Como

hi i have deployed printers via gpo , printers have deployed correctly exception of few. the printers not deploy client workstations have different permission ones deploy correctly. if add group print permission printers appear, not want have print permission want a few members of staff to able print.  does know if group has have print permission printers appear when deployed through gpo? thanks in advance shane walford someone else having same issue reported in post. https://social.technet.microsoft.com/forums/windowsserver/en-us/da80a891-2b2c-454b-afb6-48d2de189494/cant-deploy-printer-via-gpo-without-everyone-in-printer-security?forum=winserverprint if using group policy preferences deploy printer connection, i'd suggest posting the group policy forum also.  alan morris formerly windows printing team Windows Server ...

so thinking yesterday hardware hyperv failover cluster.  using csv ibm san.  3 servers have physical nodes.  have 76gb hard drive.  servers have 2 12-core processors.  - since have csv , vhd's stored on san - why need 2 12 core processors on servers?  doesn't prociessing come san's controllers i'm using?  perhaps need modify architecture of cluster.  so question - why need 2 12-core processors on servers?  wouldnt need 'heave-duty prcoessors' on san controllers?  zach zach smith hi,   a san storage store vms, processor of san handle lots of disk related i/o operating. however, operating on computer need own processor. example, if want play movie stored on san, processor on computer decode movie , play on screen, instead of san processor.   by way, if there misunderstanding, please feel free let me know.     best regards, vincent hu   ...

does know how remove child domain 2008 ad? i created child domain , had 1 dc in it, server crashed , no longer available. i tried using ntdsutil when try select site under list domains keep getting following error no matter site choose: error parsing input-invalid syntax i tried restore of system state using symantec backup agent doesn't seem work, server not rejoin domain , can not connect child domain in. please , in advanced. ok caused conflict in shema or because ntdsutil.exe utility can recognize only certain relative distinguished names...you should check that. since dc have crashed there no way run dc promo demote server youre going have remove computer ojects manually ad. start sites , servers snap-in in microsoft management console (mmc), , connect flexible single master operation (fsmo) role holder.  remove computer entry every computer in orphaned domain. note: after delete computer entries, computers no longer have access active directory. cannot give them access agai...

i plan on using setting rras vpn server intention of using sstp authentication. possible not use ca server instead purchase third-party certificate? can buy ssl certificate godaddy, example? thank you hi ruisu, i recommend install subordinate ca on dedicated server rather merging exchange , other roles , reason being ca has accept load users, happesn if ca issuing large number of certificates. installing subordinate ca performing load balancing of network traffic, suggest have dedicated server sub ca server. also design have atleast 1 sub ca protect root ca ( protect big word :) ) , request go through pki architecture give clear understanding of ca's . for convinience pasting below link http://technet.microsoft.com/en-us/library/cc732625(ws.10).aspx the below link general understanding of vpn certificates requirement web page. http://technet.microsoft.com/en-us/library/cc759575(ws.10).aspx sainath !analyze ...

i currrently trying publish "my computer" on 2008 ts server.  have gpo's setup block on on window except "network" portion.  when default user launches it, view comes way want it, can see "network" in left pane , if click on it, window begins populate servers , workstattions in domain.  there can see shares, printers, etc.  have disabled computer browser service, behavior continues. does know how disable this?  have gone throught gpo's and  can't find on restrict network icon in computer. any ides appreciated. you can disable "client microsoft network" in properties of nic. that disable service :-) citrix technology professional , pubforum.net founder , love microsoft &its people bits! Windows Server  >  Group Policy ...

so when launch powershell window, , type netsh, netsh prompt expect. if execute code similar following, every time type netsh, command prompt, no netsh, no error. for ($i = 0; $i -lt 500 ; $i++) { write-host "foo"; }   any ideas?   thanks!   if understand correctly 1) open ps 2)netsh 3)you got netsh prompt 4)you run script  for ($i = 0; $i -lt 500 ; $i++) {  write-host "foo"; } 5) netsh, , there not netsh prompt anymore   i tried this, , works fine me here is:   8/30/2011 5:52 pm c:\> netsh netsh>exit 8/30/2011 5:52 pm c:\>  for ($i = 0; $i -lt 500 ; $i++) {  write-host "foo"; } foo foo ... foo 8/30/2011 5:52 pm c:\> netsh netsh>   Windows Server  >  ...

printer slow, when trying print using remote desktop services shrikant hi shrikant, according information posted far, hard analysis problem. generally, perform following troubleshooting regarding kind of question: 1.make sure newest diver installed. go manufacturer website download it. if multiple drivers suitable, have try using different versions of driver test 1 one. 2.go check if network setting configured correctly printing, such bandwidth, network speed. 3.when users print without using rds, please check whether printing speed normal. if yes, suggest install printer device on client local printer. here similar issue discussed in following thread, please take look: https://social.technet.microsoft.com/forums/windows/en-us/c14d927c-ee23-4e05-8a03-16a9464e2a0e/print-spooling-very-very-slow-to-a-network-printer?forum=w7itproperf regards, wendy please remember mark replies answers if , un-mark them if provide no help. if have feedback technet subscriber s...

have configured windows server 2008 nat server 2 network cards. 1 card connects t1 line, , other card connects our network. disabled firewall internal connection, nat filtering ports. every web page try visit client computers seems load or not @ first try, second try load. when ping client, this: ping google.com -n 10 pinging google.com [209.85.171.100] 32 bytes of data: request timed out. reply 209.85.171.100: bytes=32 time=99ms ttl=243 reply 209.85.171.100: bytes=32 time=102ms ttl=243 reply 209.85.171.100: bytes=32 time=99ms ttl=243 reply 209.85.171.100: bytes=32 time=100ms ttl=243 reply 209.85.171.100: bytes=32 time=99ms ttl=243 reply 209.85.171.100: bytes=32 time=101ms ttl=243 reply 209.85.171.100: bytes=32 time=101ms ttl=243 reply 209.85.171.100: bytes=32 time=101ms ttl=243 reply 209.85.171.100: bytes=32 time=103ms ttl=243 ping statistics 209.85.171.100:     packets: sent = 10, received = 9, lost = 1 (10% loss), approximate round trip times in milli-seconds:     minimum = 9...

i have noticed on pc cannot connect various hosts in network. upon pinging host, find ip address not supposed , has taken on external address. issue can fixed running "ipconfig/flushdns" followed "ipconfig/registerdns" , can connect host right ip. discovered not isolated 1 pc, other users see behavior when looking @ "ipconfig/displaydns" seems bind same external address. found external address ip our website our internal domain shares same name. can offer insight/suggestions problem. many thanks! ok, pretty sure caused issue. marking resolved. found best practice info below open new thread this. thanks all domain-joined computers must use internal dns servers.  if domain-joined computer configured use external server alternate dns server, temporary lack of connectivity internal dns server cause machine begin using external server resolution. external server unable resolve queries inside ad domain, , client machine not automatically revert...

hi i looking advice best way tackle problem. at moment have active directory forest 1 parent , 1 child domain. there 1 domain controller in child domain. domain controller has exchange server 2007 installed receives email different smtp domain exchange server in our parent domain runs exchange server 2003. both exchange servers able send email each other no problem. the plan have site child domain , exchange server part of our head office setup. want remove child domain , have of our other remote sites i.e. ad site part of the parent domain. in regards exchange want become addtional exchange server within our existing exchange organisation can move mailboxes between 2 servers depending users located. if remove child domain deletes user accounts within doesnt it? the best way can think is: 1. backup users in child domains files , email mailboxes 2. run dcpromo on child domain controller demote server , remove child domain 3. un-install , remove exchange server 2007 organisation...

 is there event logged or can logged correspond last bad password entry lockoutstatus tool finds? the tool reading or detecting bad password entry i can't find specific entry in logs more info. hi these possibilies lockout issue, -mapped network drives -logon scripts map network drives -runas shortcuts -accounts used service account logons -processes on client computers -programs may pass user credentials centralized network program or middle-tier application layer -active sync devices (cell phone,etc..)    i can see source machine listed >>>> check process monitör identify source process; https://technet.microsoft.com/en-us/sysinternals/processmonitor.aspx this posting provided no warranties or guarantees,and confers no rights. best regards burak uğur Windows Server  >  ...

i don't want delete snapshot shutdown server merge, because i can't estimate down time action. any risk face? avhd size limit 2tb? is safe keep avhd size growth without merge? thanks the time needed merge related storage capabilities..  so ... there no particular concern as severs healthy.. told before.. wont wait bigger avhd merge it.. i mean dont become 2 tb. regards ------------------------------------------------------- understand little computers. Windows Server  >  Hyper-V

hi i have found 1 script , good. http://gallery.technet.microsoft.com/scriptcenter/powershell-script-to-get-78687c5e#content need little correction in script per requirement. please me done. appreciated . my requirement : if there test fail in dcdiag: output of report should in red written dc name test fail if in replication.txt shows error or queue full show red replication_details.txt:  if file contains fails or error shows output in red replication_sum.txt: if file shows error or fail should show output in red services.txt: if file contains services stop should show red otherwise should show green time.txt:  if file contains error or fails should show red or green. i have script give me output below txt files: dcdiag.txt replication.txt replication_details.txt replication_sum.txt services.txt time.txt in above data below: https://onedrive.live.com/redir?resid=2665b3505200f04a!6767&authkey=!ahjrvo-ljt4as2a...

hi. have 2012r2 cluster configured cau in self-updating mode both windowsupdate , hotfix plugins. configuration went fine, when try run cau using these options, fail error "the plug-in argument hotfixrootfolderpath has invalid value". i've repeatedly checked path correct , browsable , has correct permissions should have. i've tried both disableaclchecks true/false, didn't make difference. path contains space, i've tried enclosing in double-quotes, didn't either. i've ran cau gui, here's command generates: invoke-caurun -clustername cluster01 -caupluginname 'microsoft.windowsupdateplugin','microsoft.hotfixplugin' -caupluginarguments @{ 'hotfixconfigfilename' = 'defaulthotfixconfig.xml'; 'disableaclchecks' = 'false'; 'hotfixrootfolderpath' = '\\fileserver\cau\windows server 2012 r2\hotfixes\hyper-v\root'; 'includerecommendedupdates' = 'true'; 'requiresmben...

i need convert objectguid format below: 12a24d81-2c95-11c2866f-017008d0a8f7   what have value in adsi edit beside objectguid attribute either hex, octel, decimal or binary.     chad i have vbscript functions use convert various byte array attributes, such objectguid, readable formats linked here: http://www.rlmueller.net/bytearrayfunctions.htm for example, when read hex format of guid in adsi edit can convert in vbscript program with hexguidtodisplay function follows: strhexguid = "6394351061438f4b82662379f7c4408e" wscript.echo hexguidtodisplay(strhexguid) function hexguidtodisplay(byval strhexguid) ' function convert guid value in hex format display format. dim tempguid, guidstr guidstr = mid(strhexguid, 7, 2) guidstr = guidstr & mid(strhexguid, 5, 2) guidstr = guidstr & mid(strhexguid, 3, 2) guidstr = guidstr & mid(strhexguid, 1, 2) guidstr = guidstr & mid(strhexguid, 11, 2) guidstr ...

hello everyone, thanks in advance time.   environment: windows 2008 server standard 64 bit windows xp sp3 cse installed pushing out 1 printer @ time - hp cp2025n using folder redirection   event type: warning event source: group policy printers event category: (2) event id: 4098 date:  2009/02/25 time:  8:34:07 am user:  nt authority\system computer: computername description: user 'printer' preference item in 'information systems settings {3fabc171-bb2d-482a-911c-b0d11d227d8b}' group policy object did not apply because failed error code '0x8007007b filename, directory name, or volume label syntax incorrect.' error suppressed.   we experiencing problem on 1 of our domain controllers running windows 2008 server standard 64 bit.  dc receiving error message on dc being used deploy printers clients, windows xp sp3 cse installed.  workstations able install printer, , there no errors/warnings/informational mess...

good afternoon, i'm trying figure out how move computers forest forest b.  can move user accounts , groups fine.  computer account gets created when agent tries run error local machine     computer:   win7basecae.*domain name* (win7basecae)         domain:     *domain name* (*domain name*)         os:         windows 7 enterprise 6.1 (7601) service pack 1 2012-08-25 13:53:35 err3:7075 failed change domain affiliation, hr=80070005   access denied. 2012-08-25 13:53:35 wrote result file c:\windows\onepointdomainagent\000024_win7basecae.result 2012-08-25 13:53:35 operation completed. i'm pretty sure dns configured correct have secondary zones set each corresponding domain.  think problem lies somewhere in access rights between source , destination domain.  i've read book , i'm still ...

i'm aghast i'm asking question (the longer ponder this, more feel hair catch fire). firewall state on sbs 2011 essentials server off . we're running trend micro worry-free business security , wfbs firewall not enabled . windows firewall on clients in domain. remote access enabled managers, administrators, , 1 other employee. there no ssl certificate installed on server. tech consultant says " sure, windows firewall turned off on server.  no 1 should using accept administrative purposes " i'm uncomfortable with, , reluctantly skeptical of answer. crazy or i? hello, enabling windows firewall recommended security reasons minimizes attacks on server. if network protected using firewall tmg forefront, can disable internal windows firewall protected external attacks. in case, have worry internal attacks server not protected against that. more if ask them here: http://social.technet.microsoft.com/forums/en-us/category/sbsserver http://social.techn...

hi, i have a forest with 2000 forest function level, cannot upgrade because there improperly removed domains. have tried remove metadata domains getting error being used. the forest 1 parent domain , 16 child domains 3 of them not exist , show @ domain function level 2000. appeared when tried raise forest function level. the parent dc using windows 2003. fact not supported more worried forcing remove metadata can corrupt asds datatbase. hi  you can follow ms article "how remove orphaned domains active directory " https://support.microsoft.com/en-us/kb/230306 also can safety metadata cleanup,so take full backup before proccess.                                            this posting provided no warranties or guarantees,and...

i have been evaluating dfs-r in both server 2008 rc2 , select code use replacement our current robocopy process.  move number of virtual host disk files large 10-20gb database files.    i have set dfs-r replication group between 2 2008 servers using full-mesh topology.  initial replication seems work fine, , can make small changes file renames without issue.  file deletions appear replicate in timely fashion.   the problem i'm having if change large file - either copying out of replication source group , in, or new big file (big defined 400mb - have tried larger - same problem), takes hours replication happen.  there no network or disk activity on either server.  not bandwidth issue - these servers local gigabit connections. i trying use remote differential compression final deployment on slower 100mb link.   i have run reporting tool, , shows fine.  error in dfs event log event id 5002 says "the dfs replication service encountered error communicating partner <p...

hi, i need configure  bitlocker  in enterprise ad. done   recovery information stored  in ad,  also need recovery information  need store on  network drive . hi, there no group policy setting restoring bitlocker drive encryption recovery information on network. bitlocker recovery information stored in child object of computer object in active directory. , must store trusted platform module(tpm) owner information. there no way store bitlocker recovery information on network separately. please read below articles , guide more information: bitlocker group policy settings http://technet.microsoft.com/en-us/library/jj679890.aspx bitlocker drive encryption configuration guide: backing bitlocker , tpm recovery information active directory http://technet.microsoft.com/en-us/library/3dbad515-5a32-4330-ad6f-d1fb6dfcdd41 how use active directory backup of bitlocker drive encryption recovery information? http://windows.microsoft.com/en-us/...

i trying set sso environment between active directory , exchange 365 using microsoft azure ad.  i have got domain verified sync , directory activated within azure.  the next step install , run directory sync tool.  when begin install of dirsync.exe met promptly error code 1625.  the error tells me "unable uninstall windows azure active directory sync tool.  use control panel remove directory sync tool."  everything i've found 1625 error says informational , gives no guidance.  i have gone through program files , removed labeled azure, there has not been in control panel can remove programs.  nothing in windows updates section.  i have found nothing in registry.  if can give guidance on appreciate it! hello, i suggest ask specific topic in azure ad forum instead here. https://social.technet.microsoft.com/forums/azure/en-us/home?forum=windowsazureaditpro best regards meinolf weber mvp, mcp, mcts microsoft mvp ...

add-content variable not work. here's get   c:...\windowspowershell> set-content variable:xyzzy 'newtext' c:...\windowspowershell> $xyzzy newtext c:...\windowspowershell> add-content variable:xyzzy 'additionaltext' add-content : cannot call method. content seek method not supported provider. c:...\windowspowershell> $xyzzy newtext   should able use add-content modify value of variable?   $xyzzy += 'addtext' if found post helpful, please give "helpful" vote. if answered question, remember mark "answer". rich prescott | mcitp, mcts, mcp blog | twitter: @arposh | powershell client system administration tool Windows Server  >  Windows PowerShell ...

is there fix disallow weak cipher ii 7.5 , up? know there running iis 7.0. http://support.microsoft.com/kb/187498 , http://support.microsoft.com/kb/245030. don't know if these 2 fix work later version of iis. hi, it should work, in addition, maybe follow below article: http://www.ehow.com/how_7610518_disable-weak-ssl-ciphers.html hope helps. regards, yan li cataleya li technet community support Windows Server  >  Security

hello, i trying add printer drivers windows server 2008 r2 support windows xp 32-bit clients. way doing go print management console on win2k08 r2 , go drivers option on left. right click on right , choose add drivers. point next dialog box downloaded xp x86 drivers, keeps bombing saying not right architecture. doing wrong? seems should such simple process. hi scott,   you need extract xp x86 drivers first, , specify path in add printer driver wizard .inf file of driver.   if printer driver not extracted, please log on windows xp 32-bit client, , install x86 printer drivers. use print management client computer connect print server, , add additional drivers additional drivers dialog box. windows automatically uploads drivers client computer print server.   the print management windows xp can downloaded here:   http://download.microsoft.com/download/e/e/e/eee938a3-262c-47b5-bf6a-51c6ed1c4aee/pmcmgmt.exe   for more information, please refer article: ...

hi! reviewed logs in event viewer\applications , services logs\microsoft\windows\deduplication\scrubbing , found lot of events error level. i using windows 2012 (version 6.2.9200 build 9200) how resolve errors? why happened? how prevent deduplication errors in future? thank you. sample errors:  <event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <system> <provider name="microsoft-windows-deduplication" guid="{f9fe3908-44b8-48d9-9a32-5a763ff5ed79}" /> <eventid>12805</eventid> <version>0</version> <level>2</level> <task>3</task> <opcode>0</opcode> <keywords>0x4000000000000001</keywords> <timecreated systemtime="2013-06-28t23:54:38.848471300z" /> <eventrecordid>182</eventrecordid> <correlation /> <execution processid="3564" threadid=...

hi,  i did clean install on imac, can't find install disk msword 2011.  it installed , activated microsoft, know have information (serial number, name, address, etc.).  is there way can download/install/activate online?   thank you! steve hi, please have @ following kb article , see if helps: http://support.microsoft.com/kb/2439384 this forum general questions , feedback related word winodws, better post question forum mac: http://answers.microsoft.com/en-us/mac/forum/macoffice2011?tab=threads the reason why recommend posting appropriately qualified pool of respondents, , other partners read forums regularly can either share knowledge or learn interaction us. thank understanding. best regards, steve fan technet community support Microsoft Office  >  ...

hi, the rds sites https://technet.microsoft.com/en-us/windowsserver/ee236407.aspx  and https://msdn.microsoft.com/en-us/library/hh831447(v=ws.11).aspx lists articles 2012 r2, other links even end @ 2008 suggestions. 2016 documentation not date there. i searching current statement installing session host on domain controller. officially supported not recommended in link: https://technet.microsoft.com/en-us/library/cc742817.asp  in server 2012 / server 2016 ? or did microsoft consequentially drop scenario? cannot find hint in role requirements. kr, matschek hi, i searching current statement installing session host on domain controller. officially supported not recommended in link: https://technet.microsoft.com/en-us/library/cc742817.asp  in server 2012 / server 2016 ? or did microsoft consequentially drop scenario? cannot find hint in role requirements. >>>yes, install rds roles on windows server 2016 domain controller. not recommende...

this basic question. i have windows 2012 server standard windows 8 client.on server share afdelingproductie. share on client mapped drive s: user flo_fli. user creates document test.txt in drive.i file explorer on client open properties of document. choose tab security, button advanced. there want change ntfs permissions disabling inheritance, removing group , adding group adapting permissions. when click apply: message:access denied. normal cannot change ntfs permissions owner full control on client? hi, please give group full control share permission , change ntfs permission. regards. vivian wang Windows Server  >  Windows Server 2012 General

i writing powershell script quarantine computer , have problem of huge timeout lag when remotely disabling network interface. the interface goes offline, powershell waits ~4-5 minutes timeout before moving on the next lines of code. anyone know how remotely disable network adapters without huge time lag? thanks in advance! d invoke-cimmethod -operationtimeoutsec <number of seconds> \_(ツ)_/ Windows Server  >  Windows PowerShell

how comes today couldnt login remotely windows remote control domain pcs , when saw allow remote users not selected. nobody has aaccess unselect that. how comes arent selected of them not computers please help? can enabled , forced group policy? of course admins can remote login pcs mr hello, mean 1 user account (non-admin domain account) has been moved remote desktop users on of domain machines not all? see picture attached. aware of new group policy applied user account or these affected machines? thanks zhang Windows Server  >  Management

hi, we migrated windows 2003 server windows 2008 server today. renamed 2003 machine , created alias 2008 machine same name the 2003 machine had. we wanted make change transparent users. we see issues users still being redirected 2003 shares when access alias. if use qualified domain name works okay - access 2008 share. we've checked dns machines , in synch pointing alias ip address of new 2008 machine. when user can't access alias nslookup on alias name gets "non existent domain". yet qualified domain name works her. has experienced similar? i have little experience these types of issues. grateful advice. hello, this seems issue dns suffixes. please make sure used dns suffixes configured. see that: http://support.microsoft.com/kb/275553 this posting provided "as is" no warranties or guarantees , , confers no rights.       microsoft student partner 2010 / 2011 microsoft certified professional microsoft cer...