Share Auditing not working on Server 2012 R2

I have configured Auditing on one of our shares and have configured it like this: http://i.imgur.com/fgQp0A8.png
However, when I create a folder on this share or delete one. Nothing is written to the security log. Am I doing something wrong? I read on this post (http://social.technet.microsoft.com/Forums/en-US/231f8918-3de8-46bd-8872-f5106f7fe8fa/audit-deleted-files-server-2012?forum=winserversecurity)
that you need to enable some local security policies so I have enabled this: http://i.imgur.com/uOP7f4d.png
What am I doing wrong?
Thanks for you help!
Brian

Hi Brian,
Is this server in Active Directory domain? Did we enable the Audit Object Access policy for this server?
Besides, after enabling audit object access, to audit accessing a share folder, try the following steps:
Right click the folder, and choose Properties
Under Security tab, click Advanced
Under Auditing tab, Add the principal and edit the access permissions you want to audit
Hope it helps.
Best regards.
Frank Shen

Similar Messages

Detailed File Share Auditing not working properly (Applying to All Files)

System is Windows 2008 R2, member server. The Default Domain policy has Audit account logon events, Audit account management, & Audit privilege use turned on for Success, Failure...pretty standard. I want to enable Detailed File Share Auditing for a
specific file share on this member server.
The problem is that I am getting audit events in the Security log for folders that do not have Auditing set on them, namely a "My Documents" share for Folder Redirection and \\*\IPC$ The root of the drive has nothing set for auditing. Again I only
set it on a single folder and sub-folders under that. What am I missing here?
I run the command on the member server to set this up (auditpol /set /subcategory:"Detailed File Share" /success:enable /failure:enable) That works fine.
Result of auditpol /get /category:"Object Access" :
System audit policy
Category/Subcategory                      Setting
Object Access
File System                             No Auditing
Registry                                No Auditing
Kernel Object                           No Auditing
SAM                                     No Auditing
Certification Services                  No Auditing
Application Generated                   No Auditing
Handle Manipulation                     No Auditing
File Share                              No Auditing
Filtering Platform Packet Drop          No Auditing
Filtering Platform Connection           No Auditing
Other Object Access Events              No Auditing
Detailed File Share                     Success and Failure
Now I went to the file share to set the audit permissions. Security>>Advanced>>Auditing>>Continue. Set Everyone Full Control for Success and Failure (all boxes checked).
I am using NTFS permissions for security, the share level permission on the folder are Everyone Full.
Michael Maxwell

I think found the reason. Could someone please clarify this statement for me?
Since there are no SACLs for shares, once this setting is enabled, access to all shares on the system will be audited.
So what is the workaround for this? Is there one? I'm confused as usual.
Michael Maxwell

Can not add Roles Server 2012 Standard R2

Every time I try and add the DFS Namespace and replication roles it says the server requires a re-boot. I check to ensure the version of server is activated and it is.
I rebooted twice, checked for critical updates which there was none and tried again, same issues, re-boot required, rebooted again.
Next up I ran DISM /Online /Cleanup-Image /RestoreHealth
This completed and said it fixed some metadata corruption. Re-boot, Try role Install, same issue, reboot required.
Next I check Trusted Installer to see if there was a pending install, nothing, Registry is correct.
Next I checked the other two entries mentioned in other articles (pending server manager reboot, pending file rename operation) both had correct values.
I ran DISM /Online /Cleanup-Image /RestoreHealth
found meta data corruption and fixed, reboot.
Try role install, same issue, pending reboot. I have tried to install the rolls from a elevated powershell and through the server manager.
Last item I tried was to fix and .net corruption, and the tool would not work on Server 2012 R2.
I am now at a loss as to what to look to get these roles to install.
What are next steps, what can I do to get these roles installed? I need to get replication working on this server but it is hard when you can not even add server roles.
Any help would be appreciated.
Curt Winter
Business Technology Services

Dave,
I finally got the DFS roles installed, can not remember what I did to get them in besides get lucky. I am now trying to install domain roles on this same Server, and I keep getting server needs a restart. Check the registry no entries preventing
the install, installed critical updated, rebooted countless times. When the server boots it reports the following:
It shows red under server mgr and manageability, with the message, "Online - Cannot get role and feature data"
I ran the DISM.exe /Online /Cleanup-image /ScanHealth
Here is the link to the CBS log file:
https://mpillc-my.sharepoint.com/personal/bts_admin_managed-programs_com/_layouts/15/guestaccess.aspx?guestaccesstoken=0XXCwKYbjOL2Y9fXiJcpfoDvJBqVPrCBZ7uvdj%2f5usI%3d&docid=00b8e6c2c0800465eb84afb54c2650715
Here is a link to the Windows Update File:
https://mpillc-my.sharepoint.com/personal/bts_admin_managed-programs_com/_layouts/15/guestaccess.aspx?guestaccesstoken=LQ9ldakkbCqwjKDZLIXgEfuvX4Pri1UBCTEAt0NK%2bZw%3d&docid=0ed33ff368f584111b95e180565b02f4b
Any input would be appreciated, thanks for your response before, sorry I did not respond.
Curt Winter
Microsoft Certified Professional
Business Technology Services

Sleep and hibernation is working on Server 2012 with started hypervisor! I do not know why...

Hi,
I enabled Hyper-V role in the Microsoft Windows Server 2012 on testing computer (PC with i7 CPU and 16GB RAM). I found very strange behavior. The sleep mode was enabled and after command “powercfg /hibernation on” the hibernation is also working.
I tested sleep (S3) and hibernation with started hypervisor and with running virtual machine. I tested sleep and hibernation triggered by power button and even with time-out that was set in the Power Options (I set sleep after 1 minute and
later hibernate after 1 minute and wait).
Sleep and hibernation is working! I do not understand why. Sleep and hibernation should be functional only on Client Hyper-V on Windows 8 and not on the Server 2012.
Some examples:
Testing workstation (i7, 16GB RAM) with Server 2012 and with started hypervisor:
C:\Users\Administrator>powercfg /a
The following sleep states are available on this system:
    Standby (S3)
    Hibernate
    Fast Startup
The following sleep states are not available on this system:
    Standby (S1)
        The system firmware does not support this standby state.
    Standby (S2)
        The system firmware does not support this standby state.
    Standby (Connected)
        The hypervisor does not support this standby state.
        The system firmware does not support this standby state.
    Hybrid Sleep
        The hypervisor does not support this standby state.
My laptop (i5, 8GB RAM) with Server 2012 and with started hypervisor:
>powercfg /a
The following sleep states are not available on this system:
    Standby (S1)
        The system firmware does not support this standby state.
        An internal system component has disabled this standby state.
                Hypervisor
    Standby (S2)
        The system firmware does not support this standby state.
        An internal system component has disabled this standby state.
                Hypervisor
    Standby (S3)
        An internal system component has disabled this standby state.
                Hypervisor
    Hibernate
        An internal system component has disabled hibernation.
                Hypervisor
    Standby (Connected)
        The hypervisor does not support this standby state.
        The system firmware does not support this standby state.
    Hybrid Sleep
        Standby (S3) is not available.
        Hibernation is not available.
        The hypervisor does not support this standby state.
    Fast Startup
        Hibernation is not available.
R. Revil
Relef Revil

Hi Ben,
I have nearly exactly the same Problem as Relef Revil.
I have Lenovo T510 Notebook with Core I7 and a Lenovo T420 Notebook with a CoreI5.
On my T510 S3 Sleep works perfectly with Hyper-V Role. On my T420 Sleep is disabled due to Hypervisor.
If I uninstall Hyper-V Role then Sleep works again as expected.
So, from a Little simple perspective, I Looks like this is a Hyper-V Thing or Problem.
I have als updated to the latest BIOS and latest Intel HD Graphics 3000 Drivers on this Win 2012R2 Maschine.
Also I have installed all possbile latest Versions of all other devices.
Could you probably give me an idea where to search for a solution.
So, what is the logic why Hyper-V disables sleep, when Sleep worked before?
I assumed that Hyper-V and Sleep ist generally possible on Win2012R2, especially when Sleep works perfectly when Hyper-V Role is not installed.
Kind Regards
Marcus
C:\Users\Marcus.Koenig>powercfg /a
The following sleep states are not available on this system:
Standby (S1)
The system firmware does not support this standby state.
An internal system component has disabled this standby state.
Hypervisor
Standby (S2)
The system firmware does not support this standby state.
An internal system component has disabled this standby state.
Hypervisor
Standby (S3)
An internal system component has disabled this standby state.
Hypervisor
Hibernate
An internal system component has disabled hibernation.
Hypervisor
Standby (Connected)
The hypervisor does not support this standby state.
The system firmware does not support this standby state.
Hybrid Sleep
Standby (S3) is not available.
Hibernation is not available.
The hypervisor does not support this standby state.
Fast Startup
Hibernation is not available.
C:\Users\Marcus.Koenig>

Adobe Flash v11.3.370.178 not properly working in Server 2012 RP?

Has anyone gotten the bundled Flash to work in Server 2012? Even if I completely disable all security within IE x86/x64/RT, the best I see is a blank interface for Flash that is the correct
size of what I'm trying to load, but no content displays and no flash interfaces show up. Right clicking does bring up the Flash context menu. If from there I go to About Adobe Flash Player, the version info will only show up on Adobe's site right
as I close the tab, and it’s much larger than it should be for the half a second it shows up.
This is broken in the released VHD and ISO so far as I can tell.

I always control the majority of IE settings via Group Policy and normally set the zone to medium-high. I
never launch or elevate any browser with a user who’s a member of the Administrators group unless diagnosing an issue, and even then I normally do it within a snapshot. I don't even
run browsers as my normal limited user, I always de-elevate them to a different user who can't masquerade as my normal authentication.
I've had Flash x64 working in 2008 R2 since October, and x86 since 2003 Server. Never had a real problem with it on an RTM version of Windows, but heh, betas!
I'm not sure what you mean by Windows controlling Internet Security. There are some settings that other browsers will respect from Internet Settings, but not many, and the firewall works
as a firewall should, can you clarify?
Devin Lanei
If security, privacy or contents settings in "Control Panel\All Control Panel Items\Internet Options" are more restrictive than the Firewall, the Internet Options will govern. Specifically, when it comes to scripts, executables or anything
else from the internet that Windows thinks could change the system when it is opened, Windows will not let it be opened. I don't really know this for a fact, it is just my opinion, but I've seen enough indications. And UAC just makes it worse.
You are right that this is best done with Group Policy, especially on production systems. The only reason you would do what I described is that it is an isolated test system and you are trying to get clues as to what policies you could try
setting to get it working the way you want (on the test system, of course).
I have my USB flash setup the way I want it and I will test it tomorrow. It seems I never do anything the easy way, I had to make it elaborate. I have set up so that it should be able to boot both efi and mbr, and will offer a menu of four OS setup
entries and a Recovery Console entry. I've got Windows7, Windows 8, Server 2008R2, and Server 2012, all x64. I've been using bcdedit for most of the last five or six hours.

Biztalk Server 2013 does not support Windows Server 2012 R2

is there any document or statement from MS that States "Biztalk Server 2013 does not support Windows Server 2012 R2"

Hi Mohit,
I haven't come across any document, but there is a blog from Microsoft about it.
http://blogs.msdn.com/b/biztalknotes/archive/2013/10/29/biztalk-2013-compatibility-with-latest-platforms-of-microsoft.aspx
Maheshkumar S Tiwari|User Page|Blog|BizTalk
Server : How Map Works on Port Level

Share calculation Not working in the report

Iam surprised not to ge the simple share calculation not working at my report.
I have a dimension and corresponding values ( measures) .I made a Total at the end of the report. and I want to calcualte share of Total to each corresponding value.
how to do this, any thougts,...
I have used calculated memebers for this, But I wan to make the percentage of the total ( which is calculated inside Tool itself)
Please help....

Prassad,
Not totally sure what you are trying to achieve but there a couple of possible solutions:
1) Total = total of all dimension members. Assuming you only have three dimension members then you should have a fourth member called ALL_DIMS or something similar. In the Share calculation template you need to specify the Total level as the basis for your share calc. This will generate the following result:
                         Revenue % Share
- All Members     600         100%
     A                  100           17%
     B                  200           33%
     C                  300           50%2) The total you are referring to is in fact a sub total and is the result of adding together only the results for A + B + C, i.e. you have hundreds of dimension members but you specifically want to see a total for just these three members. To do this create a new custom aggregate call "My Total" and add together the dimension members A + B + C - Custom Aggs are a new feature to Discoverer OLAP (Checkout Mark Rittman's excellent blog article for more information on this feature: http://www.rittmanmead.com/2006/11/13/checking-out-the-new-discoverer-101220-features/)
Then in the Share calculation wizard set the basis for your index using the last option in the list "Specific Dimension Member" and select your new custom aggregate member.
Hope this helps
Keith Laker
Oracle EMEA Consulting
BI Blog: http://oraclebi.blogspot.com/
DM Blog: http://oracledmt.blogspot.com/
BI on Oracle: http://www.oracle.com/bi/
BI on OTN: http://www.oracle.com/technology/products/bi/
BI Samples: http://www.oracle.com/technology/products/bi/samples/

How to install Sticky Notes in Windows Server 2012 R2

I want to install Sticky Note in Windows Server 2012 R2. If this app is not available in Server 2012 then which is the
best "Sticky Note" application for this platform.
Thanks

Here are instructions for 2008 -
http://www.win2008r2workstation.com/sticky-notes/ I'm not sure about the legality of that, as I think Microsoft has some rules in their license about copying files from one distribution to another. You would need a lawyer to check on that.
Otherwise, a simple Bing search will turn up freeware apps you can download.
.:|:.:|:. tim

System.Windows.Drawing not working on server Environment (Windows 2008 and 2012 server) ?

HI All,
I am facing a problem from past few days on server environment. I have created the code for taking the screen shot of the windows as follow...This code is perfectly working in Run time environment. While running and debugging the application it is working
fine.
But once i configured this website on Windows server 2008 or Server 2012 it is not working it hangs out the application at the method graphics.CopyFromScreen().
I am unable to find out the solution for this from last few day's. please help me to fix it. The code is as follow.
Bitmap bitmap = new Bitmap(600, 500);
Graphics graphics = Graphics.FromImage(bitmap as System.Drawing.Image); // The application hangs at this pt
graphics.CopyFromScreen(160, 235, 0, 0, bitmap.Size);
string mappath = Server.MapPath("~/dimurl/image/");
bitmap.Save(mappath + "myfile.jpeg", System.Drawing.Imaging.ImageFormat.Jpeg);
Please help me to resolve this.
Vaibhav Bhutkar, Jr. .Net Developer, Pune India.

Hello Vaibhav,
Welcome to MSDN forum.
Your issue is out of support range of VS General Question forum which mainly discusses
the usage of Visual Studio IDE such as WPF & SL designer, Visual Studio Guidance Automation Toolkit, Developer Documentation and Help System
and Visual Studio Editor.
If your issue is on ASP.NET website, I suggest that you can consult your issue on ASP.NET forum:
http://forums.asp.net/
for better solution and support.
Best regards,
We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
Click
HERE to participate the survey.

New DC without netlogon share is not working.

Hello all,
I have a brand new DC (server 2012) that I joined to my domain and it is not behaving. It is a clean install plus the directory services role, the static IP and the promotion, nothing else. The domain has one more DC (server 2012) and it is functioning
properly. The DNS servers of the new DC are the working DC and 127.0.0.1 as secondary. The time is the same, the name is new on a new install of windows (no images, no cloning, no restores). The promotion completed successfully with the initial replication
(it said).
Here is the output of dcdiag:
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = IL-DC2
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\IL-DC2
Starting test: Connectivity
......................... IL-DC2 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\IL-DC2
Starting test: Advertising
Warning: DsGetDcName returned information for \\MD-DC.mydomain.com, when we were trying to reach IL-DC2.
SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
......................... IL-DC2 failed test Advertising
Starting test: FrsEvent
......................... IL-DC2 passed test FrsEvent
Starting test: DFSREvent
There are warning or error events within the last 24 hours after the SYSVOL has been shared. Failing SYSVOL
replication problems may cause Group Policy problems.
......................... IL-DC2 passed test DFSREvent
Starting test: SysVolCheck
......................... IL-DC2 passed test SysVolCheck
Starting test: KccEvent
A warning event occurred. EventID: 0x80000481
Time Generated: 03/06/2014 05:07:50
Event String: Internal event: The following schema class has a superclass that is not valid.
A warning event occurred. EventID: 0x80000481
Time Generated: 03/06/2014 05:07:50
Event String: Internal event: The following schema class has a superclass that is not valid.
A warning event occurred. EventID: 0x80000481
Time Generated: 03/06/2014 05:07:50
Event String: Internal event: The following schema class has a superclass that is not valid.
A warning event occurred. EventID: 0x80000B46
Time Generated: 03/06/2014 05:09:43
Event String:
The security of this directory server can be significantly enhanced by configuring the server to reject SASL
(Negotiate, Kerberos, NTLM, or Digest) LDAP binds that do not request signing (integrity verification) and LDAP simple
binds that are performed on a cleartext (non-SSL/TLS-encrypted) connection. Even if no clients are using such binds,
configuring the server to reject them will improve the security of this server.
......................... IL-DC2 passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... IL-DC2 passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... IL-DC2 passed test MachineAccount
Starting test: NCSecDesc
......................... IL-DC2 passed test NCSecDesc
Starting test: NetLogons
Unable to connect to the NETLOGON share! (\\IL-DC2\netlogon)
[IL-DC2] An net use or LsaPolicy operation failed with error 67, The network name cannot be found..
......................... IL-DC2 failed test NetLogons
Starting test: ObjectsReplicated
......................... IL-DC2 passed test ObjectsReplicated
Starting test: Replications
......................... IL-DC2 passed test Replications
Starting test: RidManager
......................... IL-DC2 passed test RidManager
Starting test: Services
......................... IL-DC2 passed test Services
Starting test: SystemLog
A warning event occurred. EventID: 0x000727A5
Time Generated: 03/06/2014 04:20:58
Event String: The WinRM service is not listening for WS-Management requests.
A warning event occurred. EventID: 0x000003F6
Time Generated: 03/06/2014 04:50:41
Event String:
Name resolution for the name teredo.ipv6.microsoft.com. timed out after none of the configured DNS servers r
esponded.
A warning event occurred. EventID: 0x000003F6
Time Generated: 03/06/2014 04:50:41
Event String:
Name resolution for the name teredo.ipv6.microsoft.com. timed out after none of the configured DNS servers r
esponded.
A warning event occurred. EventID: 0x000727A5
Time Generated: 03/06/2014 04:51:32
Event String: The WinRM service is not listening for WS-Management requests.
An error event occurred. EventID: 0x00001001
Time Generated: 03/06/2014 04:56:46
Event String:
The machine IL-DC2 attempted to join the domain mydomain.com but failed. The error code was 1332.
A warning event occurred. EventID: 0x000727A5
Time Generated: 03/06/2014 04:58:07
Event String: The WinRM service is not listening for WS-Management requests.
An error event occurred. EventID: 0x0000271A
Time Generated: 03/06/2014 04:58:06
Event String:
The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.
A warning event occurred. EventID: 0x00001796
Time Generated: 03/06/2014 04:59:21
Event String:
Microsoft Windows Server has detected that NTLM authentication is presently being used between clients and t
his server. This event occurs once per boot of the server on the first time a client uses NTLM with this server.
An error event occurred. EventID: 0x00000457
Time Generated: 03/06/2014 05:00:09
Event String:
Driver HP Universal Printing PCL 6 required for printer HP Universal Printing PCL 6 is unknown. Contact the
administrator to install the driver before you log in again.
An error event occurred. EventID: 0x00000457
Time Generated: 03/06/2014 05:00:09
Event String:
Driver Send To Microsoft OneNote 2010 Driver required for printer Send To OneNote 2010 is unknown. Contact t
he administrator to install the driver before you log in again.
An error event occurred. EventID: 0x00000457
Time Generated: 03/06/2014 05:00:12
Event String:
Driver HP Universal Printing PCL 6 required for printer HP Color LaserJet CM1312nfi MFP (192.168.2.20) is un
known. Contact the administrator to install the driver before you log in again.
An error event occurred. EventID: 0x00000457
Time Generated: 03/06/2014 05:00:12
Event String:
Driver Microsoft XPS Document Writer required for printer Microsoft XPS Document Writer is unknown. Contact
the administrator to install the driver before you log in again.
An error event occurred. EventID: 0x00000457
Time Generated: 03/06/2014 05:00:13
Event String:
Driver PrimoPDF required for printer PrimoPDF is unknown. Contact the administrator to install the driver be
fore you log in again.
An error event occurred. EventID: 0x00000457
Time Generated: 03/06/2014 05:00:13
Event String:
Driver Send to Microsoft OneNote 15 Driver required for printer Send To OneNote 2013 is unknown. Contact the
administrator to install the driver before you log in again.
A warning event occurred. EventID: 0x000727A5
Time Generated: 03/06/2014 05:08:51
Event String: The WinRM service is not listening for WS-Management requests.
A warning event occurred. EventID: 0x00001796
Time Generated: 03/06/2014 05:12:17
Event String:
Microsoft Windows Server has detected that NTLM authentication is presently being used between clients and t
his server. This event occurs once per boot of the server on the first time a client uses NTLM with this server.
An error event occurred. EventID: 0x00000457
Time Generated: 03/06/2014 05:13:02
Event String:
Driver HP Universal Printing PCL 6 required for printer HP Universal Printing PCL 6 is unknown. Contact the
administrator to install the driver before you log in again.
An error event occurred. EventID: 0x00000457
Time Generated: 03/06/2014 05:13:02
Event String:
Driver Microsoft XPS Document Writer required for printer Microsoft XPS Document Writer is unknown. Contact
the administrator to install the driver before you log in again.
An error event occurred. EventID: 0x00000457
Time Generated: 03/06/2014 05:13:03
Event String:
Driver HP Universal Printing PCL 6 required for printer HP Color LaserJet CM1312nfi MFP (192.168.2.20) is un
known. Contact the administrator to install the driver before you log in again.
An error event occurred. EventID: 0x00000457
Time Generated: 03/06/2014 05:13:04
Event String:
Driver PrimoPDF required for printer PrimoPDF is unknown. Contact the administrator to install the driver be
fore you log in again.
An error event occurred. EventID: 0x00000457
Time Generated: 03/06/2014 05:13:04
Event String:
Driver Send To Microsoft OneNote 2010 Driver required for printer Send To OneNote 2010 is unknown. Contact t
he administrator to install the driver before you log in again.
An error event occurred. EventID: 0x00000457
Time Generated: 03/06/2014 05:13:05
Event String:
Driver Send to Microsoft OneNote 15 Driver required for printer Send To OneNote 2013 is unknown. Contact the
administrator to install the driver before you log in again.
......................... IL-DC2 failed test SystemLog
Starting test: VerifyReferences
......................... IL-DC2 passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : mydomain
Starting test: CheckSDRefDom
......................... mydomain passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... mydomain passed test CrossRefValidation
Running enterprise tests on : mydomain.com
Starting test: LocatorCheck
......................... mydomain.com passed test LocatorCheck
Starting test: Intersite
......................... mydomain.com passed test Intersite
I also have the following event:
Log Name: System
Source: NetJoin
Date: 3/6/2014 4:56:46 AM
Event ID: 4097
Task Category: None
Level: Error
Keywords:
User: S-1-5-21-1062633599-3710215183-3313947919-500
Computer: IL-DC2
Description:
The machine IL-DC2 attempted to join the domain mydomain.com but failed. The error code was 1332.
Although the machine joined the domain, it is listed with the appropriate records and promoted.
Can anybody help me get a second DC for this domain running? It is kind of urgent... I tried demoting/promoting, reinstalling, I tried to do a non-authoritative restore, however, I don't have the appropriate registry key... I saw the various different posts
on similar issues, please do not paste them as I read them and I was not able to solve this.
Thank you in advance for any responses!
Best regards,
Irina

Umar,
Thank you big time for your time and help today. After we finished talking I tried the authoritative restore (vs non-authoritative the first time - didn't help) and then I started over (one more time) and created one more DC. Before promoting it I disabled
the firewall and the user control in order to make sure nothing is stopping it. I also triple checked the time. I promoted it without the DNS server and Global Catalog functions. I faced the same wall. After the promotion the SYSVOL and NETLOGON shares were
still not there.
After hours of more reading I finally found this:
http://social.technet.microsoft.com/Forums/en-US/58b8cdc3-a990-46c7-a70e-a51fd6965537/sysvol-and-netlogon-shares-missing-from-new-domain-controllers-using-dfrs?forum=windowsserverpreview
and it saved me. So I followed this guy's steps and my system shares showed up on both new DCs. Then I had to wait one more hour for everything to get in sync and after that I successfully shut down my main DC and the other two took over.
Thank you again for the help!
Best regards,
Irina

Target Display Mode not working iMac 27(2012) Bootcamp to iMac 27(2013)

Hi All,
I recently purchased an iMac 27" 2013 which replaced my iMac 27" 2010.
===============
PREVIOUS SETUP
===============
(1) iMac 27" 2012 - Running Windows 8.1
(2) iMac 27" 2010 - Running OS X Mavericks
(1)+(2) were connected with a Mini-Display-Port cable.
(1) was using (2) as external display while (2) was set to Target Display Mode using CMD+F2
==============
CURRENT SETUP
==============
(1) iMac 27" 2013 - Running Windows 8.1
(2) iMac 27" 2012 - Running OS X Mavericks
(1)+(2) are connected with Thunderbolt cable.
(1) can't use (2) as external display anymore becuase CMD+F2 has no effect anymore on (2) in this scenario.
If (1) and (2) are both running OS X all works as expected.
I am aware about the support hint from Apple where they state TDM is not working under Bootcamp.
And I agree, while booted into Windows Bootcamp this machine can't serve as external display. Makes sense because TDM is baked into OS X display drivers.
Anyone had the same experience and came to a soltuion?
Thanks,
Martin

"Apple has no plans to implement a client driver for Windows since there is no Thunderbolt SW stack available for Windows like there is for Display Port."
That is a little bit funny since Gigabyte and other big companies have said that 2014 is the year that they are going to implement Thunderbolt in many motherboards.
"GIGABYTE 7 series motherboards are the very first to offer fully certified dual onboard Thunderbolt™ ports. Capable of connecting up to 12 devices plus 3 digital displays simultaneously with breathtaking data transfer speeds that can transfer 1TB of data in only five minutes, GIGABYTE Thunderbolt™ motherboards offer the fastest connection interface on the desktop PC."
Have you asked Apple about that? I dont understand why Apple is crippling Thunderbolt on their devices...

Cannot get NDES working on Server 2012 R2 at all.

I absolutely cannot get this to work. I simply cannot figure out what I am either doing wrong or missing.
Neither site works and in the event log I get the following:
The Network Device Enrollment Service cannot retrieve one of its required certificates (0x80070057).
The Network Device Enrollment Service cannot be started (0x80070057).
It seems like I've read every site on this and tried everything but simply cant make it work. Have not tried on 2008 r2. Below is what I have done if someone can help me I would be grateful.
I tried adding more permissions than needed on local machine certs, templates, and domain level as well
Tried the http://support.microsoft.com/kb/2800975 where you move the ExtensionlessUrlHandler-ISAPI-4.0_64bit below
the static file.
I tried using and not using the use local profile in IIS for the SCEP pool
Both the ndesservice acccount and admin account have full control on everything.
I also tried to leave the default settings in the reg for the templates.
This is the NDES log out put when turned on:
========================================================================
402.534.948: Begin: 7/23/2014 4:01 PM 32.507s
402.539.0: taskhost.exe
402.543.0: GMT - 5.00
2005.220.0: certca.dll: 6.3:9600.16384 retail
2005.220.0: certenroll.dll: 6.3:9600.16384 retail
2004.621.0:<2014/7/23, 16:01:32>: 0x80070005 (WIN32: 5 ERROR_ACCESS_DENIED)
2004.642.0:<2014/7/23, 16:01:32>: 0x80070006 (WIN32: 6 ERROR_INVALID_HANDLE)
402.379.949: End: 7/23/2014 4:01 PM 32.585s
402.534.948: Begin: 7/24/2014 2:31 PM 03.904s
402.539.0: taskhost.exe
402.543.0: GMT - 5.00
2005.220.0: certca.dll: 6.3:9600.16384 retail
2005.220.0: certenroll.dll: 6.3:9600.16384 retail
2004.621.0:<2014/7/24, 14:31:3>: 0x80070005 (WIN32: 5 ERROR_ACCESS_DENIED)
2004.642.0:<2014/7/24, 14:31:6>: 0x80070006 (WIN32: 6 ERROR_INVALID_HANDLE)
402.379.949: End: 7/24/2014 2:31 PM 06.122s
EVENT LOG
HTTP Error 500.0 - Internal Server Error
Detailed Error Information:
Module   IsapiModule
Notification   ExecuteRequestHandler
Handler   ISAPI-dll     Error Code   0x80070057
Requested URL
   http://localhost:80/certsrv/mscep_admin/mscep.dll
Physical Path
   C:\Windows\system32\CertSrv\mscep\mscep.dll
Logon Method   Negotiate
Logon User   FARAWAY\NdesService
INSTALL STEPS
SETUP DOMAIN ACCTS:
Created Domain acct ndesservice (added to ndes server admin group and IIS group)
Created Domain acct ndesadmin (added to Enterprise Admins and ndes server admin group)
Ndes Server Profile Added
-Logged on as ndesservice account so profile is created on ndes server
DOMAIN CA (Server 2008 r2)
-Applied kb2483564 to 2008 r2 domain CA
-Duplicated (Exchange Enrollment Agent (Offline request),Cep Encryption,IPSec (Offline request) templates)
Added ndesservice, ndesadmin, and ndes server with read and enroll on all three
-All three cer copies prefixed with ndes
-Issued Certs
-CA properties (added ndesservice account and ndes machine acct read and request)
-Added ndesservice account to local admin group
Set SPN for ndesservice domain account
-setspn –s http/gimli.faraway.com faraway\NdesService)
NDES SERVER (Server 2012 R2)
Installed NDES under CA Role using ndesadmin account (member of enterprrise admins group)
-Added Request Filtering in IIS (tried with adding and without)
-Added .Net extensability options (tried with adding and without)
Post Deployment on NDES Server
-set creds to configure role services to faraway\ndesadmin
-Set service account to faraway\ndesservice
-Set ca to pippin.faraway.com\farway (it picked this up automatically)
-Entered cert info left keys at defualt of 2048
NDES Server Registry changes
-HKLM\Software\Microsoft\Cryptography\MSCEP (changed templates from default of IPSECIntermediateOffline to NDESIPSECIntermediateOffline
also tried the template name NDESIPSec(Offlinerequest) from the copy
-Added faraway\ndesservice account full control of MSCEP and below
-HKLM\Software\Microsoft\Cryptography\MSCEP\EnforcePassword (change from 1 to 0)
Ndes Server IIS applicattion Pool Identity
-IIS SCEP App pool set Load User profile from false to true
NDES Server Certificates
There were two Certs created when the role was installed in the machines personal store. I dont think I am supposed to do anything here other than add permissions?
-Added ndesservice account and machine account with full control
Both the CA and NDES server have been restarted multiple time. Am I doing this right and missing something in IIS 8.5? I Hope I provided enough info.

Learning a lot lol. Never had to do either IIS tracing or capi logging. Turned it on.
This is the log
Level
Date and Time
Event ID
Task Category
Information
7/25/2014 12:25
81
Verify Trust
Information
7/25/2014 12:25
90
X509 Objects
Information
7/25/2014 12:25
30
Verify Chain Policy
Information
7/25/2014 12:25
11
Build Chain
Information
7/25/2014 12:25
41
Verify Revocation
Information
7/25/2014 12:25
40
Verify Revocation
Information
7/25/2014 12:25
41
Verify Revocation
Information
7/25/2014 12:25
51
Retrieve Object from Cache
Information
7/25/2014 12:25
50
Retrieve Object from Cache
Information
7/25/2014 12:25
40
Verify Revocation
Information
7/25/2014 12:25
10
Build Chain
Information
7/25/2014 12:25
80
Verify Trust
Error
7/25/2014 12:24
30
Verify Chain Policy
Error
7/25/2014 12:24
11
Build Chain
Information
7/25/2014 12:24
90
X509 Objects
Information
7/25/2014 12:24
41
Verify Revocation
Information
7/25/2014 12:24
40
Verify Revocation
Error
7/25/2014 12:24
41
Verify Revocation
Error
7/25/2014 12:24
42
Reject Revocation Information
Error
7/25/2014 12:24
42
Reject Revocation Information
Information
7/25/2014 12:24
51
Retrieve Object from Cache
Information
7/25/2014 12:24
50
Retrieve Object from Cache
Information
7/25/2014 12:24
40
Verify Revocation
Information
7/25/2014 12:24
10
Build Chain
Information
7/25/2014 12:24
70
Acquire Certificate Private Key
Information
7/25/2014 12:24
90
X509 Objects
Error
7/25/2014 12:24
30
Verify Chain Policy
Error
7/25/2014 12:24
11
Build Chain
Information
7/25/2014 12:24
90
X509 Objects
Information
7/25/2014 12:24
41
Verify Revocation
Information
7/25/2014 12:24
40
Verify Revocation
Error
7/25/2014 12:24
41
Verify Revocation
Error
7/25/2014 12:24
53
Retrieve Object from Network
Information
7/25/2014 12:24
52
Retrieve Object from Network
Error
7/25/2014 12:24
42
Reject Revocation Information
Information
7/25/2014 12:24
53
Retrieve Object from Network
Information
7/25/2014 12:24
52
Retrieve Object from Network
Error
7/25/2014 12:24
42
Reject Revocation Information
Information
7/25/2014 12:24
51
Retrieve Object from Cache
Information
7/25/2014 12:24
50
Retrieve Object from Cache
Information
7/25/2014 12:24
40
Verify Revocation
Information
7/25/2014 12:24
10
Build Chain
Information
7/25/2014 12:24
70
Acquire Certificate Private Key
Information
7/25/2014 12:24
90
X509 Objects

Fios Quantum not working with Late 2012 Mac Mini

A new router came out from Verizon in late 2014 so I went ahead and upgraded for $150. After connecting 3 iPhones, an iPad, and 2 Windows laptops successfully I discovered that my Late 2012 Mac Mini would not work.
Found a random blog post about channel settings, and after some tinkering got it to work. Basically you need to change the channel settings from Auto to alternate values. The blog I found said to use 1,6, or 11 for 2.4ghz and a low value for 5ghz. I tried a few and ended up with channel 6 and 40 as a working pair. Thought I would share.

I thought about your dilemma while ASC was down, that's good news your welcome!
I spent some of the time replacing the 320GB 5400rpm HD in my 2010 Mac Mini with a 500GB Hitachi Travelstar 7200rpm HD. Then moved forward by Restoring Mountain Lion onto it from an External HD, instead of Snow Leopard from the original 5400rpm drive. I really prefer to keep my music and photos on the Internal HD and so I couldn't justify the cost of a larger SSD.
So basically I flip flopped and now running Mountain Lion on a larger/slightly faster Internal HD and Snow Leopard from a FireWire External HD when needed.

Export Task Audit Not Working

Hello,
We are on HFM 11.1.2.1.103 and I am getting an error message when trying to export a users activity from the "Task Audit" menu. When I click on export a new tab comes up with the URL http://server:port/hfm/Administration/TaskAuditExport.asp and then I get an error message:
An error occurred on the server when processing the URL. Please contact the
system administrator.
If you are the system administrator please click here to find out more
about this error.
And when I click on "here" it takes me to this URL Running Classic ASP Applications on IIS 7 and IIS 8 : The Official Microsoft IIS Site
Any thoughts on how I resolve this would be much appreciated.
Thank you,
Jason

SDM,
Thank you for the response. This is helpful and I was able to extrac the data, but this utility doesn't give you the ability to focus on one users' activity as you can from the web. Why is it not recommended to use the web and is there a way to get that working properly?
The reason the utility is not working for my purpose is I want to view a few users' activities over the last year and when I run the utility it gives me everyone and extracts the data across numerous files, which is not particularly easy to work with.
Thanks.

Windows Server 2012 R2 will not install when Server 2012 non-R2 installs fine.

Our company has several Windows Server 2012 servers that installed and work without issues. However, we purchased several Server 2012 R2 licenses to install on the exact same hardware, and at the very beginning of the install process it does not recognize
any of the hard drives, and cannot continue with the install. I have put the drivers that the non-R2 servers use on a flash drive, and tried to use those drivers during the R2 installs, but none work. This is extremely frustrating, and I want to know what
my options are? Is it a signed driver issue? Can I disable signed driver checks before installing R2? Thanks for any help.
P.S. I will even consider downgrading the Server 2012 R2 licenses to standard 2012 if that is even possible? I don't think I can get a refund on the media.

Contact your server vendor to see if they support 2012 R2 on the platform you are working with. They are the ones who determine what firmware/drivers get released for what versions of the operating system.
"R2 2012 and using them for R2 does not work as it just rejects them or says no new device drivers were found."
Are you trying to load them during the installation process when it gives you the option to load drivers? I've never seen a 'no new device drivers were found' message at that point because you are specifically telling it which driver to use.
Yes, the license for a retail copy of the operating system contains downgrade rights. However, activation keys are different. You may have to contact Microsoft or the vendor from whom you purchased your copy to obtain a 2012 activation key.
. : | : . : | : . tim

Share Auditing not working on Server 2012 R2

Similar Messages

Maybe you are looking for