Hi EXperts,

I have set an expirationtime attributes in AD Object (computer, user). But I can't remove it. Do you know how to clear or remove this attribute

Hi,

I am auditing a large file server using Netwrix. The goal is to audit all files modifications like changed, deleted, added and credential or owner change.

For some share folder, i also want to audit List folder / read data. Until now, I know what to do.

List Folder / read data generates a lot of entries in the Security events log, this is why I don't enable it on all shares.

Netwrix use an agent scan all the files and create a state-in-time report of the files and folders permissions in time. So, that process is accessing millions of files and generating millions of audit events.

I am receiving a lots of events 4663 even in folder that I haven't enable Liste folder / read data. I am trying to find a way to eliminate those events to extend the security log retention.

The maximum size of the security log is 4GB and some audit plans in Netwrix doesn't have enough time to catch all the events before they are getting remove because it is getting full.

The solution, it is lower the number of audited events.

The following screenshot shows my auditing settings. LCDomainUsers is a Local Domain Group that contains Domain Users from 2 domains (forest).

The next screenshot shows a generated audit event. Note that SRVSHARE1$ is the computer name and it is not part of the group LCDomainUsers. I don't understand why this event is generated. The process name NwxFsAgent.exe is the Netwrix agent.

I am asking the …

Hi Experts,

is it possible to change a domian via CMD ?
I tried netdom /join....but here come the error, the machine is still connected to a domain.

When I use the GUI it is possible to change directly the domain.

Any ideas ?

HI,

I want to load Edge when users login to their computer, with a particular home page, in Full screen.

I can achieve this in Group Policy with Internet Explorer, but I would prefer to do it in Edge.

Can this be achieved in Group Policy on a Windows Server 2016 domain?

Thanks in advance.

Hi Experts,

I have to force another DC to use for auth.
Because now we use the DC in Germany from Singapore.
We have other DCs which are more near located.

I have checked this : nltest /dsgetdc:domain.com
In the registry I have seen a dynamic sitename.

How to changed this and force another DC ?

Hi Expert,

I need a WIN2016 core installation.
The support guy installed a WIN2016 with GUI on a VM.

Is there a way to change this ?
Can I reinstall , inplace, the WIN2016 again , but just the core version ?

Important, I have no access to the vcenter, can I do this inplace upgrade and finish the install ?
Or do I need access to the vcenter or ESXi ?

Hi,

Where can we purchase CAL license on  Windows terminal server?

Can we access to MS site and just purchase it or if we have Volume Licensing we can just take it?

I am running Windows Server 2016 and I'd like to disable Internet Explorer on a server that a handful of "non technical" folks use.

The purpose of this is to attempt to get them to use Firefox instead.

Is it possible to Uninstall or Remove Internet Explorer altogether?

Thanks!

I found some errors running health checks on my domain controllers.  I did not have any problem with users, computers, DNS or DHCP that I notice.
I create a test GPO in DC1 and immediately was in DC2.
I got these errors:
1-      There are warning or error events within the last 24 hours after the SYSVOL has been shared.  Failing SYSVOL replication problems may cause Group Policy problems.
2-     [1] Problem: Missing Expected Value
Base Object: CN=CON-DC1,OU=Domain Controllers,DC=Contosocs,DC=local
Base Object Description: "DC Account Object"
Value Object Attribute Name: msDFSR-ComputerReferenceBL
 Value Object Description: "SYSVOL FRS Member Object"
Recommended Action: See Knowledge Base Article: Q312862
 [2] Problem: Missing Expected Value
 Base Object: CN=CON-DC2,OU=Domain Controllers,DC=Contosocs,DC=local
Base Object Description: "DC Account Object"
Value Object Attribute Name: msDFSR-ComputerReferenceBL
Value Object Description: "SYSVOL FRS Member Object"
Recommended Action: See Knowledge Base Article: Q312862
3-      LDAP Error 0x20 (32) - No Such Object. ......................... CON-DC1 failed test
4      DCOM was unable to communicate with the computer XX.XXX.XXX.111 using any of the configured protocols; requested by PID      390 (C:\Windows\system32\dcdiag.exe).
5-     DCOM was unable to communicate with the computer XX.XXX.XXX.95 using any of the configured protocols; requested by PID     11e8 (C:\Windows\system32\dcdiag.exe).
These IPs related…

I have a new win 2019 server and I am trying to configure group policies to redirect folders.

When I use %username% in the "basic" path name it does Not allow me to apply it.  I have changed the path to a literal username (e.g. user1) it works.

I have tried uppercase for %username% and it still won't apply.

any ideas of how to have this accept the %username% value?

I am unable to activate a Windows 2016 Standard license .    I am at the Window Activation screen and the error is showing "We can't activate Windows on this device as we can't connect to your organization's activation server.  Make sure you're connected to your organization's network and try again.   If you continue having problems with activation, contact your organization's support person.    Error code: 0xC004F074

I click on the Change Product key and nothing happens.

I click on troubshoot and nothing happens.  

What am I doing wrong?

Hi Experts,

to install windows server 2016 core version on VMWARE 5.5 , is this supported ?

Do you have a link from Microsoft or VMWARE ?

Hyper-V is running an Exchange Server on Windows Server 2016 Standard. The configuration was changed and now the mail is not received anymore. Also, the server can't ping exchange and vice versa. Who can solve this ASAP?