Tuesday, August 23, 2005

Server Administration From XP

I've found a really useful tool from Microsoft that enables you to administer the Active Directory from your XP machines using custom consoles.

To do this, you need to first of all install the Windows Server 2003 Service Pack 1 Administration Tools Pack

Then simply create custom consoles (using MMC) and add in the Active Directory snap ins you require. This tool allows you to:

  • Add/Modify Users and Groups
  • Modify Group Policy
  • Modify Ad Objects
and a whole lot more!
Posted by at 3:05 AM 0 comments

Monday, August 22, 2005

Event Id 1054, Event Id 15 and Gigabit problems...continued!

After thinking I managed to combat these errors

Event Id 1517

Gigabit Network Problems

The error still came up on some machines and I've cracked it!

First thing to do is edit your group policy for all the computers in the domain (hopefully you've created one for this and are NOT using the default policy (NEVER mess with the default policy!))

and change this setting:

Computer Configuration\Administrative Templates\System\Logon

Always wait for the network at computer startup and logon ---- Enable this policy!

  1. Secondly on the problematic machine:
  2. type msconfig at the run prompt
  3. On Services, click hide all microsoft services, then click disable all
  4. On Startup, disable all

Now reboot the machine and fingers crossed there should be no instances of event id 15 or 1054

If this is the case, then relaunch msconfig and selectively re-enable the services and startup programs until you locate the problematic services or prog. If however you have had errors, then try using one of the links shown earlier as they should fix the issues.

Please note this fix ONLY applies to computers in an Active Directory environment

M3ckon
Posted by at 7:57 AM 0 comments

Monday, August 8, 2005

ntrights - one hell of a tool

Just found ntrights from the resourse kit for 2003 and is one hell of a good tool!

I was unable to change log on locally permission on specific machines as their settings were comming from the active directory. Anyway after some digging I found ntrights which allows you to change user permissions on specific machines from remote locations....nice!

To see the full list of permissions, look here

For a sample command, check this:

ntrights -u ftpuser -m backup +r SeInteractiveLogonRight
Posted by at 7:26 AM 0 comments

Monday, August 1, 2005

2003 member server MSDTC issues

Even after SP1 the following event log can still occur on a 2k3 member server:

53258MS DTC could not correctly process a DC Promotion/Demotion event. MS DTC will continue to function and will use the existing security settings. Error Specifics: d:\srvrtm\com\complus\dtc\dtc\adme\uiname.cpp:9280, Pid: 576No Callstack,CmdLine: C:\WINDOWS\system32\msdtc.exe

By all acounts it seems to be a known, yet undocumented bug and has a fairly srtraightforward fix:

  1. Got to component services
  2. Properties on my computer
  3. MSDTC
  4. click security settings
  5. click ok

This seems to restart the MSDTC security settings back to their defaults. Then restart the service:

net stop msdtc
net start msdtc

The error will then go away!!!
Posted by at 6:18 AM 0 comments

Thursday, July 28, 2005

Gigabit Network problems with 2003 Server

Gigabit networks and 2003 do not always work together first time. Quite often an error will apear in the event log which is detailed below. This error has a major affect on the active directory and will also slow down the network; negating the point of having gigabit!

Event Id: 1054

Description:
Windows cannot obtain the domain controller name for your computer network. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted.

Microsoft have put this problem down to having Media Sense enabled on your nics. To fix this problem you need to disable Media Sense and to do that, you need to modify the following registry value:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters

Add in a new DWORD value called DisableDHCPMediaSense

Give it the value of 1 to disable Media Sense


Hope this works!
Posted by at 2:55 AM 0 comments

Event Id 1517 User Profile Problems

Windows saved user Domain\User registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.

This error is all down to user profiles and rather than play with the registry, Microsoft have issued a very nice fix called the User Profile Hive Cleanup Service. The file can be downloaded from here http://www.microsoft.com/downloads/details.aspx?FamilyID=1b286e6d-8912-4e18-b570-42470e2f3582&displaylang=en
Posted by at 2:50 AM 0 comments

Tuesday, July 26, 2005

Eraser

This tool is once again very useful, it allows deletion of files and machines to military standards and is free.

It's very useful if you ever need to hide anything

http://www.heidi.ie/eraser/
Posted by at 4:21 AM 0 comments
Subscribe to: Posts (Atom)