Domain account locks frequently

Domain accounts were locking when a Windows workstation starts. User is asking the Domain Administrator to unblock the account.

The Windows computer had a hidden old password from that domain account.

There are passwords that can be stored in the SYSTEM context that can't be seen in the normal Credential Manager view

Run from an elevated command line

C:\>rundll32 keymgr.dll,KRShowKeyMgr

The above command will present the stored usernames and passwords for your workstation.

Delete any stored account that causes the issue.

Re-register Windows VSS writers on Windows 2003 and 2008

This article details how to re-register the Windows VSS writers.

Windows 2003

Create and Execute a batch file named, FIXVSSWIN2003.BAT

Please note the following:

You will need to run the batch file as Administrator.
After running the bat file, you will need to reboot the server to bring all of the writers into a stable state.

Copy and paste the following into notepad or any text editor and then click Save As, to save it as FIXVSSWIN2003.BAT

rem FILENAME: FIXVSSWIN2003.BAT
rem
net stop vss
net stop swprv
cd /d %windir%\system32
regsvr32 ole32.dll
regsvr32 vss_ps.dll
Vssvc /Register
regsvr32 /i swprv.dll
regsvr32 /i eventcls.dll
regsvr32 es.dll
regsvr32 stdprov.dll
regsvr32 vssui.dll
regsvr32 msxml.dll
regsvr32 msxml3.dll
regsvr32 msxml4.dll

Windows 2008

Create and Execute a batch file named, FIXVSS08.BAT:

Please note the following:

• You will need to run the batch file as Administrator.
• This is only for Windows 2008 not Windows 2003.
• After running the bat file, you will need to reboot the server to bring all of the writers into a stable state.

Copy and paste the following into Notepad, then click Save As, to save it as FIXVSS08.BAT.

rem FILENAME: FIXVSS08.BAT
rem
net stop "System Event Notification Service"
net stop "Background Intelligent Transfer Service"
net stop "COM+ Event System"
net stop "Microsoft Software Shadow Copy Provider"
net stop "Volume Shadow Copy"
cd /d %windir%\system32
net stop vss
net stop swprv
regsvr32 /s ATL.DLL
regsvr32 /s comsvcs.DLL
regsvr32 /s credui.DLL
regsvr32 /s CRYPTNET.DLL
regsvr32 /s CRYPTUI.DLL
regsvr32 /s dhcpqec.DLL
regsvr32 /s dssenh.DLL
regsvr32 /s eapqec.DLL
regsvr32 /s esscli.DLL
regsvr32 /s FastProx.DLL
regsvr32 /s FirewallAPI.DLL
regsvr32 /s kmsvc.DLL
regsvr32 /s lsmproxy.DLL
regsvr32 /s MSCTF.DLL
regsvr32 /s msi.DLL
regsvr32 /s msxml3.DLL
regsvr32 /s ncprov.DLL
regsvr32 /s ole32.DLL
regsvr32 /s OLEACC.DLL
regsvr32 /s OLEAUT32.DLL
regsvr32 /s PROPSYS.DLL
regsvr32 /s QAgent.DLL
regsvr32 /s qagentrt.DLL
regsvr32 /s QUtil.DLL
regsvr32 /s raschap.DLL
regsvr32 /s RASQEC.DLL
regsvr32 /s rastls.DLL
regsvr32 /s repdrvfs.DLL
regsvr32 /s RPCRT4.DLL
regsvr32 /s rsaenh.DLL
regsvr32 /s SHELL32.DLL
regsvr32 /s shsvcs.DLL
regsvr32 /s /i swprv.DLL
regsvr32 /s tschannel.DLL
regsvr32 /s USERENV.DLL
regsvr32 /s vss_ps.DLL
regsvr32 /s wbemcons.DLL
regsvr32 /s wbemcore.DLL
regsvr32 /s wbemess.DLL
regsvr32 /s wbemsvc.DLL
regsvr32 /s WINHTTP.DLL
regsvr32 /s WINTRUST.DLL
regsvr32 /s wmiprvsd.DLL
regsvr32 /s wmisvc.DLL
regsvr32 /s wmiutils.DLL
regsvr32 /s wuaueng.DLL
sfc /SCANFILE=%windir%\system32\catsrv.DLL
sfc /SCANFILE=%windir%\system32\catsrvut.DLL
sfc /SCANFILE=%windir%\system32\CLBCatQ.DLL
net start "COM+ Event System"

Additional Useful Commands:

1. Open the Command (DOS) Prompt with administrator rights and enter: vssadmin list writers to determine all the VSS writers installed on the machine and their status (stable, error, etc).

2. Open the Command (DOS) Prompt with administrator rights and enter: vssadmin delete shadows /all  to clean up any dead VSS snapshots that may be slowing down the machine.

Mcafee Failed to authenticate with remote system, system error: There is no user session key for the specified logon session

I was trying to automatically install an Mcafee agent v.4.6 to a Windows 2008 R2 and I was getting the following message in ePO console.

Mcafee Failed to authenticate with remote system, system error: There is no user session key for the specified logon session.

Problem?

Time sync.

Target server had more than 2 hours difference from domain time. So adjusted time and issue resolved.

Tasks for New Server Installation

Tasks for New Server Installation

The tasks bellow must be performed before any applications or software is installed to the server.

1.      Unpack server and follow rack installation instructions.

2.      Install any additional hardware that is required in the server (CPUs, RAM, Disks, Adapters)

3.      Upgrade Firmware in all components of the Server

4.      Configure RAID for DAS Disks using adapter utility

5.      Install Operating System

6.      Specify password for local administrator.

7.      Install latest driver pack for installed server

8.      Reboot server

9.      Configure networking (optional)

a.       Verify network connectivity

10.  Install Antivirus software and update

11.  Rename computer name

12.  Join server on domain

13.  Assign the Computer object in AD DS to the proper container

14.  Verify GPOs are applied properly for the new server

15.  Perform Windows Update

a.       Install required updates

b.      Verify installed updates

16.  Install Windows Backup Feature (Windows 2008)

17.  Perform a system image backup.

a.       Copy system image backup on an external resource.

18.  Reboot Server

19.  Verify all components and services are operating normally

20.  Check Event log for new Warning and Error entries

Mcafee ePO Agent and Windows Firewall

Create a new GPO and navigate to the following section

Computer Configuration\Administrative Templates\Network\Network Connections\Windows Firewall\Domain Profile\

Select the following policy setting

Windows Firewall: Define inbound port exceptions

#########################################################
# McAfee Inbound Port Settings
#########################################################


Agent to Server Communication. These ports must be enabled on Server

80:TCP:192.168.10.0/25:Enabled:HTTP Service
84:TCP:192.168.10.0/25:Enabled:Agent-to-server
8444:TCP:192.168.10.0/25:Enabled:Sensor-to-Server
8444:UDP:192.168.10.0/25:Enabled:Sensor-to-Server (UDP)

Server to Agent Communication. These ports must be enabled on Clients

8081:TCP:192.168.10.0/25:Enabled:Agent wakeup (TCP)
8081:UDP:192.168.10.0/25:Enabled:Agent wakeup (UDP)
8082:TCP:192.168.10.0/25:Enabled:Agent broadcast (TCP)
8082:UDP:192.168.10.0/25:Enabled:Agent Broadcast (UDP)

Of course is recommended to specify the Server firewall settings in a different GPO that the one that is targeted to clients.

Simple as that,

SCCM 2007 SP2 on Windows Server 2008 x64 - Reporting Point Graphs and Charts

After installing System Center Configuration Manager 2007 SP2 (SCCM) on a Windows Server 2008 SP x64 system, I decided to install also the Reporting Point on this Site Server.

SQL Reporting Services and ConfigMgr Report Services Point configured properly and I didn't had any issues copying and running reports on IIS 7.0. But when I came to a report that had a graph I got the following message:

"This report has a chart, but the Microsoft Office Web Components required to view charts are not installed on the Reporting Point. Please contact your administrator."

I downloaded and installed in the Office 2003 Add-in: Office Web Components from

http://www.microsoft.com/downloads/details.aspx?FamilyID=7287252c-402e-4f72-97a5-e0fd290d4b76&DisplayLang=en

After that, I tried to run again the report and still I was getting the same informational message.

After doing some research on the issue I found that I need to create a custom Application Pool with enable32BitAppOnWin64 set to True. This because the worker responsible to execute the graphs needs to operate in 32bit mode. Then I've assigned the reporting point web site to the custom 32bit application pool and when I tried to open the reporting point web site on a browser I got a new error message.

HTTP Error 500.19 – Internal Server Error


So I started wondering what causes the problem. After some research again I identified that it was WSUS 3.0 SP2 x64 and more specifically the 64bit version compression module (suscomp.dll).

Therefore the solutions on this were the following. Either disable totally the compression scheme on the web site, but this will cause wsus responses to be uncompressed and this will cause some performance degradation. Or to replace the 64bit version of suscomp.dll with the 32bit version.

To view the compression scheme, run the following command

%windir%\system32\inetsrv\appcmd.exe list config -section:system.webServer/httpCompression

the command will display the compression scheme for the webserver. Schemes are registered globally therefore by removing them, the compression is disabled on the webserver.

To remove the compression scheme type:

%windir%\system32\inetsrv\appcmd.exe set config -section:system.webServer/httpCompression /-[name='xpress']

To add the compression scheme type:

%windir%\system32\inetsrv\appcmd.exe set config -section:system.webServer/httpCompression /+[name='xpress',doStaticCompression='false',dll='%windir%\system32\inetsrv\suscomp.dll']

References

Run Charts in ConfigMgr Reports when the Reporting Point is located on a Windows Server 2008 x64 server
http://uje.spaces.live.com/blog/cns!DAE27042D25E8A2A!310.entry

500.19 Error When Enabling 32-bit Application Pool
http://forums.iis.net/t/1149768.aspx

Error message when you visit a Web site that is hosted on IIS 7.0: "HTTP Error 500.19 – Internal Server Error"
http://support.microsoft.com/kb/942055

Measure the bandwidth between to points

Here is a very useful tool to measure the bandwidth between to points.

http://www.noc.ucf.edu/Tools/Iperf/


Usage Example

On Campus Command Line: iperf -c 10.0.13.68 -w 2m

Off Campus Command Line: iperf -c 132.170.3.31

results should look like this:

------------------------------------------------------------
Client connecting to 10.0.13.68, TCP port 5001
TCP window size: 8.00 KByte (default)
------------------------------------------------------------
[1924] local (your IP) port 1500 connected with 10.0.13.68 port 5001
[ ID] Interval Transfer Bandwidth
[1924] 0.0-10.0 sec 111 MBytes 92.9 Mbits/sec

You're interested in the red numbers

Text taken from original web site.