By SuperG - Last updated: Tuesday, April 3, 2012

Had a need to mirror a database the other day… As its been awhile since I have had to do this and it took entirely too long. After playing with it for a couple of days here are the steps we used to make it work.

Make a full backup of the database.

Read the rest of this entry »

Filed in SQL • Tags:

Windows Update service fails to start

By SuperG - Last updated: Tuesday, April 3, 2012

This is an easy one but I have see a lot of posts about it, and this last week I needed to fix a broken Windows Update agent myself as SCCM was no longer working due to the service hanging.

Windows update does not start. (Fails to start or never gets past “starting”)

You may see a DCOM error 10010 for CLSID {e60687f7-01a1-40aa-86ac-db1cbf673334}

Read the rest of this entry »

Filed in Events • Tags: ,

Remote Help not connecting

By SuperG - Last updated: Tuesday, April 3, 2012

Remote Help not connecting DCOM error

When using Microsoft Remote Help to connect to a computer you get the following window almost immediately.

Read the rest of this entry »

Filed in Events • Tags:

Delegating permissions to run Dfsrdiag

By SuperG - Last updated: Tuesday, April 3, 2012

Where I work, we have regional IT support personal to provide “touch labor”. They also run their own file share server that has DFSR setup back to the corporate headquarters. While troubleshooting an issue with one of the local IT support techs, I was having her run some DFSRDIAG commands but she was getting an error.

Looking up this error, you will find that this is a permissions issue. To set the permissions needed to run the DFS queries follow the directions below. Read the rest of this entry »

Filed in Uncategorized

JAVA 1330 Error and Fix

By SuperG - Last updated: Tuesday, April 3, 2012

JAVA 1330 Error invalid Digital signature

You try and install any version of JAVA on VISTA and your receive:

Error 1330. A File that is required cannot be installed because the cabinet file <path to file> has an invalid digital signature. This may indicate that the cabinet file is corrupt.

Read the rest of this entry »

Filed in Events • Tags:

Repair KMS errors: 0xc004e002 and 0xc004f012

By SuperG - Last updated: Tuesday, April 3, 2012

Repair KMS errors: 0xc004e002 and 0xc004f012

When trying to activate Windows using a KMS server you may see the following error.

Filed in Active Directory, KMS • Tags:

Mass Power Shell AD update from CSV file

By SuperG - Last updated: Tuesday, April 3, 2012

Make mass changes to AD using Power Shell AD and CSV file

You can update almost anything in AD using power shell. Here I will show how to update the company field of a user object.

First look at this page for information if your power shell script does not work with the following error:

“.ps1 cannot be loaded because the execution of scripts is disabled on this system.” Read the rest of this entry »

Filed in Active Directory, PowerShell • Tags: ,

Password Required for Local Accounts

By SuperG - Last updated: Tuesday, April 3, 2012

Set password required and password expires for all local user accounts

So I have a requirement to ensure all local accounts require a password and that the password can expire.

Below is a VB script that I run as a startup script from a Machine GPO. Later we will include this into our imaging process and remove the GPO. (Our imaging is done by SCCM so we will just add this as a task at the end)

I ended up doing this in 2 steps

The first part runs through all the local accounts and runs “net user User.Name /passwordreq:yes”

The second part looks to see if the password does not expire flag is set or not. If its is set to not expire then it gets changed to allow expire. Read the rest of this entry »

Filed in Uncategorized

ADWS and TMG Listener

By SuperG - Last updated: Tuesday, April 3, 2012

Certificate Errors ADWS and TMG

Ran into a problem when trying to setup a Web Listener on TMG.

Exported the SSL Certificate from the IIS server (with private key)

Imported the SSL Certificate to the TMG server

Created the Web Listener

When choosing the SSL Certificate to use for the Web Listener I would get:

Incorrect key type for the Private Key

This is NOT a Cryptography Next Generation (CNG) certificate because TMG (and ISA) don’t support CNG (V3 Certificates). So that is not the problem.

After digging around and looking at manual certificate requests, I noticed that the KeySpec was not set the same.

It seems that by default KeySpec is set to 2 when doing a manual certificate request on Windows 2008R2.

The trouble is caused by the KeySpec=2 (Signature)

This should be changed to KeySpec=1 (Exchange)

On a similar note, the above “Default” seems to also be a problem when doing custom Certificate request for Domain Controllers that are running the Active Directory Web Services.

In the Event Viewer you see:

Active Directory Web Services could not initialize its endpoints. A networking error could have occurred

Event ID: 1002

Source: ADWS

And you may see:

An TLS 1.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

Event ID: 36874

Source: Schannel

Computer: {This will be the Domain Controller}

So looking at this, the ADWS is failing because the server can not make a SSL connection with itself.

If you set the KeySpec=1 for the DC certificate or install a separate SSL certificate with the KeySpec set to 1 ADWS will start to work and the 2 above event logs will no longer be generated

Taken from an old Certificate request text file:



Filed in Uncategorized

Deleted AD Objects

By SuperG - Last updated: Tuesday, April 3, 2012

When an object is deleted in AD (2008R2 with recycle Bin installed), that object is marked as being deleted and moved to a special OU.

You can find this object using Active Directory for Windows PowerShell.

Get-ADObject -Filter ‘samaccountname -eq “<Account name>“‘ -IncludeDeletedObjects


Get-ADObject -Filter ‘samaccountname -eq “ThompsonDA”‘ -IncludeDeletedObjects

Deleted : True

DistinguishedName : CN=Thompson Donald (Test)\0ADEL:64588b0d-a45c-4845-ae92-deb3e5930206,

CN=Deleted Objects,DC=<Domain>,DC=com

Name : Thompson Donald (Test) DEL:64588b0d-a45c-4845-ae92-deb3e5930206

ObjectClass : user

ObjectGUID : 64588b0d-a45c-4845-ae92-deb3e5930206

This shows that the object was deleted, but not a lot more. So to get more information on the object we can look at the replication information.

Then by looking at the isDeleted attribute, we can use the date time stamp to see when the object was deleted and the Originating DSA to see what DC the object was deleted on.

repadmin /showmeta “<GUID=GUID OF OBJECT>” <Domain Controller>


repadmin /showmeta “<GUID=64588b0d-a45c-4845-ae92-deb3e5930206>” DC1

35 entries.

Loc.USN Originating DSA Org.USN Org.Time/Date Ver Attribute

======= =============== ========= ============= === =========

12944950 Default-First-Site-Name\DC1 12944950 2011-05-13 09:01:58
1 isDeleted

By looking at Ver you can tell how many times this attribute has been changed In this case, Once, when the object was deleted.

If you undelete this it will change to 2.

So now that you have a Date and time you can now lookup who made the change. Look at the events on the DC that recorded the change. In this case DC1

By looking in the event logs on the Originating DSA we can see the events about this object.

This is assuming that you have auditing enabled.

To Audit changes to AD need to set “directory service changes” to enabled (you should do this on all the DCs).


auditpol /set /subcategory:”directory service changes” /success:enable

Look in the security events for the Event ID you are looking for and during the time when the event happened.

In this case we are looking for event ID 4726 (User Delete) and during 2011-05-13 09:01:58

So filter the security events for these parameters

Look at the Log and you can see what account deleted the Object


Filed in Active Directory • Tags: