Wednesday, May 28, 2014

Group Policy Refresh Interval Time for Computers

By Default, Computer Group Policy is updated in the background every 90 Minutes with a random offset of 0 to 30 minutes. In addition to background updates, Group policy for the computers is always updated when the system starts.

You can specify an update rate from 0 to 64,800 minutes (45 days). If you select 0 minutes, the computer tries to update Group policies every 7 seconds. Because Updates might interfere with User's work and increase network traffic, very short updates intervals are not appropriate for most installations.

The Group Policy refresh interval for computers policy also lets you specify how much the actual update interval varies. To prevent clients with the same update interval from requesting updates simultaneously, the system varies the update interval for each client by a random number of minutes. The number you type in the random time box sets the upper limit for the range of variance. For example, if you type 30 minutes, the system selects a variance of 0 to 30 minutes. Typing a large number establishes a broad range and makes it less likely that client requests overlap. However, updates might be delayed significantly.

Tip: Consider notifying users that their policy is updated periodically so that they recognize the signs of a policy update. When Group Policy is updated, the Windows desktop is refreshed; it flickers briefly and closes open menus. Also, restrictions imposed by Group Policies, such as those that limit the programs users can run, might interfere with tasks in progress.

Thursday, May 22, 2014

How to Reset Administrator Password in Windows Server 2008

How to reset Administrator password if we forgot same in Windows Server 2008.

  • Boot server from Microsoft Windows Server 2008 DVD.
  • From the Install Windows Menu click "Next" .
  • Select "Repair your Computer".
  • In the System Recovery Options, Select the Operating System instance that you wish to repair and click "Next".
  • Select "Command Prompt".
  •  At the Command Prompt, run the following Commands:
           C:\>
           C:\>cd windows
           C:\WINDOWS\system32>
           ren Utilman.exe Utilman.exe.old
           copy cmd.exe Utilman.exe


  • Reboot the Server allowing Windows to load normally.
  • At the Logon Screen, Press Windows Key + U.
  • At the Command Prompt, Enter following command:
         net user administrator password123
         This will set the Password for the Administrator user to be password123

Closing the Command Prompt, You should now be able to log back on to the server using the password you have provided in the last step.
          

Wednesday, May 21, 2014

How to Fix Wi-Fi Problems in Windows 8.1

At Some Point of time every device cannot connect to a Wireless network or keep randomly loosing the connection to the Wireless router that it once had. This happens on all sorts of wireless devices regardless for what operation system install on system. 

For Windows 8 users the most common WI-Fi issues that Users have are easily flexible and that's true whether you are on desktop, laptop or tablet.


Not Being Able to Load Web Pages in Internet Explorer: 

The Most common issues with Windows 8 is that sometimes Internet Explorer will stop allowing users to browse new web pages despite having internet connection available and being connected to Wireless Network.

Their is not any simple fix for this issue. When this happens user should check other apps that are open to see if you are downloading any huge files from the internet or Windows Update that adds new patches and hot fix to systems. Closing the apps that you suspect is creating problems is simple solution for this problem.


Not Being Able to Load Anything Despite Being Connected:

One of the most common issues while connecting to Wi-Fi networks is that users forget to  turn off Caps lock. It does not matter if you have entered correct password or not but if it does not match Wi-Fi router's  exact specifications then you can have issues connecting even though  it appears that you are connected properly.


Not Having Wi-Fi Turned On:

Biggest cause of Wi-Fi issues with devices running Windows 8.1 is that user simply turn off their Wi-Fi without noticing. It sounds basic but most users don't know that Wi-Fi functionality can be turned off. Users don't realize that there are keyboard commands and physical switches on some devices that shutdown their wireless connections.

The first step is to check whether you have not accidentally switched off Wi-Fi on your devices. Touch users should place their finger on the right edge of their device and slowly slide their finger to the left to reveal the Charms bar. Mouse and keyboard users should place their cursor in the top-Right corner of their display. Now tap or click on settings.

Their are only basic fixes for the most common issues users have.

Friday, May 9, 2014

Saved Queries - Active Directory

Saved Queries option in Active Directory is used for searching  results more faster rather than searching in Active Directory for objects. Saved Queries provides a quick and consistent way for administrators to access a common set of directory objects. 

Saved Queries use predefined LDAP strings to search only the specified Domain partition. Active Directory Users and Computers provides a Saved Queries folder in which administrators can Create, Edit, Save and organize saved Queries.






All Queried which we make gets save in Saved Queries folder in Active Directory Users and Computers (dsa.msc). All Saved Queries which are saved can be viewed later. We can also copy .msc file of Saved Queries to other Domain Controllers using Windows Server 2003 (located in the same domain) and can use same set of Saved Queries. You can also Export Saved Queries to an .xml file and can import them in to  other Active Directory User and Computer consoles located on domain controllers running Windows Server 2003 within same Domain.


Suppose we want to see whose AD ID's are disabled, We need to create one Query for same inspite of  searching all users in AD:


1. Open Active Directory Users and Computers windows by typing dsa.msc in run window.




2. Right Click on Saved Queries and click on New Query.




3. Give Name and Description as per your requirement.




4. Click on Browse option to select Domain in which we want to make Query.




5. After Selecting Domain Click on Define Query to define our queries.

 


6. Click on Disabled Accounts option and Click Ok.




7. After Clicking OK it will show results for all Disabled Users.





This way we can make Queries for different purposes. 



Tuesday, May 6, 2014

AD Features in Windows Server 2008 and Windows Server 2008 R2

AD DS includes many new features that are not available in previous versions of Windows Server Active Directory. These new features make it possible for organizations to deploy AD DS more simply and securely and to administer it more efficiently.

New AD Features in Windows Server 2008

  • ADDS Auditing: Ensure critical resources in the network like the Domain Controllers are audited, monitored and reported with the entire information on AD objects - Users, Groups, GPO, Computer, OU, DNS, AD Schema and Configuration changes with 150+ detailed event specific GUI reports and email alerts.
  • ADDS Fine-Grained Password Policies: We can use fine-grained password policies to specify multiple password policies within a single domain. You can use fine-grained password policies to apply different restrictions for password and account lockout policies to different sets of users in a domain.

  • ADDS Read-Only Domain Controllers: A read-only domain controller (RODC) is a new type of domain controller in the Windows Server® 2008 operating system. With an RODC, organizations can easily deploy a domain controller in locations where physical security cannot be guaranteed. An RODC hosts read-only partitions of the Active Directory® Domain Services (ADDS) database. 

  •  ADDS Restartable Active Directory Domain Services: Restartable ADDS is a feature in Windows Server 2008 that you can use to perform routine maintenance tasks on a domain controller, such as applying updates or performing offline defragmentation, without restarting the server. 

  • ADDS Database Mounting Tool: The Active Directory® database mounting tool (Dsamain.exe) can improve recovery processes for your organization by providing a means to compare data as it exists in snapshots or backups that are taken at different times so that you can better decide which data to restore after data loss. This eliminates the need to restore multiple backups to compare the Active Directory data that they contain.
  • ADDS User Interface Improvements: To improve the installation and management of Active Directory® Domain Services (ADDS), the Windows Server® 2008 operating system includes an updated Active Directory Domain Services Installation Wizard. Windows Server 2008 also includes changes to the Microsoft Management Console (MMC) snap-in functions that manage ADDS. ADDS user interface (UI) improvements provide new installation options for domain controllers. Furthermore, the updated Active Directory Domain Services Installation Wizard streamlines and simplifies ADDS installation. 
  • ADDS Owner Rights: Owner Rights is a well-known security principal that you can add to the DACL of an object to specify the permissions that are assigned to owners of objects in the directory service. This added security feature overrides the default behavior of owners of objects in the system. Because owners of objects (as specified in the security descriptor of the object) have WRITE_DAC permission, they can give rights to themselves and to other security principals as they see fit.

 New AD Features in Windows Server 2008 R2

  • Active Directory Recycle Bin: Active Directory Recycle Bin helps minimize directory service downtime by enhancing your ability to preserve and restore accidentally deleted Active Directory objects without restoring Active Directory data from backups, restarting Active Directory Domain Services (ADDS), or rebooting domain controllers. 

  • Active Directory Cmdlets in Windows PowerShell: Windows PowerShell™ is a task-based command-line shell and scripting language designed especially for system administration. The Active Directory module for Windows PowerShell in Windows Server 2008 R2 is a Windows PowerShell module (named Active Directory) that consolidates a group of cmdlets. You can use these cmdlets to manage your Active Directory domains, Active Directory Lightweight Directory Services (AD LDS) configuration sets, and Active Directory Database Mounting Tool instances in a single, self-contained package.
  • Active Directory Administrative Center: We can use Active Directory Administrative Center to perform the following Active Directory administrative tasks:

                   Create new user accounts or manage existing user accounts

                  Create new groups or manage existing groups

                 Create new computer accounts or manage existing computer accounts

                 Create new organizational units (OUs) and containers or manage existing OUs 

                 Filter Active Directory data by using query-building search
 

  • ADDS Active Directory Web Services: Active Directory Web Services (ADWS) in Windows Server 2008 R2 is a new Windows service that provides a Web service interface to Active Directory domains, Active Directory Lightweight Directory Services (AD LDS) instances, and Active Directory Database Mounting Tool instances that are running on the same Windows Server 2008 R2 server as ADWS. If the ADWS service on a Windows Server 2008 R2 server is stopped or disabled, client applications, such as the Active Directory module for Windows PowerShell or the Active Directory Administrative Center will not be able to access or manage any directory service instances that are running on this server. ADWS is installed automatically when you add the AD DS or AD LDS server roles to your Windows Server 2008 R2 server. ADWS is configured to run if you make this Windows Server 2008 R2 server a domain controller by running Dcpromo.exe or if you create an AD LDS instance on this Windows Server 2008 R2 server.

  • Offline Domain Join: Offline domain join is a new process that computers that run Windows® 7 or Windows Server® 2008 R2 can use to join a domain without contacting a domain controller. This makes it possible to join computers to a domain in locations where there is no connectivity to a corporate network.

  • Managed Service Accounts: The managed service account is designed to provide applications such as SQL Server or Exchange with Automatic password management, which can better isolate these services from other services on the computer.