Disable the little drawing (known as search highlights) in the Windows 10/11 search bar

After deploying new Windows 10/11 images with the latest updates, Microsoft has included Search highlights. You can see if you have search highlights enabled when having a little drawing in the search bar. When clicking on the search bar it extends with graphics and more crap.

So what are search highlights?

Designed to help Windows users discover more information and related content, search highlights present noteworthy, informative, and interesting information of what’s special about each day—like holidays, anniversaries, and other moments in time both globally and in your region

This new feature can be nice for home users but not for most enterprise environments. So I disable this feature for all the Windows 10/11 deployments.

Disable search highlights by using a Group Policy Object (GPO) 

  • Make sure you have at least the Administrative Templates(admx) for Windows 10 November 2021 Update (21H2) – v2.0 (Link).
  • Copy the ADMX files to the Group Policy Central Store in the sysvol folder (example: \\<fqd domain name>\SYSVOL\<fqd domain name>\policies\PolicyDefinitions)
  • Create or edit a Group Policy Object (GPO) to the OU where the computer objects are placed
  • Browse to Computer Configuration – Policies – Administrative Templates – Windows Components – Search
  • Open the “Allow search highlights” setting and select Disable
  • Perform a “gpupdate /force”  on the Windows client

 

Disable search highlights by registry setting

Another method is by creating a registry key on the Windows 10/11 machine.

  • Execute the following command as administrator:
REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /v "EnableDynamicContentInWSB" /t REG_DWORD /d "0" /f

Disabling this setting turns off search highlights in the taskbar search box and in search home.

Build a Windows 10 image with Packer using VMware Workstation

Most of the time I use Packer against a VMware vSphere and Microsoft Azure environment. But sometimes it’s useful to use VMware Workstation for local testing purposes. For building Windows 10 images with Packer and using VMware Workstation there is not much information available. In this blog post, I show how to build a Windows 10 image with Packer and VMware Workstation.

With Packer, the vmware-iso builder is used for creating images with VMware Workstation/Fusion.  In this example I create a Windows 10 image with the latest VMware Tools installed, the installation of the Evergreen module, and automatically install the latest Windows updates.

Pre-requisites

  • Windows a 10 ISO file. You can use this link for downloading the latest Windows 10 ISO for example
  • Install VMware Workstation. I use VMware Workstation Pro 16.x
  • The newly created image must be able to access the internet for  downloading the latest VMware Tools version
  • During my first deployment, the following build issue occurred Build “Could not determine network mappings from files in the path: C:/Program Files (x86)/VMware/VMware Workstation“. Colin Westwater of vGemba.net has blogged about a solution that can be found here, link.
  • Use NAT in VMware Workstation.

Steps

  • Run the following PowerShell script (link). This script does the following things:
    • Create a download folder such as c:\Packer (line 6-17)
    • Download the latest Packer version and unzip the package (line 19-30)
    • Download my Github Packer repository to the local download folder (line 35-39)
    • Create within the download folder the Packer folder structure (line 41-45)
# $ErrorActionPreference = "SilentlyContinue"
# Enable TLS 1.2
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

# Variables
$downloadfolder = 'C:\packer\'
$github = 'https://github.com/ibeerens/Packer/archive/refs/heads/main.zip'

# Create Folder
$checkdir = Test-Path -Path $downloadfolder
if ($checkdir -eq $false){
    Write-Verbose "Creating '$downloadfolder' folder"
    New-Item -Path $downloadfolder -ItemType Directory | Out-Null
}
else {
    Write-Verbose "Folder '$downloadfolder' already exists."
}

# Download the latest Packer version
$product='packer'
$packurl = Invoke-WebRequest -Uri https://www.$product.io/downloads.html | Select-Object -Expand links | Where-Object href -match "//releases\.hashicorp\.com/$product/\d.*/$product_.*_windows_amd64\.zip$" | Select-Object -Expand href
$packdown = $packurl | Split-Path -Leaf
$packdownload = $downloadfolder + $packdown
$webclient = New-object -TypeName System.Net.WebClient
$webclient.DownloadFile($packurl, $packdownload)

# Unzip Packer
Expand-Archive $packdownload -DestinationPath $downloadfolder
# Remove the Packer ZIP file
Remove-Item $packdownload

# Go to the Packer download folder
Set-Location $downloadfolder

# Download Github files
Invoke-WebRequest -Uri $github -OutFile ${downloadfolder}packer.zip
Expand-Archive ${downloadfolder}packer.zip -DestinationPath $downloadfolder
# Remove the packer.zip
Remove-Item -Path ${downloadfolder}packer.zip 

# Create the folder structure
Move-Item ${downloadfolder}Packer-main\workstation\windows10\setup -Destination $downloadfolder
Move-Item ${downloadfolder}Packer-main\workstation\windows10\*.* -Destination $downloadfolder
# Remove the Github structure
Remove-Item -Path ${downloadfolder}Packer-main -Recurse -Confirm:$false -Force
  • Browse to the download folder
  • Open the “win10-std-.auto-pkvars.hcl” file and edit the variables for your needs such as:
    • Line 2: The VM name
    • Line 17: The ISO location
    • Line 19: The ISO checksum. Use the PowerShell Get-Filehash command to get the checksum of the ISO
// VM
vm_name					= 	"GI-W10-001" 
operating_system_vm 	= 	"windows9-64"
vm_firmware				=	"bios"
vm_cdrom_type			=	"ide"
vm_cpus					= 	"2"
vm_cores				= 	"1"
vm_memory				= 	"2048"
vm_disk_controller_type = 	"nvme"
vm_disk_size			= 	"32768"
vm_network_adapter_type =   "e1000e"
// Use the NAT Network
vm_network              =   "VMnet8"
vm_hardwareversion 		= 	"19"

// Removeable media
win10_iso				= 	"c:/iso/en-us_windows_10_business_editions_version_21h2_x64_dvd_ce067768.iso"
// In Powershell use the "get-filehash" command to find the checksum of the ISO
win10_iso_checksum      =   "1323FD1EF0CBFD4BF23FA56A6538FF69DD410AD49969983FEE3DF936A6C811C5"
  • Open the “autounattend.xml” file in the setup folder and check and edit the following lines as needed:
    • Language and keyboard settings
    • Line 84: Administrator Password (must be the same as the winrm_password)
    • Line 92: Autologon Password (must be the same as the winrm_password)
    • Line 141: The ComputerName
  • Edit the build.ps1 file and check the following lines:
    • Line 2: Packer folder location
    • Line 14: The winrm_password matches the administrator password in the autounattended.xml file
# Variables
$downloadfolder = 'C:\packer\'

# Go to the Packer download folder
Set-Location $downloadfolder

# Show Packer Version
.\packer.exe -v

# Download Packer plugins
.\packer.exe init "${downloadfolder}windows.json.pkr.hcl"

# Packer build
.\packer.exe build -force -var-file="${downloadfolder}win10-std.auto.pkrvars.hcl" -var "winrm_username=administrator" -var "winrm_password=ThisisagoodPassword!" "${downloadfolder}windows.json.pkr.hcl"
  • Execute the “build.ps1” file with PowerShell to start the Packer image build process.

  • After a while, the build process finishes and you have a new Windows 10 image deployed with Packer in VMware Workstation.

 

An unattended installation of VMware Tools 12 generates a 2711 error

For a new Windows 10 image build, I used the latest supported VMware Tools  In this case that was VMware Tools 12.0.0. VMware Tools is deployed using an unattended installation such as:

e:\setup64.exe /S /v "/qb REBOOT=R ADDLOCAL=All REMOVE=AppDefense,Hgfs,CBHelper,VmwTimeProvider,VSS,NetworkIntrospection,FileIntrospection" /l c:\windows\temp\vmware_tools_install.log

During the installation of VMware Tools, the following error occurred: “The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2711.”

After comparing the syntax of the components and could not find any clue (link).

Feature Name Description
CBHelper Helper to install of Carbon black Sensor on a virtual machine.
Perfmon Utility for WMI performance logging. Enables performance monitoring between the Guest SDK and the WMI environment.
VmwTimeProvider Time provider for VMware virtual precision clock device.
AppDefense The VMware AppDefense component performs Application Security Monitoring. VMware Appdefense consists of glxgi.sysgiappdef.sys kernel mode drivers and gisvc.exe user mode service.
FileIntrospection The NSX File Introspection driver, vsepflt.sys is the first of the two guest introspection drivers. You can install it separately, without installing the NSX Network Introspection driver.

Note:This component is dependent on the VMCI driver.
NetworkIntrospection The NSX Network Introspection driver, vnetflt.sys is the second of the two guest introspection drivers.

Note:This component is dependent on the VMCI driver.

VMware Tools 10.2.5 supports vnetWFP driver for Windows 7 and later.

ServiceDiscovery The Service Discovery component enables the discovery of various services running inside a virtual machine.

Note:This user-mode component is dependent on the VMCI driver.
DeviceHelper The VMware Device Helper component helps to perform a device check and swap in your virtual machine.

Note:This user-mode component is dependent on the VMCI driver.
Hgfs Hgfs is a VMware shared folders driver that allows files to be shared between your virtual machine and the host computer.

You can use this driver, if you plan to use this virtual machine with VMware Workstation, Player, or Fusion.

Note:

  • If you exclude this feature, you cannot share a folder between your virtual machine and the host system.
  • This component is dependent on the VMCI driver.
SVGA The VMware SVGA driver enhances the performance of your virtual video card.

Note:If you exclude this feature, it limits the display capabilities of your virtual machine.
VMXNet The VMware VMXNet networking driver enhances the performance of your virtual network card.
VMXNet3 The VMware VMXNet3 networking driver enahnces the performance of your virtual network card (ndis5/ndis6). This is the Next-generation VMware VMXnet networking driver for virtual machines that use virtual hardware version 7 and higher.

For more information, see the VMware Knowledge Base article KB 1001805.

VMXNET3 adds several new features, such as multiqueue support (also known as ‘Receive Side Scaling’ in Windows), IPv6 offloads, and MSI/MSI-X interrupt delivery.

VMXNET 3 is not related to VMXNET or VMXNET 2.

Receive Side Scaling is enabled by default.

VMware Tools 10.3.0 adds receive data ring support for Windows VMXNET3 driver.

Virtual hardware version 7 corresponds to ESX/ESXi 4.x compatibility.

PVSCSI The VMware Paravirtual SCSI adapters enhances the performance of your paravirtual SCSI devices.
EFIFW The EFIFW driver is used for EFI Firmware update.
MemCtl The Memory Control Driver provides enahnced memory management of the virtual machine.

You can use this driver, if you plan to use a virtual machine in the vSphere environment.

Note:If you exclude this feature, it hinders the memory management capabilities of the virtual machine running in a vSphere environment.
Mouse The VMware PS2 Mouse driver enhances the performance of your virtual PS2 mouse.

Note:If you exclude this feature, the mouse performance of your virtual machine will decrease.
MouesUsb The VMware USB Mouse Driver enhances performance of your USB mouse.
Audio The Audio driver provides audio for your virtual sound card.

Note:This Audio driver is for 64-bit Windows Vista and later operating systems.
VSS The VSS driver is used for creating automatic backups. This driver is used, if the guest operating system is Windows Vista, Windows Server 2003, or other newer operating systems. Linux and older Windows operating systems use the Filesystem Sync driver.
BootCamp The BootCamp driver provides Mac BootCamp support.

So I decided to install VMware Tools 12 manually and search in the Windows registry for the components:

As you can see, the AppDefense component doesn’t exist anymore in VMware Tools 12. Removing the AppDefense component from the unattended VMware Tools installation command fixed the problem.

e:\setup64.exe /S /v "/qb REBOOT=R ADDLOCAL=All REMOVE=Hgfs,CBHelper,VmwTimeProvider,VSS,NetworkIntrospection,FileIntrospection" /l c:\windows\temp\vmware_tools_install.log

I filled in a feedback form on the VMware Tools 12 documentation page to change to remove the AppDefense component.