New KB articles February 10-16
Now that Windows Server 2008 and Vista SP1 have released to manufacturing, you can expect to see quite a few KB articles coming out for those products. Before I list the ones relevant to Directory Services, here are a few general ones to be aware of -
| 946405 | Client computers may not work correctly when you add a Windows Server 2008-based domain controller to an existing pre-Windows Server 2008 domain |
| 929851 | The default dynamic port range for TCP/IP has changed in Windows Vista and in Windows Server 2008 |
| 948690 | You cannot remotely access encrypted files after you upgrade a Windows Server 2003 file server to Windows Server 2008 |
| 948680 | Description of the Microsoft server applications that are supported on Windows Server 2008 |
| 948070 | Information and resources to use when you plan to upgrade Windows Server 2003 to Windows Server 2008 |
| 947025 | Support guidelines for migrating roaming user profiles data to Windows Vista or to Windows Server 2008 |
| 947034 | How to use unattended mode to install and remove Active Directory Domain Services on Windows Server 2008-based domain controllers |
| 948472 | How to extend the Windows Server 2008 evaluation period |
| 947226 | Description of security events in Windows Vista and in Windows Server 2008 |
Previously I had mentioned the Server Core Step-by-Step Guide that does a great job of giving you the command-line equivalents for common admin tasks. One thing it does not cover is how to uninstall applications from Server Core, but I did come across this blog on the subject. Under the covers when you uninstall a program, the Add/Remove Programs (XP/2003) and Programs & Features (Vista/2008) control panel applets are just running whatever is specified in the UninstallString registry value under HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstall, so on Core installs of Server 2008 where those control panel applets do not exist, you just find that registry value and run the command it specified from the command-line. Be sure to check out the Server Core blog for other tips on Server Core.
| KB | Title |
| 947460 | Error message when you try to open a mapped DFS folder after the computer comes out of standby in Windows XP Service Pack 2: "<Drive Letter>: is not accessible" |
How to use the “netsh advfirewall firewall” context instead of the “netsh firewall” context to control Windows Firewall behavior in Windows Server 2008 and in Windows Vista |
|
Windows Server 2008 will log on the administrator account automatically without displaying the logon dialog box when you set the administrator password as blank |
|
You cannot remotely access encrypted files after you upgrade a Windows Server 2003 file server to Windows Server 2008 |
|
The autoenrollment functionality fails when a Windows Vista-based computer uses version 2 (V2) certificates |
|
How to let a user apply a Group Policy that has the "Devices: Unsigned driver installation behavior" Group Policy setting from a Windows Vista-based computer to a client computer |
|
When you use an account from an external MIT Kerberos realm to log on to a Windows Vista-based workstation, the logon fails |
|
Description of the Microsoft server applications that are supported on Windows Server 2008 |
|
Error message when you try to use the Active Directory Service Interfaces extension for Terminal Services to read the properties for a user on a Windows Server 2008-based computer: "The directory property cannot be found in the cache" |
|
A replication may fail when you perform the replication among Active Directory Lightweight Directory Services (AD LDS) instances on a Windows Server 2008-based computer |
|
Error message when a user uses Internet Explorer 7 to open the certificate enrollment Web page to install an end entity certificate on a Windows Vista-based client computer |
|
Description of security events in Windows Vista and in Windows Server 2008 |
|
On a Windows Server 2003-based computer that has a TCP Chimney Offload network adapter, the TCP data stream may be corrupted when the network adapter indicates an MDL chain whose starting MDL has a nonzero offset |
|
The user profile may not be correctly unloaded when you log off from a Windows Server 2003-based computer, and event 1517 is logged |
|
How to clone a certificate template from a Windows 2000 CA to a Windows Server 2008 CA |
|
When you try to move files from one network drive to another network drive, the files keep permissions from the source folders on a client computer that is running Windows XP or Windows Server 2003 |
|
Certificate mapping fails on a Windows XP Service Pack 2-based computer that is running the Windows Server 2003 Administration Tools Pack |
|
The Knowledge Consistency Checker deletes the connection object for a read-only domain controller in Windows Server 2008 |
|
The time stamp of a file's "Modified" box changes to the current time after you use the Encrypting File System to encrypt a file on a Windows XP SP2-based computer |
|
A temporary profile is loaded after you log on to a Windows Vista-based system |
|
Internet Explorer Maintenance-related Group Policy results are not displayed correctly in Group Policy Management Console on a Windows Vista-based computer |
|
Error message when you try to access an administrative share on a Windows Vista-based computer from another Windows Vista-based computer that is a member of a workgroup: "Logon unsuccessful: Windows is unable to log you on" |
|
Error message when you log on to a Windows Vista-based computer by using a temporary profile: "The User Profile Service failed the logon. User profile cannot be loaded" |
|
A user's icon and name are not displayed on the logon screen in Windows Server 2008 after you add the Terminal Server server role |
|
How to change the computer certificate on a Windows Server 2008-based computer that is running the "Routing and Remote Access" service and SSTP |
|
Object changes or new objects may be lost when the ADAM Synchronizer tool in Windows Server 2003 synchronizes data from Active Directory to ADAM |
|
A Windows Server 2003-based computer responds slowly to RDP connections or to SMB connections that are made from a Windows Vista-based computer |
|
When you redirect the Documents folder on a Windows Vista-based computer to a network share, the folder name unexpectedly changes back to Documents |
|
When the Kerberos ticket expires for a Kerberos-authenticated SMB connection that is created to a Windows Server 2003-based server, the oplock on a file cannot be broken in a timely manner |
|
How to set the /insite option on the Distributed File System (DFS) root on a Windows Server 2003-based computer |
|
Error message in Windows Server 2003 R2 when you use the Dfsmgmt.msc snap-in to create a new DFS namespace that contains a period (.) character |
|
MS08-003: Vulnerability in Active Directory could allow denial of service |
- Craig Landis