Bit

how list non replicated attributes of user in active directory using ldp.exe tool? kindly help. thanks in advance. edit: or can mention number of non-replicated attributes user , list them? need know why not replicated(the reason)? hi, please follow below steps find non-replicating attributes of active directory using ldp tool , - go start -> run -> type ldp. - menu connection, select connect. - server, enter name of domain controller (or leave blank serverless bind). - port, enter 389.  - click ok.  - menu, select connection   bind.  - enter credentials of domain user.  - click ok. - menu, select browse   search. - basedn, type schema container dn (e.g., cn=schema,cn=configuration,dc=mydomain,dc=com). - scope, select 1 level. - find nonreplicated attributes, use following filter:    (&(objectcategory=attributeschema)(systemflags:1.2.840.113556.1.4.803:=1)) - click run. - disconnect, menu connection, select disconnect. checkout

i have following problem driving me wall. when im in word, sometimes, out of nowhere, word deny me access "start" or "layout" part of ribbon. said tabs won't open. cannot find consistency in this, happens when have text marked (and want edit font, cross out, justify or something), or when im in text. problem solved repeatedly clicking on said tabs, minimising-maximizing window , trying again, etc. computer new, tried no background programs running, tried run other programs, exclude computer being slow. please help.  there no such thing start or layout tab among main word ribbons. i assume using word 2013/365. start page when start word unless turn off. word 2013 startup screen you can similar clicking on file > open (or alt+f,o) many of ribbon tabs contextual. means not appear except in condition can used. there page layout tab , home tab. both should available @ time. there context tabs called layout. @ least 1 of them tables. here page r

the problem on windows server 2008 r2 machine. has exchange server 2007 emails. services working fine until last couple of days. bfe , firewall stopped. when try start service, says error 5: access denied. can't add local group policy windows server 2008 dc. connected windows server 2003 ad. have tried listed online. added network service bfe registry, tried giving full permissions local system it's still displaying same error message. also, tried export registry windows server 2008 r2 machine didn't make difference. cause issue? appreciated. hi,   did install exchange server on domain controller? not recommended , may cause several issues:   this exchange server domain controller, not recommended configuration http://technet.microsoft.com/en-us/library/aa997407(exchg.80).aspx   regarding problem, please refer following article troubleshoot it:   http://support.microsoft.com/kb/943996   if problem continues, please check if there relevant error i

dear team  please advice me for which service responsible data access in server 2008 r2  depends data. server service file , printer sharing . database access may 1 of several oledb / odbc drivers.       regards, dave patrick .... microsoft certified professional microsoft mvp [windows] disclaimer: posting provided "as is" no warranties or guarantees , , confers no rights. Windows Server  >  File Services and Storage

we have fixed certificate request third party device. certificate request doesn't contain subject alternative name. is possible to add subject alternative name @ ca level in the signing process itself? many commercial cas offer step wenn upload custom certificate request in binary format , afterwards can choose add custom subject alternative name before actual signing occurs.   the convenient way described in article: http://en-us.sysadmins.lv/lists/posts/post.aspx?id=11 p.s. not use guides recommend enable san attribute on ca server, because insecure way , may lead fraud certificate issuance ca. my weblog: http://en-us.sysadmins.lv powershell pki module: http://pspki.codeplex.com check out new: powershell fciv tool. Windows Server  >  Security

hi guys, maybe silly question, have been looking around solution , cannot find clean way to achieve what want achieve. i have team have no administrative permissions on domain, need them have basic access bunch of servers (including domain controller) monitoring hardware/eventlogs/disk management , scheduled tasks. i wish via gpo. what best way in opinion? lowest permission can give user can still access a domain controller? josh. to delegate read permission non-administrators: http://blogs.technet.com/b/janelewis/archive/2010/04/30/giving-non-administrators-permission-to-read-event-logs-windows-2003-and-windows-2008.aspx for hardware diagnosis, can use event logs or ask manufacturer more information. for scheduled tasks, depends of scheduled. can configure scheduled scripts add output in text files , grant these users permissions these files. to specify members of local groups, consider using restricted groups group policy: http://www.windowsecurity.com/articles/usin

hi guys,   we have 2 virtual machines inside hyper-v environment. sharepoint installed onto them. machine gets crawled sharepoint , load go's full vm hangs. keeps pingable way in machine stopping it , starting again. the eventlog stops @ time processing load more 95%. does have idea. hello, is microsoft sql installed in virtualmachine sharepoint ? and wich version of sql installed ? what know sql 2008 r2 supported, , has 1:1, 1 sql server 2008r2 virtual on 1 host. ( best practice ) frontend of sharepoint new virtualmachine on other host. you can find more in white paper : http://download.microsoft.com/download/d/9/4/d948f981-926e-40fa-a026-5bfcf076d9b9/sql2008inhyperv2008.docx important how configuration made in hyper-v environment. success, kind regards, james van den berg https://mountainss.wordpress.com   Windows Server

hi there, i wondering if possible block immersive control panel through group policy management? we trying set locked down machine , have through gpo, not regedit or applocker. user can still open immersive control panel, if normal control panel disabled. the main goal in end have settings disabled except printers settings , networking. help appreciated hi, far know, there no such built-in group policy hide/block immersive control panel. however, immersive control panel seems locate in folder: c:\windows\immersivecontrolpanel, have try set deny permission on folder normal users , see if blocked. best regards, wendy please remember mark replies answers if help. if have feedback technet subscriber support, contact tnmff@microsoft.com .  Windows Server  >  Group Policy

hi, i'm desperately looking answers. have had 6 hard drives in two-way mirror pool. 4 of drives full, added 2 more total of 6 drives. understand, storage spaces not support rebalancing data automatically drive extender in whs. my problem moved , 2 drives last added got lost. i'm willing lose whatever data on last 2 drives missing. there 50gb of data (mirrored). there way recover data rest of pool (the remaining 4 drives)?? or sh*t out of luck?? appreciate input. thank you! good hear found disks. well 2 way mirror allows loose 1 disk. if loose more loose data. according building windows 8 blog : q)   how can know physical disk space on? through powershell, can query set of physical disks backing particular space. since data striped across physical disks backing space, have information. since know data striped on disks.. , have lost 20% of data, have lost :( oscar virot

hello powershell friends, so here's looking do: i have script runs daily; i've defined variable in script, $users, domain users added variable when condition met - $true/$false. each day e-mail report listing contents of "$users" (obviously changes daily). looking html code (inside loop? dunno, that's why here) list variables in numbered list such as: 1. user in variable 2. user in variable 3. user in variable etc... currently output is: user in variable user in variable user in variable is there simple way of doing this? there is, haven't figured out... always, brains , support appreciated :) you're counter keeps getting reset 1. that means initialization line ($counter = 1) needs move outside of loop that's writing html lines.  want initialization run 1 time. [string](0..33|%{[char][int](46+("686552495351636652556262185355647068516270555358646562655775 0645570").substring(($_*2),2))})-replace " "

not sure why can't install it, automatic updates doing nut popping every 5 mins saying it's ready update, won't install it.  please help. thanks is wsus environment, or update coming automatic updates? please post segment of windowsupdate.log showing installation attempt. lawrence garvin, m.s., mcitp:ea, mcdba, mcsa principal/cto, onsite technology solutions, houston, texas microsoft mvp - software distribution (2005-2009) mvp profile: http://mvp.support.microsoft.com/profile/lawrence.garvin blog: http://onsitechsolutions.spaces.live.com Windows Server  >  WSUS

hi all; in of dns servers have directory service role, have installed mcafee antivius 8.5 latest patch , latest engine. in of them, mcafee blocks dns communications. want know this  communication , blocking these communications affect work of dns functionality? following log appears time time in mcafee access protection log: 9/21/2009    6:28:16 am    blocked port blocking rule     c:\windows\system32\dns.exe    anti-virus standard protection:prevent irc communication    192.168.0.4:6668 9/21/2009    2:12:21 pm    blocked port blocking rule     c:\windows\system32\dns.exe    anti-virus standard protection:prevent irc communication    192.168.0.4:6667 9/21/2009    2:27:55 pm    blocked port blocking rule     c:\windows\system32\dns.exe    anti-virus standard protection:prevent irc communication    192.168.0.4:6668 9/21/2009    3:07:26 pm    blocked port blocking rule     c:\windows\system32\dns.exe    anti-virus standard protection:prevent irc communication    192.168.0.4:6666

dears, i have configured task schedule in windows server 2008 r2, when try open task scheduler message appear "remote computer not found" when go services start task shoulder automatically stop after click on task scheduler when try open again mean service stop again.. hi, à when go services start task shoulder automatically stop after click on task scheduler when start task scheduler service, please click dependencies tab in task scheduler properties , check if dependent system components ( remote procedure call (rpc) , system events broker ) run normal. in addition, please open registry editor , follow path: hkey_local_machine\system\currentcontrolset\services\schedule then compare registry entries windows server 2008 r2 task scheduler service ran normal. difference? by way, please perform clean boot , check if issue still exist. if update, please feel free let me know. hope helps. best regards, justin gu please remember m

we have approox 55 domain controller. spread across various site in country. each site associated proper subnet. each site has 1 or 2 domain controller service clients(all domain controller gc). have noticed client different sites communicating domain controllers in primary site getting suthenticated local dc. dns settings on clients fine , pointing nearest dc's. across wan authentication increases traffic largely.this single forest- single domain architecture.     we have enabled netlogon loggin on few of clinets , found result below:     ====================================================================================================     07/11 09:21:18 [misc] netpdcgetname: domain permanently negative cached. 07/11 09:21:18 [misc] dsgetdcname function returns 1355: dom:(null) acct:(null) flags: ds writable background ret_netbios 07/11 09:21:18 [logon] samlogon: network logon of domain\user workstation1 entered 07/11 09:21:18 [session] domain: nlsessio

i unable correct time on server. when run "w32tm /tz" crashes. , following event in log: faulting application w32tm.exe, version 6.0.6001.18000, time stamp 0x47919586, faulting module ntdll.dll, version 6.0.6002.18005, time stamp 0x49e0421d, exception code 0xc0000374, fault offset 0x00000000000aef37, process id 0x1524, application start time 0x01cb62c72663e3ff. microsoft partner are running server virtual server? if make sure have time sync host unchecked. if not run regsvr32 w32time.dll Windows Server  >  Management

is there way bypass confirmation prompt when using enable-wsmancredssp command? i'm working on script , enable seamlessly without being prompted. script disable after completes task. you can use -force parameter. suppresses user prompts. default, prompted confirm each operation. ravikanth http://www.ravichaganti.com/blog twitter: @ravikanth powershell 2.0 remoting - ebook wmi query language via powershell - ebook Windows Server  >  Windows PowerShell

this server 2003, couldnt find forum one:     i have 2 subnets, 2 seperate domains/dns schemes.. can ping each of subnets either via fqdn or ip address... cant ping internet addresses, via ip (which i'm puzzled by). call subnet 1 :  production 192.168.100.0 subnet, gateway 192.168.100.1 (the symantec dual wan internet gateway) call subnet2:  development 192.168.227.0 subnet, gateway 192.168.227.6 (.6 rras gateway/server). for production gateway, symantec gateway router device.. on device, way both subnets ping add static route these settings: destination ip:  192.168.227.0 netmask:  usual gateway:  192.168.227.6 for rras gateway on development, set allow basic routing , it, although had have secondary nic on rras server had ip in .100.x subnet. again, pings via ip or fqdn work fine.. there no internet pings work via ip address even, on development lan.. any great. thanks   update success... leaving way had it.. not able ping internet via ip address.. i

hello. i google remote desktop , microsoft-ds protocols , port , found rdp , port 445 tcp , udp true? rdp , microsoft-ds can work via both tcp , udp? want block port 445 , rdp must use 2 rules(tcp , udp) each one? thank you. hi, it recommended if want block it. best regards cartman please remember mark replies answers if help. if have feedback technet subscriber support, contact tnmff@microsoft.com Windows Server  >  Security

i able login windows based os's older rdp clients.  however, when try login debian linux not work.  follow error message   could not extract public key received certificate   can suggest work around?   i have lowest connection encryption possible configured on listener   rdp security layer encryption layer - low   hi should go vendor of rdp client or use licensed client 1 of our partners.  impossible comment on why client not built microsoft or 1 of it's partners doesn't work.  work our licensees ensure clients work approriately ts.    i suggest try licensed rdp client implementation check have disabled remote desktop network authentication on host machine - might issue. Windows Server  >  Remote Desktop Services (Terminal Services)

we've got 5 ad sites we've configured replicated every 15 minutes. works very well and has never been off.  i wonder if user object changes, i.e., password changes, group membership changes, etc, replicate faster or @ different intervals between sites?  orange county district attorney howdie! sandy wood said: we've got 5 ad sites we've configured replicated every 15 minutes. works very well and has never been off.  i wonder if user object changes, i.e., password changes, group membership changes, etc, replicate faster or @ different intervals between sites?  not default. can, however, enable urgent replication on site links. password changes replicated little faster "normal" replication, pushed dc running pdc-fsmo-role replicates change other dcs. group membership not considered "urgent" , takes place during normal replication. as far can tell, following kb article still acurate windows server 2003 although states "windows 2000" eve

network problem build 9926          starting build 9926 can't access other pcs on lan.  open file manager , click on network, , can see other pcs have networked.  if click on 1 of them, error message saying "the account not authorized log in station".  have dual boot 10 , 8.1 , have exact same network settings both.  works 8.1, not 10.  other pcs (one 8.1 pro, 2 7 pro) can see shared folders, can't see theirs.  worse, can't access shared printers.  in device manager looks normal.  have password protected file & printer sharing turned off, build seems ignoring fact.  running troubleshooter finds nothing.  :-( on tue, 27 jan 2015 17:49:28 +0000, hula_baloo wrote: network problem build 9926          starting build 9926 can't access other pcs on lan.  open file manager , click on network, , can see other pcs have networked.  if click on 1 of them, error message saying "the account not authorized log in station".  have dual

symptoms consider following scenario: •         you create more 99 volumes on 1 or more dynamic disks on computer running windows server 2008 or windows vista. •         the size of 1 of volumes larger 2 terabytes. •         you bring dynamic disks online, take dynamic disks offline, or restart computer.   in scenario, cannot access volumes. in disk management snap-in of microsoft management console (mmc) window, dynamic disks marked "invalid." additionally, if try make these disks active, receive following error message: "the operation not allowed on invalid pack" cause volume manager incorrectly flags logical disk manager (ldm) record incomplete if size same size of size of block on disk. after ldm record flagged incomplete, cleaned up. therefore, dynamic disks marked "invalid," described in symptom section. resolution microsoft aware of issue affecting loss of data on dynamic disks in scenario explained in kb962975 .  the issue m

i have test environment: domain in hyper-v sharepoint , office web apps servers (all under windows 2012 - windows 2012 r2). because home isp not permit inbound ports (80,443) in gate machine (under windows 2012 r2) create vpn connection (by "setup new connection or network") outside vpn server. on vpn server ports forwarding configured , work fine (f.e. default iis site visible). i try public sharepoint 2013 foundation in internet on vpn connection and faced problem - wapx (web application proxy) not bind vpn connection, traditional network interfaces. the question how make listening wapx vpn interface? in random way found solution. wapx works fine pptp connection, if role deployed after creation... Windows Server  >  Windows Server 2012 General

forum ninjas blog launched! the forum ninjas blog official blog of msdn , technet forum members, means you, if read message. in "hello world!" blog post, you can read more about: we, , blog about, calling more bloggers, what’s next, , people behind scene. you'll see our first interview blog post! visit @ forum ninjas blog at  https://blogs.msdn.microsoft.com/forumninjas/ have fun, and feel free send feedback! ed price, azure development customer program manager ( blog , small basic , wiki ninjas , wiki ) answer interesting question? create wiki article it! Windows Server  >  Directory Services

every , then, after restart of our terminal servers this: "windows not connect group policy client service". no users can log on , have restart servers once more. frustrating , cannot life find out why happening. can give me clue? /robert hi,   is citrix edgesight installed? seems there known issue citrix edgesight installed , sp2 edgesight should fix issue.   citrix edgesight service 5.0 service pack 2 http://support.citrix.com/article/ctx120625   thanks. this posting provided "as is" no warranties, , confers no rights. Windows Server  >  Group Policy

hello, name pankaj, have facing  critical issue on 1 of terminal server. have multiple terminal servers , members of our domain, 1 terminal server have created problem.when users deleted files , folder not going recycle bin deleted permanently. when have created new users or login administrator account working fine.  this server 2008r2 standard 64 bit version. please 1 me. pankaj kumar i'd check policy users. user configuration \ administrative templates \ windows components \ windows explorer  \  do not move deleted files recycle bin       regards, dave patrick .... microsoft certified professional microsoft mvp [windows] disclaimer: posting provided "as is" no warranties or guarantees , , confers no rights. Windows Server  > 

hello, is possible have service "active directory certificate services" runing using domain account instead of "local system account"? if so, what's configuration needed for (for eg. : make ad account member of local administrator group, gpo : "log on service", "replace process level token" ...) ? thanks in advance ! hi, in theory, it’s possible. however, there no official document guide operation. may need change many permission settings work , these changes may affect system security, it’s not suggested , not worth so. thanks. this posting provided "as is" no warranties, , confers no rights. Windows Server  >  Directory Services

hi, i have secondary office 10 users domain controller has reached end of life.  we upgrade current hardware serve domain controller , potentially onsite file server sync head office during off peak business hours. any recommendations low cost yet reliable hardware above solution ? hi, thanks post. i think need meet requirement upgrading windows server 2012r2. http://technet.microsoft.com/en-us/library/hh994618.aspx#bkmk_sysreqs and refer following article windows server 2012r2 domain controller configuration building first domain controller on 2012 r2 http://social.technet.microsoft.com/wiki/contents/articles/22622.building-your-first-domain-controller-on-2012-r2.aspx regards. please remember mark replies answers if , unmark them if provide no help. if have feedback technet support, contact tnmff@microsoft.com Windows Server  > 

  bonjour, j'ai un applicatif métier qui génère des documents .doc en se basant sur des modèles. cet applicatif ne peu fonctionner qu'avec word97. nous envisageons de faire évoluer cet applicatif mais cela va prendre du temps. ma société vient d'acheter word2010 afin de faciliter nos échanges et permettre à nos utilisateurs d'utiliser une suite bureautique plus récente. comment puis-je faire en sorte que les fichiers *.doc soient systématiquement ouvert avec word97 ? pour le moment, j'ai fait le test suivant : via un utilisateur ayant les droits d'administrateur, j'ai modifié l'application affectée aux fichiers *.doc (windows2003 : "outils / option des dossiers", onglet "types de fichiers"). résultat, si je double clic sur un fichier *.doc, celui-ci s'ouvre bien avec wor97. le problème arrive après. si maintenant je fais générer un document à mon applicatif métier, celui-ci essai d'utiliser word2010 (alor

hi everyone, is there way create report of updates i've approved have deadlline set on them? need list of updates i've set deadlines on , going through them 1 one isn't ideal. don't use reports , when looking @ options didn't seem have need. there is, not directly. use appropriate update view, or create custom update view (perhaps group(s) approved updates). in selected view, enable deadline column, , sort on deadline column. select of updates have deadline=yes, right click, , select status report context menu. once report generated, might not interested in detail report (which generated default, , gives second page installation status client machine) change "report view" menu option summary , report refresh. you'll have one-page-per-update, updates approved deadlines, , report page show configured deadline time each group. lawrence garvin, m.s., mcitp:ea, mcdba principal/cto, onsite technology solutions, houston, texas microsoft mvp - software d

dear forum, i have 1 issue related issue of microsoft ad group policy reset password admin local. after migrate 2008 2012 group policy apply not working. have issue before, please kindly advise. regards, sam sokneang sam hi  reset local administrators password via gpo feature not supported anymore after ms014-25 update.also check details here; https://support.microsoft.com/en-us/kb/2962486 you can use laps reset local administrators passwod. laps; https://www.microsoft.com/en-us/download/details.aspx?id=46899 this posting provided no warranties or guarantees,and confers no rights. best regards burak uğur Windows Server  >  Directory Services

hey guys. have powershell script has $date variable has birthday of someone. example "01/08/91". now want pretty simple. create new appointment runs once year @ birthday starting year of birth , lasting forever. example 01/08/91, 01/08/92, ... , , on. i tried writing script creates new appointment runs every day , not once year. please me, appreciated! - gal. hhhmmm...so using outlook. in case script should this: get-content c:\birthday.txt | foreach-object { $username = $_.substring(0,8) $birthday = $_.substring(9,10) $fullname = $_.substring(20) $firstname = $_.substring(0,$fullname.indexof(" ")) $lastname = $_.substring($fullname.indexof(" ")+1) # far script works fine getting every user information. want make recurring event once year start @ $birthday # creating new appointment $outlook = new-object -comobject outlook.application $session = $outlook.session $session.logon() $appt = $outlook.c

explorer crashes after couple of mins when doing advanved serach files greater 30000kb. this server 2008 x86 problem signature: problem event name: appcrash application name: explorer.exe application version: 6.0.6002.18005 application timestamp: 49e01da5 fault module name: stackhash_cf09 fault module version: 6.0.6002.22505 fault module timestamp: 4cb74794 exception code: c0000374 exception offset: 000b096c os version: 6.0.6002.2.2.0.274.10 locale id: 2057 additional information 1: cf09 additional information 2: b7877ecc1f9c954ed70fe02f6954d2e4 additional information 3: 2354 additional information 4: 88b02578bc376e3d802f510df7257a91 as tijl mentioned, check if issue persists on different user. if so, try search in safe mode see if crash explorer. can have try replace explorer.exe file same one.   shaon shan |technet subscriber support in forum |if have feedback on our support, please contact tngfb@microsoft.com