EFS File Recovery

Windows XP and Windows Server 2003 provide many enhancements in the area of data protection— especially Encrypting File System (EFS). This article provides some common issues and file recovery practices to prevent encrypted files being inaccessible. We often encounter problems when accessing encrypted files.  For example, not able to access the data and getting permissions…


Access Denied, or Other Access Failure to SMB Shares from Vista Clients

Some of the fun we have in product support is that, once a new product is released nowadays, we get to navigate the uncharted waters of new security settings interoperating with our customers’ real world environments.   With Windows XP and Server 2003 we saw that there were challenges  brought about by the SMB signing,…

2

Installing Office 2007 Using Group Policy Software Installation

The Office team published a great “how to” on installing Office 2007 using Group Policy. The Office 2007 Resource Kit includes this documentation. You can view it online at the Microsoft TechNet site. Here’s a direct link http://technet2.microsoft.com/Office/en-us/library/efd0ee45-9605-42d3-9798-3b698fff3e081033.mspx?mfr=true

1

Temporary profile issue

A temporary user profile is issued each time an error condition prevents the user’s profile from loading. Temporary profiles are deleted at the end of each session, and changes made by the user to their desktop settings and files are lost when the user logs off.  On a Vista client computer, you may encounter profile…


Typical Symptoms when secure channel is broken

The secure channel is used to validate the member servers or workstations membership in the domain, based upon its hashed password. This discrete communication channel helps provide a more secure communication path between the domain controller and the member servers or workstations.  It can also be used to change the accounts password, and to retrieve…


Ghost trust object caused the network share inaccessible

A while back we got involved in a weird issue where a network user encountered network share access problems. The symptom or the error message might be different in some scenarios:   1.     Domain controller’s share folders cannot be accessed by the NETBIOS name, but the folders can be accessed by the IP address several…

0

Using ADRestore tool to restore deleted objects

Have ever encountered the following scenarios?  User accounts, groups, computers, OUs or other objects in domain accidentally deleted. No system state backup available for authoritative restoration. No other DC’s available. When an object is deleted from Active Directory, it isn’t actually removed butis instead marked as deleted by an internal marker called a tombstone. If you…

11

The comprehensive technical articles and best practice of Windows Time

Microsoft has put together a comprehensive and technical article Windows Time and the W32TM service explaining how the Windows Time service works and how the time on desktop machines is synchronized with the server. There are some best practices that you need to consider as tips as well as a comprehensive troubleshooting section at the end of…

0

Regarding AdminSdHolder

Windows 2000 and 2003 both contain protected groups, called AdminSdHolder. AdminSdHolder is used to control the permissions of user accounts that are members of the built-in Administrators or Domain Administrators groups. Protected Groups are groups that Windows protects from unnecessary changes.  In some instances, this process can confuse people, even causing some unexpected behaviors when…

3

What’s new in GP in Windows Vista

Group Policy in Windows Vista and Windows Server “Longhorn” provides an infrastructure for centralized configuration management of the operating system and applications that run on the operating system. Expanding on the foundation established in Windows Server 2003 and Windows XP, Group Policy is improved with greater coverage of policy settings and extensions, better network awareness…

1