Windows Server










GUID (Globally Unique Identifier)

The Server GUID (Globally Unique Identifier) is a reference point used in the Active Directory and DNS (Domain Name System) to locate a domain controller primarily for the purposes of replication. This GUID is automatically generated for each domain controller, is unique when created, and will not be duplicated


A GUID is a 128-bit integer (16 bytes) that can be used across all computers and networks wherever a unique identifier is required.


You can determine the Server GUID by three ways:

1. Using LDP.EXE from the Windows 2000 Resource Kit

2. Using Active Directory Replication Monitor from the Windows 2000 Resource Kit

3. Using the DNS Management MMC Snap-In



Determining the Server GUID of a Domain Controller


This article outlines three ways of determining the server GUID using utilities in the Windows 2000 product and in the Windows 2000 Resource Kit. If Active Directory Replication Monitor or LDP.EXE are used, it is important to note that these utilities only return data known to the domain controller being queried. If the query results do not include the GUID for the requested server, this may be due to replication problems from other domain controllers in the enterprise. If such a failure occurs, these utilities should be focused against other domain controllers as alternate sources of information.

Using LDP.EXE from the Windows 2000 Resource Kit

1.      Using LDP.EXE, search the Configuration Naming Context (a partition of the Active Directory containing objects that include settings for each domain controller in the enterprise) with the following criteria:

Base DN: CN=Sites,CN=Configuration,DC=RootDomainName,DC=Com
Filter : (cn=NTDS Settings)
Scope: Subtree
Attributes: objectGUID

replacing RootDomainName with the name of the first domain installed in the enterprise (forest). This domain is known as the root domain.

2.      In the search results, locate the entry which represents the appropriate server that the GUID is being determined for. The "objectGUID" attribute should also be present and look like the following:

ldap_search_s(ld, "cn=sites,cn=configuration,dc=mydomain,dc=com", 2, "(cn=NTDS Settings)", attrList, 0, &msg)
Result <0>: (null)
Matched DNs: 
Getting 1 entries:
>> Dn: CN=NTDS Settings,CN='server-name',CN=Servers,CN='site-name',CN=Sites,CN=Configuration,DC=mydomain,DC=com

1> objectGUID: e99e82d5-deed-11d2-b15c-00c04f5cb503;

The Server GUID is identified by the value associated with the objectGUID attribute (in this example, above in bold).

Using Active Directory Replication Monitor from the Windows 2000 Resource Kit

1.      If the Windows 2000 Resource Kit is not already installed, perform this step before proceeding. For more information on the usage of Active Directory Replication Monitor, please refer to the Windows 2000 Resource Kit Documentation.

2.      Open Active Directory Replication Monitor and use the Add Site/Server Wizard from the Edit menu to add the server that you are identifying the Server GUID for.

3.      After Active Directory Replication Monitor has enumerated the naming contexts and replication partners, right-click the name of the server just below the site name.

4.      Select Generate Status Report and supply a filename to save the results of the report to.

5.      After Active Directory Replication Monitor indicates the report is complete, open the resulting report file and locate the "Enterprise Data" section of the report. Underneath each site, each server that resides in the site will also be listed. For each server, the Server GUID is identified beneath it. If the Server GUID is blank, this indicates that the domain controller has probably been demoted. For example:


Server GUID (used for DNS) : e99e82d5-deed-11d2-b15c-00c04f5cb503
Replication Database GUID : e98d5d92-deed-11d2-b14d-00c04f5cb503

Using the DNS Management MMC Snap-In

1.      Open the DNS Management MMC Snap-in located in the Administrative Tools menu. If a shortcut is not present, this will require starting a new MMC console and adding the snap-in manually.

2.      Set the focus of the DNS Management snap-in to a DNS server used by the domain controllers. Expand the server to display the nodes Forward Lookup Zones and Reverse Lookup Zones.

3.      Expand Forward Lookup Zones to display the zone which contains the domain where the domain controller resides. Traverse the hierarchy of the zone to display the domain that the server is a member of. Expand this node and double-click _msdcs.

4.      Each domain controller registers a CNAME record (Alias record) in this location identifying its Server GUID. In the right hand pane of the MMC console, locate the name of the server in the Data column and the Server GUID will be identified in the Name column.





A GUID can be created using the Tool - GUIDGEN.EXE



Generates a GUID in a specified format.

When you start guidgen.exe, or when you click the New GUID button in the Create GUID dialog box, guidgen.exe generates a GUID.


To run guidgen.exe from the IDE

1.      On the Tools menu, click Create GUID. The Create GUID tool appears with a GUID in the Resultbox.

2.      Select the format you want for the GUID.

3.      Click Copy.

The GUID is copied to the Clipboard so that you can paste it into your source code.

4.      If you want to generate another GUID, click New GUID.





Steps to follow to correctly register GUID in DNS System:


On the Machine/Computer do the following steps:,

1)     Correct DNS settings in TCP/IP Stack

2)   *Should not point to ISP. On the computer whose GUID You want to register in the DNS System make sure that it is pointing to the DNS Server in site and in domain.

3) In the TCP/IP Stack           >          Advanced Properties            >          Check "Register this connection in DNS."

4) Restart Netlogon Service


If the GUID is not there:

            5) Rename Netlogon.dnb

                Rename Netlogon.dns

6) Restart Netlogon Service.






* Netlogon.dnb

Netlogon.dnb is a database file that contains everything the Domain Controller is advertising. The Netlogon.dnb file is the one that contains everything that is hosted on the Domain Controller.


-*There is nothing else that we can do on this destination computer*-



7) On the DNS Server check Dynamic Updates to allow => both Secure and Non - Secure Dynamic Updates.


8) Check Ports; Check if the ports are open to allow proper communication:

            a) Destination to Source

            b) Source to Destination

            Do check these following ports for this purpose:

            DNS,    RPC

            53,       135



Still, Even if the GUID is not there → plz check for networking issues




Now from Source to Destination; check the following:

1) Packet Fragmentation (--1472--)

2) Ports Blocked.





Vista -- Tracing GUIDS

How to determine verbosity levels for tracing guids.



Search in source for the guid you are interested in.

In this case we'll use:

NETIO - eb004a05-9b1a-11d4-9123-0050047759bc


The NETIO guid appears in multiple files but the file that interests us is



// The following system defined definitions may be used:


// TRACE_LEVEL_FATAL = 1 // Abnormal exit or termination.

// TRACE_LEVEL_ERROR = 2 // Severe errors that need logging.

// TRACE_LEVEL_WARNING = 3 // Warnings such as allocation failures.

// TRACE_LEVEL_INFORMATION = 4 // Including non-error cases (e.g. Entry-Exit).

// TRACE_LEVEL_VERBOSE = 5 // Detailed traces from intermediate steps.


// In addition we define particular levels for our own internal purposes:


// TRACE_LEVEL_NOISE // Noisy output, e.g. per-packet tracing.



A List of Common used GUID's by known processes:




ACPI - dab01d4d-2d48-477d-b1c3-daad0ce6f06b

APCLIENT(WPP) - f8e350ce-047e-4f1a-bd4b-97205a4d7ee6

AtaPort - d08bd885-501e-489a-bac6-b7d24bfe6bbf

BootDiag - 0063715b-eeda-4007-9429-ad526f62696e

Castle(WPP) - a323cdc2-81b0-48b2-80c8-b749a221478a

CastlePerf - cd128c78-0c44-4457-bdd0-07ce9613b22e

CbbSetup(WPP) - 5fd2d620-82bf-432a-9805-4090279f2344

CBS - 34c6b9f6-c1cf-4fe5-a133-df6cb085ec67

CDROM - a4196372-c3c4-42d5-87bf-7edb2e9bcc27

ClassPnP - fa8de7c4-acde-4443-9994-c4e2359a9edb

CLFS - 9690a7f3-49f1-4529-b3d6-57797343ac75

CsrSubsystem - e8316a2d-0d94-4f52-85dd-1e15b66c5891

DHCP - cc3df8e3-4111-48d0-9b21-7631021f7ca6

DHCP - 7b8e7b15-f0b0-4c3f-bf33-3b07175259ae

DiagInfrastructue - 2ff3e6b7-cb90-4700-9621-443f389734ed

DiskFailureModule - e9f2d03a-747c-41c2-bb9a-02c62b6d5fcb

Dnsapi - 1540ff4c-3fd7-4bba-9938-1d1bf31573a7

DPS - 6bba3851-2c7e-4dea-8f54-31e5afd029e3

Drizzle - 4a8aaa94-cfc4-46a7-8e4e-17bc45608f0a

DS(esent) - 9b1dd39a-2779-40a0-aa7d-c4427208626e

EventLog - fc65ddd8-d6ef-4962-83d5-6e5cfe9ce148

EventLog(WPP) - b0ca1d82-539d-4fb0-944b-1620c6e86231

fd - 480217a9-f824-4bd4-bbe8-f371caaf9a0d

FsUtil(WPP) - 6b1db052-734f-4e23-af5e-6cd8ae459f98

HAL - 63d1e632-95cc-4443-9312-af927761d52a

IE - 797fabac-7b58-4796-b924-d51178a59ce4

IE - 0cfe0455-93ba-440d-a3fe-553973d0b723

IO(Kernel) - c25a9b38-f3f6-43f9-881f-304db93a94d6

Licensing(WPP) - cbbedf3f-0fc4-490e-bcd1-5ed01cc1ee93

LSA - cc85922f-db41-11d2-9244-006008269001

MM(Radar) - e5b30460-9853-44e1-bcc4-d385e9058fdf

Mpssvc - 5eefebdb-e90c-423a-8abf-0241e7c5b87d

MPSSVCUI(WPP) - 10b149a5-436f-4799-a2af-be5268f8dbf1

MSMQ - f8354c74-de9f-48a5-8139-4ed1e9f20a1b

MSMQ - da1af236-fad6-4da6-bd94-46395d8a3cf5

MSMQ - a13ec7bb-d592-4b93-80da-c783f9708bd4

MSMQ - 90e950bb-6ace-4676-98e0-f6cdc1403670

MSMQ - 8753d150-950b-4774-ac14-9c6cbff56a50

MSMQ - 7c916009-cf80-408b-9d91-9c2960118be9

MSMQ - 71625f6d-559a-49c6-ba21-0aeb260db97b

MSMQ - 6e2c0612-bcf3-4028-8ff2-c60c288f1af3

MSMQ - 5dc62c8c-bdf2-45a1-a06f-0c38cd5af627

MSMQ - 485c37b0-9a15-4a2e-82e0-8e8c3a7b8234

MSMQ - 45033c79-ea31-4776-9bcd-94db89af3149

MSMQ - 322e0b22-0527-456e-a5ef-e5b591046a63

MSMQ - 1ac9b316-5b4e-4bbd-a2c9-1e70967a6fe1

MSMQ(WPP) - dcd4ea2e-10f1-4056-835c-8b9e86ef12e5

MSMQ(WPP) - 8fda2bbd-347e-493c-b7d1-6b6fed88ce04

MSPATCH - 09d2cf12-29bb-4fb2-b35b-ad99c670ce9a

MUP - 51734b23-5b7e-4892-ba8e-45bc110b735c

MUP - 20c46239-d059-4214-a11e-7d6769cbe020

NDIS - dd7a21e6-a651-46d4-b7c2-66543067b869

NDIS - 064f02d0-a6c4-4924-841a-f3badc2675f6

NetbtSmb - bca7bd7f-b0bf-4051-99f4-03cfe79664c1

NETIO - eb004a05-9b1a-11d4-9123-0050047759bc

ntuser - cddd71f0-6193-4475-b639-bcc300dc5373

ParentalControl - 01090065-b467-4503-9b28-533766761087

PartMgr - 0bee3bc5-a50c-4ec3-a0e0-5ad11f2455a3

PNP - a676b545-4cfb-4306-a067-502d9a0f2220

PnP(Kernel) - 9c205a39-1250-487d-abd7-e831c6290539

Pnp(Umbus) - 96ab095a-9519-4f5c-81ee-c510b0a45463

PnpFdprovider(WPP) - 6d04bf88-60a5-4d02-bc5c-94a20ba490ec

PowerMgmt - 331c3b3a-2005-44c2-ac5e-77220c37d6b4

PSHED - 7b563579-53c8-44e7-8236-0f87b9fe6594

PsProvider(Kernel) - 22fb2cd6-0e7b-422b-a0c7-2fad1fd0e716

Quarantine - 8aefce96-4618-42ff-a057-3536aa78233e

Radar - 9d3a5fa0-29f7-423f-b026-e4456abeef2c

Radar(WPP) - dc1271c2-a0af-400f-850c-4e42fe16be1c

SAM - f2969c49-b484-4485-b3b0-b908da73cebb

SAM - 8e598056-8993-11d2-819e-0000f875a064

SC - ebcca1c2-ab46-4a1d-8c2a-906c2ff25f39

Schannel - 37d2c3cd-c5d4-4587-8531-4696c44244c8

ScriptEngine - 196e57d9-49c0-4b3b-ac3a-a8a93ada1938

SCSIdisk - 945186bf-3dd6-4f3f-9c8e-9edd3fc9d558

Security(ClientHlp) - 301779e2-227d-4faf-ad44-664501302d03

Security(Digest) - fb6a424f-b5d6-4329-b9b5-a975b3a93ead


Security(Gina) - eb7428f5-ab1f-4322-a4cc-1f1a9b2c5e98 - This guid contains more

information than what was in userenv.log previously. It also contains home

directory mappings. This tracing replaces the profile section of userenv.log and

the home directory mapping in msgina checked builds on downlevel operating



Security(Gina) - 63a3adbe-9717-410d-a0f5-e07e68823b4d

Security(Kerberos) - bba3add2-c229-4cdb-ae2b-57eb6966b0c4

Security(Kerberos) - 6b510852-3583-4e2d-affe-a67f9f223438

Security(Something) - c2ba06e2-f7ce-44aa-9e7e-62652cdefe97

Security(SSPI) - c92cf544-91b3-4dc0-8e11-c580339a0bf8

Security(SSPI) - 5bbb6c18-aa45-49b1-a15f-085f7ed0aa90

Security(Umstartup) - 19d78d7d-476c-47b6-a484-285d1290a1f3

SecurityAudit - 54849625-5478-4994-a5ba-3e3b0328c91d

Shell - bcebf131-e4e6-4ba4-82fa-9c406002f769

Shell(Something) - 2955e23c-4e0b-45ca-a181-6ee442ca1fc0

Shell32 - 30336ed4-e327-447c-9de0-51b652c86108

ShellDiag - cfc18ec0-96b1-4eba-961b-622caee05b0a

ShellFrs - d4700b23-6dfe-4316-aee5-6c285db610c8

ShellPerf - afff9c82-5be3-4205-9b3e-49e014c09a63

ShellPerf(WPP) - 3e1fd72a-c323-4574-9917-5ce9c936f78c

ShipAssert - b48303bf-265e-43ce-8e74-54c123a92be7

SMSS_Subsystem - 43e63da5-41d1-4fbf-aded-1bbed98fdd1d

TaskSched - de7b24ea-73c8-4a09-985d-5bdadcfa9017

USB - 3a61881b-b4e6-4bf9-ae0f-3cd8f394e52f

USB_Hub - b10d03b8-e1f6-47f5-afc2-0fa0779b8188

UsbPort - d75aedbe-cfcd-42b9-94ab-f47b224245dd

volmgr(WPP) - f5204334-1420-479b-8389-54a4a6bf6ef8

WBEM - 8e6b6962-ab54-4335-8229-3255b919dd0e

WBEMCOMM - 1ff6b227-2ca7-40f9-9a66-980eadaa602e

WCP - d9504393-15b7-4c4a-8f2e-cb037f7d454d

win32k - e7ef96be-969f-414f-97d7-3ddb7b558ccc

Winlogon - 206f6dea-d3c5-4d10-bc72-989f03c8b84b

Winlogon(Something) - dbe9b383-7cf3-4331-91cc-a3cb16a3b538

Winlogon(WPP) - d451642c-63a6-11d7-9720-00b0d03e0347

Winsock2 - e53c6823-7bb8-44bb-90dc-3f86090d48a6

Winsock2(WPP) - 32b80351-6c34-4101-b3e2-737c3a5b675a



No TrackBacks

TrackBack URL: http://www.skar.us/site/mt-tb.cgi/2892

Leave a comment


Author Bio          ★★★★★

Author Name:         administrator
Author Location:    India
Author Rank:          Writer
Author Status:        
The Green leave stands!!



  • eBooks
  • Games
  • Softwares
  • Tools
  • Tweaks
  • Wallpapers
  • Warez
  • Games
  • Tools
  • Wallpapers
    System Administration
  • dll Center
  • Scripts
  • Tools
  • .extensions database
  • Write-up
  • Download Database
  • Jobs
  • Lists
  • Polls
  • Glossary

01000011 01110010 01100001 01100011 01101011 01111010 01101000 01100001 01100011 01101011