****
*
*
*
*







*
*
                                      
*
*
Windows Server



Reference    

*
*

*
*

Recently in Reference Category

This is the list of contents that correspond to this category:

administrator

Terminal Server Troubleshooting

Method 1: Since both our servers are in Workgroup mode So we had to move the role of Terminal Server and Terminal License Server on to the same server   Method 2: When we have a Terminal Server in an...
administrator

Terminal Services Client Access License (TS CAL) Availability

Terminal Services Client Access License (TS CAL) Availability - Information Only   http://technet.microsoft.com/en-us/library/cc727372.aspx Applies To: Windows Server 2008   When a client--either a user or a device--connects to a terminal server, the terminal server determines if a Terminal Services client...
administrator

Removing Terminal Server licenses from an RDP client

In Windows XP, to Remove Terminal Server licenses, find the following key on the RDP client: HKEY_LOCAL_MACHINE\Software\Microsoft\MSLicensing. To clean the client's license cache, just delete this key and its sub keys. The next time the client connects to the server,...
administrator

Steps on how to reset the NETLOGON Database

Step 01: Stop the Netlogon service. Step 02: Move the Netlogon.dns and Netlogon.dnb files to a backup folder and restart the Domain Controller. Note: Netlogon.dns and Netlogon.dnb are located in the Windows\System32\Config folder.  ...
administrator

Explanation of Kerberos error KRB_AP_ERR_MODIFIED

Problem Operating System: Windows Server 2003 Enterprise [2003]   Problem Description The following error is repeated in the event log. The target server name may reference more than one server.   XP Message ===================== Event Type: Error Event Source: Kerberos...
administrator

NAT Netlogon and Kerberos Primer

Created : 09/18/2006 TITLE: NAT Netlogon and Kerberos Primer [ ]   Problem Description   # Issue:   Common Knowledge appears to state that is Network Address Translation (NAT) is in place then trusts, logons, and Kerberos will not...
administrator

Kerberos Network Authentication Protocol over Network Address Translation (NAT)

Kerberos authentication protocol might fail in environments that use Network Address Translation (NAT) or DHCP..? What is causing Kerberos authentication to fail in these environments? Is this something I need to worry about in my Windows Active Directory (AD) environment?...
administrator

New group policies for DNS in Windows Server 2003

support.microsoft.com/kb/294785   SUMMARY   Windows Server 2003 resolves the problem of centralized DNS management by introducing group policies to configure DNS clients. For example, the following parameters are available in Windows Server 2003: ·        Enable or disable dynamic registration of...
administrator

Deployment and operation of Active Directory domains that are configured by using single-label DNS names

http://support.microsoft.com/kb/300684 Information about configuring Windows for domains with single-label DNS names     SUMMARY   This article contains information about the deployment and operation of Active Directory domains that are configured by using single-label DNS names. The desire to remove...
administrator

NIC Teaming

Windows Server 2012 NIC Teaming provides transparent network failover and bandwidth aggregation. Uniquely, the Windows solution is hardware-independent and can be deployed under all existing workloads and applications on both physical and virtualized servers.   What is NIC Teaming? A...
administrator

Changes to allowed NULL session pipes in Windows Server 2003 SP1 and Windows XP SP2

TITLE: Windows Server 2003 SP1 and Windows XP SP2 changes to allowed NULL session pipes Problem Windows Server 2003 Standard   Problem Description 2003 SP1 changes to Null Session Pipes   Resolution As an FYI Pre SP1 we actually had...
administrator

Basic Debugging of an Application Crash

One of our common issues is troubleshooting application crashes (for example, the Print Spooler or a third-party application).  These crashes usually result in the infamous Dr. Watson error. First, let's discuss terminology.  A crash is when something experiences a fault...
administrator

DCOMCNFG

http://msdn.microsoft.com/en-us/library/wdyy0xsw.aspx DCOMCNFG is a Windows NT 4.0 utility that allows you to configure various DCOM-specific settings in the registry. The DCOMCNFG window has three pages: Default Security, Default Properties, and Applications. Under Windows 2000 a fourth page, Default Protocols, is present. Default Security...
administrator

LDP - LDAP Query to list locked accounts

LDAP Query to list locked accounts.   When you need to see a list of all user accounts that are locked using LDP tool, then you might need the following query to query the Active Directory using the LDP tool....
administrator

Basic Steps for demoting a Domain Controller which is also a Microsoft Exchange Server to a Member Server

If we have a Domain Controller in the Active Directory that is also an email server, i.e. both Active Directory and Microsoft Exchange services are installed and enabled on the Server. And now if we want to just demote the...
administrator

Domain Rename / DC Rename - Domain Rename Made Easy

Domain Rename / DC Rename - Domain Rename Made Easy   Reference Articles: Steps on How to Rename a domain controller   How Domain Rename Works   Windows Server 2003 Active Directory Domain Rename Tools   Implementing an Active Directory...
administrator

Rename a domain controller

http://technet.microsoft.com/en-us/library/cc782761.aspx Rename a domain controller Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2 To rename a domain controller 1.      Open Command Prompt. 2.      Type: netdom computername CurrentComputerName/add:NewComputerName This command will update...
administrator

How Domain Rename Works

You can use the domain rename process to change the names of your domains, and you can also use it to change the structure of the domain trees in your forest. This process involves updating the Domain Name System (DNS)...
ebhakt

Domain Rename FAQ's

Ques1. What are the Domain Rename Requirement? Ans; ·        Exchange 2003 SP1: If your Active Directory forest contains only Exchange 2003 SP1 servers, you can run the domain rename operation, but you must also use the Exchange Domain Rename Fix-up...
ebhakt

Windows Server Microsoft Active Directory DCPROMO procedure explained

Windows Server 2008 : DCPROMO   OS Compatibility   Windows Server 2008 domain controllers have a new more secure default for the security setting named "Allow cryptography algorithms compatible with Windows NT 4.0." This setting prevents Microsoft Windows and non-Microsoft...
ebhakt

Access is denied

When you face the issue of access is denied, please refer to the following sequence of steps for troubleshooting: • Binding Order of NIC Cards • SMB • DFS Service -- > started and Running • Permissions on SYSVOL •...
ebhakt

The Format of the specified network name is invalid

The Format of the specified network name is invalid. • Binding Order of the NIC Card • SMB • DNS • Enable NETBIOS over TCP/IP • The "Register this connection in DNS" - Checked...
ebhakt

Not able to access Domain via \\domainname\sysvol errormessage: "No network provider accepted the given network path"

Not able to access Domain via \\domainname\sysvol errormessage: "No network provider accepted the given network path" • Binding Order • TCP/IP Net BIOS Helper Service • MaxPacketSize and EnablePMTUBHDetect in case of WAN • Disable TCPChimney, EnableRSS, and TCPA in...
ebhakt

Not enough storage is available to complete this operation

Not enough storage is available to complete this operation To resolve this problem, add the MaxTokenSize registry entry and the MaxUserPort registry entry on the affected domain controllers. To do this, follow these steps: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\Kerberos\Parameters New DWORD Value. 'MaxTokenSize' =...
ebhakt

The authentication service is unknown

The authentication service is unknown. • Check the NetLogon Service. • Binding order of the NIC card. • Update the NIC Drivers...
ebhakt

There are no more endpoints available from the endpoint mapper

There are no more endpoints available from the endpoint mapper. "No more endpoints available" means the RPC endpoint mapper, which runs on port 135 TCP, was not able to use a port above 1024 for a service that runs over...
ebhakt

Run the Dfsutil /PurgeMupCache command

Run the Dfsutil /PurgeMupCache command As taken from KB 887303 Run the Dfsutil.exe program with the /PurgeMupCache switch to flush the local DFS/MUP cached information. The Dfsutil.exe program is included in the Windows 2000 Server Support Tools and the Windows...
ebhakt

Make sure that the domain controllers are not in a journal wrap state

Make sure that the domain controllers are not in a journal wrap state As taken from KB 887303 To see if a domain controller is in a journal wrap state, view the File Replication service log in Event Viewer, and...
ebhakt

Make sure that the Bypass traverse checking right is granted to the required groups

Make sure that the Bypass traverse checking right is granted to the required groups As taken from KB 887303 The Bypass traverse checking right must be granted to the following groups on the domain controllers: · Administrators · Authenticated Users...
ebhakt

Examine the contents and the permissions of the Sysvol folder

Examine the contents and the permissions of the Sysvol folder As taken from KB 887303 By default, the Sysvol folder is located in the %systemroot% folder. The Sysvol folder contains the domain's Group Policy objects, the Sysvol and Netlogon shares,...
ebhakt

Make sure that Distributed File System (DFS) is enabled on all computers

Make sure that Distributed File System (DFS) is enabled on all computers As taken from KB 887303 All domain controllers must run the Distributed File System service because the Sysvol share is a DFS volume. Additionally, the DFS client must...
ebhakt

Make sure that the TCP/IP NetBIOS Helper service is started on all computers

Make sure that the TCP/IP NetBIOS Helper service is started on all computers As taken from KB 887303 All computers on the network must run the TCP/IP NetBIOS Helper service. To verify that the TCP/IP NetBIOS Helper service is running...
ebhakt

Examine the Server Message Block signing (SMB signing) settings on the client computers and member servers

Examine the Server Message Block signing (SMB signing) settings on the client computers and member servers As taken from KB 887303 The Server Message Block (SMB) signing settings define whether the computers on the network digitally sign communications. If the...
ebhakt

Examine the DNS settings and network properties on the servers and client computers

Examine the DNS settings and network properties on the servers and client computers As taken from KB 887303 In the local area connection properties, Client for Microsoft Networks must be enabled on all servers and client computers. The File and...
ebhakt

Remote Encryption does not require remote server to be trusted for delegation

Subject: Remote Encryption does not require remote server to be trusted for delegation.   Hello Team,   FYI.. windows 2008 and windows vista remote encryption does not require the remote server to be trusted for delegation. Local EFS certificate is...
ebhakt

Wild card character support

Wild card character support   Wild card character support in subject name of certificate is supported however it works only for one level in domain hierarchy. For example, *.contoso.com represents contoso.com and all the sub-domains for contoso.com.  ...
ebhakt

Bitlocker

Bitlocker =============   TPM trusted platform module _____ TCG - Bios Complaint Two partitions NTFS   For security / encryption of hard data     TPM trusted platform module TPM, abbreviated for Trusted Platform Module is a special chipset on...
ebhakt

SD propagator - Manually initializing the SD propagator thread to evaluate inherited permissions for objects in Active Directory

SD propagator Manually initializing the SD propagator thread to evaluate inherited permissions for objects in Active Directory Manually initializing the SD propagator thread to evaluate inherited permissions for objects in Active Directory http://support.microsoft.com/kb/251343 SUMMARY Microsoft Windows NT 4.0 and earlier...
ebhakt

How to setup Folder Redirection through Group Policy?

How to setup Folder Redirection through Group Policy?   Configuring Folder Redirection This Article is taken from Technet as-is:   http://technet.microsoft.com/library/cc786749.aspx Configuring Folder Redirection   Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows...
ebhakt

DCPROMO Troubleshooting

DCPROMO Troubleshooting These are the following steps that you may follow to troubleshoot DCPROMO issues. These steps will help you overcome most of the DCPROMO issues with and flexibility. The Following steps is a series of general steps that you...
ebhakt

Troubleshooting Active Directory Installation Wizard Problems

Troubleshooting Active Directory Installation Wizard Problems   http://technet.microsoft.com/en-us/library/bb727058.aspx   Overview Active Directory Installation Wizard relies on a number of systems in Windows 2000 Server, including DNS registration and resolution, LDAP query and response, Kerberos authentication, Active Directory replication, FRS replication,...
ebhakt

DB Upgrade/DC Promotion/DC Demotion

DB Upgrade/DC Promotion/DC Demotion http://technet.microsoft.com/en-us/library/cc756637.aspx DB Upgrade/DC Promotion/DC Demotion Applies To: Windows Server 2008 The Security Accounts Manager (SAM) database changes state (active or inactive): During an operating system upgrade. When a server becomes a domain controller. When a server...
ebhakt

How to use the Install from Media feature to promote Windows Server 2003-based domain controllers

How to use the Install from Media feature to promote Windows Server 2003-based domain controllers Kb 311078 System state > Alternate Loc > Dcpromo /adv The Install From Media (IFM) Feature allows System Administrators to actively promote a new Domain...
ebhakt

Active Directory Installation and Removal Issues

Active Directory Installation and Removal Issues http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/distrib/dsbi_add_fvhd.mspx?mfr=true Active Directory Installation and Removal Issues To install and remove Active Directory, the Active Directory Installation Wizard (Dcpromo) is used. It is important that certain requirements are met to prevent an unsuccessful installation...
ebhakt

How to promote and demote domain controllers in Windows 2000

How to promote and demote domain controllers in Windows 2000   http://support.microsoft.com/kb/238369 How to promote and demote domain controllers in Windows 2000   SUMMARY   This article describes how to promote or demote a domain controller to a stand-alone server...
ebhakt

CrashOnAuditFail

CrashOnAuditFail Crashonauditfail This Registry Setting "Crashonauditfail" if enabled will cause the Domain Controller server to reboot when the size of Audit Logs is to full capacity and there is no more space to write Audit Event Logs without overwriting the...
ebhakt

Windows Fast Logon Optimization Feature

Windows Fast Logon Optimization Feature http://technet.microsoft.com/en-us/library/cc780527.aspx Fast Logon Optimization Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2 Fast Logon Optimization The Fast Logon Optimization feature is set by default...
ebhakt

Group Policy slow link detection

Group Policy slow link detection http://technet.microsoft.com/en-us/library/cc978717.aspx Group Policy slow link detection Computer Configuration\Administrative Templates\System\Group Policy Description Defines a slow connection for purposes of applying and updating Group Policy. If the rate at which data is transferred from the domain controller...
ebhakt

How a slow link is detected for processing user profiles and Group Policy

How a slow link is detected for processing user profiles and Group Policy http://support.microsoft.com/kb/227260 How a slow link is detected for processing user profiles and Group Policy SUMMARY This article describes how a slow link is detected in Windows 2000...
ebhakt

EnablePMTUDiscovery

EnablePMTUDiscovery EnablePMTUDiscovery is a registry key that can enable the windows operating system to discover the working MTU size in effect itself by sending packets of variable size to the destination. By sending packets of data in variable sizes the...
ebhakt

How to configure an authoritative time server in Windows Server 2003

How to configure an authoritative time server in Windows Server 2003 http://support.microsoft.com/kb/816042 How to configure an authoritative time server in Windows Server INTRODUCTION Windows Server includes W32Time, the Time Service tool that is required by the Kerberos authentication protocol. The...
ebhakt

How to force Kerberos to use TCP instead of UDP in Windows Server 2003, in Windows XP, and in Windows 2000

How to force Kerberos to use TCP instead of UDP in Windows Server 2003, in Windows XP, and in Windows 2000 http://support.microsoft.com/kb/244474 How to force Kerberos to use TCP instead of UDP in Windows SUMMARY The Windows Kerberos authentication package...
ebhakt

Access this computer from the network

Access this computer from the network   http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/gp/524.mspx?mfr=true Access this computer from the network   Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment   Description   Determine which users and groups are allowed to connect to the computer over the network....
ebhakt

How to perform an authoritative restore to a domain controller in Windows 2000

How to perform an authoritative restore to a domain controller in Windows 2000 http://support.microsoft.com/kb/241594 How to perform an authoritative restore to a domain controller in Windows 2000 SUMMARY This article discusses how to perform an authoritative restore of the Active...
ebhakt

Account Passwords and Policies

Account Passwords and Policies   Microsoft Windows NT Server 4.0, Windows 2000, Windows XP, and the Windows Server 2003 Family   Password and account lockout settings are designed to protect accounts and data in your organization by mitigating the threat...
ebhakt

How to use the EventCombMT utility to search event logs for account lockouts

How to use the EventCombMT utility to search event logs for account lockouts http://support.microsoft.com/kb/824209 How to use the EventCombMT utility to search event logs for account lockouts   SUMMARY This article describes how to use the EventCombMT utility (EventCombmt.exe) to...
ebhakt

ADVISORY: Set a custom attribute as confidential & delegate read perms to a group

ADVISORY: Set a custom attribute as confidential & delegate read perms to a group TITLE: ADVISORY: Set a custom attribute as confidential & delegate read perms to a group The issue we are currently experiencing is: "How to change viewable...
ebhakt

Active Directory Replication in Depth - USN

Active Directory Replication in Depth - USN   How to find USN of an Object from Active Directory:   C:\>repadmin /showobjmeta * [DN path of object] > obj_delhi.txt   * = All Dc's [DN path of object] = Object whose...
ebhakt

How does the Active Directory Replication Model Works

How does the Active Directory Replication Model Works http://technet.microsoft.com/en-us/library/cc772726(v=ws.10).aspx How does the Active Directory Replication Model Works Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2, Windows Server 2008, Windows...
ebhakt

USN Rollback

USN Rollback We are working a USN Rollback issue (at least that's what we suspect) wherein we have a mix of 2k3 and R2 servers (one dc in parent and 3 child domains). Conditions that indicate the possibility of a...
ebhakt

Determining the product option of a Windows NT setup

Determining the product option of a Windows NT setup HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ProductOptions\ProductType WinNT = Client = Windows NT workstation, Windows XP/2000 Professional, Windows XP Home LanmanNT = DC = Windows NT/2000/2003 Server domain controller (primary or backup) ServerNT = Member Server =...
ebhakt

Things to consider when you host Active Directory domain controllers in virtual hosting environments

Considerations when hosting Active Directory domain controller in virtual hosting environments http://support.microsoft.com/kb/888794 Things to consider when you host Active Directory domain controllers in virtual hosting environments SUMMARY A virtual hosting environment lets you run multiple guest operating systems on a...
ebhakt

SPN

SPN Known Issues Duplicate SPN - use ldifde To detect Duplicate SPN's in the Domain use LDIFDE Dump. Ldifde -d <Domain Name> -f <file name> Kerberos Event Id : 4 Will give the exact duplicate entry. The Kerberos Event ID...
ebhakt

TCP/IP NETBIOS helper Service

TCP/IP NETBIOS helper Service This service is used while accessing shares on a windows workstation. http://technet.microsoft.com/en-us/library/cc757956(v=ws.10).aspx TCP/IP NetBIOS Helper (System Services for the Windows Server 2003 Family and Windows XP Operating Systems) Applies To: Windows Server 2003, Windows Server 2003...
ebhakt

How to delay loading of specific services

How to delay loading of specific services http://support.microsoft.com/kb/193888/EN-US/ The Registry subkeys for services are located in the following path and can control how services are loaded. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\<Service name> Important This section, method, or task contains steps that tell you how...
ebhakt

Secure Channel

Secure Channel Secure Channel is an encrypted channel for communication with-in a domain. The channel is encrypted with the machine account password for the machine that is communicating with the Domain Controller. There are Domain Controllers that have a secure...
ebhakt

Extending Your Active Directory Schema in Windows Server 2003 R2

Extending Your Active Directory Schema in Windows Server 2003 R2 http://technet.microsoft.com/en-us/library/cc772804.aspx Extending Your Active Directory Schema in Windows Server 2003 R2 Applies To: Windows Server 2003 R2 The schema defines objects and attributes and the types of data they can...
ebhakt

How to mark an attribute as confidential in Windows Server 2003 Service Pack 1

How to mark an attribute as confidential in Windows Server 2003 Service Pack 1 http://support.microsoft.com/kb/922836 How to mark an attribute as confidential in Windows Server 2003 Service Pack 1 SUMMARY In the Active Directory directory service for Microsoft Windows Server...
ebhakt

Common Mistakes When Upgrading a Windows 2000 Domain To a Windows 2003 Domain

Common Mistakes When Upgrading a Windows 2000 Domain To a Windows 2003 Domain http://support.microsoft.com/kb/555040 Common Mistakes When Upgrading a Windows 2000 Domain To a Windows 2003 Domain SUMMARY This KB helps avoiding common mistakes while upgrading their system. SYMPTOMS A...
ebhakt

Schema Update requires Write access to schema in Active Directory

Article ID : 285172 Schema Update requires Write access to schema in Active Directory http://support.microsoft.com/kb/285172 Schema Updates Require Write Access to Schema in Active Directory SUMMARY This article discusses schema updates. IMPORTANT: This article contains information about modifying the Active...
ebhakt

How to resolve RPC Endpoint Mapper errors

How to resolve RPC Endpoint Mapper errors Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow...
ebhakt

Troubleshooting RPC Endpoint Mapper errors using the Windows Server 2003 Support Tools from the product CD

Troubleshooting RPC Endpoint Mapper errors using the Windows Server 2003 Support Tools from the product CD http://support.microsoft.com/kb/839880 Troubleshooting RPC Endpoint Mapper errors using the Windows Server 2003 Support Tools from the product CD SUMMARY You may experience RPC Endpoint Mapper...
ebhakt

How IT Works Troubleshooting RPC Errors

How IT Works Troubleshooting RPC Errors How IT Works Troubleshooting RPC Errors If you've worked with Windows server platforms over the years, chances are you've seen remote procedure call (RPC) errors at one time or another. They tell you that...
ebhakt

RODC : RODC Frequently Asked Questions

RODC RODC Frequently Asked Questions http://technet.microsoft.com/en-us/library/cc754956.aspx RODC Frequently Asked Questions Applies To: Windows Server 2008 This section includes frequently asked questions (FAQ) and answers pertaining to read-only domain controllers (RODCs). The questions range from general background information to in-depth technical...
ebhakt

Restartable AD DS Step-by-Step Guide

Restartable AD DS Step-by-Step Guide http://technet.microsoft.com/en-us/library/cc732714.aspx Restartable AD DS Step-by-Step Guide   Applies To: Windows Server 2008, Windows Server 2008 R2   You can use Microsoft Management Console (MMC) snap-ins, or the Net.exe command-line tool, to stop or restart Active...
ebhakt

Restartable AD DS :: Restartable Active Directory Domain Service

Restartable AD DS Restartable Active Directory Domain Service As taken from: Restartable AD DS Step-by-Step Guide http://technet.microsoft.com/en-us/library/cc732714.aspx You can change the default by modifying the DsrmAdminLogonBehavior registry entry. By modifying the value for that registry entry, you can log on...
ebhakt

Password Change and its Replication

Password Change and its Replication   Extract of one webcast by Mike Resnick, I hope this will make things clear about password change replication:   http://support.microsoft.com/default.aspx?scid=%2Fservicedesks%2Fwebcasts%2Fen%2Fwc022703%2Fwct022703.asp   Microsoft Corporation Microsoft Windows 2000 Server and Windows Server 2003: Password and Account...
ebhakt

Windows 2000 NAT Editors

Windows 2000 NAT Editors   http://support.microsoft.com/default.aspx?scid=kb;EN-US;317509 SUMMARY This article describes the network address translation (NAT) editors that are included in Windows 2000.   MORE INFORMATION Windows 2000 includes built-in NAT editors for the following protocols: ·         File Transfer Protocol (FTP)...
ebhakt

How Kerberos works

How Kerberos works   1) Kerberos 5: Only Supported for IE 5.5+ Kerberos 5 is supported for Internet Explorer browsers continuing IE 5.5 and then later browsers. 2) Kerberos doesnot works on Internet             This is important to note that...
ebhakt

Troubleshooting Kerberos Delegation

Troubleshooting Kerberos Delegation     Latest Hotfixes   An error code is returned when a Kerberos client requests a TGT against a Windows Server 2008-based domain controller: "KERB5KDC_ERR_C_PRINICPAL_UNKNOWN" View products that this article applies to. Article ID: 951191 Last Review:...
ebhakt

Troubleshooting Kerberos Errors

Troubleshooting Kerberos Errors   Download Link: ·        Download Article : Troubleshooting Kerberos Errors   CHECKLIST From a command prompt • Verify that SPNs are registered for the middle tier services. • Verify that SPNs are registered for the back-end services....
ebhakt

Kerberos: The Network Authentication Protocol

Kerberos: The Network Authentication Protocol   The Microsoft Windows Server 2003 operating system implements the Kerberos version 5 authentication protocol. Windows Server 2003 also implements extensions for public key authentication. The Kerberos authentication client is implemented as a security support...
ebhakt

Kerberos Double-hop

Kerberos Double-hop   + On the client we can Ping the middle tier (Application server) and the backend sql servers by FqDN. + Made the Middle server trusted for delegation for any service over kerberos protocol. + Made the Max...
ebhakt

Kerberos Articles

Kerberos Articles   1) Kerberos 5: Only Supported for IE 5.5+ Kerberos 5 is supported for Internet Explorer browsers continuing IE 5.5 and then later browsers. 2) Kerberos doesnot works on Internet             This is important to note that the...
ebhakt

To export the DNS configuration on DNS server

To export the DNS configuration on DNS server   To do that, please follow the steps below: a. Install the Windows 2003 support tool from the SUPPORT\TOOLS folder on the Windows 2003 CD. b. At the command prompt, run the...
ebhakt

How to use Windows Server 2000, Windows Server 2003, and Windows Server 2008 cluster nodes as domain controllers

Windows Server 2000, Windows Server 2003, and Windows Server 2008 cluster nodes as domain controllers How to use Windows Server cluster nodes as domain controllers   http://support.microsoft.com/kb/281662 SUMMARY Note The information in this article addresses a situation that you do not...
ebhakt

ADMT

ADMT Pre-requisites for ADMT:   1.      DNS Name resolution should work both ways for both the Domains from one another. 2.      After creating Trust, ADMT should work   By Default: SId Filtering is enabled. To Disable:→ netdom Quartime command  ...
ebhakt

How to establish trusts with a Windows NT-based domain in Windows Server 2003

How to establish trusts with a Windows NT-based domain in Windows Server 2003 support.microsoft.com/kb/325874 SUMMARY This step-by-step article describes how to establish a trust relationship between a Microsoft Windows NT 4.0-based domain and a Windows Server 2003-based domain. The creation...
ebhakt

When to create a shortcut trust

When to create a shortcut trust technet.microsoft.com/en-us/library/cc737939(v=ws.10).aspx Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2 When to create a shortcut trust Shortcut trusts are one-way or two-way, transitive trusts...
ebhakt

When to create an external trust

When to create an external trust technet.microsoft.com/en-us/library/cc755427(v=ws.10).aspx Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2 When to create an external trust You can create an external trust to form...
ebhakt

How Domain and Forest Trusts Work

How Domain and Forest Trusts Work technet.microsoft.com/en-us/library/cc773178(v=ws.10).aspx Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2, Windows Server 2008, Windows Server 2008 R2 Active Directory provides security across multiple domains...
administrator

Trust types

Trust types technet.microsoft.com/en-us/library/cc775736(v=ws.10).aspx Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2 Trust types Communication between domains occurs through trusts. Trusts are authentication pipelines that must be present in order...
administrator

Understanding Trusts

TRUST Understanding Trusts technet.microsoft.com/en-us/library/cc731335.aspx Applies To: Windows Server 2008, Windows Server 2008 R2, Windows Server 2012 Trusts A trust is a relationship, which you establish between domains, that makes it possible for users in one domain to be authenticated by...
administrator

Domain Trust

Domain Trust http://technet.microsoft.com/en-us/library/cc961481.aspx Domain Trust A domain trust is a useful way to allow users from a trusted domain to access services in a trusting domain. If all users and services can be managed in a single enterprise domain, there...
ebhakt

What happens during an LDAP authentication?

What happens during an LDAP authentication?   What happens during an LDAP authentication? Number : SOX060523700033   Created : 05/23/2006   Region : US   TITLE: What happens during an LDAP authentication. [ ]   ID: SOX060523700033 CRT: May 23...
ebhakt

Common LDAP RFCs

Common LDAP RFCs http://support.microsoft.com/kb/221606 This article enumerates the RFCs that define Lightweight Directory Access Protocol (LDAP). LDAPv2 RFC 1777 - Lightweight Directory Access Protocol The protocol described in this document is designed to provide access to the X.500 directory while...
ebhakt

Microsoft LDAP Error Codes

Microsoft LDAP Error Codes http://support.microsoft.com/kb/218185 SUMMARY Microsoft Windows 2000 Active Directory uses the Internet-standard Lightweight Directory Access Protocol (LDAP) to access information. In response to various LDAP requests, a domain controller returns responses containing field LDAP error codes, which indicate...
ebhakt

About Lightweight Directory Access Protocol

About Lightweight Directory Access Protocol   The Lightweight Directory Access Protocol (LDAP) API provides a mechanism for connecting to, searching, and modifying Internet directories. The LDAP guide documents the functions and data structures that constitute the LDAP 3 API draft...
ebhakt

Network Traces

Network Traces   Netmon OneClick. It’s a cool tool to send to your customers/end users to capture a problem behavior and as the name states, the tool installs netmon3 and captures the activity in question. The capture will terminate after...
ebhakt

TCP/IP

TCP/IP TCP/IP is the set of protocol suite as described under the OSI model for network communication in and on the Internet and Intranet networks. It describes sub-netting and other similar methods to define networks and helps then communicate with...
administrator

How to view and set LDAP policy in Active Directory by using Ntdsutil.exe

How to view and set LDAP policy in Active Directory by using Ntdsutil.exe http://support.microsoft.com/kb/315071 SUMMARY This step-by-step article describes how to manage Lightweight Directory Access Protocol (LDAP) policies by using the Ntdsutil.exe tool. To make sure that domain controllers can...
administrator

To delegate control of the group priority attribute

To delegate control of the group priority attribute CN=Group-Priority,CN=Schema,CN=Configuration,DC=tsged,DC=com Assessment: ================= <Suggestions for troubleshooting, data collection, etc> 1. Open up ADSIEdit.msc. 2. Right click on the domain name, and select Properties 3. Click on the "Security" tab. 4. Click the...
administrator

How to remove (retired) objects from Active Directory

How to remove (retired) objects from Active Directory SOS080324700001 Problem Description How to remove retired objects ------------------------------ Problem Description-: When I execute command "repadmin /showvector /latency cn=Configuration,dc=domain,dc=com" We will obtain the following result. Site\DC (retired) @ USN 130898 @ Time...
administrator

Common Metadata Cleanup Issues

Common Metadata Cleanup Issues Metadata cleanup:- If you try to connect to the same server that you want to delete, when you try to delete the server, you may receive the following error message: Error 2094. The DSA Object cannot...
administrator

How to detect Stale Accounts from AD

How to detect Stale Accounts from AD   Stale Account Detection   Stale account detection is required so that unused computer and user accounts can be removed from Active Directory. On domain controllers running Windows Server 2003 and Windows Server...
administrator

How to use the Showmeta command

How to use the Showmeta command Showmeta is a switch of the Repadmin Support tools utility. You can use the showmeta command to find data related to a particular Object. It helps in finding the originating write for the deletion...
administrator

How to restore deleted user accounts and their group memberships in Active Directory

How to restore deleted user accounts and their group memberships in Active Directory How to restore deleted user accounts and their group memberships in Active Directory http://support.microsoft.com/kb/840001/en-us?spid=12925&sid=1614 + LDP + Adrestore : Need to run it multiple times You can...
administrator

Some Important ADSIEDIT Active Directory Partition Paths to know about

Some Important ADSIEDIT Active Directory Partition Paths to know about   Lost & Found Container   Objects, whose parent OU's are missing (deleted) are moved into Lost & Found Container inside Active Directory.   ADSIEDIT Path: ?   Lost and...
administrator

USN Rollback Complete Article

USN Rollback Complete Article This article describes what is USN Rollback and what issues does it cause and how to Troubleshoot USN Rollback Issue What is USN Rollback? To under this issue you should first read the following two articles:...
administrator

User Data and Settings Management : Explanation of how users get their profiles!

User Data and Settings Management Explanation of how users get their profiles! http://technet.microsoft.com/en-us/library/bb490855.aspx Abstract Designed for system administrators, this article explains the IntelliMirror® user data and settings management features for Windows® XP. These key components of change and configuration management...
administrator

How to have Windows 2000 / XP roaming profile co-existence with Windows Vista

How to have Windows 2000 / XP roaming profile co-existence with Windows Vista Number : SOX070803700008 TITLE: How to have Windows 2000 / XP roaming profile co-existence with Windows Vista Problem: Win Vista Business N 32bit AL ID: SOX070803700008 CRT:...
administrator

Debugging User Profiles and System Policies in Windows NT 4.0

Debugging User Profiles and System Policies in Windows NT 4.0 http://support.microsoft.com/kb/154120 To enable the log file: 1. Rename the Userenv.dll file in the %Windir%\System32 directory to Userenv.orig or the unique name of your choice. 2. Copy the checked version of...
administrator

Vista -- User Profiles Applet Shows Temporary Instead of Local or Roaming

Vista -- User Profiles Applet Shows Temporary Instead of Local or Roaming ISSUE: You might see this issue in Windows Vista, that after a user logs on to the Windows Vista computer; the User Profiles Applet still shows that the...
administrator

Location of User Profile registry keys

Location of User Profile registry keys When a user logs into a computer that is running on any version of Windows, the users profile is loaded and the path to the location of the folder from which Windows loaded that...
administrator

How to give an Administrator access to the User Roaming Profile folder on the server share

How to give an Administrator access to the User Roaming Profile folder on the server share When you have Roaming profile configured for the users. As you all know, that the Roaming profile data is synchronized onto a server share...
administrator

Group policy setting that makes profiles mandatory

Group policy setting that makes profiles mandatory If you have Roaming Profile on the server for users, there is a group policy setting that makes profiles mandatory. Computer Configuration--->Policies--->Administrative Templates--->System--->User Profile--->Prevent Roaming Profile changes from being propagated to the server...
administrator

Add administrators to security ACLS using xcacls

Add administrators to security ACLS using xcacls Steps you need to follow to make sure that the Users who are a part of Administrators Group should be able to access the files and Folders of the roaming Profiles. 1) Download...
administrator

How to resolve most common Snap-in Issues

How to resolve most common Snap-in Issues There may be scenario when you are unable to open the snap-in that you want to work on using the Microsoft Management Console (mmc.exe) Window. The snap-in may fail to load the relevant...
administrator

How to configure Windows Firewall in Windows XP Service Pack 2 to allow remote administration tools that use WMI, RPC, or DCOM

How to configure Windows Firewall in Windows XP Service Pack 2 to allow remote administration tools that use WMI, RPC, or DCOM How to configure Windows Firewall in Windows XP Service Pack 2 to allow remote administration tools that use...
administrator

Server Message Block communication between a client-side SMB component and a server-side SMB component is not completed if the SMB signing settings are mismatched in Group Policy or in the registry

Server Message Block communication between a client-side SMB component and a server-side SMB component is not completed if the SMB signing settings are mismatched in Group Policy or in the registry http://support.microsoft.com/kb/916846 SYMPTOMS Server Message Block (SMB) communication between a...
administrator

Overview of SMB Signing

Overview of SMB Signing How to determine whether SMB signing is enabled in a network monitor trace To determine whether SMB signing is enabled, required at the server, or both, view the Negotiate Dialect Response from the server: SMB: R...
administrator

Microsoft SMB Protocol Packet Exchange Scenario

Microsoft SMB Protocol Packet Exchange Scenario This topic gives an example of a Microsoft SMB Protocol packet exchange between a client and a server. The following steps are an overview of the process: 1. The client and server establish a...
administrator

Group Policy Troubleshooting

Group Policy Troubleshooting   + enabled Gptext logging: Value Path: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon Value Name: GPTextDebugLevel Value Type: REG_DWORD Value Data: 1002 (hex) Output: %systemroot%\debug\usermode\gptext.log        ...
administrator

Authoritative Userenv 1030 and 1058 Troubleshooting Guide

Authoritative Userenv 1030 and 1058 Troubleshooting Guide   Authoritative Userenv 1030 and 1058 Troubleshooting Guide Number          :           SOX030714700054 TITLE: Authoritative Userenv 1030 and 1058 Troubleshooting Guide Problem Windows Server 2003 Standard ID: SOX030714700054   Problem Description SYMPTOMS ========   Windows...
administrator

Group Policy and Slow Links

Group Policy and Slow Links   Group Policy does not apply when connecting remotely over a slow link http://technet.microsoft.com/en-us/library/cc759191.aspx    Group Policy slow link detection http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/gp/35.mspx?mfr=true   Extra Links for further study: Logon Optimization http://msdn.microsoft.com/en-us/library/aa374350.aspx   Specifying Group Policy for...
administrator

CSE :: Client Side Extensions

CSE :: Client Side Extensions   Identifying Group Policy Client-Side Extensions http://support.microsoft.com/kb/216357 gptext.dll appmgmts.dll scecli.dll iedkcs32.dll dskquota.dll fdeploy.dll   HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions     ●     GUID: 25537BA6-77A8-11D2-9B6C-0000F8080861 Component: Folder Redirection ●     GUID: 3610EDA5-77EF-11D2-8DC5-00C04FA31A66 Component: Microsoft Disk Quota ●     GUID: 42B5FAAE-6536-11D2-AE5A-0000F87571E3 Component:...
administrator

How to export the security settings

How to export the security settings   As we know, in the Windows Systems, we can configure the security settings which may include settings for the following areas:   SECURITYPOLICY - Includes Account Policies, Audit Policies, Event Log Settings and...
administrator

Vista -- How To Enable Tracing For CSC (Offline Files)

Vista -- How To Enable Tracing For CSC (Offline Files) Number :           SOX070124700030 TITLE:               Vista -- How To Enable Tracing For CSC (Offline Files) Problem:           BETA - Longhorn Pro ID: SOX070124700030 CRT: Jan 24 2007 MOD: Jan 24 2007  ...
administrator

How to re-initialize the offline files cache and database in Windows XP

How to re-initialize the offline files cache and database in Windows XP Format Database KB230738 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\NetCache Vista: REG ADD "HKLM\System\CurrentControlSet\Services\CSC\Parameters" /v FormatDatabase /t REG_DWORD /d 1 /f CSC FormatDatabase http://support.microsoft.com/kb/230738 SUMMARY The Offline Files (CSC or Client Side Caching) cache...
administrator

CSC Troubleshooting

CSC Troubleshooting Client-Side Caching Troubleshooting CSCCMD is a Client-Side Caching Command Line Tool to troubleshoot issues specific to offline files. //CSC troubleshooting// During the course of troubleshooting file extraction from CSC database, please keep this list handy - To extract...
administrator

Features and functions in version 1.1 of the Client-Side Caching Command-Line Options command-line tool

Features and functions in version 1.1 of the Client-Side Caching Command-Line Options command-line tool http://support.microsoft.com/kb/884739 INTRODUCTION This article contains information about the features and functions in the latest version of the Client-Side Caching Command-Line Options (CSCCMD) command-line tool (Csccmd.exe). MORE...
administrator

Changing the share location for Folder Redirection Redirected Folders using Group Policy - Re-Applying Folder Redirection: Migrating Folder Redirection user data from old server to a new server

Changing the share location for Folder Redirection Redirected Folders using Group Policy Re-Applying Folder Redirection: Migrating Folder Redirection user data from old server to a new server   This is regarding case SRX080602600766 Issue: How to migrate data from an...
administrator

The Cache Option for Offline Files Must Be Disabled on Roaming User Profile Shares

The Cache Option for Offline Files Must Be Disabled on Roaming User Profile Shares   http://support.microsoft.com/kb/287566 SYMPTOMS With roaming user profiles, if you do not disable the cache option for Offline Files, synchronization problems may occur. The user profile can...
administrator

How to stop Folder Redirection in Windows Server 2003 and in Windows 2000 Server

How to stop Folder Redirection in Windows Server 2003 and in Windows 2000 Server   This article and the series are sometimes and somewhere taken from Official Microsoft TechNet and KB. Please Note that you might find some content to...
administrator

NTFS and Share Permissions Needed for User Home Directories, Roaming Profiles, and Folder Redirection.

NTFS and Share Permissions Needed for User Home Directories, Roaming Profiles, and Folder Redirection. NTFS and Share Permissions Needed Roaming Profiles and Folder Redirection - SOX040906700033 NTFS and Share Permissions Needed for User Home Directories, Roaming Profiles, and Folder Redirection....
administrator

Remove folder redirection group policy and relocate user's data back to local machines.

Remove folder redirection group policy and relocate user's data back to local machines.   SRX080602600766   S: (Subjective) =============== Remove folder redirection group policy and relocate user's data back to local machines. # But you deleted the GPO after following...
administrator

Folder Redirection

Folder Redirection http://www.microsoft.com/windows/windows2000/en/advanced/help/folder.htm You use the Folder Redirection extension to Group Policy to redirect certain Windows 2000 special folders to network locations. Special folders are those folders such as My Documents and My Pictures that are located under Documents and...
administrator

How to dynamically create security-enhanced redirected folders by using folder redirection in Windows 2000 and in Windows Server 2003

How to dynamically create security-enhanced redirected folders by using folder redirection in Windows 2000 and in Windows Server 2003   http://support.microsoft.com/kb/274443 SUMMARY In Microsoft Windows 2000 and in Microsoft Windows Server 2003, as an administrator, you can customize desktops by...
administrator

Folder Redirection Troubleshooting

Folder Redirection Troubleshooting   Folder Redirection is the concept of keeping Windows Created User Documents Data Folders on a shared network drive (Network Resource).   By keeping folder redirection ON, The access to user’s data is redirected to the shared...
administrator

FRS Engine Working

FRS Engine Working   1. USN Journal 2. Filter 3. Aging Cache (3 Sec.) 4. Inbound log. 5. Staging files.     -     -     -     - [TO-REWRITE-THIS-ARTICLE]        ...
administrator

FRS usage scenarios

FRS usage scenarios   FRS usage scenarios Number  : SOX031031700031 Created  : 10/31/2003 Region  : US   TITLE: FRS usage scenarios Problem Windows 2000 Server ID: SOX031031700031 CRT: Oct 31 2003 MOD: Oct 31 2003   Problem Description FRS is...
administrator

How to rebuild the SYSVOL tree and its content in a domain

    Article ID : 315457   http://support.microsoft.com/kb/315457 How to rebuild the SYSVOL tree and its content in a domain   http://support.microsoft.com/kb/315457   How to rebuild the SYSVOL tree and its content in a domain   INTRODUCTION The article describes...
administrator

Configuration and operational recommendations for the File Replication service in Windows Server 2003 and Windows 2000 Server

Configuration and operational recommendations for the File Replication service in Windows Server 2003 and Windows 2000 Server   http://support.microsoft.com/kb/840675 Configuration and operational recommendations for the File Replication Service in Windows Server 2003 and Windows 2000 Server   SUMMARY This article...
administrator

Update the FRS member object

Update the FRS member object http://technet.microsoft.com/en-us/library/cc787188.aspx Use this procedure to update the File Replication service (FRS) member object after renaming a domain controller. For more information about this procedure, see article 316826 in the Microsoft Knowledge Base (http://go.microsoft.com/fwlink/?LinkId=82821). Administrative Credentials...
administrator

Description of the FRS Replication Protocol, Notification and Schedule for DFS Content

Description of the FRS Replication Protocol, Notification and Schedule for DFS Content   http://support.microsoft.com/kb/220938 SUMMARY The File Replication Service (FRS) is a multi-threaded, multi-master replication engine that replaces the LMREPL (LAN Manager Replication) service in previous versions of Microsoft Windows...
administrator

Backing Up and Restoring an FRS-Replicated SYSVOL Folder

Backing Up and Restoring an FRS-Replicated SYSVOL Folder   http://msdn.microsoft.com/en-us/library/cc507518.aspx   The System Volume (SYSVOL) folder provides a standard location to store important elements of Group Policy objects and scripts. A copy of the SYSVOL folder exists on each domain...
administrator

FRS Tables

FRS Tables http://technet.microsoft.com/library/Cc962208   FRS transactions are stored in a Microsoft Jet database that defaults to systemroot \\Ntfrs\Jet\Ntfrs.jdb. Each replica set hosted by a computer has a set of tables stored in the Ntfrs.jdb file. These five tables are: ·         Connection table....
administrator

FRS Logs

FRS Logs   http://technet.microsoft.com/library/Cc978208   FRS creates text-based logs in the systemroot \Debug directory to help you debug problems. The Ntfrsapi.log file contains events that take place during promotion and demotion — namely, creating the subkeys in the NTFRS registry...
administrator

Microsoft Windows File Replication Service 2000/2003 Management Pack for Operations Manager 2007

Microsoft Windows File Replication Service 2000/2003 Management Pack for Operations Manager 2007 DOWNLOAD: Download Microsoft Windows File Replication Service 2000/2003 Management Pack for Operations Manager 2007 Alternate Link: Download the same file from Microsoft Download Center, here: http://www.microsoft.com/en-us/download/details.aspx?id=14924 Monitors the...
administrator

Monitoring and Troubleshooting the File Replication Service

Monitoring and Troubleshooting the File Replication Service   File Replication Service (FRS) is used for synchronizing the SYSVOL shared folders on domain controllers and for synchronizing DFS link targets on servers running Windows 2000 and Windows Server 2003. If you...
administrator

Planning DFS and FRS Security

Planning DFS and FRS Security   Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2   When planning to secure DFS namespaces and content replicated by FRS, follow these guidelines:...
administrator

FRS and Sysvol Improvements in Windows Vista

FRS and Sysvol Improvements FRS and Sysvol Improvements in Windows Vista Group Policy benefits from improvements to the File Replication Service (FRS) and storage of the new administrative template files (ADMX files) to reduce usage of network bandwidth and Sysvol...
administrator

How to restrict FRS replication traffic to a specific static port

How to restrict FRS replication traffic to a specific static port   http://support.microsoft.com/kb/319553 How to restrict FRS replication traffic to a specific static port   SUMMARY This article describes how to configure a static port for File Replication service (FRS)...
administrator

What Is FRS?

What Is FRS?   File Replication service (FRS) is a technology that replicates files and folders stored in the SYSVOL shared folder on domain controllers and Distributed File System (DFS) shared folders. When FRS detects that a change has been...
administrator

Introduction to FRS

Introduction to FRS   http://technet.microsoft.com/library/Cc962212   File Replication service is a multithreaded replication engine that replaces the LMRepl service that is used in Microsoft® Windows NT®. Multithreaded means that several processes can run at the same time to handle multiple...
administrator

How FRS Works

How FRS Works   http://technet.microsoft.com/library/Cc962202   FRS provides redundancy for the content of designated NTFS shares between Windows 2000 servers. The servers can be interconnected in any topology such as a ring or a star configuration. With an appropriate topology...
administrator

FRS objects : Overview of Active Directory Objects That Are Used by FRS

FRS objects Overview of Active Directory Objects That Are Used by FRS NTFRS-Subscriptions NTFRS-Subscriber NTFRS Settings, Replica Set, and Member Objects NTFRS-Settings NTFRS-Replica-Set NTFRS-Member NTDS-Connection http://support.microsoft.com/kb/296183 Overview of Active Directory Objects That Are Used by FRS SUMMARY This article describes...
administrator

How to troubleshoot journal_wrap errors on Sysvol and DFS replica sets

Troubleshooting journal_wrap errors on Sysvol and DFS replica sets   Troubleshooting journal_wrap errors on Sysvol and DFS replica sets http://support.microsoft.com/kb/292438 How to troubleshoot journal_wrap errors on Sysvol and DFS replica sets SUMMARY The File Replication Service (FRS) is a multithreaded,...
administrator

Replication Service replica sets : Using the BurFlags registry key to reinitialize File Replication Service replica sets :: D2, D4 : Authoritative and Non-Authoritative Restore of FRS Replica Sets

Replication Service replica sets   Using the BurFlags registry key to reinitialize File Replication Service replica sets   Replication Service replica sets : Using the BurFlags registry key to reinitialize File Replication Service replica sets :: D2, D4 : Authoritative...
administrator

How to Troubleshoot the File Replication Service in Windows Server 2003

How to Troubleshoot the File Replication Service in Windows Server 2003   http://support.microsoft.com/kb/327341 This step-by-step article describes how to troubleshoot the File Replication service (FRS). The following procedures are all performed by a member of the administrators group on a...
administrator

Configuring Correct Staging Area Space for Replica Sets

Configuring Correct Staging Area Space for Replica Sets The staging area size limits in Windows 2000 and Microsoft Windows Server 2003 are: Default size: 660 megabytes (MB) Minimum size: 10 MB Maximum size: 2 terabytes   http://support.microsoft.com/kb/329491/ Configuring Correct Staging...
administrator

Troubleshooting File Replication Service

Troubleshooting File Replication Service   Readers of this article, please have a look at this article too. In my opinion you should look at this: ·        How to Troubleshoot the File Replication Service in Windows Server 2003   Troubleshooting FRS...
administrator

Configuration and operational recommendations for the File Replication Service in Windows Server 2003 and Windows 2000 Server

Configuration and operational recommendations for the File Replication Service in Windows Server 2003 and Windows 2000 Server   http://support.microsoft.com/kb/840675   Configuration and operational recommendations for the File Replication Service in Windows Server 2003 and Windows 2000 Server   SUMMARY This...
administrator

How to Troubleshoot Missing SYSVOL and NETLOGON Shares on Windows Server 2003 Domain Controllers

How to Troubleshoot Missing SYSVOL and NETLOGON Shares on Windows Server 2003 Domain Controllers   How to Troubleshoot Missing SYSVOL and NETLOGON Shares on Windows Server 2003 Domain Controllers   MICROSOFT CONFIDENTIAL -- DO NOT SHARE THIS ARTICLE WITH CUSTOMERS...
administrator

How to migrate FRS replica sets to DFSR replication groups

How to migrate FRS replica sets to DFSR replication groups   How to migrate FRS replica sets to DFSR replication groups SOX060801700014   Problem: Customers may want to migrate their FRS replica sets to DFSR replication groups.   Resolution: First...
administrator

FRS replication may not start when seeding partner is in seeding mode himself

FRS replication may not start when seeding partner is in seeding mode himself   FRS replication may not start when seeding partner is in seeding mode himself SOX060724700012   Problem :   Summary ============================= This customer had the problem that...
administrator

Events ID 13555, 13552 and 13539

Events ID 13555, 13552 and 13539   SOX031017700020   Error: FRS is generating events ID 13555, 13552 and 13539 when it's restarting. Errors make reference to a replica set that the server (member server) used to belong to. The replica...
administrator

Rebuilding the FRS Structure on the Local Server Machine

Rebuilding the FRS Structure on the Local Server Machine   In case we need to re-build the FRS structure for the Default Replication Group of SYSVOL on the Server’s Disk, we can follow the following steps:   ·        Check Basic...
administrator

What is Authoritative and Non-Authoritative Restore of FRS Replica Sets? The no longer unknown D2 and D4 Processes

What is Authoritative and Non-Authoritative Restore of FRS Replica Sets? The no longer unknown D2 and D4 Processes   The D2 and D4 procedures are used alternatively to restore data to a missing DFS Share. One picks data from other...
administrator

FRS Tools and Settings

FRS Tools and Settings   http://technet.microsoft.com/en-us/library/cc786122(v=ws.10).aspx   FRS Tools and Settings Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2   FRS Tools   The following tools are associated with...
administrator

When to use DCGPOFIX to restore the Default set of Policies on a Domain Controller

When to use DCGPOFIX to restore the Default set of Policies on a Domain Controller Whenever we create a Domain and setup a Domain Controller to hold and Active Directory instance (including the FRS instance as well) and then we...
administrator

FRS Subscription and subscriber objects

FRS Subscription and subscriber objects   INTRODUCTION Whenever we setup a DFS Share on the Domain with Replication Setup between the folders on separate Servers. In Pre-Windows 2008, this will use the FRS Service to replicate data. Remember that FRS...
administrator

DFSR Troubleshooting

DFSR Troubleshooting   All hotfixes in dfsrinfo.cab   905700 You may receive an RPC server is too busy to complete this operation...," &_ 912154 You cannot create a diagnostic report for DFS replication on a...," &_ 912850 Unable to access...
administrator

Fence Value

Fence Value   DFSR uses fence values to ensure that the correct version of a resource (file or folder) is replicated where there is a conflict. The fence values are also used in initial sync where the versions on the...
administrator

Repair options that you can use to recover if you accidentally make an incorrect Distributed File System Replication (DFSR) member authoritative in a Windows Server 2003 R2 environment

Repair options that you can use to recover if you accidentally make an incorrect Distributed File System Replication (DFSR) member authoritative in a Windows Server 2003 R2 environment Repair options that you can use to recover if you accidentally make...
administrator

Lower the DFS LDAP Timeout value

Lower the DFS LDAP Timeout value We have lowered the DFS LDAP Timeout value to 3 seconds using the following command dfsutil Server Registry LdapTimeoutValue set 3 <servername> We were initially told that this timeout value could not be modified...
administrator

Wanted to remove DFS root from servers that have been decommissioned.

Wanted to remove DFS root from servers that have been decommissioned.   I was getting “RPC server unavailable” while trying to remove the decommissioned server from the DFS GUI. I was able to remove the DFS root from the decommissioned...
administrator

Reset the DFSR Database

Reset the DFSR Database   + Found SOX070212700038 : followed it ##### Followed these steps to rebuild the database: 1. Stop the DFSR service on the server that is logging the 4004 event. 2. Navigate to D:\System Volume Information\DFSR (drive...
administrator

Recover Data from DFSR Staging Directory.

Recover Data from DFSR Staging Directory.   Recently we worked on a case where customer was replicating one share using FRS. He did not wait for initial replication to finish and he stopped the replication, then he created new replication...
administrator

Troubleshooting slow replication in DFSR

Troubleshooting slow replication in DFSR   >> We can enable auditing for DFSR and see the files takes how much time to replicate   >>started with Easy assist session and enabled auditing on hub server: Create the following registry *key*...
administrator

DFSR - Recovering a compressed file from staging (BEST-EFFORT WORKAROUND)

DFSR - Recovering a compressed file from staging (BEST-EFFORT WORKAROUND) Number : SOX080610700012 Problem Description # Issue: Customer needs a file recovered from the DFSR staging directory. The file is compressed. # Environment: Windows Server 2003 R2 Resolution # Workaround:...
administrator

Using the Windows Server 2008 DFSUTIL.EXE command line to manage DFS-Namespaces

Using the Windows Server 2008 DFSUTIL.EXE command line to manage DFS-Namespaces http://blogs.technet.com/b/josebda/archive/2009/05/01/using-the-windows-server-2008-dfsutil-exe-command-line-to-manage-dfs-namespaces.aspx The most common administration activities related to DFS-Namespaces can be performed using the "DFS Management" MMC. This will show up under "Administrative Tools" after you add the DFS...
administrator

Migrating DFS namespace from v1 to v2

Migrating DFS namespace from v1 to v2 Made a v1 namespace with name Eps.local \V1 and in ADsiedit.msc ---domain --system--DFSconf-v1 (ftdfs) that shows its a v1. now exported it into an XML file called V1.xml on C drive through command...
administrator

DFSN Troubleshooting

DFSN Troubleshooting dfsutil | purgemupcache | spcflush | pktflush local/site/domain set target priority get the nearest DFS (1) DSSITE > configuration (2) Set Target Priority > (3) Out-of-Site > OK...
administrator

DFS root was on a DC which was demoted and formatted.

DFS root was on a DC which was demoted and formatted. SOX050307700007 DFS was a single un-replicated root. Was previously hosted on a DC which was demoted and formatted. Points to multiple replicated target links. The root target data still...
administrator

Networking\SMB\File transfer fails over network with network related errors

Networking\SMB\File transfer fails over network with network related errors SOX070102700032 > Take network trace at the client and the server > reproduce the error > Take a trace of both sending and receiving computers during the failure and the success...?...
administrator

DFS Faq's

DFS Faq's 1. How many Roots can we have in Domain based DFS and in Standalone Root. What can we do to provide availability in Standalone DFS A domain-based root can have multiple root servers to provide redundancy and...
administrator

DFSN v2

DFSN v2 REQUIREMENTS: Domain Functional level: 2008 The domain functionality level required for DFSN v2 to come in effect is 2008. The domain functionality level is required to be at least 2008 OR above for DFSN v2. All namespace servers...
administrator

How to transfer Terminal Services CAL from one client computer to another

How to transfer Terminal Services CAL from one client computer to another 1. Click Start, click Run, type Regedit.exe, and then click OK. 2. Locate the following key in the registry: HKEY_LOCAL_MACHINE\Software\Microsoft\MSLicensing\Store\ 3. Delete the TS CAL key, probably LICENSE001....
administrator

A Windows Server 2003-based terminal server cannot locate the Terminal Services license server

The terminal server cannot locate the license server A Windows Server 2003-based terminal server cannot locate the Terminal Services license server http://support.microsoft.com/kb/945631 When you use a Windows Server 2003-based server that has Terminal Server enabled, the terminal server cannot locate...
administrator

Terminal Services License Server Security Group Configuration

Terminal Services License Server Security Group Configuration http://technet.microsoft.com/en-us/library/cc775331.aspx Terminal Services License Server Security Group Configuration Applies To: Windows Server 2008 When the TS Licensing role service is installed on the server, the Terminal Server Computers local group is created. The...
administrator

Terminal Services Licensing Service Discovery

Terminal Services Licensing Service Discovery http://support.microsoft.com/kb/301932 SUMMARY This article describes the Terminal Services Licensing service discovery methods that are used by Windows Server 2003-based servers. MORE INFORMATION Workgroup or Microsoft Windows NT 4.0 Domain If a server that has Terminal...
administrator

Terminal Server CALS

Terminal Server CALS Terminal Server Client Access Licenses Brief: Note To use both User and Device TS CALs at the same time on the same Terminal Server, configure the server to use the Per User TS CAL licensing option. http://support.microsoft.com/kb/823313...
administrator

Terminal Services Client Access Licenses (TS CALs)

Terminal Services Client Access Licenses (TS CALs) Types of Terminal Services Client Access Licenses (TS CALs) http://technet.microsoft.com/en-us/library/cc731629.aspx When Per Device licensing mode is used, and a client computer or device connects to a terminal server for the first time, the...
administrator

Windows Server 2003 Terminal Server licensing issues and requirements for deployment

Windows Server 2003 Terminal Server licensing issues and requirements for deployment This article contains information that can help you understand and successfully deploy Terminal Services on computers that are running Microsoft Windows Server 2003. This article discusses the following topics:...
administrator

Windows 2008 Terminal Server License

Windows 2008 Terminal Server License Information to know about Windows 2008 Terminal Server License 1. We cannot install the Windows 2008 TS License on a Windows 2003 License Server. 2. If we install the Windows 2008 TS License on a...
administrator

Terminal Server and Terminal Server License Server

TS and TSLS Terminal Server and Terminal Server License Server http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/prork/prdc_mcc_tqht.mspx?mfr=true Mobile Computing Roaming user profiles make it possible for users to use different computers within the corporate network and still retain a consistent desktop. With a roaming user profile,...
administrator

Add Windows NT 4.0 BDCs to Windows Server 2003 Domain

Add Windows NT 4.0 BDCs to Windows Server 2003 Domain http://technet2.microsoft.com/windowsserver/en/library/ecee784a-9e2d-4e54-b0b2-5ec726ebe53f1033.mspx?mfr=true Add Windows NT 4.0 BDCs to Windows Server 2003 Domain If you have applications in your environment that can run only on a Windows NT 4.0–based domain controller and...
administrator

How To Upgrade a Windows NT 4.0-Based PDC to a Windows Server 2003-Based Domain Controller

How To Upgrade a Windows NT 4.0-Based PDC to a Windows Server 2003-Based Domain Controller http://support.microsoft.com/kb/326209 SUMMARY This step-by-step article describes how to upgrade a Windows NT 4.0-based primary domain controller (PDC) to a Windows Server 2003-based domain controller. The...
administrator

The Active Directory database garbage collection process

The Active Directory database garbage collection process APPLIES TO ·         Microsoft Windows Server 2003, Standard Edition (32-bit x86) ·         Microsoft Windows Server 2003, Enterprise Edition (32-bit x86) ·         Microsoft Windows Server 2003, Datacenter Edition (32-bit x86) ·         Microsoft Windows 2000...
administrator

Useful shelf life of a system-state backup of Active Directory

Useful shelf life of a system-state backup of Active Directory APPLIES TO ·         Microsoft Windows Server 2003, Standard Edition (32-bit x86) ·         Microsoft Windows Server 2003, Enterprise Edition (32-bit x86) ·         Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems...
administrator

How to enable and use Userenv Log on Windows

Userenv For Information on Interpreting Userenv Log Files and tracking User Environment Creation, use the following article link(s): Interpreting Userenv Log Files Userenv :: Tracking User Environment Creation How to enable Userenv log in Pre Vista / Windows Server 2008...
administrator

Interpreting Userenv log files

Interpreting Userenv log files http://technet2.microsoft.com/WindowsServer/en/Library/ccd7b430-99a5-40fd-b68a-6c1979e565a21033.mspx?mfr=true Interpreting Userenv log files This topic explains how to interpret userenv log files. Userenv Logging With userenv, you can perform debug logging of the user profile and the system policy processes. Userenv also contains information...
administrator

Monitoring Active Directory Health

Monitoring Active Directory Health http://technet.microsoft.com/en-us/library/cc180912.aspx Monitoring Active Directory Health Active Directory Management Pack (ADMP) monitors Active Directory — and the external components that are related to Active Directory — to ensure that their ongoing behavior falls within the bounds of...
administrator

Active Directory Diagnostic Logging

Active Directory Diagnostic Logging http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/distrib/dsbi_add_oudd.mspx AD Logs Summary of Log Files Used in Active Directory Windows 2000 maintains specific log files that pertain to Active Directory. For example, when installing or removing Active Directory by using the Active Directory Installation...
administrator

Directory Services Debug Logging Primer

Directory Services Debug Logging Primer http://blogs.technet.com/b/askds/archive/2008/04/02/directory-services-debug-logging-primer.aspx Bhaskar here. In Directory Services we support a whole bunch of components which each have their own debug logging. A while back I pulled together all the information from various KB and TechNet articles...
administrator

License Logging Service - LLS

License Logging Service - LLS   Description of the License Logging Service in Windows Server operating systems Description of the License Logging Service in Windows Server operating systems http://support.microsoft.com/kb/824196 SUMMARY License Logging Service (LLS) is a tool that was originally...
administrator

NetBIOS

NetBIOS In Windows, Microsoft has developed a proprietary protocol for name resolution. Windows Internet Name Server WINS for short. WINS stores names of computers in a format called NetBIOS and for communication it uses a proprietary protocol called NetBUI....
administrator

Login ‘n’ Startup :: Understanding Logon and Authentication

Login n Startup Understanding Logon and Authentication http://technet.microsoft.com/en-us/library/bb457114.aspx ============================================================================== When a user logs on to a computer, a series of steps begins that makes up the authentication process. Authentication validates user identity and defines resources that a user can access....
administrator

DNS

DNS D.N.S. Server:             Domain Name Server is the server / service responsible for hosting DNS Zones; And also to resolve an FqDN to an IP Address.   If the DNS Zone is Dynamic (as is the case in Active...
administrator

Folder Redirection

Folder Redirection Folder Redirection Overview http://technet.microsoft.com/en-us/library/cc732275.aspx Applies To: Windows 8, Windows Server 2008 R2, Windows Server 2012 Folder Redirection User settings and user files are typically stored in the local user profile, under the Users folder. The files in local user profiles...
administrator

Dcpromo Demotion

Dcpromo Demotion The command to demote a Domain Controller (forcefully) is as follows:            dcpromo /forceremoval   The logs are found at the same location as for normal dcpromo operation; which was used to promote the server as Domain Controller....
administrator

Delegation

Delegation In distributed systems, it is typical for one server to call another server to accomplish a task for a client. This functionality is called impersonation. To handle these requests for a client, the server must be given the authority...
administrator

Active Directory Database Mounting

Active Directory Database Mounting Active Directory Database Mounting and Snapshot creation is a technique where in you can store instances of the whole Active Directory by taking its snapshot, and then you can mount these snapshots to activate that instance...
administrator

Windows Server Core - Part 01

Windows Server Core - Part 01 To manage a server that is running a Server Core installation and is a domain member using an MMC snap-in 1.    Start an MMC snap-in, such as Computer Management. 2.    In the left pane,...
administrator

Windows Server Core - Part 02 - dcpromo

Windows Server Core - Part 02 - dcpromo Appendix of Unattended Installation Parameters http://technet.microsoft.com/en-us/library/cc732086.aspx Appendix of Unattended Installation Parameters Applies To: Windows Server 2008, Windows Server 2008 R2 The tables in this appendix provide the information that you need to...
administrator

Active Directory Sites and Services

Active Directory Sites and Services Step-by-Step Guide to Active Directory Sites and Services http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/directory/activedirectory/stepbystep/adsrv.mspx Step-by-Step Guide to Active Directory Sites and Services   This guide explains how to use the Active Directory Sites and Services snap-in to administer replication topology...
administrator

Csvde

Csvde http://technet.microsoft.com/hi-in/library/cc771621(en-us,WS.10).aspx Csvde Applies To: Windows Server 2008 Csvde Imports and exports data from Active Directory Lightweight Directory Services (AD LDS) using files that store data in the comma-separated value (CSV) format. You can also support batch operations based on...
administrator

UAC

UAC The policies for User Account Control can be checked by going to:   Group policy Editor>>Computer configuration>>Windows settings>>Security settings>>Local policies>>Security Options.   User Account Control http://technet.microsoft.com/en-us/library/cc772207.aspx User Account Control Updated: May 1, 2008 Applies To: Windows Server 2008, Windows...
administrator

GINA Registry

GINA Registry What if you want to publish your own version of the Windows Logon screen? What if you want to alter the look and feel of the Windows Login Prompt?   Use Window GINA dll registry location. Windows Uses...
administrator

What Are Access Tokens?

What Are Access Tokens? http://technet.microsoft.com/en-us/library/cc759267.aspx Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2   What Are Access Tokens?   An access token is a protected object that contains information...
administrator

GUID

GUID GUID (Globally Unique Identifier) The Server GUID (Globally Unique Identifier) is a reference point used in the Active Directory and DNS (Domain Name System) to locate a domain controller primarily for the purposes of replication. This GUID is automatically...
administrator

Basic Troubleshooting steps

Basic Troubleshooting Steps These are the basic troubleshooting steps that will come in handy for almost all of the relevant issues with in an Active Directory Domain Environment where in it needs troubleshooting. These are some basics that need to...


This is the list for sub-categories that this category contains..


  • Current Category: Reference

  • Ports and protocols










    Enjoy here!

    *
    *
    ****




    More Advertisements from "Google":

    *****



      Desktop
    • eBooks
    • Games
    • Softwares
    • Tools
    • Tweaks
    • Wallpapers
    • Warez
      PDA
    • Games
    • Tools
    • Wallpapers
      System Administration
    • dll Center
    • Scripts
    • Tools
    • .extensions database
    • Write-up
      more...
    • Download Database
    • Jobs
    • Lists
    • Polls
    • Glossary

    01000011 01110010 01100001 01100011 01101011 01111010 01101000 01100001 01100011 01101011