DNG

i trying start utilizing verisign wlan certificate within wireless environment, because blackberries can't told ignore server cert windows can be.  i've followed both microsoft's guide ( http://www.microsoft.com/downloads/details.aspx?familyid=1971d43c-d2d9-408d-bd97-139afc60996b&displaylang=en ) several guides verisign publishes purchasing , installing cert.  i'm relativly sure cert installed properly.  @ verisign walked me through doing on phone yesterday.  inside of ias had remote access policy wireless clients changed eap methods > select eap providers > protected eap (peap) > certificate issued | field new verisign class 3 wlan secure server ca instead of other cert.  when clients go connect error inside system event log: could not retrieve remote access server's certificate due the  following error: credentials supplied package not recognized directly followed error: access request user ourdomain\jvillarreal discarded.  fully-qualified-user-na

hi i have windows 2008r2 ad domain.  there compatibility issue install windows 2012r2 cluster service on 2 new nodes sql 2014 clustering?   thanks. hi, thanks post. i not see there domain level requirement windows 2012 r2 clustering. should no compatibility issue when installing windows 2012 r2 cluster service on 2 new nodes sql 2014 clustering in windows 2008 r2 ad domain. failover clustering hardware requirements , storage options https://technet.microsoft.com/en-us/library/jj612869.aspx before installing failover clustering https://msdn.microsoft.com/en-us/library/ms189910.aspx windows server 2012 failover cluster – enhanced integration active directory (ad) http://blogs.technet.com/b/wincat/archive/2012/08/29/windows-server-2012-failover-cluster-enhanced-integration-with-active-directory-ad.aspx best regards, alvin wang please remember mark replies answers if , un-mark them if provide no help. if have feedback technet subscriber support, contact t

hello, i need script enable service network load balancing (nlb), named windows load balancing service (wlbs). i use windows server 2003 standart r2 service pack 2. i don't want know how create cluster or add host it. i script following actions : go network card properties click on install select service select network load balancing click on ok uncheck network load balancing in network card properties this script permit me script adding of new host nlbmgr.exe console without getting error 0x80041002 "the link creation operation has failed" . thank help hello,   as issue related scripting, suggest discussing in our msdn forum. deal scripting issues , should best resource troubleshoot issue.   http://social.msdn.microsoft.com/forums/en-us/categories   i share script center reference: http://technet.microsoft.com/en-us/scriptcenter/default.aspx   tim quan ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ please reme

i have mixed domain 2003 sp2 standard primary domain controller , 2008 r2 secondary domain conroller both running dns.  frs service got turned off on 2003 pdc server , 2 servers got serverely out of date on replication.  pdc saw 2008 server beyond tombstone date , not replicate when restarted frs.  in trying fix ended having authoritative restore on pdc , restore group policies backup.  has pdc working ok "unable allocate relative indentifier" when try add new machine domain.  2003 pdc still not replicating 2008 dc.  shows pdc holds fsmo roles can't validate without replication.  question two-fold.  can demote 2008 server , allow pdc validate itself?  don't know if system let me demote has tried it?  have 1 other 2003 server on domain promote third dc.  allow pdc validate when replicated new third dc?  don't want have blow whole thing , start on though small domain few systems in it.  , advice appreciated. kg if server has reached tombstone life cycl

we have several internal websites redirected external website faked hijack.  comes , goes.  check dns setting , looks clean.  check make sure dns pollution enable.  scan dc malware or viruses , came no issue.  temporary fix either restart computer or run ipconfig /flushdns , ipconfig /registerdns.  check host file , nothing change.  has experience issue before?  weird not affect , comes , goes.  hi, 1. make sure no forwarding set unresolved queries on dns server. 2. remove root hints dns server if not required or can block dns server forwarding   queries root hint server creating root (.) zone on local dns server. 3. if restarting computer solves problem, can try disabling  'dns client' service on machine. disabling 'dns client' make machine send each dns query dns server , disable dns cache. 4. verify internal dns server dns server specified in tcp/ip configuration      of client machine. thank you.

i need allow limted user (domian user): 1.install software. 2.access & modify regedit 3.access , modify system variables need group policy , without adding user local administrators group on desktop. need settings applied ever user logged on (any machine in domain). as said, allowing "software installation". allow users access literally registry keys , file system places except user profiles of other users - not idea. if user profiles/data concern local admins of supporters, think redirecting user data server , secure them there (just suggestion). software installation can done using computer startup scripts. create script , call installer. installer must capable of running quietly - might wanna test that. using computer startup scripts deploy software, script (and therefore installer) runs in system context (hence priviledged install kind of software). as system variables, can group policy preferences: http://technet.microsoft.com/en-us/library/cc772047.aspx . if need

i've been on ms , web , can't find site has ntfrsutl.exe available download. it's not listed in windows 2000 resource kit tools here: http://support.microsoft.com/kb/927229 it available in windows 2003 resource kit wouldn't allow me install (said need xp or higher). does have links? tia. actually ntfrsutl.exe tool comes with frsdiag tool here: http://www.microsoft.com/downloads/details.aspx?displaylang=en&familyid=43cb658e-8553-4de7-811a-562563eb5ebf Windows Server  >  Management

estimados, estoy buscando una herramienta que monitoree los file server o mas bien los cambios nivel ntfs en éstos. la idea es que envíe una alerta cuando se produce un cambio. estoy buscando una que sea free. gracias. alejandro | especialista en infraestructura microsoft | ale,   lo que podes hacer es jugar con el eevent viewver. lo que yo hice fue buscar los eventos relacionados con cambios en el ntfs. y luego generar una regla para que de forma automatica envie un mail.   para hacer esto, activa la auditoria, busca los eventos que te interese. y luego podes utilizar el eventtriggers.exe que envia mails en base de event ids http://www.petri.co.il/how-to-use-eventtriggersexe-to-send-e-mail-based-on-event-ids.htm   tutorial para configurar auditorias:   primero tendrias que activar todos los objetos que queres auditar y luego filtrarlos para ver los realmente importantes. por ejemplo seguramente en tu empresa tendras creado un grupo contenedor el cual conti

i have been using kixart login scripts several years , has been working far.  easy use.  problem having is freeware (donation based) , security concern.  although working fine, want o use powershell, ad policies or else.  have forty different sites support different network mapping requirements.  @ same site have different mapping requirements based on group membership.  know if ad can support conditional mappings based on ad group membership, far have not been able find out how this.  powershell, i'm sure able use it. what guys think?  input. here powershell v1 function wrote years ago check group memberships, in logon script. can used check security group memberships, not distribution groups. evaluates tokengroups attribute of user (or computer), reveals nested group memberships , "primary" group, security groups. http://www.rlmueller.net/powershell/psismember4.txt the function evaluates tokengroups attribute of user or computer first time called , populat

hi all i refer article below, there fix ms issue?   we reviewing migration citrix remoteapp, causing reluctance in change. https://social.technet.microsoft.com/forums/en-us/44f33bd6-aa45-48cb-b886-352330e3f47c/win2012-std-basic-theme-problem-?forum=winserver8gen precis ------------- hello,  somehow windows basic theme broken, hyperlinks changed yellow, cant event read text on menus.  also rdp users have same problem when connect. how can fix ? i installed desktop experience, , aero theme ok on administrator rdp , other users on rdp have same problems.  i resolved following: i've tried (thank saad) open %windir%\resources. change security properties of "themes" folder , give full control permission account. enable inheritance apply setting sub folders, or, open "themes" folder, , give full control permission account on file "basic.theme".  this first step allow modify "basic.theme&qu

we have radius server allows our employees connect internet via 3g modems running through microwave link @ our offices. problem can access website (social, mature content etc). have local barracuda web filter our network in offices filters websites in order prevent abuse. please keep in mind network has internet connection. office network's gateway web filter's ip , microwave network has it's own gateway.  microwave gateway 192.168.x.12 barracuda web filter 192.168.x.5 is there way can configure radius server traffic through our local web filter? hi, radius server used authentication, authorization, , accounting. accept , evaluates access-request message sent radius clients. check user credentials , dial-in properties, combined network policies process authentication , authorization. once request accept, radius server notify network access server grant access clients , log related request. note that, after connections established, radius server not traffic for

i'm new admin in old environment, , there 1 windows 2000 server have been unsure why on network. on separate subnet (192.168.2.x) our primary network (192.168.1.x). domain specserv.domain.com while primary domain our network apex.domain.com. an old employee has returned , needs access files on server. cannot connect server on network, , on server there no internet access. when ping 192.168.2.1 machine on network reply. not have access hardware passwords of switches. anything can computer joined in network? possibly easy way suspend it's entire configuration , join via dhcp apex.domain.com domain? can add our apex.domain.com dc acknowledge , allow internet , connectivity specserv? ip config on server in question: ip / perferred dns: 192.168.2.2 gateway: 192.168.2.1 sm: 255.255.255.0 when ping 192.168.1.1 computer, no reply, when computer on our network attempts ping gateway address of subnet (192.168.2.1), replies come through. hi jrh311, coul

hello, thought doing real simple here.  have a file named sdedot.csv formatted follows: id,name ha996622,bobby ha224411,mary i tried running following load global security group id, or in our case, samaccountnames specified in sdedot.csv file, howerver no objects loaded group.  script runs , ends, producing no error messages not loading group members.  import-csv sdedot.csv | foreach-object { add-adgroupmember -identity myglobgroup -member $_.id } any ideas?  in advance. thanks help! sdedot well, figured out.  bonehead mistake on part.  executing following: import-module activedirectory | import-csv sdedot.csv | % { get-adgroupmember -identity mygroup $_.id } dropping 'import-module activedirectory' allowed rest of command work. thanks contributions. thanks help! sdedot Windows Server  > 

i running xppro , have 2003 server software on our server.  rms running fine until getting error everytime trying open protected document.  error is: "unexpected error occurred. please try again later or contact system administrator".  don't know not person installed rms.  did have 1 other time denied access files , steps below solved it.  in case doesn't appear licensing issue followed steps below no success.  super user enabled , set member of group. previous instructions old guy has since gone school masters: start --> programs --> windows rms --> rms admin.   the problem "licensor certificate" had expired. don't know this, took 2 mouse clicks fix it.   from main rms page (click above link). clicked on bottom left link (administer, etc). there, rather obvious red message told me expired, , offered "renew" button. hit it, told "automatic/online" , 2 seconds later (should be) fixed. then 1. logon given comp

hi all, we have ou in our domain holds bunch of universal distribution groups.  i'm trying use command combines dsquery dsget list of members of group , group names.  example: dsquery group ou=test,dc=contoso,dc=com | dsget group -members the above command lists of members each group doesn't list name of group well. ideas on how sneak name of groups in output well? any appreciated, thanks. it can done powershell ad cmdlets. acceptable? $groups = get-adgroup -searchbase "ou=sales,dc=mydomain,dc=com" -filter * foreach ($group in $groups) { $dn = $group.distinguishedname "group: $dn" $members = get-adgroupmember -identity $dn foreach ($member in $members) { " member: " + $member.distinguishedname } } richard mueller - mvp directory services Windows Server  > 

dear all,         have environment of user have laptop, , have small number of person, accessing small network here wireless through access point. have windows server 2003 here file server in office.        question how can give user file permission  required there division without authentication, how can give each of them effective permission. there utility can map user there respective network shared folder can set permission.  note: internet here in other machine server 2008 working nat shared internet connection. worry if setup active directory user authentication if make slow there machine  each user ... since connecting wireless in our network here. and considering of them have laptop, few number of person , , network accessing here wireless.. can can give me regarding this... regarding scenario , file mapping permission each person in different division. need  help             hi, as papp mentioned, need add users workgroup or domain in order ne

hello, i have virtualized domain controllers , know best way of backing these dcs. a) if backup bare metal using windows default backup tool able (1) restore same on new virtual server on same host? or (2) virtual server on different host or (3) same host no virtual configurations anymore (if happens have abandoned visualization) b) creating virtual server (disk) image better restoration on same host or on different host windows backup of the bare metal? nb : understand importance of regular system state ups. have same hardware types/models. thank you hi sirchigs, the best way backup using existing method of system state. if dc goes down never come backup, best method install fresh server , promote dc. can reset computer account , keep same name too. there 1 supported way perform backup , restore of virtualized domain controller: run windows server backup in guest operating system. if in hurry, win2012r2 supportes domain controller clonning. you should

i understand definition of autonomous , replica i'm confused implementation. lets have 2 wsus servers.  server1 @ corporate office , server2 @ branch office, server1 upstream, server2 downstream.  if set server1 autonomous, not propagate approval status etc. server2 need administered locally.  happens if set server2 in replica mode? change relationship?  or changing mode on server2 affect downstream partners of server2? in other words, if set server1 autonomous, set mode on server2? i hope question makes sense. thank clarification. i understand definition of autonomous , replica i'm confused implementation. lets have 2 wsus servers.  server1 @ corporate office , server2 @ branch office, server1 upstream, server2 downstream.  if set server1 autonomous, not propagate approval status etc. server2 need administered locally.  happens if set server2 in replica mode? change relationship?  or changing mode on server2 affect downstream partners of server2?

greetings! ok, have implemented wsus update workstations in our company environment. have idea, don't know possible achieve. in group policy object wsus able choose. every day or every exactly-day-name . but our wish this: ou: users receive windows update every mondays.... but ou: chiefs receieve every one week l8r ....   is possible achieve? idea have test-bunnies-group , production(real users) group... ? bostjanc is there other automated way, instead of manually approving updates every week? no. correct way manage scenario using wsus. lawrence garvin, m.s., mcitp:ea, mcdba, mcsa principal/cto, onsite technology solutions, houston, texas microsoft mvp - software distribution (2005-2011) mvp profile: http://mvp.support.microsoft.com/profile/lawrence.garvin blog: http://onsitechsolutions.spaces.live.com Windows Server  > 

server 2003 standard sp2 deleted , recreated backup schedule jobs, still same problem update windows server 2003 (kb940349) installed still same problem created scheduled tasks through backup utility schedule jobs tab. used server unc \\servername\e$\backups\machines\filename.bkf (sorry not giving actuall server name) sunday full backup of local c:\files unc \\servername\e$\backups\machines\localservername 1 1.bkf   with replace enabled on bi weekly schedule. monday through saturday incrementals backups of local c:\files unc \\servername\e$\backups\machines\locaserver 1 2.bkf  (1 2 monday, 1 3 tuesday, etc) replace enabled on bi weekly schedule. these 2 servers not part of domain , in same workgroup. the same user account password resides on both servers locally administrative rights. both servers can access each other , files account remotely fine. i can logged local machine, visit scheduled tasks , see of various backup jobs created, mimic backup utility lis

all of network accounts have user profile setup map home folder z: drive.  have windows xp sp3 clients.   noticed everytime open new command prompt, defaults z: drive.  also, when open "explorer ." opens z: drive.  i checked explorer.exe process in process explorer , says it's current working directory "z:\". this causing havoc workstations.  example, remote workstations slow because of this.  @ moments if connectivity lost, workstation grinds halt. if kill explorer.exe process, , launch new 1 command prompt it's current directory c: these problems go away. how tell initial windows explorer process use "c:" , not "z:"as current directory? see link http://support.microsoft.com/kb/307856 Windows Server  >  Directory Services

hi guys, i've still got same issue nvidia drivers , version of windows 10... have dual monitor setup. main asus rog swift pg278q(144) , secondary dell u3011(60). i'm running gtx titans in sli , when ever try n run rog swift @ on 60hz horizontal black line on both screens.  clear happens whether sli on or off & if run rog swift @ on 60hz. not happen @ in windows 8.1... pc i75930k, asus x99 deluxe, 16gb corsair ddr4(2800), sli gigabyte gtx titans(sli), main drive samsung sm941(256) plus couple other samsung ssd's, sb zxr. dual boot win8.1/win10.1074 on separate ssd's. Windows 10 Insider Preview  >  Windows 10 Insider Preview General

hi!   server os: windows 2003 r2 ad schema: w2003 r2 clients: windows xp swedish different sp versions.   i’ve installed printer management (windows 2003 r2) , got problems. i’ve created 1 security group each printer deployment make computers member of. i’ve created 1 gpo each printer following security settings: <picture gpo , security filtering each security group>   i’ve deployed printers this: <picture each printer deployed each gpo object. per-machine gpo>   one gpo running ”pushprinterconnections.exe” @ client. i’m giving computer accounts membership security groups (see above) , printers deploying. it’s working well. but when remove computer account security group printers not removed! when i’m logging ”pushprinterconnections.exe” get: ” microsoft windows operating system deploy printer connections utility v1.0 copyright (c) microsoft corporation. rights reserved.   ... logging enabled command line switch. ... logging

i've been searching similar thread luck.  i apologize in advance if out there already.  i have 2012 r2 server running rds.  my clients need use internet on limited basis through remote desktop client, have anti-virus installed.  what anti-virus solution recommended?  thank assistance. hi, have @ system center 2012 configuration manager's endpoint protection http://blogs.technet.com/b/configmgrteam/archive/2012/08/08/where-is-the-documentation-for-system-center-2012-endpoint-protection.aspx best regards, ryan mangan | ryanmangansitblog@wordpress.com | keep forums tidy, if has helped please mark answer Windows Server  >  Remote Desktop Services (Terminal Services)

my google-fu fails me *argh we have 2 afp shares hosted on windows 2003 servers. i upgraded of imacs os x 10.6 , we're having weird issue on both servers.   users can't overwrite folders have created. copy folders down desktop, work on files there, , copy whole folder up.   this time, when try copy folders server they'll ".ds_store file in use" the folder can't deleted well, same error message.   the thing is, if login file server via rdp, can delete .ds_store file. once file deleted, folder can overwritten again. process create .ds_store file , here go again.   any ideas? working fine few days ago. hi, i agree dilip. based on experience, anti-virus application cause file sharing problem , other file system issue on server. please check if have install anti-virus software on windows server 2003 computer. thanks. this posting provided "as is" no warranties, , confers no rights.

a windows filtering platform filter has been changed.   subject:  security id:  s-1-5-19  account name:  nt authority\local service  process information:  process id: 536  provider information:  id:  {decc16ca-3f33-4346-be1e-8fb4ae0f3d62}  name:  windows firewall  change information:  change type: %%16385  filter information:  id:  {e41d6206-4065-4331-b705-d81c0821c0ea}  name:  hp networked printer installer  type:  %%16388  run-time id: 67493  layer information:  id:  {88bb5dad-76d7-4227-9c71-df0a3ed7be7e}  name:  ale listen v4 layer  run-time id: 40  callout information:  id:  {00000000-0000-0000-0000-000000000000}  name:  -  additional information:  weight: 4611686018427387920   conditions:   condition id: {d78e1e87-8644-4ea5-9437-d809ecefc971}  match value: equal  condition value:      00000000  5c 00 64 00 65 00 76 00-69 00 63 00 65 00 5c 00  \.d.e.v.i.c.e.\.     00000010  68 00 61 00 72 00 64 00-64 00 69 00 73 00 6b 00  h.a.r.d.d.i.s.k.     00000020  76 00 6f 00 6c 00 75