Re: Password Expiration

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

---

• From: "Robert Zahm" <robzahm@xxxxxxxxxxx>
• Date: Thu, 15 Dec 2005 12:38:59 -0600

---

Charles,

If these errors don't represent any security holes, I think I will choose to
ignore them unless I find some other negative side effect in the future.

Thanks,

Rob

""Charles Yang [MSFT]"" <v-chayan@xxxxxxxxxxxxxxxxxxxx> wrote in message
news:azApvLg%23FHA.1240@xxxxxxxxxxxxxxxxxxxxxxxx
> HI Rob,
>
> Thanks for posting information.
>
> As I know, if only 1030 logon the computer, it should be the cache
> credential issue, it did not occur on the SBS server, it will also occur
> on
> the client computer, if you use cache credential issue, although it will
> have no bad impact on the system you can safely ignore it, if you want
> clear it, you can just refer to my suggestion in my reply, here I would
> like to post it again.
>
> I. You can configure this security setting by opening the appropriate
> policy and expanding the console tree as such: Computer
> Configuration\Windows Settings\Security Settings\Local Policies\Security
> Options Network access:
>
> Do not allow storage of credentials or .NET Passports for network
> authentication
>
> II. Following Registry value removes the "Remember My Password" option
> from
> all prompts for authentication:
>
> HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa
> Value Name: disabledomaincreds
> Value Type: REG_DWORD
> Values: 0 = allow domain credentials to be stored
> 1 = do not store domain credentials
> Set the disabledomaincreds value to "0" to restore the "Remember My
> Password" checkbox on the prompt for authentication.
>
> III. Set Kerberos to use TCP
>
> 244474 How to force Kerberos to use TCP instead of UDP in Windows Server
> 2003,
> http://support.microsoft.com/?id=244474
>
>
> The steps #1 and #2 I introduced in my last reply are all used to delete
> the store credential. The step #1 could be applied to group policy that
> cover the SBS server such as domain controller policy and you will find
> the
> policy below
>
> Computer Configuration\Windows Settings\Security Settings\Local
> Policies\Security Options\Network access: Do not allow storage of
> credentials or .NET Passports for network authentication
>
> The step #2 is used registry key way. The "0" is the default value. When
> you set this key to 1, to purge the original credential to clear the store
> and restart the machine.
>
> If you do not want the above steps, you could use the following way to
> delete the cached credential directly.
>
> 1. On the SBS server open control panel
>
> 2. Open 'Stored User Names and Passwords'
>
> 3. Remove all entries in the list, as the problem could be caused by the
> incorrect credential cached here.
>
>
> If the problem could not be resolved, we may need to set the Kerberos to
> TCP only, because of the following reasons.
>
> The Windows Kerberos authentication package is the default authentication
> package in Microsoft Windows Server 2003. By default, the maximum size of
> datagram packets for which Windows Server 2003 uses UDP is 1,465 bytes.
> Depending on a variety of factors including security identifier (SID)
> history and group membership, some accounts will have larger Kerberos
> authentication packet sizes. Depending on hardware of your SBS network,
> these larger packets may have to be fragmented when going through. The
> problem is caused by fragmentation of these large UDP Kerberos packets.
> Because UDP is a connectionless protocol, fragmented UDP packets will be
> dropped if they arrive at the destination out of order.
>
> Then, this issue could be occur that you logon to the SBS server remotely,
> and the UDP package is dropped at this situation. So, we could set the
> Kerberos to use TCP only, as Kerberos is designed to work under both UDP
> and TCP.
>
> For the error 1054, it might be caused by the NIC issue, although you
> might
> have updates your NIC driver or slow down the NIC speed to 100Mbps, the
> issue might also exist some time. It should be the NIC driver incompatible
> issue, we have encountered some similar issue which is resolved by
> completely reinstall the NIC driver on the SBS 2003 server. (Delete all
> the
> entries on the registry then install the latest NIC driver, the issue
> disappeared).
>
> I appreciate your understanding on this issue; please feel free to post
> back the results.
>
>
>
> Best regards,
>
> Charles Yang (MSFT)
>
> Microsoft CSS Online Newsgroup Support
>
> Get Secure! - www.microsoft.com/security
>
> ======================================================
> This newsgroup only focuses on SBS technical issues. If you have issues
> regarding other Microsoft products, you'd better post in the corresponding
> newsgroups so that they can be resolved in an efficient and timely manner.
> You can locate the newsgroup here:
> http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
>
> When opening a new thread via the web interface, we recommend you check
> the
> "Notify me of replies" box to receive e-mail notifications when there are
> any updates in your thread. When responding to posts via your newsreader,
> please "Reply to Group" so that others may learn and benefit from your
> issue.
>
> Microsoft engineers can only focus on one issue per thread. Although we
> provide other information for your reference, we recommend you post
> different incidents in different threads to keep the thread clean. In
> doing
> so, it will ensure your issues are resolved in a timely manner.
>
> For urgent issues, you may want to contact Microsoft CSS directly. Please
> check http://support.microsoft.com for regional support phone numbers.
>
> Any input or comments in this thread are highly appreciated.
> ======================================================
> This posting is provided "AS IS" with no warranties, and confers no
> rights.
>
>
> =====================================================
> When responding to posts, please "Reply to Group" via your newsreader so
> that others may learn and benefit from your issue.
> =====================================================
>
> This posting is provided "AS IS" with no warranties, and confers no
> rights.
>
> --------------------
> | From: "Robert Zahm" <robzahm@xxxxxxxxxxx>
> | References: <OcG325k2FHA.3420@xxxxxxxxxxxxxxxxxxxx>
> <Pt3yzDq2FHA.2904@xxxxxxxxxxxxxxxxxxxxx>
> <OyWz89z2FHA.3788@xxxxxxxxxxxxxxxxxxxx>
> <LKEsVO22FHA.1144@xxxxxxxxxxxxxxxxxxxxx>
> <j$wHGld3FHA.3220@xxxxxxxxxxxxxxxxxxxxx>
> <#jaX6hk3FHA.632@xxxxxxxxxxxxxxxxxxxx>
> <O$Tmuao3FHA.1144@xxxxxxxxxxxxxxxxxxxxx>
> <#nrmoWW5FHA.268@xxxxxxxxxxxxxxxxxxxx>
> <rh$cxiZ5FHA.3076@xxxxxxxxxxxxxxxxxxxxx>
> <eul4CZk5FHA.1148@xxxxxxxxxxxxxxxxxxxx>
> <$qnz25l5FHA.832@xxxxxxxxxxxxxxxxxxxxx>
> <OfP3Axs5FHA.2816@xxxxxxxxxxxxxxxxxxxx>
> <geZlgZL6FHA.1240@xxxxxxxxxxxxxxxxxxxxx>
> <u91ssMS6FHA.2552@xxxxxxxxxxxxxxxxxxxx>
> <bWKo7FY6FHA.3892@xxxxxxxxxxxxxxxxxxxxx>
> | Subject: Re: Password Expiration
> | Date: Mon, 5 Dec 2005 10:51:51 -0600
> | Lines: 2097
> | X-Priority: 3
> | X-MSMail-Priority: Normal
> | X-Newsreader: Microsoft Outlook Express 6.00.2900.2670
> | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2670
> | X-RFC2646: Format=Flowed; Original
> | Message-ID: <#ECGywb#FHA.476@xxxxxxxxxxxxxxxxxxxx>
> | Newsgroups: microsoft.public.windows.server.sbs
> | NNTP-Posting-Host: 64-45-168-10.static.cypresscom.net 64.45.168.10
> | Path: TK2MSFTNGXA02.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP15.phx.gbl
> | Xref: TK2MSFTNGXA02.phx.gbl microsoft.public.windows.server.sbs:227818
> | X-Tomcat-NG: microsoft.public.windows.server.sbs
> |
> | Charles,
> |
> | 1. The 1006 and 1030 errors occur on the SBS2003 machine, however I have
> | also noticed the 1030's being logged on some client machines as well.
> |
> | 2. I have found a 1054 error on one client machine from a few months ago
> |
> | 3. I see these errors logged every few days on the SBS server.
> |
> | Thanks,
> |
> | Rob
> |
> |
> | ""Charles Yang [MSFT]"" <v-chayan@xxxxxxxxxxxxxxxxxxxx> wrote in message
> | news:bWKo7FY6FHA.3892@xxxxxxxxxxxxxxxxxxxxxxxx
> | > HI Robert,
> | >
> | > Thanks for updates.
> | >
> | > In order to make the issue more clearly, please help gather
> information
> | > below:
> | >
> | > 1. Does the 1006 and 1030 error point to SBS server or other client
> | > computer?
> | > 2. Is there any other group policy error such 1058 and 1054?
> | > 3. Does the error occur very frequently?
> | >
> | > If your group policy is applied without any problem, you do not need
> to
> | > worry too much about it, as it is not relate to the password issue.
> | >
> | > Thanks again for your effort.
> | >
> | >
> | >
> | > Best regards,
> | >
> | > Charles Yang (MSFT)
> | >
> | > Microsoft CSS Online Newsgroup Support
> | >
> | > Get Secure! - www.microsoft.com/security
> | >
> | > ======================================================
> | > This newsgroup only focuses on SBS technical issues. If you have
> issues
> | > regarding other Microsoft products, you'd better post in the
> corresponding
> | > newsgroups so that they can be resolved in an efficient and timely
> manner.
> | > You can locate the newsgroup here:
> | > http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
> | >
> | > When opening a new thread via the web interface, we recommend you
> check
> | > the
> | > "Notify me of replies" box to receive e-mail notifications when there
> are
> | > any updates in your thread. When responding to posts via your
> newsreader,
> | > please "Reply to Group" so that others may learn and benefit from your
> | > issue.
> | >
> | > Microsoft engineers can only focus on one issue per thread. Although
> we
> | > provide other information for your reference, we recommend you post
> | > different incidents in different threads to keep the thread clean. In
> | > doing
> | > so, it will ensure your issues are resolved in a timely manner.
> | >
> | > For urgent issues, you may want to contact Microsoft CSS directly.
> Please
> | > check http://support.microsoft.com for regional support phone numbers.
> | >
> | > Any input or comments in this thread are highly appreciated.
> | > ======================================================
> | > This posting is provided "AS IS" with no warranties, and confers no
> | > rights.
> | >
> | >
> | > =====================================================
> | > When responding to posts, please "Reply to Group" via your newsreader
> so
> | > that others may learn and benefit from your issue.
> | > =====================================================
> | >
> | > This posting is provided "AS IS" with no warranties, and confers no
> | > rights.
> | >
> | > --------------------
> | > | From: "Robert Zahm" <robzahm@xxxxxxxxxxx>
> | > | References: <OcG325k2FHA.3420@xxxxxxxxxxxxxxxxxxxx>
> | > <Pt3yzDq2FHA.2904@xxxxxxxxxxxxxxxxxxxxx>
> | > <OyWz89z2FHA.3788@xxxxxxxxxxxxxxxxxxxx>
> | > <LKEsVO22FHA.1144@xxxxxxxxxxxxxxxxxxxxx>
> | > <j$wHGld3FHA.3220@xxxxxxxxxxxxxxxxxxxxx>
> | > <#jaX6hk3FHA.632@xxxxxxxxxxxxxxxxxxxx>
> | > <O$Tmuao3FHA.1144@xxxxxxxxxxxxxxxxxxxxx>
> | > <#nrmoWW5FHA.268@xxxxxxxxxxxxxxxxxxxx>
> | > <rh$cxiZ5FHA.3076@xxxxxxxxxxxxxxxxxxxxx>
> | > <eul4CZk5FHA.1148@xxxxxxxxxxxxxxxxxxxx>
> | > <$qnz25l5FHA.832@xxxxxxxxxxxxxxxxxxxxx>
> | > <OfP3Axs5FHA.2816@xxxxxxxxxxxxxxxxxxxx>
> | > <geZlgZL6FHA.1240@xxxxxxxxxxxxxxxxxxxxx>
> | > | Subject: Re: Password Expiration
> | > | Date: Mon, 14 Nov 2005 07:56:11 -0600
> | > | Lines: 1763
> | > | X-Priority: 3
> | > | X-MSMail-Priority: Normal
> | > | X-Newsreader: Microsoft Outlook Express 6.00.2900.2670
> | > | X-RFC2646: Format=Flowed; Original
> | > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2670
> | > | Message-ID: <u91ssMS6FHA.2552@xxxxxxxxxxxxxxxxxxxx>
> | > | Newsgroups: microsoft.public.windows.server.sbs
> | > | NNTP-Posting-Host: 64-45-168-10.client.cypresscom.net 64.45.168.10
> | > | Path:
> TK2MSFTNGXA02.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP10.phx.gbl
> | > | Xref: TK2MSFTNGXA02.phx.gbl
> microsoft.public.windows.server.sbs:222035
> | > | X-Tomcat-NG: microsoft.public.windows.server.sbs
> | > |
> | > | Charles,
> | > |
> | > | I see that the 1006/1030 errors were logged again on Friday. Is
> this
> | > | something I need to worry about?
> | > |
> | > | Thanks,
> | > |
> | > | Rob
> | > |
> | > | ""Charles Yang [MSFT]"" <v-chayan@xxxxxxxxxxxxxxxxxxxx> wrote in
> message
> | > | news:geZlgZL6FHA.1240@xxxxxxxxxxxxxxxxxxxxxxxx
> | > | > Hi Robert,
> | > | >
> | > | > Thanks for letting us know that the problem did not exists, please
> | > feel
> | > | > free to post back if you still encountered problem. I am glad to
> help
> | > you.
> | > | >
> | > | >
> | > | >
> | > | > Best regards,
> | > | >
> | > | > Charles Yang (MSFT)
> | > | >
> | > | > Microsoft CSS Online Newsgroup Support
> | > | >
> | > | > Get Secure! - www.microsoft.com/security
> | > | >
> | > | > ======================================================
> | > | > This newsgroup only focuses on SBS technical issues. If you have
> | > issues
> | > | > regarding other Microsoft products, you'd better post in the
> | > corresponding
> | > | > newsgroups so that they can be resolved in an efficient and timely
> | > manner.
> | > | > You can locate the newsgroup here:
> | > | > http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
> | > | >
> | > | > When opening a new thread via the web interface, we recommend you
> | > check
> | > | > the
> | > | > "Notify me of replies" box to receive e-mail notifications when
> there
> | > are
> | > | > any updates in your thread. When responding to posts via your
> | > newsreader,
> | > | > please "Reply to Group" so that others may learn and benefit from
> your
> | > | > issue.
> | > | >
> | > | > Microsoft engineers can only focus on one issue per thread.
> Although
> | > we
> | > | > provide other information for your reference, we recommend you
> post
> | > | > different incidents in different threads to keep the thread clean.
> In
> | > | > doing
> | > | > so, it will ensure your issues are resolved in a timely manner.
> | > | >
> | > | > For urgent issues, you may want to contact Microsoft CSS directly.
> | > Please
> | > | > check http://support.microsoft.com for regional support phone
> numbers.
> | > | >
> | > | > Any input or comments in this thread are highly appreciated.
> | > | > ======================================================
> | > | > This posting is provided "AS IS" with no warranties, and confers
> no
> | > | > rights.
> | > | >
> | > | >
> | > | > =====================================================
> | > | > When responding to posts, please "Reply to Group" via your
> newsreader
> | > so
> | > | > that others may learn and benefit from your issue.
> | > | > =====================================================
> | > | >
> | > | > This posting is provided "AS IS" with no warranties, and confers
> no
> | > | > rights.
> | > | >
> | > | > --------------------
> | > | > | From: "Robert Zahm" <robzahm@xxxxxxxxxxx>
> | > | > | References: <OcG325k2FHA.3420@xxxxxxxxxxxxxxxxxxxx>
> | > | > <Pt3yzDq2FHA.2904@xxxxxxxxxxxxxxxxxxxxx>
> | > | > <OyWz89z2FHA.3788@xxxxxxxxxxxxxxxxxxxx>
> | > | > <LKEsVO22FHA.1144@xxxxxxxxxxxxxxxxxxxxx>
> | > | > <j$wHGld3FHA.3220@xxxxxxxxxxxxxxxxxxxxx>
> | > | > <#jaX6hk3FHA.632@xxxxxxxxxxxxxxxxxxxx>
> | > | > <O$Tmuao3FHA.1144@xxxxxxxxxxxxxxxxxxxxx>
> | > | > <#nrmoWW5FHA.268@xxxxxxxxxxxxxxxxxxxx>
> | > | > <rh$cxiZ5FHA.3076@xxxxxxxxxxxxxxxxxxxxx>
> | > | > <eul4CZk5FHA.1148@xxxxxxxxxxxxxxxxxxxx>
> | > | > <$qnz25l5FHA.832@xxxxxxxxxxxxxxxxxxxxx>
> | > | > | Subject: Re: Password Expiration
> | > | > | Date: Fri, 11 Nov 2005 08:28:56 -0600
> | > | > | Lines: 1453
> | > | > | X-Priority: 3
> | > | > | X-MSMail-Priority: Normal
> | > | > | X-Newsreader: Microsoft Outlook Express 6.00.2900.2670
> | > | > | X-RFC2646: Format=Flowed; Original
> | > | > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2670
> | > | > | Message-ID: <OfP3Axs5FHA.2816@xxxxxxxxxxxxxxxxxxxx>
> | > | > | Newsgroups: microsoft.public.windows.server.sbs
> | > | > | NNTP-Posting-Host: 64-45-168-10.client.cypresscom.net
> 64.45.168.10
> | > | > | Path:
> | > TK2MSFTNGXA02.phx.gbl!TK2MSFTNGP08.phx.gbl!tk2msftngp13.phx.gbl
> | > | > | Xref: TK2MSFTNGXA02.phx.gbl
> | > microsoft.public.windows.server.sbs:221325
> | > | > | X-Tomcat-NG: microsoft.public.windows.server.sbs
> | > | > |
> | > | > | Charles,
> | > | > |
> | > | > | I toggled the registry setting between reboots on the server,
> and
> I
> | > will
> | > | > | post back if I see this error again. I received a 1704
> | > informational
> | > | > log
> | > | > | message informing me that Group policy objects were successfully
> | > | > applied.
> | > | > |
> | > | > | Thanks,
> | > | > |
> | > | > | Rob
> | > | > |
> | > | > | ""Charles Yang [MSFT]"" <v-chayan@xxxxxxxxxxxxxxxxxxxx> wrote in
> | > message
> | > | > | news:$qnz25l5FHA.832@xxxxxxxxxxxxxxxxxxxxxxxx
> | > | > | > HI Robert,
> | > | > | >
> | > | > | > Thanks for updates.
> | > | > | >
> | > | > | > As far as I know, there is no negative impact on this, you can
> try
> | > to
> | > | > | > change it as I referred. Thanks a lot for your effort here.
> | > | > | >
> | > | > | > Please feel free to post back, if you have any further
> concerns. I
> | > am
> | > | > glad
> | > | > | > to help you.
> | > | > | >
> | > | > | >
> | > | > | >
> | > | > | > Best regards,
> | > | > | >
> | > | > | > Charles Yang (MSFT)
> | > | > | >
> | > | > | > Microsoft CSS Online Newsgroup Support
> | > | > | >
> | > | > | > Get Secure! - www.microsoft.com/security
> | > | > | >
> | > | > | > ======================================================
> | > | > | > This newsgroup only focuses on SBS technical issues. If you
> have
> | > | > issues
> | > | > | > regarding other Microsoft products, you'd better post in the
> | > | > corresponding
> | > | > | > newsgroups so that they can be resolved in an efficient and
> timely
> | > | > manner.
> | > | > | > You can locate the newsgroup here:
> | > | > | >
> http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
> | > | > | >
> | > | > | > When opening a new thread via the web interface, we recommend
> you
> | > | > check
> | > | > | > the
> | > | > | > "Notify me of replies" box to receive e-mail notifications
> when
> | > there
> | > | > are
> | > | > | > any updates in your thread. When responding to posts via your
> | > | > newsreader,
> | > | > | > please "Reply to Group" so that others may learn and benefit
> from
> | > your
> | > | > | > issue.
> | > | > | >
> | > | > | > Microsoft engineers can only focus on one issue per thread.
> | > Although
> | > | > we
> | > | > | > provide other information for your reference, we recommend you
> | > post
> | > | > | > different incidents in different threads to keep the thread
> clean.
> | > In
> | > | > | > doing
> | > | > | > so, it will ensure your issues are resolved in a timely
> manner.
> | > | > | >
> | > | > | > For urgent issues, you may want to contact Microsoft CSS
> directly.
> | > | > Please
> | > | > | > check http://support.microsoft.com for regional support phone
> | > numbers.
> | > | > | >
> | > | > | > Any input or comments in this thread are highly appreciated.
> | > | > | > ======================================================
> | > | > | > This posting is provided "AS IS" with no warranties, and
> confers
> | > no
> | > | > | > rights.
> | > | > | >
> | > | > | >
> | > | > | > =====================================================
> | > | > | > When responding to posts, please "Reply to Group" via your
> | > newsreader
> | > | > so
> | > | > | > that others may learn and benefit from your issue.
> | > | > | > =====================================================
> | > | > | >
> | > | > | > This posting is provided "AS IS" with no warranties, and
> confers
> | > no
> | > | > | > rights.
> | > | > | >
> | > | > | > --------------------
> | > | > | > | From: "Robert Zahm" <robzahm@xxxxxxxxxxx>
> | > | > | > | References: <OcG325k2FHA.3420@xxxxxxxxxxxxxxxxxxxx>
> | > | > | > <Pt3yzDq2FHA.2904@xxxxxxxxxxxxxxxxxxxxx>
> | > | > | > <OyWz89z2FHA.3788@xxxxxxxxxxxxxxxxxxxx>
> | > | > | > <LKEsVO22FHA.1144@xxxxxxxxxxxxxxxxxxxxx>
> | > | > | > <j$wHGld3FHA.3220@xxxxxxxxxxxxxxxxxxxxx>
> | > | > | > <#jaX6hk3FHA.632@xxxxxxxxxxxxxxxxxxxx>
> | > | > | > <O$Tmuao3FHA.1144@xxxxxxxxxxxxxxxxxxxxx>
> | > | > | > <#nrmoWW5FHA.268@xxxxxxxxxxxxxxxxxxxx>
> | > | > | > <rh$cxiZ5FHA.3076@xxxxxxxxxxxxxxxxxxxxx>
> | > | > | > | Subject: Re: Password Expiration
> | > | > | > | Date: Thu, 10 Nov 2005 16:29:47 -0600
> | > | > | > | Lines: 1193
> | > | > | > | X-Priority: 3
> | > | > | > | X-MSMail-Priority: Normal
> | > | > | > | X-Newsreader: Microsoft Outlook Express 6.00.2900.2670
> | > | > | > | X-RFC2646: Format=Flowed; Original
> | > | > | > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2670
> | > | > | > | Message-ID: <eul4CZk5FHA.1148@xxxxxxxxxxxxxxxxxxxx>
> | > | > | > | Newsgroups: microsoft.public.windows.server.sbs
> | > | > | > | NNTP-Posting-Host: 64-45-168-10.client.cypresscom.net
> | > 64.45.168.10
> | > | > | > | Path:
> | > | > TK2MSFTNGXA02.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP10.phx.gbl
> | > | > | > | Xref: TK2MSFTNGXA02.phx.gbl
> | > | > microsoft.public.windows.server.sbs:221099
> | > | > | > | X-Tomcat-NG: microsoft.public.windows.server.sbs
> | > | > | > |
> | > | > | > | Charles,
> | > | > | > |
> | > | > | > | I don't see anything under "Stored User Names and
> Passwords."
> | > | > | > |
> | > | > | > | So if I change that registry key to "1," restart the SBS
> | > machine,
> | > | > change
> | > | > | > it
> | > | > | > | back to "0" and restart the machine again, I should have
> | > completely
> | > | > | > wiped
> | > | > | > | the cached credentials and put the "remember password"
> prompt
> | > back
> | > | > in
> | > | > | > place
> | > | > | > | right?
> | > | > | > |
> | > | > | > | Are there any negatives for forcing Kerberos to use TCP if
> the
> | > above
> | > | > | > | registry change does not resolve the problem?
> | > | > | > |
> | > | > | > | Thanks,
> | > | > | > |
> | > | > | > | Rob
> | > | > | > |
> | > | > | > | ""Charles Yang [MSFT]"" <v-chayan@xxxxxxxxxxxxxxxxxxxx>
> wrote
> in
> | > | > message
> | > | > | > | news:rh$cxiZ5FHA.3076@xxxxxxxxxxxxxxxxxxxxxxxx
> | > | > | > | > Hi Robert,
> | > | > | > | >
> | > | > | > | > This will not impact the user who access the network
> resoucse
> | > such
> | > | > as
> | > | > | > | > companyweb, we do not need to worry about that.
> | > | > | > | >
> | > | > | > | > Thanks for understanding.
> | > | > | > | >
> | > | > | > | >
> | > | > | > | >
> | > | > | > | > Best regards,
> | > | > | > | >
> | > | > | > | > Charles Yang (MSFT)
> | > | > | > | >
> | > | > | > | > Microsoft CSS Online Newsgroup Support
> | > | > | > | >
> | > | > | > | > Get Secure! - www.microsoft.com/security
> | > | > | > | >
> | > | > | > | > ======================================================
> | > | > | > | > This newsgroup only focuses on SBS technical issues. If
> you
> | > have
> | > | > | > issues
> | > | > | > | > regarding other Microsoft products, you'd better post in
> the
> | > | > | > corresponding
> | > | > | > | > newsgroups so that they can be resolved in an efficient
> and
> | > timely
> | > | > | > manner.
> | > | > | > | > You can locate the newsgroup here:
> | > | > | > | >
> | > http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
> | > | > | > | >
> | > | > | > | > When opening a new thread via the web interface, we
> recommend
> | > you
> | > | > | > check
> | > | > | > | > the
> | > | > | > | > "Notify me of replies" box to receive e-mail notifications
> | > when
> | > | > there
> | > | > | > are
> | > | > | > | > any updates in your thread. When responding to posts via
> your
> | > | > | > newsreader,
> | > | > | > | > please "Reply to Group" so that others may learn and
> benefit
> | > from
> | > | > your
> | > | > | > | > issue.
> | > | > | > | >
> | > | > | > | > Microsoft engineers can only focus on one issue per
> thread.
> | > | > Although
> | > | > | > we
> | > | > | > | > provide other information for your reference, we recommend
> you
> | > | > post
> | > | > | > | > different incidents in different threads to keep the
> thread
> | > clean.
> | > | > In
> | > | > | > | > doing
> | > | > | > | > so, it will ensure your issues are resolved in a timely
> | > manner.
> | > | > | > | >
> | > | > | > | > For urgent issues, you may want to contact Microsoft CSS
> | > directly.
> | > | > | > Please
> | > | > | > | > check http://support.microsoft.com for regional support
> phone
> | > | > numbers.
> | > | > | > | >
> | > | > | > | > Any input or comments in this thread are highly
> appreciated.
> | > | > | > | > ======================================================
> | > | > | > | > This posting is provided "AS IS" with no warranties, and
> | > confers
> | > | > no
> | > | > | > | > rights.
> | > | > | > | >
> | > | > | > | >
> | > | > | > | > =====================================================
> | > | > | > | > When responding to posts, please "Reply to Group" via your
> | > | > newsreader
> | > | > | > so
> | > | > | > | > that others may learn and benefit from your issue.
> | > | > | > | > =====================================================
> | > | > | > | >
> | > | > | > | > This posting is provided "AS IS" with no warranties, and
> | > confers
> | > | > no
> | > | > | > | > rights.
> | > | > | > | >
> | > | > | > | > --------------------
> | > | > | > | > | From: "Robert Zahm" <robzahm@xxxxxxxxxxx>
> | > | > | > | > | References: <OcG325k2FHA.3420@xxxxxxxxxxxxxxxxxxxx>
> | > | > | > | > <Pt3yzDq2FHA.2904@xxxxxxxxxxxxxxxxxxxxx>
> | > | > | > | > <OyWz89z2FHA.3788@xxxxxxxxxxxxxxxxxxxx>
> | > | > | > | > <LKEsVO22FHA.1144@xxxxxxxxxxxxxxxxxxxxx>
> | > | > | > | > <j$wHGld3FHA.3220@xxxxxxxxxxxxxxxxxxxxx>
> | > | > | > | > <#jaX6hk3FHA.632@xxxxxxxxxxxxxxxxxxxx>
> | > | > | > | > <O$Tmuao3FHA.1144@xxxxxxxxxxxxxxxxxxxxx>
> | > | > | > | > | Subject: Re: Password Expiration
> | > | > | > | > | Date: Wed, 9 Nov 2005 13:42:01 -0600
> | > | > | > | > | Lines: 956
> | > | > | > | > | X-Priority: 3
> | > | > | > | > | X-MSMail-Priority: Normal
> | > | > | > | > | X-Newsreader: Microsoft Outlook Express 6.00.2900.2670
> | > | > | > | > | X-RFC2646: Format=Flowed; Original
> | > | > | > | > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2670
> | > | > | > | > | Message-ID: <#nrmoWW5FHA.268@xxxxxxxxxxxxxxxxxxxx>
> | > | > | > | > | Newsgroups: microsoft.public.windows.server.sbs
> | > | > | > | > | NNTP-Posting-Host: 64-45-168-10.client.cypresscom.net
> | > | > 64.45.168.10
> | > | > | > | > | Path:
> | > | > | >
> TK2MSFTNGXA02.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP10.phx.gbl
> | > | > | > | > | Xref: TK2MSFTNGXA02.phx.gbl
> | > | > | > microsoft.public.windows.server.sbs:220560
> | > | > | > | > | X-Tomcat-NG: microsoft.public.windows.server.sbs
> | > | > | > | > |
> | > | > | > | > | Charles,
> | > | > | > | > |
> | > | > | > | > | Would solutions 1 and 2 require that the users would
> need
> to
> | > | > enter
> | > | > | > their
> | > | > | > | > | passwords every time they were to access companyweb and
> | > other
> | > | > | > network
> | > | > | > | > | resources?
> | > | > | > | > |
> | > | > | > | > | Thanks,
> | > | > | > | > |
> | > | > | > | > | Rob
> | > | > | > | > |
> | > | > | > | > |
> | > | > | > | > | ""Charles Yang [MSFT]"" <v-chayan@xxxxxxxxxxxxxxxxxxxx>
> | > wrote
> | > in
> | > | > | > message
> | > | > | > | > | news:O$Tmuao3FHA.1144@xxxxxxxxxxxxxxxxxxxxxxxx
> | > | > | > | > | > HI,
> | > | > | > | > | >
> | > | > | > | > | > Thanks for updates.
> | > | > | > | > | >
> | > | > | > | > | > For the concerns on the 1006 and 1030, it did related
> to
> | > group
> | > | > | > policy
> | > | > | > | > | > issue. By default, as I know 1030 should occur with
> 1058
> | > if
> | > | > the
> | > | > | > group
> | > | > | > | > | > policy is not applied successfully, if only 1030
> occurs,
> | > the
> | > | > issue
> | > | > | > | > mostly
> | > | > | > | > | > been caused the cache credential issue, you can refer
> to
> | > my
> | > | > | > suggestion
> | > | > | > | > | > below:
> | > | > | > | > | >
> | > | > | > | > | > I. You can configure this security setting by opening
> the
> | > | > | > appropriate
> | > | > | > | > | > policy and expanding the console tree as such:
> Computer
> | > | > | > | > | > Configuration\Windows Settings\Security Settings\Local
> | > | > | > | > Policies\Security
> | > | > | > | > | > Options Network access:
> | > | > | > | > | >
> | > | > | > | > | > Do not allow storage of credentials or .NET Passports
> for
> | > | > network
> | > | > | > | > | > authentication
> | > | > | > | > | >
> | > | > | > | > | > II. Following Registry value removes the "Remember My
> | > | > Password"
> | > | > | > option
> | > | > | > | > | > from
> | > | > | > | > | > all prompts for authentication:
> | > | > | > | > | >
> | > | > | > | > | >
> HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa
> | > | > | > | > | > Value Name: disabledomaincreds
> | > | > | > | > | > Value Type: REG_DWORD
> | > | > | > | > | > Values: 0 = allow domain credentials to be stored
> | > | > | > | > | > 1 = do not store domain credentials
> | > | > | > | > | > Set the disabledomaincreds value to "0" to restore the
> | > | > "Remember
> | > | > | > My
> | > | > | > | > | > Password" checkbox on the prompt for authentication.
> | > | > | > | > | >
> | > | > | > | > | > III. Set Kerberos to use TCP
> | > | > | > | > | >
> | > | > | > | > | > 244474 How to force Kerberos to use TCP instead of UDP
> in
> | > | > Windows
> | > | > | > | > Server
> | > | > | > | > | > 2003,
> | > | > | > | > | > http://support.microsoft.com/?id=244474
> | > | > | > | > | >
> | > | > | > | > | >
> | > | > | > | > | > The steps #1 and #2 I introduced in my last reply are
> all
> | > used
> | > | > to
> | > | > | > | > delete
> | > | > | > | > | > the store credential. The step #1 could be applied to
> | > group
> | > | > policy
> | > | > | > | > that
> | > | > | > | > | > cover the SBS server such as domain controller policy
> and
> | > you
> | > | > will
> | > | > | > | > find
> | > | > | > | > | > the
> | > | > | > | > | > policy below
> | > | > | > | > | >
> | > | > | > | > | > Computer Configuration\Windows Settings\Security
> | > | > Settings\Local
> | > | > | > | > | > Policies\Security Options\Network access: Do not allow
> | > storage
> | > | > of
> | > | > | > | > | > credentials or .NET Passports for network
> authentication
> | > | > | > | > | >
> | > | > | > | > | > The step #2 is used registry key way. The "0" is the
> | > default
> | > | > | > value.
> | > | > | > | > When
> | > | > | > | > | > you set this key to 1, to purge the original
> credential
> to
> | > | > clear
> | > | > | > the
> | > | > | > | > store
> | > | > | > | > | > and restart the machine.
> | > | > | > | > | >
> | > | > | > | > | > If you do not want the above steps, you could use the
> | > | > following
> | > | > | > way
> | > | > | > to
> | > | > | > | > | > delete the cached credential directly.
> | > | > | > | > | >
> | > | > | > | > | > 1. On the SBS server open control panel
> | > | > | > | > | >
> | > | > | > | > | > 2. Open 'Stored User Names and Passwords'
> | > | > | > | > | >
> | > | > | > | > | > 3. Remove all entries in the list, as the problem
> could
> be
> | > | > caused
> | > | > | > by
> | > | > | > | > the
> | > | > | > | > | > incorrect credential cached here.
> | > | > | > | > | >
> | > | > | > | > | >
> | > | > | > | > | > If the problem could not be resolved, we may need to
> set
> | > the
> | > | > | > Kerberos
> | > | > | > | > to
> | > | > | > | > | > TCP only, because of the following reasons.
> | > | > | > | > | >
> | > | > | > | > | > The Windows Kerberos authentication package is the
> default
> | > | > | > | > authentication
> | > | > | > | > | > package in Microsoft Windows Server 2003. By default,
> the
> | > | > maximum
> | > | > | > size
> | > | > | > | > of
> | > | > | > | > | > datagram packets for which Windows Server 2003 uses
> UDP
> is
> | > | > 1,465
> | > | > | > | > bytes.
> | > | > | > | > | > Depending on a variety of factors including security
> | > | > identifier
> | > | > | > (SID)
> | > | > | > | > | > history and group membership, some accounts will have
> | > larger
> | > | > | > Kerberos
> | > | > | > | > | > authentication packet sizes. Depending on hardware of
> your
> | > SBS
> | > | > | > | > network,
> | > | > | > | > | > these larger packets may have to be fragmented when
> going
> | > | > through.
> | > | > | > The
> | > | > | > | > | > problem is caused by fragmentation of these large UDP
> | > Kerberos
> | > | > | > | > packets.
> | > | > | > | > | > Because UDP is a connectionless protocol, fragmented
> UDP
> | > | > packets
> | > | > | > will
> | > | > | > | > be
> | > | > | > | > | > dropped if they arrive at the destination out of
> order.
> | > | > | > | > | >
> | > | > | > | > | > Then, this issue could be occur that you logon to the
> SBS
> | > | > server
> | > | > | > | > remotely,
> | > | > | > | > | > and the UDP package is dropped at this situation. So,
> we
> | > could
> | > | > set
> | > | > | > the
> | > | > | > | > | > Kerberos to use TCP only, as Kerberos is designed to
> work
> | > | > under
> | > | > | > both
> | > | > | > | > UDP
> | > | > | > | > | > and TCP.
> | > | > | > | > | >
> | > | > | > | > | > For the error 1006, please double check if the 1030 is
> | > clear,
> | > | > does
> | > | > | > the
> | > | > | > | > | > error 1006 still exists or not?
> | > | > | > | > | >
> | > | > | > | > | > Thanks so much for your effort on this issue. I am
> glad
> to
> | > be
> | > | > of
> | > | > | > | > | > assistance.
> | > | > | > | > | >
> | > | > | > | > | >
> | > | > | > | > | >
> | > | > | > | > | > Best regards,
> | > | > | > | > | >
> | > | > | > | > | > Charles Yang (MSFT)
> | > | > | > | > | >
> | > | > | > | > | > Microsoft CSS Online Newsgroup Support
> | > | > | > | > | >
> | > | > | > | > | > Get Secure! - www.microsoft.com/security
> | > | > | > | > | >
> | > | > | > | > | > ======================================================
> | > | > | > | > | > This newsgroup only focuses on SBS technical issues.
> If
> | > you
> | > | > have
> | > | > | > | > issues
> | > | > | > | > | > regarding other Microsoft products, you'd better post
> in
> | > the
> | > | > | > | > corresponding
> | > | > | > | > | > newsgroups so that they can be resolved in an
> efficient
> | > and
> | > | > timely
> | > | > | > | > manner.
> | > | > | > | > | > You can locate the newsgroup here:
> | > | > | > | > | >
> | > | > http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
> | > | > | > | > | >
> | > | > | > | > | > When opening a new thread via the web interface, we
> | > recommend
> | > | > you
> | > | > | > | > check
> | > | > | > | > | > the
> | > | > | > | > | > "Notify me of replies" box to receive e-mail
> notifications
> | > | > when
> | > | > | > there
> | > | > | > | > are
> | > | > | > | > | > any updates in your thread. When responding to posts
> via
> | > your
> | > | > | > | > newsreader,
> | > | > | > | > | > please "Reply to Group" so that others may learn and
> | > benefit
> | > | > from
> | > | > | > your
> | > | > | > | > | > issue.
> | > | > | > | > | >
> | > | > | > | > | > Microsoft engineers can only focus on one issue per
> | > thread.
> | > | > | > Although
> | > | > | > | > we
> | > | > | > | > | > provide other information for your reference, we
> recommend
> | > you
> | > | > | > post
> | > | > | > | > | > different incidents in different threads to keep the
> | > thread
> | > | > clean.
> | > | > | > In
> | > | > | > | > | > doing
> | > | > | > | > | > so, it will ensure your issues are resolved in a
> timely
> | > | > manner.
> | > | > | > | > | >
> | > | > | > | > | > For urgent issues, you may want to contact Microsoft
> CSS
> | > | > directly.
> | > | > | > | > Please
> | > | > | > | > | > check http://support.microsoft.com for regional
> support
> | > phone
> | > | > | > numbers.
> | > | > | > | > | >
> | > | > | > | > | > Any input or comments in this thread are highly
> | > appreciated.
> | > | > | > | > | > ======================================================
> | > | > | > | > | > This posting is provided "AS IS" with no warranties,
> and
> | > | > confers
> | > | > | > no
> | > | > | > | > | > rights.
> | > | > | > | > | >
> | > | > | > | > | >
> | > | > | > | > | > =====================================================
> | > | > | > | > | > When responding to posts, please "Reply to Group" via
> your
> | > | > | > newsreader
> | > | > | > | > so
> | > | > | > | > | > that others may learn and benefit from your issue.
> | > | > | > | > | > =====================================================
> | > | > | > | > | >
> | > | > | > | > | > This posting is provided "AS IS" with no warranties,
> and
> | > | > confers
> | > | > | > no
> | > | > | > | > | > rights.
> | > | > | > | > | >
> | > | > | > | > | > --------------------
> | > | > | > | > | > | From: "Robert Zahm" <robzahm@xxxxxxxxxxx>
> | > | > | > | > | > | References: <OcG325k2FHA.3420@xxxxxxxxxxxxxxxxxxxx>
> | > | > | > | > | > <Pt3yzDq2FHA.2904@xxxxxxxxxxxxxxxxxxxxx>
> | > | > | > | > | > <OyWz89z2FHA.3788@xxxxxxxxxxxxxxxxxxxx>
> | > | > | > | > | > <LKEsVO22FHA.1144@xxxxxxxxxxxxxxxxxxxxx>
> | > | > | > | > | > <j$wHGld3FHA.3220@xxxxxxxxxxxxxxxxxxxxx>
> | > | > | > | > | > | Subject: Re: Password Expiration
> | > | > | > | > | > | Date: Mon, 31 Oct 2005 12:25:28 -0600
> | > | > | > | > | > | Lines: 679
> | > | > | > | > | > | X-Priority: 3
> | > | > | > | > | > | X-MSMail-Priority: Normal
> | > | > | > | > | > | X-Newsreader: Microsoft Outlook Express
> 6.00.2900.2670
> | > | > | > | > | > | X-RFC2646: Format=Flowed; Original
> | > | > | > | > | > | X-MimeOLE: Produced By Microsoft MimeOLE
> V6.00.2900.2670
> | > | > | > | > | > | Message-ID: <#jaX6hk3FHA.632@xxxxxxxxxxxxxxxxxxxx>
> | > | > | > | > | > | Newsgroups: microsoft.public.windows.server.sbs
> | > | > | > | > | > | NNTP-Posting-Host:
> 64-45-168-10.client.cypresscom.net
> | > | > | > 64.45.168.10
> | > | > | > | > | > | Path:
> | > | > | > | >
> | > TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP10.phx.gbl
> | > | > | > | > | > | Xref: TK2MSFTNGXA01.phx.gbl
> | > | > | > | > microsoft.public.windows.server.sbs:166306
> | > | > | > | > | > | X-Tomcat-NG: microsoft.public.windows.server.sbs
> | > | > | > | > | > |
> | > | > | > | > | > | Charles,
> | > | > | > | > | > |
> | > | > | > | > | > | I am not too concerned about those 529 events, since
> | > there
> | > | > were
> | > | > | > only
> | > | > | > | > 2
> | > | > | > | > | > of
> | > | > | > | > | > | them, and I think they were from mistyped passwords
> | > (since
> | > | > one
> | > | > | > of
> | > | > | > | > them
> | > | > | > | > | > was
> | > | > | > | > | > | mine).
> | > | > | > | > | > |
> | > | > | > | > | > | The other thing that I failed to mention is that we
> had
> | > some
> | > | > | > issues
> | > | > | > | > when
> | > | > | > | > | > | moving the profiles over to our new SBS domain. Is
> it
> | > | > possible
> | > | > | > that
> | > | > | > | > | > profile
> | > | > | > | > | > | sharing issues might be responsible for these
> errors?
> | > It
> | > | > still
> | > | > | > | > doesn't
> | > | > | > | > | > make
> | > | > | > | > | > | sense to me that the DC cannot update the group
> policy
> | > | > though...
> | > | > | > | > | > |
> | > | > | > | > | > | Thanks,
> | > | > | > | > | > |
> | > | > | > | > | > | Rob
> | > | > | > | > | > |
> | > | > | > | > | > |
> | > | > | > | > | > | ""Charles Yang [MSFT]""
> <v-chayan@xxxxxxxxxxxxxxxxxxxx>
> | > | > wrote
> | > | > in
> | > | > | > | > message
> | > | > | > | > | > | news:j$wHGld3FHA.3220@xxxxxxxxxxxxxxxxxxxxxxxx
> | > | > | > | > | > | > Hi,
> | > | > | > | > | > | >
> | > | > | > | > | > | > Thanks for updates.
> | > | > | > | > | > | >
> | > | > | > | > | > | > From your log files, we found every thing should
> be
> | > run
> | > in
> | > | > a
> | > | > | > | > normal
> | > | > | > | > | > | > situation. Your user have logon and log off
> session
> | > | > normally,
> | > | > | > For
> | > | > | > | > your
> | > | > | > | > | > | > convenience, I suggest you refer to the
> information
> | > below
> | > | > | > about
> | > | > | > | > | > security
> | > | > | > | > | > | > fields on Windows 2003:
> | > | > | > | > | > | >
> | > | > | > | > | > | > For Event ID 528, I recommend you to check the
> | > following
> | > | > KB
> | > | > | > | > articles:
> | > | > | > | > | > | >
> | > | > | > | > | > | > 287537 Using Basic authentication to generate
> Kerberos
> | > | > tokens
> | > | > | > | > | > | >
> | > | > http://support.microsoft.com/default.aspx?scid=kb;en-us;287537
> | > | > | > | > | > | >
> | > | > | > | > | > | >
> | > | > | > | > | > | > 274176 Security Event for Associating Service
> Account
> | > | > Logon
> | > | > | > Events
> | > | > | > | > | > | >
> | > | > http://support.microsoft.com/default.aspx?scid=kb;en-us;274176
> | > | > | > | > | > | >
> | > | > | > | > | > | >
> | > | > | > | > | > | > For Event ID 529, these KB articles may help:
> | > | > | > | > | > | >
> | > | > | > | > | > | > 328720 Calls to the Server.CreateObject method on
> | > separate
> | > | > ASP
> | > | > | > | > pages
> | > | > | > | > | > may
> | > | > | > | > | > | > fail if you store a remote COM+ object in a
> session
> | > | > variable
> | > | > | > and
> | > | > | > | > you
> | > | > | > | > | > are
> | > | > | > | > | > | > using IIS 5.0
> | > | > | > | > | > | >
> | > | > http://support.microsoft.com/default.aspx?scid=kb;en-us;328720
> | > | > | > | > | > | >
> | > | > | > | > | > | >
> | > | > | > | > | > | > 811082 Security Event 529 Is Logged for Local User
> | > | > Accounts
> | > | > | > | > | > | >
> | > | > http://support.microsoft.com/default.aspx?scid=kb;en-us;811082
> | > | > | > | > | > | >
> | > | > | > | > | > | >
> | > | > | > | > | > | > Kerberos Event ID: 529 is logged when you use a
> local
> | > user
> | > | > | > account
> | > | > | > | > to
> | > | > | > | > | > | > verify security access or group membership on a
> | > Windows
> | > | > Server
> | > | > | > | > | > 2003-based
> | > | > | > | > | > | > Kerberos client
> | > | > | > | > | >| >
> | > | > http://support.microsoft.com/default.aspx?scid=kb;en-us;890477
> | > | > | > | > | > | >
> | > | > | > | > | > | > 272594 Problems logging on to a Windows 2000-based
> | > server
> | > | > or a
> | > | > | > | > Windows
> | > | > | > | > | > | > 2003-based server
> | > | > | > | > | > | >
> | > | > http://support.microsoft.com/default.aspx?scid=kb;en-us;272594
> | > | > | > | > | > | >
> | > | > | > | > | > | >
> | > | > | > | > | > | > Cannot Automatically Log on Remotely to Terminal
> | > Server
> | > | > with
> | > | > | > Long
> | > | > | > | > User
> | > | > | > | > | > | > Name
> | > | > | > | > | > | > or Password
> | > | > | > | > | > | >
> | > | > http://support.microsoft.com/default.aspx?scid=kb;en-us;290706
> | > | > | > | > | > | >
> | > | > | > | > | > | > 305822 Failure Events Are Logged When the Welcome
> | > Screen
> | > | > Is
> | > | > | > | > Enabled
> | > | > | > | > | > | >
> | > | > http://support.microsoft.com/default.aspx?scid=kb;en-us;305822
> | > | > | > | > | > | >
> | > | > | > | > | > | >
> | > | > | > | > | > | > Personally, I think if the SBS computer is
> connected
> | > to
> | > | > the
> | > | > | > | > internet,
> | > | > | > | > | > many
> | > | > | > | > | > | > hacker activities may cause Event ID 529 etc. I
> | > recommend
> | > | > you
> | > | > | > to
> | > | > | > | > read
> | > | > | > | > | > the
> | > | > | > | > | > | > following white paper and make sure your server is
> | > secure.
> | > | > | > | > | > | >
> | > | > | > | > | > | > Threats and Countermeasures: Security Settings in
> | > Windows
> | > | > | > Server
> | > | > | > | > 2003
> | > | > | > | > | > and
> | > | > | > | > | > | > Windows XP
> | > | > | > | > | > | >
> | > | > | > | > | >
> | > | > | > | >
> | > | > | >
> | > | >
> | >
> http://www.microsoft.com/downloads/details.aspx?FamilyId=1B6ACF93-147A-4481-
> | > | > | > | > | > | > 9346-F93A4081EEA8&displaylang=en
> | > | > | > | > | > | >
> | > | > | > | > | > | >
> | > | > | > | > | > | > Sometimes, third party application/services and
> | > | > virus/Spyware
> | > | > | > may
> | > | > | > | > also
> | > | > | > | > | > | > cause such issue; however, it will be difficult to
> | > isolate
> | > | > the
> | > | > | > | > root
> | > | > | > | > | > cause
> | > | > | > | > | > | > if this is the point. (I recommend you to check a
> | > clean
> | > | > | > installed
> | > | > | > | > SBS
> | > | > | > | > | > with
> | > | > | > | > | > | > secure settings applied.)
> | > | > | > | > | > | >
> | > | > | > | > | > | > More Info:
> | > | > | > | > | > | > 174073 Auditing User Authentication
> | > | > | > | > | > | >
> | > | > http://support.microsoft.com/default.aspx?scid=kb;en-us;174073
> | > | > | > | > | > | >
> | > | > | > | > | > | >
> | > | > | > | > | > | > 174074 Security Event Descriptions
> | > | > | > | > | > | >
> | > | > http://support.microsoft.com/default.aspx?scid=kb;en-us;174074
> | > | > | > | > | > | >
> | > | > | > | > | > | >
> | > | > | > | > | > | > 318253 Logoff event messages are not logged in the
> | > | > security
> | > | > | > log
> | > | > | > | > when
> | > | > | > | > | > you
> | > | > | > | > | > | > use the Audit Logon Events feature in Windows 2000
> | > | > | > | > | > | >
> | > | > http://support.microsoft.com/default.aspx?scid=kb;en-us;318253
> | > | > | > | > | > | >
> | > | > | > | > | > | >
> | > | > | > | > | > | > 326985 HOW TO: Troubleshoot Kerberos-Related
> Issues
> in
> | > IIS
> | > | > | > | > | > | >
> | > | > http://support.microsoft.com/default.aspx?scid=kb;en-us;326985
> | > | > | > | > | > | >
> | > | > | > | > | > | > Hope the above information helpful on your issue,
> | > please
> | > | > feel
> | > | > | > free
> | > | > | > | > to
> | > | > | > | > | > post
> | > | > | > | > | > | > back if you still have concerns. I am glad to be
> of
> | > | > further
> | > | > | > | > | > assistance.
> | > | > | > | > | > | >
> | > | > | > | > | > | >
> | > | > | > | > | > | >
> | > | > | > | > | > | > Best regards,
> | > | > | > | > | > | >
> | > | > | > | > | > | > Charles Yang (MSFT)
> | > | > | > | > | > | >
> | > | > | > | > | > | > Microsoft CSS Online Newsgroup Support
> | > | > | > | > | > | >
> | > | > | > | > | > | > Get Secure! - www.microsoft.com/security
> | > | > | > | > | > | >
> | > | > | > | > | > | >
> ======================================================
> | > | > | > | > | > | > This newsgroup only focuses on SBS technical
> issues.
> | > If
> | > | > you
> | > | > | > have
> | > | > | > | > | > issues
> | > | > | > | > | > | > regarding other Microsoft products, you'd better
> post
> | > in
> | > | > the
> | > | > | > | > | > corresponding
> | > | > | > | > | > | > newsgroups so that they can be resolved in an
> | > efficient
> | > | > and
> | > | > | > timely
> | > | > | > | > | > manner.
> | > | > | > | > | > | > You can locate the newsgroup here:
> | > | > | > | > | > | >
> | > | > | >
> http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
> | > | > | > | > | > | >
> | > | > | > | > | > | > When opening a new thread via the web interface,
> we
> | > | > recommend
> | > | > | > you
> | > | > | > | > | > check
> | > | > | > | > | > | > the
> | > | > | > | > | > | > "Notify me of replies" box to receive e-mail
> | > notifications
> | > | > | > when
> | > | > | > | > there
> | > | > | > | > | > are
> | > | > | > | > | > | > any updates in your thread. When responding to
> posts
> | > via
> | > | > your
> | > | > | > | > | > newsreader,
> | > | > | > | > | > | > please "Reply to Group" so that others may learn
> and
> | > | > benefit
> | > | > | > from
> | > | > | > | > your
> | > | > | > | > | > | > issue.
> | > | > | > | > | > | >
> | > | > | > | > | > | > Microsoft engineers can only focus on one issue
> per
> | > | > thread.
> | > | > | > | > Although
> | > | > | > | > | > we
> | > | > | > | > | > | > provide other information for your reference, we
> | > recommend
> | > | > you
> | > | > | > | > post
> | > | > | > | > | > | > different incidents in different threads to keep
> the
> | > | > thread
> | > | > | > clean.
> | > | > | > | > In
> | > | > | > | > | > | > doing
> | > | > | > | > | > | > so, it will ensure your issues are resolved in a
> | > timely
> | > | > | > manner.
> | > | > | > | > | > | >
> | > | > | > | > | > | > For urgent issues, you may want to contact
> Microsoft
> | > CSS
> | > | > | > directly.
> | > | > | > | > | > Please
> | > | > | > | > | > | > check http://support.microsoft.com for regional
> | > support
> | > | > phone
> | > | > | > | > numbers.
> | > | > | > | > | > | >
> | > | > | > | > | > | > Any input or comments in this thread are highly
> | > | > appreciated.
> | > | > | > | > | > | >
> ======================================================
> | > | > | > | > | > | > This posting is provided "AS IS" with no
> warranties,
> | > and
> | > | > | > confers
> | > | > | > | > no
> | > | > | > | > | > | > rights.
> | > | > | > | > | > | >
> | > | > | > | > | > | >
> | > | > | > | > | > | >
> =====================================================
> | > | > | > | > | > | > When responding to posts, please "Reply to Group"
> via
> | > your
> | > | > | > | > newsreader
> | > | > | > | > | > so
> | > | > | > | > | > | > that others may learn and benefit from your issue.
> | > | > | > | > | > | >
> =====================================================
> | > | > | > | > | > | >
> | > | > | > | > | > | > This posting is provided "AS IS" with no
> warranties,
> | > and
> | > | > | > confers
> | > | > | > | > no
> | > | > | > | > | > | > rights.
> | > | > | > | > | > | >
> | > | > | > | > | > | > --------------------
> | > | > | > | > | > | > | X-Tomcat-ID: 35395219
> | > | > | > | > | > | > | References:
> <OcG325k2FHA.3420@xxxxxxxxxxxxxxxxxxxx>
> | > | > | > | > | > | > <Pt3yzDq2FHA.2904@xxxxxxxxxxxxxxxxxxxxx>
> | > | > | > | > | > | > <OyWz89z2FHA.3788@xxxxxxxxxxxxxxxxxxxx>
> | > | > | > | > | > | > | MIME-Version: 1.0
> | > | > | > | > | > | > | Content-Type: text/plain
> | > | > | > | > | > | > | Content-Transfer-Encoding: 7bit
> | > | > | > | > | > | > | From: v-chayan@xxxxxxxxxxxxxxxxxxxx ("Charles
> Yang
> | > | > [MSFT]")
> | > | > | > | > | > | > | Organization: Microsoft
> | > | > | > | > | > | > | Date: Fri, 28 Oct 2005 02:01:54 GMT
> | > | > | > | > | > | > | Subject: Re: Password Expiration
> | > | > | > | > | > | > | X-Tomcat-NG: microsoft.public.windows.server.sbs
> | > | > | > | > | > | > | Message-ID:
> <LKEsVO22FHA.1144@xxxxxxxxxxxxxxxxxxxxx>
> | > | > | > | > | > | > | Newsgroups: microsoft.public.windows.server.sbs
> | > | > | > | > | > | > | Lines: 394
> | > | > | > | > | > | > | Path: TK2MSFTNGXA01.phx.gbl
> | > | > | > | > | > | > | Xref: TK2MSFTNGXA01.phx.gbl
> | > | > | > | > | > microsoft.public.windows.server.sbs:165348
> | > | > | > | > | > | > | NNTP-Posting-Host: TOMCATIMPORT1 10.201.218.122
> | > | > | > | > | > | > |
> | > | > | > | > | > | > | HI Robert,
> | > | > | > | > | > | > |
> | > | > | > | > | > | > | Thanks for your detailed updates.
> | > | > | > | > | > | > |
> | > | > | > | > | > | > | Let me clarify it, the group policy error mostly
> | > been
> | > | > caused
> | > | > | > by
> | > | > | > | > the
> | > | > | > | > | > DNS
> | > | > | > | > | > | > is
> | > | > | > | > | > | > | not set up correctly, that why I suggest you
> check
> | > if
> | > | > the
> | > | > | > DNS
> | > | > | > on
> | > | > | > | > the
> | > | > | > | > | > | > TCP/IP
> | > | > | > | > | > | > | properties on all the network interface of SBS
> | > domain
> | > | > | > computer
> | > | > | > | > is
> | > | > | > | > | > point
> | > | > | > | > | > | > to
> | > | > | > | > | > | > | SBS internal NIC or you will encounter some
> problem.
> | > | > | > | > | > | > |
> | > | > | > | > | > | > | In order to make the issue more clearly, could
> you
> | > send
> | > | > the
> | > | > | > me
> | > | > | > | > all
> | > | > | > | > | > event
> | > | > | > | > | > | > | log so that we can identify the issue more
> clearly,
> | > | > please
> | > | > | > send
> | > | > | > | > to
> | > | > | > | > | > my
> | > | > | > | > | > | > | mailbox v-chayan@xxxxxxxxxxxxx
> | > | > | > | > | > | > | Thanks for your understanding and effort on this
> | > issue.
> | > | > I
> | > | > | > will
> | > | > | > | > be
> | > | > | > | > | > here
> | > | > | > | > | > | > | waiting for your updates.
> | > | > | > | > | > | > |
> | > | > | > | > | > | > |
> | > | > | > | > | > | > |
> | > | > | > | > | > | > | Best regards,
> | > | > | > | > | > | > |
> | > | > | > | > | > | > | Charles Yang (MSFT)
> | > | > | > | > | > | > |
> | > | > | > | > | > | > | Microsoft CSS Online Newsgroup Support
> | > | > | > | > | > | > |
> | > | > | > | > | > | > | Get Secure! - www.microsoft.com/security
> | > | > | > | > | > | > |
> | > | > | > | > | > | > |
> | > ======================================================
> | > | > | > | > | > | > | This newsgroup only focuses on SBS technical
> issues.
> | > If
> | > | > you
> | > | > | > have
> | > | > | > | > | > issues
> | > | > | > | > | > | > | regarding other Microsoft products, you'd better
> | > post
> | > in
> | > | > the
> | > | > | > | > | > | > corresponding
> | > | > | > | > | > | > | newsgroups so that they can be resolved in an
> | > efficient
> | > | > and
> | > | > | > | > timely
> | > | > | > | > | > | > manner.
> | > | > | > | > | > | > | You can locate the newsgroup here:
> | > | > | > | > | > | > |
> | > | > | > | >
> | > http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
> | > | > | > | > | > | > |
> | > | > | > | > | > | > | When opening a new thread via the web interface,
> we
> | > | > | > recommend
> | > | > | > | > you
> | > | > | > | > | > check
> | > | > | > | > | > | > the
> | > | > | > | > | > | > | "Notify me of replies" box to receive e-mail
> | > | > notifications
> | > | > | > when
> | > | > | > | > | > there
> | > | > | > | > | > | > are
> | > | > | > | > | > | > | any updates in your thread. When responding to
> posts
> | > via
> | > | > | > your
> | > | > | > | > | > | > newsreader,
> | > | > | > | > | > | > | please "Reply to Group" so that others may learn
> and
> | > | > benefit
> | > | > | > | > from
> | > | > | > | > | > your
> | > | > | > | > | > | > | issue.
> | > | > | > | > | > | > |
> | > | > | > | > | > | > | Microsoft engineers can only focus on one issue
> per
> | > | > thread.
> | > | > | > | > Although
> | > | > | > | > | > we
> | > | > | > | > | > | > | provide other information for your reference, we
> | > | > recommend
> | > | > | > you
> | > | > | > | > post
> | > | > | > | > | > | > | different incidents in different threads to keep
> the
> | > | > thread
> | > | > | > | > clean.
> | > | > | > | > | > In
> | > | > | > | > | > | > doing
> | > | > | > | > | > | > | so, it will ensure your issues are resolved in a
> | > timely
> | > | > | > manner.
> | > | > | > | > | > | > |
> | > | > | > | > | > | > | For urgent issues, you may want to contact
> Microsoft
> | > CSS
> | > | > | > | > directly.
> | > | > | > | > | > | > Please
> | > | > | > | > | > | > | check http://support.microsoft.com for regional
> | > support
> | > | > | > phone
> | > | > | > | > | > numbers.
> | > | > | > | > | > | > |
> | > | > | > | > | > | > | Any input or comments in this thread are highly
> | > | > appreciated.
> | > | > | > | > | > | > |
> | > ======================================================
> | > | > | > | > | > | > | This posting is provided "AS IS" with no
> warranties,
> | > and
> | > | > | > confers
> | > | > | > | > no
> | > | > | > | > | > | > rights.
> | > | > | > | > | > | > |
> | > | > | > | > | > | > |
> | > | > | > | > | > | > |
> | > =====================================================
> | > | > | > | > | > | > | When responding to posts, please "Reply to
> Group"
> | > via
> | > | > your
> | > | > | > | > | > newsreader
> | > | > | > | > | > so
> | > | > | > | > | > | > | that others may learn and benefit from your
> issue.
> | > | > | > | > | > | > |
> | > =====================================================
> | > | > | > | > | > | > |
> | > | > | > | > | > | > | This posting is provided "AS IS" with no
> warranties,
> | > and
> | > | > | > confers
> | > | > | > | > no
> | > | > | > | > | > | > rights.
> | > | > | > | > | > | >|
> | > | > | > | > | > | > | --------------------
> | > | > | > | > | > | > | | From: "Robert Zahm" <robzahm@xxxxxxxxxxx>
> | > | > | > | > | > | > | | References:
> | > <OcG325k2FHA.3420@xxxxxxxxxxxxxxxxxxxx>
> | > | > | > | > | > | > | <Pt3yzDq2FHA.2904@xxxxxxxxxxxxxxxxxxxxx>
> | > | > | > | > | > | > | | Subject: Re: Password Expiration
> | > | > | > | > | > | > | | Date: Thu, 27 Oct 2005 16:43:35 -0500
> | > | > | > | > | > | > | | Lines: 314
> | > | > | > | > | > | > | | X-Priority: 3
> | > | > | > | > | > | > | | X-MSMail-Priority: Normal
> | > | > | > | > | > | > | | X-Newsreader: Microsoft Outlook Express
> | > 6.00.2900.2670
> | > | > | > | > | > | > | | X-MimeOLE: Produced By Microsoft MimeOLE
> | > | > V6.00.2900.2670
> | > | > | > | > | > | > | | X-RFC2646: Format=Flowed; Original
> | > | > | > | > | > | > | | Message-ID:
> | > <OyWz89z2FHA.3788@xxxxxxxxxxxxxxxxxxxx>
> | > | > | > | > | > | > | | Newsgroups:
> microsoft.public.windows.server.sbs
> | > | > | > | > | > | > | | NNTP-Posting-Host:
> | > 64-45-168-10.client.cypresscom.net
> | > | > | > | > 64.45.168.10
> | > | > | > | > | > | > | | Path:
> | > | > | > | > | >
> | > | > TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!tk2msftngp13.phx.gbl
> | > | > | > | > | > | > | | Xref: TK2MSFTNGXA01.phx.gbl
> | > | > | > | > | > microsoft.public.windows.server.sbs:165255
> | > | > | > | > | > | > | | X-Tomcat-NG:
> microsoft.public.windows.server.sbs
> | > | > | > | > | > | > | |
> | > | > | > | > | > | > | | Charles,
> | > | > | > | > | > | > | |
> | > | > | > | > | > | > | | I am able to determine that they don't log out
> | > because
> | > | > I
> | > | > | > know
> | > | > | > | > that
> | > | > | > | > | > | > they
> | > | > | > | > | > | > | | don't physically log out when leaving for the
> day,
> | > and
> | > | > | > don't
> | > | > | > | > have
> | > | > | > | > | > to
> | > | > | > | > | > | > log
> | > | > | > | > | > | > | in
> | > | > | > | > | > | > | | when they arrive in the morning. They
> generally
> | > only
> | > | > log
> | > | > | > out
> | > | > | > | > when
> | > | > | > | > | > | > their
> | > | > | > | > | > | > | | passwords have expired and they can no longer
> | > access
> | > | > | > domain
> | > | > | > | > | > resources.
> | > | > | > | > | > | > | | There isn't a particular event that leads me
> to
> | > | > believe
> | > | > | > they
> | > | > | > | > | > aren't
> | > | > | > | > | > | > | logging
> | > | > | > | > | > | > | | out - I know for a fact that they don't, and
> I'm
> | > | > wondering
> | > | > | > if
> | > | > | > | > that
> | > | > | > | > | > is
> | > | > | > | > | > | > why
> | > | > | > | > | > | > | I
> | > | > | > | > | > | > | | am seeing the 1006 and 1030 errors on the
> domain
> | > | > | > controller.
> | > | > | > | > | > | > | |
> | > | > | > | > | > | > | | Event 1704 does not occur all that often on
> the
> | > DC,
> | > I
> | > | > | > included
> | > | > | > | > it
> | > | > | > | > | > so
> | > | > | > | > | > | > that
> | > | > | > | > | > | > | | you could see that it is capable of applying
> the
> | > | > domain
> | > | > | > | > security
> | > | > | > | > | > | > | sometimes,
> | > | > | > | > | > | > | | and it normally occurs a few hours before the
> | > other
> | > | > | > errors.
> | > | > | > | > | > | > | |
> | > | > | > | > | > | > | | Events 1006 and 1030 are occurring on the
> domain
> | > | > | > controller,
> | > | > | > | > not
> | > | > | > | > | > the
> | > | > | > | > | > | > | client
> | > | > | > | > | > | > | | machines, so the suggestion of removing them
> from
> | > the
> | > | > | > domain
> | > | > | > | > and
> | > | > | > | > | > | > adding
> | > | > | > | > | > | > | them
> | > | > | > | > | > | > | | back in doesn't seem to apply.
> | > | > | > | > | > | > | |
> | > | > | > | > | > | > | | I'm not sure why you included information
> | > regarding
> | > | > DNS
> | > | > | > | > updates, I
> | > | > | > | > | > ran
> | > | > | > | > | > | > | | "gpupdate" thinking that it would reapply the
> | > global
> | > | > | > policy,
> | > | > | > | > am
> | > | > | > | > I
> | > | > | > | > | > | > | incorrect
> | > | > | > | > | > | > | | in thinking this? Just the same, under
> "Forward
> | > | > Lookup
> | > | > | > Zones"
> | > | > | > | > I
> | > | > | > | > | > don't
> | > | > | > | > | > | > | see
> | > | > | > | > | > | > | | server.domain.local, but I do see
> _msdcs.domain
> | > local
> | > | > and
> | > | > | > | > | > | > domain.local.
> | > | > | > | > | > | > | | Both have "Dynamic Updates" set to "Secure
> Only."
> | > | > | > | > | > | > | |
> | > | > | > | > | > | > | | The "Distributed File System" service is
> running
> | > on
> | > | > the
> | > | > | > | > SBS2003
> | > | > | > | > | > SP1
> | > | > | > | > | > | > | domain
> | > | > | > | > | > | > | | controller. I also do not see a "DisableDFS"
> | > value
> | > in
> | > | > the
> | > | > | > | > | > registry
> | > | > | > | > | > | > for
> | > | > | > | > | > | > | the
> | > | > | > | > | > | > | | client machines (WinXP SP2).
> | > | > | > | > | > | > | |
> | > | > | > | > | > | > | | Thanks for your help!
> | > | > | > | > | > | > | |
> | > | > | > | > | > | > | | Rob
> | > | > | > | > | > | > | |
> | > | > | > | > | > | > | |
> | > | > | > | > | > | > | | ""Charles Yang [MSFT]""
> | > | > <v-chayan@xxxxxxxxxxxxxxxxxxxx>
> | > | > | > wrote
> | > | > | > | > in
> | > | > | > | > | > | > message
> | > | > | > | > | > | > | | news:Pt3yzDq2FHA.2904@xxxxxxxxxxxxxxxxxxxxxxxx
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > HI Robert.
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > Thanks for using SBS newsgroup.
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > Issue description:
> | > | > | > | > | > | > | | > ===============
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > I understand that you are worry about the
> | > security
> | > | > issue
> | > | > | > on
> | > | > | > | > SBS
> | > | > | > | > | > | > domain,
> | > | > | > | > | > | > | | > due
> | > | > | > | > | > | > | | > to some users seems to logon SBS domain and
> | > never
> | > | > log
> | > | > | > off.
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > Analyzing and suggestions:
> | > | > | > | > | > | > | | > ================
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > Before we go any further, could you clarify
> from
> | > | > what
> | > | > | > event
> | > | > | > | > you
> | > | > | > | > | > | > | determine
> | > | > | > | > | > | > | | > the user logon to SBS domain and never log
> off?
> | > So
> | > | > that
> | > | > | > we
> | > | > | > | > can
> | > | > | > | > | > | > identify
> | > | > | > | > | > | > | | > the
> | > | > | > | > | > | > | | > detailed problem.
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > Generally speaking, the event you paste is
> not
> | > | > related
> | > | > | > to
> | > | > | > | > | > security
> | > | > | > | > | > | > | issue,
> | > | > | > | > | > | > | | > it seems to be the group policy issue. Let
> me
> | > | > explain
> | > | > it
> | > | > | > one
> | > | > | > | > by
> | > | > | > | > | > one:
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > Event 1704
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > If the event did not occur very often, you
> do
> | > not
> | > | > need
> | > | > | > to
> | > | > | > | > care
> | > | > | > | > | > it,
> | > | > | > | > | > | > it
> | > | > | > | > | > | > | just
> | > | > | > | > | > | > | | > means the group policy is refresh, if it
> occurs
> | > | > | > frequently,
> | > | > | > | > | > please
> | > | > | > | > | > | > | refer
> | > | > | > | > | > | > | | > to
> | > | > | > | > | > | > | | > the suggestion below:
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > This issue may occur if the registry
> information
> | > | > | > regarding
> | > | > | > | > Group
> | > | > | > | > | > | > Policy
> | > | > | > | > | > | > | | > refresh has been set inappropriately.
> Please
> | > | > perform
> | > | > | > the
> | > | > | > | > | > following
> | > | > | > | > | > | > | steps:
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > 1. Open Registry Editor.
> | > | > | > | > | > | > | | > 2. Locate to the following key:
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > a) HKLM\SOFTWARE\Microsoft\Windows
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > |
> | > | > | > | > | > | >
> | > | > | > | > | >
> | > | > | > | >
> | > | > | >
> | > | >
> | >
> NT\CurrentVersion\Winlogon\GPExtensions\{827D319E-6EAC-11D2-A4EA-00C04F79F83
> | > | > | > | > | > | > | | > A}
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > 2. Modify the Value
> MaxNoGPOListChangesInterval
> | > to
> | > | > 3c0
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > This is the default value and it will reset
> | > "forced
> | > | > | > policy"
> | > | > | > | > | > | > | re-application
> | > | > | > | > | > | > | | > to 16 hours (960 minutes).
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > For more detailed information regarding this
> | > value,
> | > | > | > please
> | > | > | > | > refer
> | > | > | > | > | > to
> | > | > | > | > | > | > the
> | > | > | > | > | > | > | | > following KB article:
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > 277543 How to delay security policies from
> being
> | > | > applied
> | > | > | > | > | > | > | | > http://support.microsoft.com/?id=277543
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > Error 1006 and 1030:
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > Before we go any further, please make sure
> Do
> | > not
> | > do
> | > | > the
> | > | > | > | > same
> | > | > | > | > | > things
> | > | > | > | > | > | > to
> | > | > | > | > | > | > | | > the
> | > | > | > | > | > | > | | > computers which are not getting this events.
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > 1. Please rejoin the domain follow my steps
> | > below, I
> | > | > | > | > understand
> | > | > | > | > | > that
> | > | > | > | > | > | > you
> | > | > | > | > | > | > | | > have do it but please double check it to
> make
> | > sure
> | > | > that
> | > | > | > you
> | > | > | > | > | > follow
> | > | > | > | > | > | > the
> | > | > | > | > | > | > | | > steps below to do it:
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > Actually this issue can occur if the
> computer
> | > | > accounts
> | > | > | > for
> | > | > | > | > the
> | > | > | > | > | > | > computers
> | > | > | > | > | > | > | | > are corrupted. To resolve the issue, you
> should
> | > try
> | > | > the
> | > | > | > | > | > following
> | > | > | > | > | > | > steps
> | > | > | > | > | > | > | to
> | > | > | > | > | > | > | | > quit and rejoin in the domain (disjoining
> and
> | > | > joining):
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > A. Quit the clients from the domain and join
> in
> | > a
> | > | > | > workgroup
> | > | > | > | > | > | > | (workgroups).
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > B. Open the "Active Directory Users and
> | > Computers"
> | > | > | > snap-in
> | > | > | > | > | > | > (dsa.msc).
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > C. Open the Computers or My
> | > | > | > Business\Computers\SBSComputers
> | > | > | > | > | > | > container.
> | > | > | > | > | > | > | | > Right click on a computer account and choose
> | > Delete.
> | > | > Do
> | > | > | > this
> | > | > | > | > for
> | > | > | > | > | > all
> | > | > | > | > | > | > the
> | > | > | > | > | > | > | | > problematic computers.
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > D. Join the clients into the domain again.
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > You should make sure all clients point to
> the
> | > SBS
> | > | > | > server's
> | > | > | > | > | > internal
> | > | > | > | > | > | > IP
> | > | > | > | > | > | > | | > address as their ONLY DNS server. Also both
> | > network
> | > | > | > adapters
> | > | > | > | > on
> | > | > | > | > | > the
> | > | > | > | > | > | > SBS
> | > | > | > | > | > | > | | > server are pointing to the SBS internal IP
> | > address
> | > | > of
> | > | > | > the
> | > | > | > | > only
> | > | > | > | > | > DNS
> | > | > | > | > | > | > | server.
> | > | > | > | > | > | > | | > In DNS, use forwarder to forward all name
> | > resolution
> | > | > | > | > requests
> | > | > | > | > to
> | > | > | > | > | > the
> | > | > | > | > | > | > | ISP's
> | > | > | > | > | > | > | | > DNS server. For more information, please
> refer
> | > to
> | > | > the
> | > | > | > | > following
> | > | > | > | > | > | > | Microsoft
> | > | > | > | > | > | > | | > Knowledge Base article:
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > 825763 How to configure Internet access in
> | > Windows
> | > | > Small
> | > | > | > | > | > Business
> | > | > | > | > | > | > Server
> | > | > | > | > | > | > | | > 2003
> | > | > | > | > | > | > | | > http://support.microsoft.com/?id=825763
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > Regarding how to check DNS for Dynamic
> Update,
> | > | > please
> | > | > | > run
> | > | > | > | > | > | > DNSMGMT.MSC
> | > | > | > | > | > | > to
> | > | > | > | > | > | > | | > open the DNS management console, right click
> on
> | > the
> | > | > | > | > | > | > | "server.domain.local"
> | > | > | > | > | > | > | | > forward lookup zone and choose Properties
> and
> | > then
> | > | > make
> | > | > | > sure
> | > | > | > | > the
> | > | > | > | > | > | > | "Dynamic
> | > | > | > | > | > | > | | > Updates" is set as "Secure Only". If you
> made
> | > change
> | > | > to
> | > | > | > the
> | > | > | > | > | > settings
> | > | > | > | > | > | > in
> | > | > | > | > | > | > | | > DNS, you should restart the DNS Server
> service
> | > | > (right
> | > | > | > click
> | > | > | > | > on
> | > | > | > | > | > the
> | > | > | > | > | > | > | server
> | > | > | > | > | > | > | | > name and choose All Tasks->Restart).
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > Regarding the event 1030 problem, please
> make
> | > sure
> | > | > the
> | > | > | > | > | > "Distributed
> | > | > | > | > | > | > File
> | > | > | > | > | > | > | | > System" service is started on the server.
> Also
> | > make
> | > | > sure
> | > | > | > DFS
> | > | > | > | > | > Client
> | > | > | > | > | > | > is
> | > | > | > | > | > | > | | > turned on on the clients using the following
> | > steps:
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > WARNING: If you use Registry Editor
> incorrectly,
> | > you
> | > | > may
> | > | > | > | > cause
> | > | > | > | > | > | > serious
> | > | > | > | > | > | > | | > problems that may require you to reinstall
> your
> | > | > | > operating
> | > | > | > | > | > system.
> | > | > | > | > | > | > | | > Microsoft
> | > | > | > | > | > | > | | > cannot guarantee that you can solve problems
> | > that
> | > | > result
> | > | > | > | > from
> | > | > | > | > | > using
> | > | > | > | > | > | > | | > Registry Editor incorrectly. Use Registry
> Editor
> | > at
> | > | > your
> | > | > | > own
> | > | > | > | > | > risk.
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > 1. Click Start, and then click Run.
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > 2. In the Open box, type "regedt32" (without
> the
> | > | > | > quotation
> | > | > | > | > | > marks),
> | > | > | > | > | > | > and
> | > | > | > | > | > | > | | > then
> | > | > | > | > | > | > | | > click OK.
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > 3. In the Registry Editor window, locate the
> | > | > following
> | > | > | > | > registry
> | > | > | > | > | > key:
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | >
> | > | > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Mup
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > 4. In the right details pane, check if you
> see
> | > the
> | > | > | > | > "DisableDFS"
> | > | > | > | > | > | > value.
> | > | > | > | > | > | > | If
> | > | > | > | > | > | > | | > you cannot find it, DFS Client should be
> | > enabled.
> | > If
> | > | > you
> | > | > | > see
> | > | > | > | > it,
> | > | > | > | > | > | > | | > double-click DisableDFS. The DFS client is
> | > turned
> | > | > off
> | > | > if
> | > | > | > the
> | > | > | > | > | > value
> | > | > | > | > | > | > in
> | > | > | > | > | > | > | the
> | > | > | > | > | > | > | | > "Value data" box is 1. The DFS client is
> turned
> | > on
> | > | > if
> | > | > | > the
> | > | > | > | > value
> | > | > | > | > | > in
> | > | > | > | > | > | > the
> | > | > | > | > | > | > | | > "Value data" box is 0.
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > 5. In the Edit DWORD Value dialog box that
> | > appears,
> | > | > type
> | > | > | > "0"
> | > | > | > | > | > | > (without
> | > | > | > | > | > | > | the
> | > | > | > | > | > | > | | > quotation marks) in the "Value data" box,
> and
> | > then
> | > | > click
> | > | > | > OK.
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > 6. On the File menu, click Exit to quit
> Registry
> | > | > Editor.
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > Please do not hesitate to let me know if you
> | > have
> | > | > any
> | > | > | > | > further
> | > | > | > | > | > | > concerns.
> | > | > | > | > | > | > | I
> | > | > | > | > | > | > | | > will be here waitting for your updates.
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > Best regards,
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > Charles Yang (MSFT)
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > Microsoft CSS Online Newsgroup Support
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > Get Secure! - www.microsoft.com/security
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | >
> | > | > ======================================================
> | > | > | > | > | > | > | | > This newsgroup only focuses on SBS technical
> | > issues.
> | > | > If
> | > | > | > you
> | > | > | > | > have
> | > | > | > | > | > | > issues
> | > | > | > | > | > | > | | > regarding other Microsoft products, you'd
> better
> | > | > post
> | > | > in
> | > | > | > the
> | > | > | > | > | > | > | corresponding
> | > | > | > | > | > | > | | > newsgroups so that they can be resolved in
> an
> | > | > efficient
> | > | > | > and
> | > | > | > | > | > timely
> | > | > | > | > | > | > | manner.
> | > | > | > | > | > | > | | > You can locate the newsgroup here:
> | > | > | > | > | > | > | | >
> | > | > | > | > | >
> | > | > http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > When opening a new thread via the web
> interface,
> | > we
> | > | > | > | > recommend
> | > | > | > | > | > you
> | > | > | > | > | > | > check
> | > | > | > | > | > | > | | > the
> | > | > | > | > | > | > | | > "Notify me of replies" box to receive e-mail
> | > | > | > notifications
> | > | > | > | > when
> | > | > | > | > | > | > there
> | > | > | > | > | > | > | are
> | > | > | > | > | > | > | | > any updates in your thread. When responding
> to
> | > posts
> | > | > via
> | > | > | > | > your
> | > | > | > | > | > | > | newsreader,
> | > | > | > | > | > | > | | > please "Reply to Group" so that others may
> learn
> | > and
> | > | > | > benefit
> | > | > | > | > | > from
> | > | > | > | > | > | > your
> | > | > | > | > | > | > | | > issue.
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > Microsoft engineers can only focus on one
> issue
> | > per
> | > | > | > thread.
> | > | > | > | > | > Although
> | > | > | > | > | > | > we
> | > | > | > | > | > | > | | > provide other information for your
> reference,
> we
> | > | > | > recommend
> | > | > | > | > you
> | > | > | > | > | > post
> | > | > | > | > | > | > | | > different incidents in different threads to
> keep
> | > the
> | > | > | > thread
> | > | > | > | > | > clean.
> | > | > | > | > | > | > In
> | > | > | > | > | > | > | | > doing
> | > | > | > | > | > | > | | > so, it will ensure your issues are resolved
> in a
> | > | > timely
> | > | > | > | > manner.
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > For urgent issues, you may want to contact
> | > Microsoft
> | > | > CSS
> | > | > | > | > | > directly.
> | > | > | > | > | > | > | Please
> | > | > | > | > | > | > | | > check http://support.microsoft.com for
> regional
> | > | > support
> | > | > | > | > phone
> | > | > | > | > | > | > numbers.
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > Any input or comments in this thread are
> highly
> | > | > | > appreciated.
> | > | > | > | > | > | > | | >
> | > | > ======================================================
> | > | > | > | > | > | > | | > This posting is provided "AS IS" with no
> | > warranties,
> | > | > and
> | > | > | > | > confers
> | > | > | > | > | > no
> | > | > | > | > | > | > | | > rights.
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | >
> | > | > =====================================================
> | > | > | > | > | > | > | | > When responding to posts, please "Reply to
> | > Group"
> | > | > via
> | > | > | > your
> | > | > | > | > | > | > newsreader
> | > | > | > | > | > | > so
> | > | > | > | > | > | > | | > that others may learn and benefit from your
> | > issue.
> | > | > | > | > | > | > | | >
> | > | > =====================================================
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > This posting is provided "AS IS" with no
> | > warranties,
> | > | > and
> | > | > | > | > confers
> | > | > | > | > | > no
> | > | > | > | > | > | > | | > rights.
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | | > --------------------
> | > | > | > | > | > | > | | > | From: "Robert Zahm" <robzahm@xxxxxxxxxxx>
> | > | > | > | > | > | > | | > | Subject: Password Expiration
> | > | > | > | > | > | > | | > | Date: Wed, 26 Oct 2005 11:58:16 -0500
> | > | > | > | > | > | > | | > | Lines: 72
> | > | > | > | > | > | > | | > | X-Priority: 3
> | > | > | > | > | > | > | | > | X-MSMail-Priority: Normal
> | > | > | > | > | > | > | | > | X-Newsreader: Microsoft Outlook Express
> | > | > 6.00.2900.2670
> | > | > | > | > | > | > | | > | X-RFC2646: Format=Flowed; Original
> | > | > | > | > | > | > | | > | X-MimeOLE: Produced By Microsoft MimeOLE
> | > | > | > V6.00.2900.2670
> | > | > | > | > | > | > | | > | Message-ID:
> | > | > <OcG325k2FHA.3420@xxxxxxxxxxxxxxxxxxxx>
> | > | > | > | > | > | > | | > | Newsgroups:
> | > microsoft.public.windows.server.sbs
> | > | > | > | > | > | > | | > | NNTP-Posting-Host:
> | > | > 64-45-168-10.client.cypresscom.net
> | > | > | > | > | > 64.45.168.10
> | > | > | > | > | > | > | | > | Path:
> | > | > | > | > | > | >
> | > | > | >
> TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP15.phx.gbl
> | > | > | > | > | > | > | | > | Xref: TK2MSFTNGXA01.phx.gbl
> | > | > | > | > | > | > microsoft.public.windows.server.sbs:164757
> | > | > | > | > | > | > | | > | X-Tomcat-NG:
> | > microsoft.public.windows.server.sbs
> | > | > | > | > | > | > | | > |
> | > | > | > | > | > | > | | > | Some of our users like to remain logged
> into
> | > our
> | > | > SBS
> | > | > | > | > domain
> | > | > | > | > | > and
> | > | > | > | > | > | > never
> | > | > | > | > | > | > | | > log
> | > | > | > | > | > | > | | > | out. I understand that this is not a very
> | > good
> | > | > | > security
> | > | > | > | > | > practice,
> | > | > | > | > | > | > but
> | > | > | > | > | > | > | | > the
> | > | > | > | > | > | > | | > | behavior is unlikely to change.
> | > | > | > | > | > | > | | > |
> | > | > | > | > | > | > | | > | I've been seeing a few events logged
> recently
> | > | > related
> | > | > | > to
> | > | > | > | > | > applying
> | > | > | > | > | > | > | group
> | > | > | > | > | > | > | | > | policy (events are included at the bottom
> of
> | > this
> | > | > | > email),
> | > | > | > | > and
> | > | > | > | > | > I'm
> | > | > | > | > | > | > | | > wondering
> | > | > | > | > | > | > | | > | if this could be caused by users who are
> | > logged
> | > in
> | > | > | > with
> | > | > | > | > | > passwords
> | > | > | > | > | > | > that
> | > | > | > | > | > | > | | > have
> | > | > | > | > | > | > | | > | since expired. If I run "gpupdate" from
> the
> | > | > command
> | > | > | > line,
> | > | > | > | > I
> | > | > | > | > | > don't
> | > | > | > | > | > | > see
> | > | > | > | > | > | > | | > any
> | > | > | > | > | > | > | | > | error messages appear in the logs, which
> leads
> | > me
> | > | > to
> | > | > | > | > believe
> | > | > | > | > | > that
> | > | > | > | > | > | > it
> | > | > | > | > | > | > | is
> | > | > | > | > | > | > | | > not
> | > | > | > | > | > | > | | > | the passwords causing it. Anyone have any
> | > ideas
> | > | > for
> | > | > | > | > | > | > troubleshooting
> | > | > | > | > | > | > | | > this
> | > | > | > | > | > | > | | > | error?
> | > | > | > | > | > | > | | > |
> | > | > | > | > | > | > | | > | If this is being caused by expired
> passwords,
> | > is
> | > | > there
> | > | > | > any
> | > | > | > | > way
> | > | > | > | > | > I
> | > | > | > | > | > | > can
> | > | > | > | > | > | > | be
> | > | > | > | > | > | > | | > | notified when a user's password expires so
> | > that
> | > I
> | > | > can
> | > | > | > have
> | > | > | > | > | > them
> | > | > | > | > | > | > log
> | > | > | > | > | > | > | out
> | > | > | > | > | > | > | | > and
> | > | > | > | > | > | > | | > | then log back in?
> | > | > | > | > | > | > | | > |
> | > | > | > | > | > | > | | > | Thanks,
> | > | > | > | > | > | > | | > |
> | > | > | > | > | > | > | | > | Rob
> | > | > | > | > | > | > | | > |
> | > | > | > | > | > | > | | > | Event Type: Information
> | > | > | > | > | > | > | | >| Event Source: SceCli
> | > | > | > | > | > | > | | > | Event Category: None
> | > | > | > | > | > | > | | > | Event ID: 1704
> | > | > | > | > | > | > | | > | Date: 10/26/2005
> | > | > | > | > | > | > | | > | Time: 6:05:55 AM
> | > | > | > | > | > | > | | > | User: N/A
> | > | > | > | > | > | > | | > | Computer: BRADFORDDC01
> | > | > | > | > | > | > | | > | Description:
> | > | > | > | > | > | > | | > | Security policy in the Group policy
> objects
> | > has
> | > | > been
> | > | > | > | > applied
> | > | > | > | > | > | > | | > successfully.
> | > | > | > | > | > | > | | > |
> | > | > | > | > | > | > | | > | For more information, see Help and Support
> | > Center
> | > | > at
> | > | > | > | > | > | > | | > | http://go.microsoft.com/fwlink/events.asp.
> | > | > | > | > | > | > | | > |
> | > | > | > | > | > | > | | > | (the fact that this event is logged, and
> no
> | > errors
> | > | > are
> | > | > | > | > logged
> | > | > | > | > | > when
> | > | > | > | > | > | > I
> | > | > | > | > | > | > | | > | manually run gpupdate leads me to believe
> that
> | > I
> | > | > might
> | > | > | > | > have
> | > | > | > | > a
> | > | > | > | > | > | > problem
> | > | > | > | > | > | > | | > other
> | > | > | > | > | > | > | | > | than the users logged in with expired
> | > passwords).
> | > | > | > | > | > | > | | > |
> | > | > | > | > | > | > | | > |
> | > | > | > | > | > | > | | > | Event Type: Error
> | > | > | > | > | > | > | | > | Event Source: Userenv
> | > | > | > | > | > | > | | > | Event Category: None
> | > | > | > | > | > | > | | > | Event ID: 1006
> | > | > | > | > | > | > | | > | Date: 10/26/2005
> | > | > | > | > | > | > | | > | Time: 10:26:08 AM
> | > | > | > | > | > | > | | > | User: NT AUTHORITY\SYSTEM
> | > | > | > | > | > | > | | > | Computer: BRADFORDDC01
> | > | > | > | > | > | > | | > | Description:
> | > | > | > | > | > | > | | > | Windows cannot bind to
> | > | > | > | > BradfordRealEstateServicesCorp.local
> | > | > | > | > | > | > domain.
> | > | > | > | > | > | > | | > (Local
> | > | > | > | > | > | > | | > | Error). Group Policy processing aborted.
> | > | > | > | > | > | > | | > |
> | > | > | > | > | > | > | | > | For more information, see Help and Support
> | > Center
> | > | > at
> | > | > | > | > | > | > | | > | http://go.microsoft.com/fwlink/events.asp.
> | > | > | > | > | > | > | | > |
> | > | > | > | > | > | > | | > |
> | > | > | > | > | > | > | | > | Event Type: Error
> | > | > | > | > | > | > | | > | Event Source: Userenv
> | > | > | > | > | > | > | | > | Event Category: None
> | > | > | > | > | > | > | | > | Event ID: 1030
> | > | > | > | > | > | > | | > | Date: 10/26/2005
> | > | > | > | > | > | > | | > | Time: 10:26:08 AM
> | > | > | > | > | > | > | | > | User: NT AUTHORITY\SYSTEM
> | > | > | > | > | > | > | | > | Computer: BRADFORDDC01
> | > | > | > | > | > | > | | > | Description:
> | > | > | > | > | > | > | | > | Windows cannot query for the list of Group
> | > Policy
> | > | > | > objects.
> | > | > | > | > | > Check
> | > | > | > | > | > | > the
> | > | > | > | > | > | > | | > event
> | > | > | > | > | > | > | | > | log for possible messages previously
> logged
> by
> | > the
> | > | > | > policy
> | > | > | > | > | > engine
> | > | > | > | > | > | > that
> | > | > | > | > | > | > | | > | describes the reason for this.
> | > | > | > | > | > | > | | > |
> | > | > | > | > | > | > | | > | For more information, see Help and Support
> | > Center
> | > | > at
> | > | > | > | > | > | > | | > | http://go.microsoft.com/fwlink/events.asp.
> | > | > | > | > | > | > | | > |
> | > | > | > | > | > | > | | > |
> | > | > | > | > | > | > | | > |
> | > | > | > | > | > | > | | >
> | > | > | > | > | > | > | |
> | > | > | > | > | > | > | |
> | > | > | > | > | > | > | |
> | > | > | > | > | > | > |
> | > | > | > | > | > | > |
> | > | > | > | > | > | >
> | > | > | > | > | > |
> | > | > | > | > | > |
> | > | > | > | > | > |
> | > | > | > | > | >
> | > | > | > | > |
> | > | > | > | > |
> | > | > | > | > |
> | > | > | > | >
> | > | > | > |
> | > | > | > |
> | > | > | > |
> | > | > | >
> | > | > |
> | > | > |
> | > | > |
> | > | >
> | > |
> | > |
> | > |
> | >
> |
> |
> |
>


.

---

• Follow-Ups:
  • Re: Password Expiration
    • From: "Charles Yang [MSFT]"

• References:
  • Re: Password Expiration
    • From: Robert Zahm
  • Re: Password Expiration
    • From: "Charles Yang [MSFT]"

• Prev by Date: Re: Single mailbox restore in SBS2003
• Next by Date: Spyware solution?
• Previous by thread: Re: Password Expiration
• Next by thread: Re: Password Expiration
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: RWW Timing ... If you have installed ISA, ... Expand the server node and highlight ''Monitoring''. ... In the following website you can find many useful resources related to SBS ... Microsoft CSS Online Newsgroup Support ... (microsoft.public.windows.server.sbs) Re: R2 w/ISA User type account cannot use my companys internal website ... Alerts\Core Server Alerts ... Microsoft CSS Online Newsgroup Support ... And our product group is still reviewing the impact of the upgrade SBS ... (microsoft.public.windows.server.sbs) RE: Fax monitor incoming + outgoing calls? ... Perform clean boot on the SBS server. ... Uninstall and reinstall the windows fax service from Add/Remove ... Uninstall and reinstall the SBS fax services from Add/Remove ... Microsoft CSS Online Newsgroup Support ... (microsoft.public.windows.server.sbs) Re: Active X issue ... the client workstations and SBS server will not sync successfully. ... we must first make sure that the Time service on the SBS ... so that the client workstation could synchronize ... Microsoft CSS Online Newsgroup Support ... (microsoft.public.windows.server.sbs) Re: Some Questions ... remote pop3 which is hosted by Burst Data in Philadelphia. ... server from an outside connection. ... Logon to one of the client workstations in the SBS network. ... = e = Restart the Microsoft Connector for POP3 Mailboxes. ... (microsoft.public.windows.server.sbs)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Windows  > microsoft.public.windows.server.sbs  > 2005-12