SYSVOL and NETLOGON are the shared from \\DOMAIN.NAME
Share name SYSVOL
Path C:\WINDOWS\sysvol\sysvol
Remark Logon server share
Maximum users No limit
Users
Caching Manual caching of documents
Permission Everyone, READ
BUILTIN\Administrators, FULL
BUILTIN\Authenticated Users, FULL
Share name NETLOGON
Path C:\WINDOWS\sysvol\sysvol\DOMAIN.NAME\SCRIPTS
Remark Logon server share
Maximum users No limit
Users
Caching Manual caching of documents
Permission Everyone, READ
BUILTIN\Administrators, FULL
Tuesday, December 6, 2011
fSMORoleOwner location on ADSIedit
- Domain []
-- DC (properties)
- Domain []
-- DC
--- CN=Infrastructure (properties)
- Schema []
-- CN=Schema (properties)
- Configuration []
-- CN=Partitions (properties)
-- DC (properties)
- Domain []
-- DC
--- CN=Infrastructure (properties)
- Schema []
-- CN=Schema (properties)
- Configuration []
-- CN=Partitions (properties)
Friday, December 2, 2011
Ncomputing over windows 2003 server problem and solution
Symptom
Error “Server yet not ready, try again a bit later” an error where the hpvcard.dll failed to initialize.
Solution 1
Add the following key to the host:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management]
“SessionImageSize”=dword:00000020
“SessionImageSize”=dword:00000020
Solution 2
Remove Security Update KB956572 also remove update KB958690
Symptom
Error "to log on to this remote computer, you must be granted the Allow log on through Terminal Services right. By default, members of the Remote Desktop Users group have this right. If you are not a memeber of the Remote Desktop Users group or another group that has this right , or if the Remote Desktop Users group doesn not have this right, you must be granted this right manually"
Solution 1
Add user to Remote Desktop User Group
Solution 2
Configure the security setting in Default Domain Controller Policy GPO:
1. Run gpmc.msc to open the Group Policy Management console.
2. Expand Domain Controllers, right-click Default Domain Controller Policy, and click Edit.
3. In the Group Policy Management Editor window, expand Computer Configuration\Windows Settings\Security Settings\Local Policies\User Right Assignment\Allow log on locally
4. Add User or Group and click OK three times to apply the settings.
5. Run gpupdate /force to apply the policy.
1. Run gpmc.msc to open the Group Policy Management console.
2. Expand Domain Controllers, right-click Default Domain Controller Policy, and click Edit.
3. In the Group Policy Management Editor window, expand Computer Configuration\Windows Settings\Security Settings\Local Policies\User Right Assignment\Allow log on locally
4. Add User or Group and click OK three times to apply the settings.
5. Run gpupdate /force to apply the policy.
Friday, October 14, 2011
Renewing the self-signed certificate Exchange Server 2007:
Exchange Server 2007 need to renewal a self-signed certificate for use with services like SMTP,IMAP, POP, IIS and Um every one year.
1. Find out your exchange certificate thumbprint with full information and services list
Get-ExchangeCertificate -domain “yourdomain.com” | fl
2. Get a new certificate with a new expiration date and an exportable private key:
Get-ExchangeCertificate -thumbprint “your_old_thumb_print” | New-ExchangeCertificate -PrivateKeyExportable $true
3. Type Y to continue creation of certificate. It'll show new thumbprint
4. Check services of new certificate:
Get-ExchangeCertificate -thumbprint “your_new_thumb_print” |fs
5. To add required/missing services:
Enable-ExchangeCertificate -thumbprint “your_new_thumb_print” -services IIS
6. To remove invalidates/expired certificate
Remove-ExchangeCertificate -thumbprint “your_old_thumb_print”
You need to Publish them to ISA for WebMail user
1. Using MMC from your mailserver
2. Add/Remove Snap-in > Add > Certificates > Local
3. Under Personal/Certificates, Select Your New Certificate
4. Right Click > All Tasks > Export > Next
5. Select Yes to export the private key
6. Provide password and check required option
7. It generated PFX file
8. Generated CER and/or P7B if required
9. Import to Trust
10. Under Trust/Certificate Right Click > All Tasks > Import > Next
11. Chose the CER file
12. Same Snap-in for your ISA server
13. Right Click > All Tasks > Import > Next
14. Chose the PFX file
15. Import to trust
16. Open ISA Server Management
17. ISAServer > Firewall Policy > Webmail
18. Double click Mail Listener
19. From Certificate tab, Select Certificate
20. Select your new and active certificate then Apply
1. Find out your exchange certificate thumbprint with full information and services list
Get-ExchangeCertificate -domain “yourdomain.com” | fl
2. Get a new certificate with a new expiration date and an exportable private key:
Get-ExchangeCertificate -thumbprint “your_old_thumb_print” | New-ExchangeCertificate -PrivateKeyExportable $true
3. Type Y to continue creation of certificate. It'll show new thumbprint
4. Check services of new certificate:
Get-ExchangeCertificate -thumbprint “your_new_thumb_print” |fs
5. To add required/missing services:
Enable-ExchangeCertificate -thumbprint “your_new_thumb_print” -services IIS
6. To remove invalidates/expired certificate
Remove-ExchangeCertificate -thumbprint “your_old_thumb_print”
You need to Publish them to ISA for WebMail user
1. Using MMC from your mailserver
2. Add/Remove Snap-in > Add > Certificates > Local
3. Under Personal/Certificates, Select Your New Certificate
4. Right Click > All Tasks > Export > Next
5. Select Yes to export the private key
6. Provide password and check required option
7. It generated PFX file
8. Generated CER and/or P7B if required
9. Import to Trust
10. Under Trust/Certificate Right Click > All Tasks > Import > Next
11. Chose the CER file
12. Same Snap-in for your ISA server
13. Right Click > All Tasks > Import > Next
14. Chose the PFX file
15. Import to trust
16. Open ISA Server Management
17. ISAServer > Firewall Policy > Webmail
18. Double click Mail Listener
19. From Certificate tab, Select Certificate
20. Select your new and active certificate then Apply
Thursday, September 15, 2011
Excel 2003 opens slower across the network
Symptoms:
After you install MS11-021 and the Office File Validation (OFV) Add-in for Office 2003 (KB 2501584), workbooks stored in a network location open slower over the network in Excel 2003 than they did without the OFV installedcompare to open from local drive.
Cause:
The OFV reads the file to determine whether the file is trustworthy before it opens the file. When this is done over the network it reduces performance because of the network traffic when reading in the parts of the workbook.
Solution:
You can use the EnableOnLoad registry entry to configure how you want Excel to handle opening workbooks for the OFV. By default, the EnableOnLoad entry is not present in the Windows registry.
[HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Excel\Security\FileValidation]"EnableOnLoad"=dword:00000000
More Info: http://support.microsoft.com/kb/2570623
After you install MS11-021 and the Office File Validation (OFV) Add-in for Office 2003 (KB 2501584), workbooks stored in a network location open slower over the network in Excel 2003 than they did without the OFV installedcompare to open from local drive.
Cause:
The OFV reads the file to determine whether the file is trustworthy before it opens the file. When this is done over the network it reduces performance because of the network traffic when reading in the parts of the workbook.
Solution:
You can use the EnableOnLoad registry entry to configure how you want Excel to handle opening workbooks for the OFV. By default, the EnableOnLoad entry is not present in the Windows registry.
- Start regedit
- Locate HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\
- Add New Key: Excel
- Under Excel, add New Key: Security
- Under Security, add New Key: FileValidation
- Under FileValidation, add DWORD Value: EnableOnLoad with default value is 0 which disables the validation.
Or you can create a reg files contain below text and execute them
Windows Registry Editor Version 5.00[HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Excel\Security\FileValidation]"EnableOnLoad"=dword:00000000
More Info: http://support.microsoft.com/kb/2570623
Wednesday, May 18, 2011
Old DHCP Servers appear in the list of Authorized servers
Symptoms:
1. You may see the old server’s name still listed when you view DHCP Authorized servers
2. You may get the following error: "There is no such object on the server” when tried to unauthorized
Solution:
Remove the objects from Active Directory using ADSIEDIT:
1. Start Adsiedit.msc.
2. Open the configuration Container.
3. Expand Services.
4. Expand Net Services.
5. On the right hand side, find a record named CN=DHCPRoot
6. Right Click the CN=DhcpRoot entry and then click Properties
7. Highlight DhcpServers Attribute and click Edit
8. Highlight the entry with the old Domain name and click Remove from DHCPServers Attribute. Click OK to close DHCPServers editor’s screen
9. Once deleted the DHCPServers value will be “not set"
10. Save the change by clicking OK and close Adsiedit.
11. Restart the DHCP server service
12. run the following command: “Netsh DHCP show server” to check
13. If the servers are still listed, run the command “netsh DHCP delete server ServerFQDN ServerIPAddress”
1. Start Adsiedit.msc.
2. Open the configuration Container.
3. Expand Services.
4. Expand Net Services.
5. On the right hand side, find a record named CN=DHCPRoot
6. Right Click the CN=DhcpRoot entry and then click Properties
7. Highlight DhcpServers Attribute and click Edit
8. Highlight the entry with the old Domain name and click Remove from DHCPServers Attribute. Click OK to close DHCPServers editor’s screen
9. Once deleted the DHCPServers value will be “not set"
10. Save the change by clicking OK and close Adsiedit.
11. Restart the DHCP server service
12. run the following command: “Netsh DHCP show server” to check
13. If the servers are still listed, run the command “netsh DHCP delete server ServerFQDN ServerIPAddress”
Tuesday, July 20, 2010
WRT54G v5 Management Mode to recover the router by uploading a new firmware image
Symptoms:
If you encounter an irrecoverable condition with the WRT54G v5, you can use Management Mode to recover the router by uploading a new firmware image. In Management Mode, the router will have just enough functionality to load a newer firmware. You should be able to recover the router is most situations.
Solution:
1: Unplug the power cord from the back of the router.
2: Hold down the Reset button.
3: While holding down the Reset button, plug back in the power cord to the router.
4: Continue to hold the Reset button for five (5) seconds. After five (5) seconds, release the button.
5: Wait for about one (1) minute.
6: Type in the router's IP address of http://192.168.1.1 into the Address field and press the [Enter] key on your wired connected computer Browser.
7: The Management Mode - Firmware Upgrade interface should appear.
NOTE: If you accidentally enter into Management Mode, you can exit by simply unplugging the power cord from the router and by plugging it back in.
8: Click Browse and locate the firmware file.
9: Click Apply to start the firmware upgrade process.
10: Once the firmware upgrade process has successfully completed, an "Upgrade Success" message will appear to confirm that the upgrade has ended.
11:Unplug the power cord from the back of the router and plug it back in -- this will restart your router using the new firmware.
More Info: http://linksys.custhelp.com/cgi-bin/linksys.cfg/php/enduser/std_adp.php?p_faqid=3176&p_created=1131055153&p_sid=Yy2tOZTh&p_lva=&p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzMzJnBfcHJvZHM9JnBfY2F0cz0mcF9wdj0mcF9jdj0mcF9zZWFyY2hfdHlwZT1hbnN3ZXJzLnNlYXJjaF9ubCZwX3BhZ2U9MQ**&p_li=&p_topview=1
If you encounter an irrecoverable condition with the WRT54G v5, you can use Management Mode to recover the router by uploading a new firmware image. In Management Mode, the router will have just enough functionality to load a newer firmware. You should be able to recover the router is most situations.
Solution:
1: Unplug the power cord from the back of the router.
2: Hold down the Reset button.
3: While holding down the Reset button, plug back in the power cord to the router.
4: Continue to hold the Reset button for five (5) seconds. After five (5) seconds, release the button.
5: Wait for about one (1) minute.
6: Type in the router's IP address of http://192.168.1.1 into the Address field and press the [Enter] key on your wired connected computer Browser.
7: The Management Mode - Firmware Upgrade interface should appear.
NOTE: If you accidentally enter into Management Mode, you can exit by simply unplugging the power cord from the router and by plugging it back in.
8: Click Browse and locate the firmware file.
9: Click Apply to start the firmware upgrade process.
10: Once the firmware upgrade process has successfully completed, an "Upgrade Success" message will appear to confirm that the upgrade has ended.
11:Unplug the power cord from the back of the router and plug it back in -- this will restart your router using the new firmware.
More Info: http://linksys.custhelp.com/cgi-bin/linksys.cfg/php/enduser/std_adp.php?p_faqid=3176&p_created=1131055153&p_sid=Yy2tOZTh&p_lva=&p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzMzJnBfcHJvZHM9JnBfY2F0cz0mcF9wdj0mcF9jdj0mcF9zZWFyY2hfdHlwZT1hbnN3ZXJzLnNlYXJjaF9ubCZwX3BhZ2U9MQ**&p_li=&p_topview=1
Subscribe to:
Posts (Atom)