Two Factor Authentication on Windows Server 2008 R2
We have a small 2008 R2 Active Directory environment with 2 domain controllers and 13 member servers. We have no additional features such as an RDP gateway or Federation Services - just a plain AD setup. We now have a requirement from our client to have
a two factor authentication solution for each time we logon to any server, either using RDP or locally. We only have 4 admins that ever logon to these servers - we do not have any "regular" users.
Is there anything out there that would work in this environment without having to modify our AD (at least nothing major)?
Thanks
Hi,
You may consider smart card:
Smart Card Overview
http://technet.microsoft.com/en-us/library/hh831433.aspx
Understanding Requirements for Connecting to a Remote Desktop Gateway Server
http://technet.microsoft.com/en-us/library/cc770519.aspx
Best Regards,
Amy
Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]
Similar Messages
-
SChannel Fails Authentication on Windows Server 2008 R2 Using TLS1
I am trying to use SChannel to secure a socket connection. I modified the example at
https://msdn.microsoft.com/en-us/library/windows/desktop/aa380537(v=vs.85).aspx, converting it from Negotiate to SChannel. Following the specs for the SSPI APIs I was able the get a Client & Server connection authenticated on Windows 7.
However, when I try running the same programs on Windows Server 2008 R2, either the Client side or Server side fails, depending on how I select the security protocol.
Here is the modified example code, details about my results follow the code.
Client.cpp
// Client-side program to establish an SSPI socket connection
// with a server and exchange messages.
// Define macros and constants.
#include "StdAfx.h"
#include <windows.h>
#include <winsock.h>
#include <stdio.h>
#include <stdlib.h>
#include "SspiExample.h"
#include <string>
#include <iostream>
CredHandle g_hCred;
SecHandle g_hCtext;
#define SSPI_CLIENT "SChannelClient:" __FUNCTION__
void main(int argc, char * argv[])
SOCKET Client_Socket;
BYTE Data[BIG_BUFF];
PCHAR pMessage;
WSADATA wsaData;
SECURITY_STATUS ss;
DWORD cbRead;
ULONG cbHeader;
ULONG cbMaxMessage;
ULONG cbTrailer;
SecPkgContext_StreamSizes SecPkgSizes;
SecPkgContext_PackageInfo SecPkgPkgInfo;
SecPkgContext_ConnectionInfo ConnectionInfo;
BOOL DoAuthentication (SOCKET s, WCHAR * pCertName);
char Server[512] = {0};
WCHAR CertName[512] = {0};
// Validate cmd line parameters
if ( argc != 3 )
LOGA ( ( __log_buf, SSPI_CLIENT " required parameters ServerName & CertName not entered.\n"));
LOGA( ( __log_buf, SSPI_CLIENT " Abort and start over with required parameters.\n") );
std::cin.get();
else
// argv[1] - ServerName - the name of the computer running the server sample.
// argv[2] - TargetName the common name of the certificate provided
// by the target server program.
memcpy(Server, argv[1], strlen(argv[1]));
size_t sizCN;
mbstowcs_s(&sizCN, CertName, strlen(argv[2])+1, argv[2], _TRUNCATE);
LOGA ( ( __log_buf, SSPI_CLIENT " input parameters - ServerName %s CertName %ls.\n", Server, CertName ));
// Initialize the socket and the SSP security package.
if(WSAStartup (0x0101, &wsaData))
MyHandleError( __FUNCTION__ " Could not initialize winsock ");
// Connect to a server.
SecInvalidateHandle( &g_hCtext );
if (!ConnectAuthSocket (
&Client_Socket,
&g_hCred,
&g_hCtext,
Server,
CertName))
MyHandleError( __FUNCTION__ " Authenticated server connection ");
LOGA ( ( __log_buf, SSPI_CLIENT " connection authenticated.\n"));
// An authenticated session with a server has been established.
// Receive and manage a message from the server.
// First, find and display the name of the SSP,
// the transport protocol supported by the SSP,
// and the size of the header, maximum message, and
// trailer blocks for this SSP.
ss = QueryContextAttributes(
&g_hCtext,
SECPKG_ATTR_PACKAGE_INFO,
&SecPkgPkgInfo );
if (!SEC_SUCCESS(ss))
LOGA ( ( __log_buf, SSPI_CLIENT "QueryContextAttributes failed: 0x%08x\n", ss));
MyHandleError( __FUNCTION__ " QueryContextAttributes failed.\n");
else
LOGA ( ( __log_buf, SSPI_CLIENT " Package Name: %ls\n", SecPkgPkgInfo.PackageInfo->Name));
// Free the allocated buffer.
FreeContextBuffer(SecPkgPkgInfo.PackageInfo);
ss = QueryContextAttributes(
&g_hCtext,
SECPKG_ATTR_STREAM_SIZES,
&SecPkgSizes );
if (!SEC_SUCCESS(ss))
LOGA ( ( __log_buf, SSPI_CLIENT " QueryContextAttributes failed: 0x%08x\n", ss));
MyHandleError( __FUNCTION__ " Query context ");
cbHeader = SecPkgSizes.cbHeader;
cbMaxMessage = SecPkgSizes.cbMaximumMessage;
cbTrailer = SecPkgSizes.cbTrailer;
LOGA ( ( __log_buf, SSPI_CLIENT " cbHeader %u, cbMaxMessage %u, cbTrailer %u\n", cbHeader, cbMaxMessage, cbTrailer ));
ss = QueryContextAttributes(
&g_hCtext,
SECPKG_ATTR_CONNECTION_INFO,
&ConnectionInfo );
if (!SEC_SUCCESS(ss))
LOGA ( ( __log_buf, SSPI_CLIENT " QueryContextAttributes failed: 0x%08x\n", ss));
MyHandleError( __FUNCTION__ " Query context ");
switch(ConnectionInfo.dwProtocol)
case SP_PROT_TLS1_CLIENT:
LOGA ( ( __log_buf, SSPI_CLIENT " Protocol: TLS1\n"));
break;
case SP_PROT_SSL3_CLIENT:
LOGA ( ( __log_buf, SSPI_CLIENT " Protocol: SSL3\n"));
break;
case SP_PROT_PCT1_CLIENT:
LOGA ( ( __log_buf, SSPI_CLIENT " Protocol: PCT\n"));
break;
case SP_PROT_SSL2_CLIENT:
LOGA ( ( __log_buf, SSPI_CLIENT " Protocol: SSL2\n"));
break;
default:
LOGA ( ( __log_buf, SSPI_CLIENT " Unknown Protocol: 0x%x\n", ConnectionInfo.dwProtocol));
switch(ConnectionInfo.aiCipher)
case CALG_RC4:
LOGA ( ( __log_buf, SSPI_CLIENT " Cipher: RC4\n");)
break;
case CALG_3DES:
LOGA ( ( __log_buf, SSPI_CLIENT " Cipher: Triple DES\n"));
break;
case CALG_RC2:
LOGA ( ( __log_buf, SSPI_CLIENT " Cipher: RC2\n"));
break;
case CALG_DES:
case CALG_CYLINK_MEK:
LOGA ( ( __log_buf, SSPI_CLIENT " Cipher: DES\n"));
break;
case CALG_SKIPJACK:
LOGA ( ( __log_buf, SSPI_CLIENT " Cipher: Skipjack\n"));
break;
case CALG_AES_256:
LOGA ( ( __log_buf, SSPI_CLIENT " Cipher: AES 256\n"));
break;
default:
LOGA ( ( __log_buf, SSPI_CLIENT " Unknown Cipher: 0x%x\n", ConnectionInfo.aiCipher));
LOGA ( ( __log_buf, SSPI_CLIENT " Cipher strength: %d\n", ConnectionInfo.dwCipherStrength));
switch(ConnectionInfo.aiHash)
case CALG_MD5:
LOGA ( ( __log_buf, SSPI_CLIENT " Hash: MD5\n"));
break;
case CALG_SHA:
LOGA ( ( __log_buf, SSPI_CLIENT " Hash: SHA\n"));
break;
default:
LOGA ( ( __log_buf, SSPI_CLIENT " Unknown Hash: 0x%x\n", ConnectionInfo.aiHash));
LOGA ( ( __log_buf, SSPI_CLIENT " Hash strength: %d\n", ConnectionInfo.dwHashStrength));
switch(ConnectionInfo.aiExch)
case CALG_RSA_KEYX:
case CALG_RSA_SIGN:
LOGA ( ( __log_buf, SSPI_CLIENT " Key exchange: RSA\n"));
break;
case CALG_KEA_KEYX:
LOGA ( ( __log_buf, SSPI_CLIENT " Key exchange: KEA\n"));
break;
case CALG_DH_EPHEM:
LOGA ( ( __log_buf, SSPI_CLIENT " Key exchange: DH Ephemeral\n"));
break;
default:
LOGA ( ( __log_buf, SSPI_CLIENT " Unknown Key exchange: 0x%x\n", ConnectionInfo.aiExch));
LOGA ( ( __log_buf, SSPI_CLIENT " Key exchange strength: %d\n", ConnectionInfo.dwExchStrength));
// Decrypt and display the message from the server.
if (!ReceiveBytes(
Client_Socket,
Data,
BIG_BUFF,
&cbRead))
MyHandleError( __FUNCTION__ " No response from server\n");
if (0 == cbRead)
MyHandleError(__FUNCTION__ " Zero bytes received.\n");
pMessage = (PCHAR) DecryptThis(
Data,
&cbRead,
&g_hCtext);
// Skip the header to get the decrypted message
pMessage += cbHeader;
ULONG cbMessage = cbRead-cbHeader-cbTrailer;
if ((cbMessage == strlen(TEST_MSG)) &&
!strncmp(pMessage, TEST_MSG, strlen(TEST_MSG)) )
LOGA ( ( __log_buf, SSPI_CLIENT " SUCCESS!! The message from the server is \n -> %.*s \n",
cbMessage, pMessage ))
else
LOGA ( ( __log_buf, SSPI_CLIENT " UNEXPECTED message from the server: \n -> %.*s \n",
cbMessage, pMessage ));
LOGA ( ( __log_buf, SSPI_CLIENT " rcvd msg size %u, exp size %u\n", cbMessage, strlen(TEST_MSG) ));
// Terminate socket and security package.
DeleteSecurityContext (&g_hCtext);
FreeCredentialHandle (&g_hCred);
shutdown (Client_Socket, 2);
closesocket (Client_Socket);
if (SOCKET_ERROR == WSACleanup ())
MyHandleError( __FUNCTION__ " Problem with socket cleanup ");
exit (EXIT_SUCCESS);
} // end main
// ConnectAuthSocket establishes an authenticated socket connection
// with a server and initializes needed security package resources.
BOOL ConnectAuthSocket (
SOCKET *s,
CredHandle *g_hCred,
PSecHandle phCtext,
char * pServer,
WCHAR * pCertName)
unsigned long ulAddress;
struct hostent *pHost;
SOCKADDR_IN sin;
// Lookup the server's address.
LOGA ( ( __log_buf, SSPI_CLIENT " entry.\n"));
ulAddress = inet_addr (pServer);
if (INADDR_NONE == ulAddress)
LOGA ( ( __log_buf, SSPI_CLIENT " calling gethostbyname with %s.\n", pServer ));
pHost = gethostbyname (pServer);
if (NULL == pHost)
MyHandleError(__FUNCTION__ " Unable to resolve host name ");
memcpy((char FAR *)&ulAddress, pHost->h_addr, pHost->h_length);
std::string ipAddrStr;
ipAddrStr = inet_ntoa( *(struct in_addr*)*pHost->h_addr_list);
LOGA ( ( __log_buf, __FUNCTION__ " gethostbyname - ipAddress %s, name %s.\n", ipAddrStr.c_str(), pHost->h_name ) );
// Create the socket.
*s = socket (
PF_INET,
SOCK_STREAM,
0);
if (INVALID_SOCKET == *s)
MyHandleError(__FUNCTION__ " Unable to create socket");
else
LOGA ( ( __log_buf, SSPI_CLIENT " Socket created.\n"));
sin.sin_family = AF_INET;
sin.sin_addr.s_addr = ulAddress;
sin.sin_port = htons (g_usPort);
// Connect to the server.
if (connect (*s, (LPSOCKADDR) &sin, sizeof (sin)))
closesocket (*s);
MyHandleError( __FUNCTION__ " Connect failed ");
LOGA ( ( __log_buf, SSPI_CLIENT " Connection established.\n"));
// Authenticate the connection.
if (!DoAuthentication (*s, pCertName))
closesocket (*s);
MyHandleError( __FUNCTION__ " Authentication ");
LOGA ( ( __log_buf, SSPI_CLIENT " success.\n"));
return(TRUE);
} // end ConnectAuthSocket
BOOL DoAuthentication (SOCKET s, WCHAR * pCertName)
BOOL fDone = FALSE;
DWORD cbOut = 0;
DWORD cbIn = 0;
PBYTE pInBuf;
PBYTE pOutBuf;
if(!(pInBuf = (PBYTE) malloc(MAXMESSAGE)))
MyHandleError( __FUNCTION__ " Memory allocation ");
if(!(pOutBuf = (PBYTE) malloc(MAXMESSAGE)))
MyHandleError( __FUNCTION__ " Memory allocation ");
cbOut = MAXMESSAGE;
LOGA ( ( __log_buf, SSPI_CLIENT " 1st message.\n"));
if (!GenClientContext (
NULL,
0,
pOutBuf,
&cbOut,
&fDone,
pCertName,
&g_hCred,
&g_hCtext
LOGA ( ( __log_buf, SSPI_CLIENT " GenClientContext failed\n"));
return(FALSE);
if (!SendMsg (s, pOutBuf, cbOut ))
MyHandleError(__FUNCTION__ " Send message failed ");
while (!fDone)
if (!ReceiveMsg (
s,
pInBuf,
MAXMESSAGE,
&cbIn))
MyHandleError( __FUNCTION__ " Receive message failed ");
cbOut = MAXMESSAGE;
LOGA ( ( __log_buf, SSPI_CLIENT " Message loop.\n"));
if (!GenClientContext (
pInBuf,
cbIn,
pOutBuf,
&cbOut,
&fDone,
pCertName,
&g_hCred,
&g_hCtext))
MyHandleError( __FUNCTION__ " GenClientContext failed");
if (!SendMsg (
s,
pOutBuf,
cbOut))
MyHandleError( __FUNCTION__ " Send message failed");
LOGA ( ( __log_buf, SSPI_CLIENT " fDone %s.\n", fDone ? "Yes" : "No" ));
if (NULL != pInBuf)
free(pInBuf);
pInBuf = NULL;
if (NULL != pOutBuf)
free(pOutBuf);
pOutBuf = NULL;
LOGA ( ( __log_buf, SSPI_CLIENT " exit.\n"));
return(TRUE);
BOOL GenClientContext (
BYTE *pIn,
DWORD cbIn,
BYTE *pOut,
DWORD *pcbOut,
BOOL *pfDone,
WCHAR *pCertName,
CredHandle *g_hCred,
struct _SecHandle *g_hCtext)
SECURITY_STATUS ss;
TimeStamp Lifetime;
SecBufferDesc OutBuffDesc;
SecBuffer OutSecBuff;
SecBufferDesc InBuffDesc;
SecBuffer InSecBuff[2];
ULONG ContextAttributes;
static TCHAR lpPackageName[1024];
if( NULL == pIn )
wcscpy_s(lpPackageName, 1024 * sizeof(TCHAR), UNISP_NAME );
ss = AcquireCredentialsHandle (
NULL,
lpPackageName,
SECPKG_CRED_OUTBOUND,
NULL,
NULL,
NULL,
NULL,
g_hCred,
&Lifetime);
if (!(SEC_SUCCESS (ss)))
MyHandleError( __FUNCTION__ " AcquireCreds failed ");
// Prepare the buffers.
OutBuffDesc.ulVersion = 0;
OutBuffDesc.cBuffers = 1;
OutBuffDesc.pBuffers = &OutSecBuff;
OutSecBuff.cbBuffer = *pcbOut;
OutSecBuff.BufferType = SECBUFFER_TOKEN;
OutSecBuff.pvBuffer = pOut;
// The input buffer is created only if a message has been received
// from the server.
if (pIn)
LOGA ( ( __log_buf, SSPI_CLIENT " Call InitializeSecurityContext with pIn supplied.\n"));
InBuffDesc.ulVersion = 0;
InBuffDesc.cBuffers = 1;
InBuffDesc.pBuffers = InSecBuff;
InSecBuff[0].cbBuffer = cbIn;
InSecBuff[0].BufferType = SECBUFFER_TOKEN;
InSecBuff[0].pvBuffer = pIn;
InSecBuff[1].pvBuffer = NULL;
InSecBuff[1].cbBuffer = 0;
InSecBuff[1].BufferType = SECBUFFER_EMPTY;
ss = InitializeSecurityContext (
g_hCred,
g_hCtext,
pCertName,
MessageAttribute,
0,
0,
&InBuffDesc,
0,
g_hCtext,
&OutBuffDesc,
&ContextAttributes,
&Lifetime);
else
LOGA ( ( __log_buf, SSPI_CLIENT " Call InitializeSecurityContext with NULL pIn.\n"));
ss = InitializeSecurityContext (
g_hCred,
NULL,
pCertName,
MessageAttribute,
0,
0,
NULL,
0,
g_hCtext,
&OutBuffDesc,
&ContextAttributes,
&Lifetime);
if (!SEC_SUCCESS (ss))
LOGA ( ( __log_buf, SSPI_CLIENT " InitializeSecurityContext failed with error 0x%08x\n", ss));
MyHandleError ( __FUNCTION__ " InitializeSecurityContext failed " );
LOGA ( ( __log_buf, SSPI_CLIENT " InitializeSecurityContext returned 0x%08x\n", ss));
// If necessary, complete the token.
if ((SEC_I_COMPLETE_NEEDED == ss)
|| (SEC_I_COMPLETE_AND_CONTINUE == ss))
ss = CompleteAuthToken (g_hCtext, &OutBuffDesc);
if (!SEC_SUCCESS(ss))
LOGA ( ( __log_buf, SSPI_CLIENT " complete failed: 0x%08x\n", ss));
return FALSE;
*pcbOut = OutSecBuff.cbBuffer;
*pfDone = !((SEC_I_CONTINUE_NEEDED == ss) ||
(SEC_I_COMPLETE_AND_CONTINUE == ss));
LOGA ( ( __log_buf, SSPI_CLIENT " Token buffer generated (%lu bytes):\n", OutSecBuff.cbBuffer));
PrintHexDump (OutSecBuff.cbBuffer, (PBYTE)OutSecBuff.pvBuffer);
return TRUE;
PBYTE DecryptThis(
PBYTE pBuffer,
LPDWORD pcbMessage,
struct _SecHandle *hCtxt)
SECURITY_STATUS ss;
SecBufferDesc BuffDesc;
SecBuffer SecBuff[4];
ULONG ulQop = 0;
// By agreement, the server encrypted the message and set the size
// of the trailer block to be just what it needed. DecryptMessage
// needs the size of the trailer block.
// The size of the trailer is in the first DWORD of the
// message received.
LOGA ( ( __log_buf, SSPI_CLIENT " data before decryption including trailer (%lu bytes):\n",
*pcbMessage));
PrintHexDump (*pcbMessage, (PBYTE) pBuffer);
// Prepare the buffers to be passed to the DecryptMessage function.
BuffDesc.ulVersion = 0;
BuffDesc.cBuffers = 4;
BuffDesc.pBuffers = SecBuff;
SecBuff[0].cbBuffer = *pcbMessage;
SecBuff[0].BufferType = SECBUFFER_DATA;
SecBuff[0].pvBuffer = pBuffer;
SecBuff[1].cbBuffer = 0;
SecBuff[1].BufferType = SECBUFFER_EMPTY;
SecBuff[1].pvBuffer = NULL;
SecBuff[2].cbBuffer = 0;
SecBuff[2].BufferType = SECBUFFER_EMPTY;
SecBuff[2].pvBuffer = NULL;
SecBuff[3].cbBuffer = 0;
SecBuff[3].BufferType = SECBUFFER_EMPTY;
SecBuff[3].pvBuffer = NULL;
ss = DecryptMessage(
hCtxt,
&BuffDesc,
0,
&ulQop);
if (!SEC_SUCCESS(ss))
LOGA ( ( __log_buf, SSPI_CLIENT " DecryptMessage failed with error 0x%08x\n", ss))
else
LOGA ( ( __log_buf, SSPI_CLIENT " DecryptMessage success? Status: 0x%08x\n", ss));
// Return a pointer to the decrypted data. The trailer data
// is discarded.
return pBuffer;
PBYTE VerifyThis(
PBYTE pBuffer,
LPDWORD pcbMessage,
struct _SecHandle *hCtxt,
ULONG cbMaxSignature)
SECURITY_STATUS ss;
SecBufferDesc BuffDesc;
SecBuffer SecBuff[2];
ULONG ulQop = 0;
PBYTE pSigBuffer;
PBYTE pDataBuffer;
// The global cbMaxSignature is the size of the signature
// in the message received.
LOGA ( ( __log_buf, SSPI_CLIENT " data before verifying (including signature):\n"));
PrintHexDump (*pcbMessage, pBuffer);
// By agreement with the server,
// the signature is at the beginning of the message received,
// and the data that was signed comes after the signature.
pSigBuffer = pBuffer;
pDataBuffer = pBuffer + cbMaxSignature;
// The size of the message is reset to the size of the data only.
*pcbMessage = *pcbMessage - (cbMaxSignature);
// Prepare the buffers to be passed to the signature verification
// function.
BuffDesc.ulVersion = 0;
BuffDesc.cBuffers = 2;
BuffDesc.pBuffers = SecBuff;
SecBuff[0].cbBuffer = cbMaxSignature;
SecBuff[0].BufferType = SECBUFFER_TOKEN;
SecBuff[0].pvBuffer = pSigBuffer;
SecBuff[1].cbBuffer = *pcbMessage;
SecBuff[1].BufferType = SECBUFFER_DATA;
SecBuff[1].pvBuffer = pDataBuffer;
ss = VerifySignature(
hCtxt,
&BuffDesc,
0,
&ulQop
if (!SEC_SUCCESS(ss))
LOGA ( ( __log_buf, SSPI_CLIENT " VerifyMessage failed with error 0x%08x\n", ss));
else
LOGA ( ( __log_buf, SSPI_CLIENT " Message was properly signed.\n"));
return pDataBuffer;
} // end VerifyThis
void PrintHexDump(
DWORD length,
PBYTE buffer)
DWORD i,count,index;
CHAR rgbDigits[]="0123456789abcdef";
CHAR rgbLine[100];
char cbLine;
for(index = 0; length;
length -= count, buffer += count, index += count)
count = (length > 16) ? 16:length;
sprintf_s(rgbLine, 100, "%4.4x ",index);
cbLine = 6;
for(i=0;i<count;i++)
rgbLine[cbLine++] = rgbDigits[buffer[i] >> 4];
rgbLine[cbLine++] = rgbDigits[buffer[i] & 0x0f];
if(i == 7)
rgbLine[cbLine++] = ':';
else
rgbLine[cbLine++] = ' ';
for(; i < 16; i++)
rgbLine[cbLine++] = ' ';
rgbLine[cbLine++] = ' ';
rgbLine[cbLine++] = ' ';
rgbLine[cbLine++] = ' ';
for(i = 0; i < count; i++)
if(buffer[i] < 32 || buffer[i] > 126)
rgbLine[cbLine++] = '.';
else
rgbLine[cbLine++] = buffer[i];
rgbLine[cbLine++] = 0;
LOGA ( ( __log_buf, SSPI_CLIENT " %s\n", rgbLine));
BOOL SendMsg (
SOCKET s,
PBYTE pBuf,
DWORD cbBuf)
if (0 == cbBuf)
return(TRUE);
// Send the size of the message.
LOGA ( ( __log_buf, SSPI_CLIENT " %lu bytes\n", cbBuf ));
if (!SendBytes (s, (PBYTE)&cbBuf, sizeof (cbBuf)))
LOGA ( ( __log_buf, SSPI_CLIENT " size failed.\n" ) );
return(FALSE);
// Send the body of the message.
if (!SendBytes (
s,
pBuf,
cbBuf))
LOGA ( ( __log_buf, SSPI_CLIENT " body failed.\n" ) );
return(FALSE);
LOGA ( ( __log_buf, SSPI_CLIENT " success\n" ) );
return(TRUE);
BOOL ReceiveMsg (
SOCKET s,
PBYTE pBuf,
DWORD cbBuf,
DWORD *pcbRead)
DWORD cbRead;
DWORD cbData;
// Receive the number of bytes in the message.
LOGA ( ( __log_buf, SSPI_CLIENT " entry.\n" ));
if (!ReceiveBytes (
s,
(PBYTE)&cbData,
sizeof (cbData),
&cbRead))
return(FALSE);
if (sizeof (cbData) != cbRead)
LOGA ( ( __log_buf, SSPI_CLIENT " failed: size of cbData %lu, bytes %lu\n", sizeof (cbData), cbRead));
return(FALSE);
// Read the full message.
if (!ReceiveBytes (
s,
pBuf,
cbData,
&cbRead))
return(FALSE);
if (cbRead != cbData)
return(FALSE);
*pcbRead = cbRead;
return(TRUE);
} // end ReceiveMessage
BOOL SendBytes (
SOCKET s,
PBYTE pBuf,
DWORD cbBuf)
PBYTE pTemp = pBuf;
int cbSent;
int cbRemaining = cbBuf;
if (0 == cbBuf)
return(TRUE);
while (cbRemaining)
LOGA ( ( __log_buf, SSPI_CLIENT " %lu bytes.\n", cbRemaining ));
cbSent = send (
s,
(const char *)pTemp,
cbRemaining,
0);
if (SOCKET_ERROR == cbSent)
LOGA ( ( __log_buf, SSPI_CLIENT " send failed: 0x%08.8X\n", GetLastError ()));
return FALSE;
pTemp += cbSent;
cbRemaining -= cbSent;
LOGA ( ( __log_buf, SSPI_CLIENT " success\n" ) );
return TRUE;
BOOL ReceiveBytes (
SOCKET s,
PBYTE pBuf,
DWORD cbBuf,
DWORD *pcbRead)
PBYTE pTemp = pBuf;
int cbRead, cbRemaining = cbBuf;
LOGA ( ( __log_buf, SSPI_CLIENT " Entry: %lu bytes.\n", cbRemaining ));
while (cbRemaining)
cbRead = recv (
s,
(char *)pTemp,
cbRemaining,
0);
LOGA ( ( __log_buf, SSPI_CLIENT " %lu bytes remaining.\n", cbRemaining ));
if (0 == cbRead)
break;
if (SOCKET_ERROR == cbRead)
LOGA ( ( __log_buf, SSPI_CLIENT " recv failed: 0x%08.8X\n", GetLastError ()));
return FALSE;
cbRemaining -= cbRead;
pTemp += cbRead;
*pcbRead = cbBuf - cbRemaining;
LOGA ( ( __log_buf, SSPI_CLIENT " success.\n" ));
return TRUE;
} // end ReceiveBytes
void MyHandleError(char *s)
DWORD err = GetLastError();
if (err)
LOGA ( ( __log_buf, SSPI_CLIENT " %s error (0x%08.8X). Exiting.\n",s, err ))
else
LOGA ( ( __log_buf, SSPI_CLIENT " %s error (no error info). Exiting.\n",s ));
exit (EXIT_FAILURE);
Server.cpp
// This is a server-side SSPI Windows Sockets program.
#include "StdAfx.h"
#include <windows.h>
#include <winsock.h>
#include <stdio.h>
#include <stdlib.h>
#include "Sspiexample.h"
#include <iostream>
CredHandle g_hcred;
struct _SecHandle g_hctxt;
static PBYTE g_pInBuf = NULL;
static PBYTE g_pOutBuf = NULL;
static DWORD g_cbMaxMessage;
static TCHAR g_lpPackageName[1024];
BOOL AcceptAuthSocket (SOCKET *ServerSocket, std::string certThumb );
#define SSPI_SERVER "SChannelServer:" __FUNCTION__
void main (int argc, char * argv[])
CHAR pMessage[200];
DWORD cbMessage;
PBYTE pDataToClient = NULL;
DWORD cbDataToClient = 0;
PWCHAR pUserName = NULL;
DWORD cbUserName = 0;
SOCKET Server_Socket;
WSADATA wsaData;
SECURITY_STATUS ss;
PSecPkgInfo pkgInfo;
SecPkgContext_StreamSizes SecPkgSizes;
SecPkgContext_PackageInfo SecPkgPkgInfo;
ULONG cbMaxMessage;
ULONG cbHeader;
ULONG cbTrailer;
std::string certThumb;
// Create a certificate if no thumbprint is supplied. Otherwise, use the provided
// thumbprint to find the certificate.
if ( (argc > 1) && (strlen( argv[1]) > 0) )
certThumb.assign(argv[1]);
else
LOGA( ( __log_buf, SSPI_SERVER " : No certificate thumbprint supplied.\n") );
LOGA( ( __log_buf, SSPI_SERVER " : Press ENTER to create a certificate, or abort and start over with a thumbprint.\n") );
std::cin.get();
certThumb.clear();
Insert code to find or create X.509 certificate.
// Set the default package to SChannel.
wcscpy_s(g_lpPackageName, 1024 * sizeof(TCHAR), UNISP_NAME);
// Initialize the socket interface and the security package.
if( WSAStartup (0x0101, &wsaData))
LOGA ( ( __log_buf, SSPI_SERVER " Could not initialize winsock: \n") );
cleanup();
ss = QuerySecurityPackageInfo (
g_lpPackageName,
&pkgInfo);
if (!SEC_SUCCESS(ss))
LOGA ( ( __log_buf, SSPI_SERVER " Could not query package info for %s, error 0x%08x\n",
g_lpPackageName, ss) );
cleanup();
g_cbMaxMessage = pkgInfo->cbMaxToken;
FreeContextBuffer(pkgInfo);
g_pInBuf = (PBYTE) malloc (g_cbMaxMessage);
g_pOutBuf = (PBYTE) malloc (g_cbMaxMessage);
if (NULL == g_pInBuf || NULL == g_pOutBuf)
LOGA ( ( __log_buf, SSPI_SERVER " Memory allocation error.\n"));
cleanup();
// Start looping for clients.
while(TRUE)
LOGA ( ( __log_buf, SSPI_SERVER " Waiting for client to connect...\n"));
// Make an authenticated connection with client.
if (!AcceptAuthSocket (&Server_Socket, certThumb ))
LOGA ( ( __log_buf, SSPI_SERVER " Could not authenticate the socket.\n"));
cleanup();
ss = QueryContextAttributes(
&g_hctxt,
SECPKG_ATTR_STREAM_SIZES,
&SecPkgSizes );
if (!SEC_SUCCESS(ss))
LOGA ( ( __log_buf, SSPI_SERVER " failed: 0x%08x\n", ss));
exit(1);
// The following values are used for encryption and signing.
cbMaxMessage = SecPkgSizes.cbMaximumMessage;
cbHeader = SecPkgSizes.cbHeader;
cbTrailer = SecPkgSizes.cbTrailer;
LOGA ( ( __log_buf, SSPI_SERVER " cbHeader %u, cbMaxMessage %u, cbTrailer %u\n", cbHeader, cbMaxMessage, cbTrailer ));
ss = QueryContextAttributes(
&g_hctxt,
SECPKG_ATTR_PACKAGE_INFO,
&SecPkgPkgInfo );
if (!SEC_SUCCESS(ss))
LOGA ( ( __log_buf, SSPI_SERVER " failed: 0x%08x\n", ss));
exit(1);
else
LOGA ( ( __log_buf, SSPI_SERVER " Package Name: %ls\n", SecPkgPkgInfo.PackageInfo->Name));
// Free the allocated buffer.
FreeContextBuffer(SecPkgPkgInfo.PackageInfo);
// Send the client an encrypted message.
strcpy_s(pMessage, sizeof(pMessage),
TEST_MSG);
cbMessage = (DWORD)strlen(pMessage);
EncryptThis (
(PBYTE) pMessage,
cbMessage,
&pDataToClient,
&cbDataToClient,
cbHeader,
cbTrailer);
// Send the encrypted data to client.
if (!SendBytes(
Server_Socket,
pDataToClient,
cbDataToClient))
LOGA ( ( __log_buf, SSPI_SERVER " send message failed. \n"));
cleanup();
LOGA ( ( __log_buf, SSPI_SERVER " %d encrypted bytes sent. \n", cbDataToClient));
if (Server_Socket)
DeleteSecurityContext (&g_hctxt);
FreeCredentialHandle (&g_hcred);
shutdown (Server_Socket, 2) ;
closesocket (Server_Socket);
Server_Socket = 0;
if (pUserName)
free (pUserName);
pUserName = NULL;
cbUserName = 0;
if(pDataToClient)
free (pDataToClient);
pDataToClient = NULL;
cbDataToClient = 0;
} // end while loop
LOGA ( ( __log_buf, SSPI_SERVER " Server ran to completion without error.\n"));
cleanup();
} // end main
BOOL AcceptAuthSocket (SOCKET *ServerSocket, std::string certThumb )
SOCKET sockListen;
SOCKET sockClient;
SOCKADDR_IN sockIn;
// Create listening socket.
sockListen = socket (
PF_INET,
SOCK_STREAM,
0);
if (INVALID_SOCKET == sockListen)
LOGA ( ( __log_buf, SSPI_SERVER " Failed to create socket: %u\n", GetLastError ()));
return(FALSE);
// Bind to local port.
sockIn.sin_family = AF_INET;
sockIn.sin_addr.s_addr = 0;
sockIn.sin_port = htons(usPort);
if (SOCKET_ERROR == bind (
sockListen,
(LPSOCKADDR) &sockIn,
sizeof (sockIn)))
LOGA ( ( __log_buf, SSPI_SERVER " bind failed: %u\n", GetLastError ()));
return(FALSE);
// Listen for client.
if (SOCKET_ERROR == listen (sockListen, 1))
LOGA ( ( __log_buf, SSPI_SERVER " Listen failed: %u\n", GetLastError ()));
return(FALSE);
else
LOGA ( ( __log_buf, SSPI_SERVER " Listening ! \n"));
// Accept client.
sockClient = accept (
sockListen,
NULL,
NULL);
if (INVALID_SOCKET == sockClient)
LOGA ( ( __log_buf, SSPI_SERVER " accept failed: %u\n",GetLastError() ) );
return(FALSE);
closesocket (sockListen);
*ServerSocket = sockClient;
return(DoAuthentication (sockClient, certThumb ));
} // end AcceptAuthSocket
BOOL DoAuthentication (SOCKET AuthSocket, std::string certThumb )
SECURITY_STATUS ss;
DWORD cbIn, cbOut;
BOOL done = FALSE;
TimeStamp Lifetime;
BOOL fNewConversation;
fNewConversation = TRUE;
PCCERT_CONTEXT pCertCtxt;
Insert code to retrieve pCertCtxt
// Build SCHANNEL_CRED structure to hold CERT_CONTEXT for call to AcquireCredentialsHandle
SCHANNEL_CRED credSchannel = {0};
credSchannel.dwVersion = SCHANNEL_CRED_VERSION;
credSchannel.grbitEnabledProtocols = SP_PROT_SSL2_SERVER | SP_PROT_TLS1_SERVER;
credSchannel.cCreds = 1;
credSchannel.paCred = &pCertCtxt;
ss = AcquireCredentialsHandle (
NULL, //pszPrincipal
g_lpPackageName, //pszPackage
SECPKG_CRED_INBOUND, //fCredentialuse
NULL, //pvLogonID
&credSchannel, //pAuthData - need SCHANNEL_CRED structure that indicates the protocol to use and the settings for various customizable channel features.
NULL, //pGetKeyFn
NULL, //pvGetKeyArgument
&g_hcred, //phCredential
&Lifetime); //ptsExpiry
if (!SEC_SUCCESS (ss))
LOGA ( ( __log_buf, SSPI_SERVER " AcquireCreds failed: 0x%08x\n", ss));
return(FALSE);
while(!done)
if (!ReceiveMsg (
AuthSocket,
g_pInBuf,
g_cbMaxMessage,
&cbIn))
return(FALSE);
cbOut = g_cbMaxMessage;
if (!GenServerContext (
g_pInBuf,
cbIn,
g_pOutBuf,
&cbOut,
&done,
fNewConversation))
LOGA ( ( __log_buf, SSPI_SERVER " GenServerContext failed.\n"));
return(FALSE);
fNewConversation = FALSE;
if (!SendMsg (
AuthSocket,
g_pOutBuf,
cbOut))
LOGA ( ( __log_buf, SSPI_SERVER " Send message failed.\n"));
return(FALSE);
return(TRUE);
} // end DoAuthentication
BOOL GenServerContext (
BYTE *pIn,
DWORD cbIn,
BYTE *pOut,
DWORD *pcbOut,
BOOL *pfDone,
BOOL fNewConversation)
SECURITY_STATUS ss;
TimeStamp Lifetime;
SecBufferDesc OutBuffDesc;
SecBuffer OutSecBuff;
SecBufferDesc InBuffDesc;
SecBuffer InSecBuff;
ULONG Attribs = 0;
// Prepare output buffers.
OutBuffDesc.ulVersion = 0;
OutBuffDesc.cBuffers = 1;
OutBuffDesc.pBuffers = &OutSecBuff;
OutSecBuff.cbBuffer = *pcbOut;
OutSecBuff.BufferType = SECBUFFER_TOKEN;
OutSecBuff.pvBuffer = pOut;
// Prepare input buffers.
InBuffDesc.ulVersion = 0;
InBuffDesc.cBuffers = 1;
InBuffDesc.pBuffers = &InSecBuff;
InSecBuff.cbBuffer = cbIn;
InSecBuff.BufferType = SECBUFFER_TOKEN;
InSecBuff.pvBuffer = pIn;
LOGA ( ( __log_buf, SSPI_SERVER " Token buffer received (%lu bytes):\n", InSecBuff.cbBuffer));
PrintHexDump (InSecBuff.cbBuffer, (PBYTE)InSecBuff.pvBuffer);
ss = AcceptSecurityContext (
&g_hcred,
fNewConversation ? NULL : &g_hctxt,
&InBuffDesc,
Attribs,
SECURITY_NATIVE_DREP,
&g_hctxt,
&OutBuffDesc,
&Attribs,
&Lifetime);
if (!SEC_SUCCESS (ss))
LOGA ( ( __log_buf, SSPI_SERVER " AcceptSecurityContext failed: 0x%08x\n", ss));
OutputDebugStringA( "." );
return FALSE;
// Complete token if applicable.
if ((SEC_I_COMPLETE_NEEDED == ss)
|| (SEC_I_COMPLETE_AND_CONTINUE == ss))
ss = CompleteAuthToken (&g_hctxt, &OutBuffDesc);
if (!SEC_SUCCESS(ss))
LOGA ( ( __log_buf, SSPI_SERVER " complete failed: 0x%08x\n", ss));
OutputDebugStringA( "." );
return FALSE;
*pcbOut = OutSecBuff.cbBuffer;
// fNewConversation equals FALSE.
LOGA ( ( __log_buf, SSPI_SERVER " Token buffer generated (%lu bytes):\n",
OutSecBuff.cbBuffer));
PrintHexDump (
OutSecBuff.cbBuffer,
(PBYTE)OutSecBuff.pvBuffer);
*pfDone = !((SEC_I_CONTINUE_NEEDED == ss)
|| (SEC_I_COMPLETE_AND_CONTINUE == ss));
LOGA ( ( __log_buf, SSPI_SERVER " AcceptSecurityContext result = 0x%08x\n", ss));
return TRUE;
} // end GenServerContext
BOOL EncryptThis (
PBYTE pMessage,
ULONG cbMessage,
BYTE ** ppOutput,
ULONG * pcbOutput,
ULONG cbHeader,
ULONG cbTrailer)
SECURITY_STATUS ss;
SecBufferDesc BuffDesc;
SecBuffer SecBuff[4];
ULONG ulQop = 0;
// The size of the trailer (signature + padding) block is
// determined from the global cbSecurityTrailer.
LOGA ( ( __log_buf, SSPI_SERVER " Data before encryption: %s\n", pMessage));
LOGA ( ( __log_buf, SSPI_SERVER " Length of data before encryption: %d \n",cbMessage));
// Prepare buffers.
BuffDesc.ulVersion = 0;
BuffDesc.cBuffers = 4;
BuffDesc.pBuffers = SecBuff;
PBYTE pHeader;
pHeader = (PBYTE) malloc (cbHeader);
SecBuff[0].cbBuffer = cbHeader;
SecBuff[0].BufferType = SECBUFFER_STREAM_HEADER;
SecBuff[0].pvBuffer = pHeader;
SecBuff[1].cbBuffer = cbMessage;
SecBuff[1].BufferType = SECBUFFER_DATA;
SecBuff[1].pvBuffer = pMessage;
PBYTE pTrailer;
pTrailer = (PBYTE) malloc (cbTrailer);
SecBuff[2].cbBuffer = cbTrailer;
SecBuff[2].BufferType = SECBUFFER_STREAM_TRAILER;
SecBuff[2].pvBuffer = pTrailer;
SecBuff[3].cbBuffer = 0;
SecBuff[3].BufferType = SECBUFFER_EMPTY;
SecBuff[3].pvBuffer = NULL;
ss = EncryptMessage(
&g_hctxt,
ulQop,
&BuffDesc,
0);
if (!SEC_SUCCESS(ss))
LOGA ( ( __log_buf, SSPI_SERVER " EncryptMessage failed: 0x%08x\n", ss));
return(FALSE);
else
LOGA ( ( __log_buf, SSPI_SERVER " The message has been encrypted. \n"));
// Allocate a buffer to hold the encrypted data constructed from the 3 buffers.
*pcbOutput = cbHeader + cbMessage + cbTrailer;
* ppOutput = (PBYTE) malloc (*pcbOutput);
memset (*ppOutput, 0, *pcbOutput);
memcpy (*ppOutput, pHeader, cbHeader);
memcpy (*ppOutput + cbHeader, pMessage, cbMessage);
memcpy (*ppOutput + cbHeader + cbMessage, pTrailer, cbTrailer);
LOGA ( ( __log_buf, SSPI_SERVER " data after encryption including trailer (%lu bytes):\n",
*pcbOutput));
PrintHexDump (*pcbOutput, *ppOutput);
return TRUE;
} // end EncryptThis
void PrintHexDump(DWORD length, PBYTE buffer)
DWORD i,count,index;
CHAR rgbDigits[]="0123456789abcdef";
CHAR rgbLine[100];
char cbLine;
for(index = 0; length;
length -= count, buffer += count, index += count)
count = (length > 16) ? 16:length;
sprintf_s(rgbLine, 100, "%4.4x ",index);
cbLine = 6;
for(i=0;i<count;i++)
rgbLine[cbLine++] = rgbDigits[buffer[i] >> 4];
rgbLine[cbLine++] = rgbDigits[buffer[i] & 0x0f];
if(i == 7)
rgbLine[cbLine++] = ':';
else
rgbLine[cbLine++] = ' ';
for(; i < 16; i++)
rgbLine[cbLine++] = ' ';
rgbLine[cbLine++] = ' ';
rgbLine[cbLine++] = ' ';
rgbLine[cbLine++] = ' ';
for(i = 0; i < count; i++)
if(buffer[i] < 32 || buffer[i] > 126)
rgbLine[cbLine++] = '.';
else
rgbLine[cbLine++] = buffer[i];
rgbLine[cbLine++] = 0;
LOGA ( ( __log_buf, SSPI_SERVER " %s\n", rgbLine));
} // end PrintHexDump
BOOL SendMsg (
SOCKET s,
PBYTE pBuf,
DWORD cbBuf)
LOGA ( ( __log_buf, SSPI_SERVER " %lu bytes\n", cbBuf ));
if (0 == cbBuf)
return(TRUE);
// Send the size of the message.
if (!SendBytes (
s,
(PBYTE)&cbBuf,
sizeof (cbBuf)))
return(FALSE);
// Send the body of the message.
if (!SendBytes (
s,
pBuf,
cbBuf))
return(FALSE);
return(TRUE);
} // end SendMsg
BOOL ReceiveMsg (
SOCKET s,
PBYTE pBuf,
DWORD cbBuf,
DWORD *pcbRead)
DWORD cbRead;
DWORD cbData;
LOGA ( ( __log_buf, SSPI_SERVER " %lu bytes\n", cbBuf ));
// Retrieve the number of bytes in the message.
if (!ReceiveBytes (
s,
(PBYTE)&cbData,
sizeof (cbData),
&cbRead))
LOGA ( ( __log_buf, SSPI_SERVER " ReceiveBytes failed retrieving byte count.\n", cbBuf ));
return(FALSE);
if (sizeof (cbData) != cbRead)
LOGA ( ( __log_buf, SSPI_SERVER " Error: buffer size (%lu) differs from reported size (%lu)\n", sizeof(cbData), cbRead ));
return(FALSE);
// Read the full message.
if (!ReceiveBytes (
s,
pBuf,
cbData,
&cbRead))
LOGA ( ( __log_buf, SSPI_SERVER " ReceiveBytes failed.\n", cbBuf ));
return(FALSE);
if (cbRead != cbData)
LOGA ( ( __log_buf, SSPI_SERVER " Error: buffer bytes (%lu) differs from reported bytes (%lu)\n", cbData, cbRead ));
return(FALSE);
*pcbRead = cbRead;
return(TRUE);
} // end ReceiveMsg
BOOL SendBytes (
SOCKET s,
PBYTE pBuf,
DWORD cbBuf)
PBYTE pTemp = pBuf;
int cbSent, cbRemaining = cbBuf;
LOGA ( ( __log_buf, SSPI_SERVER " %lu bytes\n", cbBuf ));
if (0 == cbBuf)
return(TRUE);
while (cbRemaining)
cbSent = send (
s,
(const char *)pTemp,
cbRemaining,
0);
if (SOCKET_ERROR == cbSent)
LOGA ( ( __log_buf, SSPI_SERVER " send failed: %u\n", GetLastError ()));
return FALSE;
LOGA ( ( __log_buf, SSPI_SERVER " %lu bytes sent\n", cbSent ));
pTemp += cbSent;
cbRemaining -= cbSent;
return TRUE;
} // end SendBytes
BOOL ReceiveBytes (
SOCKET s,
PBYTE pBuf,
DWORD cbBuf,
DWORD *pcbRead)
PBYTE pTemp = pBuf;
int cbRead, cbRemaining = cbBuf;
LOGA ( ( __log_buf, SSPI_SERVER " %lu bytes\n", cbBuf ));
while (cbRemaining)
cbRead = recv (
s,
(char *)pTemp,
cbRemaining,
0);
if (0 == cbRead)
break;
if (SOCKET_ERROR == cbRead)
LOGA ( ( __log_buf, SSPI_SERVER " recv failed: %u\n", GetLastError () ) );
return FALSE;
cbRemaining -= cbRead;
pTemp += cbRead;
*pcbRead = cbBuf - cbRemaining;
return TRUE;
} // end ReceivesBytes
void cleanup()
if (g_pInBuf)
free (g_pInBuf);
g_pInBuf = NULL;
if (g_pOutBuf)
free (g_pOutBuf);
g_pOutBuf = NULL;
WSACleanup ();
exit(0);
SspiExample.h
// SspiExample.h
#include <schnlsp.h>
#include <sspi.h>
#include <windows.h>
#include <string>
BOOL SendMsg (SOCKET s, PBYTE pBuf, DWORD cbBuf);
BOOL ReceiveMsg (SOCKET s, PBYTE pBuf, DWORD cbBuf, DWORD *pcbRead);
BOOL SendBytes (SOCKET s, PBYTE pBuf, DWORD cbBuf);
BOOL ReceiveBytes (SOCKET s, PBYTE pBuf, DWORD cbBuf, DWORD *pcbRead);
void cleanup();
BOOL GenClientContext (
BYTE *pIn,
DWORD cbIn,
BYTE *pOut,
DWORD *pcbOut,
BOOL *pfDone,
WCHAR *pCertName,
CredHandle *hCred,
PSecHandle phCtext
BOOL GenServerContext (
BYTE *pIn,
DWORD cbIn,
BYTE *pOut,
DWORD *pcbOut,
BOOL *pfDone,
BOOL fNewCredential
BOOL EncryptThis (
PBYTE pMessage,
ULONG cbMessage,
BYTE ** ppOutput,
LPDWORD pcbOutput,
ULONG cbHeader,
ULONG cbTrailer
PBYTE DecryptThis(
PBYTE achData,
LPDWORD pcbMessage,
struct _SecHandle *hCtxt
BOOL
SignThis (
PBYTE pMessage,
ULONG cbMessage,
BYTE ** ppOutput,
LPDWORD pcbOutput
PBYTE VerifyThis(
PBYTE pBuffer,
LPDWORD pcbMessage,
struct _SecHandle *hCtxt,
ULONG cbMaxSignature
void PrintHexDump(DWORD length, PBYTE buffer);
BOOL ConnectAuthSocket (
SOCKET *s,
CredHandle *hCred,
PSecHandle phCtext,
char * pServer,
WCHAR * pCertName
BOOL CloseAuthSocket (SOCKET s);
BOOL DoAuthentication (SOCKET s, WCHAR * pCertName );
BOOL DoAuthentication (SOCKET s, std::string certThumb );
void MyHandleError(char *s);
#define DBG_SIZE 1024
int OutputDebug( char buff[DBG_SIZE] )
int retval;
char debugstring[DBG_SIZE+32];
retval = _snprintf_s( debugstring, DBG_SIZE+32, _TRUNCATE, " %s", buff );
OutputDebugStringA( debugstring );
return retval;
int DbgBufCopy( char *buff, const char *format, ...)
int iLen;
va_list args;
/// Call va_start to start the variable list
va_start(args, format);
/// Call _vsnprintf_s to copy debug information to the buffer
iLen = _vsnprintf_s(buff, DBG_SIZE, _TRUNCATE, format, args);
/// Call va_end to end the variable list
va_end(args);
return iLen;
#define LOGA(_format_and_args_)\
{ char __log_buf[DBG_SIZE];\
DbgBufCopy _format_and_args_;\
printf("%s", __log_buf );\
OutputDebug(__log_buf);\
#define TEST_MSG "This is your server speaking"
My initial attempt built an SCHANNEL_CRED structure following the documentation to set
grbitEnabledProtocols to 0, and let SChannel select the protocol. This worked on Windows 7, selecting TLS1. When I ran the same exe-s on 2008 R2, the Client program failed, with InitializeSecurityContext returning SEC_E_DECRYPT_FAILURE.
The failure occurred on the 2nd call, using phNewContext returned on the first call.
My next attempt set grbitEnabledProtocols to SP_PROT_TLS1_SERVER. This also worked on Win 7, but 2008R2 failed again, this time on the Server side. AcceptSecurityContext failed, returning SEC_E_ALGORITHM_MISMATCH.
TLS is a requirement for my project, but to try getting the sample to run, I next set grbitEnabledProtocols to SP_PROT_SSL2_SERVER. This did work for 2008R2, selecting SSL2, but now the Server failed on Win7 with AcceptSecurityContext returning
SEC_E_ALGORITHM_MISMATCH.
My final try was to set grbitEnabledProtocols to SP_PROT_TLS1_SERVER | SP_PROT_SSL2_SERVER, but that failed identically to the first case, with the Client on 2008R2 returning SEC_E_DECRYPT_FAILURE.
So my question is - What is required to get SChannel to select TLS regardless of the Windows version on which the programs are running?Thank you for the reference. That did provide the information I needed to get TLS working. However, the documentation is not accurate with regard to setting the registry keys and values.
The tables all show DisabledByDefault as a subkey under the protocol. They also describe a DWORD value, Enabled, as the mechanism to enable/disable a protocol.
What I found is DisabledByDefault is a DWORD value under Client/Server and it appears to be the determining factor to whether a protocol is enabled/disabled.
The only way I was able to get TLS 1.1 working is with the following path present:
HKLM SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client
Under Client, I must have DisabledByDefault set to 0. With that, the Enabled value does not need to be present.
This held true for any level of TLS.
I also found the setting of grbitEnabledProtocols in the SCHANNEL_CRED structure to be misleading. From the description at
https://msdn.microsoft.com/en-us/library/windows/desktop/aa379810(v=vs.85).aspx, I thought my Server program could set this field to 0, and SChannel would select the protocol as directed by the registry. What I found is that the structure flag must
agree with the registry setting for TLS to work. That is with the resgistry key above for TLS 1.1, I must set grbitEnabledProtocols to SP_PROT_TLS1_1.
Can you confirm the relationship between the SCHANNEL_CRED contents and registry state? -
AiroNet 1140 Authentication Issues Windows Server 2008 NPS
Hello,
We have an AiroNet 1140 AP that we are trying to configure RADIUS authentication. Our RADIUS server is a Microsoft Windows Server 2008 NPS server. Unfortunately, our Wi-Fi clients are unable to authenticate. We appear to have everything configured on the AP and RADIUS server correctly, but we receive the following errors from the debug on the AP. Doug
*Mar 14 05:46:58.413: RADIUS/DECODE: No response from radius-server; parse response; FAIL
*Mar 14 05:46:58.413: RADIUS/DECODE: Case error(no response/ bad packet/ op decode);parse response;
FAIL
*Mar 14 05:46:58.413: RADIUS/DECODE: No response from radius-server; parse response; FAIL
*Mar 14 05:46:58.413: RADIUS/DECODE: Case error(no response/ bad packet/ op decode);parse response;
FAILHi Steve, Here is the config for the AP. Some screenshots of the NPS config are below, too. Please let me know if you need more information from our NPS server. Thanks, Doug
ap#sh run
Building configuration...
Current configuration : 2971 bytes
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname ap
logging rate-limit console 9
enable secret 5 $1$1IPZ$WkdzqdeeGvEPvQLCHfGXU.
aaa new-model
aaa group server radius rad_eap
server 10.20.2.96 auth-port 1645 acct-port 1646
aaa group server radius rad_mac
aaa group server radius rad_acct
aaa group server radius rad_admin
server 10.20.2.96 auth-port 1645 acct-port 1646
aaa group server tacacs+ tac_admin
aaa group server radius rad_pmip
aaa group server radius dummy
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authorization exec default local
aaa accounting network acct_methods start-stop group rad_acct
aaa session-id common
dot11 syslog
dot11 ssid wifi
authentication open eap eap_methods
authentication network-eap eap_methods
authentication key-management wpa
username pg_ap privilege 15 secret 5 $1$rg0/$hTYIn.lysNUfxhzxqXonl/
bridge irb
interface Dot11Radio0
no ip address
no ip route-cache
encryption mode ciphers aes-ccm
ssid wifi
antenna gain 0
speed basic-1.0 2.0 5.5 11.0 6.0 9.0 12.0 18.0 24.0 36.0 48.0 54.0 m0. m1. m2. m3. m4. m5. m6. m7.
m8. m9. m10. m11. m12. m13. m14. m15.
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface Dot11Radio1
no ip address
no ip route-cache
encryption mode ciphers aes-ccm
ssid wifi
antenna gain 0
dfs band 3 block
speed basic-6.0 9.0 12.0 18.0 24.0 36.0 48.0 54.0 m0. m1. m2. m3. m4. m5. m6. m7. m8. m9. m10. m11
. m12. m13. m14. m15.
channel dfs
station-role root access-point
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface GigabitEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
no keepalive
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
interface BVI1
ip address 10.40.0.200 255.255.0.0
no ip route-cache
ip default-gateway 10.40.0.1
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
ip radius source-interface BVI1
radius-server local
no authentication mac
nas 10.20.2.96 key 7 003555402B5F012F3D007B16062C46430759550B3A232F7E0A1636472C01402573
radius-server attribute 32 include-in-access-req format %h
radius-server host 10.20.2.96 auth-port 1645 acct-port 1646 key 7 08100A08261D0F3E202A3B5C251E677C26
677B1C171E08576F7A4C077F19403C337F0C7C7D035B172550305F756934172E327A1B13250C154D4C3F1319305C3514
radius-server vsa send accounting
bridge 1 route ip
line con 0
line vty 0 4
end
ap# -
How can I fix this printer error with Samsung SCX-4300 and SCX-4521f on Windows Server 2008 R2?
I have two printers installed on Windows Server 2008 R2 (64-bit):
1. Samsung SCX-4521f
2. Samsung SCX-4300
There are two computers (Windows 7 Professional, 32-Bit) connected to this server that utilise these shared printers.
The drivers installed are as follows:
SCX-4x21_Win7_Print.exe (Win 2000/XP/2003/Vista/2008/Win 7 3.04.96:03 Print Driver 11 Dec, 2009 12.37 MULTI LANGUAGE)
SCX-4300_Print.exe (Win 2000/XP/2003/Vista/2008/Win 7(32,64bit) 3.04.95:07 Print Driver Jan 19, 2011 53.07 MULTI LANGUAGE)
After printing documents for some time (within a 24 period) the printers no longer respond to print requests.
On the server opening "Control Panel\Hardware\Devices and Printers" shows the two printers with yellow exclamation marks.
The "SCX-4x21" printer shows the "Status" as "Needs troubleshooting" and "Printer: Error".
The "SCX-4300" printer shows the "Status" as "Needs troubleshooting".
Neither will print a test page.
Searching for new drivers automatically returns saying: "The best driver software for your device is already installed".
The error persists and nothing will print.
When double-clicking on the "SCX-4x21" printer (or going to "Control Panel\Hardware\Devices and Printers\Samsung SCX-4x21 Series") you see the following:
"Printer: Error" and "N document(s) in queue".
Clicking on either of these brings up the print queue and shows a document with the status of "Error - Printing".
As each job with an error is cancelled the next one attempts to print and also displays an error like the last.
Once all the jobs are cleared the printer information says "Printer: Ready".
Sending a "Print Test Page" sends the printer into an error state saying "Printer: Error".
With the "SCX-4300", sending a "Print Test Page" displays a bubble saying: "Toner Empty: Replace Toner".
However, I can't see any specific error messages.
How do I find out what exactly "Needs troubleshooting"?
Please can anyone advise further?The printer (SCX-4300) has stopped again.
Since it has been stopped I have done your recommendations:
Unticked the "Enable bidirectional support" option under the "Ports" tab in the printer properties.
Set the "Interactive Services Detection" to Automatic and started it.
Unfortunately the printer did not start printing, the print jobs did not restart or delete.
I decided to check the Operational logs that we enabled.
The first job I see goes like this:
Information: Rendering job 41.
Error: The print spooler failed to delete the file C:\Windows\system32\spool\PRINTERS\00041.SHD, error code 0x2. See the event user data for context information.
Information: The print job 41 was sent through the print processor SSE1MPC on printer Samsung SCX-4300 Series, driver Samsung SCX-4300 Series, in the isolation mode 1 (0 - loaded in the spooler, 1 - loaded in shared sandbox, 2 - loaded in isolated
sandbox). Win32 error code returned by the print processor: 0x0.
Information:Printing job 41.
Information:Spooling job 41.
This job actually printed.
Other jobs printed fine with no error.
There are no other errors in the "Operational" log other than the "print spooler failed to delete" error.
Any ideas what to try now?
Update: Unticking the "Enable bidirectional support", clearing the print queue and then trying again seems to have fixed the problem for now. -
Good day!
Could you please help me? How to deploy connection (Mac OS X Yosemite to Windows RDS) through the RD Gateway with Two Factor authentication on Session host? How to open an authentication dialog that is the same as in Windows when logging on to network resources
in Windows (Windows Security)?
Our test environment: We have one RDS 2012 R2 server (all roles in one) and one session host in collection. On the session host installed Safenet Network Logon and it under GPO which disable all authentication, only OTP.Hi Sir,
It seems that you are going to integrate 3rd party product into AD for authentication .
I would suggest you to contact the vendor of Safenet for this deployment scenario :
http://www.safenet-inc.com/multi-factor-authentication/authentication-management/safenet-authentication-manager-express-samx/
Best Regards,
Elton Ji
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected] . -
Windows server 2008 R2 x64 Authentication failure while try to access Windows server 2003 R2
Hello,
I try to access Windows Server 2003 R2 Standard from Windows Server 2008 R2 x64 standard using integrated windows authentication . And because my application tries to read SQL server i'm getting and error that user is not trusted. Then I tried to open a
simple shared folder on 2003 and none of the users is able to do it. Both servers are part of common workgroup in the same IP range. Using domain is not an option. Migrating 2003 to 2008 is not an option either. The specific DB provider I have to use
supports only windows authentication, so creating user into SQL server is not an option too. I have tested many applications and cases which requires/uses windows authentication and non of the manage to connect.
Any help is very welcome because things are urgent!
Authentication failureThat method in workgroup mode may be a problem.
Authentication in SQL Server
Might ask them over here.
SQL Server forums on
MSDN
Regards, Dave Patrick ....
Microsoft Certified Professional
Microsoft MVP [Windows]
Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. -
Network Policy Server Two-factor authentication OTP
Hello,
I don't have much knowledge about the Network Policy Server so before digging into this; I would like to know if it offers two-factor authentication. If so, what are the possibilites? I'm looking for a validation based on a one-time password OTP (hardware/software
token or sms) and the Active Directory user/pwd.
Is there anything builtin in the Network Policy Server offering this?
Thank you!Hi,
NPS supports smart card.
Two-factor authentication provides improved security because it requires the user to meet two authentication criteria: a user name/password combination and a token or certificate.
A typical example of two-factor authentication with a certificate is the use of a smart card.
To use smart cards for remote access authentication, we may do the following:
Configure remote access on the remote access server.
Install a computer certificate on the remote access server computer.
Configure the Smart card or other certificate (TLS) EAP type in remote access policies.
Enable smart card authentication on the dial-up or VPN connection on the remote access client.
For detailed information, please refer to the link below,
Using smart cards for remote access
http://technet.microsoft.com/en-us/library/cc783310(v=WS.10).aspx
Best Regards.
Steven Lee
TechNet Community Support -
Hello,
I am a new IT Manager at this company and need assistance big time. Their environment looks as follows:
Server 1. Domain Controller Server (Windows Server 2008 R2 Standard) running active directory.
Server 2. Email Server (Windows Server 2008 R2 Standard) running Exchange Server 2010 .
* Note. No back ups to work with aside from whats mentioned below.
DC had a virus infection causing a lot of issues on the shared network drives 2 days ago locking up all the files with a crypto ransom virus. Running Avast suppressed the infection. Had to recover the file shares which luckily had a back up.
The issue is that the Exchange Server 2 post this lost connectivity with the AD Server 1. Exchange Server 2 when launching EMC could not launch the console stating the following:
"No Exchange servers are available in any Active Directory sites. You can’t connect to remote
Powershell on a computer that only has the Management Tools role installed."
Shortly after I found that it is possible the EMC launcher was corrupt and needed to be reinstalled following another blog post. I deleted the exchange management console.msc per instructions only to discover I couldnt relaunch it because there was
no way how. So I copied another msc file that happened to be on the DC Server 1 back to Exchange Server 2 and got it to launch again.
Another post said that it might be an issue with the Domain Account for the Computer, so to delete it in the AD Server 1 only to find that rejoining it from Exchange Server 2 using Computer>Properties> Chage Settings > Change is greyed out because
it is using the Certificate Authority Service.
I tried manually re-adding the computer in AD and modeling permissions after another server in group settings but no go. After this I was unable to login to the Exchange Server 2 with domain accounts but only local admin, receiving the following Alert:
"The Trust Relationship between this workstation and primary domain failed."
I tried running the Power Shell tools on Exchange Server 2 to rejoing and to reset passwords for domain accounts as noted in some other blogs but no luck as the Server 2 could not make the connection with Server1 or other errors it kept spitting out.
I also during the investigation found the DNS settings were all altered on both the Server 1 and Server 2 which I luckily was able to change back to original because of inventorying it in the beginning when I started.
I need help figuring out if I need to rejoin the Exchange Server 2 manually by disabling the Certificate Authority Service (or removing the CA as listed here:
https://social.technet.microsoft.com/Forums/exchange/en-US/fb23deab-0a12-410d-946c-517d5aea7fae/windows-server-2008-r2-with-certificate-authority-service-to-rejoin-domain?forum=winserversecurity
and getting exchange server to launch again. (Mind you I am relatively fresh to server managing) Please help E-Mail has been down for a whole day now!
MartyI recommend that you open a ticket with Microsoft Support before you break things more.
Ed Crowley MVP "There are seldom good technological solutions to behavioral problems." -
MAC Authentication + Windows Server 2008 R2 Radius server
Hello there,
I have been trying to configure the MAC Authentication on Windows Server Network Policy Server but no success. Details on my configuration can be find below.
I have firstly enabled the Mac Authentication on 3com switch 4400 model.
enabling -> Mac-authentication
enabling authentication mode -> UsernameAsMacAddress
configuring a domain - mac-authentication domain abc.local.
I left the default Vlan (Vlan1)
While on my DC, I created a user
username: 00-00-00-00-00-00
password: 00-00-00-00-00-00
Lastly on the NPS Server, I configured the 802.1x Wired configuration, I configured the NAS (Radius Client) whici is the 3com Switch.
After completing the configurations, I turned on my computer with and logged on to the domain abc\00-00-00-00-00-00 with the password. But there was no success when the computer tried to connect to the network looking for DHCP services to obtain IP address.
On the NPS event service, I got:
User:
Security ID:
NULL SID
Account Name:
[email protected]
Account Domain:
abc
Fully Qualified Account Name:
abc\00-00-00-00-00-00
Client Machine:
Security ID:
NULL SID
Account Name:
Fully Qualified Account Name:
OS-Version:
Called Station Identifier:
Calling Station Identifier:
0000-0000-0000
NAS:
NAS IPv4 Address:
xxx.xxx.xx.xx
NAS IPv6 Address:
NAS Identifier:
00aa00aa00aa
NAS Port-Type:
Ethernet
NAS Port:
12345678
RADIUS Client:
Client Friendly Name:
3com
Client IP Address:
xxx.xxx.xx.xx
Authentication Details:
Connection Request Policy Name:
NAP 802.1X (Wired) 2
Network Policy Name:
Authentication Provider:
Windows
Authentication Server:
server.abc.local
Authentication Type:
PAP
EAP Type:
Account Session Identifier:
Logging Results:
Accounting information was written to the local log file.
Reason Code:
16
Reason:
Authentication failed due to a user credentials mismatch. Either the user name provided does not map to an existing user account or the password was incorrect.
All I could find was " Authentication failed due to the reason appeared in the reason code but I am very sure that the name and the password are the same. I hope someone can help me out.
Thanks.Hi,
Thanks for your post.
MAC address authorization is performed when the user does not type in any user name or password, and refuses to use any valid authentication method. In this case, Network Policy Server (NPS) receives the Calling-Station-ID attribute, and no user name and
password. To support MAC address authorization, Active Directory Domain Services (AD DS) must have user accounts that contain MAC addresses as user names.
For more detailed information about MAC Address Authorization, please refer to the below article. Hope it helps.
MAC Address Authorization
http://technet.microsoft.com/en-us/library/dd197535(WS.10).aspx
Best Regards,
Aiden
Aiden Cao
TechNet Community Support -
Two-factor authentication by using Digital Cert
Dear Friends,
I am trying to implement two-factor authentication on any connect vpn. While uploading identity certificate on the windows 2008 server ,getting below mentioned error
Please help on this.
Regards,
Shinu MathewHi Lars,
If you are using SMS PASSCODE, go to http://www.smspasscode.com/support and ask them to send you the setup guide or walk you through the configuration.
Kind Regards
Lars (@smspasscode). -
Sun VDI - Two Factor Authentication
Dear Colleagues,
The simple way to implement two factor authentication is by replacing the vdaclient.jar. We are working on RSA SecurID authentication with SSO support, by using the Windows password integration feature of RSA SecurID. The RSA Authentication Manager (version 6+) has a field for caching the Windows password, normally used by the Windows Authentication Agent (6.1+). These agent API methods are not available in the JAVA agent API nor the c API for Solaris, but we will work around this for our new RSA Authentication Agent for Sun VDI.
If I understand the broker service correctly, this will not be a solution for direct RDP connections. Users can only be challenged with their AD username and password, the broker will test the credentials using Kerberos and if successful proxy a RDP connection on behalf of the client.
Does anyone know a possible alternative? Does a roadmap exist for full two factor authentication support on the broker?
Best Regards,
Arno Staal
Divider B.V.Hi
Thanks for your response. I don't think I made myself clear. We run UAG 2010 and have not implemented Direct access. We now have many users wishing to access our internal resources. Our internal info security bods have demanded we provide a two factor authentication
methodology. Direct access need at least Windows 7 enterprise on the client. We cannot afford the licencing. Nor can we currently afford windows 2012 cals. What I was after was a method of implementing two factor authentication on our current UAG
portal. I have access to a radius server. I am not an expert on UAG the guy who was has left.
Regards -
Winlogon Init in Windows Server 2008 R2
I had a Windows Server 2008 R2 machine that was acting slow on bootup. I have gotten it down to about 20 seconds after being at the control alt delete screen I can RDP into it. During the process of figuring out what was going on I have been running xbootmgr
and reviewing in Windows Performance Analyzer.
The one thing I notice still happening is that there are two Winlogon Inits. The one right after Session Init never ends and either does the post boot. There is another winlogon init right before explorer init that only lasts a few seconds.
How can I troubleshoot a winlogon that appears to almost never end? For example when I look at boot phases summary table for winlogon init the duration is 9223372011.172895400 and around the same amount for Post Boot?
The only thing that has changed is I had a data drive with tomcat on it that was on an iscsi drive. I created a new drive in VMware and moved the files over from there, turned the old drive offline, removed any favorites/targets and so on and turned
ISCSI to manual.Here is part of the log. I notice in the event viewer the following details
Completed computer boot policy processing for server in 0 seconds
This server is a copy of another server that is experiencing the same issue. I am using this server as a way to troubleshoot the production server.
The two servers are on different NIC's in VMware and different VLAN's. I have installed the latest version of Symantec Enterprise Small Business Edition and uninstall/reinstalled VMware Tools. Really it is booting and I am able to access it much faster then
I use to but it still bugs me that the first winit logon just doesn't seem to stop.
GPSVC(378.6ac) 11:37:31:175 Target = Machine
GPSVC(378.6ac) 11:37:31:175 Target = Machine, ChangeNumber 0
GPSVC(378.6ac) 11:37:31:175 Target = S-1-5-21-2417457550-112437670-4152218938-1966
GPSVC(378.6ac) 11:37:31:175 Target = S-1-5-21-2417457550-112437670-4152218938-1966, ChangeNumber 0
GPSVC(378.6ac) 11:37:31:175 Target = S-1-5-21-2417457550-112437670-4152218938-1966
GPSVC(378.6ac) 11:37:31:175 Target = S-1-5-21-2417457550-112437670-4152218938-1966, ChangeNumber 0
GPSVC(378.6ac) 11:37:31:190 Target = S-1-5-21-2417457550-112437670-4152218938-1966
GPSVC(378.6ac) 11:37:31:190 Target = S-1-5-21-2417457550-112437670-4152218938-1966, ChangeNumber 0
GPSVC(378.6ac) 11:37:31:190 Target = S-1-5-21-2417457550-112437670-4152218938-1966
GPSVC(378.6ac) 11:37:31:190 Target = S-1-5-21-2417457550-112437670-4152218938-1966, ChangeNumber 0
GPSVC(378.6ac) 11:37:31:190 Target = S-1-5-21-2417457550-112437670-4152218938-1966
GPSVC(378.6ac) 11:37:31:190 Target = S-1-5-21-2417457550-112437670-4152218938-1966, ChangeNumber 0
GPSVC(378.6ac) 11:38:03:358 Waiting for user group policy thread to terminate.
GPSVC(378.6ac) 11:38:03:358 User group policy thread has terminated.
GPSVC(378.6ac) 11:38:03:358 Setting GPsession state = 0
GPSVC(378.6ac) 11:38:03:358 Deleting critical section for UserSid <S-1-5-21-2417457550-112437670-4152218938-1966>
GPSVC(378.6ac) 11:38:03:358 Deleting sidString <S-1-5-21-2417457550-112437670-4152218938-1966>
GPSVC(378.ee8) 11:38:03:592 CGPNotify::UnregisterNotification: Entering with event 0xeac
GPSVC(378.ee8) 11:38:03:592 CGPNotify::AbortAsyncRegistration: No asyn registration is pending
GPSVC(378.ee8) 11:38:03:592 CGPNotify::UnregisterNotification: Canceling pending calls
GPSVC(378.ee8) 11:38:03:592 Client_CompleteNotificationCall: failed with 0x71a
GPSVC(378.ee8) 11:38:03:592 CGPNotify::UnregisterNotification: Cancelled pending calls
GPSVC(378.ee8) 11:38:03:592 CGPNotify::UnregisterNotification: Exiting with dwStatus = 0x0
GPSVC(240.e58) 11:38:03:748 Client_CompleteNotificationCall: failed with 0x525
GPSVC(240.e58) 11:38:03:748 CGPNotify::OnNotificationTriggered: Completenotification failed with 1317
GPSVC(240.264) 11:38:03:748 Client_CompleteNotificationCall: failed with 0x525
GPSVC(240.264) 11:38:03:748 CGPNotify::OnNotificationTriggered: Completenotification failed with 1317
GPSVC(378.d0c) 11:38:03:748 Waiting for machine group policy thread to terminate.
GPSVC(378.794) 11:38:03:748 Client_CompleteNotificationCall: failed with 0x525
GPSVC(378.794) 11:38:03:748 CGPNotify::OnNotificationTriggered: Completenotification failed with 1317
GPSVC(2a0.ef4) 11:38:03:748 Client_CompleteNotificationCall: failed with 0x525
GPSVC(2a0.ef4) 11:38:03:748 CGPNotify::OnNotificationTriggered: Completenotification failed with 1317
GPSVC(378.ecc) 11:38:03:748 Client_CompleteNotificationCall: failed with 0x525
GPSVC(378.ecc) 11:38:03:748 CGPNotify::OnNotificationTriggered: Completenotification failed with 1317
GPSVC(2a0.e10) 11:38:03:748 Client_CompleteNotificationCall: failed with 0x525
GPSVC(2a0.e10) 11:38:03:748 CGPNotify::OnNotificationTriggered: Completenotification failed with 1317
GPSVC(378.794) 11:38:03:748 Client_CompleteNotificationCall: failed with 0x525
GPSVC(378.794) 11:38:03:748 CGPNotify::OnNotificationTriggered: Completenotification failed with 1317
GPSVC(378.d0c) 11:38:03:763 machine group policy thread has terminated.
GPSVC(378.d0c) 11:38:03:763 Setting GPsession state = 0
GPSVC(378.d0c) 11:38:03:763 Deleting critical section for UserSid <(null)>
GPSVC(378.d0c) 11:38:03:763 Deleting machine
GPSVC(378.ecc) 11:38:03:763 Calling AbortWaitingCallers
GPSVC(240.e58) 11:38:03:763 Client_CompleteNotificationCall: failed with 0x6ba
GPSVC(240.e58) 11:38:03:763 CGPNotify::OnNotificationTriggered: Completenotification failed with 1722
GPSVC(240.264) 11:38:03:763 CGPNotify::RegisterNotificationAsynchronously: Created thread 3328
GPSVC(240.264) 11:38:03:763 CGPNotify::RegisterNotificationAsynchronously: Exiting with status = 0
GPSVC(240.264) 11:38:03:763 Client_CompleteNotificationCall: failed with 0x6ba
GPSVC(240.264) 11:38:03:763 CGPNotify::OnNotificationTriggered: Completenotification failed with 1722
GPSVC(240.e58) 11:38:03:763 CGPNotify::RegisterNotificationAsynchronously: Starting async registration
GPSVC(240.bc0) 11:38:03:763 Client_CompleteNotificationCall: failed with 0x6ba
GPSVC(378.ecc) 11:38:03:763 Deleting machine
GPSVC(240.bc0) 11:38:03:763 CGPNotify::RegisterNotificationAsynchronously: Starting async registration
GPSVC(240.bc0) 11:38:03:763 CGPNotify::RegisterNotificationAsynchronously: Async registration thread already created
GPSVC(240.bc0) 11:38:03:763 CGPNotify::RegisterNotificationAsynchronously: Exiting with status = 0
GPSVC(378.390) 11:38:05:854 CGPNotify::UnregisterNotification: Entering with event 0x1ac
GPSVC(378.390) 11:38:05:854 CGPNotify::AbortAsyncRegistration: No asyn registration is pending
GPSVC(378.390) 11:38:05:854 CGPNotify::UnregisterNotification: Exiting with dwStatus = 0x0
GPSVC(2a0.ef4) 11:38:06:415 CGPNotify::UnregisterNotification: Entering with event 0x2a0
GPSVC(2a0.ef4) 11:38:06:415 CGPNotify::AbortAsyncRegistration: No asyn registration is pending
GPSVC(2a0.ef4) 11:38:06:415 CGPNotify::UnregisterNotification: Exiting with dwStatus = 0x0
GPSVC(29c.2ac) 11:38:58:537 CGPNotify::RegisterForNotification: Entering with target Machine and event 0x2a0
GPSVC(29c.2ac) 11:38:58:537 Client_InitialRegisterForNotification: User = machine, changenumber = 0
GPSVC(29c.2ac) 11:38:58:537 Client_RegisterForNotification: CheckRegisterForNotification returned error 0x6ba
GPSVC(29c.2ac) 11:38:58:537 CGPNotify::RegisterForNotification: Service not RUNNING. waiting
GPSVC(29c.2ac) 11:38:58:537 CGPNotify::RegisterForNotification: Trying to recover from error 1722
GPSVC(29c.2ac) 11:38:58:537 CGPNotify::RegisterNotificationAsynchronously: Starting async registration
GPSVC(29c.2ac) 11:38:58:537 CGPNotify::RegisterNotificationAsynchronously: Created thread 692
GPSVC(29c.2ac) 11:38:58:537 CGPNotify::RegisterNotificationAsynchronously: Exiting with status = 0
GPSVC(29c.2ac) 11:38:58:537 CGPNotify::RegisterForNotification: Exiting with status = 0
GPSVC(29c.2c8) 11:38:59:192 CGPNotify::RegisterForNotification: Entering with target Machine and event 0x3ac
GPSVC(29c.2c8) 11:38:59:192 Client_InitialRegisterForNotification: User = machine, changenumber = 0
GPSVC(29c.2c8) 11:38:59:192 Client_RegisterForNotification: CheckRegisterForNotification returned error 0x6ba
GPSVC(29c.2c8) 11:38:59:208 CGPNotify::RegisterForNotification: Service not RUNNING. waiting
GPSVC(29c.2c8) 11:38:59:208 CGPNotify::RegisterForNotification: Trying to recover from error 1722
GPSVC(29c.2c8) 11:38:59:208 CGPNotify::RegisterNotificationAsynchronously: Starting async registration
GPSVC(29c.2c8) 11:38:59:208 CGPNotify::RegisterNotificationAsynchronously: Async registration thread already created
GPSVC(29c.2c8) 11:38:59:208 CGPNotify::RegisterNotificationAsynchronously: Exiting with status = 0
GPSVC(29c.2c8) 11:38:59:208 CGPNotify::RegisterForNotification: Exiting with status = 0
GPSVC(29c.2b4) 11:39:01:439 CGPNotify::RegisterNotificationAsynchronously: Service started successfully
GPSVC(29c.2b4) 11:39:01:439 Client_RegisterForNotification: User = machine, changenumber = 0
GPSVC(29c.2b4) 11:39:01:439 Client_RegisterForNotification: User = machine, changenumber = 0
GPSVC(370.380) 11:39:01:470 Target = Machine, ChangeNumber 0
GPSVC(370.380) 11:39:01:470 Target = Machine, ChangeNumber 0
GPSVC(370.380) 11:39:01:470 Target = Machine, ChangeNumber 0
GPSVC(370.37c) 11:39:01:470 -------------------------------------------
GPSVC(370.37c) 11:39:01:470 Use the Event Viewer to analyze the Group Policy operational log for details on Group Policy service activity.
GPSVC(370.37c) 11:39:01:470 -------------------------------------------
GPSVC(370.37c) 11:39:01:470
GPSVC(370.37c) 11:39:01:470 InitializeProductType: Product Type: 2
GPSVC(370.37c) 11:39:01:470 Register for connectivity notification is Enabled.
GPSVC(370.388) 11:39:01:470 CGPNotify::RegisterForNotification: Entering with target Machine and event 0x1ac
GPSVC(370.388) 11:39:01:470 Client_InitialRegisterForNotification: User = machine, changenumber = 0
GPSVC(370.3c4) 11:39:01:470 Target = Machine
GPSVC(370.388) 11:39:01:470 Client_RegisterForNotification: User = machine, changenumber = 0
GPSVC(370.388) 11:39:01:470 CGPNotify::RegisterForNotification: Exiting with status = 0
GPSVC(370.37c) 11:39:02:312 Target = Machine
GPSVC(370.37c) 11:39:02:312 Target = Machine, ChangeNumber 0
GPSVC(370.380) 11:39:04:652 Target = Machine
GPSVC(370.1a8) 11:39:04:652 Target = Machine, ChangeNumber 0
GPSVC(370.380) 11:39:05:635 bMachine = 1
GPSVC(370.380) 11:39:05:651 Setting GPsession state = 1
GPSVC(370.4c0) 11:39:05:807 Waiting for connectivity before applying policies
GPSVC(370.4c0) 11:39:05:807 Waiting for SamSs with timeout 106
GPSVC(370.380) 11:39:05:807 Message Status = <Applying computer settings...>
GPSVC(370.4b4) 11:39:05:822 Setting GPsession state = 1
GPSVC(370.4c0) 11:39:05:822 Waiting for NTDS.IndexRecreateEvent with timeout 90
GPSVC(370.4c0) 11:39:05:822 Waiting for NlaSvc with timeout 90
GPSVC(370.4c0) 11:39:05:947 Waiting for NlaSvc failed with 0x0
GPSVC(370.4c0) 11:39:05:947 Wait for network connectivity timed out... proceeding to apply policy.
GPSVC(370.4c0) 11:39:05:947 NlaOpenQuery failed with 0x6ba
GPSVC(370.4c0) 11:39:05:978 GetDomainControllerConnectionInfo: Enabling bandwidth estimate.
GPSVC(370.4c0) 11:39:05:978 NlaOpenQuery failed with 0x6ba
GPSVC(370.4c0) 11:39:05:978 EnableBandwidthEstimate: GetConnectivityInfo Failed with 0x6ba.
GPSVC(370.4c0) 11:39:05:978 GetDomainControllerConnectionInfo: EnableBandwidthEstimate failed 0x6ba but will continue
GPSVC(370.4c0) 11:39:05:978 GetDomainControllerConnectionInfo: Getting Ldap Handles.
GPSVC(370.4c0) 11:39:05:978 GetLdapHandle: Getting ldap handle for host: HIN-PROD-DC01.hin.local in domain: hin.local.
GPSVC(370.4c0) 11:39:06:010 GetLdapHandle: Server connection established.
GPSVC(370.4c0) 11:39:06:041 GetLdapHandle: Binding using only kerberos.
GPSVC(370.380) 11:39:06:166 Sid = (null), dwTimeout = 1, dwFlags = 268435459
GPSVC(370.380) 11:39:06:166 LockPolicySection called for user <Machine>
GPSVC(370.380) 11:39:06:166 Async Lock called
GPSVC(370.380) 11:39:06:166 Reader Lock got immediately. m_cReadersInLock : 1
GPSVC(370.380) 11:39:06:166 Sid = (null), dwTimeout = 1, dwFlags = 268435459
GPSVC(370.380) 11:39:06:166 LockPolicySection called for user <Machine>
GPSVC(370.380) 11:39:06:166 Async Lock called
GPSVC(370.380) 11:39:06:166 Reader Lock got immediately. m_cReadersInLock : 2
GPSVC(370.380) 11:39:06:166 Sid = (null)
GPSVC(370.380) 11:39:06:166 UnLockPolicySection called for user <Machine>
GPSVC(370.380) 11:39:06:166 Found the caller in the ReaderHavingLock List. Removing it...
GPSVC(370.380) 11:39:06:166 UnLocked successfully
GPSVC(370.1a8) 11:39:06:166 Sid = (null), dwTimeout = 1, dwFlags = 268435459
GPSVC(370.1a8) 11:39:06:166 LockPolicySection called for user <Machine>
GPSVC(370.1a8) 11:39:06:166 Async Lock called
GPSVC(370.1a8) 11:39:06:166 Reader Lock got immediately. m_cReadersInLock : 2
GPSVC(370.1a8) 11:39:06:166 Sid = (null)
GPSVC(370.1a8) 11:39:06:166 UnLockPolicySection called for user <Machine>
GPSVC(370.1a8) 11:39:06:166 Found the caller in the ReaderHavingLock List. Removing it...
GPSVC(370.1a8) 11:39:06:166 UnLocked successfully
GPSVC(370.380) 11:39:06:166 Sid = (null), dwTimeout = 1, dwFlags = 268435459
GPSVC(370.380) 11:39:06:166 LockPolicySection called for user <Machine>
GPSVC(370.380) 11:39:06:166 Async Lock called
GPSVC(370.380) 11:39:06:166 Reader Lock got immediately. m_cReadersInLock : 2
GPSVC(370.380) 11:39:06:166 Sid = (null)
GPSVC(370.380) 11:39:06:166 UnLockPolicySection called for user <Machine>
GPSVC(370.380) 11:39:06:166 Found the caller in the ReaderHavingLock List. Removing it...
GPSVC(370.380) 11:39:06:166 UnLocked successfully
GPSVC(370.1a8) 11:39:06:166 Sid = (null), dwTimeout = 1, dwFlags = 268435459
GPSVC(370.1a8) 11:39:06:166 LockPolicySection called for user <Machine>
GPSVC(370.1a8) 11:39:06:166 Async Lock called
GPSVC(370.1a8) 11:39:06:166 Reader Lock got immediately. m_cReadersInLock : 2
GPSVC(370.1a8) 11:39:06:166 Sid = (null)
GPSVC(370.1a8) 11:39:06:181 UnLockPolicySection called for user <Machine>
GPSVC(370.1a8) 11:39:06:181 Found the caller in the ReaderHavingLock List. Removing it...
GPSVC(370.1a8) 11:39:06:181 UnLocked successfully
GPSVC(370.380) 11:39:06:181 Sid = (null), dwTimeout = 1, dwFlags = 268435459
GPSVC(370.380) 11:39:06:181 LockPolicySection called for user <Machine>
GPSVC(370.380) 11:39:06:181 Async Lock called
GPSVC(370.380) 11:39:06:181 Reader Lock got immediately. m_cReadersInLock : 2
GPSVC(370.380) 11:39:06:181 Sid = (null)
GPSVC(370.380) 11:39:06:181 UnLockPolicySection called for user <Machine>
GPSVC(370.380) 11:39:06:181 Found the caller in the ReaderHavingLock List. Removing it...
GPSVC(370.380) 11:39:06:181 UnLocked successfully
GPSVC(370.1a8) 11:39:06:181 Sid = (null), dwTimeout = 1, dwFlags = 268435459
GPSVC(370.1a8) 11:39:06:181 LockPolicySection called for user <Machine>
GPSVC(370.1a8) 11:39:06:181 Async Lock called
GPSVC(370.1a8) 11:39:06:181 Reader Lock got immediately. m_cReadersInLock : 2
GPSVC(370.1a8) 11:39:06:181 Sid = (null)
GPSVC(370.1a8) 11:39:06:181 UnLockPolicySection called for user <Machine>
GPSVC(370.1a8) 11:39:06:181 Found the caller in the ReaderHavingLock List. Removing it...
GPSVC(370.1a8) 11:39:06:181 UnLocked successfully
GPSVC(370.380) 11:39:06:181 Sid = (null), dwTimeout = 1, dwFlags = 268435459
GPSVC(370.380) 11:39:06:181 LockPolicySection called for user <Machine>
GPSVC(370.380) 11:39:06:181 Async Lock called
GPSVC(370.380) 11:39:06:181 Reader Lock got immediately. m_cReadersInLock : 2
GPSVC(370.380) 11:39:06:181 Sid = (null)
GPSVC(370.380) 11:39:06:181 UnLockPolicySection called for user <Machine>
GPSVC(370.380) 11:39:06:181 Found the caller in the ReaderHavingLock List. Removing it...
GPSVC(370.380) 11:39:06:181 UnLocked successfully
GPSVC(370.4c0) 11:39:06:181 GetLdapHandle: Bound successfully.
GPSVC(370.380) 11:39:06:197 Sid = (null), dwTimeout = 1, dwFlags = 268435459
GPSVC(370.380) 11:39:06:197 LockPolicySection called for user <Machine>
GPSVC(370.380) 11:39:06:197 Async Lock called
GPSVC(370.380) 11:39:06:197 Reader Lock got immediately. m_cReadersInLock : 2
GPSVC(370.380) 11:39:06:197 Sid = (null)
GPSVC(370.380) 11:39:06:197 UnLockPolicySection called for user <Machine>
GPSVC(370.380) 11:39:06:197 Found the caller in the ReaderHavingLock List. Removing it...
GPSVC(370.380) 11:39:06:197 UnLocked successfully
GPSVC(370.380) 11:39:06:197 Sid = (null), dwTimeout = 1, dwFlags = 268435459
GPSVC(370.380) 11:39:06:197 LockPolicySection called for user <Machine>
GPSVC(370.380) 11:39:06:197 Async Lock called
GPSVC(370.380) 11:39:06:197 Reader Lock got immediately. m_cReadersInLock : 2
GPSVC(370.4c0) 11:39:06:197 ProcessGPOs: GetNetworkName failed with 1722.
GPSVC(370.380) 11:39:06:197 Sid = (null)
GPSVC(370.380) 11:39:06:197 UnLockPolicySection called for user <Machine>
GPSVC(370.380) 11:39:06:197 Found the caller in the ReaderHavingLock List. Removing it...
GPSVC(370.380) 11:39:06:197 UnLocked successfully
GPSVC(370.380) 11:39:06:197 Sid = (null), dwTimeout = 1, dwFlags = 268435459
GPSVC(370.380) 11:39:06:197 LockPolicySection called for user <Machine>
GPSVC(370.380) 11:39:06:197 Async Lock called
GPSVC(370.380) 11:39:06:197 Reader Lock got immediately. m_cReadersInLock : 2
GPSVC(370.380) 11:39:06:197 Sid = (null)
GPSVC(370.380) 11:39:06:197 UnLockPolicySection called for user <Machine>
GPSVC(370.380) 11:39:06:197 Found the caller in the ReaderHavingLock List. Removing it...
GPSVC(370.380) 11:39:06:212 UnLocked successfully
GPSVC(370.380) 11:39:06:212 Sid = (null), dwTimeout = 1, dwFlags = 268435459
GPSVC(370.380) 11:39:06:212 LockPolicySection called for user <Machine>
GPSVC(370.380) 11:39:06:212 Async Lock called
GPSVC(370.380) 11:39:06:212 Reader Lock got immediately. m_cReadersInLock : 2
GPSVC(370.380) 11:39:06:212 Sid = (null)
GPSVC(370.380) 11:39:06:212 UnLockPolicySection called for user <Machine>
GPSVC(370.380) 11:39:06:212 Found the caller in the ReaderHavingLock List. Removing it...
GPSVC(370.380) 11:39:06:212 UnLocked successfully
GPSVC(370.380) 11:39:06:212 Sid = (null), dwTimeout = 1, dwFlags = 268435459
GPSVC(370.380) 11:39:06:212 LockPolicySection called for user <Machine>
GPSVC(370.380) 11:39:06:212 Async Lock called
GPSVC(370.380) 11:39:06:212 Reader Lock got immediately. m_cReadersInLock : 2
GPSVC(370.380) 11:39:06:212 Sid = (null)
GPSVC(370.380) 11:39:06:212 UnLockPolicySection called for user <Machine>
GPSVC(370.380) 11:39:06:212 Found the caller in the ReaderHavingLock List. Removing it...
GPSVC(370.380) 11:39:06:212 UnLocked successfully
GPSVC(370.380) 11:39:06:212 Sid = (null), dwTimeout = 1, dwFlags = 268435459
GPSVC(370.380) 11:39:06:212 LockPolicySection called for user <Machine>
GPSVC(370.380) 11:39:06:212 Async Lock called
GPSVC(370.380) 11:39:06:212 Reader Lock got immediately. m_cReadersInLock : 2
GPSVC(370.380) 11:39:06:212 Sid = (null)
GPSVC(370.380) 11:39:06:212 UnLockPolicySection called for user <Machine>
GPSVC(370.380) 11:39:06:212 Found the caller in the ReaderHavingLock List. Removing it...
GPSVC(370.380) 11:39:06:212 UnLocked successfully
GPSVC(370.380) 11:39:06:212 Sid = (null), dwTimeout = 1, dwFlags = 268435459
GPSVC(370.380) 11:39:06:212 LockPolicySection called for user <Machine>
GPSVC(370.380) 11:39:06:212 Async Lock called
GPSVC(370.380) 11:39:06:212 Reader Lock got immediately. m_cReadersInLock : 2
GPSVC(370.380) 11:39:06:212 Sid = (null)
GPSVC(370.380) 11:39:06:212 UnLockPolicySection called for user <Machine>
GPSVC(370.380) 11:39:06:212 Found the caller in the ReaderHavingLock List. Removing it...
GPSVC(370.380) 11:39:06:212 UnLocked successfully
GPSVC(370.380) 11:39:06:212 Sid = (null), dwTimeout = 1, dwFlags = 268435459
GPSVC(370.380) 11:39:06:212 LockPolicySection called for user <Machine>
GPSVC(370.380) 11:39:06:212 Async Lock called
GPSVC(370.380) 11:39:06:212 Reader Lock got immediately. m_cReadersInLock : 2
GPSVC(370.380) 11:39:06:212 Sid = (null)
GPSVC(370.380) 11:39:06:212 UnLockPolicySection called for user <Machine>
GPSVC(370.380) 11:39:06:212 Found the caller in the ReaderHavingLock List. Removing it...
GPSVC(370.380) 11:39:06:212 UnLocked successfully
GPSVC(370.380) 11:39:06:212 Sid = (null), dwTimeout = 1, dwFlags = 268435459
GPSVC(370.380) 11:39:06:212 LockPolicySection called for user <Machine>
GPSVC(370.380) 11:39:06:212 Async Lock called
GPSVC(370.380) 11:39:06:212 Reader Lock got immediately. m_cReadersInLock : 2
GPSVC(370.380) 11:39:06:212 Sid = (null)
GPSVC(370.380) 11:39:06:212 UnLockPolicySection called for user <Machine>
GPSVC(370.380) 11:39:06:212 Found the caller in the ReaderHavingLock List. Removing it...
GPSVC(370.380) 11:39:06:212 UnLocked successfully
GPSVC(370.380) 11:39:06:228 Sid = (null), dwTimeout = 1, dwFlags = 268435459
GPSVC(370.380) 11:39:06:228 LockPolicySection called for user <Machine>
GPSVC(370.380) 11:39:06:228 Async Lock called
GPSVC(370.380) 11:39:06:228 Reader Lock got immediately. m_cReadersInLock : 2
GPSVC(370.380) 11:39:06:228 Sid = (null)
GPSVC(370.380) 11:39:06:228 UnLockPolicySection called for user <Machine>
GPSVC(370.380) 11:39:06:228 Found the caller in the ReaderHavingLock List. Removing it...
GPSVC(370.380) 11:39:06:228 UnLocked successfully
GPSVC(370.380) 11:39:06:228 Sid = (null)
GPSVC(370.380) 11:39:06:228 UnLockPolicySection called for user <Machine>
GPSVC(370.380) 11:39:06:228 Found the caller in the ReaderHavingLock List. Removing it...
GPSVC(370.380) 11:39:06:228 Setting lock state as notLocked
GPSVC(370.380) 11:39:06:228 UnLocked successfully
GPSVC(370.4c0) 11:39:06:228 ReadGPExtensions: Rsop entry point not found for C:\Windows\System32\dskquota.dll.
GPSVC(370.4c0) 11:39:06:244 ReadGPExtensions: Rsop entry point not found for gptext.dll.
GPSVC(370.4c0) 11:39:06:244 ReadGPExtensions: Rsop entry point not found for C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll.
GPSVC(370.4c0) 11:39:06:244 ReadGPExtensions: Rsop entry point not found for C:\Windows\System32\iedkcs32.dll.
GPSVC(370.4c0) 11:39:06:244 ReadGPExtensions: Rsop entry point not found for C:\Windows\System32\iedkcs32.dll.
GPSVC(370.4c0) 11:39:06:244 ReadGPExtensions: Rsop entry point not found for gptext.dll.
GPSVC(370.4c0) 11:39:06:244 ReadGPExtensions: Rsop entry point not found for C:\Windows\System32\iedkcs32.dll.
GPSVC(370.4c0) 11:39:06:244 ReadGPExtensions: Rsop entry point not found for gptext.dll.
GPSVC(370.4c0) 11:39:06:244 ReadGPExtensions: Rsop entry point not found for gptext.dll.
GPSVC(370.4c0) 11:39:06:244 GetGPOInfo: ********************************
GPSVC(370.4c0) 11:39:06:244 GetGPOInfo: Entering...
GPSVC(370.4c0) 11:39:06:259 GetMachineToken: Looping for authentication again.
GPSVC(370.4c0) 11:39:06:259 SearchDSObject: Searching <DC=hin,DC=local>
GPSVC(370.4c0) 11:39:06:259 SearchDSObject: Found GPO(s): <[LDAP://cn={872FD407-F355-4B98-A0E0-0695F57F9C0B},cn=policies,cn=system,DC=hin,DC=local;0][LDAP://CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=hin,DC=local;2]>
GPSVC(370.4c0) 11:39:06:259 ProcessGPO: ==============================
GPSVC(370.4c0) 11:39:06:259 ProcessGPO: Deferring search for <LDAP://cn={872FD407-F355-4B98-A0E0-0695F57F9C0B},cn=policies,cn=system,DC=hin,DC=local>
GPSVC(370.4c0) 11:39:06:259 ProcessGPO: ==============================
GPSVC(370.4c0) 11:39:06:259 ProcessGPO: Deferring search for <LDAP://CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=hin,DC=local>
GPSVC(370.4c0) 11:39:06:259 SearchDSObject: Searching <CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=hin,DC=local>
GPSVC(370.4c0) 11:39:06:259 SearchDSObject: No GPO(s) for this object.
GPSVC(370.4c0) 11:39:06:259 EvaluateDeferredGPOs: Searching for GPOs in cn=policies,cn=system,DC=hin,DC=local
GPSVC(370.4c0) 11:39:06:259 ProcessGPO: ==============================
GPSVC(370.4c0) 11:39:06:259 ProcessGPO: Searching <CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=hin,DC=local>
GPSVC(370.4c0) 11:39:06:259 ProcessGPO: Machine has access to this GPO.
GPSVC(370.4c0) 11:39:06:259 ProcessGPO: GPO passes the filter check.
GPSVC(370.4c0) 11:39:06:259 ProcessGPO: Found functionality version of: 2
GPSVC(370.4c0) 11:39:06:259 ProcessGPO: Found file system path of: <\\hin.local\sysvol\hin.local\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}>
GPSVC(370.4c0) 11:39:06:290 ProcessGPO: Found common name of: <{31B2F340-016D-11D2-945F-00C04FB984F9}>
GPSVC(370.4c0) 11:39:06:290 ProcessGPO: Found display name of: <Default Domain Policy>
GPSVC(370.4c0) 11:39:06:290 ProcessGPO: Found machine version of: GPC is 189, GPT is 189
GPSVC(370.4c0) 11:39:06:290 ProcessGPO: Found flags of: 0
GPSVC(370.4c0) 11:39:06:290 ProcessGPO: Found extensions: [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{53D6AB1B-2488-11D1-A28C-00C04FB94F17}{D02B1F72-3407-48AE-BA88-E8213C6761F1}][{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}][{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}{53D6AB1B-2488-11D1-A28C-00C04FB94F17}]
GPSVC(370.4c0) 11:39:06:290 ProcessGPO: ==============================
GPSVC(370.4c0) 11:39:06:290 ProcessGPO: ==============================
GPSVC(370.4c0) 11:39:06:290 ProcessGPO: Searching <cn={872FD407-F355-4B98-A0E0-0695F57F9C0B},cn=policies,cn=system,DC=hin,DC=local>
GPSVC(370.4c0) 11:39:06:290 ProcessGPO: Machine has access to this GPO.
GPSVC(370.4c0) 11:39:06:290 ProcessGPO: GPO passes the filter check.
GPSVC(370.4c0) 11:39:06:290 ProcessGPO: Found functionality version of: 2
GPSVC(370.4c0) 11:39:06:290 ProcessGPO: Found file system path of: <\\hin.local\SysVol\hin.local\Policies\{872FD407-F355-4B98-A0E0-0695F57F9C0B}>
GPSVC(370.4c0) 11:39:06:290 ProcessGPO: Found common name of: <{872FD407-F355-4B98-A0E0-0695F57F9C0B}>
GPSVC(370.4c0) 11:39:06:290 ProcessGPO: Found display name of: <WSUS>
GPSVC(370.4c0) 11:39:06:290 ProcessGPO: Found machine version of: GPC is 6, GPT is 6
GPSVC(370.4c0) 11:39:06:290 ProcessGPO: Found flags of: 0
GPSVC(370.4c0) 11:39:06:290 ProcessGPO: No client-side extensions for this object.
GPSVC(370.4c0) 11:39:06:290 ProcessGPO: ==============================
GPSVC(370.4c0) 11:39:06:384 ProcessLocalGPO: GPO Local Group Policy doesn't contain any data since the version number is 0. It will be skipped.
GPSVC(370.4c0) 11:39:06:384 GetGPOInfo: Leaving with 1
GPSVC(370.4c0) 11:39:06:384 GetGPOInfo: ********************************
GPSVC(370.4c0) 11:39:06:384 ReadExtStatus: Reading Previous Status for extension {35378EAC-683F-11D2-A89A-00C04FBBCFA2}
GPSVC(370.4c0) 11:39:06:384 ReadStatus: Read Extension's Previous status successfully.
GPSVC(370.4c0) 11:39:06:384 ReadExtStatus: Reading Previous Status for extension {0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}
GPSVC(370.4c0) 11:39:06:384 ReadExtStatus: Reading Previous Status for extension {0E28E245-9368-4853-AD84-6DA3BA35BB75}
GPSVC(370.4c0) 11:39:06:384 ReadExtStatus: Reading Previous Status for extension {17D89FEC-5C44-4972-B12D-241CAEF74509}
GPSVC(370.4c0) 11:39:06:384 ReadExtStatus: Reading Previous Status for extension {1A6364EB-776B-4120-ADE1-B63A406A76B5}
GPSVC(370.4c0) 11:39:06:384 ReadExtStatus: Reading Previous Status for extension {25537BA6-77A8-11D2-9B6C-0000F8080861}
GPSVC(370.4c0) 11:39:06:384 ReadExtStatus: Reading Previous Status for extension {3610eda5-77ef-11d2-8dc5-00c04fa31a66}
GPSVC(370.4c0) 11:39:06:384 ReadExtStatus: Reading Previous Status for extension {3A0DBA37-F8B2-4356-83DE-3E90BD5C261F}
GPSVC(370.4c0) 11:39:06:384 ReadExtStatus: Reading Previous Status for extension {426031c0-0b47-4852-b0ca-ac3d37bfcb39}
GPSVC(370.4c0) 11:39:06:384 ReadExtStatus: Reading Previous Status for extension {42B5FAAE-6536-11d2-AE5A-0000F87571E3}
GPSVC(370.4c0) 11:39:06:384 ReadExtStatus: Reading Previous Status for extension {4bcd6cde-777b-48b6-9804-43568e23545d}
GPSVC(370.4c0) 11:39:06:384 ReadExtStatus: Reading Previous Status for extension {4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3}
GPSVC(370.4c0) 11:39:06:384 ReadExtStatus: Reading Previous Status for extension {5794DAFD-BE60-433f-88A2-1A31939AC01F}
GPSVC(370.4c0) 11:39:06:384 ReadExtStatus: Reading Previous Status for extension {6232C319-91AC-4931-9385-E70C2B099F0E}
GPSVC(370.4c0) 11:39:06:384 ReadExtStatus: Reading Previous Status for extension {6A4C88C6-C502-4f74-8F60-2CB23EDC24E2}
GPSVC(370.4c0) 11:39:06:384 ReadExtStatus: Reading Previous Status for extension {7150F9BF-48AD-4da4-A49C-29EF4A8369BA}
GPSVC(370.4c0) 11:39:06:384 ReadExtStatus: Reading Previous Status for extension {728EE579-943C-4519-9EF7-AB56765798ED}
GPSVC(370.4c0) 11:39:06:384 ReadExtStatus: Reading Previous Status for extension {74EE6C03-5363-4554-B161-627540339CAB}
GPSVC(370.4c0) 11:39:06:384 ReadExtStatus: Reading Previous Status for extension {7B849a69-220F-451E-B3FE-2CB811AF94AE}
GPSVC(370.4c0) 11:39:06:384 ReadExtStatus: Reading Previous Status for extension {827D319E-6EAC-11D2-A4EA-00C04F79F83A}
GPSVC(370.4c0) 11:39:06:384 ReadStatus: Read Extension's Previous status successfully.
GPSVC(370.4c0) 11:39:06:384 ReadExtStatus: Reading Previous Status for extension {8A28E2C5-8D06-49A4-A08C-632DAA493E17}
GPSVC(370.4c0) 11:39:06:384 ReadExtStatus: Reading Previous Status for extension {91FBB303-0CD5-4055-BF42-E512A681B325}
GPSVC(370.4c0) 11:39:06:400 ReadExtStatus: Reading Previous Status for extension {A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B}
GPSVC(370.4c0) 11:39:06:400 ReadExtStatus: Reading Previous Status for extension {A3F3E39B-5D83-4940-B954-28315B82F0A8}
GPSVC(370.4c0) 11:39:06:400 ReadExtStatus: Reading Previous Status for extension {AADCED64-746C-4633-A97C-D61349046527}
GPSVC(370.4c0) 11:39:06:400 ReadExtStatus: Reading Previous Status for extension {B087BE9D-ED37-454f-AF9C-04291E351182}
GPSVC(370.4c0) 11:39:06:400 ReadExtStatus: Reading Previous Status for extension {B587E2B1-4D59-4e7e-AED9-22B9DF11D053}
GPSVC(370.4c0) 11:39:06:400 ReadExtStatus: Reading Previous Status for extension {BC75B1ED-5833-4858-9BB8-CBF0B166DF9D}
GPSVC(370.4c0) 11:39:06:400 ReadExtStatus: Reading Previous Status for extension {C418DD9D-0D14-4efb-8FBF-CFE535C8FAC7}
GPSVC(370.4c0) 11:39:06:400 ReadExtStatus: Reading Previous Status for extension {c6dc5466-785a-11d2-84d0-00c04fb169f7}
GPSVC(370.4c0) 11:39:06:400 ReadExtStatus: Reading Previous Status for extension {cdeafc3d-948d-49dd-ab12-e578ba4af7aa}
GPSVC(370.4c0) 11:39:06:400 ReadExtStatus: Reading Previous Status for extension {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}
GPSVC(370.4c0) 11:39:06:400 ReadExtStatus: Reading Previous Status for extension {e437bc1c-aa7d-11d2-a382-00c04f991e27}
GPSVC(370.4c0) 11:39:06:400 ReadExtStatus: Reading Previous Status for extension {E47248BA-94CC-49c4-BBB5-9EB7F05183D0}
GPSVC(370.4c0) 11:39:06:400 ReadExtStatus: Reading Previous Status for extension {E4F48E54-F38D-4884-BFB9-D4D2E5729C18}
GPSVC(370.4c0) 11:39:06:400 ReadExtStatus: Reading Previous Status for extension {E5094040-C46C-4115-B030-04FB2E545B00}
GPSVC(370.4c0) 11:39:06:400 ReadExtStatus: Reading Previous Status for extension {E62688F0-25FD-4c90-BFF5-F508B9D2E31F}
GPSVC(370.4c0) 11:39:06:400 ReadExtStatus: Reading Previous Status for extension {f3ccc681-b74c-4060-9f26-cd84525dca2a}
GPSVC(370.4c0) 11:39:06:400 ReadExtStatus: Reading Previous Status for extension {F9C77450-3A41-477E-9310-9ACD617BD9E3}
GPSVC(370.4c0) 11:39:06:400 ReadExtStatus: Reading Previous Status for extension {FB2CA36D-0B40-4307-821B-A13B252DE56C}
GPSVC(370.4c0) 11:39:06:400 ReadExtStatus: Reading Previous Status for extension {fbf687e6-f063-4d9f-9f4f-fd9a26acdd5f}
GPSVC(370.4c0) 11:39:06:400 GetMachineToken: Looping for authentication again.
GPSVC(370.4c0) 11:39:06:400 ProcessGPOs: Logging Data for Target <HIN-DEV-WEB01>.
GPSVC(370.4c0) 11:39:06:400 GPLockPolicySection: Sid = (null), dwTimeout = 30000, dwFlags = 0
GPSVC(370.4c0) 11:39:06:400 LockPolicySection called for user <Machine>
GPSVC(370.4c0) 11:39:06:400 Sync Lock Called
GPSVC(370.4c0) 11:39:06:400 Writer Lock got immediately.
GPSVC(370.4c0) 11:39:06:400 Lock taken successfully
GPSVC(370.4c0) 11:39:06:400 UnLockPolicySection called for user <Machine>
GPSVC(370.4c0) 11:39:06:400 UnLocked successfully
GPSVC(370.4c0) 11:39:06:400 ProcessGPOs: OpenThreadToken failed with error 1008, assuming thread is not impersonating
GPSVC(370.4c0) 11:39:06:400 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:400 ProcessGPOs: Processing extension Registry
GPSVC(370.4c0) 11:39:06:400 ReadStatus: Read Extension's Previous status successfully.
GPSVC(370.4c0) 11:39:06:400 CompareGPOLists: The lists are the same.
GPSVC(370.4c0) 11:39:06:400 CheckGPOs: No GPO changes and no security group membership change and extension Registry has NoGPOChanges set.
GPSVC(370.4c0) 11:39:06:415 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:415 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:415 ProcessGPOs: Processing extension Wireless Group Policy
GPSVC(370.4c0) 11:39:06:415 CompareGPOLists: The lists are the same.
GPSVC(370.4c0) 11:39:06:415 CheckGPOs: No GPO changes but couldn't read extension Wireless Group Policy's status or policy time.
GPSVC(370.4c0) 11:39:06:415 ProcessGPOs: Extension Wireless Group Policy skipped because both deleted and changed GPO lists are empty.
GPSVC(370.4c0) 11:39:06:415 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:415 ProcessGPOs: Processing extension Group Policy Environment
GPSVC(370.4c0) 11:39:06:415 CompareGPOLists: The lists are the same.
GPSVC(370.4c0) 11:39:06:415 CheckGPOs: No GPO changes but couldn't read extension Group Policy Environment's status or policy time.
GPSVC(370.4c0) 11:39:06:415 ProcessGPOs: Extension Group Policy Environment skipped because both deleted and changed GPO lists are empty.
GPSVC(370.4c0) 11:39:06:415 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:415 ProcessGPOs: Processing extension Group Policy Local Users and Groups
GPSVC(370.4c0) 11:39:06:415 CompareGPOLists: The lists are the same.
GPSVC(370.4c0) 11:39:06:415 CheckGPOs: No GPO changes but couldn't read extension Group Policy Local Users and Groups's status or policy time.
GPSVC(370.4c0) 11:39:06:415 ProcessGPOs: Extension Group Policy Local Users and Groups skipped because both deleted and changed GPO lists are empty.
GPSVC(370.4c0) 11:39:06:415 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:415 ProcessGPOs: Processing extension Group Policy Device Settings
GPSVC(370.4c0) 11:39:06:415 CompareGPOLists: The lists are the same.
GPSVC(370.4c0) 11:39:06:431 CheckGPOs: No GPO changes but couldn't read extension Group Policy Device Settings's status or policy time.
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: Extension Group Policy Device Settings skipped because both deleted and changed GPO lists are empty.
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: Processing extension Folder Redirection
GPSVC(370.4c0) 11:39:06:431 CompareGPOLists: The lists are the same.
GPSVC(370.4c0) 11:39:06:431 CheckGPOs: No GPO changes but couldn't read extension Folder Redirection's status or policy time.
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: Extension Folder Redirection skipped with flags 0x7.
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: Processing extension Microsoft Disk Quota
GPSVC(370.4c0) 11:39:06:431 CompareGPOLists: The lists are the same.
GPSVC(370.4c0) 11:39:06:431 CheckGPOs: No GPO changes but couldn't read extension Microsoft Disk Quota's status or policy time.
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: Extension Microsoft Disk Quota skipped because both deleted and changed GPO lists are empty.
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: Processing extension Group Policy Network Options
GPSVC(370.4c0) 11:39:06:431 CompareGPOLists: The lists are the same.
GPSVC(370.4c0) 11:39:06:431 CheckGPOs: No GPO changes but couldn't read extension Group Policy Network Options's status or policy time.
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: Extension Group Policy Network Options skipped because both deleted and changed GPO lists are empty.
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: Processing extension QoS Packet Scheduler
GPSVC(370.4c0) 11:39:06:431 CompareGPOLists: The lists are the same.
GPSVC(370.4c0) 11:39:06:431 CheckGPOs: No GPO changes but couldn't read extension QoS Packet Scheduler's status or policy time.
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: Extension QoS Packet Scheduler skipped because both deleted and changed GPO lists are empty.
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: Processing extension Scripts
GPSVC(370.4c0) 11:39:06:431 CompareGPOLists: The lists are the same.
GPSVC(370.4c0) 11:39:06:431 CheckGPOs: No GPO changes but couldn't read extension Scripts's status or policy time.
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: Extension Scripts skipped because both deleted and changed GPO lists are empty.
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: Processing extension Remote Desktop USB Redirection
GPSVC(370.4c0) 11:39:06:431 CompareGPOLists: The lists are the same.
GPSVC(370.4c0) 11:39:06:431 CheckGPOs: No GPO changes but couldn't read extension Remote Desktop USB Redirection's status or policy time.
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: Extension Remote Desktop USB Redirection skipped because both deleted and changed GPO lists are empty.
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: Processing extension Internet Explorer Zonemapping
GPSVC(370.4c0) 11:39:06:431 CompareGPOLists: The lists are the same.
GPSVC(370.4c0) 11:39:06:431 CheckGPOs: No GPO changes but couldn't read extension Internet Explorer Zonemapping's status or policy time.
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: Extension Internet Explorer Zonemapping skipped because both deleted and changed GPO lists are empty.
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: Processing extension Group Policy Drive Maps
GPSVC(370.4c0) 11:39:06:431 CompareGPOLists: The lists are the same.
GPSVC(370.4c0) 11:39:06:431 CheckGPOs: No GPO changes but couldn't read extension Group Policy Drive Maps's status or policy time.
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: Extension Group Policy Drive Maps skipped with flags 0x7.
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: Processing extension Group Policy Folders
GPSVC(370.4c0) 11:39:06:431 CompareGPOLists: The lists are the same.
GPSVC(370.4c0) 11:39:06:431 CheckGPOs: No GPO changes but couldn't read extension Group Policy Folders's status or policy time.
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: Extension Group Policy Folders skipped because both deleted and changed GPO lists are empty.
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: Processing extension Group Policy Network Shares
GPSVC(370.4c0) 11:39:06:431 CompareGPOLists: The lists are the same.
GPSVC(370.4c0) 11:39:06:431 CheckGPOs: No GPO changes but couldn't read extension Group Policy Network Shares's status or policy time.
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: Extension Group Policy Network Shares skipped because both deleted and changed GPO lists are empty.
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: Processing extension Group Policy Files
GPSVC(370.4c0) 11:39:06:431 CompareGPOLists: The lists are the same.
GPSVC(370.4c0) 11:39:06:431 CheckGPOs: No GPO changes but couldn't read extension Group Policy Files's status or policy time.
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: Extension Group Policy Files skipped because both deleted and changed GPO lists are empty.
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: Processing extension Group Policy Data Sources
GPSVC(370.4c0) 11:39:06:431 CompareGPOLists: The lists are the same.
GPSVC(370.4c0) 11:39:06:431 CheckGPOs: No GPO changes but couldn't read extension Group Policy Data Sources's status or policy time.
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: Extension Group Policy Data Sources skipped because both deleted and changed GPO lists are empty.
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: Processing extension Group Policy Ini Files
GPSVC(370.4c0) 11:39:06:431 CompareGPOLists: The lists are the same.
GPSVC(370.4c0) 11:39:06:431 CheckGPOs: No GPO changes but couldn't read extension Group Policy Ini Files's status or policy time.
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: Extension Group Policy Ini Files skipped because both deleted and changed GPO lists are empty.
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: Processing extension Internet Explorer User Accelerators
GPSVC(370.4c0) 11:39:06:431 CompareGPOLists: The lists are the same.
GPSVC(370.4c0) 11:39:06:431 CheckGPOs: No GPO changes but couldn't read extension Internet Explorer User Accelerators's status or policy time.
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: Extension Internet Explorer User Accelerators skipped because both deleted and changed GPO lists are empty.
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:431 ProcessGPOs: Processing extension Security
GPSVC(370.4c0) 11:39:06:431 ReadStatus: Read Extension's Previous status successfully.
GPSVC(370.4c0) 11:39:06:431 CompareGPOLists: The lists are the same.
GPSVC(370.4c0) 11:39:06:431 CheckGPOs: No GPO changes and no security group membership change and extension Security has NoGPOChanges set.
GPSVC(370.4c0) 11:39:06:446 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:446 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:446 ProcessGPOs: Processing extension Deployed Printer Connections
GPSVC(370.4c0) 11:39:06:446 CompareGPOLists: The lists are the same.
GPSVC(370.4c0) 11:39:06:446 CheckGPOs: No GPO changes but couldn't read extension Deployed Printer Connections's status or policy time.
GPSVC(370.4c0) 11:39:06:446 ProcessGPOs: Extension Deployed Printer Connections skipped because both deleted and changed GPO lists are empty.
GPSVC(370.4c0) 11:39:06:446 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:446 ProcessGPOs: Processing extension Group Policy Services
GPSVC(370.4c0) 11:39:06:446 CompareGPOLists: The lists are the same.
GPSVC(370.4c0) 11:39:06:446 CheckGPOs: No GPO changes but couldn't read extension Group Policy Services's status or policy time.
GPSVC(370.4c0) 11:39:06:446 ProcessGPOs: Extension Group Policy Services skipped because both deleted and changed GPO lists are empty.
GPSVC(370.4c0) 11:39:06:446 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:446 ProcessGPOs: Processing extension Internet Explorer Branding
GPSVC(370.4c0) 11:39:06:446 CompareGPOLists: The lists are the same.
GPSVC(370.4c0) 11:39:06:446 CheckGPOs: No GPO changes but couldn't read extension Internet Explorer Branding's status or policy time.
GPSVC(370.4c0) 11:39:06:446 ProcessGPOs: Extension Internet Explorer Branding skipped with flags 0x7.
GPSVC(370.4c0) 11:39:06:446 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:446 ProcessGPOs: Processing extension Group Policy Folder Options
GPSVC(370.4c0) 11:39:06:446 CompareGPOLists: The lists are the same.
GPSVC(370.4c0) 11:39:06:446 CheckGPOs: No GPO changes but couldn't read extension Group Policy Folder Options's status or policy time.
GPSVC(370.4c0) 11:39:06:446 ProcessGPOs: Extension Group Policy Folder Options skipped because both deleted and changed GPO lists are empty.
GPSVC(370.4c0) 11:39:06:446 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:446 ProcessGPOs: Processing extension Group Policy Scheduled Tasks
GPSVC(370.4c0) 11:39:06:446 CompareGPOLists: The lists are the same.
GPSVC(370.4c0) 11:39:06:446 CheckGPOs: No GPO changes but couldn't read extension Group Policy Scheduled Tasks's status or policy time.
GPSVC(370.4c0) 11:39:06:446 ProcessGPOs: Extension Group Policy Scheduled Tasks skipped because both deleted and changed GPO lists are empty.
GPSVC(370.4c0) 11:39:06:446 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:446 ProcessGPOs: Processing extension Group Policy Registry
GPSVC(370.4c0) 11:39:06:446 CompareGPOLists: The lists are the same.
GPSVC(370.4c0) 11:39:06:446 CheckGPOs: No GPO changes but couldn't read extension Group Policy Registry's status or policy time.
GPSVC(370.4c0) 11:39:06:446 ProcessGPOs: Extension Group Policy Registry skipped because both deleted and changed GPO lists are empty.
GPSVC(370.4c0) 11:39:06:446 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:446 ProcessGPOs: Processing extension 802.3 Group Policy
GPSVC(370.4c0) 11:39:06:446 CompareGPOLists: The lists are the same.
GPSVC(370.4c0) 11:39:06:446 CheckGPOs: No GPO changes but couldn't read extension 802.3 Group Policy's status or policy time.
GPSVC(370.4c0) 11:39:06:446 ProcessGPOs: Extension 802.3 Group Policy skipped because both deleted and changed GPO lists are empty.
GPSVC(370.4c0) 11:39:06:446 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:446 ProcessGPOs: Processing extension Group Policy Printers
GPSVC(370.4c0) 11:39:06:446 CompareGPOLists: The lists are the same.
GPSVC(370.4c0) 11:39:06:446 CheckGPOs: No GPO changes but couldn't read extension Group Policy Printers's status or policy time.
GPSVC(370.4c0) 11:39:06:446 ProcessGPOs: Extension Group Policy Printers skipped because both deleted and changed GPO lists are empty.
GPSVC(370.4c0) 11:39:06:446 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:446 ProcessGPOs: Processing extension Group Policy Shortcuts
GPSVC(370.4c0) 11:39:06:446 CompareGPOLists: The lists are the same.
GPSVC(370.4c0) 11:39:06:446 CheckGPOs: No GPO changes but couldn't read extension Group Policy Shortcuts's status or policy time.
GPSVC(370.4c0) 11:39:06:446 ProcessGPOs: Extension Group Policy Shortcuts skipped because both deleted and changed GPO lists are empty.
GPSVC(370.4c0) 11:39:06:446 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:446 ProcessGPOs: Processing extension Software Installation
GPSVC(370.4c0) 11:39:06:446 CompareGPOLists: The lists are the same.
GPSVC(370.4c0) 11:39:06:446 CheckGPOs: No GPO changes but couldn't read extension Software Installation's status or policy time.
GPSVC(370.4c0) 11:39:06:446 ProcessGPOs: Extension Software Installation skipped because both deleted and changed GPO lists are empty.
GPSVC(370.4c0) 11:39:06:446 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:446 ProcessGPOs: Processing extension TCPIP
GPSVC(370.4c0) 11:39:06:446 CompareGPOLists: The lists are the same.
GPSVC(370.4c0) 11:39:06:462 CheckGPOs: No GPO changes but couldn't read extension TCPIP's status or policy time.
GPSVC(370.4c0) 11:39:06:462 ProcessGPOs: Extension TCPIP skipped because both deleted and changed GPO lists are empty.
GPSVC(370.4c0) 11:39:06:462 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:462 ProcessGPOs: Processing extension Internet Explorer Machine Accelerators
GPSVC(370.4c0) 11:39:06:462 CompareGPOLists: The lists are the same.
GPSVC(370.4c0) 11:39:06:462 CheckGPOs: No GPO changes but couldn't read extension Internet Explorer Machine Accelerators's status or policy time.
GPSVC(370.4c0) 11:39:06:462 ProcessGPOs: Extension Internet Explorer Machine Accelerators skipped because both deleted and changed GPO lists are empty.
GPSVC(370.4c0) 11:39:06:462 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:462 ProcessGPOs: Processing extension IP Security
GPSVC(370.4c0) 11:39:06:462 CompareGPOLists: The lists are the same.
GPSVC(370.4c0) 11:39:06:462 CheckGPOs: No GPO changes but couldn't read extension IP Security's status or policy time.
GPSVC(370.4c0) 11:39:06:462 ProcessGPOs: Extension IP Security skipped because both deleted and changed GPO lists are empty.
GPSVC(370.4c0) 11:39:06:462 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:462 ProcessGPOs: Processing extension Group Policy Internet Settings
GPSVC(370.4c0) 11:39:06:462 CompareGPOLists: The lists are the same.
GPSVC(370.4c0) 11:39:06:462 CheckGPOs: No GPO changes but couldn't read extension Group Policy Internet Settings's status or policy time.
GPSVC(370.4c0) 11:39:06:462 ProcessGPOs: Extension Group Policy Internet Settings skipped with flags 0x7.
GPSVC(370.4c0) 11:39:06:462 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:462 ProcessGPOs: Processing extension Group Policy Start Menu Settings
GPSVC(370.4c0) 11:39:06:462 CompareGPOLists: The lists are the same.
GPSVC(370.4c0) 11:39:06:462 CheckGPOs: No GPO changes but couldn't read extension Group Policy Start Menu Settings's status or policy time.
GPSVC(370.4c0) 11:39:06:462 ProcessGPOs: Extension Group Policy Start Menu Settings skipped because both deleted and changed GPO lists are empty.
GPSVC(370.4c0) 11:39:06:462 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:462 ProcessGPOs: Processing extension Group Policy Regional Options
GPSVC(370.4c0) 11:39:06:462 CompareGPOLists: The lists are the same.
GPSVC(370.4c0) 11:39:06:462 CheckGPOs: No GPO changes but couldn't read extension Group Policy Regional Options's status or policy time.
GPSVC(370.4c0) 11:39:06:462 ProcessGPOs: Extension Group Policy Regional Options skipped because both deleted and changed GPO lists are empty.
GPSVC(370.4c0) 11:39:06:462 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:462 ProcessGPOs: Processing extension Group Policy Power Options
GPSVC(370.4c0) 11:39:06:462 CompareGPOLists: The lists are the same.
GPSVC(370.4c0) 11:39:06:462 CheckGPOs: No GPO changes but couldn't read extension Group Policy Power Options's status or policy time.
GPSVC(370.4c0) 11:39:06:462 ProcessGPOs: Extension Group Policy Power Options skipped because both deleted and changed GPO lists are empty.
GPSVC(370.4c0) 11:39:06:462 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:462 ProcessGPOs: Processing extension Audit Policy Configuration
GPSVC(370.4c0) 11:39:06:462 CompareGPOLists: The lists are the same.
GPSVC(370.4c0) 11:39:06:462 CheckGPOs: No GPO changes but couldn't read extension Audit Policy Configuration's status or policy time.
GPSVC(370.4c0) 11:39:06:462 ProcessGPOs: Extension Audit Policy Configuration skipped because both deleted and changed GPO lists are empty.
GPSVC(370.4c0) 11:39:06:462 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:462 ProcessGPOs: Processing extension Group Policy Applications
GPSVC(370.4c0) 11:39:06:462 CompareGPOLists: The lists are the same.
GPSVC(370.4c0) 11:39:06:462 CheckGPOs: No GPO changes but couldn't read extension Group Policy Applications's status or policy time.
GPSVC(370.4c0) 11:39:06:462 ProcessGPOs: Extension Group Policy Applications skipped with flags 0x7.
GPSVC(370.4c0) 11:39:06:462 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:462 ProcessGPOs: Processing extension Enterprise QoS
GPSVC(370.4c0) 11:39:06:462 CompareGPOLists: The lists are the same.
GPSVC(370.4c0) 11:39:06:462 CheckGPOs: No GPO changes but couldn't read extension Enterprise QoS's status or policy time.
GPSVC(370.4c0) 11:39:06:462 ProcessGPOs: Extension Enterprise QoS skipped because both deleted and changed GPO lists are empty.
GPSVC(370.4c0) 11:39:06:462 ProcessGPOs: -----------------------
GPSVC(370.4c0) 11:39:06:462 ProcessGPOs: Processing extension CP
GPSVC(370.4c0) 11:39:06:462 CompareGPOLists: The lists are the same.
GPSVC(370.4c0) 11:39:06:462 CheckGPOs: No GPO changes but couldn't read extension CP's status or policy time.
GPSVC(370.4c0) 11:39:06:462 ProcessGPOs: Extension CP skipped because both deleted and changed GPO lists are empty.
GPSVC(370.4c0) 11:39:06:462 gpGetFgPolicyRefreshInfo: Mode: 1, Reason: 7
GPSVC(370.4c0) 11:39:06:462 SetFgRefreshInfo: Previous Machine Fg policy Synchronous, Reason: SKU.
GPSVC(370.4c0) 11:39:06:462 SetFgRefreshInfo: Next Machine Fg policy Synchronous, Reason: SKU.
GPSVC(370.4c0) 11:39:06:462 ProcessGPOs: No WMI logging done in this policy cycle.
GPSVC(370.4c0) 11:39:06:462 ProcessGPOs: Boot/Logon Policy processing - checking if UBPM trigger events need to be fired
GPSVC(370.4c0) 11:39:06:462 CheckAndFireGPTriggerEvent: Fired Policy present UBPM trigger event for Machine.
GPSVC(370.4c0) 11:39:06:462 Application complete with bConnectivityFailure = 0.
GPSVC(370.4c0) 11:39:06:462 Application complete with bConnectivityFailure = 0.
GPSVC(370.68c) 11:39:26:908 CGPNotify::RegisterForNotification: Entering with target Machine and event 0xc10
GPSVC(370.68c) 11:39:26:908 Client_InitialRegisterForNotification: User = machine, changenumber = 0
GPSVC(370.1a8) 11:39:26:908 Target = Machine
GPSVC(370.68c) 11:39:26:908 Client_RegisterForNotification: User = machine, changenumber = 0
GPSVC(370.68c) 11:39:26:908 CGPNotify::RegisterForNotification: Exiting with status = 0
GPSVC(3d8.88c) 11:39:31:417 CGPNotify::RegisterForNotification: Entering with target Machine and event 0x178
GPSVC(3d8.88c) 11:39:31:417 Client_InitialRegisterForNotification: User = machine, changenumber = 0
GPSVC(370.3c4) 11:39:31:417 Target = Machine
GPSVC(3d8.88c) 11:39:31:417 Client_RegisterForNotification: User = machine, changenumber = 0
GPSVC(3d8.88c) 11:39:31:417 CGPNotify::RegisterForNotification: Exiting with status = 0
GPSVC(370.3c4) 11:39:31:432 Target = Machine
GPSVC(370.3c4) 11:39:31:432 Target = Machine, ChangeNumber 0
GPSVC(370.4b4) 11:39:31:573 Target = Machine
GPSVC(370.4b4) 11:39:31:573 Target = Machine, ChangeNumber 0
GPSVC(370.61c) 11:39:31:573 Sid = (null), dwTimeout = 600000, dwFlags = 268435456
GPSVC(370.61c) 11:39:31:573 LockPolicySection called for user <Machine>
GPSVC(370.61c) 11:39:31:588 Async Lock called
GPSVC(370.61c) 11:39:31:588 Reader Lock got immediately. m_cReadersInLock : 1
GPSVC(370.61c) 11:39:31:588 Sid = (null)
GPSVC(370.61c) 11:39:31:588 UnLockPolicySection called for user <Machine>
GPSVC(370.61c) 11:39:31:588 Found the caller in the ReaderHavingLock List. Removing it...
GPSVC(370.61c) 11:39:31:588 Setting lock state as notLocked
GPSVC(370.61c) 11:39:31:588 UnLocked successfully
GPSVC(370.980) 11:39:32:275 CGPNotify::RegisterForNotification: Entering with target Machine and event 0xd00
GPSVC(370.980) 11:39:38:468 Client_InitialRegisterForNotification: User = machine, changenumber = 0
GPSVC(370.760) 11:39:38:468 Target = Machine
GPSVC(370.980) 11:39:38:483 Client_RegisterForNotification: User = machine, changenumber = 0
GPSVC(370.980) 11:39:38:483 CGPNotify::RegisterForNotification: Exiting with status = 0
GPSVC(370.760) 11:39:38:483 Target = Machine, ChangeNumber 0
GPSVC(238.b74) 11:41:16:858 CGPNotify::RegisterForNotification: Entering with target Machine and event 0xaa8
GPSVC(238.b74) 11:41:16:858 Client_InitialRegisterForNotification: User = machine, changenumber = 0
GPSVC(370.380) 11:41:16:858 Target = Machine
GPSVC(238.b74) 11:41:16:858 Client_RegisterForNotification: User = machine, changenumber = 0
GPSVC(238.b74) 11:41:16:858 CGPNotify::RegisterForNotification: Exiting with status = 0
GPSVC(370.380) 11:41:17:107 Target = Machine
GPSVC(370.760) 11:41:17:107 Target = Machine, ChangeNumber 0 -
Unable to install SQL server 2008 r2 standard edition on windows server 2008 r2 sp1
I am unable to install sql server 2008 r2 standard edition on windows server 2008 r2 sp1.
On the Setup Support Files page, choose Install this step I don't get any other window i.e. nothing happens I waited for 5-10 min. Then I checked the log file.
Final result: Failed: see details below
Exit code (Decimal): -2068053929
Exit facility code: 1212
Exit error code: 87
Exit message: Failed: see details below
Start time: 2014-03-18 14:59:31
End time: 2014-03-18 15:00:25
=== Verbose logging started: 3/19/2014 9:45:47 Build type: SHIP UNICODE 5.00.7601.00 Calling process: E:\SQL Server 2008 R2 Standard\x64\setup100.exe ===
MSI (c) (10:34) [09:45:47:496]: Note: 1: 2203 2: E:\SQL Server 2008 R2 Standard\x64\redist\watson\dw20sharedamd64.msi 3: -2147287038
MSI (c) (10:34) [09:45:47:496]: MsiOpenPackageEx is returning 2.
=== Verbose logging stopped: 3/19/2014 9:45:47 ===
Please help As i am running out of time as i have to upgrade TFS for that first step is to install SQL server.Hello,
The following are a few things you can try:
Copy the media to the local disk drive, unzip it (in case you are installing from an ISO file, and run SQL Server setup from there.
Try to unregister and register the Windows Installer with the following two commands:
msiexec /unregister
msiexec /regserver
Try to use Process Monitor to log the detailed error produced when the installation of dw20sharedamd64.msi fails. You can download Process Monitor from the following link:
http://technet.microsoft.com/en-us/sysinternals/bb896645
Share with us the error captured by Process Monitor.
Hope this helps.
Regards,
Alberto Morillo
SQLCoffee.com -
Opening Excel Workbook Fails when run from Scheduled Task on Windows Server 2008 Rw
Hi,
I have a little vbs script that instantiates the Excel.Application object and then opens a work book to perform some tasks on it. The script runs fine when run from the command line. When I attempt to run it as a scheduled task (it is supposed to update
data that is pulled from a SQL Server at regular intervals), it fails with the following error:
Microsoft Office Excel cannot access the file 'c:\test\SampleWorkbook.xlsm'. There are several possible reasons: .....
The file does exist. The path reported in the error is correct. The account under which the task is running is the same account I use to run it from the command line. User Account Control is not enabled, and the task is set up to run with highest privileges.
When I run the same script through the Task Scheduler from a Windows Server 2003 machine, it works without issue.
I was just wondering if somebody on this forum has run into a similar issue in connection with Windows Server 2008 R2 and figured out what the magic trick is to make it work. I'm sure it is rights related, but I haven't quite figured out what which rights
are missing.
Thanks in advance for any advice you may have.This is truly killing me ... trying to get it working on Windows Server 2012 without success.
I desperately need to automate running Excel macros in a "headless" environment, that is non-interactive, non-GUI, etc.
I can get it to work using Excel.Application COM, either via VBScript or Powershell, successfully on many other Windows systems in our environment - Windows Server 2008 R2, Windows 7 (32-bit), etc., -BUT-
The two servers we built out for running our automation process are Windows Server 2012 (SE) - and it just refuses to run on the 2012 servers - it gives the messages below from VBScript and PowerShell, respectively-
I have tried uninstalling and re-installing several different versions of Microsoft Excel (2007 Standard, 2010 Standard, 2010 Professional Plus, 32-bit vs. 64-bit, etc.), but it makes no difference.
Would be extremely grateful if any one out there has had any success in running Excel automation on Server 2012 in a non-interactive environment that they could share.
( I have tried adding the "%windir%\syswow64\config\systemprofile\desktop"
folder, which did fix the issue for me when testing on Windows Server 2008 R2, but sadly did not resolve it on Windows Server 2012 )
[VBScript error msg]
Z:\TestExcelMacro.vbs(35, 1) Microsoft Office Excel: Microsoft Office Excel cannot
access the file 'Z:\TestExcelMacro.xlsm'. There are several possible reasons:
• The file name or path does not exist.
• The file is being used by another program.
• The workbook you are trying to save has the same name as a currently open work
[Powershell error msg]
Exception calling "Add" with "0" argument(s): "Microsoft Office Excel cannot open or save any more documents because th
ere is not enough available memory or disk space.
To make more memory available, close workbooks or programs you no longer need.
To free disk space, delete files you no longer need from the disk you are saving to."
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : ComMethodTargetInvocation
You cannot call a method on a null-valued expression.
+ CategoryInfo : InvalidOperation: (:) [], RuntimeException
+ FullyQualifiedErrorId : InvokeMethodOnNull -
Satellite A505-S6004 - Unknown device on Windows Server 2008 R2 64bit
I was try to install Windows Server 2008 R2 64 bit on a A505-S6004 (originally Windows 7 Home Premium) on a new disk. Having downloaded and installed numerous Toshiba website drivers for Windows 7 and installing, I have two things left in device manager that I don't know what to get for them.
The info is under Other devices-Base System Device-PCI Bus 3, Device 0, Function1 and ..., Function2.
Any ideas what this may be?It turns out I missed a driver, Ricoh Card Reader for Windows 7:
http://www.csd.toshiba.com/cgi-bin/tais/support/jsp/modelContent.jsp?ct=DL&os=&category=&moid=2515201& rpn=PSAT6U&modelFilter=A505-S6004&selCategory=3&selFamily=1073768663#
Maybe you are looking for
-
JClient for ADF "Delete" not working : JBO-26080
I created a sample JClient form. It connects to a MS Access DB, and I can scroll thru the data using the navigation bar.I can also insert data. I am failing to delete data : "(oracle.jbo.DMLException) JBO-26080: Error while selecting entity for Combi
-
I might be able to get my ipod back if I can tell the cops the serial number of the ipod that was stolen from my car. Is there any way I can get that? I have the original packaging from 2007 as well.
-
Calling an rss script with rs.exe fails to result in a report pdf from VB6 w/ ShellEx.
Sql 2008 R2 Calling an rss script with rs.exe fails to result in a report pdf from VB6 w/ ShellEx. If I call rs.exe with the various parameters from the command prompt I have success(other than rs.exe using the temp folder, which is a different iss
-
When i open a picture it opens at preview but "all my files" opens everything else with it , same happens with MS word when i open document every word document opens with it
-
How to export a pdf of a mac book
Hi there, I have made a book in iPhoto and I want to export it to another machine so that I can show it to friends. I'm assuming that a pdf will be the best format but can anyone tell me how to export the layout?