Group Policy To Throttle Network Speed via QoS
KB ID 0001217 Problem Why would you want to do this? Well what if you want to test slow link group policy processing, or you are testing BranchCache? Using Group policy you can ‘throttle’ traffic to and from a particular IP address. Below I will pick a domain client on 192.168.110.120, and throttle all traffic between that client, and the domain controller to be 100kbps. Solution As I sad above I’m throttling...
PowerShell – Updating Users Email Addresses In Active Directory
KB ID 0001216 Problem Note: I’m referring to the Email address value that is listed on the user object in Active Directory, this will not effect any Exchange Settings! A colleague asked me today if I had any PowerShell to update ALL the users in a clients AD, to match their UPN to their Email addresses. A quick internet search turned up loads of handy scripts to update the UPN to mach the email address, but not the way round he...
Windows – Suppress the ‘First Run’ Welcome to Windows Animation
KB ID 0001186 Problem I don’t like ‘first-run’ dialogs, Internet Explorer is annoying enough, Now Windows and Office insist on playing me a film clip when they start for the first time. I’m a busy guy I have things to do, stop asking me questions and making recommendations! It takes this long to create a user profile? I don’t think so. Solution You can do this by local policy on the machine, but domain...
Deploying Windows ‘Web Application Proxy’
KB ID 0001142 Problem This is part of a larger piece of work Im putting together on publishing Remote Desktop Services with Microsoft Web Application Proxy. This article is simply to guide you though the process of installing the Web Application Proxy role. In a later article I will run though configuring it to work with Active Directory Federation Services, and Remote Desktop Services, to present secure RemoteApps. Solution Before...
Publishing Remote Desktop Services With Web Application Gateway
KB ID 0001143 Problem Getting this article to completion has been a bit of a journey! This is the final post that will stitch together all the others I’ve posted over the last couple of weeks, that will enable you to publish your RemoteApps with ‘Remote Desktop Web Access’, and have that service presented securely from your DMZ. I’ll be using Active Directory Federation Services, (you don’t have to, but...
Remote Desktop Web Access – Connection Error
KB ID 0001141 Problem Eleven days! That’s how long it took to fix this, after seven days, I bit the bullet and logged a call to Microsoft. I spent hours on the phone to the Remote Desktop Team, The Web Application Proxy Team, and the Networking Team. I replicated the error by building a complete new domain, PKI, ADFS, Remote Desktop Deployment and Web Application Proxy Server. Then today I got a call from the...
Active Directory Federation Services – Certificate Error ‘CNG Key’
KB ID 0001129 Problem When installing the Active Directory Federation Services Role, you need to supply a certificate. I was running this up using a self signed wildcard certificate when this happened; The certificate with the specified thumbprint {thumbprint} has a Cryptographic Next Generation (CNG) private key. The certificates with the CNG private key are not supported. Use a certificate based on a key pair generated by a legacy...
Exchange – Certificate Invalid ‘Revocation Check Failed’
KB ID 0001121 Problem When you check the status of a certificate in Exchange and it it displayed at ‘Invalid’ and the details show that the revocation check has failed. Solution This can happen if your certificate CA has its CRL or OCSP information setup incorrectly, or the Exchange sever simply cannot access them to verify the validity of the certificate. If you are using your own CA the correct way to fix the problem is...
Event ID 213
KB ID 0000115 Problem Replication of license information failed because the License Logging Service on server ServerName could not be contacted. Solution AD cannot see the licensing server. 1. Open Active Directory Sites and Services. 2. Click the site on which the server is located. 3. In the details pane, click License Site Settings. 4. On the Action menu, click Properties. 5. Under Licensing Computer, select a different site...
Failed to open the GP object. You may not have appropriate rights
KB ID 0000008 Problem When you try and edit a GPO, you get the error above. Solution 1. Install the Support Tools from the Windows media 2. Start > All Programs > Windows Support tools > command prompt. 3. dfsutil.exe /purgemupcache {enter} 4. Click Start, click Run, type regedit in the Open box, and then click OK. 5. Navigate to HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon 6. If the WaitForNetwork...