Tuesday, 03 September 2019 12:20

The Case of Missing UE-V Templates

Written by
Rate this item
(0 votes)

image

My customers often deal with unexpected Windows behavior and this case is no different. This particular one is especially interesting because it is common in infrastructures that use the "User Environment Virtualization" (UE-V) extension. UE-V provides capture of user-customized Windows and application settings as well as storage on a centrally managed network file share. This case opened when a customer mentioned during an on-site engagement that they experienced issues that in some cases personalized settings of logged-on users did not apply to their work session.

I knew from past experience that Windows registers UE-V settings template location via a scheduled task which enables UE-V to synchronize application settings between client computers. In this case, the fact that stood out was that the scheduled task did not run properly on systems on which the problem had occurred. Normally, the task would execute a PowerShell script which will then proceed to enumerate the Inbox UE-V Templates and register those and then disable the scheduled task (as it needs to run only once on a machine). Following a brief investigation, we determined that the task runs through only if the logged-on user has administrative permissions (which in an Enterprise environment usually spells trouble as it significantly increases the risk of lateral escalation (Pass-the-Hash (PtH))).

Now that the problem was understood, we needed a way to work around the issue. I was aware of two possible workarounds:

  1. Run the C:\ProgramData\Microsoft\UEV\Scripts\RegisterInboxTemplates.ps1 script during OS deployment.
  2. Configure the "Settings template catalog path" group policy setting (it controls the "Template Auto Update" scheduled task which is configured to run as SYSTEM.)

This led me to the recommendation to deploy the second workaround as it would fix the issue for the existing install base. The customer configured the "Settings template catalog path" group policy setting to point to "C:\ProgramData\Microsoft\UEV\InboxTemplates" and selected the checkbox to replace the default Microsoft templates that are installed with the UE-V service, verified the suggestion and confirmed that the issue was solved.

I believe that this issue is fixed in Windows 10, version 19H2. However, I did not have time or need to verify this (yet).

Read 3102 times Last modified on Tuesday, 03 September 2019 12:37
More in this category: « The Case of Corrupted Store Apps
  1. Comments (1)

  2. Add yours
This comment was minimized by the moderator on the site

Having the same issue with the "auto-register inbox template". It doesn't run in the context of none-admin users' the "Register-UEVTemplate" commands requires admin right.

I don't understand your solution in #2. The "Template Auto Update"...

Having the same issue with the "auto-register inbox template". It doesn't run in the context of none-admin users' the "Register-UEVTemplate" commands requires admin right.

I don't understand your solution in #2. The "Template Auto Update" Scheduled Task is already there as soon as I Enable the "Enable-UEV" Policy, even if I leave the "Settings template catalog path" Computer Policy set to "Not Configured". But that task doesn't seem to Register the Inbox Template?

So I tried anyway - I enabled that policy ("Settings template catalog path"). But it requires a path? So I tried using %ProgramData%\Microsoft\UEV\InboxTemplates (where the templates are) but that didn't make a difference; It's still not registering the templates.

Read More
F.Lemay
There are no comments posted here yet

Leave your comments

  1. Posting comment as a guest.
0 Characters
Attachments (0 / 3)
Share Your Location

Recent Posts

  • An alternative ESU MAK Activation Solution
    This blog post was shared with me by a colleague of mine, Daniel Dorner, a Microsoft Premier Field Engineer. It’s…
    Written on Wednesday, 04 December 2019 21:04
  • The Case of Missing UE-V Templates
    My customers often deal with unexpected Windows behavior and this case is no different. This particular one is especially interesting…
    Written on Tuesday, 03 September 2019 12:20
  • The Case of Corrupted Store Apps
    A few days ago I began experiencing issues with built-in Windows apps where various apps would flash open and close…
    Written on Wednesday, 14 August 2019 13:36
  • The Case of Changing Default Printer
    While I sometimes long for the day when I no longer have to deal with unexpected Windows 10 behavior, there’s…
    Written on Wednesday, 14 August 2019 20:36
  • Windows 10 1903: Useful Resources for IT Professionals
    Windows 10, version 1903 is now available via Windows Update for Business, Windows Server Update Services (WSUS) and the Volume…
    Written on Friday, 07 June 2019 11:21
  • Windows 10 1903 Built-In Apps: What to Keep
    The development of the Windows 10, version 1903 is finished and the update is now available for download from Visual…
    Written on Monday, 03 June 2019 06:59