Smart Card device integration into Windows 10

All the joys of Windows 10….. now on 1709

Last week after upgrading Windows 10, I came a cross this nice new integration for Smart Cards. (tokens)








Windows 10 new has support for eTokens (SafeNet Tokens)
I was very pleased with this update, it will save me yet another application to install.
I’ve been using the SafeNet Application from Gemalto and it has served me well for several years. So time for a changes, the integrated Smart Card application in Windows 10 works perfect for me.

I am using the following it with:

and my tokens? I ALWAYS use digicert for codesigning certificates:)

ps. A new version of Access Director Enterprise is on its way, signed and released to web.

Stay tuned!

Remove dependency for msvcr120.dll/msvcp120.dll in release versions

I know that there are some questions about, how to include msvcr120.dll/msvcp120.dll into your project.

If you want to drop that dependency. If you compile the program in release version, in Visual Studio 2013/2015 and do not depend on any VS-specific commands (#pragma etc.) or precompiled headers etc.

If you want to compile it to one single release .exe and provide it to user WITHOUT demanding enduser to install VC++ Redistributes for VS

You can statically link the runtime to your project by setting the /MT flag. You can find this option in Visual Studio 2013/2015 under Project > [ProjectName] Properties… > Configuration Properties > C/C++ > Code Generation > Runtime Library. Make sure to only set it for the Release configuration.


Using a 3.Party IM Client with Office 365 or Lync?

Of course!

I’ve been using Pidgin for ages…

In Pidgin I’m able to run the following protocols

  • -XMPP (facebook)
  • Office Communicator (for Lync and O365)
  • Skype
  • Skype for Business
  • ICQ
  • ….. and lots more.. see the full list at Pidgin Thirdparty plugins

You should try it, if you like me prefer to keep your conversation history’s together and sorted.

One thing i’ve noticed, for some reason Office 365 (Lync or now Skype for Business) requires me to use a specific user agent(!) so….having problems getting it to work? Maybe you see:

Connection refused with error message
“You are currently not using the recommended version of the client”
“You have been rejected by the server:”

Cry no more!

Here is a list of user agents and versions you can emulate, and it works great! Just modify your connection profile, under advanced, type one of the following user agent values..

Version / Product User Agent values (as seen in the wild)
Lync 2013 and Office 365 UCCAPI/15.0.4481.1000 OC/15.0.4481.1000 (Microsoft Lync)
UCCAPI/15.0.4420.1017 OC/15.0.4420.1017 (Microsoft Lync)
Lync 2010 and Office 365 UCCAPI/4.0.7577.314 OC/4.0.7577.314 (Microsoft Lync 2010)
UCCAPI/4.0.7577.256 OC/4.0.7577.280 (Microsoft Lync 2010)
Office Communicator 2007 R2 UCCAPI/3.5.6907.206 OC/3.5.6907.206 (Microsoft Office Communicator 2007 R2)
UCCAPI/3.5.6907.0 OC/3.5.6907.0 (Microsoft Office Communicator 2007 R2)
Office Communicator 2007 UCCP/2.0.6362.111 OC/2.0.6362.111 (Microsoft Office Communicator)
UCCP/2.0.6362.97 OC/2.0.6362.97 (Microsoft Office Communicator)
Office Communicator 2005 LCC/1.3.5371 (Microsoft Office Communicator 2005 1.0.559.0)
LCC/1.3.5371 (Microsoft Office Communicator 2005 1.0.559.232)

Access Director 3.0 Released

The future of Windows is coming on July 29

To make your next Windows experience even better – We have just released the next version of Access Director.                                                                                               Using Access Director you will be able to secure your desktop, simple and easy!

– Run your desktop in a non-elevated user context
– Elevate only needed applications with a single click
– Elevate in your current user-context without affecting other unsecured applications like IE or Office

What’s in Access Director 3.0 ?

– Updates to support the next Windows experience (10)
– Support for integration modules
– Minor bug fixes

Get it from the Download Center

Direct Download Link

EasyBoot USB 1.1 has been released

Simpel, but very helpful tool to create Windows Boot or To-Go USB sticks

Download Link

It’s that simple, EasyBoot USB with 4 easy steps and you are ready to go.

  1. Insert USB stick
  2. Choose between the following types
    1. UEFI
    2. BIOS
    3. Windows To Go
  3. Browse to your ISO file
  4. Click Start

EasyBoot USB

The tool is pretty much self-explanatory

Do not hesitate to ping me with bugs, feature requests or ideas for new tools 🙂




Access Director released!

It’s been some time since our last update, but here we go again

Access Director has been updated and released

This is a major upgrade, all previous versions should be uninstalled prior to installing the new versions

Short list of changes

  • Its now possbile to use localized balloon notification (or your own)
  • Language default is en-us
    • valid values are auto, or specific lananuge files e.g. de-de.lng (must reside in existing languages folder)
  • Localized menu options (remember du save lng files as unicode)
  • Registry modifications now resides in HKLMSoftwareNoLightPeopleAccess Director
  • as per request the MSI, and application itself is now signed
  • Removed the need for any registry keys needed for the service to start (will run with default values if no other is present
  • Updated Policy Prefences template included in zip file

Direct Download Link:

let me know of bugs and feature requests 🙂 @MarcussenThomas



Advanced Installer

For many years I’ve been working with Wise Package Studio, the best tool ever for application repackaging projects. Since Wise Package Studio is End of life – announced in December 2011. Now seemed like a good time to find a new tool, Flexera Admin Studio seemed like the obvious choice, but is rather expensive (still a great tool)

In some cases Orca ( would get the job done, but still would take a long time

I remembered coming across Advanced Installer at TechEd NA, so decide to have a look at the tool

There is a free trial from the website and also a free version:

Advanced Installer comes in multiple versions, I choose to test the Architect version, mainly because it had the following features highlighted

  • Repacker
  • App-V
  • SCCM
  • MSI Quick-Edit

My test of the product was a great success !

Today I will recommend this product to my customers looking to repackage or edit MSI’s, it has a nice and intuitive interface, much like Wise Package Studio had 😉

Have a look at some of the videos from Advanced Installer on YouTube:



Essentials – Access Director

Allowing a known user to elevate specific applications or tasks on demand

In the video we are logged on a workstation with the TestUser
TestUser is not member of the Local Administrators group
TestUser is member of the custom created local group Access Director

When requesting local administrators access using the tray icon, it will verify that we are a know user that is a member of the local group Access Director. If we are member of the local group we will be elevated for a predefined number of minutes (2 minutes in the example)

When elevated, we can click on any application and RunAs Administrator – we will as always be prompted for our logged on credentials, but this time the application is running with local administration privileges.

When the timer hits 2 minutes, our administration privileges are expired.

This will make it possible ONLY to elevated, when needed and not having to load the full profile with administrative privileges

The tray icon does not require additional rights to run
A local system service will handle all requests
All options are configurable through gpo and/or registry

Read more about latest additions at

Creating Installations for Device Driver Applications Using DPInst

When a Driver application gets installed on to a machine, it installs driver information like PNF, INF, CAT files in the location “C:Windowsinf”. By default, these files will be named as oemXX.pnf or oemXX.inf where XX stands for the number. Ex: oem1.INF, oem1.PNF and so on. So when we do a capture of such applications, these XX values will be hard coded which does affect many other device driver applications which are pre-existent in the machine. Hence, in this case we used to customize the package by writing few Custom actions using “setupapi.dll” in such a way that it checks for the max XX value which is present in the machine and install the PNF or INF file of the package.

This approach takes a lot time in creating multiple custom actions for copying oem/pnf files. In this article, we discuss on a executable “DPInst.exe” which makes your life easy in dealing with driver based packages.

Introduction to DPInst

DPInst is a component of the Microsoft Windows Driver Install Frameworks (DIFx) that simplifies and customizes the installation of driver packages for devices that are not yet installed on a computer (commonly known as a software-first installation). DPInst also automatically updates the drivers for any installed devices that are supported by the newly installed driver packages.

How Packages Install using DPInst

By default, when the Microsoft® Windows® Driver Package Installer (DPInst) runs, it runs in a wizard-install mode that displays a sequence of wizard pages. In wizard-install mode, DPInst first displays a welcome page, and then displays an end-user license agreement (EULA) page. After the user accepts the licensing agreement on the EULA page, DPInst displays an installation page, and then performs the following steps to install Plug and Play (PnP) function drivers:

  1. Locates the INF files. DPInst searches the directory where the DPInst executable (DPInst.exe) is located. DPInst also searches vendor-specified subdirectories under the directory where DPInst.exe is located. A vendor specifies the subdirectories by using the search and subDirectory XML elements in an optional DPInst descriptor file (DPInst.xml)
  2. Authenticates the driver packages.
  3. Preinstalls driver packages in the driver store.
  4. Adds an Add or Remove Program entry in Control Panel that represents a driver package. (DPInst does not support this feature on Windows Longhorn.)
  5. Installs the driver packages on matching devices that are connected to a computer.

After DPInst completes the installation of a driver package, DPInst displays a finish page that informs the user of the status of the installation.

DPInst supports a suppress-wizard mode that suppresses the display of wizard pages and other user messages that DPInst generates. It also supports command-line options that control the display of its wizard pages and other DPInst operations.

For general information about INF files and driver packages, see “Providing a Driver Package” in the Microsoft Windows Driver Development Kit (WDK).

Steps to Follow in MSI package

We need to follow these below steps to achieve efficient driver installation.

Step 1: Search for “*.inf” files in the captured folder.

Step 2: Cross check the contents of this file (step 1) with the contents of “*.inf” files under “[WindowsFolder]INF” folder.

Step 3: Delete the file “oemXX.inf” from “[WindowsFolder]INF” folder from your package.

Step 4: Copy DPInst.exe under the location where you get the “.inf” file.

Step 5: Write a custom action as shown below.

Fig 1

Click to view.

Fig 2

Click to view.

Fig 3

Click to view.

Repeat the above steps from 1 to 5 for each oemXX.inf files.

Now the MSI package created will be able to install the driver files without affecting the pre-existant application’s functionality as well as the operating system.

Features of DPInst:

  • Localization. There are two versions of DPInst: an English-only version and a multi-language version that supports many of the commonly used languages that Windows supports.
  • Driver installation customization. You can localize and customize the text, icon, and bitmaps that are displayed on wizard pages. You can include branding, an optional EULA, and control whether wizard pages are displayed.
  • Automatic driver package removal. For each driver package that is installed by DPInst, DPInst adds an entry to Add or Remove Programs (in Control Panel) where a user can remove the driver package from their computer. If the user removes a driver package, the package is removed from the driver store, the corresponding INF file is removed from the system INF file directory, and all devices that were previously supported by the package are updated with the next best available driver.
  • Installation error logs. DPInst logs high-level messages in the DPInst log file (%windir%DPINST.LOG). The log file is a plain-text file that contains information and error messages and identifies the driver package that was being installed when an error occurred.


Driver Package Installer (DPInst)

DPInst Command-Line Switches…