Category Archives: General Tech Stuff

Viewing events for Windows 10 Controlled Folder Access

I wrote about Controlled Folder Access not long ago. Since then, I’ve seen it throw a few dialogs telling me that a particular application was blocked from doing something, but I generally didn’t pay much attention unless I found something that didn’t work. The desktop notification doesn’t show the full path of the blocked executable if it’s anywhere in \program files or \users\appdata. There just isn’t enough room.

Today I saw a message pop up that had some Chinese characters in it– you’d better believe that got my attention. I wanted to see what CFA had blocked. A little digging around led me to an article that explains how to easily create a custom view that shows CFA events. Sure enough, here’s what it showed:

Someone’s up to no good

Since I don’t use Internet Explorer, it’s pretty clear that something is on my machine that shouldn’t be, but, at least for now, CFA has prevented it from doing anything too nefarious. Off to the malware scanner I go!


Leave a comment

Filed under General Tech Stuff, Security

Quick impressions of the Harman Kardon Invoke Cortana speaker

I’m an early adopter. This is both a blessing and a curse.

Thanks to John Peltonen, I installed some X-10 home automation gear back in the early 90s and have long wanted a more automated home, so when Amazon started shipping the Echo I bought one and threw together an ad hoc home automation system. My “robot girlfriend” Alexa can control various devices, including the kitchen and master bedroom, floor and desk lamps, my security system, and my thermostats (a Nest downstairs and an el cheapo Honeywell upstairs). I have a mix of LIFX bulbs (wouldn’t buy them again), WeMo switches, TP-Link smart plugs, and Lutron Caseta dimmers/switches, plus a GoControl garage door controller. It all works pretty well.

The Alexa devices have pretty quickly blended into my normal home workflow. I use the one in my bedroom like a clock radio, and to control the temperature when I’m in bed; the one in my office gets frequent use for adding items to my grocery list when I remember them, and the kitchen unit is an all-around music player, news source, multi-function timer, grocery-list keeper, and audiobook reader. Overall I’m well pleased with the Alexa devices and ecosystem.


Alexa as an assistant is far behind both Microsoft’s Cortana and Apple’s Siri. (For another time: my thoughts on what each smart-assistant platform is good and bad at, e.g. Siri is dumb and has poor voice recognition, for example, but has a few idiot-savant skills that are useful and both benefits, and is limited by, Apple’s strong emphasis on on-device processing). It’s safe to say that Alexa is mostly a portal to Amazon’s services, which is fine; as a heavy consumer of Amazon services I’m OK with that.

However, I got spoiled by the quality of Cortana’s assistant functionality on Windows Phone and have continued using it on Windows 10, so when I saw that Microsoft and Harmon Kardon were partnering to make the Invoke, a Cortana-powered competitor to the Amazon Echo, I was intrigued. For Black Friday, Microsoft was selling the Invoke for $99, and I had a $50 Microsoft Store credit, so I figured for $50 it was worth taking a flyer. The Invoke got here yesterday and I spent a few hours setting it up and playing with it. Here are my initial short-term impressions.

  1. The device build quality and packaging are excellent. I prefer the physical design and finish of the Invoke to the Echo. They are similar in size.
  2. The Invoke has a power brick instead of a wall wart. That is inappropriate for kitchen use.
  3. The out-of-box-experience and initial setup for the Invoke are very smooth, better than the initial experience for an Alexa device. All I had to do was power on the device and tap “set up my speaker” in the Cortana app. Whereas the Echo/Dot require you to manually switch wifi networks, the Invoke just magically figures out how to set itself up. (The Invoke immediately had to download an over-the-air update but this was painless and fairly fast.)
  4. The sound quality of the Invoke is much better than that of the original Echo. The new Echo 2 supposedly sounds better. The Invoke produces rich, clear highs, solid midrange, and decent bass for such a small unit and it seems louder than the Echo at max volume.
  5. The Dot and Echo have an LED ring around the top that lights up to indicate when the device is listening. The Invoke has a small touch-sensitive screen on the top. The ring is easier to see from a distance (and can be used to indicate when there are notifications, etc) but the touch-sensitive screen is an easy way to interact with the device. I’ll call this one a draw.
  6. Cortana functionality seems to be on par with the iOS Cortana app, and somewhat behind the Win10 app’s functionality.
  7. Cortana has very few skills compared to Alexa’s skills library. On both platforms, many of the skills are either stupid (I don’t need a skill to play the Notre Dame fight song, thanks) or not useful to me (I’m not a Capital One customer so their skill doesn’t do me any good).
    1. Cortana doesn’t have skills to control TP-Link smart plus, LIFX light bulbs, or WeMo switches– all of which I use heavily.
    2. It is completely non-obvious how to add or manage skills. Some skills are built into the device, like Spotify and Skype. Some require you to install an app or to authorize an external service. The process is much more consistent for Alexa devices.
    3. Obviously the Invoke doesn’t have any Amazon skills. I use those heavily too. Being able to reorder cat food, or check on the whereabouts of a package, or listen to an Audible audiobook is very handy.
    4. You enable smart home skills through the Cortana notebook. This isn’t obvious. None of the skills I have seem to recognize individual devices, e.g. the Wink skill just ties Cortana to the Wink hub, and there’s no way I can find to tell Cortana to find new devices through the hub.
  8. Within the first 30 minutes, I ran into a bug– the device would say it couldn’t understand me, no matter what I said. I’ve seen other people mention this online so it’s a legit bug.
  9. I couldn’t get the Wink skill to control my garage door. This might just be because I didn’t know what to say to it; the same skill works fine with my Caseta dimmers and switches though.
  10. You can only set one kitchen timer at a time. Multiple concurrent timers is a key Alexa feature for me because I lack the skill to coordinate cooking multiple dishes without timers.

One feature I really like and can see myself using a lot is the integrated Skype calling. A simple “Hey Cortana, call person” is all it takes. I’m not 100% sure where Cortana is getting contact data from. If I say “call Delta Airlines,” it calls the local Delta Cargo office instead of the number in my contacts. If I say “call Walmart,” the device looks up the nearest Walmart and calls it, which makes sense because I don’t have Walmart in my contacts list. If I name a person in my contacts list, it calls them. Alexa has a very similar feature, along with the ability to send voice or text messages directly to other Alexa devices, but I never got in the habit of using them. (It doesn’t look like Invoke calls show up in my Skype history; I’m not sure if that’s a feature or a bug).

(Fun side note: if you call either device by the other name, it tells you about the upcoming Microsoft-Amazon partnership.)

For now, the Invoke is definitely a second-class citizen here at the fortress of solitude– with limited smart home integration, I can’t do a 1:1 replacement of any of my Alexa devices yet. But it sounds great, and Microsoft has a long history of rapidly improving their 1.0 releases, so I am optimistic that it will get better rapidly. I’ll keep it.



1 Comment

Filed under General Tech Stuff, Reviews

Using Windows GitDesktop with Windows 10 Controlled Folder Access

The Windows 10 Fall Creators Update has a very useful new feature that can dramatically reduce the impact of ransomware: Controlled Folders. You should turn it on (Ed Bott’s article tells you how). Once it’s on, any attempt by an unauthorized program to modify files in controlled folders (including your OneDrive and OneDrive for Business folders and your Documents folder) will fail with an error message like this:

Controlled Folders doing their thing

The problem is, sometimes you want an application to have access to those folders. No problem: you can get there by opening the Windows Defender Security Center app, clicking “Virus and threat protection”, then clicking “Virus and threat protection settings,” and then finally selecting the “Allow an app through Controlled folder access.” It’s an easy enough process.

Unfortunately, you may find that the app you added to the list isn’t the app that actually runs when you try to do something. For example, when you run GitDesktop you’ll see a message like the one above because that app is actually a bundle that includes several binaries. You might think you can just add the binaries themselves, and you should be able to, but instead I got an error saying that the path I had entered wasn’t valid. That’s probably because I (lazily) installed the GitDesktop client on my… desktop… so its binaries are tucked away in my Users directory.

I spent some time scratching my head trying to figure out what to do, then discovered that you could enable Controlled Folder Access with the Set-MpPreference cmdlet. Of course, where there’s a Set- cmdlet, there’s usually a Get- cmdlet, and sure enough…

Get-MpPreference is your friend

A little more digging turned up the Add-MpPreference cmdlet and the associated ControlledFolderAccessAllowedApplications switch. A little digging to figure out which actual copy of git.exe  was being run and I was all set… until I started writing this post and found that SnagIt has the same problem!

Adding a new application

Thus I ended up solving two problems (“why doesn’t GitDesktop work?” and “why won’t SnagIt work?”), learning something new (*-MpPreference), and, at least hopefully, protecting myself and others against ransomware. Onwards!


Leave a comment

Filed under General Tech Stuff

My screen went gray: how to turn off Windows 10 color filter mode

I like to think I know my way around Windows after using it daily since Windows 3.1. Sometimes it still surprises me, though.

Today I was working on a blog post for the ENow blog (stay tuned, you’ll see it shortly). I went to copy a quote from a press release and, suddenly, this is what I saw:

Grayscale Windows screen

Where’d my color go?

I couldn’t figure out what the hell had happened, but my screen was suddenly gray. It was at the correct resolution, and everything looked the same except it was gray. At first I thought I’d mistakenly turned on high contrast mode (which you do with left Alt+left Shift+PrtSc) but nope.

A little digging led me to the dialog shown in the image above. Apparently Windows has a “color filter” mode that, when invoked, makes it easier to see certain colors. It’s intended for people with color-vision deficiencies. For ease of use, Microsoft tied it to a key combination: the Windows key + Ctrl + C. I must have accidentally bumped the Windows key while copying my quote.

Now you know.


Filed under General Tech Stuff

Clearing the Windows 10 external monitor cache

I bought a Surface Book on day 1 of its availability, 2 years ago this month. It’s been an excellent machine. I almost never use it with the clipboard undocked so I’m not sure I’d buy another one, but it’s been good.

Recently, though, it has developed a displeasing habit of failing to recognize external monitors. For example, last week when I was at Ignite, I had to borrow Richard’s laptop to do my product demos because mine wouldn’t talk to the monitor we had available. When I got back from Ignite, it was worse– I couldn’t use an external monitor either through the Surface Dock or the built-in DisplayPort. It didn’t matter what monitor or adapter I used, either. The only way I could make an external display light up was to undock the clipboard and plug the dock connector into it.

I tried a large variety of things to fix it, including updating the firmware on the Surface Dock, reverting to an older preview build of Windows, sacrificing a chicken, and loud cursing. Nothing.

Then I posted on Reddit. Within an hour or so, a user posted a link to this thread, and I found the magic solution. I unplugged the dock, deleted HKLM\System\CurrentControlSet\Control\GraphicsDrivers\Connectivity and HKLM\System\CurrentControlSet\Control\GraphicsDrivers\Configuration, plugged the dock  back in, and boom! The external monitor now works normally.

My theory is that a bug in Windows 10 and/or the Surface dGPU driver and/or Windows Insider upgrades caused the problem. I’m not really interested in figuring out the root cause now that I know how to fix it.

Hopefully this will help future generations who may have this same issue…

Leave a comment

Filed under General Tech Stuff

Office 365 Hybrid Configuration Wizard won’t launch

I recently ran into a bizarre problem with the Office 365 Hybrid Configuration Wizard, and solved it after a bit of trial and error. Hopefully this article will be a useful breadcrumb for future hybridizers.

The HCW used to be a standalone Windows executable that you’d download. The Office 365 team (hi, Tim Heeney!) made the wise decision to turn it into a Click-To-Run (C2R) executable. The biggest benefit to using C2R is that whenever you click the link (which downloads the application’s manifest file) you get the latest version of the HCW, streamed directly to you from Microsoft’s servers. This ensures that everyone always gets the most up-to-date version, but it also introduces a few potential stumbling blocks.

C2R application manifests aren’t executable themselves; they’re just XML files that provide some metadata about the application. With that said, on a properly configured Windows box, as soon as you download the manifest, the C2R helper application does its thing; it reads the manifest, streams the application, and launches it.

In my Exchange 2016 lab, that’s not what was happening. When I clicked on the HCW link in Internet Explorer, the little “Scanning..” infobar would flash across the bottom of the window, but that was it. Same thing in Chrome. Downloading the HCW manually using the Start-BitsTransfer PowerShell cmdlet got me the manifest file, but it couldn’t be launched. Of course, since the C2R launcher itself wasn’t launching, there were no log files to use to troubleshoot the problem. By contrast, when I downloaded the HCW onto my Windows 10 desktop, it would fail because I didn’t have the right prerequisites installed, leaving me a log file full of juicy details. All of the machines in my lab had the same problem, perhaps not surprising since they were built from the same Amazon Web Services AMI.

I spent some time doing the usual things: trolling the TechNet forums, searching random posts by people who had problems with the HCW (all of which were problems with what it did after launch, not problems getting it launched), and asking my smart MVP friends. Nada.

Then I had a hunch and opened the Default Programs control panel. For the “.application” file type, this is what I saw:

Looks plausible, but it’s totally wrong

I changed the “.application” file type to be opened with Internet Explorer. Then I went back to the HCW link, clicked it, and was rewarded with a properly functioning copy of the HCW. Filed for future reference…

1 Comment

Filed under General Tech Stuff, UC&C

Office 365 Engage wrapup

Last week, I had the privilege of presenting at the first Office 365 Engage conference. Billed as a practical, no-marketing-content conference, and chaired by Tony Redmond, the conference offered a pretty impressive lineup of speakers from across the Office 365 world, mostly from Europe. One big drawback to the way that Microsoft and Penton have organized their respective conferences is that it’s often difficult to get European experts and MVPs here to speak, so I was looking forward to seeing some fresh material presented by people I don’t usually get to hear from, and I was not disappointed.

I arrived midday Tuesday after changing planes in Reykjavik (more on that later). A quick train ride got me to the Haarlem Centraal station, after which I grabbed an Uber to the hotel. The conference was booked into the Philharmonie Haarlem, and I must say it was the nicest conference venue I’ve ever been in– a far cry from the typical US conference facilities located in echoing, soulless conference centers or noisy, smoky Vegas hotels. The location was excellent as well– Haarlem is a beautiful city and quite walkable. The conference hotel was a mere 3-minute walk from the Philharmonie and the area contained a wealth of restaurants and shops.

One of the meeting rooms at the Philharmonie

After I got registered, I wandered around talking to attendees and speakers. My first session (on monitoring Office 365, big surprise!) wasn’t until Wednesday morning so I got to drop in on a couple of sessions, which was nice. Unfortunately, I spent most of my time Tuesday either working on my slides and demos or on the phone with folks back in the USA– that’s the big downside to being in Europe. Tuesday night I met a group of MVPs for dinner, at a Mexican restaurant, of all places.

Wednesday I had my monitoring session in the morning, along with more work on my third session’s slides. I got some good attendee questions that I’ll use to make the presentation better for the next time– as Microsoft is always changing the monitoring and reporting functionality in Office 365, this is definitely an evolving area. In the afternoon, I was able to go to Tiago Costa’s session on Office Graph development, which I found quite valuable. Wednesday night the organizers had set up a canal cruise for the speakers, which was a lovely treat– Haarlem looks even better from the water.

Canal ahoy

Obligatory windmill photo. This was the only one I saw the entire trip.

Thursday was a big day. I had two sessions: one on Skype Meeting Broadcast and one on Windows Information Protection. Fellow MVP Brian Reid was kind enough to help salvage my demo; I filed a support ticket with Microsoft about an hour before my session because my tenant didn’t work, but his did. We even got to demonstrate the real-time automated closed captioning feature that Skype Meeting Broadcast now includes, which resulted in quite a few laughs from the audience. It works surprisingly well, better with Brian’s English accent than my own American one. Then it was back to the speaker lounge for still more work on my information protection slides, which I delivered to a curious audience without a hitch. (I had a great side conversation with a lady who works for, shall we say, an allied power and had a lot of interesting questions about ways to use the Information Protection features in what might euphemistically be called a nuclear bunker.) The afternoon sessions were accompanied by a loud, heavy thunderstorm that wouldn’t be out of place in Alabama– I think some of the locals were a little surprised by its ferocity. The rain had cleared and left the air cool and clear afterwards, perfect for the closing session, after which I jumped in a taxi to get to Schiphol for my flight on to Reykjavik.

A quick note on logistics: the venue’s Internet connection worked well for nearly everyone, seating was comfortable and plentiful, and the snacks, coffee, and lunches were good. Overall the logistics were far better than average, especially for a freshman offering. I believe that reflects the experience of the event team, all of whom have put on many such similar events in the past.

Overall, this was a solid first-year conference. With only a couple hundred attendees, it preserves the small-group feel that was formerly so attractive about first MEC and then Connections, but with a great deal of attention paid to ensuring that the content was relevant, unique, and practical. I’m looking forward to next year’s version!


Filed under General Tech Stuff, Travel, UC&C