Windows ie ac 001 windows 10 что это



Windows ie ac 001 windows 10 что это

This forum has migrated to Microsoft Q&A. Visit Microsoft Q&A to post new questions.

Asked by:

Question

What’s the deal with these new windows firewall rules created for each «local user owner», that allow all ports and programs? How can I disable their creation?

Contact Support — All — windows.contactsupport_cw5n1h2byewy

Search — All — microsoft.windows.cortana_cw5n1h2byewy

Work or school account — Domain, Private — microsoft.aad.brokerplugin_cw5n1h2byewy

Your account — Domain, Private — microsoft.windows.cloudexperiencehost_cw5n1h2byewy

All replies

How did you check the firewall information?

Here is my understanding:
«Contact Support»
It should be related to the Metro app «Contact Support». It is an app could be used to ask for help from Microsoft directly. If it is disabled, this app may not work.
«Search»
It is related to the Cortana app. If it is disabled, the Cortana may not work well.
«Work or school account»
It should be related to the Azure AD account. If it is disabled, the Azure AD account may not work well.
«Your account»
It should be related to the cloud service of your account(Microsoft account sync settings between machines).

These seem to be new default firewall rules for Windows 10. If you don`t want to use those features, we could disable them in firewall with the UI or the command line «netsh advfirewall».
Control Panel\All Control Panel Items\Windows Firewall\Allow an app or feature through Windows Firewall

If you want to use those features, we`d better to keep them.

Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

  • Proposed as answer by MeipoXu Microsoft contingent staff Friday, November 11, 2016 6:38 AM

I have print stations with 20,000 of these firewall rules. The cpu of the Windows Firewall service is often very high. I am trying to delete them remotely with powershell running as system user. When I tried netsh I couldn’t find the rules going by name. But for some reason system user can’t find the rules either even though administrators can:

Do these rules permit all the ports to be open?

This seems to work as the system user. The displaynames of the rules appear different to system than to administrators:

  • Edited by JS2010 Thursday, November 10, 2016 7:55 PM
  • Proposed as answer by MeipoXu Microsoft contingent staff Friday, November 11, 2016 6:38 AM

I am glad you have figured out the method to remove the firewall rules. As I pointed out before, removing those firewall rules may affect the related feature. Please be careful.

Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

  • Edited by MeipoXu Microsoft contingent staff Friday, November 11, 2016 6:39 AM

This is much faster:

I’m still looking to this. There are 8 other firewall rules (at least 8 unique displaynames of rules) made for each user that you can’t even see in the firewall control panel. Their names start with an «@» symbol. Plus 16 more unique displaynames of rules in the configurableservicestore policystore. On some computers, I run out of memory in powershell just trying to count them:

If it is possible, please post back the rules here. I will try my best to explain the rules for you.
According to my experience, most of those new firewall rules are related to the metro apps. If you don`t want to use them, we could delete them directly.

Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

It’s tempting to paste here all 80 or so metro app firewall rules per user. You can just pick a user’s sid and dump them all like this in powershell. Most of them are in the configurable service store and aren’t visible in the control panel. What do they do? There’s a few visible in the firewall control panel with names «Search», «Work or school account», «Your account», and «Contact Support».

I tried to check the rules with command line «get-netfirewallrule «. Most of them should be related to the metro apps. The «Display name» and «Description» tag should explain the rule.

Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

  • Edited by MeipoXu Microsoft contingent staff Thursday, November 17, 2016 5:57 AM

Hmm, it doesn’t make much sense to me. When there are a lot of these rules, svchost.exe goes to maximum cpu (25%) for several minutes after a new user logs in. And the rules never go away, even after profiles are deleted.

I know it’s been a few months, but we have just run into this problem in our computer labs and are discovering thousands of firewall rules as others have described above. Specifically, we are trying to address exactly the behavior that JS2010 is describing with svchost.

It doesn’t seem too complicated to write a ps script to clean up the existing entries to run on logout or something, but has anyone found a way to keep these rules from being added in the first place?

I think you’d have to completely break all the windows apps. I’ve seen a warning starting powershell when I tried deleting all the rules for the admin account though. To me the biggest problem is they stay around after deleting user profiles, even in 2016 LTSB. And unlike netsh, when using powershell, the more rules there are, the slower deleting or adding rules happens, because it seems to process every rule. I ended up going directly to the registry to delete them in powershell.

Boy, you’re not kidding that it takes a long time to process firewall rules with Powershell! Sheesh! I think the estimate was something like 2 days for 10k rules, and we have machines with over 100k of these duplicate rules. At least with Remove-ItemProperty it take as long as it needs and then a restart (or start. ) of the firewall service puts the change in place. That’s a good call. We’re using SCCM to deploy a cleanup script that can be run while the computer is in use, and if that’s successful, then I’ll try and share that for others that might run across this.

These were the two registry locations that we found. I don’t know if you found more, so I thought I’d mention it.

Here’s my version of the script. It’s all the way at the bottom. I went a little crazy with the ETA bar. It deletes firewall rules with owners that have no profiles from those two firewall stores. Even in Windows 10 2016, deleting a profile will not clean these up. http://stackoverflow.com/questions/40620634/speed-up-powershells-remove-netfirewallrule

Hey, I like your progress bar! I have to admit, I’ll probably borrow it myself for some other projects. 🙂

We did it slightly differently, but I think both approaches work just fine. So there were two things that guided our solution: (1) We found that the rules were duplicated at login each time a user logged in, so regardless of whether rules had been previously added for a given user, 21 rules were added again at the next login — every time. For that reason, we did not limit ourselves to profiles that didn’t exist but rather domain users. (2) We were deploying this as a script to run hidden in the background and so focused on logging details instead of displaying them on the screen.

We did this with a simple CMD file that exports the list of registry entries based on the existence and contents of «LUOwn. » and then runs a powershell script to clean them up. Depending on how long it took, the SCCM job may fail due to time exceeded this first time, but the script still finished running and could be run on a schedule within SCCM.

The SCCM program calls the CMD file above and runs it hidden whether or not a user is logged in, and this PS1 file is stored in the same directory:

This leaves the NT AUTHORITY-based rules, which could be included by changing the search string in the CMD file from LUOwn=S-1-5-21 to LUOwn=S-1-5- instead. It also leaves the log files by date. We expect to clean up at a later time but wanted to keep for reference for a bit.

Good times! I hope this is helpful to someone, and thanks JS2010 for helping us get here!

Источник

Windows ie ac 001 windows 10 что это

Будь в курсе последних новостей из мира гаджетов и технологий

Из Windows 10 можно удалить Internet Explorer, но делать это не стоит

Microsoft уже достаточно давно позволяет удалить из Windows 10 некоторые стандартные приложения, если они вам не нужны. В этот список входят Блокнот, Paint, проигрыватель Windows Media и в том числе Internet Explorer 11. Ознакомиться со всеми такими программами можно в Параметрах > Приложения > Дополнительные компоненты:

С учетом того, что музыку мы нередко слушаем через интернет, вместо Paint используем Photoshop, а для Блокнота есть отличная замена в виде Notepad++, появляется вполне логичное желание избавиться от «лишнего» софта в системе. И, кроме всего прочего, Microsoft разрешает удалить IE 11 — это выглядит здраво, ибо в системе есть Edge, и многие пользуются Chrome или Firefox. Да, конечно, этот браузер может быть полезен тем, кто работает со специфическими или старыми сайтами, но для большинства пользователей это кривое детище Microsoft, которому в этом году исполнилось уже 8 лет, и рука так и тянется его удалить.

Однако делать это я категорически не рекомендую по одной простой причине: даже если вам кажется, что вы не используете этот браузер, на деле множество приложений (в том числе и системных) завязаны на его работу. Банальный пример — многие ярлыки игр или веб-приложений ведут не к .exe, они внутри имеют ссылку:

И проблема в том, что Проводник, который отображает эти ярлыки, уже больше 15 лет «гвоздями прибит» к Internet Explorer. Как итог, если вы удалите последний, иконки приложений станут просто белыми:

Аналогично может сломаться работа программ, онлайн-справка которых вызывает не браузер по умолчанию, а именно IE. Поэтому удалять «ишака» даже в 2020 году из новейшей версии Windows 10 не стоит. Это касается только его — тот же Paint или проигрыватель Windows вполне можно удалить, если у вас есть им замена.

Но если вы все-таки удалили Internet Explorer, его можно очень просто вернуть. Зайдите в Параметры > Приложения > Дополнительные компоненты, нажмите на кнопку «Добавить компонент» и выберите этот браузер из списка:

После этого нужно перезагрузиться, и IE вернется в систему.

Источник

You may also like...