Archive for the ‘Microsoft Server 2003’ Category
Microsoft File Server Migration Toolkit
Tuesday, October 12th, 2010SFC.EXE (system file checker)
Thursday, February 25th, 2010sfc.exe /SCANNOW
SomarSoft’s DumpSec
Saturday, November 28th, 2009SomarSoft’s DumpSec is a security auditing program for Microsoft Windows® NT/XP/200x. It dumps the permissions (DACLs) and audit settings (SACLs) for the file system, registry, printers and shares in a concise, readable format, so that holes in system security are readily apparent. DumpSec also dumps user, group and replication information.
Environment Variables in Windows
Saturday, November 21st, 2009Variable | Typical value (May vary, depending on system) |
---|---|
%ALLUSERSPROFILE% | C:\Documents and Settings\All Users |
%APPDATA% | C:\Documents and Settings\{username}\Application Data |
%COMPUTERNAME% | {computername} |
%COMSPEC% | C:\Windows\System32\cmd.exe |
%HOMEDRIVE% | C: |
%HOMEPATH% | \Documents and Settings\{username} |
%PATH% | C:\Windows\System32\;C:\Windows\;C:\Windows\System32\Wbem |
%PATHEXT% | .COM; .EXE; .BAT; .CMD; .VBS; .VBE; .JS ; .WSF; .WSH |
%PROGRAMFILES% | Directory containing program files, usually C:\Program Files |
%PROMPT% | Code for current command prompt format. Code is usually $P$G |
%SYSTEMDRIVE% | The drive containing the Windows XP root directory, usually C: |
%SYSTEMROOT% | The Windows XP root directory, usually C:\Windows |
%TEMP% and %TMP% | C:\DOCUME~1\{username}\LOCALS~1\Temp |
%USERNAME% | {username} |
%USERPROFILE% | C:\Documents and Settings\{username} |
%WINDIR% | C:\Windows |
Event ID 2025 is logged in the System log on a Windows Server 2003-based computer
Thursday, July 23rd, 2009The following event is logged in the System log of Event Viewer on a computer that is running Microsoft Windows Server 2003:
Event ID: 2025
Source: SRV
Description: “The server has detected an attempted Denial-Of-Service attack from client \\computer_name, and has disconnected the connection.”
Additionally, client computers are disconnected from the server
WORKAROUND
Disable denial of service attack detection Important These steps may increase your security risk. These steps may also make your computer or your network more vulnerable to attack by malicious users or by malicious software such as viruses. We recommend the process that this article describes to enable programs to operate as they are designed to, or to implement specific program capabilities. Before you make these changes, we recommend that you evaluate the risks that are associated with implementing this process in your particular environment. If you choose to implement this process, take any appropriate additional steps to help protect your system. We recommend that you use this process only if you really require this process. You can disable denial of service attack detection at the operating system level. By doing this, you prevent errors from being logged. To do this, follow these steps:
- Click Start, click Run, type regedit in the Open box, and then click OK.
- Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters
- On the Edit menu, point to New, and then click DWORD Value.
- Type DisableDos for the name of the DWORD value, and then press ENTER.
- Right-click DisableDos, and then click Modify.
- In the Value data box, type 1 to disable denial of service attack detection, and then click OK.Note To enable denial of service attack detection, type 0 in the Value data box.
- Quit Registry Editor.
Memory Limits for Windows Releases
Wednesday, May 20th, 2009Event ID: 1000 is logged in the Application event log when you try to work in Outlook 2003 on a computer that is running Terminal Services
Monday, May 4th, 2009- You try to start Outlook 2003.
- You try to open or to import a personal folders (.pst) file in Outlook 2003.
- You try to create a new Outlook data file in Outlook 2003.
In this scenario, Outlook 2003 unexpectedly quits and the following event ID is logged in the Application event log:
Event Source: Microsoft Office 11
Event Category: None
Event ID: 1000
Date: date
Time: time
User: username
Computer: computername
Description: Faulting application outlook.exe, version 11.0.6353.0, stamp 408f2937, faulting module mspst32.dll, version 11.0.6357.0, stamp 40b65fc5, debug? 0, fault address 0x0001b745.
Additionally, you may receive the following error message:
RESOLUTION
To resolve this issue, disable the Physical Address Extension (PAE) (/pae) switc…
If the /pae switch is not present in the Boot.ini file, the switch may be automatically set. To disable the /pae switch, add the /nopae switch in the Boot.ini file.
For more information about how to edit the Boot.ini file, click the following article number to view the article in the Microsoft Knowledge Base:
For more information about the /nopae switch, visit the following Microsoft Web site:
For more information about how to prevent the Physical Address Extension (PAE) kernel from loading, click the following article number to view the article in the Microsoft Knowledge Base:
Additionally, there is a known issue if the following conditions are true:
- You try to start Outlook 2003 on a computer that is running Microsoft Windows Server 2003.
- The computer that is running Windows Server 2003 has 4 gigabytes (GB) or more of random access memory (RAM).
For more information about how to resolve this issue, click the following article number to view the article in the Microsoft Knowledge Base:
Delete Failed DCs from Active Directory
Tuesday, April 14th, 2009Passwords must meet complexity requirements
Sunday, March 22nd, 2009Description
This security setting determines whether passwords must meet complexity requirements.
If this policy is enabled, passwords must meet the following minimum requirements when they are changed or created:
- Not contain significant portions of the user’s account name or full name
- Be at least six characters in length
- Contain characters from three of the following four categories:
- English uppercase characters (A through Z)
- English lowercase characters (a through z)
- Base 10 digits (0 through 9)
- Non-alphabetic characters (for example, !, $, #, %)