Combine

i had need create gpo , use loopback.  simple little gpo, add stuff trusted sites on specific citrix server.  i created user gpo did loopback apply application hosting xenapp server wanted. i set loopback replace, because default , trusted site settings not applied anywhere else; didn't care. long story short, when linked gpo, it, reason, prevented other user gpos applying.  not denied, didn't show up.   i figured out shortly after, , when changed merge, other user gpos applied again.  this not way believe loopback supposed work, in either replace or merge.   any insight on why might have happened? > long story short, when linked gpo, it, reason, prevented > other user gpos applying.  not denied, didn't even > show up. > figured out shortly after, , when changed merge, the > other user gpos applied again.  not way believe loopback > supposed work, in either replace or merge.  this way supposed w...

hi.. have customer server 2003 r2 updated , all.. running ts every , stops ppl logging on , give rpc server unavailable. i checked rpc services , running. network diags connected , dns, network, routers working , pinging. it starts give other errors profiles or not allow logins except admin . if server restarted works fine again while. any ideas appreciated. thanks in advance. george just update.. i have looked @ several threads, and  verity " tcp/ip netbios helper " running , set auto start after restart. and verity " remote registry " running , set auto start after restart. not sure information need help, please ask away. george Windows Server  >  Remote Desktop Services (Terminal Services) ...

what best way configure hyper-v server have 2 virtual servers on 2 different subnets if possible?! if these intended seperate networks, highly consider vlan tagging.  can configure in properties of virtual nic each virtual machine.  also, configure host network card "trunked" on switch.  if don't vlan tagging, you'll need have dedicated host nics each subnet. i hope helps out! nathan lasnoski http://blog.concurrency.com/author/nlasnoski/ Windows Server  >  Hyper-V

hello ... desk analyst , have user who's ad account locks out when leaves laptop lengthy time e.g. when goes meeting. can go short break, come , log in no problem, when longer spell gets locked out. incidentally, user has vmware installed not use it. hi, before going further, suggest try enable auditing, netlogon logging , kerberos logging trace source of lockout account. please refer following article details. maintaining , monitoring account lockout http://technet.microsoft.com/en-us/library/cc776964(ws.10).aspx please let know error received in log further research. for more information troubleshooting account lockout issue, please refer articles below. troubleshooting account lockout http://technet.microsoft.com/en-us/library/cc773155(v=ws.10).aspx account lockout tools http://technet.microsoft.com/en-us/library/cc738772(v=ws.10).aspx regards, andy Windows S...

according microsoft, here blurb technet on limitations hyper-v , clustering.   a maximum number of 16 nodes in failover cluster allowed.   for each node in failover cluster, can have maximum number of 64 virtual machines server computer virtualization. when hyper-v used in conjunction virtual desktop infrastructure (vdi) client computer virtualization, can have maximum of 64 vdi (windows xp/windows vista®/windows® 7) virtual machines each node in cluster.   the number of virtual machines allowed each node not change regardless of size of cluster.   does mean can have 64 vm's running on 1 of nodes in fail on cluster?   what if have 2 nodes in fail on cluster , each 1 hosts 64 vm's.   does mean if 1 node dies, 64 vm's cannot move healthy node because can host 64 vm's?   i want understand means.   our environment has 600 vm"s , serious limitation if case.     thanks! hi,   does mean can have 64 vm's running on 1 of nodes in fail on cluster?   ...

hi all, i'm calling 4 processes exe files , keep on crashing if running clicking manually on dekstop shortcut, doesn't manual inteference not automation. there way protect processes inside powershell environment?  im using powershell version 1. thanks comment may add. hi, i don't know how protect program in powershell, , suggest invoke program separately. please refer below thread: http://social.technet.microsoft.com/forums/en-us/winserverpowershell/thread/8019a21b-dd31-4cf5-b6ad-fab1b59816c9 regards, yan li if have feedback on our support, please click here . cataleya li technet community support Windows Server  >  Windows PowerShell

so, predecessor @ job migrated 1 of our clients workgroup computers ad domain.  due unforseen networking infrastructure problems ad domain pretty useless.  client wants migrate until infrastructure gets upgraded.  procedure that?  happens client machines when run dcpromo , make domain go away?  going break user profiles on local computers?  i'd know expect before go smashing domain. you can migrate domain profile local profile , demoting current domain not impact domain profile assumingt roaming/folder redirection not configured.you need take consideration of application refering to dn path of domain not work if current domain removed. how migrate user profile http://technet.microsoft.com/en-us/library/dd560801(ws.10).aspx http://itswapshop.com/tutorial/how-migrate-local-profiles-domain-profiles-5-minutes-using-registry-tweak-windows-xp-and-7 http://superuser.com/questions/50589/how-to-copy-user-profile-when-changing-domain hope helps...

i have a unknown amount of accounts added to protected groups sucha domain admins. believe removed inheritance and account operators permissions these accounts security permissions.  looking script out to find these accounts missing account operators security permissions , able reset inheritance flag on accounts.   end result being these accounts can once again managed account operators group.  help.  there script re-set inheritance flag shown in kb article below: http://support.microsoft.com/kb/817433/en-us probably has written powershell version now. it considered best practice avoid using account operators group (itself protected adminsdholder) , set own groups delegation.  alexei Windows Server  >  Windows P...

i purchased new powerful server , placed windows hyper-v server (free version) on (we not have system center). we use prebuilt images student labs (consists of 2 servers work enterprise application). one guest image has ad loaded own domain on other client server. have automated system copies images , imports , fires them up. the problem have same hostname , looks duplicate ip addresses on private or internal switch (only external virtual switch receives dhcp, not sure how other internal/private switches obtain ip info). if place 3 students on new server (6 vms total [3 dcs , 3 clients]), first 2 vms appear fine attempting login anyother dc results in error: "the local security authority cannot contacted", can guess getting confused on real dc. the host has 3 internal switches , 1 external switch internet access. is there way isolate each student's environment? guessing system center can looking other possible solutions. thank you, joe you have behav...

hi , we planing migrate our file server windows server 2008 r2 windows server 2008 r2 in same domain. currently using disk quotas. here 2 questions: 1. how transfer disk quotas destination server? 2. how retain folder sharing while migration? firstly @ - http://tech net.microsoft.com/en-us/library/dd379487.aspx you can transfer quota limits going volume properties - quota - entries , import them on new box. regards, vik singh "if thread answered question, please click on "mark answer" Windows Server  >  Migration

hi there we have setup adfs 2.0 instance web based application.  trying extract country attribute active directory store when creating new rule specific list of attributes available. can give headsup on how add new attributes available list?  (specifically co attribute ad). any appreciated. thanks hi, if create claim rules in deploying adfs 2.0, think refer link below: title : configuring claim rules url : http://technet.microsoft.com/en-us/library/ee913571(v=ws.10).aspx there many examples create rule based on objects. of course, visit msdn website overview of ad fs 2.0 attribute store: title : ad fs 2.0 attribute store overview url : http://msdn.microsoft.com/en-us/library/ee895358.aspx if have inquiry script, think ask inquiry according link below: title : official scripting guys forum! url : http://social.technet.microsoft.com/forums/en/itcg/threads if have unclear adfs claims based access, ask question below: title : claims based...

hi all, i setup network policies below: i still need go user dial in allow access. ac otherwise, can't login success. authentication details: connection request policy name: nap 802.1x (wireless) network policy name: connections other access servers authentication provider: windows authentication server: dc02.domain.local authentication type: peap eap type: microsoft: secured password (eap-mschap v2) account session identifier: - logging results: accounting information written local log file. reason code: 65 reason: network access permission setting in dial-in properties of user account in active directory set deny access user. change network access permission setting either allow access or control access through nps network policy, obtain properties of user account in active directory users , computers, click dial-in tab, , change network access permission. thanks. hi mick, please uncheck ignore user account di...

hi, i writing script exchange mailbox related licenses. using following script exchange related license options. ps c:\> get-msolaccountsku | foreach{ $_.servicestatus} | foreach{$_.serviceplan} | where-object {$_.servicetype -eq 'exchange'} and output follows here output contain list of exchange licenseoptions. exchange_s_enterprise is licenseoption creates mailbox user. want script returns mailbox related licenseoptions,in case exchange_s_enterprise option. there other approach or suggestions appreciated thanks hi, since issue more related office 365, recommend can post in office 365 forum more effective support. manage office 365 thanks understanding. best regards, anna Windows Server  >  Windows PowerShell ...

hello everybody, i ( 2 weeks ago ) deployed printers via gpo in server 2008r2. clients windows 7 professional. now want change name of printer. safe to change in "print management" or need additional steps ( hit update button ) :)? this silly question don't have test machine ( unfortunately ) if confirm work appreciated? andre seems have deploy new 1 , remove old one. see.... http://serverfault.com/questions/437793/renaming-deployed-printers regards, vik singh "if thread answered question, please click on "mark answer" Windows Server  >  Windows Server General Forum

i have installed windows server 2016 trial version. of client systems continuous issue of "the recycle bin on d:\ corrupted. want empty recycle bin drive?". whatever give yes or no drive not accessible. this error started only after server setup. i have tried possible options given in discussion forums , blogs, issue remain same. hi, please try below command on system manually remove recycle bin folder: rd /s /q d:\$recycle.bin then, re-start system , check result. besides, can re-start system in clean boot, , confirm if problem happens again. perform clean startup determine whether background programs interfering game or program: https://support.microsoft.com/en-us/help/331796/perform-a-clean-startup-to-determine-whether-background-programs-are-i best regards, eve wang please remember mark replies answers if help. if have feedback technet subscriber support, contact tnmff@microsoft.com . ...

physical host - server 2012r2 datacenter direct access server2012r2 standard ( hyper-v vm) vm member of: -administrators -cert publishers -domain admins -domain users -enterprise admins -iis_isurs -schema admins when try ad add certificate via mmc add-on this: i may have answer want informed response before proceed. no t have adcs role in domain. should add comply certificate request or there somethin else need do? if need add adcs, membership should server have? john lenz i may have answer want informed response before proceed. no t have adcs role in domain. should add comply certificate request or there somethin else need do? if need add adcs, membership should server have? john lenz hi john, yes need deploy enterprise ca if want request certificates via certificates snap-in. the enterprise ca server needs domain-joined. you may find detailed configuration steps within article below: pki windows server 2012 r2 active dir...

is there way find user accounts in active directory don't meet password requirements?  have enabled group policy password requirements , of our users have been forced change complex password.  i've discovered there additional accounts used services still enabled don't have password , haven't been required update - though group policy applied account.  there way search or disable accounts don't meet requirements? hi, thank post. no direct way check account password complexity. query accounts password never expired or password no change days more max password age policy, check password 1 one. password never expired query: dsquery * -filter "(&(objectcategory=person)(objectclass=user)(useraccountcontrol:1.2.840.113556.1.4.803:=65536))" password no change days query: dsquery user -stalepwd 60 if there more inquiries on issue, please feel free let know. regards rick tan technet community support ...

we have 5 windows server datacenter edition sp1 servers in cluster.  @ least 1 server per week starts getting error below , once occurs can no longer add new virtual machines cluster via scvmm until remove affected server cluster. so far thing has worked complete reinstall.  after full reinstall backup wmi repository, turn on shadow copies , create backup of c: drive.  once error begins have tried restore wmi repository no luck, restore x32 , x64 wbeb , inf folders our backups , search through shadow copy shows no modified files around time errors begin. we cannot find change causes start nor fix it. anyone have a thought? log name:      application source:        application error date:          2/19/2009 8:01:55 pm event id:      1000 task category: (100) level:         error keywords:      classic user:          n/a computer:      srv1.domain.net description: faulting application wmiprvse.exe, version 6.0.6001.18000, time stamp 0x4791950f, faulting module ntdll.dll, version 6.0.6001...

am trying logon remortely windows 2003 server, keep on getting following error:'the system cannot log on due following error: access denied. please trya again or consult system administrator', after restart server able log on server, might coursing this? i'd check event logs clues.       regards, dave patrick .... microsoft certified professional microsoft mvp [windows] Windows Server  >  Remote Desktop Services (Terminal Services)

i have users on thin clients log on desktop session our 2008r2 rdsh farm.  each user has ts profile follows them whatever server log into.   we're planning switch our main line of business application hosted, , intend set cross forest trust allow our users log onto desktop session on host's rdsh servers existing accounts our domain.  as understand it, roaming profiles or gpo's our side of trust blocked default being applied on side of trust, correct? if so, can host maintain separate roaming tsprofiles on side used when our users log on terminal servers?  assuming have multiple rdsh servers , connection broker load balance between them, not want our users have local profiles on each individual server might log in to.   thanks! hi, it depends on how putting trust in place, , type of application been used etc. if go down forest trust roaming profiles accounts domain if policies setup correctly - depending on link speed , profile size may not want ...

http://app.en25.com/e/es.aspx?s=1403&e=10542&elq=698e5ddb13714af796ea825af93c0f05   warns of unexpected output from   function convert-dollar2euro($amount, $rate=0.8) { write-output $amount * $rate }   that needs rewritten as   function convert-dollar2euro($amount, $rate=0.8) { write-output ($amount * $rate) }   or perhaps   function convert-dollar2euro($amount, $rate=0.8) { $convertedamount = $amount * $rate write-output $convertedamount }   or even   function convert-dollar2euro($amount, $rate=0.8) { $amount * $rate }     Windows Server  >  Windows PowerShell

ok, 1 of thorniest update problems...i using wsus on network, , of updates on desktop client running, except kb2847927 ...it keeps failing.  have cleaned trojan/viruses, have run chkdsk /r, have done of recommended fixes correct antivirus problems (mcafee), , fixed windows firewall (and related base filtering engine service).  have run recommended subinacl.exe fix (as admin), , apparently fixed things, here's said after running in command shell: ************ hkey_classes_root\x509enrollment.cx509policyserverurl.1 - regsetkeysecurity erro r : 5 access denied. x509enrollment.cx509policyserverurl.1\clsid : delete perm. ace 3 nt authority\sy stem x509enrollment.cx509policyserverurl.1\clsid : delete perm. ace 2 nt authority\sy stem x509enrollment.cx509policyserverurl.1\clsid : new ace nt authority\system hkey_classes_root\x509enrollment.cx509policyserverurl.1\clsid - regsetkeysecurit y error : 5 access denied. x509enrollmen...

i have folder "division restricted folders" has 11 aces applied, 6 of aces inherited (see acl = "division restricted folders"). of remaining 5 directly applied / not inherited aces, 1 of them "identityreference: parentdomain\provisioning - rf" set apply "this folder, subfolders , files". other 4 not inherited aces set "this folder only". issues when create subfolder "test" within "division restricted folders", single additional ace "identityreference: parentdomain\provisioning - rf"  that set apply "this folder, subfolders , files" applied folder "test" not inherited (see acl = "test"). seems weird because ace inherited, seems un-inherited itself? i'm confused. else note, not sure if help, if make subfolder within "test" same thing happens aces propagate down the "identityreference: parentdomain\provisioning - rf" ace shows again not in...

we have smtp relay set on different server. have tried set email notifications wsus server. following error when trying test. using outlook 365. i've tried using ports 25 , 587 respectively. ides? in advance! system.net.mail.smtpexception: smtp server requires secure connection or client not authenticated. server response was: 5.7.1 client not authenticated    at microsoft.updateservices.internal.baseapi.soapexceptionprocessor.deserializeandthrow(soapexception soapexception)    at microsoft.updateservices.internal.databaseaccess.admindataaccessproxy.sendtestemail(string emaillanguage, string smtpusername, string senderemailaddress, string smtphostname, int32 smtpport, string recipients)    at microsoft.updateservices.internal.baseapi.emailnotificationconfiguration.sendtestemail()    at microsoft.updateservices.ui.snapin.dialogs.emailnotificationsettingsdialog.backgroundworker_dowork(object sender, doworkeventargs e) we have smtp...

my word docx file got damaged due virus infected docx file, have crucial important data lost how repair corrupted docx files. if have solution recover , repair corrupted docx file, please assist me. word repair toolbox recover, repair , open corrupt ms word docx file repair virus infected word docx file. word repair toolbox has important features produce instant recovery task within snip. word recovery has inbuilt algorithms quick recovering procedure.  http://www.docxrepairtoolbox.com/ Microsoft Office  >  Word IT Pro Discussions

everyone in our office seems seeing same issue: using custom toolbar on taskbar list of shortcuts files on our new server 2012 file server super slow. can take 20-30 seconds open shortcut list first time after logging in or after not using couple hours. seems same speed whether there couple files in list or if there 15. how 'custom toolbar' created?  since having issues, issue 'custom' code. . : | : . : | : . tim Windows Server  >  Windows Server 2012 General

hello,   anyone here ever   implemented   something this   in windows   server 2003 . server has   three   network cards.   lan1,   lan2   and   lan3 , each   lan has   a   subnet , respectively   192.168.0.0/24   -   192.168.1.0/24   and 192.168.2.0/24 . all   network cards   are connected in   a   single switch. the computers   on network   pick up   ip address   according to   the segment to which belongs , control   is done   by mac   address,   poe   example:   computer mac   00 : e1 :   fg : x:   x:   x   takes   ip   192.168.0.30/24 ,   with gateway   and dns ,   then computer 's   mac   01:00 : e1 : x:   x:   x   takes   ip   192.168.0.55/24   also   due   to the gateway   and dns . this ...

hey guys,  so have server 32 gigs of ram intel xeon 3.4 ghz processor.  i have domain controller on bare metal server windows server 2012 datacenter on , have 2 hyper-v machines.  one sccm , other sharepoint.  i have server same config. bare metal server works exchange server 2 hyper-v vm's servers domain controller backup , sql 2012 cluster server.  i have been getting extreme slowness in sccm vm. worse. have tried changing virtual processors on it, changing ram settings, nothing working.  any suggestions?  thanks people!  hi bob, does hyper-v host slow? and, have tried use resource monitor, performance monitor or other process tools troubleshoot issue. thank. jeremy wu technet community support Windows Server  >  ...

hello all, currently out of space on our host, have moved our .vhd on qnap nas , try start it. however, doesn't work , need know if possible so. the problem came fact backup snapshots running in background , no 1 knows it. when found out, late because there no more space available make merge. anyone have ideas? johnny qnap nas  must support smb 3.0 , hyper-v must @ 2012 or later.  need configure permissions on smb share. .:|:.:|:. tim Windows Server  >  Hyper-V

hi all, i'm attempting setup dfsr between windows 2003 r2 server , windows 2008 r2 server. i've done setup between other 2003 , 2008 servers without issue, latest 1 isn't going smoothly. i've setup replication group between servers , test replication folders, , setup wizard reports ok, verify topology option reports ok. no matter how long leave though, initial replication won't start. think i've identified few things seem weird. on source server notice "dfsrprivate" folders aren't appearing in of folders i've setup replication. on destination server, these folders appearing. on destination server getting messages in event log server establishing inbound connections source server, i'm not getting such messages in event viewer on source server. i'm not getting errors either. i've tried restarting servers , stopping , starting dfsr service, doesn't help. find strange there no errors appearing in event logs. ha...

i downloaded windows6.1-kb2483139-x64-en-us.exe when ran on windows server 2008 r2 sp1 (as administrator) not run properly.  noticed created new cabinet file named "lp" briefly, deleted it.  nothing else appears on screen.   my goal install chinese display fonts on server.  please help. hi, first of all, if want chinese display language, need choose chinese in drop down list on download page. here's direct link in case need it. http://www.microsoft.com/en-us/download/details.aspx?id=2634 (chinese simplified...) windows6.1-kb2483139-x64- zh-cn. exe file name chinese simplified language pack. 1. exefile extracts file cabinet lp.cab file need import language pack. 2. start lpksetup . exe and point out cab-file extracted. if want cmdline, can dism in elevated command prompt well: dism /online /add-package /packagepath:c:\test\lp.cab note still need create policy or change default language in way users. read more on topic on: http:...

does know how remove child domain 2008 ad? i created child domain , had 1 dc in it, server crashed , no longer available. i tried using ntdsutil when try select site under list domains keep getting following error no matter site choose: error parsing input-invalid syntax i tried restore of system state using symantec backup agent doesn't seem work, server not rejoin domain , can not connect child domain in. please , in advanced. howdie! have checked http://support.microsoft.com/kb/230306/en-us/  and http://support.microsoft.com/kb/216498/en-us ? cheers, florian microsoft mvp - group policy (http://www.frickelsoft.net/blog) Windows Server  >  Directory Services

hi, we using xerox workcenter 232 network printer installed in 1 windows server 2003 , 1 windows server 2008 r2. whenever users (all) giving prints through windows server 2003 getting problem,like if give 2 printer automatically 200 300 junk print outs coming.we using mcafee antivirus.for contacted vendor checked , nothng found. but whil giving prinouts other server not facing problem.even contacted printer vendor checked didn't found anything. finally suspecting problem os please suggest me.   hi, check print device driver on 2003 box , ensure of latest version (and correct os, well). regards, salvador manaois iii mcse mcsa mcts mcitp:ea/sa c|eh ciwa ---------------------------------------------------------------------------- bytes & badz : http://badzmanaois.blogspot.com my passion : http://flickr.com/photos/badzmanaois my scripting blog : http://sgwindowsgroup.org/blogs/badz   ...

i'm remoting windows 8 machine windows 8 machine @ 1920x1200. remote touch keyboard doesn't scale fill comfortable width , height on screen. there way make keyboard 'stretch' on normal desktop when screen resolution goes up? thanks. hi, seems design.i didn't tested yet.as see,the new metric panel designed touching screen. you can refer designing windows 8 touch keyboard more info: http://blogs.msdn.com/b/b8/archive/2012/07/17/designing-the-windows-8-touch-keyboard.aspx regards, clarence technet subscriber support if technet subscription user , have feedback on our support quality, please send feedback here . please remember click “mark answer” on post helps you, , click “unmark answer” if marked post not answer question. can beneficial other community members reading thread. Windows Server  >  ...