DNG

hi is there command or batch file can make through can modify attributes of users in active directory? can create large number of users through dsadd command in 1 click, in same way can make changes ad attributes e.g manager name of few users, designation or title of few users in ad comand line or batch file? i have small idea first users detail dsquery command , pipe dsmod command, don't have exact command line. please help. regards, ravi bhanot  you on right track... use dsmod.  exact command line refer url:   http://technet.microsoft.com/en-us/library/cc732954.aspx for example add phone number user account use "dsmod userdn -tel 5555551234" i recommend using excel write batch files save excel spread sheet text (ms-dos).  you'll need clean text file bit before can run batch file though. http://www.chrislooney.com mcitp: enterprise administrator (server 2008), mcse: security 2003/2000, mcse: messaging 2003/2000, mcitp: exchange 2007, mcts:sharepoint 2007 (admin,

i trying set re-occurring task. want server restart every day in evening when no 1 @ office. our main operating program runs better when server restarted on consistent basis. have tinkered creating task cannot figure out how schedule re-occurring restart. any appreciated. this create task restart every day @ 9pm schtasks /create /sc daily /tn restart /tr "shutdown - r -f ""restart""" /st 21:00 http://technet.microsoft.com/en-us/library/cc725744.aspx       regards, dave patrick .... microsoft certified professional microsoft mvp [windows] disclaimer: posting provided "as is" no warranties or guarantees , , confers no rights. Windows Server  >  Windows Server General Forum

as best can tell, rdp server locked down users saving items rdp server using group policy, or access within computer, etc. there 1 website permitted browser, users can't save within browser, , windows explorer doesn't open up. seems work expected 1 exception: there custom made application, , when users prompted export file, users can see libraries | documents, , can save file rdp server there. there on 150 accounts on system, , accounts dynamic, it's not feasible change ntfs permissions on each users' documents folder, , can't find else within group policy fill fix this. have thoughts? hi， thanks posting. given situation here don't want user save on rdp server, did consider use temporary profile user? in way when user log off file deleted automaticly. besides, if don't want use temporary user profile, maybe can redirected user profile place , create file screen redirected user documents folder. https://technet.microsoft.com/en-us/library/cc73

hi, when trying load piece of software server in (ad) trusted domain on (w7) client warning "this file outside local network blah blah blah..". the fix has been browse control panel - internet options - security - local intranet - sites. in here enable "include local (intranet) sites not listed in other zones" , "include network paths (uncs)" check boxes. click advanced , add ip range containing software eg "10.113.50.*" unchecking box requiring https. this works fine on per pc per user basis.  i want deploy clients on network users. i have tired gpo using: user configuration - policies - windows settings - internet explorer maintenance - security - security zones , content ratings this didnt seem work. ideally i'd roll out registry key fix when looking in registry section (hkcu\software\microsoft\windows\currentversion\internet settings\zonemap) it listed under ranges - range37 (spybot s&d has created list of rated ip r

okay, think we've messed things time. we've had 2 dc's running windows server 2003, and, until recently, they've been co-existing peacefully. then, on 1 of them (we'll call "dc1"), c: drive filled , admin supposed watching didn't notice (we don't use else other dc). so, replication stopped happening dc2 dc1 because drive full. then, condition lasted longer tombstone lifetime, dc's stopped *trying* replicate until had dealt lingering objects. well, tried of ways of running repadmin /removelingeringobjects found on net, "invalid arguments" error, no explanation why. so, couldn't remove lingering objects. wasn't bad, because our domain changes and, i've read, issue forcing replication lingering objects present deleted objects can come life in domain. well, wouldn't of issue, used registry tell dc1 go ahead , replicate, though tombstone lifetime had been exceeded. and seemed work. now, we're seeing host o

hi im setting domain contrller , application server on 1 machine for project purpose i know not best method own project not business network diagram domain controller ------------switch---------------router-------------switch------------pc normal (or on domain) i installed sever 2008 set domain contrller abc.com create user in ad installed wamp server now here issue when connect normal pc on router on network , type abc.com access website on server but when connect pc router , add pc domain login user , type abc.com not acess website can 1 please help should  follow guide http://www.petri.co.il/using-globalnames-zone-window-server-2008.htm and whats www record hvnt told me whats host headers a hostheader , url configure in website properties in webserver. example, can set hostheader www.abc.com , abc.com single ip address. can create website called xyz.com, in dns create xyz.com, create www entry under xyz.com. in website properties in webserver,

hi im trying users of list of activesync device id's. stored in variable named $list. if try this, no result: ½ foreach ($d in $list) { get-activesyncdevice -filter {deviceid -eq $d} } if exspected results: foreach ($d in $list) {get-activesyncdevice | ? {$_.deviceid -eq $d} } any ideas? try... get-activesyncdevice -filter "deviceid -eq '$d'" that's single quotes around $d, , double quotes around whole filter. Windows Server  >  Windows PowerShell

hi, i have created certificate below parameter in inf file through local standalone 2008 r2 ca & imported computer personal certificate store unable see certificate entry while trying select under remote desktop connection. somewhere saw should have private key in personal certificate store didn't how/where key. reason, m unable select certificate or there missing in input parameter used in inf file. kindly suggest problem. [newrequest] subject="cn=server.domain.com" exportable=true keylength=2048 keyspec=1 keyusage=0xf0 machinekeyset=true [enhancedkeyusageextension] oid=1.3.6.1.5.5.7.3.1 oid=1.3.6.1.5.5.7.3.2 oid=1.3.6.1.4.1.311.54.1.2 regards, dhiraj hi, problem resolved now. have done below 2 changes. --> used keyusage=0xa0 in inf file. --> imported certificate through certreq -accept. earlier importing cert mmc. i think second point resolved problem. didn't think mmc & command can make difference. dhira

hello. want report bug. i use remote desktop multiple servers of them open in fullscreen on separated virtual desktops. when switch 1 of them , want close cmd+q hotkey, closes next 1 desktop instead of current. another bug connection error dialog, contains ok button, perfect if can add "retry" button connect again instead of opening app , double clicking. best rdp app. hi, i suggest try use cmd+w, closes front window. regarding feature suggestion remote desktop mac, suggest you submit or vote requirement within remote desktop mac user voice webpage, comment highly appreciated: https://remotedesktop.uservoice.com/forums/287834-remote-desktop-for-mac more information you: mac keyboard shortcuts https://support.apple.com/en-us/ht201236 please note: since web site not hosted microsoft, link may change without notice. microsoft not guarantee accuracy of information. best regards, amy please remember mark replies answers if , un-mark them if provide

i using pci disk device. have set san policy offlineshared. when restart system disks in offline state, expected? if expected, there way make disk come in online state after system restart? hi, it depends on actual bus used device. expected if pci disk device behave scsi device. you need set san policy onlineall make sure volumes online right after boot. mcp/mcsa/mcts/mcitp Windows Server  >  Group Policy

does know whether there supported upgrade path server 2012 release candidate rtm? thanks nigel i note in technet details per this: http://technet.microsoft.com/library/jj134246.aspx supported upgrade paths upgrades version windows server 2008 , windows server 2008 r2 supported. however, upgrades same server edition supported. you not able upgrade subsequent releases release. must limit testing throw away vm's rather useful evalulation. Windows Server  >  Windows Server 2012 General

hi guys! today i'm going mad! is possible run powershell script daemon ? i have confused ideas it's better if tell what's in mind: i need create message (something keep attention) if open files particular extensions folder fileserver. i think: maybe powershell can read directly fileserver kind of files open , open files! but can't run script 1 time only, need to keep script running. ok, maybe scheduling can resolve last thing please tell me if underlined things possible please! a hi a, i find function can open files , user on file server: function get-openfiles{ param( $computername=@($env:computername), $verbose=$false) $collection = @() foreach ($computer in $computername){ $netfile = [adsi]"winnt://$computer/lanmanserver" $netfile.invoke("resources") | foreach { try{ $collection += new-object psobject -property @{ id = $_.gettype().invokemember("name", ‘getproperty’, $null, $_, $null) itempath = $_.gettyp

scenario i've taken online clone of 1 of virtual window 2003 enterprise domain contoller doesn't hold roles. removed clone domain controller network & powered on. now want log domain controller using domain admin credentials it's not working. i s there way log in domain controller taken out of network using domain admin id ? i can log in restore mode that's not i'm looking for, need log in dc using domain admin credentials while it's not in network. this lab purpose. hi yankee, have cached credentials on domain controller before cloned one? i tested if cache credentials, users able log on when domain controllers offline. if not, can try clone after cached credentials test again, please note not take cloned dc online, lead usn rollback. more information you: cached domain logon information http://support.microsoft.com/kb/172931/en-us running domain controllers in hyper-v http://technet.microsoft.com/en-us/library/virtual_active_di

hi all, i had installed wsus 64bit on windows server 2003, , working fine one of colleague installed kaspersky administration kit it's using microsoft sql server, can not  open wsus , there error message decide re-install again first, removed wsus , kept database during installation had error said: there problems windows installer package. program run part of setup did not finish expected, contact support personnel or package vender immediately decide remove , begin scratch followed site uninstalled manually. http://blogs.technet.com/b/sus/archive/2008/11/05/how-to-manually-remove-all-of-wsus.aspx i have been removed of wsus when tried re-installed again there error logs check please: 2011-03-01 15:57:04  success   mwussetup          validating pre-requisites... 2011-03-01 15:57:04  error     mwussetup          failed determine if higher version of wsus installed. assuming not... (error 0x80070002: system cannot find file specified.) 2011-03-01 15:57:04  error

the domain win 2k8 r2 native. the user file servers mixed of 2k3 r2 , 2k8 r2. desktops win7. some of users "my documents" folder redirected home folder on server correctly. others "my documents" folder to c:\users\johndoe   happens both users home folders on 2k3 r2 server , on 2k8 r2 server any thoughts?   thanks,   luyi   appreciated replies , thank gunter , shaon shan.   we paid microsfot support team break problem. ran mps report on fsmo dc. , find : {67e3b111-1e5b-474d-ae3c-df9ba9a7dfb6} mis-placed at \\fsmodc\sysvol\companyname\policies\{7c0d9321-a62c-43e9-9e12-256e6761d99b}\{67e3b111-1e5b-474d-ae3c-df9ba9a7dfb6 }  i copied right location <a href="> <p>then</p> <p>net stop ntfrs</p> <p> </p> <p>hkey_local_machine\system\currentcontrolset\services\ntfrs\parameters\backup/restore\process @ startup</p> <p> </p> <p>edit dword value "d4"</p&g

hi, as know in windows xp/2000/2003/ there possibility run application, bat file or vbs after stopping performance counter. i'm managing lots of servers , created performance counter automatically using logman application. on these os above never had problems it, different situation server 2008. it seems there no option run app after stopping datacollecter, see can provide task: even in create option of logman command there is: -[-]rc <task>                 run command specified each time log closed. in 2003 server: -[-]rc <filename>             run command specified each time log closed.   is impossible? if want run a .exe or .cmd after data collector set stops, it needs defined task first. using task scheduler, can define task (e.g., "run_my_script"). then, need specific task name "run scheduled task when data collector set stops". Windows Server

hi, when try enable "shadow copies" on each volume via shadow copy window fails error: " failed create shadow copy of volume c:\. error 0x80042306: shadow copy provider had error. check system , application event logs more information. " i've tried multiple solutions, including: 1) created hkey_local_machine\system\controlset001\services\volsnap\mindiffareafilesize value of 960 2) tried this  http://ccolonbackslash.com/2012/05/31/server-2008-r2-vss-volsnap-error-the-shadow-copies-of-volume-c-were-aborted-because-of-a-failed-free-space-computation/ 3) tried updating vssvc:  https://support.microsoft.com/en-us/kb/2877115 4) checked vss providers - stable , without errors  5) checkdisk says disks fine 6) re-registering dlls doesn't help 7) drives ntfs. else can try? need vss work able backup stuff azure. regards, hi, please check if using default ms provider. try key below: 1.click start, click

how run domain prep different domain in our forest? do have logged in user other domain or on server in other domain? thanks,jb enterprise technology blog you need prep each domain domain admin equivalent user on domain.   you can use enable-csaddomain cmdlet -domain parameter. http://technet.microsoft.com/en-us/library/gg412764.aspx turgay Windows Server  >  Directory Services

hi all, when read windows 2008 r2 security log, found out it's different windows 2003 security logs.  windows 2003 security logs, there event 529, 538,540 etc...about logon events.  but, in windows 2008 r2 server security logs, can not find these events , different formats etc... is there way make windows 2008 r2 security logs read windows 2003 security logs? what missing? thank you. no , don't think missing anything.  here few links touch on this: http://blogs.msdn.com/b/ericfitz/archive/2007/04/18/vista-security-events-get-noticed.aspx http://blogs.msdn.com/b/ericfitz/archive/2009/06/10/mapping-pre-vista-security-event-ids-to-security-event-ids-in-vista.aspx   dave guenthner [msft] posting provided "as is" no warranties, , confers no rights. http://blogs.technet.com/b/davguents_blog Windows Server  > 

i have win2k8 domain dozens of xp machines running vms in virtual pc 2007. how can list ad of these vms? i've figured out how vms hosted on hyper-v using powershell, can't figure out vms hosted on virtual pc 2007. tia, roshan hi,   you can check following blog.   how use active directory identify , track virtual machines http://www.lazywinadmin.com/2010/12/how-to-use-active-directory-to-identify.html   important note: response contains reference third party world wide web site. microsoft providing information convenience you. microsoft not control these sites , has not tested software or information found on these sites; therefore, microsoft cannot make representations regarding quality, safety, or suitability of software or information found there. there inherent dangers in use of software found on internet, , microsoft cautions make sure understand risk before retrieving software internet.     best regards, vincent hu    

dear all, i going change ftp server winows 2003 winows 2008 r2, , wnat know how transfer local users , groups , shared settings win2003 win2008 server. note: not active directory members. any step step appreciated. many thanks, you can use procedure - http://technet.microsoft.com/en-us/library/dd379531(v=ws.10).aspx i not sure shared settings.   santhosh sivarajan | houston, tx http://www.sivarajan.com/ posting provided no warranties,and confers no rights. Windows Server  >  Migration

the question: why don't see server 2012 (that there, sure have bunch of 2012). sorry image taken small  (sometimes happens on forum site). please zoom see thx. --- when hit wrong note next note makes or bad. --- miles davis why don't see server 2012 (that there, sure have bunch of 2012). https://blogs.technet.microsoft.com/windowsitpro/2017/01/13/simplified-servicing-for-windows-7-and-windows-8-1-the-latest-improvements/ * note:  months no new windows security or reliability fixes not have security or monthly rollup release ; example, january 2017 windows 8.1, windows server 2012 , 2012 r2 . similarly, months no new reliability fixes preview not have preview rollup; december 2016 , january 2017, example. don [doesn't work msft, , they're glad ;] Windows Server  > 

i have 2 isa servers on hyper v , hard drive isa's on out of space. there maintenance (remove log files etc..), can done (other shrink volume , defrag) allow more sace on drive? thx,l this might help: extend & expand system partition/c drive without reinstalling windows http://www.partition-magic.org/server/extend-system-partition-c-drive.html also please check isa forum: forefront tmg , isa server http://social.technet.microsoft.com/forums/en-us/forefrontedgegeneral/threads Windows Server  >  Security

hello, fellow forum dwellers, i'm experiencing issues wsus client management , couldn't find answer in library or forums. decided write here: issue when registering new computer wsus , assigning group, updates, have been assigned group aren't released computer (searching yield list available default group). after hours (i'm trying measure how many) updates become available intended. why bother me? wouldn't bother me permanent clients (using term "client" refer wsus client, independently of actual os type), of our work spent rolling out devices customers (who ought receive them updated). non-uniform, preinstalled non-updated hardware , os rule out preupdated installation images unfortunately. putting significant delay in our time spent on each individual device (and putting serious bottleneck in our operation). infrastructure: wsus os: windows server 2003 r2 wsus version: 3.2.7600.226 computer-folder assignment: serverside client-c

hi, i’m in need of registry setting enable following ie security setting i.e. “allow automatic logon current username , password”. i’ve deploy setting across client machines (xp, vista, windows 7) members of domain. tried gpo setting below, ·          go user configuration ·          policies à windows settings à internet explorer maintenance à security à security zones , control ratings ·          select “import current security zones , privacy settings” , click modify settings ·          select internet tab , choose “allow automatic logon current username , password”. but these changes not taking place in gpo i.e gets reverted default settings.     can pls me how apply ie settings on clients using ad gpo. i’m looking out registry setting set allow automatic logon current username , password.   regards, pradeesh hi,   please clarify following questions first:   1.      would please describe how did configure , apply gpo in detail? 2.

i trying out eval version of windows server 2012 standard, downloaded , burned dvd when installing (clean install) copies files , starts install gives me following error "setup cannot continue due corrupted installation file. contact vendor of installation disc or system administrator". have downloaded 3 times , burned 3 times. ideas? if browse through , other forums, find not uncommon issue. resolved downloading location or through different isp.  corrupted copy somehow ends on cache server somewhere in path between , microsoft copy, , every time try copy, copy same corrupted version.  downloading different location/isp can find different path uncorrupted copy. either that, or there problem burning mechanism.  can create usb installation instead of dvd see if still happens? . : | : . : | : . tim Windows Server  > 

hi, trying access work desktop home mac laptop , getting following error no or guidance on means. please advise need next, thanks.  error:  the user cannot connect server due insufficient access privileges (code insufficientprivileges(9)) hi, please make sure user account has permissions connect remote system. if have configured allow log on through terminal services (remote desktop services) group policy setting, ensure user account included within the setting. more information you: allow log on through terminal services https://technet.microsoft.com/en-us/library/cc758613(v=ws.10).aspx best regards, amy please remember mark replies answers if , un-mark them if provide no help. if have feedback technet subscriber support, contact tnmff@microsoft.com . Windows Server  > 

good morning everyone!! i have need monitor group of mailboxes older messages...i found script.  obviously new powershell, want able check multiple mailboxes (script single mailboxes) without running 25different times.  so remembered foreach command.  so add script list of mailbox names script?? would get-content?  i not sure here...like said...i newbie... i appreciate help! kevin #######################################################################   # author  : tom anderson  -  http://tomandersonpro.net   # date    : 18-03-2013      # comment : this script checks the oldest item receive date for mails   #         : in the specified mailbox. if a mail older than 10 minutes    #         : is present an e-mail notification is sent.   # history :   #######################################################################     #### set current date and correct format    $date  = ( get-date ).tostring( 'g' )    ### set mailbox identity   $ma

hi folks, i need make specific change each of users , use roaming profiles.  in particular, need change setting: [hkey_current_user\volatile environment] "appdata"="\\\\<dfs>\\users\\profile\\<username>\\appdata\\roaming" to setting: [hkey_current_user\volatile environment] "appdata"="c:\\users\\<username>\\appdata\\roaming" i think inclusion of the variable username prevents me doing group policy, happy proved wrong.  so medium hard way , update registry on domain controller (window server 2008r2), opposed hard way -- desktop visits. so, user portion of registry kept roaming users? thanks help, chris. hello chris, i need make specific change each of users , use roaming profiles you can use gpp changing value: mvp group policy - mythen, insiderinfos und troubleshooting zum thema gpos: let's go, use gpo! Windo

we have servers without dvd drives , need ability use usb thumb drive install windows 2008 r2.  know of free tool creating bootable thumb drive installation of windows 2008 r2? thanks! hi,   you can check following blog:   installing windows 7 using usb thumb drive http://blogs.technet.com/aviraj/archive/2009/02/01/installing-windows-7-using-usb-thumb-drive.aspx     best regards, vincent hu   Windows Server  >  Windows Server General Forum

we have few users set use folder redirection follows: gpo user configuration->folder redirection right click on documents left click on properties. on target tab,  setting :basic - redirect everyone's folder same location. target folder location is: redirect the user's home directory. settings tab default, checked , leave folder in new location when policy remuved, selected in ad users , computers on users properties, in profile tab, connect selected , set \\someserver1\usersdocs had move documents location , changed to: \\someotherserver1\usersdocs  and on machines event id 106: failed perform redirection of folder documents. full source path < \\someserver1\usersdocs >. full destination path < \\someotherserver1\usersdocs  >. @ least 1 of shares on these paths lie offline.    and on shutdown , sturtup tries sync old location. tried delete ofline cache: http://support.microsoft.com/default.aspx?scid=kb;en-us;230738 find share c

i have been failing resource in the msdtc cluster service, trying whole msdtc service ( shown under services , applications ) to fail per failover tab settings. on service failover tab settings, have :  max failures = 4 period = 6 hours. on the resource policy tab of resource simulating failures on,  have  period restart = 10 mins max restarts in period = 2 if restarts fail rstart after 10 mins. i can keep failing resource, , on 3rd within 10 mins go swap nodes expect, nevers seems lock out , go fail state after 4 attempts, expecting. have missed or misunderstood how cluster policy should work?   understanding setting "4" max failures in specified period , after 4 simulated resource failures, whole service should fail , stay offline. any thoughts welcome! cheers after fails on (on 3rd failure) come online on next node? (i expect to). once comes online, counter reset.

i run web service (https://www.gloebit.com) , have developed plugin opensimulator virtual world platform.  this works customers running opensimulator on linux servers.  opensimulator , our plugin both written in c#.  the opensimulator thread crashes when opensimulator server attempts make https call our web server (exception stack trace below).  as said, works fine when opensimulator run via mono on linux server.  i crash customer running windows server 2012 ( https://social.technet.microsoft.com/forums/windowsserver/en-us/15e7f5bd-c8ad-4a3c-9a53-0f3a8c632690/valid-certificate-fails-validation-procedure-but-works-from-ie-on-server?forum=winserver8gen#15e7f5bd-c8ad-4a3c-9a53-0f3a8c632690 ), may more generic windows server issue.  i've used ssl checker  (https://www.sslshopper.com/ssl-checker.html#hostname=www.gloebit.com) verify our certificate , chain valid.  i've pulled ssl report  ( https://www.ssllabs.com/ssltest/analyze.html?d=www.gloebit.com&hideresults=on&am