Turns out there’s two hurdles to launching Quickbooks as they used some old Windows dependencies
Internet Explorer needed for DLL/ActiveX/DCOM
XPS Writer needed for PDF libraries
In later versions of Windows 10, IE11 was turned off by default, and 21H2 made it difficult to re-enable it by hiding it from Windows’s (optional) features checkboxes, so it needs to be enabled through command line.
If you do not enable Microsoft’s XPS Writer feature, you’ll get this error message about PDF on start, though XPS is Microsoft challenger to PDF so they are not the same thing
Microsoft has disabled Internet Explorer on later versions of Windows 10 as they really want people to use Microsoft Edge. However, disabling Internet Explorer 11 might break some software such as Quickbooks 2019, which relied on old fashioned DLLs.
Since 21H2, Microsoft went the extra mile preventing users from re-enabling Internet Explorer 11 by hiding it from GUI ways to turn Windows features on or off (whether you use the app mode interface or the classic optionalfeature.exe interface launchable from control panel’s “Programs and Features”). Instead this needs to be enabled from the command line
Control panel has a lot of kinda-secret calls that open specific configuration windows that it’d be difficult to get to (need many clicks from other windows) and they might not necessarily have a path that you can access normally when Microsoft discourage their uses. Sometimes it’s just a phrase, sometimes it’s a .cpl in Windows’ system folder, yet sometimes you can call a .cpl that does not exist at all yet the control panel recognizes it.
Here are some examples
control userpasswords2 opens a dialog box to manger user accounts more directly without going through MMC’s user management (typically Local Users and Groups within compmgmt.msc Computer Management). It’s also netplwiz
It used to be valuable way of managing autologon until Microsoft Removed the checkbox “Users must enter a username and passwords to use this computer” because it doesn’t make sense with their freaking vision of Windows Hello where you logon with biometrics or other ways that you’d do with your cellphones. They are trying to make passwords a thing of the past.
I picked this shortcut up from the README file of Network TWAIN Driver installer, which plug and play doesn’t make sense because the device is on the network so there’s no hardware to detect. Instead you add a scanner device manually and enter the connection information in its properties.
The interesting thing about this one is that sticpl.cpl do not exist! There’s no control panel file (.cpl) anywhere in the system drive!
There are more information from Microsoft about these commands.
Windows 10 comes with a default alias that if you type python anywhere in terminal, powershell, run, etc, It will run a stub that points you to getting it in Windows Store. WTF man! I hate these stubs that are nothing but advertising! People will know there’s Python available in the store if Python Software Foundation’s website announces it. There’s no need to hijack the namespace with a useless stub!
After I install Spyder 5.3.0, it started with a Windows console instead of a Python Interpreter console, so when I typed Python (Spyder 5.3.0 came with Python 3.8.10 in its subfolder), this damn App store stub came up:
When I tried to force a .exe exceution in Powershell, I saw this:
So there’s a way to disable this bugger off!
It’s not the first time Spyder not working as intended out of the box, but Microsoft’s overzealous promotion of their ‘good ideas’ causes grief and agony to people who simply want things done.
Ping and file sharing (Samba/CIFS) with older Windows machines blocked out of the box
They are blocked by firewall out of the box. There’s a firewall setting group specifically for the service that can be enabled.
Powershell scripts wouldn’t execute
Because Microsoft changed the defaults and do not allow Powershell scripts to run out of the box. I have a CMD command to run in Post-Setup that you can run before any Powershell scripts are executed that’d fix the issue.
Slipstream-able Windows updates immediately following 21H2
Basically all the 4 updates about with the tag -ndp48_ refers to NET Framework 4.8. The last one (KB5011543 for now) is a 600MB+ roll-up that gets updated often that you might want to check Microsoft Update Catalog for the latest YYYY-MM Cumulative Update Preview and replace it (check superseded info)
Windows Updater keeps bugging you for Malicious Software Removal (it’ll prompt you over and over until you finished all the virus/malware definition files)
Event Viewer will bug you about Printer Notifications not working (Microsoft forgot to account for their product still using interactive Session 0 which they disabled for security concerns)
Enable System Restore Point and capture it on every login
Enable System Restore on System Drive
Disable refractory period (won’t run again in 24 hour even if requested) in registry (Needs to be done with reg.exe instead of just a registry file with NTLite to make sure it doesn’t get overwritten during provisioning)
Create scheduled task that takes a snapshot at every logon
Turns out Microsoft decided to not allow you to run Powershell scripts out of the box. The Execution-Policy is set to be disabled and you have to go to Powershell to run
Set-ExecutionPolicy unrestricted -force
The -force switch skips the prompt. However, this is a chick and egg problem with slipstreaming as you need to execute this first programmatically. I tried to use CMD files to do powershell -command "Set-ExecutionPolicy unrestricted -force" but it does not work and quite a few people reported ignoring execution policy with -ExecutionPolicy Bypass switch to powershell.exe does not work with NTLite either.
It’s a colossal pain in the butt. Microsoft deciding to prevent Powershell scripts from running by default broke NTLite’s powershell scripting.
I decided to take a look at registry values that can be changed and this website suggested there is one. There’s a typo on the website. It’s not in HKCU but in HKLM (his screenshots says HKLM). The correct path is changing the string value ExecutionPolicy to Unrestricted in the key HKLM\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell
I cannot confirm when the registry files are loaded in NTLite. It could be too early or too late. (Looks like it’s too early to me since MDM fake enrollment registry files do not take effect and I had to use reg command script later).
So instead, I’ll do the registry change as a CMD script:
You’ll have to fake a MDM enrollment to get rid of the warning through registry entries, but loading the registry file in NTLite won’t work since it has to be processed after the unattended installation. This can be done by adding the registry entries with batch files to be run at Post-Setup
* Shallow assignment (transferring reference only) means the LHS does not have its own copy, so modifying the new reference will modify the underlying data on the RHS.
| Format-List -Property * or Format-List -InputObject
properties() methods() get()
List members (method and properties)’s prototypes
| Get-Member
Powershell specific
The UNCAPTURED output value in the last line of the block is the return value! Unary side effect statements such as $x++ do not have output value. Watch out for statements that looks like it’s going nowhere at the end of the code as these are not nop/bugs, but return value. This has the same stench as fall-throughs.
foreach() follows the last uncaptured output value return rule above doing a 1-to-1 map from the input collection to output collection (you can assign output to foreach() as it’s also seen as a function)
Powershell suck at binary operations between two arrays. Just an elementwise A+B you’d be thinking in terms of loops and worry about dimensions.
You can put if and loop blocks inside collections list construction, like this:
When used with classes and custom matrices/arrays, chaining fields/properties/methods by indices often do not work, when they do, they often give out only the first element instead of the entire array (IIRC, there are operator methods that needs to be coordinated in the classes involved to make sure they chain correctly). In short, just don’t chain unless in very simple, scalar cases. Always output it to a variable a access the leaf.
Negative (cyclic) indexing along with automatic descending range, along with the lack of ‘end’ keyword is a huge pain in the rear when you want to scan from left to right like A[5:end].
Instead, you’ll have to do $A[4..($A.length-1)] because the range 4..-1 inside A[4..-1] is unrolled as 4,3,2,1,0,-1 (thus scanning from right to left and wraps around) without first consulting with the array A like the end keyword in MATLAB does so it can substitute the ends of the range with the array information before it unrolls.
I am willing to bet that this behavior does not have a sound basis other than people thinking negative indices and descending ranges alone are two good ideas without realizing that nearly nobody freaking wants to scan from right to left and wrap around!
I had the same gripes about negative indices in Python not carefully coordinating with other combinations in common use cases which cases unintuitive behavior.
Range indexing syntax
# Powershell
1..10 # No step/skip for range creation
A[1..10] # No special treatment in array such as figuring out the 'end'
% MATLAB
A[start:(step):stop]
# Python
A[range(start,stop,step)]
# Slicing (it's not range)
A[(start):(stop):(step)] # Can skip everything
# In Python, A=X merely reassign the label A as the alias for X.
# Modifying the reassigned A through A=X will modify underlying contents of X
# To deep-copy contents without .Clone(), assign the full slice
A[:] = X
Hasthtable / Dictionaries
% MATLAB: Use dynamic fields in struct or containers.Map()
# Python: dictionaries such as {a:1, b='x'}
# Powershell: @{a=1, b='x'}
Structs
Powershell does not have direct struct or dynamic field name struct. Instead if your object is uniform (you expect the fields not to change much), use [PSCustomObject]@{}. You can also just use simple hashtable @{}, but for some reason it doesn’t work the way I expected when put into arrays when I try to reference it by array index.
Array rules surprises
Array comparisons are filtering operation (not boolean array output like MATLAB). (0..9) -ge 5 gives 5 to 9, not a list of False … False, True … True. To get a boolean array, use this shortcut:
(0..9) | % {$_ -ge 5}
Map-filter combo syntax is | ? instead of Map syntax | %
Monad (Cells in MATLAB) are unpacked and stacked by default (in MATLAB, I had to write a lot of routines to unpack and stack cells of cells). To keep cells packed (in MATLAB lingo, it’s like ‘UniformOutput’, false in cellfun), add a comma unary operator in front of the operation that are expected to be unpacked like this:
.$_.Split('_')
Set Operations
This is one of the WTF moments of Powershell as a programming language. Convenient set operations is essential for most of the routine boring stuff that involves relational data. A lot of Powershell’s intended audience works in database like environment (like IT managers dealing with Active Directory), they have Group-Object for typical data analysis tasks, yet they make life miserable just to do basic set operations like intersection and differencing!
Powershell has a Compare-Object, but this is as unnatural and annoying to use as users are effectively rebuilding all 4 basic set-ops (intersection, union, set-diff, xor) based on any two! Not to mention you have to sift through table to get to the piece you wanted!
Basically Compare-Object out of the box
is a set-diff showing both directions (A\B and also B\A) at the same time. If you throw away the direction info, it’s xor.
if you want intersection, you’ll need to add -IncludeEqual -ExcludeDifferent
(WTF!) If you just specify -ExcludeDifferent, by definition there’s no output because by default Compare-Object shows you ONLY the two set-diffs and you are telling it to not show any diffs!
Union is specifying -IncludeEqual only. But it’d rather stack both then do a | Sort-Object - Unique
Some people might suggest doing | ? {$_ -eq $B} for intersection (or is-member). This is generally a bad idea if you have a lot of data because it’s in the O(n*n) runtime algorithm (loop-within-loop) while any properly done intersection algorithm will just sort then scan the adjacent item to check for duplicates, which gives O(n log(n)) time (typical sorting algorithm takes up most of the time).
If you noticed, it’s set operations within the outputs of Compare-Objects with the Venn diagram of -IncludeEqual -ExcludeDifferent switches! It’s doable, but totally unnecessary mindfuck that should not be repeated frequently.
In MATLAB land, I made my own overloading operators that do set operation over cellstr(), categorical and tabular objects (I went into their code and added the features and talked to TMW so they added the features later), sometimes getting into their sort and indexing logic as necessary. This shows how badly do I need set operations to come naturally.
One might not deal with it too much in low level languages like C++ (STL set doesn’t get used as much compared to other containers), but for a language made to get a lot of common things done (i.e. the language designer kind of reads the users mind), I’m surprised that the Powershell team overlooked the set operations!
Sets are very powerful abstractions that should not be made less descriptive (hard to read) by dancing around it with equivalent operations with some programming gymnastics! If these basic stuff are not built in, we are going to see a lot of people taking ugly shortcuts to avoid coding up these bread and butter functions and put it in libraries (or downloading 3rd-party libraries)!
Powershell surprises
Typical symbolic comparison operators do not work because ‘>’ can be misinterpreted as redirection in command prompts. Use switches like -gt (greater than) instead.
Redirection’s default text output uses UTF16-LE encoding (2 bytes per character). Programs assuming ASCII (1 byte per character) might not behave as intended (e.g. if you use copy command merge an ASCII/UTF8 file with UTF16-LE, you might end up with spaces in the sections that are formatted with UTF16-LE)
Cannot extract string matches from regex without executing a -match which returns boolean unless we use the the $matches$ spilled into variable space. Consider [regex]::Match($Text, $Pattern).Groups[1].Value
Methods are called with parenthesis yet functions are not called with parenthesis, just like cmd-lets! Trying to call a function with multiple input arguments with parenthesis like f(3,5) will be interpreted as calling f with ONE ARGUMENT containing an ARRAY of 3 and 5!
Write-Host takes everything after it literally (white spaces included, almost like echo command), with the exception of plugging in $variables! If you want anything interpreted, such as concatenation, you need to put the bracket around the whole statement!
Libraries and Modules
Reload module using Import-Module $moduleName -Force
Sometimes I need to do a little bit of retro-computing (not with virtual machines) to support some ancient hardware.
As far as compatibility is concerned, I have yet run across any weird piece of software that specifically requires Windows ME, 2000, Vista or Windows 8 to run that cannot be run with an OS one step up.
Windows 98 SE generally displaces anything from Windows 95 to Windows 98.
Windows 2000/XP usually run anything that are meant for NT starting from 4.0.
Windows NT 3.51 usually run Win32s programs that works on Win 3.1, except it’s way more stable.
Installation Order
The OSes should be installed from old to new:
DOS/Win 3.1 + 98 (SE)
XP
Windows 7
Reorganize boot menu
Windows XP installs a NT52 style (NTLDR) boot menu that recognizes DOS as a partition to boot. Windows 7 installer will install a NT60 style (BCD) boot menu that that the NTLDR loader as an OS (it’s called Earlier version of Windows) instead of directly booting to Windows XP. This means to get to Windows XP / DOS, you’ll have to select twice.
We can fix this by EasyBCD, which rebuilds the bootloader options for the installed OSes. Doing it with bcdedit is a major pain in the arse. There are some quirks to watch out for in the process no matter which path you choose:
You might need to boot into safe mode if the current BCD is locked.
Whatever OS that you are currently in calls itself C: and everybody else shifted according to the partition order.
When setting drive letter for the boot menu item, observe the drive letter scheme currently seen by the host OS. i.e. use C: when referring to the currently booted OS
Do not take up on EasyBCD’s offer to detect the drive letter automatically. They are likely to be wrong guesses that won’t boot, likely because of the shifting C: issue.
While you are at EasyBCD, it also offer the option of booting ISO (optical drives) and IMA (floppy) images, which I find it convenient for making the PC a tech service station.
Note that the DOS menu provided by EasyBCD went through an extra layer of indirection called GRUB4DOS, so it’s not as native as going through NT60 (BCD) > NT52 (NTLDR) > DOS in the sense that it installed foreign stuff not made by Microsoft such as Grub.
Tip about bcdedit
Some old versions of bcdedit’s /? menu did not tell you about the /store switch, which is necessary to manipulate foreign BCD files instead of the host BCD (that you used to boot to the current Windows you are working in).
For some very old system that doesn’t support hardware USB CD-ROM (ISO) emulators (or it only has USB 1.1 ports which is begrudgingly slow), there’s a way to put your installer in a HDD/SSD (IDE/SATA) and boot the installer image on them. Turns out it’s quite easy. All you need to do is copy the set of entire Windows installation files in an MBR drive with partition set active, then write the boot sector to it!
Make sure your HDD is in MBR, not GPT
Make a partition that’s bootable (can be NTFS) by marking it as Active (Active partition only make sense with MBR. That’s why you should make your disk MBR)
Copy all the files from Windows CD image to the drive
Run the following code the build the boot sector for the drive. One interesting twist is that you must run this command from the drive letter you want to rebuild the boot sector (or it’ll refuse to run) yet you have to specify what drive letter to rebuild the boot sector! Let’s call the drive P:\
P:\:> bootsect /nt60 P:\
The /nt60 is the modern boot manager for Windows 7 and above. /nt52 is Windows XP and old NT style (NTLDR) boot manager. Miss the old days when I was using winnt /b!
