Posts

Showing posts from March, 2012

Hyper-V AVHD File Access

how open avhd access contents?  want extract file it. the avhd want access recent in tree of snapshots vm.  have deleted of snapshots in tree, differencing chain broken.  the vm start, state reflects original vhd, , can't merge avhd original vhd. i tried using edit disk wizard reconnect avhd parent, got error wizard passed invalid parameter. is there 3rd party utility out there can access avhd regardless of differencing chain?  dont care how costs , badly need it. an avhd file not standalone virtual disk , cannot mounted , accessed one. an avhd member of differeicing disk chain , because of entire chain must exist, in place, able use it. you mount avhd represents snapshot @ point in time desire - long rest of chain exists, fine.  hyper-v r2 allows direct mounting of avhd files through diskpart or disk management. brian ehlert (hopefully have found useful) Windows Server

RRAS NAT Stopped Working

i have windows server 2008 r2 32-bit server in datacenter , 64-bit @ office. office connection doesn't allow incoming port 25. make sure mail can received, i've set user account in ad , assigned fixed ip of 192.168.2.254. vpn server doesn't have dhcp installed, i've set fixed host range of 192.168.2.5 till 192.168.2.254. vpn server automatically takes 192.168.2.5, , when mails erver dials in, gets desired ip wel. so far, good. i added nat port 25 incoming rerouted port 587 on 192.168.2.5 via netsh netsh routing ip nat>add portmapping "name=local area connection" tcp 0.0.0.0 25 192.168.2.254 587 after realizing should have mapped port 25, i've updated netsh netsh routing ip nat>add portmapping "name=local area connection" tcp 0.0.0.0 25 192.168.2.254 25 i have @ first, worked, got 5.7.1. when trying deliver mail because service via port 587 expects identify first... too bad, because won't nat routing. if @ nat section, pa

GPO to force Proxy Settings on Network

hi friends, i have domain 25 workstations. have set gpo server using gpmc apply proxy settings athenticated users. let me tell in detail:   i have created new policy under users configuration >> windows settings >>internet explorer maintenance >>connection > proxy settings... here, have provided ip (example: 123.126.123.3, port: 3128). policy being kinked entire domain. settings of gpo applied authenticated users.   this gpo not getting applied of users. ran gpresult , found policies getting applied , there no errors. tried rebooting machines, tried recreating gpo's, tired running gpupdate /force. nothing seems working out. all workstations have ie8 installed, have checked , updated latest adm version. but nothing seems working out. every time open ie >> tools >> internet options >> connection tab >> lan settings >> proxy server tab unchecked.   please 1 me it.. urgent....   awaiting reply regards,  

win 2k8 and apache2triad

possibly wrong section apache compatable 2k8? if there must services need stopped or dissabled? apache loads in failes on password auth sql , not start when installed. know in xp because iis running if installed dissabled in 2k8. ideas? apache , mysql runs fine on both windows server 2008 core , full installation. apache , mysql needs correctly configured, check ini-files , mysql-configuration username , password, port-related errors , such.   Windows Server  >  Windows Server General Forum

How Do I Serve DHCP Requests Received From a DNSMasq Relay Agent

good-day folks, my network comprised of 2 subnets - 172.23.6.0/24 [ lan-a ] , 172.23.7.0/24 [ lan-b ] located in separate buildings.  the 2 buildings connected via fiber circuit , traffic lan-b flows lan-a.  i have windows server 2012 r2 located in lan-a running dhcp network.  up until today, had separate linux box serving dhcp lan-b.  i replace box dnsmasq in dhcp-relay-agent mode, relay dhcp requests lan-b windows server on lan-a. i have created separate scope on windows server , believe need setup kind of policy requests coming lan-b served scope.  how accomplish this? thanks anne, i think question may have been misunderstood.  wasn't looking on how setup dnsmasq relay agent - did that.  was looking how configure windows server filter out dhcp requests coming relay agent , assign ips correct scope. but came in morning , it's working.  all had define scope-specific policy using mac of relay agent.  address leases being served appropriate scope now.  thanks ass

Best way to move a DFS Root to another drive on the same server

i realized dfsroot , share on c: drive on dfs servers (the actual data on d: drive though). need move the namespace (i hope saying right) to d drive solve storage reporting issue. best way move that? should remove of namespace servers , re-add them? yeah buddy! i realized overthinking this. fix simple. had delete each namespace server (not @ once) , recreate them, , change default c:\dfsroots\namespace d:\dfsroots\namespce (you have click on edit settings when adding "new" server able change c:\ d:\). hope helps someone. yeah buddy! Windows Server  >  File Services and Storage

WSUS Computer group design and testing best practices

i've inherited responsibility of updates our organization pc's only, not servers. have 17 wsus servers support >33k desktop devices across ~85 physical locations. have not been proactive our updates @ all, unless there specific need patch didn't patch. looking more proactive.  our current computer group tree "ugly". there separate group each ad ou, corresponds geographical location.  i'm thinking want rid of these groups , create prod , test group using gpo apply workstations prod segment out our test devices gpo. thought approve updates our corporate offices (about 10% sample) test, approve rest of company 2 weeks later pending no issues. approving critical , security updates.  thoughts on design / setup? hi, if structure simple, , satisfy basic approving for all critical , security among client said, why not make group imimum possible?if involving with the server,i suggest @ least keep "client" group , "server" group ap

modifying useraccountcontrol using ldapmodify command : Getting "INSUFF_ACCESS_RIGHTS" error

hi,    trying use ldapmodify change useraccountcontrol attribute. can using domain admin account if try use account has write access useraccountcontrol property , following error : ldap_modify: insufficient access ldap_modify: additional info: 00002098: secerr: dsid-03150e8a, problem 4003 (insuff_access_rights), data 0 tried giving full control on properties did not work. can please let me know permissions should giving id can modify useraccountcontrol attribute. ad windows 2008 native. thank time. hi, modify useraccountcontrol attribute via adsiedit.msc tool? if there error when using adsiedit.msc, please let know detailed error message. @ same time, try logon enterprise admin account test again.  thanks. this posting provided "as is" no warranties, , confers no rights. Windows Server  > 

Custom scheduled tasks dissapears in Windows 2012

i have created custom task in task scheduler, no appear under "active tasks". i found task in c:\windows\system32\tasks, not in "schtasks /query". what happening? hi sindred, à i have created custom task in task scheduler, no appear under "active tasks". i create task in lab environment via task scheduler. yeah, find, scheduled task didn't appear under "active tasks". however, after task running, please refresh, , find in "active tasks" list. à i found task in c:\windows\system32\tasks, not in "schtasks /query". how configure location option in general tab when create task? after creating scheduled task, please click task scheduler library , check if find created task. run " schtasks /query " command. however, can find task created. suggest check result of " schtasks /query " command again. meanwhile, please open task properties , click history tab, check if find relevant e

AdamSync logging

hi, is there way of logging verbosely adamsync doing?    use /log command line,  gives summary information of it. the problem have adamsync not importing data expect to... if run command against domain controller adamsync talks to,   csvde -f data4.csv -s b06721 -d "dc=xxxx,dc=root,dc=local"  -p subtree -v -l "dn, userprincipalname" -r "(&(objectclass=user)(objectcategor y=person))" then export has 3500 entries,   , includes user i'm interested in. the ad lds instance has configuration file <?xml version="1.0"?> <doc>      <configuration>           <description>sample adamsync configuration file</description>           <security-mode>object</security-mode>               <source-ad-name>xxxx.root.local</source-ad-name>           <source-ad-partition>dc=xxxx,dc=root,dc=local</source-ad-partition>   <source-ad-account>servicenowldap</s

Does Client Computer Backup support backing up "Recorded TV" .wtv files?

far, have been unsuccessful in getting server 2012 essentials r2 backup "recorded tv" folder of primary pc running windows 8.1 pro media center when server performing client backups.  two symptoms make glaringly obvious: * on 2 tb of data not being accumulated in client computer backups folder * attempting "restore" folder finds no such folder listed available "recoverable" folder have been unsuccessful in finding explanation why is, how correct/defeat it, etc. must say, have server decide me data chooses protect , ignore pretty big letdown me when dropped on $400 operating system used in home environment peace of mind wanted in getting full, automated, managed pc backups 4 machines have running within home.  i'm eagerly awaiting beacon of light on issue attempts online solve mystery have come dry. afaik not backup ost files or recorded tv folder.  not real sure if skips wtv files or if put them in folder them in case use mce bu

Autorun Issue for Single Terminal Server User

i have user that, when logs terminal server (w2k3,) gets message program cannot run.  program was actually a virus, (the somethingorother fortress av virus,) , of has been cleaned off, virus evoked doing rundll32 on login dll.  cannot find rundll32 setting in registry causing this.  in pc, under run in registry.  question is: where locations user have program "autorun" upon signing in in terminal server?  , on user-by-user basis - not issue other users, unique user.  so, no gpo suggestions, or other global locations - need locations individual user might have auotrun. thanks in advance on this! hi, i recommend download , autoruns.exe when logged on problem user account.  may choose hide microsoft , windows entries number of entries reduced.  using autoruns should able see autorun location attempting start old virus file. autoruns windows http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx -tp

Windows server 2008 R2 firewall

hi everyone, i'm not sure it's right forum post questions, dealing firewalls sounds read-only, so... i have windows 2008 r2 box 2 nics (one connected internet, 1 internal network). server has routing role nat on external nic. far, works fine. prevent inner computers connect outside hosts but authorize. whatever rule set up, computers on internal network allowed connect outside computer don't want. possible fix , how ?  as subsidiary question, possible use windows 2008 r2 server firewall preventing incoming outgoing connections to/from computers on internal lan ? have feeling windows firewall can protect machine on installed, wrong ? thank taking time read , answer these questions. hello, domain machines may not apply gpos correct, dns resolution problems may occur, slow logons domain machines. and security reasons dc should never connected direct internet. also windows server 2008 r2 or other server os not built firewall use or major router. so don'

Security policies were propagated with warning. 0x534 : No mapping between account names and security IDs was done.

when try this: from command prompt, type: find /i "cannot find"  %systemroot%\security\logs\winlogon.log it comes file not found, not have winlogon.log file, tried change registry setting create log, still no log.how can log file trouble shoot error? what started me down rabbit hole our sonic appliance (firewall, wifi, vpn ) can not authenticate through radius server, comes authentication failed, or error: e=691 r=0 v=3. i went in , ensured shared secrets same , matching, went radius server find issues , when found these certificate error.  not sure if related. what can winlogon.log created troubleshooting?  how can trouble shoot radius authentication issues? thanks help. curt winter systems engineer ok ended getting rid of error manually going through group policy objects , removing accounts showed sid instead of account name, ie not resolving valid account.  once removed policies, did gpupdate again, errors gone event log. now radius authenticati

piping a path into Set-Location

im searching file , trying change current working directory path file. ive tried following: set-location |get-childitem -recurse |where-object{$_.name -match "filename*"}| select directory get-childitem -recurse |where-object{$_.name -match "filename*"}| select directory| set-location   neither work. can advise me how directory name get-childitem, without header, , pipe into  set-location?   get - childitem - recurse |where - object{ $_ .name -match "filename*" }| set - location - path { $_ .directory} Windows Server  >  Windows PowerShell

Publish certificate template

Image
hi, i'm wonder if possible publish certificate template using powershell? below screen-shot of how using gui. please need help, regards, bader if solution exists, imagine it'll here:  http://pspki.codeplex.com/ good luck, friend. :) g. samuel hays Windows Server  >  Windows PowerShell

Powershell Job seems to be typing the {Enter} key. How to make it not interact with my job?

at following link have powershell not behaving expect to. http://codepaste.net/a7evnt at high level script creates powershell job (script block) , runs it. within job console.readline(). expect block , wait (forever). task completes. means (powershell itself) interacting job "typing" {enter} @ point console.readline() executes? how make similar script block @ console.readline()? thanks. i don't know why powershell readline. you'll have change readkey() instead.  works, , can compare specific key if want make harder accidentally close when it's run in regular console Windows Server  >  Windows PowerShell

Need ipsec help

i have windows domain network with server 2008 dc , server 2003 webserver.  webserver domain bound so can have share access users deposit files onto ftp sites internal network.  trying webserver installed dmz on our watchguard firewall.  watchguard support has told me setup ipsec allow secure connection between webserver , domain controller have fewer ports open share access trusted optional (dmz) sides of firewall.  having difficult time trying figure out how setup ipsec connection.  have read alot of ms's stuff (amongst other references on net) confused , have had little luck getting ipsec configured correctly.  here details: the trusted network has domain controller located @ 10.10.10.40 (static).  dmz has webserver @ 192.168.1.2 (static).  firewall has ipsec filters set allow ipsec traffic in both directions.  has smb filter allow share access trusted dmz.  , rdp policy remote access testing , setup (i disable rdp once working.) can ping webserver trusted, cannot access shares

deplying windows server

kindly advise can documentation on how deploy windows server license this 1 may help. http://download.microsoft.com/download/e/6/4/e64f72bf-55e9-4d85-9efe-39605d7ce272/windowsserver2012r2_licensing_guide.pdf       regards, dave patrick .... microsoft certified professional microsoft mvp [windows] disclaimer: posting provided "as is" no warranties or guarantees , , confers no rights. Windows Server  >  Windows Server Technical Preview

VMs on Hyper-V 2012 R2 are shutting down automatically

hello guys!  i'm having huge problem in hyper-v 2012 r2 environment. yesterday, 9 of 40 vms shutdown automatically, , so, caused downtime problem customers in business hours. i checked in event viewer (application / system /  microsoft - windows - hyper) of host , vm couldn't locate log related unexpected shutdown.  it occurred twice yesterday, first in morning , second in afternoon. i'm afraid issue can happen again. i've tried locate logs identify problem, no luck here.  my question: there other place can me in troubleshooting find root cause? obs: vms licensed / activated.  obs2: vms win 2008 r2 std leandro soares - mcp/mcsa/mcts hello elton, after rebooting 2 hyper-v host nodes, didn't have problem anymore.  the difficult point in thread couldn't find related event on event viewer.  there 1 week since problem occour... suppose can close thread.  thanks help! leandro soares - mcp/mcsa/mcts

Linking internal domain for Server 2012 to external internet domain of same name

hi there. i'm stuck in , need out. have set lab testing environment server 2012 , exchange 2013 @ home using  x.com domain example. have dynamic ip address @ home use dyn dns provider resolve ip address every time changes x.dyndns.net example. have bought internet domain crazy domains same name internal domain on server x.com. want link server 2012 , exchange 2013 external domain keeping in mind have dyn dns instead of static ip. isp blocks port 25 smtp , can use port 465 ssl. can tell me changes need make on server , internet domain make , running. suggestion appreciated :-) to direct names public domain dynamic dns provider, you'll want use cname records point dynamic dns name(s) use @ home. directing mail traffic, unfortunately there no way force 3rd party mail servers not use port 25 when attempt connect mail server, smtp default. dns/mx records not , cannot direct mail servers specific ports or use specific protocols (ssl, tls, etc). my suggestion, if desire ru

How to auto rename domain computers based on Company naming Convention

Image
my company uses following naming convention domain computers companyname1xx   corporate office companyname2xx - dallas office companyname3xx - houston office companyname4xx - austin office each office has own ou in active directory computer accounts. don't know active directory , took on role of interim server administrator. there way can run script , assign computers in each ou unique computer name based on naming convention location. if scripting isn't way go open suggestions. thanks. -jr hey there, powershell friend. tested code below. firstly queries computer in dallas ou , rename them pattern of "dallas1","dallas2" , on. @ end restart system make changes committed. have look: #get computers in dallas ou $dallaspc=get-adcomputer -filter * -searchbase "ou=dallas,dc=contoso,dc=com" $i = 1 #starting process each 1 foreach($pc in $dallaspc) { #changing computer name get-wmiobject win32_computersystem -computername $pc.n

Type of connection for WSUS store's update files

now planning install wsus3.0sp2 on existing server (windows server 2008 r2). however, server not have enough space storing updates. then, setup external hdd like below; plan a, usb hdd. plan b, iscsi nas mounted volume. microsoft supports configuration ? cannot find official support document this. microsoft says "local server". not sure "local". grateful if profissinals navigates me goal. , regards, "local" means not mapped network drive. the particular issue goes ability of wsus server manage acls on ntfs file system. if iscsi nas volume supports access in same manner direct attached storage (das), should work fine. the external usb hard drive work provided formatted ntfs. cannot use fat-formatted external drive. lawrence garvin, m.s., mcitp:ea, mcdba, mcsa solarwinds head geek microsoft mvp - software packaging, deployment & servicing (2005-2013) mvp profile: http://mvp.microsoft.com/en-us/mvp/lawrence r garvin h

HOW TO filter event log to show some events and not others

someone suggested post here. sorry type font below. pasted in , there's no way fix it. trying use xml filter security event log show user logon events, except don't want see "system" majority of entries. don't know why there log of system logging onto itself. that's not i'm looking for. example: <querylist>   <query id="0" path="security">     <select path="security">          *[system[(eventid=4624)]]         and         *[eventdata[data[@name='targetusername'] , (data ='system')]]     </select>   </query> </querylist> gives results include <eventdata> entries like <data name="targetusername">system</data> data !='system' supposed filter out according someone, it's not. there reason accepts this, not consider != mean not equals???? clues? there way not equals? another example: <querylist>

Convert LDIF group file to CSV

hi! here's ldif file. it's file listing group , theres members: dn: dn1 ufn: ufn1 member: member1 member: member2 member: member3 cn: cn1 dn: dn2 ufn: ufn2 member: member1 member: member2 cn: cn2 dn: dn3 ufn: ufn3 member: member1 member: member2 member: member3 member: member4 cn:  i need convert file csv file ";" separated: "dn";"ufn";"member";"cn" "dn1";"ufn1";"member1";"cn1" "dn1";"ufn1";"member2";"cn1" "dn1";"ufn1";"member3";"cn1" "dn2";"ufn2";"member1";"cn2" "dn2";"ufn2";"member2";"cn2" "dn3";"ufn3";"member1";"" "dn3";"ufn3";"member2";"" "dn3";"ufn3";"member3&qu

Desktop Background

hey have problem applying desktop backround group policy on bunch of clients.. it shows black desktop backround, know there hotfix this..when downloaded hotfix when try install/run message (update not applicable) any tips/trick great... thanks shane please refer too: http://www.grouppolicy.biz/2011/03/best-practice-using-group-policy-to-configure-desktop-wallpaper-background/ this posting provided "as is" no warranties or guarantees , , confers no rights.       microsoft student partner 2010 / 2011 microsoft certified professional microsoft certified systems administrator: security microsoft certified systems engineer: security microsoft certified technology specialist: windows server 2008 active directory, configuration microsoft certified technology specialist: windows server 2008 network infrastructure, configuration microsoft certified technology specialist: windows server 2008 applications infrastructure, configuration microsoft

System Volume Information filling up with Volume Shadow Copies

we noticed there bunch of files filling system volume information.  believe volume shadow service...it looks bunch of sids.    it's starting take lot of hard drive space. we have vss disabled, believe there might application starting it.  encountered this?  server 2008.  runs backup exec 2010 along backup exec cps. thanks help! we figured out related backup exec cps.  even though specified different folder snapshots go in, still going in system volume info folder.   thanks response. Windows Server  >  Windows Server General Forum

IE 8 and RDS Remote Apps

i running win 7 ie 8.  log rdweb , log in page.  when enter credentials , sign in brings me log in page. firefox let me log in, don't want roll out firefox our users right now. any or fixes help   thanks please check ie internet options.  i'm guessing https://ip/rdweb in intranet zone, while https://fqdn/rdweb not.  in internet options, security tab, click on trusted sites zone, sites button , add https://fqdn.  click custom level button, in activex controls , plug-ins section, make sure run activex controls , plug-ins option set enable. Windows Server  >  Remote Desktop Services (Terminal Services)

ADMT sIDHistory - Applications

Image
p, li { white-space: pre-wrap; } i in process of migrating domains, , having issue sidhistory. for file shares; sidhistory working great, issue comes try , open applications reside in source domain rely on active directory authentication. don't authenticate , no access granted. there 10-15 main applications use ad, use security groups in source domain grant access , seem have internal method isn't exposed. i've tried bumping auditing on source dcs, , dug wireshark , process monitor see if gain other information didn't find helpful. should migrating sidhistory allow me access applications in source domain? understanding there's no requirement migrate groups or security translation in scenario... it depends on application.   make sure application supports sid history. applications not honor sid history.   in case, need perform security translation / re-acl santhosh sivarajan | mcts, mcse (w2k3/w2k/nt4), mcsa (w2k3/w2k/msg), ccna, network

Remote Desktop Services and dcpromo of Windows 2008R2 member server

environment: 2003 domain citrix xenapp 6 farm 2008 r2 member server remoted desktop services role acting desktop services licensing server. in effort upgrade 2008 domain, dcpromote 2008 r2 member server domain controller in 2003 domain in effort eventually migrate pure 2008 r2 domain controller environment.  have read desktop services supported on 2008 r2 domain controller researching dcpromo of existing 2008 r2 member server remote desktop licensing role. question:  how impact remote desktop licensing services on newly promoted 2008 r2 domain contoller?  steps can take insure remote desktop licensing services not impacted dcpromo? thanks in advance feedback. as far can tell, if promote existing rds licensing server, run issues resulting fact local terminal server computers group cease exist. mentioned above, should seek advice regarding , other potential issues rds on rds forum hth marcin

How to request cert from Enterprise CA (Private) - RD Web Access and RD Gateway

Image
i want know, how request cert internal enterprise ca multiple alternate names? this rd web access , rd gateway. rds.domain.com rmeote.domain.com rdsh1.domain.com there on technet, instruction provided. on net can't find instruction. please give me direction. thanks, shuja hi, thanks post. you need request san certificate. firstly, need enable ca accept san attribute request. run following command administrator privilege. certutil -setreg policy\editflags +editf_attributesubjectaltname2 net stop certsvc net start certsvc for more detailed information, please refer following kb article. still applies windows 2008 , r2. how add subject alternative name secure ldap certificate http://support.microsoft.com/kb/931351 best regards, aiden aiden cao technet community support Windows Server  > 

Screen keeps rotating sideways

my laptop screen keeps rotating sideways when has 1 monitor connected. external. have had windows 10 installed since day came out, , never had issue.  i have auto-rotate turned off. i go screen resolution --> orientation  --> landscape --> apply. as switch app or program, screen rotates back. ran windows update , found driver update , still same issue.  any ideas? press ctrl+alt+ arrow key. right click on desktop> graphics properties > hot keys > remove or clear check the  enable hot keys which graphic card there? in  graphic card driver applications there remain option fix this. s.sengupta, windows entertainment , connected home mvp Windows 10 Insider Preview  >  Windows 10 Insider Preview General

VSS Writer wont online backup

we run hyper-v on server 2012 , have issue vss writer not using online backup. when running 2008r2, had same problem, couple of vm's, have gone 2012 hosts have 12 vm's wont backup in online state. when list writers, shows "backup using saved state" vm's under microsoft hyper-v vss writer, hyper-v problem , not dpm. i have checked microsoft list of reasons when cannot perform online backup, none of apply. how can diagnose preventing hyper-v vss writer perform online backup? was verifying have integration components inside vms date 1 of msft things check? all ics in vms must @ level of hypervisor vms running on.  if not updated, begin there. brian ehlert http://itproctology.blogspot.com learn. apply. repeat. disclaimer: attempting change of own free will. Windows Server  > 

Error After pushing Win7

hey guys, have been trying push win7 images both lenovo m58p's , dell optiplex 980's remotely through symantec ghost everytime done//configuring system settings error message states unattend file cannot parsed @ pass specialize , error detected while processing settings component[microsoft windows unattend join} have tried can think of alleviate problem, no luck. happens no matter image push, or type of machine pushing too. have suggestions why may getting such error? let me know if need post anything. think there might that  *has*  to included in specialize, case , maybe left out? have checked far :: account names , passwords domain name correct , entered time's out giving error on both types of machines old images captured before issue, still create error when being pushed. (thus eliminating may capturing process messing up)  hi,   how did deploy image computers? did use wds? how did capture image?   could deploy image without unattend

Install .NET 3.5 SP1 to Windows Server WEB 2008 - problems

hi guys. i have problem installation .net 3.5 sp1 windows server web 2008. from download file see error. from server manager it's not possible too. for site need only  .net 3.5 , not 2.0 , 4.0 so, how can on version windows ??? many help. hi,   i suggest run command: sfc \scannow scan , repair system files. may run command: findstr /c:"[sr] cannot repair member file" %windir%\logs\cbs\cbs.log >sfcdetails.txt and check sfcdetails.txt repair system files manually. detailed steps, please refer following microsoft kb article:   how use system file checker tool troubleshoot missing or corrupted system files on windows vista or on windows 7 http://support.microsoft.com/kb/929833   if system files good, please repeat steps in previous post in clean boot. detailed steps of how perform clean boot environment, please refer following steps:   1.      click start , type msconfig in start search box, , press enter . 2.      if pro

How long can a DC be offline before it begins to affect the entire AD topology?

we have 2 windows 2008 r2 servers, both acting dcs , gcs, 1 acting exchange server (i know bad practice.  i inherited infrastructure admin no longer client.) i have need add third server (windows 2012) domain act dc/gc, after it's been added domain have requirement take down , move building.  during move, there's network procedure between buildings take 24-48 hours complete. if 1 of windows 2008 r2 servers fsmo owner domain (single flat site topology), how long can windows 2012 server offline in domain before begins create problems?   don't plan on having windows 2012 server being basic dc/gc server until moved new building , brought online again. technically can offline long tombstone lifetime (tsl). the kcc acts following optimize replication topology when detects dc (replication partner) unavailable: <snip> the kcc automatically rebuilds replication topology when recognizes domain controller has failed or unresponsive. the criteria kcc uses de

Ping issue

i added new server network, 2008 r2 box , acts storage server. has storage array connected via iscsi , there gp automatically map workstations. works great, no matter domain site on cannot ping it. have no issues @ of 3 sites getting mapped drives connect , work cannot rdp or ping using ip address or servers name. in dns server correct ip address , seems. other servers , computers @ site storage server @ can pinged no problems. i'm guessing it's not dns server @ particular site. have ipv6 turned off on nic , primary dns server dns server located @ site , secondary dns server setup point main dns server @ our main office.  here when try ping it. microsoft windows [version 6.1.7601] copyright (c) 2009 microsoft corporation.  all rights reserved. c:\users\administrator>ping ta-storage pinging ta-storage.tracys.local [192.168.1.12] 32 bytes of d request timed out. request timed out. request timed out. request timed out. ping statistics 192.168

NAT routing DNS trouble with Server 2008

greetings, i’ve upgraded server 2003 standard server 2008 r2 standard. had been running simple nat setup server 2003: 1 public nic w/static ip connected lan, 1 private nic connected private internal network. internal clients had ips assigned nat dhcp , connecting lan resources internet. worked expected. public nic (with nat enabled on it) ip: xxx.xxx.xxx.116 subnet mask: 255.255.255.0 default gateway: xxx.xxx.xxx.1 dns: 4 domain dns servers   private nic: ip: 10.1.1.1 sm: 255.255.255.0 no default gateway dns: same 4 domain dns servers i duplicated configuration upon upgrading server 2008 r2. client ip addresses still being assigned (by dhcp allocator under nat properties). however, external dns servers ignored , internal clients unable internet. can server. the client machines this: ip: 10.1.1.xx sm: 255.255.255.0 gw: 10.1.1.1 dns: 10.1.1.1 if manually enter our standard dns servers on clients, works before. before, server 2003, use dhcp ip dns

RDP saved credentials when not connected to the domain

Image
i have scada system terminal server , several clients. terminal server functions used remoteapp connections scada software. of scada equipment configured part of company domain under everyday conditions scada equipment network not connected company network , can not reach domain controller.  i need rdps remoteapps start , login automaticall. when try use saved credentials login fails server not being verified. have tried several common solutions have been shown fix issue win7 , server 08 r2, including adding termsrv/* credentials group policies. policy change maybe fix when "gpupdate /force" user policy update succeeds computer policy fails because of no connectivity to network(domain controller?). how enable using saved credentials out being connected dc? hi, thanks post. as mentioned, can enable single sign-on edit computer configuration\administrative templates\system\credentials delegation. enable using credentials of logged on user log on ts server. pleas

When will the MS Server support Radius Code Field 12 (Status-Server)?

in event viewer - network policy , access services i following error code message: radius message code field set 12, not valid, received on port 1812 radius client xn08_c1h2. valid values of radius code field documented in rfc 2865. we have serveral devices send request , server never response. event fills our logs , anonying. device manufacture suggest using linux server accept , return proper status field. i realize rfc 2865 makes optional other products supporting option , nice have support in windows 2008 server. hi there - i've heard nps team, , there no current plans add support code field value windows server 2008 or r2. thanks suggestion though issue on radar people see supported. james mcillece Windows Server  >  Network Infrastructure Servers

The user 'fdf' preference item in the 'Conveyancing - Adobe file association fix {BDDEB999-FDB8-4420-8305-0EF456FC75D8}' Group Policy object did not apply because it failed with error code '0x80070005 Access is denied

our environment single windows 2008 domain 2 dcs, mixed clients ranging win2k win 7. have default domain policy "assigns" foxit reader user computers. have department needs have "cute pdf form filler" default application both fdf , pdf file types. have created new gpo applies these particular file association changes. per error message below failing apply "access denied" error message. gp modelling results show policy "should" apply test user, fails withis error message. in addition note file association "change" , "default" boxes greyed out on pc. pc running xp pro. i have checked other xp pcs in test environment , file association boxes pdf , fdf if installed locked foxit reader. i have set "deny" against software deployment policy test user , refreshed policy on it, apparently requires restart before apply. i appreciate ones insights on this. event type: warning event source: gr

Windows Server Cannot Update Error number: 0x8024D007

hi, i running windows server 2003 standard , getting error number: 0x8024d007 when trying update windows via windows update. i tried manually downloading , installing error " not have permission update windows server 2003 " have logged in domain administrator. please help. you might try these registrations. error message when try use windows update or microsoft update web sites install updates: "0x8024d007" http://support.microsoft.com/kb/956701 regards, dave patrick .... microsoft certified professional microsoft mvp [windows] Windows Server  >  Windows Server General Forum