Re: More fbreseal strange behavior

From: Slobodan Brcin \(eMVP\) (sbrcin_at_ptt.yu)
Date: 01/25/05 

Date: Tue, 25 Jan 2005 17:47:26 +0100

Hi Mark,

How about:
http://msdn.microsoft.com/embedded/community/community/feedback/feedxp/default.aspx

Let us know if they have any comments on this.

Regards,
Slobodan

"Mark K Vallevand" <mark.vallevand@unisys.com> wrote in message news:%23xPdNSvAFHA.1404@TK2MSFTNGP11.phx.gbl...
> 1) I've seen this with SP1. After reseal there were 2 adminstrator
> accounts. I worked around it by creating a batch file that executes every
> time you log in. The batch file copies my customization from
> "Administrator" to the current account. The customization in this case is
> on the start menu.
>
> 2) I haven't seen the new hardware dialog unless I'm running on slightly
> different hardware each time. Our prototype hardware includes video and
> kb/mouse ports. Our real hardware is truly headless. And, we have
> different BIOSs that report different hardware. So, we see the dialog. I
> removed the newdev.dll and have no problems. I just make sure I run FBA on
> a machine that has all the devices that we want to support.
>
> 3) If you try a different SID changed, don't use SysInternal's NewSID. Its
> broken. It does not correctly change security information for COM.
>
> 4) I don't trust the SP2 version of fbreseal either. In my case, it looks
> like the reseal process runs when a cloned image is booted, but the SIDs
> don't seem to change. The fbreseal.exe file is not deleted either.
> Fbreseal.exe is supposed to be deleted to prevent running the reseal process
> again. Well, its not deleted. If you run it again, the image will reseal
> on the next boot, and fbreseal.exe will be delete, but security setting are
> corrupted. This leads me to believe that the first reseal acually worked,
> but the evidence is to the contrary.
>
> 5) Microsoft? Anyone there have any comment?
>
> --
> Regards.
> Mark K Vallevand
> "Desi" <richardsd@tycoelectronics.com> wrote in message
> news:1106661796.821828.91960@z14g2000cwz.googlegroups.com...
> >I have prepared a target device exactly the way that I want it, and ran
> >
> >
> > fbreseal.exe -keepall
> >
> > After a few moments, it comes back with a prompt that it finished
> > sealing and would reboot. Once it rebooted, I shut it down and imaged
> > the device.
> >
> > I applied the image to a new, but identical device. Upon booting up,
> > the device appeared to be generating new SIDs and whatever else it
> > needs to do after a reseal.
> >
> > Here's where the strange behavior comes in:
> >
> > 1) Upon full boot, I logged in as Administrator, and I receive a prompt
> > that there is no User data for that account (I don't have the exact
> > message, but I will recreate it later and post it). A new account is
> > created, "Administrator.NSXXYYZZ", where NSXXYYZZ is the machine name.
> > Unfortunately, this account lacks the customization that I spent hours
> > doing by hand, since it was created from the default profile.
> >
> > 2) I also get a "New Hardware found" dialog that prompts me to reboot.
> > This is the first time that I have seen this on this hardware - did it
> > change with SP2? I have seen several threads that talk about renaming
> > newdev.dll to get rid of this dialog, but I am wondering if it is a bug
> > that has been filed with Microsoft, or is it considered "Standard
> > operation"? It would be very dissappointing if it is. I have built
> > other images with SP2 and this version of components, without receiving
> > this dialog - What component did I add to cause it to happen?
> >
> > So I am now left with trying to use a different SID tool, since I have
> > little or no faith in Microsoft's FBRESEAL.EXE. I have spent 3 days
> > sorting out the numerous issues with XPe that should "Just work" but
> > don't when you get into the details.
> >
>
>

Relevant Pages

  • Re: More fbreseal strange behavior
    ... I worked around it by creating a batch file that executes every ... "Administrator" to the current account. ... I haven't seen the new hardware dialog unless I'm running on slightly ... If you try a different SID changed, ...
    (microsoft.public.windowsxp.embedded)
  • Re: Admin problems not letting me play BIA, Halo, Far Cry?
    ... So I'll clutter the forums with this. ... I ran the batch file and sat back and waited ... I reinstalled the gameI am having permissions problems ... it's the default administrator/single user account. ...
    (microsoft.public.windowsxp.games)
  • Re: Fix for: Server Application Unavailable Error after Applying Security Update for IE
    ... I've run the batch file, and now the login is failing for aspnet. ... > Internet Explorer security patch and ASP.NET V1.0 running on Windows XP. ... > Deletes and recreates the ASPNET account with a known temporary password ... This creates a new random password for the account ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: PAGE_FAULT_IN_NONPAGE_AREA
    ... Replacing the "ntuser.dat" file allows me back in to the faulty account. ... In Device Manager the Network Card appears under Network Adapter. ... Don't forget the problem could be hardware not software. ... Requested data was not in memory. ...
    (microsoft.public.windowsxp.general)
  • Re: Fix for: Server Application Unavailable Error after Applying Security Update for IE
    ... >> Internet Explorer security patch and ASP.NET V1.0 running on Windows XP. ... >> you can execute the following batch file as a workaround for the issue. ... >> Stops the IIS and ASP.NET state services>> Deletes and recreates the ASPNET account with a known temporary password ...
    (microsoft.public.dotnet.framework.aspnet.security)