Microsoft Launch Office 365 Yesterday. Its a Quite Good tool which offering Office,Exchange, SharePoint and Lync (Chat) which means you can work anywhere any time. Thanks to the Cloud Computing.
Office 365 trial Download
Office 365 trial Download
Wednesday, June 29, 2011
Monday, June 27, 2011
How to stop Folder Redirection in Windows Server 2003 and in Windows 2000 Server?
Posted on 8:59 AM by Unknown
After you have successfully deployed a Folder Redirection Group Policy object (GPO) in your site, you may want to stop Folder Redirection for one or more users. However, before you try to stop Folder Redirection, you must first enable the Redirect the folder back to the local userprofile location when policy is removed Group Policy setting.
Important After you modify a GPO and enable the Redirect the folder back to the local userprofile location when policy is removed Group Policy setting, all users who you want to stop Folder Redirection must log off and then log on again. This is to make sure that the updated GPO settings are applied before you stop Folder Redirection.
To stop Folder Redirection, follow these steps:
Enable the Redirect the folder back to the local userprofile location when policy is removed Group Policy setting. To do this, follow these steps:
Click Start, point to Programs, point to Administrative Tools, and then click Active Directory Users and Computers.
In the Active Directory Users and Computers console tree, locate the site, domain, or organizational unit that contains the users who you want to apply the updated GPO to.
Right-click the object, such as the organizational unit, and then click Properties.
Click the Group Policy tab.
Click the GPO that contains your Folder Redirection policy setting in the Group Policy Object Links list, and then click Edit.
In the Group Policy console tree, expand User Configuration, expand Windows Settings, and then expand Folder Redirection.
Right-click Application Data, and then click Properties.
Click the Settings tab.
In the Policy Removal box, click to select the Redirect the folder back to the local userprofile location when policy is removed policy setting, and then click OK.
Repeat steps g through i for the Desktop, My Documents, and Start Menu objects.
Close the Group Policy dialog box, and then close the Properties dialog box for the object that you selected in step c.
Important All users who are affected by your GPO modification must log off and back on to any computers where they have logged on before the changes are applied. You must apply these changes to the user's computer before you go to the next step.
When all users have logged off and then logged back on, and the updated GPO for Folder Redirection has been applied, use one of the following methods to stop Folder Redirection:
Method 1: Remove the user from the organizational unit where the folder redirection GPO is applied to a different organizational unit that does not redirect folders. To do this, follow these steps:
Important Move the user accounts, do not delete the GPO.
In the console tree of Active Directory Users and Computers, right-click DomainName, and then click Find.
Click Users, Contacts, and Groups in the Find box.
Type the name of the user account, and then click Find Now.
In the Search results box, right-click the user account, and then click Move.
In the Container to move object to box, locate a security group that does not have Folder Redirection policy enabled, and then click OK.
Method 2: Modify the security properties of the GPO to deny the user or group Read permissions and Apply Group Policy permissions to that GPO. This enables other GPO's to be applied to the user, while making sure that the folder redirection policy setting is not applied. To do this, follow these steps:
Click Start, point to Programs, point to Administrative Tools, and then click Active Directory Users and Computers.
In the Active Directory Users and Computers console tree, right-click the organizational unit object or domain object that has the Group Policy Object whose security properties that you want to change, and then click Properties.
In the Properties dialog box for the object, click the Group Policy tab, select the GPO that you want to change from the list, and then click Properties.
In the GPO Properties dialog box, click the Security tab, and then change the permissions so that only the required users have the Read and Apply Group Policy permissions. For users where the GPO does not apply, make sure that you click to select the Deny check box for the Read and Apply Group Policy permissions. Click OK two times.
Note Make sure that Administrators have Read and Write permissions for the GPO.
After you use one of these methods, Folder Redirection will be stopped the next time that the user processes this GPO. By default, the object is cached on the user's computer and will not be updated unless another change is detected. To force an update, you must follow these additional steps:
Create or modify a GPO that applies to the computers on which users who are affected by folder redirection policies log on.
Edit the GPO.
Under Computer Configuration, expand Administrative Templates.
Under Administrative Templates, expand System.
Under System, select Group Policy.
Double-click the Folder Redirection policy processing setting
Select the Enabled option, and then click to select the second check box. (Process even if the Group Policy objects have not changed.)
Exit the Group Policy Object Editor. Make sure that this new GPO applies to computer accounts for which users are using folder redirection.
After you apply this policy change, the computers can detect the updated folder redirection policy and will honor the changes that have been made to stop using folder redirection.
Note After a Folder Redirection GPO is applied to a user profile, those Group Policy settings are retained locally on the user's computer. Group Policy settings are changed only when a new or modified GPO is applied to the user or computer.
Please refer:-
http://support.microsoft.com/kb/888203
Important After you modify a GPO and enable the Redirect the folder back to the local userprofile location when policy is removed Group Policy setting, all users who you want to stop Folder Redirection must log off and then log on again. This is to make sure that the updated GPO settings are applied before you stop Folder Redirection.
To stop Folder Redirection, follow these steps:
Enable the Redirect the folder back to the local userprofile location when policy is removed Group Policy setting. To do this, follow these steps:
Click Start, point to Programs, point to Administrative Tools, and then click Active Directory Users and Computers.
In the Active Directory Users and Computers console tree, locate the site, domain, or organizational unit that contains the users who you want to apply the updated GPO to.
Right-click the object, such as the organizational unit, and then click Properties.
Click the Group Policy tab.
Click the GPO that contains your Folder Redirection policy setting in the Group Policy Object Links list, and then click Edit.
In the Group Policy console tree, expand User Configuration, expand Windows Settings, and then expand Folder Redirection.
Right-click Application Data, and then click Properties.
Click the Settings tab.
In the Policy Removal box, click to select the Redirect the folder back to the local userprofile location when policy is removed policy setting, and then click OK.
Repeat steps g through i for the Desktop, My Documents, and Start Menu objects.
Close the Group Policy dialog box, and then close the Properties dialog box for the object that you selected in step c.
Important All users who are affected by your GPO modification must log off and back on to any computers where they have logged on before the changes are applied. You must apply these changes to the user's computer before you go to the next step.
When all users have logged off and then logged back on, and the updated GPO for Folder Redirection has been applied, use one of the following methods to stop Folder Redirection:
Method 1: Remove the user from the organizational unit where the folder redirection GPO is applied to a different organizational unit that does not redirect folders. To do this, follow these steps:
Important Move the user accounts, do not delete the GPO.
In the console tree of Active Directory Users and Computers, right-click DomainName, and then click Find.
Click Users, Contacts, and Groups in the Find box.
Type the name of the user account, and then click Find Now.
In the Search results box, right-click the user account, and then click Move.
In the Container to move object to box, locate a security group that does not have Folder Redirection policy enabled, and then click OK.
Method 2: Modify the security properties of the GPO to deny the user or group Read permissions and Apply Group Policy permissions to that GPO. This enables other GPO's to be applied to the user, while making sure that the folder redirection policy setting is not applied. To do this, follow these steps:
Click Start, point to Programs, point to Administrative Tools, and then click Active Directory Users and Computers.
In the Active Directory Users and Computers console tree, right-click the organizational unit object or domain object that has the Group Policy Object whose security properties that you want to change, and then click Properties.
In the Properties dialog box for the object, click the Group Policy tab, select the GPO that you want to change from the list, and then click Properties.
In the GPO Properties dialog box, click the Security tab, and then change the permissions so that only the required users have the Read and Apply Group Policy permissions. For users where the GPO does not apply, make sure that you click to select the Deny check box for the Read and Apply Group Policy permissions. Click OK two times.
Note Make sure that Administrators have Read and Write permissions for the GPO.
After you use one of these methods, Folder Redirection will be stopped the next time that the user processes this GPO. By default, the object is cached on the user's computer and will not be updated unless another change is detected. To force an update, you must follow these additional steps:
Create or modify a GPO that applies to the computers on which users who are affected by folder redirection policies log on.
Edit the GPO.
Under Computer Configuration, expand Administrative Templates.
Under Administrative Templates, expand System.
Under System, select Group Policy.
Double-click the Folder Redirection policy processing setting
Select the Enabled option, and then click to select the second check box. (Process even if the Group Policy objects have not changed.)
Exit the Group Policy Object Editor. Make sure that this new GPO applies to computer accounts for which users are using folder redirection.
After you apply this policy change, the computers can detect the updated folder redirection policy and will honor the changes that have been made to stop using folder redirection.
Note After a Folder Redirection GPO is applied to a user profile, those Group Policy settings are retained locally on the user's computer. Group Policy settings are changed only when a new or modified GPO is applied to the user or computer.
Please refer:-
http://support.microsoft.com/kb/888203
Tuesday, June 14, 2011
http://whatismyipaddress.com/
Posted on 10:58 PM by Unknown
To know your internet IP Simply click on above link and you will found the IP which giving you access to the Global Network(Internet).
Thursday, June 9, 2011
Schedule task Getting failed on Windows Server 2008.
Posted on 11:05 PM by Unknown
I found that there are many task schedulted in my windows server 2008 DC, those should run to complete some particular Job at particular time.
Today morning I found that there are some error/Information in the form of Code on task Schedular Library.
Below is the details of code which shown in Task Schedular Library. I hope it helps:-
SCHED_S_TASK_READY
0x00041300
The task is ready to run at its next scheduled time.
SCHED_S_TASK_RUNNING
0x00041301
The task is currently running.
SCHED_S_TASK_DISABLED
0x00041302
The task will not run at the scheduled times because it has been disabled.
SCHED_S_TASK_HAS_NOT_RUN
0x00041303
The task has not yet run.
SCHED_S_TASK_NO_MORE_RUNS
0x00041304
There are no more runs scheduled for this task.
SCHED_S_TASK_NOT_SCHEDULED
0x00041305
One or more of the properties that are needed to run this task on a schedule have not been set.
SCHED_S_TASK_TERMINATED
0x00041306
The last run of the task was terminated by the user.
SCHED_S_TASK_NO_VALID_TRIGGERS
0x00041307
Either the task has no triggers or the existing triggers are disabled or not set.
SCHED_S_EVENT_TRIGGER
0x00041308
Event triggers do not have set run times.
SCHED_E_TRIGGER_NOT_FOUND
0x80041309
A task's trigger is not found.
SCHED_E_TASK_NOT_READY
0x8004130A
One or more of the properties required to run this task have not been set.
SCHED_E_TASK_NOT_RUNNING
0x8004130B
There is no running instance of the task.
SCHED_E_SERVICE_NOT_INSTALLED
0x8004130C
The Task Scheduler service is not installed on this computer.
SCHED_E_CANNOT_OPEN_TASK
0x8004130D
The task object could not be opened.
SCHED_E_INVALID_TASK
0x8004130E
The object is either an invalid task object or is not a task object.
SCHED_E_ACCOUNT_INFORMATION_NOT_SET
0x8004130F
No account information could be found in the Task Scheduler security database for the task indicated.
SCHED_E_ACCOUNT_NAME_NOT_FOUND
0x80041310
Unable to establish existence of the account specified.
SCHED_E_ACCOUNT_DBASE_CORRUPT
0x80041311
Corruption was detected in the Task Scheduler security database; the database has been reset.
SCHED_E_NO_SECURITY_SERVICES
0x80041312
Task Scheduler security services are available only on Windows NT.
SCHED_E_UNKNOWN_OBJECT_VERSION
0x80041313
The task object version is either unsupported or invalid.
SCHED_E_UNSUPPORTED_ACCOUNT_OPTION
0x80041314
The task has been configured with an unsupported combination of account settings and run time options.
SCHED_E_SERVICE_NOT_RUNNING
0x80041315
The Task Scheduler Service is not running.
SCHED_E_UNEXPECTEDNODE
0x80041316
The task XML contains an unexpected node.
SCHED_E_NAMESPACE
0x80041317
The task XML contains an element or attribute from an unexpected namespace.
SCHED_E_INVALIDVALUE
0x80041318
The task XML contains a value which is incorrectly formatted or out of range.
SCHED_E_MISSINGNODE
0x80041319
The task XML is missing a required element or attribute.
SCHED_E_MALFORMEDXML
0x8004131A
The task XML is malformed.
SCHED_S_SOME_TRIGGERS_FAILED
0x0004131B
The task is registered, but not all specified triggers will start the task.
SCHED_S_BATCH_LOGON_PROBLEM
0x0004131C
The task is registered, but may fail to start. Batch logon privilege needs to be enabled for the task principal.
SCHED_E_TOO_MANY_NODES
0x8004131D
The task XML contains too many nodes of the same type.
SCHED_E_PAST_END_BOUNDARY
0x8004131E
The task cannot be started after the trigger end boundary.
SCHED_E_ALREADY_RUNNING
0x8004131F
An instance of this task is already running.
SCHED_E_USER_NOT_LOGGED_ON
0x80041320
The task will not run because the user is not logged on.
SCHED_E_INVALID_TASK_HASH
0x80041321
The task image is corrupt or has been tampered with.
SCHED_E_SERVICE_NOT_AVAILABLE
0x80041322
The Task Scheduler service is not available.
SCHED_E_SERVICE_TOO_BUSY
0x80041323
The Task Scheduler service is too busy to handle your request. Please try again later.
SCHED_E_TASK_ATTEMPTED
0x80041324
The Task Scheduler service attempted to run the task, but the task did not run due to one of the constraints in the task definition.
SCHED_S_TASK_QUEUED
0x00041325
The Task Scheduler service has asked the task to run.
SCHED_E_TASK_DISABLED
0x80041326
The task is disabled.
SCHED_E_TASK_NOT_V1_COMPAT
0x80041327
The task has properties that are not compatible with earlier versions of Windows.
SCHED_E_START_ON_DEMAND
0x80041328
The task settings do not allow the task to start on demand.
Today morning I found that there are some error/Information in the form of Code on task Schedular Library.
Below is the details of code which shown in Task Schedular Library. I hope it helps:-
SCHED_S_TASK_READY
0x00041300
The task is ready to run at its next scheduled time.
SCHED_S_TASK_RUNNING
0x00041301
The task is currently running.
SCHED_S_TASK_DISABLED
0x00041302
The task will not run at the scheduled times because it has been disabled.
SCHED_S_TASK_HAS_NOT_RUN
0x00041303
The task has not yet run.
SCHED_S_TASK_NO_MORE_RUNS
0x00041304
There are no more runs scheduled for this task.
SCHED_S_TASK_NOT_SCHEDULED
0x00041305
One or more of the properties that are needed to run this task on a schedule have not been set.
SCHED_S_TASK_TERMINATED
0x00041306
The last run of the task was terminated by the user.
SCHED_S_TASK_NO_VALID_TRIGGERS
0x00041307
Either the task has no triggers or the existing triggers are disabled or not set.
SCHED_S_EVENT_TRIGGER
0x00041308
Event triggers do not have set run times.
SCHED_E_TRIGGER_NOT_FOUND
0x80041309
A task's trigger is not found.
SCHED_E_TASK_NOT_READY
0x8004130A
One or more of the properties required to run this task have not been set.
SCHED_E_TASK_NOT_RUNNING
0x8004130B
There is no running instance of the task.
SCHED_E_SERVICE_NOT_INSTALLED
0x8004130C
The Task Scheduler service is not installed on this computer.
SCHED_E_CANNOT_OPEN_TASK
0x8004130D
The task object could not be opened.
SCHED_E_INVALID_TASK
0x8004130E
The object is either an invalid task object or is not a task object.
SCHED_E_ACCOUNT_INFORMATION_NOT_SET
0x8004130F
No account information could be found in the Task Scheduler security database for the task indicated.
SCHED_E_ACCOUNT_NAME_NOT_FOUND
0x80041310
Unable to establish existence of the account specified.
SCHED_E_ACCOUNT_DBASE_CORRUPT
0x80041311
Corruption was detected in the Task Scheduler security database; the database has been reset.
SCHED_E_NO_SECURITY_SERVICES
0x80041312
Task Scheduler security services are available only on Windows NT.
SCHED_E_UNKNOWN_OBJECT_VERSION
0x80041313
The task object version is either unsupported or invalid.
SCHED_E_UNSUPPORTED_ACCOUNT_OPTION
0x80041314
The task has been configured with an unsupported combination of account settings and run time options.
SCHED_E_SERVICE_NOT_RUNNING
0x80041315
The Task Scheduler Service is not running.
SCHED_E_UNEXPECTEDNODE
0x80041316
The task XML contains an unexpected node.
SCHED_E_NAMESPACE
0x80041317
The task XML contains an element or attribute from an unexpected namespace.
SCHED_E_INVALIDVALUE
0x80041318
The task XML contains a value which is incorrectly formatted or out of range.
SCHED_E_MISSINGNODE
0x80041319
The task XML is missing a required element or attribute.
SCHED_E_MALFORMEDXML
0x8004131A
The task XML is malformed.
SCHED_S_SOME_TRIGGERS_FAILED
0x0004131B
The task is registered, but not all specified triggers will start the task.
SCHED_S_BATCH_LOGON_PROBLEM
0x0004131C
The task is registered, but may fail to start. Batch logon privilege needs to be enabled for the task principal.
SCHED_E_TOO_MANY_NODES
0x8004131D
The task XML contains too many nodes of the same type.
SCHED_E_PAST_END_BOUNDARY
0x8004131E
The task cannot be started after the trigger end boundary.
SCHED_E_ALREADY_RUNNING
0x8004131F
An instance of this task is already running.
SCHED_E_USER_NOT_LOGGED_ON
0x80041320
The task will not run because the user is not logged on.
SCHED_E_INVALID_TASK_HASH
0x80041321
The task image is corrupt or has been tampered with.
SCHED_E_SERVICE_NOT_AVAILABLE
0x80041322
The Task Scheduler service is not available.
SCHED_E_SERVICE_TOO_BUSY
0x80041323
The Task Scheduler service is too busy to handle your request. Please try again later.
SCHED_E_TASK_ATTEMPTED
0x80041324
The Task Scheduler service attempted to run the task, but the task did not run due to one of the constraints in the task definition.
SCHED_S_TASK_QUEUED
0x00041325
The Task Scheduler service has asked the task to run.
SCHED_E_TASK_DISABLED
0x80041326
The task is disabled.
SCHED_E_TASK_NOT_V1_COMPAT
0x80041327
The task has properties that are not compatible with earlier versions of Windows.
SCHED_E_START_ON_DEMAND
0x80041328
The task settings do not allow the task to start on demand.
Wednesday, June 1, 2011
Description of password-change protocols in Windows
Posted on 7:01 AM by Unknown
Windows uses many different mechanisms for changing passwords. This article describes those mechanisms.
MORE INFORMATION
The supported password-change protocols are:
The NetUserChangePassword protocol
The NetUserSetInfo protocol
The Kerberos change-password protocol (IETF Internet Draft Draft-ietf-cat-kerb-chg-password-02.txt) [port 464]
Kerberos set-password protocol (IETF Internet Draft Draft-ietf-cat-kerberos-set-passwd-00.txt) [port 464]
Lightweight Directory Access Protocol (LDAP) write-password attribute (if 128-bit Secure Sockets Layer [SSL] is used)
XACT-SMB for pre-Microsoft Windows NT (LAN Manager) compatibility
Change-password operations require that the user's current password be known before the change is allowed. Set-password operations do not have this requirement, but are controlled by the Reset Password permissions on the account.
When you are using LDAP (method 5), the domain controller and the client must both be able to use 128-bit SSL to protect the connection. If the domain controller is not configured for SSL or if appropriately long keys are not available, the password-change write is denied.
An Active Directory domain controller listens for change-password requests on all of these protocols.
As stated earlier in this article, different protocols are used in different circumstances. For example:
Interoperable Kerberos clients use the Kerberos protocols. UNIX-based systems with MIT Kerberos version 5 1.1.1 can change user passwords in a Windows-based domain by using the Kerberos change-password protocol (method 3).
When a user changes his or her own password by pressing CTRL+ALT+DELETE and then clicking Change Password, Windows NT up to Windows 2003 the NetUserChangePassword mechanism (method 1) is used if the target is a domain. From Windows Vista onwards, the Kerberos change password protocol is used for domain accounts. If the target is a Kerberos realm, the Kerberos change-password protocol (method 3) is used.
Requests to change a password from computers that are running Microsoft Windows 95/Microsoft Windows 98 use XACT-SMB (method 6).
A program that uses the ChangePassword method on the Active Directory Services Interface (ADSI) IaDSUser interface first tries to change the password by using LDAP (method 5), and then by using the NetUserChangePassword protocol (method 1).
A program that uses the SetPassword method on the ADSI IaDSUser interface first tries to change the password by using LDAP (method 5), then the Kerberos set-password protocol (method 4), and then the NetUserSetInfo protocol (method 2).
The Active Directory Users and Computers snap-in uses ADSI operations for setting user passwords.
Refer to Microsoft Article:-
http://support.microsoft.com/kb/264480
MORE INFORMATION
The supported password-change protocols are:
The NetUserChangePassword protocol
The NetUserSetInfo protocol
The Kerberos change-password protocol (IETF Internet Draft Draft-ietf-cat-kerb-chg-password-02.txt) [port 464]
Kerberos set-password protocol (IETF Internet Draft Draft-ietf-cat-kerberos-set-passwd-00.txt) [port 464]
Lightweight Directory Access Protocol (LDAP) write-password attribute (if 128-bit Secure Sockets Layer [SSL] is used)
XACT-SMB for pre-Microsoft Windows NT (LAN Manager) compatibility
Change-password operations require that the user's current password be known before the change is allowed. Set-password operations do not have this requirement, but are controlled by the Reset Password permissions on the account.
When you are using LDAP (method 5), the domain controller and the client must both be able to use 128-bit SSL to protect the connection. If the domain controller is not configured for SSL or if appropriately long keys are not available, the password-change write is denied.
An Active Directory domain controller listens for change-password requests on all of these protocols.
As stated earlier in this article, different protocols are used in different circumstances. For example:
Interoperable Kerberos clients use the Kerberos protocols. UNIX-based systems with MIT Kerberos version 5 1.1.1 can change user passwords in a Windows-based domain by using the Kerberos change-password protocol (method 3).
When a user changes his or her own password by pressing CTRL+ALT+DELETE and then clicking Change Password, Windows NT up to Windows 2003 the NetUserChangePassword mechanism (method 1) is used if the target is a domain. From Windows Vista onwards, the Kerberos change password protocol is used for domain accounts. If the target is a Kerberos realm, the Kerberos change-password protocol (method 3) is used.
Requests to change a password from computers that are running Microsoft Windows 95/Microsoft Windows 98 use XACT-SMB (method 6).
A program that uses the ChangePassword method on the Active Directory Services Interface (ADSI) IaDSUser interface first tries to change the password by using LDAP (method 5), and then by using the NetUserChangePassword protocol (method 1).
A program that uses the SetPassword method on the ADSI IaDSUser interface first tries to change the password by using LDAP (method 5), then the Kerberos set-password protocol (method 4), and then the NetUserSetInfo protocol (method 2).
The Active Directory Users and Computers snap-in uses ADSI operations for setting user passwords.
Refer to Microsoft Article:-
http://support.microsoft.com/kb/264480
Subscribe to:
Comments (Atom)
