Event - Source AutoEnrollment ID: 15

Automatic certificate enrollment for DOMAIN\user failed to contact the active directory (0x8007052b). Unable to update the password. The value provided as the current password is incorrect.
Enrollment will not be performed.

---------------------------------

http://support.microsoft.com/kb/310461

Cause:

This problem may occur if the Autoenrollment feature cannot reach an Active Directory domain controller. In a Microsoft Windows NT 4.0 domain, Active Directory is not available. Therefore, the Autoenrollment feature cannot work. In an Active Directory domain that has Microsoft Windows 2000 or later domain controllers, the problem may be caused by a DNS name resolution or by network connectivity issue.

Back to the top

RESOLUTION

For a Microsoft Windows XP-based computer or a Microsoft Windows Server 2003-ba...

For a Microsoft Windows XP-based computer or a Microsoft Windows Server 2003-based computer that is joined to a Windows NT 4.0 domain, to turn off the Autoenrollment feature in the Local Group Policy, follow these steps on the local workstation:

1. Click Start, click Run, type gpedit.msc, and then press ENTER.
2. In the left pane, expand Computer Configuration, expand Windows Settings, expand Security Settings, and then expand Public Key Policies.
3. Double-click Autoenrollment Settings.
4. Click Do not enroll certificates automatically.
5. Click OK.
6. Repeat steps 2 through 5, but in step 2, expand User Configuration, expand Windows Settings, expand Security Settings, and then expand Public Key Policies.
7. Close the Group Policy window.

For a computer that is a member of a Windows 2000 or later Active Directory domain, make sure that the domain member has network connectivity with at least one domain controller.

After you have determined that you have good Internet Protocol (IP) connectivity between the member and a domain controller, correct the DNS address in the IP properties of the workstation. To do this, follow these steps:

1. Start the Network Connections tool in Control Panel.
2. Right-click Local Area Connection, and then click Properties.
3. Click Internet Protocol (TCP/IP), and then click Properties.
4. Type the correct DNS address in the Preferred DNS server box.
5. Click OK.

Exchange 2007 - Backups

Exchange 2007 - How to Change the First Storage Group log file location (to save running out of disk space)

Open the EMC - Click on Server Configuration - On Mailboxes Right Click the top Mailbox "First Storage Group" by default it will log through to c:\ if not changed.

The default log file location is:
:\Program Files\Microsoft\Exchange Server\Mailbox\First Storage Group

To Change the log file location of the First Storage Group

Open EMC
Server Configuration
Mailbox
R/C First Storage Group - Select Move Storage
This will take the Storage Group offline automatically and back online when its finished.

Exchange 2007 - EdgeTransport.exe.config.txt

To be found in c:\program files\Microsoft\Exchange Server\Bin\

Exchange 2007 - low disk space

Free up disk space:

Delete log files:

c:\windows\system32\LogFiles\W3SVC1\

Change the Queue Path.

Goto: c:\program files\Microsoft\Exchange Server\Bin

Make a Backup of EdgeTransport.exe.config.txt ie: EdgeTransport.exe.config.txt.20090715.txt

Edit EdgeTransport.exe.config.txt

Create a folder somewhere else (on another drive) - edit the folder's ACL to include System, Network Service (full access rights), Administrator

Change the path of the "QueueDatabasePath" value to the newly created folder.

Change the path of the tempstorage

Before you move you any files - stop the service Microsoft Exchange Tansport - and start when finished.

Using Diruse
from command line: diruse /s /m /q:1.5 /l /* "c:\program files\" /L .\diruse.log

This nice little command will log a snapshot of your directories in mb's - exceeding 1.5mb in size to c:\diruse.log

Run a normal Disk Cleanup Utility to clean some files up.

Run a defrag on the exchange database

http://technet.microsoft.com/en-us/library/aa998863.aspx

Exchanger 2007 - GAL & OAB Update

Get-GlobalAddressList | Update-GlobalAddressList -Verbose


Get-OfflineAddressBook| Update-OfflineAddressBook -Verbose

Add a persistant Route to Windows XP routing table

route ADD -P 192.168.0.8 MASK 255.255.255.0 192.168.0.1

IP Address followed by the Network MAsk and the Gateway

CIDR - Conversion Calculator

Just to make my life easier

http://www.subnet-calculator.com/cidr.php

Backing up Exchange 2007 using ntbackup

Ran out of disk space on my Exchange server on the c:| drive - tried to parse some logs but got this error when trying to backup using ntbackup:

The 'Microsoft Information Store' returned 'Functions called in an invalid sequence.

Make sure the Microsoft Information Stores (store.exe) is running.

Space Errors in Event log:

Source: MSExchangeTransport
Category:ResourceManager
Event ID:15006

The Microsoft Exchange Transport service is rejecting message submissions because the available disk space has dropped below the configured threshold.

Source: MSExchangeIS
Category: General
Event ID: 9518
Error Log disk full starting Storage Group /DC=uk/DC=co/DC=qsoft/DC=corp/CN=Configuration/CN=Services/CN=Microsoft Exchange/CN=Mail/CN=Administrative Groups/CN=Exchange Administrative Group (FYDIBOHF23SPDLT)/CN=Servers/CN=MAIL1/CN=InformationStore/CN=First Storage Group on the Microsoft Exchange Information Store. Storage Group - Initialization of Jet failed.

No backups have ever been made since we started utilizing this Server - so a recommended backup was suggested.


I couldn't backup due to the low space warning so I rebooted the Server and was able to do backups then.

NTbackup - Backup Types

Normal
Backs up selected files, and mark each file as backed up.

Copy
Backs up selected filed, but doen not mark any as backed up.

Incremental
Backs up selected files only if they were created or modified since the previous backup.

Differential
Backs up selected filed only if they were created or modified since the previous backup, but does not mark them as backed up.

Dialy
Backs up only files that were created or modified today.

Win XP Pro - Autologin

http://support.microsoft.com/kb/315231

Event - Source Userenv, Event ID: 1511

Event ID: 1511

Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.

Event ID: 1502

Windows cannot load the locally stored profile. Possible causes of this error include insufficient security rights or a corrupt local profile. If this problem persists, contact your network administrator.

DETAIL - The process cannot access the file because it is being used by another process.

2 FIXES - Boot into Safe mode and move the profile out of the way:

(Microsoft's way)

Create a New User Account

To create a new user account, follow these steps:

1. Start the computer in Safe Mode, and then restart the computer.
   1. After the Power On Self Test (POST), press the F8 key.
   2. On the Windows Advanced Options menu, use the ARROW keys to select Safe Mode, and then press ENTER.
   3. When you are prompted to select the operating system to start, select Windows XP <edition>, where <edition> is the edition of Windows XP that you have installed, and then press ENTER.
2. Log on as Administrator.
   1. On the "To begin, click your user name" screen, click Administrator.
   2. Type the administrator password, and then press ENTER.
      
      Note In some cases, the Administrator password may be set to a blank password. In this case, do not type a password before you press ENTER.
3. In Control Panel, click User Accounts.
4. Create a new user account. Windows makes a new directory for the account in the Documents and Settings folder.
5. Quit the User Accounts tool, and then restart the computer.

2nd Method

Backup files and wipe & reinstall XP

How to undelete a removed mailbox - Exchange 2007

Sometimes when you disable or remove a mailbox - you can't view it in the "Disconnected Mailbox" tab.

Run the Clean-Mailbox command.

Open Power Shell

Get-Mailbox Database

"this will display a list of mailboxes that was recently removed"

Clean-MailboxDatabase
Identity:

When prompted enter the mailbox database you want to clean

I suggest running it on all the Mailbox Databases (As you might have accidently put the user in a wrong database)

Exchange 2007 - Deleted Items Settings

Open the EMC

- Expand the Server Configuration
- Click on Mailbox -right click - Properties
- Click on the Limits Tab
- Set "Deletion Settings"

Event Viewer - Source: DNS, Event ID:4000

The DNS server was unable to open Active Directory. This DNS server is configured to obtain and use information from the directory for this zone and is unable to load the zone without it. Check that the Active Directory is functioning properly and reload the zone. The event data is the error code.

Fix:

on the mail rootdc run

dcdiag -fix

& a restart

Outlook 2007 cache

To remove Outlook Cache on Windows XP

\documents & Settings\username\Application Data\Microsoft\Outlook\Outlook.nk2

Better to just rename this file - when Outlook starts up again it will recreate this file.

Exchange 2007 - Interforest Migration Tip

Yesterday I had a ton of problems migrating mailboxes to the new Exchange Server.

What I've found is when you move a mailbox and you have to try it again, instead of disabling the mailbox that failed - use the command below:

-AllowMerge

This command dont' mind that you've already migrated a mailbox and won't throw up any errors.

ADMT Agent - how to stop it

Finding the ADMT Agent running on a workstation and how to kill it.

pslist \\pcname

ADMTAgnt

pskill -t \\computername -u user -p password "PID" (Process ID)

Exchange 2007 - Interforest Mailbox Move - Errors

"Failed to set basic mailbox information, will retry in 60 seconds"

"Error occurred in step - Approving object: failed to open object 'LDAP://qhqroodc1.corp.company.co.uk" There is no such object on the server.

Fix:- Disable half created mailbox on new exchange server (target server), disable user in new forest (target domain). Migrate user from source domain to Target domain, migrate mailbox again.

Unable teo offer "Remote Assistance" after inter forest domain migration

http://forums.techarena.in/windows-security/38417.htm

Unable to Logon to Win2003 Domain AD Due to Windows Cannot Connect to the Domain Error - PART 2

If your disk is encrypted with TrueCrypt you cannot use Ophcrack - as Ophcrack cannot see the partition.

So using the TrueCrypt Rescue Disk - I'm now decrypting the HDD - as when you've got an encrypted disk the disk will not boot or be accessible in any way if you don't put the boot-up password in first - so when running Ophcrack - it bypasses the password but won't allow you access to the hdd.

To Decrypt a HDD using TrueCrypt Rescue Disk
- -> Write the ISO to disk
--> Boot with ISO
--> F8 - choose [1] Permanently decrypt system partition/drive

grrrrrrrrrrr what a pain....

After decrypting the HDD I can run ophcrack - get the password & logins
Remove the Laptop from the domain - add it to a "workgroup" - without restarting
Remove the Computer Account from the domain
On the laptop - Join the new domain & restart

Unable to Logon to Win2003 Domain AD Due to Windows Cannot Connect to the Domain Error

Yesterday I migrated 8 workstation to a new domain. 6 Machines migrated absolutely fine, the other 2 couldn't see the domain and complained of "Unable to Logon to Win2003 Domain AD Due to Windows Cannot Connect to the Domain Error"

One of the 2 machines worked fine this morning (mind baffling!) but I still have this problem with a Dell Latitude D505 laptop.

Steps I'm taking.....

I am unable to login with any domain account (hence the error) nor my local administrators account.

1. Unplug the network cable

2. Login as local administrator - unable to - even with the network cable unplug the OS still seeks a domain to authenticate against.

Using Ophcrack

- Download the latest Ophcrack (2.3.0) -unable to find any partitions with hashes - and even unable to mount the NTFS drive.

Downloading an older version (1.2.2)

Day 1: ADMT - Inter forest migration

ADMT - falls over if you try to do more than 2 security translations - I've selected 5 machines, it completed only 2 and the other 3 were marked as "unable to ping" - which is nonsens as I was able to ping/connect to them.

Errors:
"Unable to access ADMIN$ share on PC"

FIX - add a admin user from the new domain to the PC

Errors:
"Unable to retrieve the DNS hostname for migrated computer "computername". The ADSI property cannot be found in the property cache (Hr=0x8000500d)

- unable to login to PC either via administrator or any user
- had to delete corrupt profile from source domain


User Migration

I've migrated 8 users without any problems

Workstation Migration

Upto 8 workstation
(out of the 8 only 2 gave problems - where they wouldn't join the new domain and had to be put back into the old domain then add to the new domain)

1 of the 2 problem machines refused to login to either domain or as local admin - had to decrypt the hdd and use Ophcrack to check the login details.

HP Procurve 2820 - copy config

Start TFTP Server

SSH via Putty to the Switch

copy running-config tftp "IPADDRESS" filename.txt

The switch config will be copied to c:\tftp-root\filename.txt

How to join a Win2003 Srv to a domain or change name

Start - Run "sysdm.cpl"

Click on Computer Name - click on Change

Exchange 2007 - Interforest Mailbox Move

(don't be hasty with this process...Exchange 2007 Server is set to Africa-time)

Mailbox Migration from Exchange 2007 to another Exchange Server 2007 in a new domain.

$SourceCredentials = Get-Credential
domain\user

$TargetCredential = Get-Credential
domain\user

Move-Mailbox -TargetDatabase "mail1\First Storage Group\Users" -Identity username -GlobalCatalog server.domain.co.uk -SourceForestGlobalCatalog server.domain -NTAccountOU "OU=User Accounts,DC=domain,DC=company,DC=co,DC=uk" -SourceForestCredential $SourceCredential -TargetForestCredential $TargetCredential

CONFIRM
Are you sure you want to perform this action?
Moving Mailbox username to database mail1\First Storage Group\Users. The operation can take a long time and the mailbox will be inaccessible until the move is completed.

[Y] Yes [A] Yes to All [N] No [S] Suspend ?

"Opening source mailbox....."

AT the end the status message (right at the bottom of the confirmation) should say This mailbox has been moved to the target database.

Errors that I've encountered so far:

Failed to set basic mailbox information.

Mailbox was created as a "linked-mailbox" what is a linked-mailbox?
A linked mailbox is a mailbox in a seperate trusted forest.

How to convert a linked-mailbox to a regular mailbox?

Set-Mailbox UserXX -Type Room

You can use the following values for the Type parameter:

• Regular
  
• Room
  
• Equipment
  
• Shared

Mailbox Migration changes the Alias & Primary SMTP Address?

Give the server time to process the new mailbox (especially) in my case where the new Exchange server have not been in use for a few months...just sitting there.

You can view the Eventviewer to doublecheck

AD - FSMO Roles (Quick Guide)

Active Directory FSMO (Flexible Single Master) Roles.

Microsoft's best practise advice you not to put the Global Catalog Role on the DC that holds most of the FSMO Roles. Always put the Global Catalog on another server.

AD Installation Wizard (DCpromo.exe) defines 5 FSMO Roles:

1. Schema Master
2. Domain Naming Master
3. PDC Emulator
4. RID Master
   
5. Infrastructure Master (for each respective domain)

To inspect FSMO Roles:

Run "dsa.msc" (AD Users and Computers) right click on domain



Click on Operations Masters to view Roles

Inter Forest Domain Migration

Steps to migrate user/computer/mailbox from Windows Server 2003 AD to a new AD Forest Windows 2003 Servers.

Inter Forest Domain Migration

Step 1

Add admin resource login to all workstations
domain\res_migrate

Step 2

Migrate Workstation
Check that Workstation was migrated

Step 3

Migrate all groups

Step 3.a

Migrate user Account & Check that user wat created
Make a list of & Add user build-in accounts.


Step 3.a

Run security translation wizard on workstation

Step 4

Change Username to new login-type

Step 4.a

Migrate Mailbox
Check & if successful delete mailbox on Cheetah2
Create new contact on old exchang server for user

Step 5

Change password & set to password to be changed once user login


Step 6

Force Replication
AD Sites.Srv - server - NTDS setting - Select Server
- R/C Replicate now

Step 7

Login to new domain using name.surname@company.co.uk


Step 8

Update the MTA's with new IP Address of new mail server

Delete Outlook cache - appl~\microsoft\outlook\outlook.nk2

Point to new Exchange Server

F*cking Exchange Inter Forest Mailbox Migration

Open Powershell on Exchange 2007

First you need to set your Source & Target Credentials.

$c = Get-Credential

(Here you will be asked to enter your login credentials (with domain admin rights) on current domain)

$t = Get-Credential

(enter login credentials for Target Domain Controller)

Move-Mailbox -TargetDatabase "pwgmail1\First Storage Group\Users" -Identity clone -GlobalCatalog ***rootdc1.corp.***t.co.uk -SourceForestGlobalCatalog manx99.**** -NTAccountOU "OU=Admin,OU=User Accounts,DC=corp,DC=****,DC=co,DC=uk" -SourceForestCredential $SourceCredential -TargetForestCredential $TargetCredential


Errors Encountered:

"Failed to reconnect to Active Directory" (what does this mean? not a f*cking idea)

Check the Eventviewer - this will tell you that it is unable to connect to the domain you are trying to migrate your mailbox to.

Active@ KillDisk - Low Level Format

http://www.killdisk.com/

Performs a low-level format, that completely erase a hard disk - so that no undelete software can be used to recover any of it.

The free version, erases with a one pass zeros.

XP File recovery (NTFS)

Use NTFS Undelete (freeware)

Download and burn the ISO to disc

The disc will autorun - choose recover, it will go off and see what you can recover, choose the files and let it recover.

Its recommended that you don't recover to the disc where you've lost the files on.

Download from http://ntfsundelete.com/

XP Pro IIS Admin

Download tool here:

http://www.jetstat.com/iisadmin/download.asp

Def:

XP Pro IIS Admin is a free tool that enable you to use/create multiple websites on XP Pro and easily switch between them.

Windows XP Pro only allow you to create one website.

IIS - Restart Options

Via Services MMC

To stop IIS Service

"services.msc"

Goto "World Wide Web publishing Service" - stop it


Or via the command line:

"cmd"

iisreset /?

/RESTART
/START
/STOP
/REBOOT
/REBOOTONERROR
/NOFORCE (attemps to stop gracefully)
/TIMEOUT:val
/STATUS - displays status of all Internet services
/ENABLE - enable restarting of Internet services on local machine
/DISABLE

Corrupt Windows XP Profile

Event Viewer Errors:

Windows cannot load the locally stored profile. Possible causes of this error include insufficient security rights or a corrupt local profile. If this problem persists, contact your network administrator.

Source: Userenv
Event ID: 1511

Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.

Login - create new profile and copy over profile data - from old data - DO NOT copy corrupt profile into new profile.

Sometimes small problems can be fixed by using this tool - to fix corruptions:

Download and use the "User Profile Hive Cleanup Service"- this will install itself as a service and monitors the profile - if it finds that the data in memory is not in sync with the profile it will flush the data in memory to disc - preventing "lost" data when you reboot or logoff - this is the only workaround to the problem in XP.

Test if an email address exist without sending mail

First - Find mail exchanger of reddit.com

COMMAND:
nslookup - q=mx reddit.com
RESPONSE:
reddit.com MX preference = 10, mail exchanger = mail.reddit.com
mail.reddit.com internet address = 208.96.53.70

Second - Connect to mail server mail.reddit.com

COMMAND:
telnet mail.reddit.com 25
RESPONSE:
220 mail.reddit.com ESMTP Postfix NO UCE NO UEMA C=US L=CA Unsolicated electronic mail advertisements strictly prohibited, subject to fine under CA law CBPC 17538.45. This electronic mail service provider’s equipment is located in the State of California. See http://www.reddit.com/static/inbound-email-policy.html for more information.

COMMAND:
helo hi
RESPONSE:
250 mail.reddit.com

COMMAND:
mail from: youremail@gmail.com
RESPONSE:
250 2.1.0 Ok

COMMAND:
rcpt to: mailbox.does.not.exist@reddit.com
RESPONSE:
550 5.1.1 : Recipient address rejected: User unknown in local recipient table

COMMAND:
quit
RESPONSE:
221 2.0.0 Bye

Uknown PCI Device (on most new HP Workstations)

This is the Microsoft UUA Driver

Install PDFCreator without yahoo toolbar

From command line:

PDFCreator-0_9_8_setup.exe /silent /norestart /components=\"!toolbar\" /tasks=\"!
desktop_icon\"" /f"'