PowerShell 3.0 Is Now Available for Download!

Windows PowerShell 3.0 is now available to download for Windows 7, Windows Server 2008 R2, and for Windows Server 2008. Windows PowerShell 3.0 comes in the Management Framework 3.0. You can download Windows PowerShell 3.0 from the Microsoft Download Center. You need to download the appropriate package for your target operating system. Windows 7 and Windows Server 2008 R2 must have at Service Pack 1, and Windows Server 2008 requires Service Pack 2. There are a number of enhancements in Windows PowerShell 3.0 including workflow, new cmdlets, and improvement language features.

Windows 2008 ve Windows 2008 R2 Security Event IDs – Audit Category

Audit account logon events

Event ID Description

4776 – The domain controller attempted to validate the credentials for an account

4777 – The domain controller failed to validate the credentials for an account

4768 – A Kerberos authentication ticket (TGT) was requested

4769 – A Kerberos service ticket was requested

4770 – A Kerberos service ticket was renewed

Audit account management

Event ID Description

4741 – A computer account was created.

4742 – A computer account was changed.

4743 – A computer account was deleted.

4739 – Domain Policy was changed.

4782 – The password hash an account was accessed.

4727 – A security-enabled global group was created.

4728 – A member was added to a security-enabled global group.

4729 – A member was removed from a security-enabled global group.

4730 – A security-enabled global group was deleted.

4731 – A security-enabled local group was created.

4732 – A member was added to a security-enabled local group.

4733 – A member was removed from a security-enabled local group.

4734 – A security-enabled local group was deleted.

4735 – A security-enabled local group was changed.

4737 – A security-enabled global group was changed.

4754 – A security-enabled universal group was created.

4755 – A security-enabled universal group was changed.

4756 – A member was added to a security-enabled universal group.

4757 – A member was removed from a security-enabled universal group.

4758 – A security-enabled universal group was deleted.

4720 – A user account was created.

4722 – A user account was enabled.

4723 – An attempt was made to change an account’s password.

4724 – An attempt was made to reset an account’s password.

4725 – A user account was disabled.

4726 – A user account was deleted.

4738 – A user account was changed.

4740 – A user account was locked out.

4765 – SID History was added to an account.

4766 – An attempt to add SID History to an account failed.

4767 – A user account was unlocked.

4780 – The ACL was set on accounts which are members of administrators groups.

4781 – The name of an account was changed: Continue reading →

Active Directory Replication Status Tool

Windows 2008 ile birlikt kullaniyorduk replication tool’ u daha sonra 2008 ve 2008 R2 ile gelmedi ama bir sekilde bunlarin uzerinede kuruyorduk. Simdi artik yeni versiyonu var ve oldukcada guzel ve cogu uzmanin bekledigi bir tool… Asagidaki linkten daha detayli bilgi almak mumkun iyi calismalar…

http://www.microsoft.com/en-us/download/details.aspx?id=30005

 

RODC Adprep Problem : Adprep could not contact a replica for partition DC=ForestDnsZones,DC=Domain,DC=com

If you are trying to run ADPrep /RODCPrep and have the error similar to:

Adprep could not contact a replica for partition DC=ForestDnsZones,DC=Domain,DC=com
Adprep encountered an LDAP error. Error code: 0×0. Server extended error code: 0×0, Server error message: (null).

You may have invalid entries for the fsmoRole owner of DomainDNSZones and ForestDNSZones.  Have you decomissioned a domain controller recently or upgraded from 2003 to a 2008 domain?  If so, check the following:

  1. Open ADSIEdit
  2. Click Connect and type in the value DC=DomainDnsZones,DC=domain,DC=com
  3. Expand it and check the properties for the “Infrastructure” object
  4. Under the attribute “fsmoRoleOwner” you may see a corrupt value for an OLD domain controller which is no longer in existence.  If you see a value such as 0ADEL:4da956af-53f1-4962-a100-5ee4c8477c88 then this is the problem
  5. The value should be CN=NTDS Settings,CN=DCSERVERNAME,CN=Servers,CN=SITENAME,CN=Sites,CN=Configuration,DC=domain,DC=com
  6. To obtain the correct string for stage 5, under ADSIEdit expand CN=Sites, CN=<site where Infrastructure Master server is located>, CN=<server name> and go to properties of CN=NTDS Settings
  7. Copy the distibguishedName attribute
  8. Replace the value in stage 5 with the correct value
  9. Perform the above AGAIN for the value DC=ForestDnsZones,DC=domain,DC=com

Deploying a MSI through GPO

This tutorial will describe how to deploy a MSI on multiple machines by using Group Policy.

1. Methods of deployment

Group Policy supports two methods of deploying a MSI package:

Windows Server 2008 R2: Storage Manager for SANs

Storage Manager for SANs helps you create and manage logical unit numbers (LUNs) on Fibre Channel and iSCSI disk drive subsystems that support Virtual Disk Service (VDS) in your storage area network (SAN).

A LUN is a logical reference to a portion of a storage subsystem. A LUN can comprise a disk, a section of a disk, a whole disk array, or a section of a disk array in the subsystem. Using LUNs simplifies the management of storage resources in your SAN because they serve as logical identifiers through which you can assign access and control privileges.