VACP baselines.

Thanks for reading. Hope you find this useful.


Use PowerShell, VMMap, and DebugDiag to Reproduce and Identify a Virtual Memory Fragmentation Issue Causing Performance Problems in Outlook

I’ve been trying to track down the cause of a particular performance issue in Outlook 2013 that has been plaguing my users for quite some time. Here are the symptoms:

After a seemingly random amount of time – sometimes less than a day, and sometimes more than a week – Outlook will stop rendering things properly, leading to a “white-screening” effect where text and other graphical elements aren’t drawn correctly and appear blank.

Here’s an example (Note that the black area is not part of the rendering issue in this case; it’s an edit I made to the screenshot to redact the emails. However, sometimes the rendering issue manifests itself as a “black-screening” effect too, so it’s not too far off from reality.)


As you can see, the folder list and ribbon are blank. If an attempt is made to open a message at this point or some other action like navigating to the calendar, that would also not render correctly, and/or Outlook would go “Not Responding” and eventually crash.

The only way to recover from this state is to close and reopen Outlook when it starts showing signs of the issue, or keep using it until it crashes.

Searching the Internet for information on display issues in Office 2013 products brings back a lot of hits. Most of the suggestions for troubleshooting and resolution are summarized in this Microsoft KB article:

Performance and display issues in Office client applications


Unfortunately, none of these methods were effective in solving this issue.

Enter VMMap: https://technet.microsoft.com/en-us/sysinternals/vmmap.aspx

After many troubleshooting dead-ends, I finally noticed some interesting things while examining Outlook with Sysinternals VMMap:


Outlook itself wasn’t using an abnormal amount of committed memory, however, there was almost no free memory left to allocate because it was “unusable”. Taking a look at the fragmentation view, it was clear that the high amount of unusable/fragmented memory was being caused by thousands of 4 K private data blocks. The result is this “Swiss cheese” effect:


Because of this fragmentation, the total amount of non-free virtual memory was reaching the 2 GB limit for a 32-bit process, and leaving nothing left for Outlook to use for rendering.

With this new information in hand, I was able to find a Microsoft blog post that described a very similar situation and how to track down the offending allocations using the tracing feature of VMMap or the breakpoint feature of the Windows Debugger (WinDBG)


I first tried launching and tracing Outlook with VMMap, but unfortunately, it would crash after only a couple minutes; before I could make any sense of the data it was showing me.

Next I tried the WinDBG method. It didn’t crash, but having little to no experience with debugging, I still wasn’t quite sure what to make of the data I was seeing or if I was even capturing the necessary activity.

Enter DebugDiag: https://www.microsoft.com/en-us/download/details.aspx?id=49924

I had used DebugDiag in the past to analyze crash dumps, but I was mostly unaware of its memory leak tracking capability. It’s actually very simple to use:

  1. Open DebugDiag 2 Collection
  2. Cancel the “Select Rule Type” window
  3. Click on the processes tab
  4. Right-click the desired process
  5. Click “Monitor for Leaks”
  6. Reproduce the issue
  7. Go back to the process and “Create Full Userdump”


Now, I haven’t mentioned very much yet about how to reproduce the issue. As it turns out, the frequency by which the issue recurs is directly related to how heavily one uses Outlook. Every open/close of a message, every click to open the calendar or contacts, and even just clicking on a folder to enumerate its contents will cause the allocations responsible for the fragmented memory.

You can sit there and manually open and close messages to eventually reproduce the issue, but I’d rather automate it🙂

Enter PowerShell:

Here’s the PowerShell code I wrote to automatically reproduce the issue and track how Outlook’s virtual memory is affected along the way:

# Author: Kevin Johnston
# Date:   April 7, 2016
# This script performs the following actions:
# 1. Opens/Displays/Renders and closes an Outlook message for a defined number of cycles
# 2. Runs VMMap at a defined cycle interval to generate .mmp (virtual memory snapshot) files
# 3. Parses the .mmp XML content to find the count of 4KB private data allocations as well as unusable and non-free virtual memory
# 4. Outputs cycle progress and VMMap information to the console
# Tested with Outlook 2010*, 2013, and 2016
# *Please see the note on line 34 regarding method change for Outlook 2010   

$cycles = 500                           # The maximum number of open/close message cycles
$vmmapinterval = 50                     # The cycle interval at which VMMap will run and generate a .mmp file
$vmmapfolder = "C:\Temp\vmmap"          # The location of VMMap.exe and the save location for .mmp files
$mailboxname = "email@yourcompany.com"  # The desired Outlook mailbox Name (Likely your email address)
$mailfoldername = "Inbox"               # The desired mailbox folder name 

# Create the Outlook COM object and get the messaging API namespace
$outlook = New-Object -ComObject Outlook.Application 
$namespace = $outlook.GetNamespace("MAPI")

# Create the mailbox and mailfolder objects
$mailbox = $namespace.Folders | Where-Object {$_.Name -eq $mailboxname}
$mailfolder = $mailbox.Folders.Item($mailfoldername)

# Display the Outlook main window
$explorer = $mailfolder.GetExplorer()

# Create the message object
$message = $mailfolder.Items.GetLast() # Change to .GetFirst() method if using Outlook 2010, otherwise .Close() method will not work

# Add the assembly needed to create the OlInspectorClose object for the .Close() method
Add-Type -Assembly "Microsoft.Office.Interop.Outlook"
$discard = [Microsoft.Office.Interop.Outlook.OlInspectorClose]::olDiscard

# Execute the above code first, wait for the Outlook window to display, and reposition it if necessary before executing the below code

for ($i = 1; $i -lt ($cycles + 1) ; $i++)
    # Open the message then close and discard changes

    Write-Progress -Activity "Working..." -Status "$i of $cycles cycles complete" -PercentComplete (($i / $cycles) * 100)

    if ($i % $vmmapinterval -eq 0)
        # Run VMMap map with the necessary command line options and generate .mmp file
        Start-Process -Wait -FilePath $vmmapfolder\vmmap.exe -ArgumentList "-accepteula -p outlook.exe outputfile $vmmapfolder\outlook$i.mmp" -WindowStyle Hidden

        # Get .mmp file content as XML
        [xml]$vmmap = Get-Content $vmmapfolder\outlook$i.mmp
        $regions = $vmmap.root.Snapshots.Snapshot.MemoryRegions.Region
        # Get Count of 4KB private data allocations
        $privdata4k = ($regions | Where-Object {($_.Type -eq "Private Data") -and ($_.Size -eq "4096")}).Count
        # Get Unusable and non-free virtual memory totals 
        $unusablevm = ((($regions | Where-Object {$_.Type -eq "Unusable"}).Size | Measure-Object -Sum).Sum / 1MB)
        $nonfreevm = ((($regions | Where-Object {$_.Type -ne "Free"}).Size | Measure-Object -Sum).Sum / 1GB)
        # Round results to two decimal places
        $unusablevmrounded = [math]::Round($unusablevm,2)
        $nonfreevmrounded = [math]::Round($nonfreevm,2)

        Write-Output "-----------------------------------------------------------------------"
        Write-Output "   $privdata4k 4KB Private Data Allocations and"
        Write-Output "   $unusablevmrounded MBs of Unusable Memory After $i Open/Close Cycles"
        Write-Output "   $nonfreevmrounded GB of 2GB Virtual Memory Limit Reached"
        Write-Output "-----------------------------------------------------------------------"


So now that we have all the pieces in place, here are the steps to reproduce the issue and capture all the necessary data:

  1. Open the PowerShell ISE and snap it to the right half of the screen
  2. Run the first section of code to open and display Outlook
  3. Snap Outlook to the left half of the screen
  4. Follow the DebugDiag instructions earlier in the post to enable leak monitoring on Outlook.exe
  5. Run the second half of the code to start generating Outlook activity
  6. Watch the VMMap output to gauge how close Outlook is getting to the memory limit
  7. At the first sign of the white-screening issue, press the red stop button of the PowerShell ISE
  8. Follow the DebugDiag instructions earlier in the post to create a full user dump of Outlook.exe

With this automated process, I can usually reproduce the issue in about 350-400 open/close message cycles: Similar results for Outlook 2016. However, with Outlook 2010, it took over 1500 cycles to reproduce. So while the same issue seems to have been present in 2010, it’s not as likely that my users ever experienced it.

The Smoking Gun:

Another awesome feature of DebugDiag is its analysis capability. Here are the steps:

  1. Open DebugDiag 2 Analysis
  2. Check the box for “Memory Analysis”
  3. Click “Add Data Files”, navigate the dump file and select it
  4. Click Start Analysis


DebugDiag does all the work for you, then generates a slick looking .MHT file to display in your browser with all the information you need to pinpoint the problematic component.

So what was the root cause? Well…I don’t want to name names at this point, but it was a component related to a DLP (Data Loss Prevention) tool in use in my environment. With its stealth and anti-tamper features, it behaves much like a rootkit and can be very difficult to rule in or out as a factor while troubleshooting.

On a system without this DLP product installed, I ran my code to reproduce the issue, and after around 3000 cycles, Outlook’s virtual memory footprint still hadn’t grown. It was steady the entire time.

Thanks for reading, I hope you found this post interesting and helpful. It feels good to be able to close the book on this issue after so long!

ConfigMgr – Use a PowerShell Script Compliance Setting to Backup and Restore Customized Software Center Options

It’s a known issue in ConfigMgr that if the client is updated/upgraded or reinstalled, certain settings in the Software Center are reset to defaults. For example:


When you upgrade to System Center 2012 R2 Configuration Manager, the following Software Center items are reset to their default values:

  • Work information is reset to business hours from 5.00am to 10.00pm Monday to Friday.
  • The value for Computer maintenance is set to Suspend Software Center activities when my computer is in presentation mode.

This can be frustrating for end users if they have customized their business hours. I began thinking of a way to automatically back up and restore these settings in the event that they are reset to default.

These settings are located in the Software Center under the Options tab. Under “Work Information” you can set business hours, and under Computer maintenance, you can configure the “automatically install or uninstall required software and restart the computer only outside of the specified business hours” and “Suspend Software Center activities when my computer is in presentation mode” settings.

The key to programmatically manipulating these Software Center settings is the CCM_ClientUXSettings WMI class located in the ROOT\ccm\ClientSDK namespace.

This class contains six methods: Three Get and Three Set methods for the following:

  • AutoInstallRequiredSoftwaretoNonBusinessHours
  • BusinessHours
  • SuppressComputerActivityInPresentationMode

I came up with the following PowerShell code that is able to back up the current Software Center options, check to see if the installed CM client version has changed and if so, restore the backed up Software Center settings. The script is meant to be used in a compliance setting configuration item so it can run on a schedule and automatically restore when necessary. I’m by no means a PowerShell expert, but this seems to work pretty well with the testing I’ve done so far. Definitely test it yourself before you go deploying it anywhere. Let me know if you have any feedback!

# Software Center Options Backup and Restore - Compliance Setting Script
# Created by Kevin Johnston
# 07/03/2015

# Set backup folder location
$backupLocation = 'C:\Backup\SoftwareCenterOptions'

# Set backup file names
$cmClientVersionBackupFile = 'CMClientVersion-Backup.txt'
$businessHoursBackupFile = 'BusinessHours-Backup.csv'
$autoInstallSoftwareBackupFile = 'AutoInstallRequiredSoftwaretoNonBusinessHours-Backup.csv'
$suppressCompActivityBackupFile = 'SuppressComputerActivityinPresentationMode-Backup.csv'

# Get installed CM client version
$cmClientVersion = ([wmi]"ROOT\ccm:SMS_Client=@").ClientVersion

# Get Software Center Options related WMI class
$ccmClientUXSettings = [wmiclass]"ROOT\ccm\ClientSDK:CCM_ClientUXSettings"

function Backup-SCOptions {
    # Remove existing backup folder and files
    Remove-Item -Path $backupLocation -Recurse -ErrorAction SilentlyContinue
    # Create backup folder
    New-Item -ItemType Directory -Path $backupLocation | Out-Null

    # Use the WMI class methods to get the current Software Center Options
    $businessHoursExport = $ccmClientUXSettings.GetBusinessHours() | Select-Object WorkingDays,StartTime,EndTime
    $autoInstallSoftwareExport = $ccmClientUXSettings.GetAutoInstallRequiredSoftwaretoNonBusinessHours() | Select-Object AutomaticallyInstallSoftware
    $suppressCompActivityExport = $ccmClientUXSettings.GetSuppressComputerActivityInPresentationMode() | Select-Object SuppressComputerActivityInPresentationMode

    # Export the current Software Center Options and installed CM client version to the backup files
    $cmClientVersion | Out-File -FilePath $backupLocation\$cmClientVersionBackupFile
    $businessHoursExport | Export-Csv -Path $backupLocation\$businessHoursBackupFile -NoTypeInformation
    $autoInstallSoftwareExport | Export-Csv -Path $backupLocation\$autoInstallSoftwareBackupFile -NoTypeInformation
    $suppressCompActivityExport | Export-Csv -Path $backupLocation\$suppressCompActivityBackupFile -NoTypeInformation

function Restore-SCOptions {
    # Import the saved settings from the backup files
    $businessHoursImport = Import-Csv -Path $backupLocation\$businessHoursBackupFile
    $autoInstallSoftwareImport = Import-Csv -Path $backupLocation\$autoInstallSoftwareBackupFile
    $suppressCompActivityImport = Import-Csv -Path $backupLocation\$suppressCompActivityBackupFile

    # Use the WMI class methods to set the backed up options
    $ccmClientUXSettings.SetBusinessHours($businessHoursImport.WorkingDays,$businessHoursImport.StartTime,$businessHoursImport.EndTime) | Out-Null

    # These switch statements are used as way to convert the imported string values to boolean values in the set methods
    # I couldn't seem to get it to work correctly any other way
    switch ($autoInstallSoftwareImport.AutomaticallyInstallSoftware) {

        "True"  {$ccmClientUXSettings.SetAutoInstallRequiredSoftwaretoNonBusinessHours($true) | Out-Null}
        "False" {$ccmClientUXSettings.SetAutoInstallRequiredSoftwaretoNonBusinessHours($false) | Out-Null}

    switch ($suppressCompActivityImport.SuppressComputerActivityInPresentationMode) {

        "True"  {$ccmClientUXSettings.SetSuppressComputerActivityInPresentationMode($true) | Out-Null}
        "False" {$ccmClientUXSettings.SetSuppressComputerActivityInPresentationMode($false) | Out-Null}

# Check for the CM client version backup file
If (Test-Path -Path $backupLocation\$cmClientVersionBackupFile) {
    # If the CM Client version backup file exists, import it
    $cmClientVersionImport =  Get-Content $backupLocation\$cmClientVersionBackupFile

    # Compare the backed up CM client version to the installed CM client version
    If ($cmClientVersionImport -ne $cmClientVersion) {

        # If the versions do not match, restore the backed up Software Center Options

        # Generate a new installed CM client version backup file
        $cmClientVersion | Out-File -FilePath $backupLocation\$cmClientVersionBackupFile

    # If the CM client versions match, create a new backup of the Software Center Options
    Else {Backup-SCOptions}

# If the CM client version backup file doesn't already exist, backup the Software Center Options
Else {Backup-SCOptions}

ConfigMgr – How to Enable Software Metering for SnagIt

Software metering in ConfigMgr is pretty straight-forward. When a request comes in to meter a specific app, I ask for the executable name, plug it into a new rule, and then wait for the usage data to start coming in.

In the case of TechSmith SnagIt, I created a rule for Snagit32.exe. When I took a closer look at the metering data coming in, it looked like it was being used 24/7 by every machine that had it installed – were people really capturing their screens that often?!

One critical piece of information that I hadn’t realized is that SnagIt auto-starts, and runs constantly in the background – Which makes sense because it has to be able to intercept print screen keystrokes.

Not only does Snagit32.exe stay running, but a few other child processes as well:


Of course, this makes the metering data useless because you can’t tell who is actively using it.

Luckily, there’s a setting you can change so that the editor component won’t stay running in the background:


(The corresponding registry value is HKEY_CURRENT_USER\Software\TechSmith\SnagIt\XX\AlwaysKeepEditorOpen – XX = major version number – I’m working with version 11)

With this setting disabled, SnagitEditor.exe will only run when the editor is actively being used.

Next steps:

  1. Change the default setting in the package
  2. Enforce the registry value with a compliance setting
  3. Delete the metering rule for SnagIt32.exe and create one for SnagitEditor.exe

In retrospect, this seems kind of obvious, but I don’t use SnagIt and when I searched for how to meter SnagIt with ConfigMgr, I didn’t find anything. So hopefully this will be helpful to anyone else in that situation.

WSUS Role Install Failure – Event 18452 / 0x80131904

The other day, I was trying to install the WSUS role (using Windows Internal Database) on a Windows Server 2012 R2 system so I could use it for software updates during MDT reference image creation. The role install appeared successful at first, but when I went to run the post-installation configuration steps, it threw a failure. The same thing would happen if I tried to launch the WSUS admin console. It would ask me to specify the content folder and then fail a few seconds after I clicked OK.

In the Event Viewer, I found this:

“Login failed: The login is from an untrusted domain and cannot be used with Windows authentication.”


Examination of the log file in %Temp% showed the error code: 0x80131904


Huh? Untrusted domain? I was using my normal domain account which was on the same domain as the server and a local administrator on the system…so this error message didn’t seem to make any sense. I searched around for a bit but couldn’t find anything that exactly matched my scenario.

Then I got the idea to see if I could force the operation to run as the local SYSTEM account. To do this, you must use PSExec from Sysinternals. At first I tried to launch the WSUS admin console msc file directly, but that didn’t work. Instead, I had to launch mmc.exe first. Here’s the command:

psexec.exe -i -s mmc.exe

After it launches, add the Update Services snap-in.

The rest of the configuration tasks completed successfully, and WSUS is good to go. I’m not sure why this was failing under my domain account…perhaps some Group Policy setting? Anyway, I hope this is helpful to anyone else who runs into this problem.

Use Disk2VHD, Hyper-V, and PCMover Express to Upgrade a Windows XP System

Here’s a fun one from the realm of home support. You probably have at least some friends or family that are still using Windows XP but heard about it no longer being supported after April 8th and are asking you questions about what they should do. This is especially true since the latest Security Essentials platform update added a “scary” nag popup window mentioning end of support and vulnerability to future security threats.

Probably the easiest answer (for you) to give at this point is “just buy a new one…seriously, your computer is like ten years old…did you expect to never have to upgrade?”. Microsoft is even offering a free version of Laplink PCMover to greatly simplify the process of migrating old to new:


I’m sure that in their ideal scenario, you would just go to your local Windows Store (…) and pick up a brand new – preferably touch enabled – PC with Windows 8.1, and yay, everybody’s happy!

However, there are a good number of systems out there with decent hardware that are capable of running Windows 8.1 just fine…so why buy a completely new system? Why not just do an in-place upgrade? The main hurdle with an in-place upgrade from XP to 8.1 is that Microsoft doesn’t support it. You would have to back up the hard drive to another location (USB drive for example), do a clean install of 8.1, and then copy your files and settings over manually. Doable, but not ideal, and you would probably get a lot of follow-up calls/questions. You’d lose out on being able to use the PCMover software to automate the migration of files and settings, which will lead to more time spent doing post-upgrade configuration manually, and greater chance of missing something.

Well, there’s a way to have your in-place upgrade and eat it too…or something like that.

What you will need:

  • A host machine with Hyper-V (Windows 8.1)
  • A SATA to USB adapter
  • Enough free disk space to store a full backup of the hard drive from the machine you’re upgrading

Here are the steps:

1. Remove the hard drive from the XP machine and connect it to your host machine via the SATA to USB adapter

2. Use Sysinternals Disk2VHD to create a virtual hard drive (.vhdx) file from the USB connected XP hard drive: http://technet.microsoft.com/en-us/sysinternals/ee656415.aspx

3. Open up Hyper-V on your host machine and create a new virtual machine. Instead of creating a new virtual hard drive, associate it with the .vhdx file you created in step 2. Also make sure to associate this VM with a virtual network adapter that is on the same LAN as your physical machines.

4. Start the virtual machine. Hopefully there will not be any critical boot driver issues to cause a blue screen (fixing those is outside the scope of this blog post, but I’d be happy to try to answer any questions if you run into issues.) and XP will load as it does on the physical machine. The VM will need a few minutes to reinstall drivers. If you see any prompts to manually search for drivers, cancel them. When finished, you should be prompted to restart.

5. After restart, go to the action menu on the VM window and click “Insert Integration Services Setup Disk” This will install any remaining drivers that the system needs for it’s new virtual environment. When finished, restart again.

6. Once you’ve verified that everything is working correctly and the hard drive backup is sound, disconnect the physical XP hard drive and reconnect it to the XP machine.

7. Use your new Windows 8.1 (or 7) media to perform a clean install which will delete all data on the disk (again, make sure you have a good backup before doing this.) If there is a recovery partition from the hardware vendor, you might as well delete it and add its space to your new Windows partition. You wouldn’t want the user to accidentally restore the factory XP image at some point in the future.

8. Install all available Windows updates, especially the new  “Windows 8.1 Update” which enables booting directly to the desktop when a non-touch display is detected and some other features that make life easier when using a mouse.

9. Install the free PCMover version on the Windows XP virtual machine and follow its instructions. When prompted, install the same PCMover version on the new Windows 8.1 install. They will detect each other on the network and begin the transfer process, which may take a while to complete. It’s a good idea to go into the Security Essentials (on XP) and Windows Defender (on 8.1) settings and disable real-time protection scanning for the duration of the transfer. It can really help speed things up. Don’t forget to re-enable later.

That’s it!  You now have a completely upgraded/migrated physical system, and a virtual machine backup of the old system that you can keep around for a while just in case something didn’t get copied over that the user still needs.

A couple more tips to make life easier for folks that are used to XP and don’t like the UI changes in 8.1:

  • Use Classic Shell to take over functionality of the Windows Start button and present a classic style or Windows 7 style start menu instead of the start screen: http://www.classicshell.net/
  • Office 2003 is not supported on Windows 8.1. Instead of shelling out $$$ for Office 2013 or Office 365, download the free LibreOffice package instead. It can open all of your Microsoft Office documents and create new ones too. The feature set isn’t 1-to1 with Microsoft Office but it’s good enough for personal and small business use: https://www.libreoffice.org

ConfigMgr Client Install – RegisterTaskDefinition Failed with Error 0x80071a91

I ran across a peculiar client install issue recently. The client.msi.log file showed the following error:

RegisterTaskDefinition failed with error 0x80071a91

Which resulted in a 1603 return code.


Ok, so the install process is failing when trying to configure the client related scheduled tasks: Health Evaluation and Idle Detection


I looked up the error code in CMTrace and it came back with the following:

Transaction support within the specified resource manager is not started or was shut down due to an error. Source: Windows

Error80071a91-3I went into the Task Scheduler and found a task that wasn’t related to ConfigMgr. When I tried to change its configuration – switch it to a disabled state, for example – I got the same message about transaction support.

Aha, so at least I now knew that the issue is not isolated to the CM client install. Next I tried searching for a solution. I basically found two things to try:

1. Run the following command, then restart:

fsutil resource setautoreset true c:\

2. Delete the .blf and .regtrans-ms files from the following location, then restart


Neither of those methods fixed this issue for me. What did end up working was good ole CHKDSK


to be exact. I’m not sure exactly what it fixed, but it must have cleared out whatever was corrupting the transactional resource manager.