Content Search

Custom Search

IP Address Lookup

Wednesday, December 31, 2008

VMWare - Cannot start Client Machine - Failed to lock the file

Description
You have setup a VMWare host and configure a couple of client machines inside.
One day you want to start the client machine but recieve an error "cannot open the ***********.vmdk or one of the snapshot disks it depends on. Reason: Failed to lock the file." You are certain that nothing is using that file.

Resolution
Find the file with *.lck extension inside the VM directory on the host machine. Rename the extension into something else. Try to start the VM client again.

Friday, November 7, 2008

Script to Add Windows Registry Keys

You can add / create windows registry key through command line by using REG.Exe tool.

Example:

Reg Add HKLM\Software\Classes\Excel.Sheet.8\ /v Browserflags /t REG_DWORD /d "8" /f

/v value name to add, under the selected Key
/t RegKey data types:
[ REG_SZ, REG_MULTI_SZ, REG_DWORD_BIG_ENDIAN, REG_DWORD, REG_BINARY, REG_DWORD_LITTLE_ENDIAN, REG_NONE, REG_EXPAND_SZ ] If omitted, REG_SZ is assumed
/d data to assign to the registry ValueName being added
/f force overwriting the existing registry entry without prompt

Thursday, October 2, 2008

Outlook 2003 and ISA Firewall Client

Description

You need to enable user with Outlook 2003 to connect to external POP3 and SMTP server.
You have created an access rule in Internet Security and Acceleration (ISA) 2006 server. Also, you have installed ISA firewall client at the user computer. However the user still cannot connect to the external POP3 and SMTP server through Outlook 2003 even though you can telnet to those ports from the command prompt.

Resolution

Modify the Firewall Client Setting in ISA 2006

  1. Open the ISA management console, expand the server name and the expand the Configuration node.
  2. Click on the General node.
  3. In the General node, click on the Define Firewall Client Settings link in the Details pane.
  4. In the Firewall Client Settings dialog box, click the Application Settings tab.

  5. Click the Outlook entry and then click the Edit button. In the Application Entry Setting dialog box, change the Value from 1 to 0. Then click OK.
  6. On the Application settings tab, click Apply and then click OK. Then click Apply to save the firewall policy.

Next, on the client computer you need to refresh the firewall client configuration. You can do this by double clicking the Firewall client icon in the System Tray. On the General tab, click the Test Server button. You’ll see the Testing ISA Server dialog box and the name of the ISA firewall will be solved and the Firewall client will download the new configuration file.

Email stuck at "Messages awaiting directory lookup" SMTP queue in Exchange Server 2003 or in Exchange 2000 Server

Description

Have you ever had an issue where all your mails get stuck at "Messages awaiting directory lookup" SMTP queue in Exchange? However this issue seems to be happening locally to certain storage group only. Other storage groups have no issue with email flow.
You have configured message journaling / archiving on the Exchange server.

Resolution

Make sure that the message archive location is a valid mailbox. If you had move the user account to another OU or container, please move it back again to the original location.
Restart the IIS Admin Service.

How to Uninstall Internet Explorer

If you want to uninstall Internet Explorer and you cannot find the uninstall option at Add or Remove Programs in Control Panel, try this:

  1. Use Windows Explorer and go to C:\Program files\Internet Explorer.
  2. Right click the folder Uninstall information and click Properties.
  3. Uncheck the hidden mode and press OK.
  4. Go to C:\Program files\Internet Explorer\Setup.
  5. Run setup.exe and follow the wizard.

Sunday, August 3, 2008

How to Uninstall Microsoft Operation Manager 2005 from Your Domain?

Uninstall MOM 2005 components in the following order.
1. Active Directory Helper Object - From Add/Remove Programs at each client
2. Agents - From MOM 2005 Console
3. Reporting Server
4. Web Console
5. Management Server(s)
6. Operators Console, Administrator Consoles
7. Operational Database
8. Data Warehouse
Note:
In a tiered environment, we recommend that you uninstall the child Management Groups and then the parent Management Group.

Limitation on Proxy Exceptions in Windows 2003 Group Policy Object Editor

From Microsoft KB302224

Description
When you use the Group Policy Object Editor, and you configure the proxy settings, the text box that contains the proxy exception list may be truncated if more than 255 characters are used. Also, if you previously clicked to select the Do not use proxy server for local check box, the check box may be cleared. Because of a limitation in the way INS files are read, the proxy exception list is limited to 255 characters. The Do not use proxy server for local check box appends the text ";" to the end of the list. This text is eight characters long, and the 255 characters must include these characters. Therefore, when you click to select the Do not use proxy server for local check box, the total length of the exception list is actually 247 characters.

Resolution
Apply Windows Server 2003 Service Pack 2. After you install this hotfix, the proxy exception list is limited to 1024 characters.

Missing Files in Certain Folders on Windows Server

Description
On your Windows 2003 server some files in certain folders are missing. However when you rename the folder to other name, the missing files suddenly appear. If you rename the folder back to the original name, the files are missing again. You already check the security permission, possible viruses and malware, but everything seems to be normal.

Resolution
You should check whether you had programs that hide/lock/protect those files from appearing. One of the example is a program called Lock Folder XP. These programs run on Kernel mode and cannot be seen from user mode process monitoring. You can use Rootkit Revealer and Process Explorer from Microsoft SysInternals to try to watch the process.
After you found the program that cause the issue, you can try to uninstall it.
You may need to supply the correct password to uninstall or modify the program.

Monday, June 30, 2008

"Messages awaiting directory lookup" SMTP queue in Exchange 2003

Description
Suddenly you see an error "Messages awaiting directory lookup" on one of your Exchange Server 2003. Email cannot be send to/from those Exchange Server. They just stuck on your SMTP queue. Your other email server is working normally.

Resolution
One area that you might want to check when you see this error message in your Exchange Server is whether your storage group configured for Journalling or not.
If the answer is yes, you might want to check about the account that you use for Journalling.
In my case the account was move to other OU and simply return it back to the original OU resolve the issue.

There is a Microsoft Knowledge Base 884996 that you might want to check for further Information regarding this matter.

Sunday, June 8, 2008

Supported Guest OS on Windows Server 2008 Hyper-V

Supported Guest OS

The following is the list of guest operating systems that will be supported on Hyper-V.

Windows Server 2008 x64 (VM configured as 1-, 2-, or 4-way SMP)

  • Window Server 2008 Standard x64
  • Window Server 2008 Enterprise x64
  • Window Server 2008 Datacenter x64
  • Windows Web Server 2008 x64

Windows Server 2008 x86 (VM configured as 1-, 2-, or 4-way SMP)

  • Window Server 2008 Standard x86
  • Window Server 2008 Enterprise x86
  • Window Server 2008 Datacenter x86
  • Windows Web Server 2008 x86

Windows Server 2003 x86 (VMs configured as 1- or 2-way SMP only)

  • Window Server 2003 Standard x86 Edition with Service Pack 2
  • Window Server 2003 Enterprise x86 Edition with Service Pack 2
  • Window Server 2003 Datacenter x86 Edition with Service Pack 2
Windows Server 2003 x64 (VMs configured as 1-way only)

  • Window Server 2003 Standard x64 Edition with Service Pack 2
  • Window Server 2003 Enterprise x64 Edition with Service Pack 2
  • Window Server 2003 Datacenter x64 Edition with Service Pack 2
Linux Distributions (VMs configured as 1-way only)

  • SUSE Linux Enterprise Server 10 with Service Pack 1 x86 Edition
  • SUSE Linux Enterprise Server 10 with Service Pack 1 x64 Edition
Supported Client Operating Systems
  • Windows Vista Business x86 with Service Pack 1 (VMs configured as 1-way only)
  • Windows Vista Enterprise x86 with Service Pack 1 (VMs configured as 1-way only)
  • Windows Vista Ultimate x86 with Service Pack 1 (VMs configured as 1-way only)
  • Windows XP Professional x86 with Service Pack 3 (VMs configured as 1-way only)

Sunday, May 11, 2008

How to Install Active Directory Using Restored Backup Media

By installing Active Directory from restored backup media, you can reduce the replication traffic that is initiated during the installation of an additional domain controller in an Active Directory domain. Reducing the replication traffic reduces the time necessary to install the additional domain controller. The procedures in this task are particularly useful for installing domain controllers in remote sites.

To install Active Directory from restored backup media:
1. Click Start, click Run, type dcpromo /adv, and then press ENTER.
2. In the Active Directory Installation Wizard, select Additional domain controller for existing domain.
3. Select From these restored backup files, and point to the same location where you restored the system state data.
4. If the domain controller whose system state backup you are using is a global catalog server, the Active Directory Installation Wizard asks you whether you want this server to also be a global catalog server.
5. Give appropriate credentials for the operation.
6. Enter the domain of the new domain controller. This domain must be the domain of the domain controller whose system state backup you are using.
7. Complete the remaining pages of the Active Directory Installation Wizard.

Dcpromo.exe will install Active Directory using the data present in the restored files, which eliminates the need to replicate every object from a partner domain controller. However, objects that were modified, added, or deleted since the backup was taken must be replicated. If the backup was recent, the amount of replication required will be considerably less than that required for a regular Active Directory installation.

Saturday, May 10, 2008

DsRemoveDsDomainW error 0x2015 when removing metadata from Active Directory

From Microsoft KB887424
Description
When you use the Ntdsutil command-line tool to try to remove metadata for a domain controller that was removed from your network, you may receive the following error message:
DsRemoveDsDomainW error 0x2015 (The directory service can perform the requested operation only on a leaf object).


Resolution
To resolve this issue, follow these steps:
1. Click Start, click Run, type ntdsutil, and then press ENTER.
2. At the Ntdsutil command prompt, type domain management, and then press ENTER.
3. Type connections, and then press ENTER.
4. Type connect to server Domain_Controller_Name, and then press ENTER.
5. After the following message appears, type quit, and then press ENTER:
Connected to Domain_Controller_Name using credentials of locally logged on user
6. At the domain management prompt, type list, and then press ENTER.
7. Note the following entry:
DC=DomainDnsZones,DC=Child_Domain, DC=extensionFor example, if the child domain is Contoso.com, note the following entry:
DC=DomainDnsZones,DC=contoso,DC=com
8. Type the following command, and then press ENTER.
delete nc dc=domaindnszones,dc=Child_Domain,dc=extensionNote In this command, Child_Domain represents the name of the child domain that you want to remove. For example, if the child domain is Contoso.com, type the following command, and then press ENTER:
delete nc dc=domaindnszones,dc=contoso,dc=com
9. Quit Ntdsutil.

How to remove an oprhaned domain from Active Directory

Description:
For some reason you have to force demote one of your child domain.
You have follow Microsoft KB216498 "How to remove data in Active Directory after an unsuccessful domain controller demotion". You have remove the cname record in the _msdcs.rootdomain of forest zones in DNS. Also there're no A record and Name Server record of it on DNS. You also have deleted the server name from AD Sites & Services.
However when people logon, they can still see that child domain at the Log on to field. You want it to be disappear from there.

Resolution:
Removing Orphaned Domains from Active Directory (Microsoft KB230306)

1. Determine the domain controller that holds the Domain Naming Master Flexible Single Master Operations (FSMO) role. To identify the server holding this role:

  • Start the Active Directory Domains and Trusts Microsoft Management Console (MMC) snap-in from the Administrative Tools menu.
  • Right-click the root node in the left pane titled Active Directory Domains and Trusts, and then click Operations Master.
  • The domain controller that currently holds this role is identified in the Current Operations Master frame.NOTE: If this changed recently, not all computer may have received this change yet due to replication.
2. Verify that all servers for the domain have been demoted.
3. Click Start, point to Programs, point to Accessories, and then click Command Prompt.
4. At the command prompt, type: ntdsutil.
5. Type: metadata cleanup, and then press ENTER.
6. Type: connections, and then press ENTER. This menu is used to connect to the specific server on which the changes will occur. If the currently logged-on user is not a member of the Enterprise Admins group, alternate credentials can be supplied by specifying the credentials to use before making the connection. To do so, type: set creds domainname username password , and then press ENTER. For a null password, type: null for the password parameter.
7. Type: connect to server servername (where servername is the name of the domain controller holding the Domain Naming Master FSMO Role), and then press ENTER. You should receive confirmation that the connection is successfully established. If an error occurs, verify that the domain controller being used in the connection is available and that the credentials you supplied have administrative permissions on the server.
8. Type: quit, and then press ENTER. The Metadata Cleanup menu is displayed.
9. Type: select operation target, and then press ENTER.
10. Type: list domains, and then press ENTER. A list of domains in the forest is displayed, each with an associated number.
11. Type: select domain number, and then press ENTER, where number is the number associated with the domain to be removed.
12. Type: quit, and then press ENTER. The Metadata Cleanup menu is displayed.
13. Type: remove selected domain, and then press ENTER. You should receive confirmation that the removal was successful. If an error occurs, please refer to the Microsoft Knowledge Base for articles on specific error messages.
14. Type: quit at each menu to quit the NTDSUTIL tool. You should receive confirmation that the connection disconnected successfully.

SQL Query Statement

I am not a database administrator, but the other day i need to extract some data from a database. I can logon to the SQL Database, but I am not quite sure where the data is.

After some browsing around i found out that it can be done using a simple SQL query statement.

Here is the example:
SELECT Name, Comment, CollectionID (fieldname)
FROM v_Collection (tablename)
WHERE Name LIKE 'All Windows%'
ORDER BY Name

Saturday, April 12, 2008

Outlook RPC over HTTP doesn't work with 3G or fast connection

When you are out of the office and using Outlook with RPC over HTTP to connect to your Corporate email, you may have to enable the “on fast network, connect using HTTP first, then connect using TCP/IP” on the Microsoft Exchange Proxy Settings.

Example:
You are using 3G USB modem that have speed up to 7.5 MB.(This is most likely not the true internet speed you get, but this what windows detected). Outlook will consider it as fast network. If the above option is not selected, outlook will automatically go with TCP/IP for connection. Your outlook would not be able to connect to the mail server.

However if you put the check mark on, Outlook will go for HTTP and it should be able to connect to the mail server.


Of course the consequence is that you will be prompt to enter your Windows account authentication all the time when you open Outlook whether inside or outside Petrosea Office.


Note:
Outlook determines a user's connection speed by checking the network adapter speed on the user's computer, as supplied by the operating system. Reported network adapter speeds of 128 KB or lower are defined as slow connections. There may be circumstances when the network adapter speed does not accurately reflect data throughput for users.


Saturday, April 5, 2008

A duplicate name exist error when connecting to SMB share using CNAME alias

Description
When you are setting up CNAME alias in DNS for a Windows 2003 Server and then try to connect to server using CNAME alias, you may encounter "a duplicate name exists on the network" error.

Resolution
To resolve this problem in Windows Server 2003, complete the following steps:
1. Create the CNAME record for the file server on the appropriate DNS server, if the CNAME record is not already present.
2. Apply the following registry change to the file server. To do so, follow these steps:
a. Start Registry Editor (Regedt32.exe).
b. Locate and click the following key in the registry:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Parameters
c. On the Edit menu, click Add Value, and then add the following registry value:
Value name: DisableStrictNameCheckingData

type: REG_DWORD
Radix: Decimal
Value: 1
d. Quit Registry Editor.
3. Restart your computer.

Monday, March 31, 2008

GPRS / 3G Settings in Indonesia

Excelcomindo
APN :
www.xlgprs.net
Username: xlgprs
Password: proxl

IM3
APN:
www.indosat-m3.net / wap.indosat-m3.net
Username: gprs
Password: im3

Indosat(Matrix)
APN: satelindogprs.com / indosatgprs
Username: -

Password: -

Telkomsel
APN: internet / telkomsel
Username: wap
Password: wap123

Sunday, March 30, 2008

Tools For DNS Testing and Validation

Here are some of the websites that I often use for DNS validation or testing from external network perimeter.
Whenever you do email troubleshooting, website lookup, and or domain whois, you will find that these websites are quite helpful.

  1. www.dnsstuff.com > This is the best one I think. It has a lot of tools and the result are very accurate and fast. You can query and get almost every information here. However you have to pay to get the service. They are not free anymore. Trial period are available.
  2. www.zonedit.com/smtp.html > You can send email testing from this website for validation or troubleshooting. All you have to do is put the email server MX record, sender address, and recipient address.
  3. www.mxtoolbox.com > Through this tool you can query MX record from a domain name.
  4. http://network-tools.com/nslook > You can do NSLookup query for A record, CNAME, PTR, MX, NS, etc to certain server through this tool.
  5. http://www.dnstools.com/ > Besides getting IP whois information, you can also do port checking status from this website.

Sunday, February 24, 2008

How to use Blackberry 7100 as a modem

For those who don’t know, here are the steps:

1. Connect your BlackBerry 7100 (BB 7100) with computer through USB cable.
2. Activate the Blackberry Handheld Manager and or Blackberry Device Manager (Depends on the Blackberry software version) and make sure the status is connected to the device.
3. Open Device Manager. Expand Modems and double click on Standard Modem.
4. Go to advance tab, add extra initialization command +cgdcont=1,”IP”,”your_apn_name” (depends on your network provider).
For example I put; cgdcont=1,”IP”,”satelindogprs.com” for Indosat Network. Sometime you may have to put a different format such us; +cgdcont=1,”IP”,”satelindogprs.com”,””,0,0
5. After that, do a test query on your modem. You should see what type of modem, Research In Motion, etc.
6. Create a new Internet Connection. On number to dial type in *99#. Leave the password and username blank.
7. Last, depends on the Network Provider, you may have to enter the DNS server IP on TCP/IP Property. In my experience, most of the time leaving the DNS setting to be automatic should be fine. Confirm with your Network Provider about the IP or if you find any difficulty connecting to the Internet.
8. Dial the newly created connection and have fun trying.

How to configure a display message when users log on to the Windows 2003 domain

You can configure Windows Server to display a message to users when they log on. The message appears after the user presses CTRL+ALT+DEL and disappears after the user clicks OK. After the message disappears, the user can complete the logon process.

Configuring a Group Policy Setting for a Domain:
1. On the domain controller, start the Group Policy Management snap-in.
2. Expand the forest object in the left pane.
3. Expand the domains object in the left pane. Expand yourdomain.
4. Right Click Default Domain Policy, and then click Edit.
5. Expand the following folder:
Computer Configuration\Windows Settings \Security Settings\Local Policies\Security Options
6. In the right pane, double-click Policies, and then follow these steps to create the message text:

> On a Windows Server 2003-based domain controller:
a. Click Interactive logon: Message title for users attempting to log on, and then type the text that you want to appear in the title bar of the message dialog box.
b. Click Interactive logon: Message text for users attempting to log on, and then type the text of the message that you want to appear in the message dialog box.
> On a Windows 2000-based domain controller:
a. Click Message title for users attempting to log on, and then type the text that you want to appear in the title bar of the message dialog box.
b. Click Message text for users attempting to log on, and then type the text of the message that you want to appear in the message dialog box


Note: If you do not use carriage returns in your display message, the maximum number of characters that you can add to the logon box is 512. If you add carriage returns, you can add up to 2048 characters (512 characters per line).

Sunday, February 17, 2008

Managing Distribution/Security group membership from Microsoft Outlook

We can manage the membership of a distribution or security group through Microsoft Outlook if they have an email address setup.
1. Go to the user properties at Active Directory Users and Computers.
2. Click the Managed By tab, click change, choose the name to be the manager of the group.
3. Give check mark on the ‘Manager can update membership list’.

To modify the membership through Microsoft Outlook
1. At Microsoft Outlook, open Address Book
2. Double click on the distribution group name.
3. Under the distribution group properties, click Modify Members.
4. Under Distribution List Membership, click Add. Choose the name to be the member of the distribution list.
5. Click OK 3 times.

How to setup an automatic reply in Outlook 2003/Outlook 2007

The following is done from Microsoft Outlook:
1. On the Tools menu, click Rules and Alerts.
2. In the Rules and Alerts dialog box, click the New Rule button on the E-mail Rules tab.
3. In the Rules Wizard, click the Start from a blank rule button, click Check messages when they arrive, and then click Next.
4. Under Which condition(s) do you want to check?, click to select the Sent Only To Me check box or any other check box that you want, and then click Next.
5. Under What do you want to do with the message?, click to select the Have server reply using a specific template check box.
6. On the Step 2: Edit the Rule Description page of the wizard; click the underlined phrase a specific message.
7. Compose a reply message in the Outlook Editor window. Fill in the subject field, click save and close.
8. Complete the Rules Wizard instructions, click Finish, and then click OK.

Since this is a server based rule, we don’t have to keep the outlook open in order for the rule to be applied.
Note: By default exchange doesn’t allow automatic reply message to be send to external user. You must allow it through Exchange System Manager.

Networking Infrastructure in Windows 2008 – What’s new?

>Installation
Simplified windows configuration
All versions are available in single DVD. Choose which version during installation.
After Installation we can configure the server through Initial Configuration Task Overview.
(Setup the administrator username & password, IP, domain/workgroup, windows update, windows firewall, etc)
Have configurable Server Roles and Features.
All configurations are done through Server Manager Console.
Example of Server Roles: AD Domain Service, DNS, DHCP, File Server, etc
Example of Features: Failover Clustering, Storage Manager for SAN, etc
>Networking
Truly support IPv6 – 128 bit
Network Access Protection availability
Non-comply computer can be directed to isolated segment or denied access
>Server Core Installation
No GUI
For Installation of Role Functionality in Windows 2008
We cannot install other application here.
For better performance and security
>Windows backup
VSS enable on Drive directly
Backup to Bootable CD/DVD
Default backup schedule is full + incremental
>Windows Deployment Service
The Next of RIS
For Installing OS and or Application
Several Image type: Boot Image, Install Image, Capture Image, Discover Image
>Windows Server Virtualization
The Next of Virtual Server 2005
Differencing support on VHD files
Virtual Network use VLAN ID for better performance
Dedicated Processor/RAM blocking on WSV for certain Guest Computer
Support x-64 guest OS
>Clustering & NLB
No more need for a VLAN for geo clustering
No 500 ms limitation for heartbeat

Active Directory in Windows Server 2008 – What’s new?

Ø Active Directory Role in Windows Server 2008
o Active Directory Domain Services (ADDS) – this is like the current AD
o Active Directory Certificate Services (ADCS)
o Active Directory Federation Services (ADFS) – for possible access between two different organization
o Active Directory Lightweight Directory Services (ADLDS) – this is like ADAM in Windows 2003
o Active Directory Rights Management Services (ADRMS)
o Active Directory Read Only Domain Controller (ADRODC) – truly new feature
Ø ADLDS contains customize AD attribute, mainly use for application in DMZ and it is read only too. No authentication and doesn’t support exchange.
Ø ADRMS – for Intranet, Website, Email, and document
Ø For RODC implementation must have at least Windows Server 2003 forest functionality and one Windows Server 2008 DC
Ø By default RODC doesn’t keep password. A password replication policy must be setup. PDC emulator on the Domain must run on Windows Server 2008.
Ø Local Administrator can be set on RODC without giving access to Active Directory.
Ø Improved Auditing in AD
o Directory Service Access (current)
o Directory Service Change
o Directory Service Replication
o Detailed Directory Service ReplicationAuditing is not setup by default. When it’s enable, it can track AD object creation, deletion, modify, or movement.

How to audit Active Directory account management in Windows 2003?

The following was taken from one of conversation on Microsoft Managed Newsgroup.

By default, Windows Server 2003 system ships the following Audit policies:
> Audit account logon event
> Audit account management
> Audit directory service access
> Audit logon events
> Audit object access
> Audit policy change
> Audit privilege use
> Audit process tracking
> Audit system events

To audit add/deleting events, you may open Default Domain Controller Policy, locate Computer Configuration\Windows Settings\Security Settings\Local Policies\Audit Policy, enable "Audit account management" with Success.

After that, when a new user is created on a domain controller, the following event will be logged:

Event ID: 624
Type: Success Audit
Description: User Account Created:
New Account Name: %1 New Domain: %2
New Account ID: %3 Caller User Name: %4
Caller Domain: %5 Caller Logon ID: %6
Privileges %7

When an existing user is deleted on the domain controller, the following event will be logged:
Event ID: 630
Type: Success Audit
Description: User Account Deleted:
Target Account Name: %1 Target Domain: %2
Target Account ID: %3 Caller User Name: %4
Caller Domain: %5 Caller Logon ID: %6
Privileges %7

We can monitor event 633 and 632 which records security enabled global group membership removed/added.

E.g. you, domain\administrator1 have removed/added user1 from/to group1.
And the following events will be recorded.

Event ID: 633 (logged when you remove a user from a security group)
Type: Success Audit
Description: Security Enabled Global Group Member Removed:
Member Name: CN=user1,CN=Users,DC=domain,DC=com.
Member ID: domain\user1
Target Account Name: domain\administrator
Target Domain: Domain
Target Account ID: domain\group1
Caller User Name: administrator1
Caller Domain: domain

Event ID: 632 (logged when you add a user from a security group)
Type: Success Audit
Description: Security Enabled Global Group Member Added:
Member Name: CN=user1,CN=Users,DC=domain,DC=com.
Member ID: domain\user1
Target Account Name: domain\administrator
Target Domain: Domain
Target Account ID: domain\group1
Caller User Name: administrator1
Caller Domain: domain

We can audit who at what time, modifies which attribute of the user. But we cannot see what's the
Workstation or what's the application. To audit the property change issues, follow the below steps:

1. Enable the Auditing for Directory Services Access for Success in the Default Domain Controller Policy.
2. Go to the Security of the User account you want to audit and Enabled the Auditing for WRITE ATTRIBUTES for Everyone.

We will get the 566 event when any one will change any Attribute like

Event Type: Success Audit
Event Source: Security
Event Category: Directory Service Access
Event ID: 566
Date: 07/06/2007
Time: 11:14:56
User: ALPINESKIHOUSE\t1
Computer: ASH-DC1
Description:
Object Operation:
Object Server: DS
Operation Type: Object Access
Object Type: user
Object Name: CN=t6,CN=Users,DC=alpineskihouse,DC=com
Handle ID: -
Primary User Name: ASH-DC1$
Primary Domain: ALPINESKIHOUSE
Primary Logon ID: (0x0,0x3E7)
Client User Name: t1
Client Domain: ALPINESKIHOUSE
Client Logon ID: (0x0,0x67A9AEE)
Accesses: Write Property

Properties:
Write Property
Public Information
Department
user

Additional Info:
Additional Info2:
Access Mask: 0x20

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

3. Now to check on which DC the change was initiated you can take the
Repadmin report as Follow
Repadmin /showmeta "DN OF THE USER" and you can see the Originating DC and the timestamp.

Sunday, February 10, 2008

Windows 2000/2003 Active Directory Deployment Guideline

When you are deploying active directory in a large environment especially in multiple domain and multiple site, there’s a lot of thing to be done.

Depends on your design, here are among a few top important things that you must configure/remember during the Deployment:
Ø Recommended to place Global Catalog on each site.
Ø Don’t put Global Catalog and Infrastructure Master Role on the same Domain Controller server.
Ø Create a proper subnet, site, and Site Replication Path on Active Directory Sites and Services console.
Ø For child domain configuration, set DNS delegation from root domain.
Ø Choose Active Directory Integrated DNS type.
Ø Enable, configure, and authorize DHCP server for each site if needed.
Ø Enable WINS for NETBIOS names resolution if needed.

How to add Additional Mailbox in Microsoft Outlook 2003/2007

On Outlook 2003/2007, just click on tools > email account / account settings> click view or change email account.
Double click on Microsoft exchange server> click more setting > go to advance tab> add additional mailbox. Type "user name", click ok twice, and click next, finish, done.

Automatic Signature with Exclaimer 4.20 in Exchange 2003 Server are not shown in email messages.

To resolve it try the following:

1. Go to command prompt.
2. In the command prompt, please type IISReset. Wait for the process to stop and restart.
3. Once it has re-started, close the command prompt window and navigate to Program files/Exclaimer folder.
4. In this folder is a file called QAHelper. Run the QAHelper file.
5. Click on uninstall.
6. Once that is done click on install.

Note: IISReset usually do the trick, no need to run the QAHelper.

How to use the O2 Personal Digital Assistant keyboard

To be able to use this keyboard, please follow these steps:

1. Make sure the keyboard turn on. To make sure, slide the on/off switch on the left side. Try to press some buttons, if the keyboard light up it means the keyboard is active.
2. Uncheck the “Beam” settings on Start > Settings > Connections > Beam
3. Install the O2 keyboard software from the Accompanying CD to the PDA.
4. After the software installed on O2 PDA, click Start > Program > O2 Keyboard
5. Mark on “Active Keyboard”.
6. Pull the Infra Red antenna from the keyboard and direct it to the O2 Infra Red Port.

Thursday, February 7, 2008

Receiving unwanted meeting related information in Outlook Inbox

Description
A user complains that he is receiving unwanted meeting related information in his Inbox. You examine the meeting details and found out that it doesn’t contain the user email address in the required, optional, or resources field. The meeting invitations were addresses to other email address.
Resolution
Most likely that one of the mailbox in the required, optional, or resources field of a meeting invitation has delegation setting to that user. On each mailbox, check the Delegate setting on Microsoft Outlook.
On Outlook, click Tools > Options > Delegates. See whether delegates are setup. Check on the permission details. Clear the ‘Delegates receive meeting related information send to me’.

Monday, February 4, 2008

Internet Explorer 7 stuck at first run welcome page

Description
Have you ever had an experience when IE 7 stuck at the first welcome page every time you run it? Even if you have set the default home page setting to other website in AD Group Policy. No virus or spyware detected.

Resolution
You might want to check registry on the computer.
Type regedit on command prompt:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\RunOnceHasShown
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\RunOnceComplete
Make sure both registry are exist and have value 1.
Restart the IE.

Saturday, February 2, 2008

Error when rebuilding Offline Address Book in Exchange 2003

Description
The other day when I try to update the Offline Address Book in my Exchange Server, I get an error like this:
Exchange System Manager Error. The information store could not be opened.
The logon to the Microsoft Exchange server computer failed.
MAPI 1.0 ID no: 80040111-0286-00000000
ID no: C1050000 Exchange System Manager

Resolution
Make sure that the DNS and Active Directory are function correctly in your domain. Run DCdiag and Netdiag to make sure everything is ok.
Restart the Domain Controller and then restart the Exchange Server.

Error message 0x86000108 when trying to sync Windows Mobile 5.0 device with Exchange 2003

Description
If your organization uses Exchange 2003 as mail server and windows mobile 5.0 as the push email client, it's more likely that once a while u will receive the error message 0x86000108 when you sync email message.

Resolution
Look for the corrupted item in inbox, contact, task, or calendar. Move the corrupted item away to other place. Sync the device. After it works, you can move back the item again.

Quote of the Day