Search This Blog

Monday, June 26, 2017

Repadmin Error 1722

Description
You are doing daily check of Active Directory replication on your Admin's machine using repadmin /replsum command.
You saw there are error 1722 at the bottom of the result.
You have checked that all the necessary port for Active Directory are open. You also verify using PortQry tool.
You try to perform WMI query from Admin's machine to the suspected DC but failed.
You logon to the suspected DC and all incoming replication are ok.


Resolution
Run the WMI query and monitor the network. Most probably there are some RPC traffic being dropped somewhere in the network. On Windows 2008 and above, please check for traffic running on RPC dynamic port (49152 - 65535).
Diposting oleh di No comments:
Label: ,

Sunday, August 2, 2015

Cannot Install Windows 2008 R2 Service Pack 1

Description

You are experiencing an error or problem when installing Windows 2008 R2 Service Pack 1. It says "Installation was not successful", error code 0x800f0826.

 
You have followed  the steps in https://support.microsoft.com/en-us/kb/2575082.
SYSTEM and Administrators already have Full Permission on usbstor.inf and usbstor.pnf files.
You have also follow http://windows.microsoft.com/en-ID/windows7/troubleshoot-problems-installing-service-pack to download and run the latest System Update Readiness Tool.
Other than those, you have also try to run sfc /scannow command but no error found.

At c:/windows/inf/Setupapi.dev.log you found a couple of errors similar to:
inf:      Opened INF: 'C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_neutral_b9280780a8000d4b\compositebus.inf' ([strings])
sto:      {Update Device: ROOT\COMPOSITEBUS\0000}
sto:           Updating installed driver version:
sto:                Driver Version Last     = 6/21/2006,6.1.7600.16385
sto:                Driver Version New      = 6/21/2006,6.1.7601.17514
!!!  sto:           Failed to update driver date. Error = 0x00000005
sto:      {Update Device: exit(0x00000005)}
sto: {Update Device Drivers: exit(0x00000005)} 12:07:37.106
!!!  sto: Failed to update devices for all driver updates. Error = 0x00000005

  inf:      Opened INF: 'C:\Windows\System32\DriverStore\FileRepository\umbus.inf_amd64_neutral_2d4257afa2e35253\umbus.inf' ([strings])
     sto:      {Update Device: ROOT\UMBUS\0000}
     sto:           Updating installed driver version:
     sto:                Driver Version Last     = 6/21/2006,6.1.7600.16385
     sto:                Driver Version New      = 6/21/2006,6.1.7601.17514
!!!  sto:           Failed to update driver date. Error = 0x00000005

Resolution

There's a missing permission on the registry that related to the drivers.

1. Download psexec.exe (http://technet.microsoft.com/en-us/sysinternals/bb897553)
2. Execute the following command from an elevated command prompt – ‘psexec /i /s cmd’
3. When a new command prompt opens execute regedit
4. Navigate to HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\COMPOSITEBUS\0000\PROPERTIES\
5. Verify that ‘System’ has ‘full control’ of each subkey. If not force inheritance from the ‘PROPERTIES’ key.
6. Test the install of SP1.

 
Diposting oleh di 1 comment:
Label: , , ,

Monday, August 5, 2013

Group Policy are not applying properly - event id 1054

Description:

You have a group policy setting that you want to deploy during computer startup. However it seems that the policy is not applying properly. Running gpresult command from the client machine shows no error. Running gpresult wizard from GPMC for the problematic machine shows GPO Core processing error preventing some policies from applying successfully. Running gpupdate /force will correct the situation and the settings will be applied successfully. 
At event viewer of the problematic computer, you found event id 1054, “Windows cannot obtain the domain controller name for the computer network. (The specified domain either does not exist or exist or could not be contacted). Group Policy processing aborted.”

Resolutions:

Please follow Microsoft's Knowledge Base Article KB840669 http://support.microsoft.com/kb/840669

As Per KB 840669, create a new DWord value on registry on:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Name: GpNetworkStartTimeoutPolicyValue
Value: 120

Restart the client computer. Settings can be applied successfully.
Diposting oleh di No comments:
Label: , , , , , , ,

Red X or Cross on Network Connection Icon - Windows 2008 R2


Description:

You found there's a Red X or Cross on Network Connection Icon.
Found some services stopped and cannot be started with access denied error.


Resolutions:

Ø  Check and add the registry permissions on the following key: 

•Regarding the BFE service, we have given “NT Service\BFE” account the following allow permissions on HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BFE:

Query Value
Set Value
Create Subkey
Enumerate Subkeys
Notify
Read Control 

•Regarding the NLA service, we have given “NT Service\NLASvc” account the following allow permissions on HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NLASvc:

Query Value
Set Value
Create Subkey
Enumerate Subkeys
Notify
Read Control

•Regarding the DPS service, we have given “NT Service\DPS” account the following allow permissions on HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DPS:

Query Value
Set Value
Create Subkey
Enumerate Subkeys
Notify
Read Control

Also it was necessary to give the same permissions to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\WDI\Config


• Regarding the Windows Firewall service, we have given “NT Service\mpssvc” account the following allow permissions on HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mpssvc:

Query Value
Set Value
Create Subkey
Enumerate Subkeys
Notify
Read Control

Also it was necessary to give the same permissions to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess

•Regarding the DHCP Client service, we have given Local Service account full control permissions on:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DHCP

•Regarding the Distributed Transaction Coordinator, we have given “NT Service\MSDTC” account the following allow permissions on HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSDTC:

Query Value
Set Value
Create Subkey
Enumerate Subkeys
Notify
Read Control

Also it was necessary to add Network Service account with “read, write, read & execute”  permissions to the file C:\WINDOWS\system32\MSDtc\MSDTC.LOG

> All of the services can be started after adding the security permission. Restart the computer to make sure.

Note:
If the issue happens again ,you may want to check for the group policy, or local policy, or application that modified the security permission on those above registry.

Diposting oleh di No comments:
Label: , , , ,

Monday, July 22, 2013

Windows PowerShell Syntax

> To list all the PowerShell commands available for group policy module:

Get-Command -module GroupPolicy
or
Get-Command *-GP*
 
> To list all the PowerShell commands available for active directory module:

Get-Command -module activedirectory
or
Get-Command *-AD*
 
> For more detail information about certain PowerShell commands:
 
Get-Help (commandname) -detailed
Get-Help (commandname) - examples
Get-Help (commandname) -full
or
Get-help (commandname) -online

 
Diposting oleh di No comments:
Label: , ,
Subscribe to: Posts (Atom)

Search Google