I’ve seen some bad customer service in my time. I’ve seen some good customer service, occasionally I see really great customer service – but sadly, it’s less and less often these days. But really bad customer service is when you can’t even have a conversation with the customer service/billing representative because their “security system” is so overbearing that it’s dysfunctional. I’m talking, of course, about Sprint-Nextel. You’d think they’d be interested in having a conversation about collecting money on an allegedly overdue bill. Yet, they cannot even discuss the bill with me unless I can remember my “PIN” and my “Security Question”!. Well, the latter doesn’t exist at all – the website told me so. I have no idea what the PIN is.

I went online to try to get some billing information online, and then was rudely reminded why I didn’t go online in the first place. Apparently I don’t remember my web password either, but knowing my account name, my telephone numbers, my account number, and the bank account number that the bill has been paid with for the past 2 years isn’t enough. On the web, to change my password from one I’ve forgotten, I also need to know this elusive “PIN”.

Bottom line – no “PIN”… you cannot communicate with anybody for anything at Sprint-Nextel. (Hint: If you get yours, better put it in your Safe Deposit Box.)

Now.. the people on the phone – they have an elegant solution.. “Why.. shucks.. you just need to hop in your car and drive over to your nearest Sprint store…” and talk to a person (who doesn’t know me from beans), show ‘em two pieces of photo identification (I’ve only had one piece of photo identification since I was discharged from the Air Force in 1985!), and they’ll just happily hook me up with my very own “PIN”. (I bet they can fix my bill too, which means I don’t even need the yahoos on the telephone.)

Now, you’d think they might be just slightly inclined to find a better solution when I mention that I’ve now been on the telephone talking to four different people for over an hour, with what is really just a simple billing question, and I’m so out-of-patience that if we don’t find a way to exchange some useful information, I’ll be happy to take the simple solution --- transfer to another provider. That threat so impressed them, that the third person I talked to transferred me direct to “Connection Services” so i could disconnect my services! They were similarly unimpressed, apparently, when I said that if I had to get in my car to drive down to the Sprint store to get a PIN, that I’d be much more likely to stop at the AT&T store or Verizon store on my way there.

The really sad thing is that I’ve been a Nextel customer since sometime in the early 1990s – so we can also see what value customer loyalty has at Sprint-Nextel as well.

So, after the fourth person unable to have a conversation because I don’t know my “PIN”… I get transferred again…. and end up in some person’s desktop voice mail box. (He’s probably gone home for the day!).

I hang up.. totally frustrated. Sprint, of course, still isn’t paid, I have no idea why a bill that I’ve been paying the same amount on for sixteen months (or longer, my online records only go that far back) suddenly has a two-and-a-half month overdue amount on it – and apparently nobody at Sprint is capable of, or willing to, find a solution to a piece of nitnoy security malarky so that they can actually collect a payment. I guess I’ll just have to wait for Sprint Collections to call my telephone and ask.

And, the really STUPID thing about all of this ? ? ? – a simple one page letter with First Class Postage disputing the billed amount and demanding my complete billing history requires that everything I tried to get by telephone today must be provided within 30 days to the provided return mailing address – no validation of anything or anybody required -- or I don’t owe them the disputed amount of the bill.  Such is the value of “PIN” codes and “Security Questions” when engaging in voice conversations to resolve billing questions.

Oh.. did I mention that this is my primary BUSINESS ACCOUNT that is now offline. <sigh>

I’m off to draft my FDCP letter.

As originally presented in this Technet WSUS Forum thread
http://social.technet.microsoft.com/Forums/en-US/winserverwsus/thread/b9ca8109-5e09-4acc-bef0-54658ca83c66

Installation of KB974417 (MS09-061) is failing when KB976569 (released Feb 2010) has previously been installed. Essentially this situation occurs in two scenarios:

1. The systems have not been properly patched with required security updates in a timely manner. KB974417 is MS09-061 (October 2009), so presumably most have already deployed this update; however, evidence shows that some are a bit behind in their security patches. If KB976569 is already installed, and KB974417 is being installed after, KB974417 will fail installation.

2. New systems being updated from images pre-dating October 2009’s security updates. The WUAgent fails to properly schedule the order of installation of KB974417 and KB976569, causing KB976569 to be installed prior to KB974417 in the same session. Why the WUAgent chooses to install a compatibility update prior to a security update, or why the newer update is installed prior to the older update, are two questions I have posed to the WSUS/WUA team.

In the meantime, for those customers encountering this issue, the only known remediation is to uninstall KB976569, then install KB974417, and then re-install KB976569.

For customers that are installing batches of updates, it is suggested to install KB974417 (and other security updates) prior to installing non-security updates, and specifically prior to installing KB976569. The easiest way to achieve this would be to defer the installation of KB976569 until all other deployment activities are completed.

Gosh… it’s been a while since I posted anything here. Shame on me!

So.. yes.. I am still alive.

The Group Policy webcast mentioned in the last post is available for on-demand viewing at the EminentWare website.

On Demand Webcast: Group Policy & Microsoft WSUS Best Practices

Also, in February another webcast on WSUS Reporting was recorded.

On Demand Webcast: WSUS Reporting Made Easier

For those who attended, or have since watched, the Group Policy webcast, I promised to post here some testing results on the Reboot Now/Reboot Later behavior in Vista and later operating systems. I’m still conducting that testing (I’ve been swamped with other tasks and projects), and do expect to have some definitive results within the next week or so. Thank you for your patience.

And, I’ll be at the Microsoft Management Summit in Las Vegas next month. If you’re there, look me up!

EminentWare invites you to a live webcast 
Group Policy & Microsoft WSUS: Best Practices 
Next Wednesday!
January 27, 2010
1 PM Central

Join EminentWare and Microsoft MVP and WSUS Expert, Lawrence Garvin, to learn the ins and outs of using Group Policy and Microsoft WSUS.  We'll explore the Group Policy settings available for use with WSUS and the Windows Update Agent, their impact upon the behavior of the Windows Update Agent, and their interactions with one another.

At this webcast, we'll discuss:

•    The default behavior of the Windows Update Agent
•    The basic configuration requirements to enable the Windows Update Agent to communicate with your WSUS Server
•    The registry keys created by the policy options
•    Common configuration scenarios for the Windows Update Agent and the specific policy options required to implement those scenarios
•    Advanced policy option interactions
•    The impact of deadlines on your policy configuration.

Register now>>

Apparently, instructions contained in KB962007 published way back in the days of Conflicker, are interfering with the ability to successfully install the Windows Management Framework Core (KB968930), and may well interfere with other updates which have the same registry access requirements.

KB962007 contains a recommendation to create a Group Policy Object (GPO) to reset the write permissions on the registry key HKLM\Software\Microsoft\Windows NT\CurrentVersion\Svchost in order to prevent the Conflicker worm’s associated service(s) from being created in the netsvcs registry value in that key.

However, it appears that the WMF Core needs to create new services in that svchost key, and is unable to do so because of the removal of the write permissions implemented by a GPO created in response to KB962007.  This installation issue can potentially affect any other installation activity that requires creation of a registry value in the svchost key.

The resolution is to either temporarily assign WRITE permissions to the svchost key to faciliate the installation, and then let the GPO revert the key to read only, or to permanently reverse the GPO and restore WRITE permissions to the svchost key.

Concurrent with this change, you should also verify that MS08-067 (KB958644) is installed to all systems.

In addition, reviewing this TechNet Article on Conflicker may be of additional assistance.