Windows Server 2008 DHCPv6 Stateless and Stateful Mode

Windows Server® 2008 supports stateless and stateful DHCPv6 server functionality. DHCPv6 stateless mode clients use DHCPv6 to obtain network configuration parameters other than the IPv6 address, such as DNS server addresses. Clients configure an IPv6 address through a non-DHCPv6 based mechanism such as IPv6 address auto-configuration (based on the IPv6 prefixes included in router advertisements), or static IP address configuration.

In DHCPv6 stateful mode, clients acquire both the IPv6 address as well as other network configuration parameters through DHCPv6.

Reference: http://technet.microsoft.com/en-us/library/cc753493.aspx

Cannot Add User Account in Windows 7 Home Premium

Local Users and Groups management console (MMC) is not available in Windows 7 Starter and Home Premium.  Adding use account in these versions is through Control Panel / User Account.  If you get an error “The specified account is not valid, because account names cannot contain the following character…. Please type a different name”,

Here is how to troubleshoot

1. Verify the user account name do not contain the listing characters.
2. This error also happens when the user account name already exists.  Because the disabled account is hidden from Control Panel / User Account, type “net user” in the command prompt to view all user accounts.

Hide User Account in Windows 7 Logon Screen

One way to hide user account in Windows 7 logon screen is to disable the account if it is no longer in use.  This is probably the easiest way.

User account management usually is in Local Users and Groups management console (MMC).  For Windows 7 Professional and Enterprise Edition, user account can be disabled there.  However Local Users and Group MMC is not available in Windows 7 Starter and Home Premium Edition.  But it can be done through “net user” in the command line.

1. Launch Command Prompt as administrator.
2. Enter “net user” to list all the local user account.
3. Enter “net user <user name> /active:no” to disable the account.
4. Once the account is disabled, it is hidden from the logon screen and Control Panel/User Accounts.
5. To reactivate the account, enter “net user <user name> /active:yes”.

Active Directory Naming Conventions

This KB article includes the Active Directory naming conventions

• Allowed characters
• Disallowed characters
• Minimum name length
• Maximum name length
• Reserved names
• Best practices

for

• Computers
• NetBIOS computer names
• DNS computer names
• Domains
• NetBIOS domain names
• DNS domain names
• Sites
• OUs

Install Remote Server Administration Tools (RSAT) on Windows 7 with Service Pack (SP1)

Remote Server Administration Tools (RSAT) for Windows 7 cannot be installed on computers that are running Windows 7 with Service Pack (SP1).  The error message is “This update is not applicable to your computer”.  This is because Service Pack 1 includes updates components for RSAT.

The resolution is to install RSAT tools before installing Service Pack 1 for Windows 7.  If SP1 is already installed, uninstall SP1, install RSAT tools, and then reinstall SP1.

According to RSAT download site, RSAT for Windows 7 with SP1 is scheduled for release in Spring 2011.

Windows Update Scanning Error Fix

If the Windows Update database and manifest corrupted, Windows Update scan can take a long time or crash.  The following may fix this problem.

1. Run the Windows Update troubleshooter
2. Run the System Update Readiness Tool
3. Run the System File Checker (sfc) from Administrator Command Prompt. “sfc /scannow”
4. Rename and recreate the SoftwareDistribution and Catroot2 folders
• Stop the Windows Update service and its related services
• net stop wuauserv
• net stop bits
• net stop cryptsvc
• If the Windows Update service can not be stopped, change its startup type to Disabled, then reboot the computer.
• Rename %windir%\SoftwareDistribution
• Rename %windir%\system32\Catroot2
• Start the Windows Update service and change its startup type to Automatic (Delayed Start).
5. Re-register all the Windows Update DLLs (stop wuauserv, bits, and cryptsvc services first)
• regsvr32 c:\windows\system32\vbscript.dll /s
  regsvr32 c:\windows\system32\mshtml.dll /s
  regsvr32 c:\windows\system32\msjava.dll /s
  regsvr32 c:\windows\system32\jscript.dll /s
  regsvr32 c:\windows\system32\msxml.dll /s
  regsvr32 c:\windows\system32\actxprxy.dll /s
  regsvr32 c:\windows\system32\shdocvw.dll /s
  regsvr32 wuapi.dll /s
  regsvr32 wuaueng1.dll /s
  regsvr32 wuaueng.dll /s
  regsvr32 wucltui.dll /s
  regsvr32 wups2.dll /s
  regsvr32 wups.dll /s
  regsvr32 wuweb.dll /s
  regsvr32 Softpub.dll /s
  regsvr32 Mssip32.dll /s
  regsvr32 Initpki.dll /s
  regsvr32 softpub.dll /s
  regsvr32 wintrust.dll /s
  regsvr32 initpki.dll /s
  regsvr32 dssenh.dll /s
  regsvr32 rsaenh.dll /s
  regsvr32 gpkcsp.dll /s
  regsvr32 sccbase.dll /s
  regsvr32 slbcsp.dll /s
  regsvr32 cryptdlg.dll /s
  regsvr32 Urlmon.dll /s
  regsvr32 Shdocvw.dll /s
  regsvr32 Msjava.dll /s
  regsvr32 Actxprxy.dll /s
  regsvr32 Oleaut32.dll /s
  regsvr32 Mshtml.dll /s
  regsvr32 msxml.dll /s
  regsvr32 msxml2.dll /s
  regsvr32 msxml3.dll /s
  regsvr32 Browseui.dll /s
  regsvr32 shell32.dll /s
  regsvr32 wuapi.dll /s
  regsvr32 wuaueng.dll /s
  regsvr32 wuaueng1.dll /s
  regsvr32 wucltui.dll /s
  regsvr32 wups.dll /s
  regsvr32 wuweb.dll /s
  regsvr32 jscript.dll /s
  regsvr32 atl.dll /s
  regsvr32 Mssip32.dll /s

Internet Explorer 9 Tracking Protection Feature

The RTM version of Internet Explorer 9 builds in the tracking protection feature.  This feature is disabled by default.  It can be enabled through Tools, Safety, Tracking Protection.

Once the feature is enabled, you can subscribe the third-party tracking protection lists (TPLs) through http://ie.microsoft.com/testdrive/Browser/TrackingProtectionLists/Default.html

Remove the Backed Up Files After Windows 7 / Windows Server 2008 R2 SP1

dism /online /cleanup-image /spsuperseded

Windows 7 or Windows Vista Wake Timer

Windows Vista and later support wake timers that scheduled tasks can use, allowing a system to automatically wake from sleep or hibernate at a certain time.

• Schedule a task:
• Launch Task Scheduler, Conditions tab, select Wake the computer to run this task.
• List all active wake timers
• Cmd, powercfg –waketimers
• List all devices that are capable of waking a machine from sleep
• Cmd, powercfg –devicequery wake_armed

Setup Windows Server 2008 and R2 DHCP Scope

Q. How do I create a DHCP scope in Windows Server 2008 and Server 2008 R2?

A. DHCP is a key service to enable the dynamic allocation of IP addresses to your network. Without DHCP, each machine has to be manually configured with an IP address, gateway, and DNS information. This might work for a small number of servers, but in any sizable environment, the ability for clients to dynamically get IP addresses is vital.

Windows has long had a DHCP service, and it has improved with each new version. In Server 2008 and later, DHCP is a server role that's added through Server Manager. Once you've added the DHCP Server role, you need to configure a scope—a set of IP addresses the DHCP service can allocate from to give to requesting clients. It's important that the DHCP scope you define consists of IP addresses that aren't used on any machine in the network (such as statically defined on a server) nor part of a scope on another DHCP server. Duplicate IP addresses in an environment will cause major problems, and it's always good practice to have an IP allocation scheme and tracking. Some organizations use IP addresses 10-50 of each subnet for servers and printers, 60-240 for DHCP clients, and so on.

Once the DHCP Server role is installed, you need to authorize the DHCP server by navigating to the DHCP Server role in server manager, selecting the server, and selecting Authorize. You can now create a scope.

1. Navigate to DHCP Server, the server's name, IPv4.
2. Select New Scope from the actions.
3. Click Next to the introduction wizard screen.
4. You'll be prompted for a name for the scope and a description. Make it meaningful, such as the IP addresses in the scope, and click Next.
5. Enter the starting IP address, the ending IP address, and the subnet mask detail and click Next.

   

6. You can now add specific IP address ranges that should be excluded from the scope. Maybe you have some servers that have IP addresses within the range you're allocating to DHCP, which therefore shouldn't be given to clients. You can also set a delay time, which is the amount of time the DHCP server will wait before responding to DHCP requests. Click Next.
7. Set the length of time for the IP address lease. The longer the lease time, the less frequent machines have to renew the address—but that means clients keep the address longer. If you have a lot of through traffic of machines on the network, you don't want those machines keeping the lease for long, because your scope will run out of addresses. Set a small lease, maybe a day. Click Next.
8. You can configure DHCP options, such as default gateway, DNS servers, WINS servers, etc. Or select No and set them later, or at a server level (for things like DNS server etc). Default gateway will likely be different for each scope. Click Next.
9. Click to activate the scope, and you're done.
10. If you wanted to select items like DNS and WINS at the server level, the settings apply to all scopes on the server. Select Server Options and you can set global options, as shown here.

Once you have DHCP configured, you can run

ipconfig /renew

on your clients and they should get an IP address from your DHCP server. You can see the address with the command ipconfig.

Windows Server Enable or Disable Logging of Printing Events

Windows Server 2008 R2

• Go to: Server Manager -> Diagnostics -> Event Views -> Applications and Service Logs -> Microsoft -> Windows -> PrintService -> Operational -> right click on the right side under Actions "Enable Log".

Windows Server 2003

To enable or disable logging of printing events

1. Open Printers and Faxes.
2. On the File menu, click Server Properties, and then click the Advanced tab.
3. To enable or disable writing spooler error events to the system log file, select or clear the Log spooler error events check box.
4. To enable or disable writing spooler warning events to the system log file, select or clear the Log spooler warning events check box.
5. To enable or disable writing spooler information events to the system log file, select or clear the Log spooler information events check box.
6. Stop and restart the spooler service, or reboot the server.

Notes

• To open Printers and Faxes, click Start, and then click Printers and Faxes.
• By default, all printing events are written to the system log file. If you want to reduce the amount of data that is logged, disable the logging of information events. If you want to further reduce the amount, disable the warning events. Disabling the logging of spooler error events is not recommended.

Delete Right Click Menu Items in Internet Explorer

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt

Account Management Event ID 642 Anonymous Logon

There are more one one DCs (DC1 and DC2, DC1 is the PDC Emulator) in a domain.  An administrator changes an AD user account attribute, e.g. changing password/unlocking account, on DC2.

On DC2, two security events (628 (for password reset) and 642) are logged with the administrator user id.  On DC1 (the PDC emulator), only one event (642) is logged with NT Authority\Anonymous Logon.

I agree the event ID 642 on DC1 is created by the replication of the changes to the DC holding the PDC Emulator role.  Sometimes, I also see this happened on a non PDC Emulator DC.

Research:
http://social.technet.microsoft.com/Forums/en/winserverDS/thread/bf847f47-5637-453a-8752-9b985f8118f7

http://social.technet.microsoft.com/Forums/en/winserverDS/thread/65703372-53a6-434a-a9fb-0ad03ab9132c

Microsoft Remote Desktop Connection Manager (RDCMan)

http://msexchangeteam.com/archive/2010/06/11/455115.aspx

or Remote Desktop Manager: http://remotedesktopmanager.com/

Delete File Name Includes An Invalid Name

http://support.microsoft.com/kb/320081
del "\\?\c:\path_to_file_that contains a trailing space.txt "

subinacl /onlyfile "\\?\c:\path_to_problem_file" /setowner=domain\administrator /grant=domain\administrator=F

Or

rmdir /s <drive:><path>

Reset Windows Password

• Change or Reset Windows Password from a Ubuntu Live CD
• Ophcrack

Error 2753 The file “???” is not marked for installation

Get this error when trying to remove an application managed by a group policy installer package.

Fix: Install Windows Installer CleanUp Utility (msicuu2) to remove the application.

Access SkyDrive as a Map Drive

Requirement:

• Windows 7 (some says Windows XP would work, not test)
• Office 2010 (beta is fine; need to verify if this is optional)
• Windows Live account

Set up:

• Download SkyDrive Simple Viewer for WebDAV
• Run dumpurls.exe <Windows Live UserName> <Password> to get a list of addresses
• Map a network drive with one of the addresses
• Enter Windows Live ID and password

Add “Text Document” Entry Back to Windows Explorer Right-Click New Menu

Restore the default associations for TXT files

http://www.dougknox.com/xp/file_assoc.htm

Install Nagios Client (NC_Net) On Windows Server 2008

1. Create a shortcut to the MSI package. C:\Windows\System32\msiexec.exe /i "C:\Users\eluadmin\Desktop\NC_Net_setupV4.4.0.msi"
2. Right click the shortcut and select “Run as administrator”