Preventing accidental removal from the domain

Hi, another juicy customer question with a cool solution. The problem is this: on all workstations, the built-in Administrator account is disabled. Restriction groups are used to populate the group “Built-in\Administrators” with domain groups. No “back-door” local administrator accounts exist. So, when the desktop support team is trying to troubleshoot connectivity problems with machines, they…


Backing up and Restoring Domain-Based DFS Namespaces

I had a question for a customer recently which needed some investigation, as the seemingly “easy steps” to export and import DFSN configurations didn’t do what either of us expected. KB969382 lists the actions to take in the event of your DFS Namespace going west. Option 2 was the one we were looking at as…


Tuning Free System Page Table Entries when using /3GB and /USERVA=wxyz

  If you enable /3GB in the boot.ini of a Windows Server 2003 x86 server, you risk running out of address space for the kernel. You can tweak this by adding the switch /USERVA=wxyz where wxyz is the number of megabytes that should be allocated to the user mode processes. This will give more address…


Upgrading the ADMX Central Store files from Vista to Windows 7

I had a question from a customer and thought I’d share the answer with everyone. They asked “I want to upgrade our Central Store of ADMX/ADML files for Group Policy from Windows Vista SP2/Windows Server 2008 SP2 to Windows 7/Windows Server 2008 R2. What do we need to worry about?”. So I redirected them to…


Wildcard DNS Entires

I was working on a case with a customer for something that was too weird to ignore. We wanted to use DNS Suffix Search Orders on the clients so that clients could query using short names for servers in DNS domains which weren’t their own. e.g. A PC in the domain child-dom-1.corp.contoso.com wanted to ping…


Decommissioning WINS

I’ve been working on helping remove WINS from a customers network. One of the big problems was identifying the remaining clients still using WINS, and just what they were using it for. We used Network Monitor to capture WINS name resolution queries on the WINS to see which clients were querying for which server names….