Pugazhnetwork

Replication is another common AD trobleshooting scenario. AD replication issues usually turn out to be caused by one of the following: a)     Faulty, substandard or misconfigured network equipment or WAN links b)     USN rollback  issues caused by using unsupported restore methods (disk imaging of DC's, P2V utilities, snapshots, etc.) c)        DNS issues d)     Lingering objects For  'a';  the classic examples are VPN Accelerators, Firewalls that are either rejecting traffic or only allowing packets of a specific size through, Stateful Packet Inspection on Firewalls, etc.  A firewall that is 'allowing all traffic through' is still a firewall that can be affecting the replication. This includes personal firewalls or network filters installed locally on DC's and can even include the Windows Firewall Service or ISA Server Firewall Client if it is running on the DC. For troubleshooting AD Replication,  Repadmin  is the first and best tool that you s

Winlogon is the main component that logs data to the Userenv.log file (through userenv.dll). If Userenv debug logging is enabled as per KB 221833, the userenv.log file will include the following: -         Slow link detection -         Machine Group Policy Application -         Processes and applications which start up as part of Userinit.exe (this includes most Startup items) -         Machine startup and shutdown scripts -         Profile loading or unloading at user login/logoff -         User Group Policy Application -         Internet Explorer GPO processing -         User login and logoff scripts -         Firewall rules processing for Windows Firewall The userenv.log file is hardcoded to be renamed to userenv.bak (and the existing userenv.bak file deleted) if the existing userenv.log file is larger than 300 Kb at logon.    On a busy system this will be overwritten very quickly. Each line in the userenv.log file wi

The following case came in recently: I’ve added a new W2k8 DC to our domain, it seemed to replicate fine and DCPROMO didn’t report any errors.    However, I seem to be getting authentication errors when trying to connect via RDP from the new W2k8 DC to other DC’s in the forest.   I’m only seeing this when Vista and/or W2k8 are involved on both ends, I’m concerned that we may have an error in our AD after the W2k8 upgrade. Here’s what turned out to be causing the issue: -            With Windows 2008, the concept of RODC’s is introduced.    Each RODC has its own Kerberos Ticket Granting Ticket (krbtgt) account that it uses to issue Kerberos tickets (compared to RWDC’s which all share the same krbtgt account within the domain).    This is to make sure a compromise of an RODC doesn’t compromise the security of the krbtgt account on all DC’s. -            The format of the RODC-specific KRBTGT principal is krbtgt_<RODC name> and this is what is used for registering t

Possible Root Causes for Account Lockouts ? Persistent drive mappings with expired credentials Active sync devices (cell phone,etc..) ? Mobile devices using domain services like Exchange mailbox ? Service Accounts using cached passwords ? Scheduled tasks with expired credentials ? Clear the stored credentials - cmd "RunDll32.exe keymgr.dll,KRShowKeyMgr" ? Misconfigured domain policy settings issues ? Disconnected Terminal Server sessions ? Programs that may pass user credentials to a centralized network program or middle-tier         application   layer --- Client side troubleshooting Mobile device / BYOD Server side checklist --- Client side Perform the below steps on client side (local desktop / laptop) Check If a Local User Account is present with the same Name as AD account. If same ID is available, rename local ID to some other ID. Clear Temporary Files Delete Cookies / Temp Files / History / Saved passwords / Forms from all the browsers. Start —

Use the System File Checker tool to repair missing or corrupted system files Applies to:  Windows 8.1 Windows 8.1 Enterprise Windows 8.1 Pro   More System File Checker is a utility in Windows that allows users to scan for corruptions in Windows system files and restore corrupted files. This article describes how to  run the System File Checker tool (SFC.exe)  to scan your system files and to repair missing or corrupted system files. If a Windows Resource Protection (WRP) file is missing or is corrupted, Windows may not behave as expected. For example, some Windows functions may not work, or Windows may crash.  Run the System File Checker tool (SFC.exe) To do this, follow these steps: Open an elevated command prompt. To do this, do the following as your appropriate: Show all Windows 8.1 or Windows 8 Windows 10, Windows 7, or Windows Vista If you are running Windows 10, Windows 8.1 or Windows 8, first run the inbox Deployment Image Se