File Auditing Issues

Tutorials Win: Microsoft Windows Forum

- Previous
  - 1
    - ASP.Net Windows Component Not installing properly Get this error messaging when I run wbemtest.exe and try to connect to the root\ASPNET. Number: 0x8004100e Facility: WMI Description: Invalid namespace Tried uninstalling and reinstalling the ASP.Net Windows component. Even tried uniinstalling and reinstalling the IIS application components. Still get the error message. Any ideas how to fix this without rebuilding the server from scratch. So far, talking to people, they said the only way to fix the problem is to rebuild server. Tag: File Auditing Issues Tag: 102734
  - 2
    - An error has occured while establishing a connection to the server I've recently set up a Windows 2003 Server SP2 enterprise system to handle SQL Server 2005 connections to data bases. The Windows server is on a WorkGroup - not a domain, and I've set it up as an application server. I installed SQL Server 2005 Enterprise, I ran the services configuration tool and set it to allow both local and remote connections, and to use tcp/ip. I can see the Windows server pn the network, and can access the default shared printer folder, but that's it. I can't seem to access SQL Server at all, and no matter what I do keep getting this error message: An error has occurred while establishing a connection to the server. When connecting to SQL Server 2005, this failure may be caused by the fact that under the default settings SQL Server does not allow remote connections. (provider: SQL Network Interfaces, error: 28 - Server doesn't support requested protocol) (Microsoft SQL Server, Error: -1) It doesn't matter what I do to attempt permission on either the client machine or the host, it always returns the same message. I asked this question on the SQL group wich returned one response asking whether I've openned the ports for SQL on the firewall, and yes I have. So far, all client machines are Vista Ultimate with SQL 2005 developer edition and Visual Studio 2005. I could really use some hand holding with this - any takers? Tag: File Auditing Issues Tag: 102725
  - 3
    - Registry editing Hello all, I have been trying to install McAfee ePolicy orchestrator on my windows 2003 server. When I launched the install files for one of the component of McAfee the system tells me that: 'The setup program cannot be run under a user account other than the logged on user. When I went to McAffe support they provided me with this solution: IMPORTANT: These instructions are intended for network and ePO administrators only. This article contains information about modifying the registry. Before you modify the registry, make sure to back it up and make sure that you understand how to restore the registry if a problem occurs. For information about how to back up, restore, and edit the registry, see the following Microsoft Knowledge Base article: http://support.microsoft.com/kb/256986/EN-US/. 1. Back up the ePO server Registry to a network share. 2. Open the Registry Editor and navigate to the following registry key: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 3. Double-click the string value Shell. 4. Change Value Data to Explorer.exe. 5. Close the Registry Editor. 6. Run setup.exe again. Cause The installer cannot find Explorer.exe in C:\Windows as specified in the Shell string value within the following registry key: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] - Now when I go to run Regedit.exe the system does not respond as if nothing was send to process (No prompting windows.....). I have downloaded a s;mall software called registry jumper but when i run it to open a registry it tells me that: ' Can not launch Regedit.exe'. I am desperatly needing to install this McAffe since virus has caused a disaster to our network. Would you help me diagnose this problem so that I can edit the registry. Thank you for your understanding. Tag: File Auditing Issues Tag: 102723
  - 4
    - Inexding Service Hi All, Was just wondering in Windows server 2003, is it possible to put a schedule on the indexing service so it's not running during busy times? Tag: File Auditing Issues Tag: 102717
  - 5
    - Windows Server 2008 Last Interactive Logon Information One of the Windows Server 2008 Domain function level features is quoted as being "Last Interactive Logon Information". Tried googling that and couldnt find much info on the subject but it sounds like a good feature.. Can anyone point me to some literature on the subject or even better tell me where about in W2K8 I can see such info about a user? Tag: File Auditing Issues Tag: 102710
  - 6
    - Problems with policy's Offline filetypes not cached Hi, I have set the GPO Computer/Admin Templ/Network/Offline Files/Files not cached field to: *.dbx; *.mdb; *.pst However despite this I receive the syncronization error dialog every time I log on/off that file names with these extensions could not be syncronized. Why? I thoght that this was the gpo to set to avoid this error message? Thanks for comments and experiences ;-) jake Tag: File Auditing Issues Tag: 102708
  - 7
    - Test Post Tag: File Auditing Issues Tag: 102701
  - 8
    - New Partition I just setup a partition on a single drive. I used 30 gig for the server OS. What do I need to do to partition the rest of the drive? Tag: File Auditing Issues Tag: 102700
  - 9
    - .NET Install I need to install .NET 2.0 on workstations in our Win2003 domain. We are not using WSUS. I downloaded the NET 2.0 redistributable package and extracted the netfx.msi pac. But the pac will not install using group policy. How can I get this done without visiting every workstation?-- ---------------------------------------------------- This mailbox protected from junk email by MailFrontier Desktop from MailFrontier, Inc. http://info.mailfrontier.com Tag: File Auditing Issues Tag: 102699
  - 10
    - Windows Home Server Connector Client Crash Please forgive the posting here - there seems not to be a Windows Home Server group. Could someone help me with some ideas of what to check? I'm running Windows Home Server (OEM edition) an on older system that was used for all phases of the beta testing with no problem. The OEM version was installed and all connector software updated on 5 systems - all okay for a month. Yesterday there was a power outage and although the server is on a UPS it reported one of 3 external drives was bad. That was cleared but the server constantly reported that the backup service was not running so I wiped the drives and re-installed the home server software including the connector client on all systems. All are fine except for my main PC where the counsole client crashes after the password is inputed and continue is clicked. The log error is: Faulting application WHSConsoleClient.exe, version 6.0.1500.6, time stamp 0x46e0a8e1, faulting module ntdll.dll, version 6.0.6000.16386, time stamp 0x4549bdc9, exception code 0xc0000005, fault offset 0x00062613, process id 0x19a4, application start time 0x01c8383b04b414f3. All console client installs on the other 4 systems work fine. Any ideas? I'm stumped. I have reinstalled the client on this PC numerous times with no change. Tag: File Auditing Issues Tag: 102693
  - 11
    - Designing Server 2003 multisite Licensing setup, CALS Need help designing an effective licensing setup for our network. article reference: http://www.microsoft.com/windowsserver2003/howtobuy/licensing/caloverview.mspx If you can answer any of my questions, i appreciate it. We currently have 11 geographic sites. Each location has its own server 2003 domain controller. Everyone in the business maps a drive to the main location's server. All, office's are connected via WAN. I have setup each server to be its own license server in sites and services. Employees may move around and work at different locations depending on what is going on. I would like to buy device CALS (more employees than computers) QUESTION #1: SERVER MODES Should I use Per User/Per Device mode or Per Server mode. The article above says I can use either server mode with either license types. Can I use different server modes on different servers or do they all have to use the same server mode in the same domain? I would like to buy say 150 device CALS and put the main server in "Per server Mode" and add 150 CALS to it. Then each branch office location would be in per server mode with say 10 CALS - 7 computers at each branch office and extra CALS installed for System Admins to connect to the servers for backups or maintenance. So, technically speaking, I would have the main office configured to use 150 CALS + 100 CALS total at the branch offices = 250 CALS when we only purchased 150 CALS. Is this how it is suppose to work? Can I mix the server modes on different domain controllers? The person who originally designed the network setup the main server in â??Per user/deviceâ?? mode and added 10,000 CALS. I know I cannot go back, but is this will this mess anything up. QUESTION #2: HOW DO THE SERVER MODES TRACK CALS. My understanding is that when you are in Per server mode the server only tracks concurrent connections. When a computer disconnects, by say shutting down the computer, does the server free up a CAL? And when you are in Per User/Device Mode the server keeps track of users - and then you have to revoke users if they no longer work there or else new employees or employees who move from branch to branch will be denied access. Is this correct? Does each computer keep a registry entry of is license status in the domain? QUESTION #3: IF SOMEONE PRINTS TO A PRINT QUEUE AT A REMOTE OFFICE DOES THAT COUNT AS A CAL? Joe Tag: File Auditing Issues Tag: 102692
  - 12
    - Windows server 2008 HCL Is there one and does anyone know where it is? Thanks. Tag: File Auditing Issues Tag: 102691
  - 13
    - Virtual Server Hi guys, I wan't know, how the virtual server configure the disk space for a new server. Well, when i create a virtual server with virtual PC in Lab, i configure the disk space of the virtual machine. But when the server was in production (with virtual server) if i have a sql database and the free space on the virtual disk was very low, is it possible to extand the size of the virtual disk ( of course i have a physical hard disk with free space) ?? I shut down the virtual server and resize the disk ?? -- best regard Tag: File Auditing Issues Tag: 102690
  - 14
    - Forest Trusts Hi! I have two Windows 2003 servers : SERVER1 (W2K3 R2 SP2) and SERVER2 (W2K3 SP2). Each server is acting as a DC for its domain which is in its own forest : SERVER1 is DC for DOMAIN1; SERVER2 is a DC for DOMAIN2. Both servers are on the same LAN (no router, no firewall). The DNS on both servers are set up correctly, with a stub zone pointing to the other server. I established a two-way transitive trust between both forests, using the Active Directory Domains and Trusts snap-in. I chose the Forest Wide Authentication in both ways of the trusts. My purpose is to enable users from the domain DOMAIN2 to have their Exchange Server 2007 mailboxes hosted on the server SERVER1 which is acting as an Exchange Server for users from both domains. My issue is not Exchange related (not yet!). From the start, I can see that I have an authentication issue since I can't browse some shared directories on server SERVER1 from a workstation in domain DOMAIN2 (user belonging to DOMAIN2 and logged on DOMAIN2): I am asked to enter some credentials (if I enter a username/password from DOMAIN1, it's OK, I can access the shares on SERVER1). I don't want to be asked for some credentials (it will prevent Outlook 2003 from working, since Outlook is trying to access to the Exchange server situated on the other side of the Trust). Any idea? What am I missing? Help greatly appreciated. Nicolas Tag: File Auditing Issues Tag: 102686
  - 15
    - Automated backup/mirroring Windows Server 2003 Enterprise, 5 users I am running a SCSI RAID system with internal 15k U320 hard drives. I recently added an eSata RAID box with mirrored hard drives. At the end of each day, I manually copy the SCSI data to the eSata system. However, I would prefer to have the SCSI data continuously copied to the eSata system Does Windows 2003 have that capability? If not, can anyone suggest a reliable 3rd party software package that will accomplish my objective, hopefully without taking a performance hit? Tag: File Auditing Issues Tag: 102683
  - 16
    - Security Configuration Wizard "access is denied" error Dell PE2950 server, Win2003 R2 SP2, 64 bit Xeon, domain controller, current windows updates. Security Configuration Wizard gets the error. Extension NameMicrosoft.OS.Services - 0x80070005 Error configuring C:\WINDOWS\security\msscw\ConfigureFiles\Services.inf Access is denied. Running as domain admin, security shows full control of file/dir. Turned off anti-virus pgm, didn't help. Searching shows other folks with the same error but no resolutions. Any suggestions? Process monitor shows the following. Note the Buffer Overflow and Name Invalid lines... 135300 11:00:27.4559951 AM services.exe 400 ReadFile C:\WINDOWS\security\msscw\ConfigureFiles\Services.inf5ac90887-f869-4cb6-ae96-892e939a90ad.sdb SUCCESS Offset: 0, Length: 4,096, I/O Flags: Non-cached 135301 11:00:27.4561061 AM services.exe 400 ReadFile C:\WINDOWS\security\msscw\ConfigureFiles\Services.inf5ac90887-f869-4cb6-ae96-892e939a90ad.sdb SUCCESS Offset: 4,096, Length: 4,096, I/O Flags: Non-cached 135302 11:00:27.4562143 AM services.exe 400 CloseFile C:\WINDOWS\security\msscw\ConfigureFiles\Services.inf5ac90887-f869-4cb6-ae96-892e939a90ad.sdb SUCCESS 135304 11:00:27.4566644 AM services.exe 400 CreateFile C:\WINDOWS\security\msscw\ConfigureFiles\Services.inf5ac90887-f869-4cb6-ae96-892e939a90ad.sdb SUCCESS Desired Access: Generic Read, Disposition: Open, Options: Write Through, No Buffering, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, Impersonating: GTI\_admin, OpenResult: Opened 135305 11:00:27.4568190 AM services.exe 400 QueryInformationVolume C:\WINDOWS\security\msscw\ConfigureFiles\Services.inf5ac90887-f869-4cb6-ae96-892e939a90ad.sdb SUCCESS VolumeCreationTime: 8/14/2007 3:52:20 PM, VolumeSerialNumber: 9063-CE5A, SupportsObjects: True, VolumeLabel: OS 135306 11:00:27.4568414 AM services.exe 400 QueryAllInformationFile C:\WINDOWS\security\msscw\ConfigureFiles\Services.inf5ac90887-f869-4cb6-ae96-892e939a90ad.sdb BUFFER OVERFLOW CreationTime: 12/6/2007 10:42:24 AM, LastAccessTime: 12/6/2007 11:00:27 AM, LastWriteTime: 12/6/2007 11:00:27 AM, ChangeTime: 12/6/2007 11:00:27 AM, FileAttributes: A, AllocationSize: 1,056,768, EndOfFile: 1,056,768, NumberOfLinks: 1, DeletePending: False, Directory: False, IndexNumber: 0x900000000596c, EaSize: 0, Access: Generic Read, Position: 0, Mode: Write Through, No Buffering, AlignmentRequirement: Byte 135307 11:00:27.4571977 AM services.exe 400 CreateFile C:\WINDOWS\security\msscw\ConfigureFiles\Services.inf5ac90887-f869-4cb6-ae96-892e939a90ad.sdb SUCCESS Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, Impersonating: GTI\_admin, OpenResult: Opened 135308 11:00:27.4572666 AM services.exe 400 CloseFile C:\WINDOWS\security\msscw\ConfigureFiles\Services.inf5ac90887-f869-4cb6-ae96-892e939a90ad.sdb SUCCESS 135310 11:00:27.4576070 AM services.exe 400 CreateFile C:\WINDOWS\security\msscw\ConfigureFiles\Services.inf5ac90887-f869-4cb6-ae96-892e939a90ad.sdb SUCCESS Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, Impersonating: GTI\_admin, OpenResult: Opened 135311 11:00:27.4576730 AM services.exe 400 CloseFile C:\WINDOWS\security\msscw\ConfigureFiles\Services.inf5ac90887-f869-4cb6-ae96-892e939a90ad.sdb SUCCESS 135313 11:00:27.4580079 AM services.exe 400 CreateFile C:\WINDOWS\security\msscw\ConfigureFiles\Services.inf5ac90887-f869-4cb6-ae96-892e939a90ad.sdb SUCCESS Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, Impersonating: GTI\_admin, OpenResult: Opened 135314 11:00:27.4580655 AM services.exe 400 DeviceIoControl C:\WINDOWS\security\msscw\ConfigureFiles\Services.inf5ac90887-f869-4cb6-ae96-892e939a90ad.sdb FAST IO DISALLOWED Control: IOCTL_MOUNTDEV_QUERY_DEVICE_NAME 135315 11:00:27.4580792 AM services.exe 400 DeviceIoControl C:\WINDOWS\security\msscw\ConfigureFiles\Services.inf5ac90887-f869-4cb6-ae96-892e939a90ad.sdb INVALID PARAMETER Control: IOCTL_MOUNTDEV_QUERY_DEVICE_NAME 135316 11:00:27.4580989 AM services.exe 400 CloseFile C:\WINDOWS\security\msscw\ConfigureFiles\Services.inf5ac90887-f869-4cb6-ae96-892e939a90ad.sdb SUCCESS 135318 11:00:27.4584583 AM services.exe 400 CreateFile C:\WINDOWS\security\msscw\ConfigureFiles\Services.inf5ac90887-f869-4cb6-ae96-892e939a90ad.sdb NAME INVALID Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open For Backup, Open Reparse Point, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, Impersonating: GTI\_admin 135319 11:00:27.4587925 AM services.exe 400 CreateFile C:\WINDOWS\security\msscw\ConfigureFiles IS DIRECTORY Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, Impersonating: GTI\_admin 135320 11:00:27.4591258 AM services.exe 400 CreateFile C:\WINDOWS\security\msscw\ConfigureFiles SUCCESS Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open For Backup, Open Reparse Point, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, Impersonating: GTI\_admin, OpenResult: Opened 135321 11:00:27.4591870 AM services.exe 400 FileSystemControl C:\WINDOWS\security\msscw\ConfigureFiles NOT REPARSE POINT Control: FSCTL_GET_REPARSE_POINT 135322 11:00:27.4592152 AM services.exe 400 CloseFile C:\WINDOWS\security\msscw\ConfigureFiles SUCCESS 135324 11:00:27.4595462 AM services.exe 400 CreateFile C:\WINDOWS\security\msscw\ConfigureFiles SUCCESS Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, Impersonating: GTI\_admin, OpenResult: Opened 135325 11:00:27.4596041 AM services.exe 400 CloseFile C:\WINDOWS\security\msscw\ConfigureFiles SUCCESS 135327 11:00:27.4599272 AM services.exe 400 CreateFile C:\WINDOWS\security\msscw\ConfigureFiles SUCCESS Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, Impersonating: GTI\_admin, OpenResult: Opened 135328 11:00:27.4599813 AM services.exe 400 DeviceIoControl C:\WINDOWS\security\msscw\ConfigureFiles FAST IO DISALLOWED Control: IOCTL_MOUNTDEV_QUERY_DEVICE_NAME 135329 11:00:27.4599943 AM services.exe 400 DeviceIoControl C:\WINDOWS\security\msscw\ConfigureFiles INVALID PARAMETER Control: IOCTL_MOUNTDEV_QUERY_DEVICE_NAME 135330 11:00:27.4600137 AM services.exe 400 CloseFile C:\WINDOWS\security\msscw\ConfigureFiles SUCCESS 135332 11:00:27.4603452 AM services.exe 400 CreateFile C:\WINDOWS\security\msscw\ConfigureFiles SUCCESS Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open For Backup, Open Reparse Point, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, Impersonating: GTI\_admin, OpenResult: Opened 135333 11:00:27.4604027 AM services.exe 400 FileSystemControl C:\WINDOWS\security\msscw\ConfigureFiles NOT REPARSE POINT Control: FSCTL_GET_REPARSE_POINT 135334 11:00:27.4604269 AM services.exe 400 CloseFile C:\WINDOWS\security\msscw\ConfigureFiles SUCCESS 135336 11:00:27.4607572 AM services.exe 400 CreateFile C:\WINDOWS\security\msscw IS DIRECTORY Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, Impersonating: GTI\_admin 135337 11:00:27.4610823 AM services.exe 400 CreateFile C:\WINDOWS\security\msscw SUCCESS Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open For Backup, Open Reparse Point, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, Impersonating: GTI\_admin, OpenResult: Opened 135338 11:00:27.4611404 AM services.exe 400 FileSystemControl C:\WINDOWS\security\msscw NOT REPARSE POINT Control: FSCTL_GET_REPARSE_POINT 135339 11:00:27.4611650 AM services.exe 400 CloseFile C:\WINDOWS\security\msscw SUCCESS 135341 11:00:27.4614931 AM services.exe 400 CreateFile C:\WINDOWS\security\msscw SUCCESS Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, Impersonating: GTI\_admin, OpenResult: Opened 135342 11:00:27.4615502 AM services.exe 400 CloseFile C:\WINDOWS\security\msscw SUCCESS 135344 11:00:27.4618738 AM services.exe 400 CreateFile C:\WINDOWS\security\msscw SUCCESS Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, Impersonating: GTI\_admin, OpenResult: Opened 135345 11:00:27.4619319 AM services.exe 400 DeviceIoControl C:\WINDOWS\security\msscw FAST IO DISALLOWED Control: IOCTL_MOUNTDEV_QUERY_DEVICE_NAME 135346 11:00:27.4619441 AM services.exe 400 DeviceIoControl C:\WINDOWS\security\msscw INVALID PARAMETER Control: IOCTL_MOUNTDEV_QUERY_DEVICE_NAME 135347 11:00:27.4619631 AM services.exe 400 CloseFile C:\WINDOWS\security\msscw SUCCESS 135349 11:00:27.4622884 AM services.exe 400 CreateFile C:\WINDOWS\security\msscw SUCCESS Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open For Backup, Open Reparse Point, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, Impersonating: GTI\_admin, OpenResult: Opened 135350 11:00:27.4623455 AM services.exe 400 FileSystemControl C:\WINDOWS\security\msscw NOT REPARSE POINT Control: FSCTL_GET_REPARSE_POINT 135351 11:00:27.4623699 AM services.exe 400 CloseFile C:\WINDOWS\security\msscw SUCCESS 135353 11:00:27.4626374 AM services.exe 400 CreateFile C:\WINDOWS\security IS DIRECTORY Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, Impersonating: GTI\_admin 135354 11:00:27.4628964 AM services.exe 400 CreateFile C:\WINDOWS\security SUCCESS Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open For Backup, Open Reparse Point, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, Impersonating: GTI\_admin, OpenResult: Opened 135355 11:00:27.4629544 AM services.exe 400 FileSystemControl C:\WINDOWS\security NOT REPARSE POINT Control: FSCTL_GET_REPARSE_POINT 135356 11:00:27.4629786 AM services.exe 400 CloseFile C:\WINDOWS\security SUCCESS 135358 11:00:27.4632413 AM services.exe 400 CreateFile C:\WINDOWS\security SUCCESS Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, Impersonating: GTI\_admin, OpenResult: Opened 135359 11:00:27.4632980 AM services.exe 400 CloseFile C:\WINDOWS\security SUCCESS 135361 11:00:27.4635587 AM services.exe 400 CreateFile C:\WINDOWS\security SUCCESS Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, Impersonating: GTI\_admin, OpenResult: Opened 135362 11:00:27.4636129 AM services.exe 400 DeviceIoControl C:\WINDOWS\security FAST IO DISALLOWED Control: IOCTL_MOUNTDEV_QUERY_DEVICE_NAME 135363 11:00:27.4636250 AM services.exe 400 DeviceIoControl C:\WINDOWS\security INVALID PARAMETER Control: IOCTL_MOUNTDEV_QUERY_DEVICE_NAME 135364 11:00:27.4636442 AM services.exe 400 CloseFile C:\WINDOWS\security SUCCESS 135366 11:00:27.4639080 AM services.exe 400 CreateFile C:\WINDOWS\security SUCCESS Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open For Backup, Open Reparse Point, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, Impersonating: GTI\_admin, OpenResult: Opened 135367 11:00:27.4639645 AM services.exe 400 FileSystemControl C:\WINDOWS\security NOT REPARSE POINT Control: FSCTL_GET_REPARSE_POINT 135368 11:00:27.4639883 AM services.exe 400 CloseFile C:\WINDOWS\security SUCCESS 135370 11:00:27.4641796 AM services.exe 400 CreateFile C:\WINDOWS IS DIRECTORY Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, Impersonating: GTI\_admin 135371 11:00:27.4643750 AM services.exe 400 CreateFile C:\WINDOWS SUCCESS Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open For Backup, Open Reparse Point, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, Impersonating: GTI\_admin, OpenResult: Opened 135372 11:00:27.4644316 AM services.exe 400 FileSystemControl C:\WINDOWS NOT REPARSE POINT Control: FSCTL_GET_REPARSE_POINT 135373 11:00:27.4644561 AM services.exe 400 CloseFile C:\WINDOWS SUCCESS 135375 11:00:27.4646433 AM services.exe 400 CreateFile C:\WINDOWS SUCCESS Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, Impersonating: GTI\_admin, OpenResult: Opened 135376 11:00:27.4646991 AM services.exe 400 CloseFile C:\WINDOWS SUCCESS 135378 11:00:27.4648943 AM services.exe 400 CreateFile C:\WINDOWS SUCCESS Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, Impersonating: GTI\_admin, OpenResult: Opened 135379 11:00:27.4649495 AM services.exe 400 DeviceIoControl C:\WINDOWS FAST IO DISALLOWED Control: IOCTL_MOUNTDEV_QUERY_DEVICE_NAME 135380 11:00:27.4649615 AM services.exe 400 DeviceIoControl C:\WINDOWS INVALID PARAMETER Control: IOCTL_MOUNTDEV_QUERY_DEVICE_NAME 135381 11:00:27.4649804 AM services.exe 400 CloseFile C:\WINDOWS SUCCESS 135383 11:00:27.4651681 AM services.exe 400 CreateFile C:\WINDOWS SUCCESS Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open For Backup, Open Reparse Point, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, Impersonating: GTI\_admin, OpenResult: Opened 135384 11:00:27.4652229 AM services.exe 400 FileSystemControl C:\WINDOWS NOT REPARSE POINT Control: FSCTL_GET_REPARSE_POINT 135385 11:00:27.4652472 AM services.exe 400 CloseFile C:\WINDOWS SUCCESS 135387 11:00:27.4654220 AM services.exe 400 CreateFile C:\ SUCCESS Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Free Space Query, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, Impersonating: GTI\_admin, OpenResult: Opened 135388 11:00:27.4654753 AM services.exe 400 QuerySizeInformationVolume C:\ SUCCESS TotalAllocationUnits: 17,739,776, AvailableAllocationUnits: 10,030,997, SectorsPerAllocationUnit: 8, BytesPerSector: 512 135389 11:00:27.4654967 AM services.exe 400 CloseFile C:\ SUCCESS Thanks, Dough Tag: File Auditing Issues Tag: 102674
  - 17
    - SMTP server intermittent problem I have an unusual issue that I believe it related to a setting in the IIS SMTP Virtual Server Settings. I have an intermittent problem where an email sent by a small asp.net application would fail to send the exception was "Error receiving data from socket." The VB error message generated related to "The transport failed to connect to the server. " I spent a bit of time troubleshooting the asp code only to have the same results...sometimes the emails would process and sometimes they would not.....no variable changed at all. In an attemtp to find a pattern to the problem and rule out asp.net code I wrote a very small windows application that sends an email once a minute and reports back the results. I was amazed to find a solid pattern and this is where I could use some help pointing me in the right direction. The sever sends an email once a minute and the first 9 emails send fine but the next 9 emails will fail to send and then the pattern repeats itself the next 9 emails go fine, then will send 9 emails that fail...etc. Nothing changed in the settings...each email was sent using hardcoded variables so there would be no difference in the TO: FROM: SUBJECT: SMTP SERVER: or BODY. I have run this for several hours always with the same pattern revealing itself, 9 times it will send email then 9 times it will fail then 9 times it will send and so on. Now for the server details. This is a development server running behind out INTRANET firewall. All virus software has been disabled. The Firewall on the server has been disabled. The application is running ON the server. The situation manifiest itself both in using windows applications and Web pages (asp.net). These are the current property settings of the virtual server: IP Address is within the IP range of the intranet - 10.16.56.9 Connections limited to 100 connection time-out in minutes 5 Under advanced theIP Address and TCP Port are 10.15.56.9 25 Access tab - Anonymous access is checked connection control as access granted to 10.16.56.9 relay restictions are granted to 10.16.56.9 connection control grrants access for 10.16.56.9 to the virtual server Messages tab Message size limited to 2048 KB Session size limited to 10240KB Limit number of message per connection to 100 Limit number of recipients to 100 Delivery tab First realy interval minutes 15 Second retry 30 third retry 60 subsequent retry 240 delay notification 12 min Expiration timeout 30 min Loca delay 24 min Expiration timeout 12 min Outbound security set to anonymous access Outbound connections limited to 1000 time-out 2 minutes number of connections per domaim 100 TCP port 25 These settings have been changed a few times as I gleen what I can from the internet. I have stopped and started the the SMTP Virtual Server on variable changes without effect. The TO: from: variables for the email are valid as they have been checked and email is actually sent and received using the same variables. Obviously I am curious about the pattern I have discovered. Each minute an identical email is sent...and as I have said the first 9 times the email goes fine then the next 9 times it will fail and then the next 9 times it will go fine..and so on. I have not been able to find a variable in the SMTP porperties that is tied to this apparent 10 min cycle. This server does not touch the INTERNET and the SMTP mail being sent stays within the intranet of our organization. What additional information may be needed to look into the unusual circumstance? WAFDOF Tag: File Auditing Issues Tag: 102666
  - 18
    - Printer Redirection while using the Remote Desktop Snap-in Is there any way to turn off printer and LPT port redirection when using the remote desktop snap-in? I have already disabled printer and LPT port replication on my machine for the Remote Desktop Connnection which has eliminated those annoying TermServDevices 1111 errors on the server, but when I use the Remote Desktop snap-in that you can access via administrative tools and which allows you to connect to multiple remote desktops I am still seeing these errors in the server log. Any suggestions? Thanks. Tag: File Auditing Issues Tag: 102665
  - 19
    - Windows 2003 Print Server Problems I have a Windows 2003 R2 Print Server setup. There are approximately 300 networked printers configured on this server. The printers range from dell, HP, Sharp, and others. The print spooler is on its own harddrive for performance reasons. The problem I am having is the server tends to just stop printing print jobs. You have to restart the printer spooler in order to have the server function. There isn't anything that I see in the event logs that would point me in the right direction. Things are pretty normal in the event logs. I am not sure what is causing this and it tends to happen pretty randomly. Thank you for any help you may offer. Tag: File Auditing Issues Tag: 102657
  - 20
    - Change Volume License Key on pre-sp1 Windows 2003 Server Is this possible? I've tried using the guide on http://support.microsoft.com/kb/918342 but the script just gives me the error "Object required 0x1A8". If I use the script that's supposed to work on pre-sp1, and comment out "ON ERROR RESUME NEXT", it gives me the following error message: C:\vlk.vbs(21, 1) WshShell.RegDelete: Unable to remove registry key "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WPAEvents\OOBETimer". If I check the registry, there's nothing called OOBETimer in the WPAEvents 'folder'. If I comment out that line (line 21), it fails on the following line with this error: C:\vlk.vbs(22, 1) (null): The specified module could not be found. Any help would be much appreciated. Tag: File Auditing Issues Tag: 102656
  - 21
    - Event Viewer - can not see list of events when open Event Viewer Has anyone ever experienced a problem when opening Event Viewer and clicking on Application log, where the right-hand pane never shows the list of events?? This also seems to happen on the System log. If I click on the Security log the list will propagate if I click the refresh button but if I try refresh on the other two logs nothing happens. It looks like the log is propagating because the scroll bar gets small (like its collecting data and "wants" to show it) but the screen doesn't refresh. I'm presently having this problem on a Windows 2000 box, I've seen this on a Windows 2003 box before but can't recall what the fix was. Any ideas, comments, suggestions are appreciated -- Thanks in advance KDub Tag: File Auditing Issues Tag: 102655
  - 22
    - Cannot Run Executable (.BAT) File From Remote Location Hi everybody, the situation is as follows: (please excuse wrong wording, I have the German version, I try my best) 2 servers, both on W2k3 Fileserver (FS) and Terminalserver (TS) On FS, there is a share 'NETLOGON' on a directory called 'Scripts' in which the NETLOGON.BAT is located. I think, this is basic knowledge on W2k3 in German and English versions, isn't it? In my ActiveDirectory (AD), I have an Organisational Unit (OU) that contains a group (GP) as well as the users. Now, I am logged in as the (preconfigured) user 'Administrator' (Admin). I have given full access to the Group of Administrators and my GP in Security settings AND Access settings of the share. When I log on from the TS, I do not have access to any executable file on FS. I have access to local files, can execute them. I can create directories and files on FS, I can change them. When I change the extension to .BAT, I lose access. What did I do wrong? Thank you for your time Ole Tag: File Auditing Issues Tag: 102654
  - 23
    - Small Business Server 2003 printing issue Need help please. I am working for an office that has Small Business Server 2003 with the workstations printing to a HP laserjet 1100 setup on the server. What is happening is that one of the workstations can print from the desktop (word, excel etc) but when they try to print through Meditech you see the print job show up on the server but then the server deletes the job out of the print queue before it is actually printed. The other workstation in the office has no problems printing from the desktop or meditech to the networked printer. I have removed and reistalled the print drivers on the server, workstaiton and have used a different user ID on the workstation but same issue is happening from this one machine. Thanks Jon Tag: File Auditing Issues Tag: 102653
  - 24
    - member server local groups I added a new server to my domain. This server is a memberserver. Serverroles: Fileserver and applicationserver. Now I want to add a domain user to the local administrators group of the memberserver. I can't. I double click the local admin group. Click add and then I can't change the location where to search for the user. The location says: <Servername> I want to add a domain user. Am I doing something wrong?? Tag: File Auditing Issues Tag: 102652
  - 25
    - Volume Shadow Copy not backing up individual files I have Windows Server 2003 Std installed on my file server and am using volume shadow copy services. When I browse to a directory, right click and selct previous version, I see all the snapshots that have been taken, I'm able to open up the shadow copy then copy and paste the file back in the original location. However, if I browse to a file, right click and select previous version, there is no history there at all. Why is there only history at the directory level and not at the file level? I am able to restore the file when I open its parent directory, but not by just clicking on the file? Any thoughts? Tag: File Auditing Issues Tag: 102651
- Next
  - 1
    - Fax Notification not working Hi all The fax notification via e-mail is not working I have entered in credentials for e-mail server, proper host, etc The messenger service is running fine The faxes go through but not notification - not even a message pop works Am I missing anything? Ian Tag: File Auditing Issues Tag: 102650
  - 2
    - DCOM error and SID Hi all following event - I believe from the MS KB http://support.microsoft.com/kb/290398 That this is only machine debug manager issue - How do I identify the account Name from the SID?? Thanks Event Type: Error Event Source: DCOM Event Category: None Event ID: 10002 Date: 12/6/2007 Time: 2:30:10 AM User: NT AUTHORITY\SYSTEM Computer: <<computer_name>> Description: Access denied attempting to launch a DCOM Server. The server is: {D99E6E73-FC88-11D0-B498-00A0C90312F3} The user is SYSTEM/NT AUTHORITY, SID=S-1-5-18. Tag: File Auditing Issues Tag: 102648
  - 3
    - VSS Fix KB 940349 and KB 915331 (VSS_E_WRITERERROR_TIMEOUT) We have already applied - http://support.microsoft.com/kb/940349 on w2k3, SP1 system. But we get VSS_E_WRITERERROR_TIMEOUT error sometimes. Its been observed that this error comes only when, time between ::PreCommitSnapshots() and ::PostCommitSnapshots() is more than 10sec Does kb/940349 has this fix for "915331" ? If not, installing 915331 will overwrite fixes in 940349 ? Without moving to SP2, is there a way to address the issue of VSS_E_WRITERERROR_TIMEOUT Tag: File Auditing Issues Tag: 102646
  - 4
    - Windows Server 2008 Tips - The next enterprise server version of How do I... Install and configure Windows Server 2008 core?, 10 things to consider when making a Windows Server 2008 upgrade decision, Three exciting improvements in Windows Server 2008... http://vista-tricks-tips.blogspot.com Tag: File Auditing Issues Tag: 102645
  - 5
    - Losing Folder Redirection? We have folder redirection setup so that users Desktop and My Documents are located on the server. we have a GPO that sets this. Occasionally some laptop users come in and they dont have access to their documents, the target of their My Documents folder is now local, C:\documents and settings\...... a GPUPDATE /FORCE fixes this when connected to the network. It only happens with the odd laptop user and is happening on 2 seperate sites, one of which is a brand new network. we have the options set so that this is still processed over a slow network and its still happening. Any ideas? thanks Nigel Tag: File Auditing Issues Tag: 102639
  - 6
    - Ownership How do I recursively change ownership of a few terabytes of files to their respective migrated account? We migrated accounts to a new domain, and now when I look at volume quota's (while the trust is still in place) I've got double of everyone... We kept SID history's so I want to search every file and replace the old domain owner with the respective new domain owner... any ideas? Tag: File Auditing Issues Tag: 102638
  - 7
    - Folders under parent offline folder do not inherit "offline" status I have a folder ABC marked as "Available offline" on machine A. I go to machine B and create a folder 123 under folder ABC. I go back to machine A and do a manual synchronize but it never synchronizes Folder 123 becasue its not set as "offline". If I create the folder ABC on machine A, then it inherits the "offline" status and works fine. is this normal behavior? or do i have an issue with offline folders? -- Message posted via http://www.winserverkb.com Tag: File Auditing Issues Tag: 102616
  - 8
    - disk partitioning best practice hello what do you recommend to be best practice for partitioning disks? some say split into a C: for your system files and D: for you data others like to put everything on C: some like more complicated partition schemes with more seperate partitions for page file or user settings what do you think? if so, what sizes are good for now and for the future? all one partition sounds easiest but is there a drawbacks? thank you Tag: File Auditing Issues Tag: 102614
  - 9
    - Security Hello, We have two win2003 servers. One is DC, another one is terminal server (not DC). We like to install ISA 2006. For security reason -> which one is better? Install on terminal server and DC behind the ISA2006. or Install on DC and terminal server behind the ISA 2006. Thanks Tag: File Auditing Issues Tag: 102610
  - 10
    - Power Users Group Hello Is the Power Users Group able to modify the registry on a Windows 2003 Server? Thanks! Ian McCulloch Sydney, NS Canada Tag: File Auditing Issues Tag: 102607
  - 11
    - Test my internet speed What's everyone's flavor of choice for most accurate measures for upload and download speeds? Tag: File Auditing Issues Tag: 102605
  - 12
    - Setting quotas I have new servers with 1TB of space, specifically for use of staff storage of documents. Each folder on the root of the E: drive is set aside for an individual department. Under that folder, there are 2 folders: [departmentname]Shared and [departmentname]users. Each user folder is assigned to only 1 user. I can set quotas on the individual users easily. However, when I want to set a quota on the shared folder, I don't have the option to change object to something other than users. I tried using the ADS groups involved, but that didn't work either. Everything I've researched talks about user folders and/or AD policies. Is there some whay that I can assign a quota limit to a folder that will be used by different people in a specific department? Thanks! Andy K Tag: File Auditing Issues Tag: 102598
  - 13
    - DHCP Server in 2003 - Reservation Sort Order Hi, Is there any way to sort the "reservations" in the dhcpmgmt.msc? It seems to sort them on last in, last displayed. Thanks, Bob. Tag: File Auditing Issues Tag: 102593
  - 14
    - Getting VPN setup on a fresh 2003 Server Hi, I'm really stuck at the moment. I have a freshly installed Windows Server Enterprise 2003 which is not part of a domain, as we are using a workgroup behind a DSL router. The server only has one network card. We want to use this server as our location for SQL server which outside clients can VPN into the server directly and access the SQL database securely, but we are currently testing with internal vpn clients at present using Windows Pro XP2., and all ip address's are valid with the correct subnet mask and gateway. I used the Manage Server wizard to setup the Remote Access (VPN), and set a newly created user to have Dial in access. I either have no response from the Server when connecting, or reprompts for the user name and password, or it states that the user doesn't have enough priviledges. Some extra info: I cannot ping the server, but the server can ping the internal computers. Also the clients cannot \\server while the server can \\client. I have tried (many reinstalls) with/without Active Directory, with/ without a domain, but to no luck. Can some point out my obvious fault here, as I was under the impression that the Manage Server was supposed to set everything up for me automatically? David Tag: File Auditing Issues Tag: 102586
  - 15
    - Updates Hi, I have a 2003 Domain using Server 2003 Standard, almost XP Pro across the board, as far as updates go, do have to go to each computer and log on with an Admin account to install the updates. I don't have local or domain admin permissions for the end users. Thanks Craig Tag: File Auditing Issues Tag: 102585
  - 16
    - Delivery Addresses NOT displayed When I go to envelopes and labels in Microsoft Word 2003 and attempt to insert an address from the Delivery Address selection, it will no longer display the address I choose. It worked fine for the past year. On top of this the return address will no longer save the address I typed in earlier. When I type in my return address, it will only print 2 lines of the address?!?! -- mr.vette Tag: File Auditing Issues Tag: 102582
  - 17
    - C:\Windows\Security\edb.log and tmp.edb Hello, Backups are skipping the following files on a Windows Server 2003 SP1 box: C:\Windows\Security\edb.log C:\Windows\Security\tmp.edb This server happens to be hosting Exchange (it's the Front End box) but I don't believe this is related to Exchange. I see this directory and database/transaction logs for all of our Windows Server 2003 machines. I'm not having any luck finding articles that explain why these files are being skipped but from the error we get it's stated the files are unable to be opened. Any thoughts? Thanks, Tag: File Auditing Issues Tag: 102577
  - 18
    - TS License Server hardware requirements I am going to setup a 2003 server whose only role is Windows Terminal Server Licensing. I have 900 users and right now and 200 use Terminal Services Applications each day. Eventually 500 users will use it each day and of course they all don't log on at the same time. What are the hardware requirements for a server that could handle this? Thank You in advance. Tag: File Auditing Issues Tag: 102575
  - 19
    - Performance Monitor not logging counters I'm trying to log SQLServer:Cache Manager(_Total)\Cach Hit Ratio and SQLServer:General Statistics\User Connections but the counters are missing from the log file that is created. They have been added to the log with other counters. The other counters are being logged fine. I've reloaded the MSSQL counters and rebooted and have made zero headway. Does anyone have any thoughts on what to do next? Tag: File Auditing Issues Tag: 102574
  - 20
    - Reported drive size is half of what it should be. This is a multi-part message in MIME format. ------=_NextPart_000_0B8D_01C83730.467CA1B0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Hi, I have a Windows Server 2003 SP1 server using a Raid-5 array with 8 = 146GB drives. There is one basic partition that is 956.91 GB, but the = NTFS file system reports it as 410.09 GB. This appears under disk = management. The top line that shows the volume reports 410.09 GB. The = lower area with the partition information shows 1 partition of 956.91 = GB. Any idea how I can reconcile this difference without wiping the drive = and restoring from backup? --=20 Thanks, --=20 Thanks, Rob ------=_NextPart_000_0B8D_01C83730.467CA1B0 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META http-equiv=3DContent-Type content=3D"text/html; = charset=3Diso-8859-1"> <META content=3D"MSHTML 6.00.6000.16544" name=3DGENERATOR> <STYLE></STYLE> </HEAD> <BODY bgColor=3D#ffffff> <DIV><FONT face=3DArial size=3D2> <DIV><FONT face=3DArial size=3D2>Hi,</FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2>I have a Windows Server 2003 SP1 server = using a=20 Raid-5 array with 8 146GB drives. There is one basic partition that is = 956.91=20 GB, but the NTFS file system reports it as 410.09 GB. This appears under = disk=20 management. The top line that shows the volume reports 410.09 GB. The = lower area=20 with the partition information shows 1 partition of 956.91 = GB.</FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2>Any idea how I can reconcile this = difference=20 without wiping the drive and restoring from backup?</FONT></DIV><FONT = face=3DArial=20 size=3D2> <DIV><BR>-- <BR>Thanks,</DIV></FONT></FONT></DIV><FONT face=3DArial = size=3D2> <DIV><BR>-- <BR>Thanks,</DIV> <DIV> </DIV> <DIV>Rob</FONT></DIV></BODY></HTML> ------=_NextPart_000_0B8D_01C83730.467CA1B0-- Tag: File Auditing Issues Tag: 102570
  - 21
    - ntfs file system being recognized as raw Hi, I have this interesting problem and hope someone can help me out. I am running Windows 2003 server as the a file server and use an external 160G USB hard disk for data backup. The external drive is formatted using NTFS. The problem is whenever I connected the drive to the server, the OS won't recognize the NTFS partition. It see it as a basic disk with raw file system. However, I can still copy file back and forth to the external drive. Since Windows doesn't recognize the file system, it then doesn't assign a drive letter to it automatically when the drive is connected. I have to manually assign a drive letter every time I connect the drive to the server. This makes the scheduled backup job difficult to run as we rely on the end user to swap the drive without having them to do anything on the server console. I tried different drive and the problem still persist. Does anyone experience this problem before? Keith Tag: File Auditing Issues Tag: 102569
  - 22
    - Trouble Mapping a Windows 2003 Server Share from Windows Vista Background: In our office we have three (3) Windows Vista clients (new Dell PC's), and twelve (12) Windows XP SP2 clients (older PC's Dell, HP, etc) and a Windows 2003 Server (older Dell PC) that we use as a file server using simple sharing. The twelve (12) Windows XP SP2 clients can map the share with no problem ( I:\ drive mapped to \\X.Y.Z.155\Integration) and also use Explorer to navigate to the UNC path with no problem (\\X.Y.Z. 155\Integration) The Problem/Symptoms: The three (3) Windows Vista clients can map the drive and navigate to the UNC path but all experience severely reduced functionality manifested as: 1) long delays traversing the directory structure - like 15 to 30 seconds to go up or down one directory within the share. 2) "Not Responding" in the title bar of the Explorer window during directory traversals. Remediation Steps We Tried: We had thought that the NTLMv2 settings in the Local Security Policy (Network security:LAN Manager authentication level) werre incorrect or different between Windows Server 2003 and Windows Vista, so we then set both to: "Send NTLMv2 response only\refuse LM & NTLM" (http:// technet2.microsoft.com/windowsserver/en/library/b7cff04a-53d0-44a7- b2f4-496a17470fb41033.mspx?mfr=true) But the symptoms experienced by the three (3) Windows Vista clients are the same. Workaround (SneakerNet): Now, all three (3) of the Windows Vista client users have to use UFD (USB Flash Drives) or burn CDROMs/DVD/s and carry them over to the Windows 2003 Server to add files or just sit at the File Server in order to access our shared files - a sad "punishment" for using the Windows Vista. Other options we are considering are running Windows XP virtual machines in either VMWare or MS Virtual PC on each Windows Vista machine as a workaround Question: Is this a known issue between Windows Vista and Windows 2003 Server or any other O/S. Brian Jester Tag: File Auditing Issues Tag: 102567
  - 23
    - VPn Error, wrong forum? Thanks for any help I posted elsewhere, but i need all the help i can get.. here is what i have, i can get to the internet through either connection, I can setup a vpn session to 10.0.1.106 from my local pc (10.0.1.107) and it connects, but if I try and go from 10.0.1.107 - internet my ip on the wan side of my router, i get the 721 error. I use the same user name and password on both connections in my router is forwarded ports 41-47 to 10.0.1.106 1723 to 10.0.1.106 maybe i dont have port 47 setup right, i just set it up under port forwarding to go to my win2k3 sevr pptp pass through is enabled. Please suggest anything, I have tried most things I have found on the internet, including disableing nic 2 until the svr boots up, still not working? router --- hub --- win2k3 server nic 1 10.0.1.5 -- 10.0.1.106 other side router --- hub --- router --- w2k3 svr nic 2 10.0.1.5 -- 192.168.15.1 -- 192.168.15.2 internet to wan side, gets up to verifying username and password, then gives the 721 error I justed checked with Comcast and they say they do not block GRE packets Also I have a linksys router. What confuses me is that if i us the intrant i can log on no problem, its just when i use the internet i have to problem. thanks Tag: File Auditing Issues Tag: 102566
  - 24
    - mapped drives disconnect and logon takes too long after router change ok let me tell u what has changed in my network creating those issues i started admin this networ few mnths ago... i didnt set it up though.... i didnt touch the server... just did updates on it.... then router (netgear wgr614 v6 stopped working and the owner got linksys WRT54G and i set everything up (access to the internet basicly) and i think since then mapped network drives on win 2K3 just disconnect randomly... (no red X though) - it just says that this drive can not be accessed plus the logging takes like 2 mins right now.... And someone told me its DNS issue :( Anybody please !!!!! Tag: File Auditing Issues Tag: 102562
  - 25
    - Migration from Novell Help Greetings all, I need a bit of help and some good information on how to migrate Novell 6.x file servers into windows 2003 AD. The environment I am dealing with has about 2500 users. Also it is 24/7 so there is unfortunately no downtime. I need to make sure replication is of course working and would like if possible to only use Microsoft tools. Please let me know thoughts or if I should consider a third party tool. Thanks in advance Tag: File Auditing Issues Tag: 102561

I would like to setup file auditing on our file server to see who is
deleting files. We are using Server 2003 Enterprise which is the
domain controller.

Here is the problem. I go into the Group Policy Editor and enable
auditing on "Audit Object Access." Then I add the ACL on the certain
folder on want to watch.

In my security log, I get a new entry every half second barking about
successful registry changes. This machine has never been touched in
terms of setting up auditing. I have gone to "regedit" and looked at
the permissions on each root folder. No auditing seems to be set at
the root. What can I do to stop the auditing of the registry? Is there
an easy way to see all ACL's that are set? Thanks!

Top