SQL Server combining LIKE with IN (SELECT LIKE IN query)

System Requirements

  • SQL Server

 

The Problem

This was one of those “it should be obvious” moments.

Dating back to 2004 in its current iteration, the hpcfactor.com membership database has been blighted by SPAM. We are no different to any web community in this regard. A can be a particular problem as many accounts that we may miss are registered and (if they survive) become a valuable commodity to sell as trojan accounts for use in mischief at a later date.

The moderation team at HPC:Factor does a great job of ensuring that these ‘pay per post’ (usually from Indian IP’s) urchins are wasting their time, but it does not stop them from trying. At one point we were having to content with several hundred a day, and had to shutdown registration completely. A custom layer that I wrote to sit on-top of the BBS registration system has done a good job to convert that SPAM torrent into a trickle of a “couple of times a month”.

Over the years, I have added more and more banned email domains to a ban list that is maintained in the user registration database. It occurred to me that as that list has increased, the historic pool of user account has never been re-parsed against the updated banned domains list.

Sounds simple right? Fire up SQL Server Management Studio and create a SQL SELECT LIKE IN query… is it that simple?

 

The Solution

Yes actually it is.

The obvious logic that you want to follow is to take this syntax

SELECT id, username, emailaddress
FROM members
WHERE emailaddress IN (
   SELECT emailaddress FROM bannedemails
)

… and merge it with a LIKE statement to create a SELECT LIKE IN query, something like

SELECT id, username, emailaddress
FROM members
WHERE emailaddress LIKE IN (
   SELECT '%' + emailaddress FROM bannedemails
)

Unfortunately however this syntax is completely illegal.

The answer is to perform the LIKE/IN as part of an INNER JOIN

SELECT members.id, members.username, members.emailaddress
FROM members
INNER JOIN bannedemails ON members.emailaddress LIKE '%' + bannedemails.emailaddress

 

Performance

This is a not a “real time” friendly SQL expression. The inefficiency of using LIKE evaluation becomes very apparent as the record set scales. The HPC:Factor database had 2,271 banned email domains and 30,336 user. Giving a total record iteration and evaluation count of 68,893,056 rows.

The total query execution time for this on was 2 minutes 13 seconds (ouch). Having said that, on reviewing why it took that long, I realised that at some point in time I was being extremely stingy with the SQL Server VM. It only had access to 2 CPU cores and 12 GB of RAM. The hypervisor server itself has access to a 10 core hyper-threaded Xeon.

 

The Result

I have a lot of respect and sympathy for people who use VPNs and temporary email addresses and I genuinely understand why they feel the need (or in some cases must, depending on what part of the world you are in).

I saying that, I also have to deal with the issue from the other side of the equation. If the website is having a bad day, it’s usually because of something coming from one or both of these camps. As ever in life, a minority will insist on spoiling a good thing for everyone else.

After running the query, we had only missed 8 user accounts – credit to the moderation team. The oldest account was 26/09/2006 and my favourite that we probably should not have missed was “mrputin” from January 2013.

Installing Plex Media Server on Windows Server 2016 or Windows Server 2019 Core

System Requirements

  • Windows Server Core
  • Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, Windows Server 2019
  • Plex Media Server

 

The Problem

“Just because you shouldn’t do something, doesn’t mean you can’t”

Plex Server, the sometimes controversial media streaming hub, is a staple of the media diet of many home-brew media centre connoisseurs. I personally keep it installed as a gateway between Smart TV’s and my music/video/photo library as it is a convenient way of getting DLNA support on the network. Where pushed due to lack of Kodi support Plex also gives a consistent alternative front-end user interface.

The problem with Plex Server is that it isn’t quite a “server”. It’s a service, but one that insists on running in the userland (as a tray icon). If you log off from its user account, it shuts down the service and you no longer have a working Plex environment.

 

Why is this a problem?

At home, the only computers that I have running 24/7 are servers and these are exclusively Hypervisors. I want Plex to be always on, but not to be sharing a with VM performing other duties. Neither do I want it be forced to leave a logged-on VM running that does something else and thus increases the attack vector.

To date, my answer has been to run Plex Server in a Windows 10 VM, but this means consuming a £120+ Windows 10 Pro license so that it can effectively molly-coddle a tray icon.

Ah ha! I hear you cry. How is consuming a £900 Windows Server license any better?

It’s not, obviously… unless you’ve got Windows Server Data Centre licenses. If you fall into this category, it literally doesn’t matter how many VMs you install on your hypervisor. The argument is academic as long as your have the horsepower on your server to keep piling on additional VMs.

More commonly however, and perhaps more practically. You may find that you have some old Windows Server 2012, 2012 R2 or 2016 Standard licenses knocking around from recent server decommissions. This may become more common again as your organisation starts migrating to Windows Server 2019.

The advantage of using even a down-version of Windows Server comes in the fact that versions of Windows from 2012 upwards all remain part of the Microsoft Long-term Servicing Branch (LTSB) support model. Consequently, by re-using the licenses your Plex install will receive security patches for many years to come, while remaining lighter than a client edition of Windows and – in the cae of Windows 10 – will save you from the 6-monthly ache of having to Feature Update Windows 10. In other words. Server Core gives you a stable platform to ‘set it and forget it’.

So, for these minority edge cases, an experiment was born to see Plex Media Server could in fact run on Windows Server Core.

 

Why Windows Server Core?

Partly because I’m a stickler for pain and partly because at ~5GB (Windows Server 2019), it represents a considerable disk and resource saving over the ~18GB of Windows 10. My Windows 10 VM Plex Server install, with Windows 10 Pro, Plex and its various database (but no local media assets) weighed in at 33GB (after defragging and compressing). Its RAM utilisation typically sitting between 1.4 GB and 1.8 GB (remember that it’s sitting at a user account lock screen most of the time, but a user is logged on non the less).

This gives us some numbers to define relevant success or failure of the experiment against.

 

How To

The new VM was setup with the following specs:

  • 3 CPU Cores*
  • 1024 MB Startup RAM with dynamic memory between 400 MB and 2048 MB
  • A 127 GB dynamic VHDX
  • Connected to the correct network
  • Set (in my case) to PXE boot and install from my build server
  • Windows Server 2019 Core as the install source

*I find that at 2 cores, Plex rides the CPU at 90% during library updates. With 3 cores, it is usually sub 40% and does make use of the available thread afforded from the extra CPU.

 

Minimising

Firstly, remove any unwanted Windows Features. My build server is configured to enable several features by default, so we’ll strip these off. Fewer features and less services mean a leaner VM footprint. Use Get-WindowsFeature in PowerShell* to view the state of play with yours and remove as appropriate. For example

Remove-WindowsFeature -Name Hyper-V

Remove-WindowsFeature -Name Windows-Defender

* At the comment prompt type “start powershell” and hit enter to launch a PowerShell console.

Simiarly, go through Get-WindowsOptionalFeature -online | ? {$_.State -eq 'Enabled'} to check for more things to disable e.g.

Disable-WindowsOptionalFeature -online -FeatureName <name>

As well as Get-Windowscapability -online | ? {$_.State -eq 'Installed'}

Remove-WindowsCapability -online -Name <name>

… and Get-WindowsPackage -online | ? {$_.PackageState -eq 'Installed'} using

Remove-WindowsPackage -online -PackageName <name>

Note: Do not remove WOW64 from the install as you will require it to run Plex.

 

Preparing

If you aren’t automated, patch it, join it to the domian and make any registry and config changes that you need (such as IP addressing and enabling Remote Desktop).

Decide what account your Plex Server install will run in. Obviously, you’ll be sitting in an administrator account after install, and you don’t want to run Plex in that! I have a user account on the domain that has minimal permissions and access to multimedia shares. You should decide what will work for you.

Set the Windows Firewall so that you can perform remote management. Here are some examples of functions that you may wish to enable (they may differ depending on the Windows Server Edition). We need to enable File and Printer Sharing (SMB) access so that we can copy the Plex installer over to the VM from a management workstation.

enable-netfirewallrule -displaygroup "Core Networking"

enable-netfirewallrule -displaygroup "File and Printer Sharing"

enable-netfirewallrule -displaygroup "Network Discovery"

enable-netfirewallrule -displaygroup "Performance Logs and Alerts"

enable-netfirewallrule -displaygroup "Remote Desktop"

enable-netfirewallrule -displaygroup "Remote Event Log Management"

enable-netfirewallrule -displaygroup "Remote Event Monitor"

enable-netfirewallrule -displaygroup "Remote Scheduled Tasks Management"

enable-netfirewallrule -displaygroup "Remote Service Management"

enable-netfirewallrule -displaygroup "Remote Shutdown"

enable-netfirewallrule -displaygroup "Remote Shut-down"

enable-netfirewallrule -displaygroup "Remote Volume Management"

enable-netfirewallrule -displaygroup "Windows Firewall Remote Management"

enable-netfirewallrule -displaygroup "Windows Remote Management"

enable-netfirewallrule -displaygroup "Windows Management Instrumentation (WMI)"

enable-netfirewallrule -displaygroup "Windows Backup"

Before you can run Plex Server, you will also need to enable Windows Media Foundation services.

Add-WindowsFeature -Name Server-Media-Foundation

Now jump to a Management machine, something with Windows 10 1809 and RSAT installed on it.

On the management machine, open Computer Management from the start button right click or by calling the MSC. Right click on “Computer Management (Local)” at the top of the left-hand pane and connect to the machine by hostname or IP Address. You can now:

  • Manage Task Scheduler
  • View the Event Logs
  • Manage Shared Folders
  • Manage Local Users & Groups

Note: If you are in a workgroup, you need to ensure that the user account and password used to open Computer Management matches the administrator account on the Plex VM. Otherwise you will see ‘Access Denied’. You will also need to have setup WinRM, which is beyond the scope of this article.

 

Auto Log-on

Installing on Windows Server will not change Plex’ behaviour. It will still run as a tray service even though there isn’t a systray to display its icon in. This means that the virtual machine must auto log-on at reboot in order to start Plex Server’s services.

To set auto-logon, from an administrator account add the following registry material.

Note: You can type regedit at the command prompt to gain access to the standard Windows registry editor if you prefer to do it manually.

reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /t REG_SZ /v "DefaultUserName" /d "Plex" /f

reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /t REG_SZ /v "DefaultPassword" /d "your_password_here" /f

reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /t REG_SZ /v "DefaultDomainName" /d "your_domain_here" /f

reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /t REG_SZ /v "AutoAdminLogon" /d "1" /f

To test whether you have successfully setup auto-logon, simply reboot the server VM.

Note: The password is inserted in fully readable plain text in the registry. Keep that in mind when designing the security for this account!

 

Install Plex Media Server

Use the following process to install Plex on the new Windows Server Core VM:

  1. Log onto the VM using your preferred Plex user account. For the rest of this article we will call the username for that account “Plex”. This is to create the user account structures.
  2. Download the latest Plex Server installer file from www.plex.tv.
    Note: For some silly reason at the time of writing, the download link is in the page footer with the copyright. It’s almost as if they don’t want you to download it… but I digress.
  3. In file explorer on the management machine, open a SMB share to the VM either using \\<FQDN>\c$ or \\<ipAddress>\c$. Copy the Plex installer file into \\<host>\c$\Users\Plex
  4. Return to the VM via Remote Desktop or your Hypervisor, and ensure that you are logged on as the Plex user account. You should be a command prompt “C:\Users\Plex>”
    1. If your user account is a member of the local administrators group: Type “Plex” and hit tab, it should auto complete the full file name of the Plex installer and hit return e.g.
      Plex-Media-Server-1.14.0.5470-9d51fdfaa.exe
    2. If the Plex account is a standard user: Type “runas /noprofile /user:domain\adminUsername Plex-Media-Server-1.14.0.5470-9d51fdfaa.exe” and hit return.
  5. Should you receive any errors from the installer, you can access the log file via the management machine at the following path to troubleshoot the problem:
    \\<host>\c$\Users\Plex\AppData\Local\Temp

Once the installer has finished, the Launch button will not doing anything as it is attempting to start the default web browser – and there isn’t a default web browser on Windows Server Core. Simply exit the installer to complete the installation.

 

Post-install

At this point you will have the Plex Server binary files installed, however unlike on a GUI install, Plex will not yet function correctly.

 

Drive Maps

Should you need to set up drive maps for media content you can use group policy or create local account mapped shares to your media files using

net use <driveLetter> \\server\share /persistent:yes

 

Auto-Start

Now that Plex is in installed, it is necessary to start its processes. As Windows Explorer (and the startup folder) does not exist to do this for us, you will have to set it up manually.

The obvious way would have been to use task scheduler.

SchTasks /Create /SC ONLOGON /TN "Plex Server" /TR "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe"

However, I was unable to get the event to fire at logon and the service never started.

Equally, I was unable to get an auto-run working from HKCU\Software\Microsoft\Windows\CurrentVersion\Run on a non-administrative account, although your mileage may vary if you are using an administrative account.

In the interest of time, the quickest way to achieve this is to use the following procedure:

  1. Log in as a system administrator
  2. Open Regedit
  3. Navigate to:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\AlternateShell\AvailableShells
  4. Right click on the AvailableShells key, click Permissions…
  5. Click Advanced
  6. Change the Owner to the administrators group and cascade the ownership change to sub-objects
  7. Set the Administrators group to have Full Control of ‘This key and subkeys’
  8. OK back to Regedit
  9. Edit the REG_SZ under AvailableShells so that you add cmd.exe /k “C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe” into the Value data string e.g.
    cmd.exe /c "cd /d "%USERPROFILE%" & start cmd.exe /c "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe" & start cmd.exe /k runonce.exe /AlternateShellStartup"
    Note: The last command (each & is the start of a seperate command) to be executed will be the window on top after the boot completes.

Note: You cannot use SC as a mechanism to invoke the auto-start as Plex requires the user account to functionally access remote file shares. If all of your media is stored locally on the Plex Server VM then technically you could use SC and in this case you would not need to auto-logon the VM at all.

If you log-off and log-on again you should get the Plex Media Server.exe process running in taskmanager.

 

Adding the ability to Shutdown the VM

If you want your non-administrative user to shutdown the VM without having to log-off, log onto an administrator account and then perform the shutdown. You need to modify the local security policy (or Group Policy) to grant your low security account this right.

You can either

  1. Export a modified policy as a template from your management machine in Local Security Policy (Security Settings > Local Policies > User Rights Assignment > Shut down the system) and then import it onto the Windows Server Core VM using secedit /configure /cfg <exportFilePath> /db secedit.sdb
  2. Use ntrights.exe from the Windows Server 2003 Resource Kit Tools and issue the command ntrights.exe -U "domain\username" +R SeShutdownPrivilege

Download: Windows Server 2003 Resource Kit Tools

 

Open Plex

To start using Plex as part of a new install. Return to your management machine and open a web browser and navigate to:

http://<ipAddress>:32400/web/

You should be presented with the beginning of the Plex configuration wizard in your browser. Do not not be surprised if Plex knows who you are based upon your IP address if you are an existing user. You should be able to  sign-in and configure Plex as required based on it being a new install.

 

Migrating your Plex Server

If you wish to migrate an existing Plex Server into the VM, use the following procedure to perform the migration:

  1. Ensure that both source and destination Plex Installs are running the same version
  2. Shutdown the Plex Media Server processes on both the source and destination Plex Installs by entering
    net stop PlexUpdateService
    tskill "Plex Media Server"
    tskill "PlexScriptHost"
  3. On the old server, export the entirety of the “HKEY_CURRENT_USER\Software\Plex, Inc.” registry key and import it onto the new server
  4. On the new server, rename “C:\Users\Plex\AppData\Local\Plex Media Server” to “C:\Users\Plex\AppData\Local\Plex Media Server-OLD”
  5. Copy the “C:\Users\Plex\AppData\Local\Plex Media Server” folder from the old server to the new server. This folder will be very large and the copy will be very slow as it contains a large number of files and folders. In my case some 662,915 files and folders totalling around 18 GB.
  6. Ensure that your old Plex install remains offline
  7. Reboot the new Plex VM
  8. Test
  9. Delete “C:\Users\Plex\AppData\Local\Plex Media Server-OLD”

 

The Results

At the beginning of the article, I outlined that the old Windows 10 VM disk was sitting at 33 GB with typical idle RAM use sitting around 1.4 GB.

After defragging and compressing the virtual disk for the Windows Server Core VM, the VHDX file size was 27 GB; a small improvement. RAM use was also better. Typical idle values of around 550 MB matched library updates sub-720 MB and observed highs around 900 MB.

Boot times for the VM are considerably faster compared to Windows 10, not that it is especially important for media consumption. As an early superficial observation, the library load times between a Smart TV and the Plex DLNA enumeration service appear snappier than under the previous install. I leave that as a subjective and not an empirical observation however.

So is it worth it? The answer to this should depend on your comfort level with managing Windows Server Core. If you want to play with Server Core to learn it, or are already familiar with it, then it is worth considering for the RAM saving alone. The promise of a long-term stable platform under LTSB servicing does allow you to “set it and forget it” and, if like me you are fed-up of contending with large 6-monthly full reinstalls of Windows 10 for no intrinsic gain. It really does offer a streamlined way to host Plex.

With that said, you do lose three practical things by using Server Core and not much else

  1. The omnipresent tray icon which lets shortcut into the web GUI or manually initiate library scans (all of which you can do from the web UI).
  2. The ability to open the web UI on the VM itself is lost.
  3. Being able to troubleshoot with a GUI in Windows Explorer is occasionally useful. You must now use an intermediate management machine/VM to do this. For any admin who already manages Server Core, they will already have this environment. They will also be used to viewing the local server console as a weapon of last resort, not first resort as will be the case with the majority of GUI administrators.

Once working on Server Core, Plex is essentially managed exclusively through the web UI. There are only very occasional needs to interact with Windows Installer on the console during version upgrades. If you want your Plex VM to do something other than just Plex, then it probably isn’t worth considering going down this route. Should you think like a server admin however and prefer task isolation, then why do you need a GUI, Game Bar and Candy Crush saga to server multimedia content to your TVs? If you think like a savvy consumer, why do you need the extra licensing overhead?

Windows NT 4.0 on Hyper-V 2016

System Requirements:

  • Windows Server 2016, Hyper-V Server 2016
  • Windows 10
  • Windows NT 4.0 Advanced Server, Server, Terminal Server Edition, Workstation

The Problem:

For reasons that defy any sane logic, I decided that I needed to install NT 4.0.

It’s 2018 and over the last few years I have been slowly clearing out all of my old IT hardware, to the point now that I no longer have any legacy motherboards or systems in the house or office. So when I recently needed to fire up Windows NT 4.0 once again – for reasons that defy logic – you would assume that Virtualisation was the easy win.

Sadly – and especially with Hyper-V – this is not the case. Microsoft’s virtualisation solution is (and always has been) designed around its currently supported operating systems, with a little Linux added in to the mix in more recent times. Down-level operating systems are not supported and by default, are not going to work. This is especially true of what in effect is Windows 1996, the workhorse wonder that was Windows NT 4.0.

I am sure that the non-masochists of you will just use something like VMWare or Virtual Box to do thy bidding and carry on with their day… but I digress….

Note: This process is will be very similar for Windows NT 3.5 and NT 3.51 as it will be for Windows 2000 – however Windows 2000 does not have the 8GB disk/2GB partition initial size limitation.

The Fix

The following procedure will get you up and running with a working NT 4.0 install under Hyper-V 2016. I am assuming that you know your way around Hyper-V and this article is intended as a results based guide, not a step-by-step ‘click here, go here’ guide.

Create the VM

Use the following configuration when creating your VM:

  1. Create a generation 1 Virtual Machine. In our case this will be “NT 4.0 Server”
  2. Set the RAM to 512 MB (or lower)
  3. You can set it to 1 or 2 CPU cores as required
  4. Do not connect to a network. Remove the default network adapter completely. Add a new Legacy Network Adapter
  5. Create a new virtual hard drive. The drive can be fixed or dynamically expanding, however set the maximum disk size to 2GB or lower. Ensure that both the VHDX and the virtual DVD drive are connected to the IDE bus, not the SCSI bus
  6. Attach your NT 4.0 install CD/ISO to the virtual DVD drive
  7. [If applicable] attach the NT 4.0 virtual floppy boot disk to the virtual floppy drive
  8. Set the required boot order (Floppy or CD ahead of HDD)

Pre-configure Hyper-V

By default, Hyper-V will attempt to run the VM under its default modern architectures mode, compatible with Windows Vista+ systems. The 1996 Windows NT 4.0 code-base is not compatible with modern platforms or CPU instruction sets and if you attempt to boot to the NT text mode installer without addressing this issue, NT 4 will blue screen while attempting to bootstrap the installer.

To fix this, you need to enable the legacy CPU compatibility. This used to be a GUI option in Hyper-V 1.0 under Windows Server 2008, but the option was removed in later releases. Despite being removed from the GUI, the option does still exist in the Hyper-V core and can be re-enabled for the VM using PowerShell.

To enable compatibility mode, open an elevated PowerShell sessionon the hypervisor and enter the following command:

Set-VMProcessor "NT 4.0 Server" -CompatibilityForOlderOperatingSystemsEnabled $true
Get-VMProcessor "NT 4.0 Server"

Text Mode Setup

Boot your Virtual Machine from the floppy/CD and enter text mode and follow through the setup process.

  1. You do NOT need to add any additional mass storage device drivers (this includes the NT 4.0 SP4 ATAPI update, which if you attempt to add the updated driver, the installer will ignore).
  2. When prompted to choose the keyboard layout, language and confirm the computer type. Change the computer type to “Standard PC” for a single core VM or “MPS Multiprocessor PC” if you require access to two cores. Enter your preferred keyboard settings as required.
  3. In the drive partitioning section, create an NTFS partition of less than 2048MB. I would suggest 1024MB for simplicity. Do not attempt to create a larger partition. The reason for this is that NT 4.0 will initially format the VHDX as FAT16, which has a maximum partition size of 2GB. During the later installer process and before entering GUI mode setup, NTFS conversion will be run over the FAT partition, converting it into an NTFS 1.2 file system. You will patch it to NTFS version 3.0 after installing NT 4.0 SP4 or later.

If you receive an installation failure because setup cannot write to the Windows folder or a setup error stating that permissions could not be created, this is most likely caused by you creating the initial VHDX larger than 8GB.

GUI Mode Setup

There are no special requirements or steps to perform during GUI Mode Setup.

Auto detection of the Network card will work with the Hyper-V Legacy Network Adapter. Ensure that you properly configure TCP/IP and remove IPX/SPX from the protocol list (unless you specifically need it).

Post Install

  1. Install SP6a (SP4 at a minimum).
  2. Turn off the machine.
  3. Increase the RAM from 512MB if required.
  4. In Hyper-V Manager/PowerShell edit the virtual disk and set the maximum size to your required size (e.g. the default 127GB).
  5. In Windows Server 2016, locate the VHDX and mount the disk. Using PowerShell or Disk Manager, expand the partition to fill the entire size of the disk.
  6. [1/2] If you want Windows NT 4.0 to turn off automatically when you click the shutdown button (instead of telling you it is now safe to turn off your computer):
    1. Use 7-zip (or similar) and extract the hal.dll.softex file from the SP6a installer, rename it HAL.dll and copy it into C:\WinNT\System32\
      Note: If you are using a multi-processor VM, rename the halmps.dll.softex to HAL.dll and do the same.
  7. Unmount the VHDX.
  8. Reboot the Virtual Machine.
  9. [2/2] If you want Windows NT 4.0 to turn off automatically when you click the shutdown button (instead of telling you it is now safe to turn off your computer):
    1. Add the following to the registry:
      REGEDIT4[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\]
      "PowerdownAfterShutdown"="1"
  10. Install Internet Explorer 6.0 SP1, patch and update the Windows install, install application and configure to your needs.

Things the inexperienced user may not know

If you are playing with NT 4.0 for the first time, then there may be some things that you are not aware of. Here are a list of a few points that are worth noting should you be the Windows equivalent of a millennial (pun intended).

  1. The total install size (less the page file), after patching and cleaning up uninstall data was ~320MB. They don’t make them like that any more!
  2. NT 4.0 does not support plug and play. If you want to add hardware, you have to do it manually via a plethora of different places in the control panel – there is no device manager!
  3. NT 4.0 is extremely insecure by default. Know that it has no built-in firewall and that the base system policy and security configuration is insecure by default (even file system permissions are a free for all). You should keep this in mind when attempting to do anything at all with NT. If it really needs to be on the network you should at a minimum harden system policy and add a firewall (ZoneAlarm Free was the go to back in the day).
  4. There are no display drivers for Hyper-V. This means that there is no mouse integration and as such you will be unable to install NT 4.0 over a Remote Desktop session. It also means that you will be stuck at a max resolution of 800×600 in 16 colour using official means.
    1. Unofficially, you can make use of the great work of the VBEMP NT project to increase the resolution and get NT 4.0 running at modern resolutions and up to ‘True Colour’ (24-bit). This does not offer any cursor integration between the VM and the Hyper-V Manager, preventing mouse use over a Remote Desktop connection and requiring the ctrl +  alt + left cursor to escape the Hyper-V Connection window.
      View: VBEMP NT (tested with NT 4.0 stable version 3.0)
  5. There are no sound drivers for NT 4.0 in Hyper-V (unlike there used to be in Virtual PC) as Hyper-V does not emulate any sound adapters.
  6. The disk performance is fairly poor, until you have patched up to SP6a + the SP6a URP (Q299444). You can further improve performance by enabling DMA Mode on the IDE adapter and write caching on the VHDX.
  7. NT 4.0 by default does not use SMB signing and uses LAN Manager authentication instead of NTLM. It can use NTLM v1/2 once it has been fully patched. However, be aware that this means that it will be unable to communicate with Windows XP SP2+ or Windows Server 2003 in their default configurations. You will have to perform some security hardening on NT 4.0 or security weakening on XP+ to get SMB working. Hint: It’s the same process in the registry on both, so security harden NT 4.0 after installing SP6a.
  8. NT 4.0 ONLY supports SMB 1.0 / CIFS (“SMB 1.5”). Microsoft have been removing support for SMB 1.0 with each successive Windows release. Under Widows Server 2016 and Windows 10 SMB 1.0 support is an optional component/feature that you may need to install manually.
    Note: You should not be using SMB 1.0 at all in 2018 as it is a 100% exploitable security risk.
  9. After you have performed the install, you may be looking for the easiest way to copy SP6a, Internet Explorer, patches and app installers to the VM. To do this as fast as possible without having to pre-harden the OS either burn the updates into an ISO or do it via Guest authenticated SMB by:
    1. Enable the guest account
    2. Create a SMB share on the root of the C Drive and set Guest access to read/write (modify) under NTFS and Share permissions.
      Note: before it is patched, you will struggle to SMB into NT 4.0 using a username and password combination unless you weaken the security policy on the calling client. Using the guest account bypasses the problem.
    3. Use an intermediate level VM/system as a bridge between newer and older SMB versions. For example I used a Windows Server 2008 VM to pull data from third server with a SMB 2.x file share of updates and drop them onto the NT 4.0 SMB 1.0 share found at c:\shared.
    4. Once NT 4.0 is patched, you should disable the guest account again, remove its permissions to the file share and authenticate into NT 4.0 using a normal user account found in the SAM database. Do note my warning above about SMB signing however, which will scupper you unless you have made mitigations via hardening.
Once you have done all of the above, and have a fully patched system. You will have something resembling the below running in Hyper-V 2016.
NT 4.0 in Hyper-V 2016
NT 4.0 on Windows 10 via Windows Server 2016 Hyper-V install

Do not buy Corsair products (especially if you are European)

Corsair, the natural sponsorship fodder of the Web 2.5 YouTube generation. You can’t travel far in North American centric technology media without encountering their name and logo plastered across the screen.

2 weeks ago, my Antec Neo 650 power supply died after I borrowed the 240v AC adapter to power a screen. I’ve used Antec since the 90’s with generally good reliability (apart from the Phantom 500 range which quickly disappeared). Without my workstation I did sought to quickly do the obvious thing – find out what is moving and shaking in the PSU world and find the efficiency vs/ cost price point.

Jumping on the “independent” reviews, I was quickly able to observe that Antec just weren’t featured…. Anywhere! I couldn’t find them listed in a single PSU round-up, recommended list or top 10. It has been some 6/7 years since I last changed the PSU in one of my non-server systems. So I concluded that I found Antec’s lack of presence to be a warning sign and decided to look elsewhere.

I knew I wanted a fully modular PSU. Partially modular were becoming common when I last changed PSU, but I was still left with this air-flow sapping thermal mass ball of unnecessary cables, even on a partially modular system.

A quick read around, some investigation into whether I need an X or an I series (and what on earth the difference was) and then off to price comparison for the RM650x (CP-9020091 / 75-010885). Of course, it was Friday when all this happened, and I wasn’t going to be around over the weekend, so I online ordered. PC World UK didn’t have stock on their main site, but their eBay site had plenty of units for the same stock code – sold.

RM650x

On the Monday my initial impressions were reasonable. The build quality on the main PSU unit looked OK. Cable quality was… acceptable but not great and the unit passed a basic PSU tester and powered up a test board OK.

The packaging was excessive. Why the PSU needed to have its own faux-velvet draw-string bag and the cables come in a Velcro branded carry case is beyond me. I’d rather it have been £5 cheaper.

Having passed a basic test, I committed the original sin of not performing an out of case test on the actual motherboard and proceeded to strip out all the carefully managed Antec cables from the case, substituting them with the new Corsair ones. Before making the cable routing permanent I performed a headless power-on/power-off test (time mistake #2) before bedding everything in, closing-up, connecting all peripherals and moving to get back on with what I needed to be doing.

Nothing happened.

Well, the fans span up, the system even booted, but my three Dell u2415’s stayed blank, in standby without even a DPMS acknowledgement.

Open it up, reseat everything, check wiring. Did I somehow blow out the graphics card? It’s intended for 2D only, a Asus GTX750, low power draw and won’t blow up any benchmarks (but it isn’t supposed to, it’s there to drive three 1920×1200 screens in 2D rendering). I swapped in a GTX645 and… it worked… until I connected the second monitor. Putting the GTX750 back in and repeating the test did not work, until I connected to DVI. Connecting to DP or HDMI would result in non-booting on both the GTX645 and GTX750, but DVI would work.

Next I unloaded the motherboard, RAM down to 1x4GB stick, removed all PCI card, USB peripherals etc… still nothing. So I did the thing that I had been trying to avoid all along and went and lazily mule’d the PSU from a different system into my main workstation by placing the case side by side – another (but 3 years newer) Antec Neo 650 as it happened. With all peripherals and RAM restored, everything was fine. All three monitors powered on with both cards.

Putting the Corsair back, nothing. We clearly aren’t getting enough power through the PCI bus. The PSU is a dud. Infuriating for me having now wasted the best part of Friday and Monday on it, but ‘it happens’ I thought to myself and went off to see if Corsair could shed any light on it.

Do not buy Corsair if you want warranty support

FAQ and Knowledge Base

My original intent was to look at their knowledge base/FAQs. Thinking perhaps they’d recommend a different product in something that I’d missed in my hasty dash to buy something, my genuine initial assumption was that I’d goofed up – I did this once before when the -5v rail disappeared from the ATX specification back around the introduction of the LGA775.

Well, they didn’t have anything. FAQ’s were all about selling you things and in order to get to anything in their support section you had to register.

Data-raping

So in order to see if there was anything aimed at addressing my issue, or any expert tips of things I could try, I had to register. In order obtain any contact info, you guessed it, I had to register.

To register they demand that you provide them with email, name, full postal address and telephone number, accept their privacy policy and terms and conditions. But I just wanted to read your KB/FAQs?!?! Why is any of that relevant – hint, it isn’t. They’re just building a marketing list plain and simple. I created a unique email address just for them so that I can tell when they sell it to a marketing company and fake filled in the address and phone number fields. At this point in our relationship, none of the above is any of your concern Corsair.

Nothingness

I quickly gave up on the idea of FAQ/KB searching because I was annoyed enough at this point to want to just make it customer services job to tell me what I’d done wrong, so I filled in a ticket. Which demanded my name, address, phone number… explained the situation, tests, evidence and hit send.

At this point I had noted that their entire site only mentioned the USA and Canada and made no mention of anywhere else in the world. With hours posted on the US west-coast time-zone, putting me 7/8 hours ahead. So I won’t get anything until tomorrow.

Just before I closed the browser I happened to noticed at the bottom of the ticket a form stating requirement for proof of purchase. Thinking myself clever I attached a PDF of the PC World VAT invoice and then closed down the browser; I may as well short-circuit that inevitable problem, right?

Pointless and Infuriating

[Keeping in mind that I’m desperate to get back to work here] 25 hours later the first reply comes back.

“Please attach the following for validation of the warranty:
– A photo/screenshot/PDF of the receipt/invoice to the ticket so that we can validate the warranty, if you purchased this directly from us please provide us the Order number instead.
– Photo showing the Part Number or Serial number of the product

The attachment area is at the bottom of this screen. Afterwards, please respond back with a ticket comment so that we know the requested files have been attached, thank you kindly.”

– Staff Account (Richard TS) via channel ‘Email’ 06/01/2018 08:37 AM

But I did that?!?!! I gave you the serial numbers too. It turns out that – as mentioned above 25 hours later – if you upload an attachment into a Corsair support ticket, it doesn’t save the attachment to the ticket unless you write a new text message to update the support case. It doesn’t SAY THAT. It doesn’t make sense to do that either, but that’s a discussion for another day.

I take the photo, re-upload the invoice, upload the photo and send a message through their painfully slow support portal which has page reload times in excess of 25 seconds… and so begins the saga of 1 message per 24 hours. After a WEEK we are still doing this…

After a WEEK! They haven’t even acknowledged the problem or suggested any ideas or troubleshooting steps. Corsair from the start were squarely trying to find a way out of having to involve themselves in it because all they want to do is focus on administrative bureaucracy.

… and here, finally for them, is their ‘way out’

“Corsair products purchased from online private sellers or internet auction sites such as eBay are not able to be guaranteed, and so are not covered by our warranty.”

– Staff Account (Richard TS) via channel ‘Email’ 06/05/2018 01:32 PM

I uploaded them a VAT invoice from PC World remember!

To make a start on dissecting this, the above statement is a flagrant breach of UK consumer rights and the Sale of Good Act. Companies do not even have to offer a warranty to be compelled to warrant that their product works in the first place. On top of this, EU law stipulates that they must provide a warranty – and the UK is still in the EU until March 2019 at least.

Corsair provide no indication on the box that their warranty is non-transferable. If this was a second-hand purchase and the warranty was non-transferable, then if the product is outside of the statutory mandated initial function period, this would stand-up. However, this is a new purchase from a VAT registered retailer who I assume are a Corsair partner in Europe? What merchant that is sold through is utterly irrelevant in the eyes of the law and makes no difference on statutory requirements.

So what did the helpful people at Corsair have to say to that?

“For further validation of the warranty, please send us a photo showing the part number or the stick at the of the PSU.”

– Staff Account (Richard TS) via channel ‘Email’ 06/07/2018 03:04 PM

Corsair Tech Support Chat Log Screenshot

As you can see, the proof of purchase and requested photograph (note the photo date, this was the second one) are quite literally above the request in the screenshot. They are quite literally wasting my time at this point.

In summary

  1. Corsair have no European operations or presence. ‘Technical support’ only operate on the US West-coast time zone – geographically this is no use for anyone in Europe (especially for businesses).
  2. Corsair data-rape you.
  3. Corsair are not interested in troubleshooting or offering technical ‘support’.
  4. Corsair have no interest in honouring their own warranty.
  5. Corsair at best can manage one short message in a 24-hour period – and that will be it for the day. Even if you stay up late and reply immediately after they respond – as I have done on 4 consecutive nights. That is all you will get.
  6. Corsair have no interest in customer service and show no interest in speedy resolution. They offer no advanced replacement service (the likes of Seagate or Western Digital) and in my case, have not even acknowledged that there is a problem.
  7. Corsair’s support portal is badly designed and slow. Refreshing the support ticket page takes upwards of 25 seconds and I wasted an entire 24 hours’ worth of exchange because its file uploading module didn’t actually retain the uploaded file on their server despite showing no errors.
  8. They keep asking you for the same thing over and over again, so if they clearly have no engagement with you and are not interested in a dialogue with their customers

Therefore, I conclude:

If you are in Europe and might need technical support

If you are in Europe and might need to use their RMA service

If you are in Europe and purchased from an online retailer

If you are in the second-hand market (anywhere)

If you are running a business and need to keep your business running

DO NOT BUY CORSAIR

Over a week in, I’ve given up. I have a “premium” PSU that doesn’t work, a workstation which at this point I’ve cannibalised into new working arrangements and I am still no further forward on starting a discussion over what the problem might be.

I’ve posted it back to Curry’s PC World with the corsair ticket number attached and notified them that it is defective. Full credit to Curry’s PC World, they’ve refunded it without any problems and have been extremely good about the saga. I just feel bad that I’ve basically passed the problem to them instead of resolving it myself.

This is the first Corsair PSU product that I have purchased and it will be in no uncertain terms be the last product that I buy in any category from them. I would urge you to ignore their pervasive and at this point almost saturation marketing in the sector and do the same. Perhaps they do make good products and this unit was just a lemon, it happens. Yet with a belligerent attitude, slow, unhelpful customer service, a US of A ‘screw-you’ starting position coupled with no European support presence. You really do not want to be on the wrong side of a defect; not at these prices.