Enable Liveupdate Tab Symantec Antivirus Client from Registry

Enable Liveupdate Tab Symantec Antivirus Client from Registry

Scenario: Live update has been disabled by System Administrator but you need to enable it.

It is damn easy if you have got Administrative Privileges on that machine, Let us start the tweak.

HowToDo:

Step1: Open Registry Editor

1. Open Run window and type regedit and then hit Enter

2. Go to “C:\Windows\System32” and search for “regedt32.exe”, double click the same -> if you love to use Mouse
3. Open Command Prompt and there type “regedit”  > Do this if you don’t want to leave any hints of  the commands you executed.

 Step2:  Navigate to the following path:

HKEY_LOCAL_MACHINE\SOFTWARE\INTEL\LANDesk\VirusProtect6\CurrentVersion\PatternManager

Inside Pattern manager you will see one “LockUpdatePattern” REG_DWORD Entry

Just double click on it and change the vale to 0(Zero) to Enable the Liveupdate Tab

 

 Note: If you have a 32bit client installed in a 64bit machine, then you have to navigate as follows.

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\INTEL\LANDesk\VirusProtect6\CurrentVersion\PatternManager

Enable the “LockUpdatePattern” REG_DWORD by changing its vale to 0(Zero)

Congratulations you did it… Now just update your Antivirus to latest definition.

No need to be available in Office Network to get latest updates.

Recover Cisco switch password

How to recover the lost or forgotten password of Cisco switches?

 

 

Today tip will help you to explain the password recovery methods for the Cisco layers 2 switches. You can use these steps also to recover the Cisco layers 3 switches (for example 3550 and 3750 series).  

Follow the step-by-step procedures to recover the lost Cisco switches password: 

First make sure, you have connected your PC to the console port of switch using any emulation software.

Now turn the power switch off and back on to recycle the power then release the mode button for few seconds after the LED above port 1 turns off.

Now your switch first prompt will look like this:

switch: 

First run the flash_init command to initialize the flash. 

switch: flash_init

After running the flash_init command, the following information will appear as under:

1.            switch: flash_init

2.            Initializing Flash...

3.            flashfs[0]: 21 files, 2 directories

4.            flashfs[0]: 0 orphaned files, 0 orphaned directories

5.            flashfs[0]: Total bytes: 7741440

6.            flashfs[0]: Bytes used: 4499456

7.            flashfs[0]: Bytes available: 3241984

8.            flashfs[0]: flashfs fsck took 7 seconds.

9.            ...done initializing flash.

10.        Boot Sector Filesystem (bs:) installed, fsid: 3

11.        Parameter Block Filesystem (pb:) installed, fsid: 4

Now run the load_helper command to load any helper images. 

switch: load_helper 

Issue the dir flash: command to view configuration file name with detail. 

switch: dir flash: 

Now type the rename flash:config.text flash:config.old command to rename the previous configuration file.  

switch: rename flash:config.text flash:config.text.old

Here run the boot command to restart the switch. 

switch: boot

Now after booting process, type enable to enter enable mode at the switch prompt. 

Switch> enable 

Now again type the rename flash:config.old flash:config.text command to rename the previous configuration file.  

Switch#rename flash:config.old flash:config.text 

Here run the copy command to transfer the configuration file to running-config 

Switch#copy flash:config.text system:running-config 

Now go to global configuration mode and set the new password.

Switch# configure terminal 

Switch (config)# enable secret password    (type here new password)

At the end saves the running configuration to NVRAM.

Switch# write memory

 

 

 

 

change the Recovery Console Administrator password

How can I change the Recovery Console Administrator password on a Domain Controller?

When you promote a Windows 2000 Server-based computer to a domain controller, you are prompted to type a Directory Service Restore Mode Administrator password. This password is also used by Recovery Console, and is separate from the Administrator password that is stored in Active Directory after a completed promotion.　　

The Administrator password that you use when you start Recovery Console or when you press F8 to start Directory Service Restore Mode is stored in the registry-based Security Accounts Manager (SAM) on the local computer. The SAM is located in the %SystemRoot%\System32\Config folder. The SAM-based account and password are computer specific and they are not replicated to other domain controllers in the domain.

For ease of administration of domain controllers or for additional security measures, you can change the Administrator password for the local SAM. To change the local Administrator password that you use when you start Recovery Console or when you start Directory Service Restore Mode, use one of the following methods:

Method #1

If Windows 2000 Service Pack 2 or later is installed on your computer, you can use the Setpwd.exe utility to change the SAM-based Administrator password. To do this:

At a command prompt, change to the %SystemRoot%\System32 folder.

To change the local SAM-based Administrator password, type

setpwd

and then press ENTER.

To change the SAM-based Administrator password on a remote domain controller, type

setpwd /s: servername

and then press ENTER, where servername is the name of the remote domain controller.

When you are prompted to type the password for the Directory Service Restore Mode Administrator account, type the new password that you want to use.

Note

: If you make a mistake, repeat these steps to run setpwd again.

Method #2

Shut down the domain controller on which you want to change the password.

Restart the computer. When the selection menu screen is displayed during the restart process, press F8 to view advanced startup options.

Select the Directory Service Restore Mode option.

After you successfully log on, use one of the following methods to change the local Administrator password:

At a command prompt, type the following command:

net user administrator *

Use the Local User and Groups snap-in (Lusrmgr.msc) to change the Administrator password.

Shut down and restart the computer.

You can now use the Administrator account to log on to Recovery Console or Directory Services Restore Mode using the new password.

WSUS Force Update

Hi,

copy and pate the below commands to the .txt file then rename the file with.bat file extendion. Now rn the batch file on your local system

batch File1 :-
wuauclt /detectnow
wuauclt /detectnow
wuauclt /detectnow
regedit /s update.reg
wuauclt /detectnow
wuauclt /detectnow
type eophost.txt >> c:\windows\system32\drivers\etc\hosts
regsvr32 /S msxml3.dll
net stop wuauserv
RMDIR /s /q "c:\program files\WindowsUpdate"
DEL C:\WINDOWS\WindowsUpdate.log /F /Q
REG DELETE "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v LastWaitTimeout /f
REG DELETE "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v DetectionStartTime /f
Reg Delete "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v NextDetectionTime /f
Reg Delete  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections /f
regsvr32 /s msxml.dll
regsvr32 /s msxml2.dll
regsvr32 /s msxml3.dll
regsvr32 /s msxml4.dll
net start wuauserv
wuauclt /reauthorization /detectnow
wuauclt /reauthorization /detectnow
wuauclt /reauthorization /detectnow
wuauclt /reauthorization /detectnow
wuauclt /detectnow
wuauclt /detectnow
wuauclt /detectnow
wuauclt /updatenow
wuauclt /updatenow
wuauclt /updatenow
wuauclt /detectnow
wuauclt /detectnow
wuauclt /detectnow


Batch file 2
=======================================================================
@echo off
Echo This batch file will Force the Update Detection from the AU client:
Echo 1. Stops the Automatic Updates Service (wuauserv)
Echo 2. Deletes the LastWaitTimeout registry key (if it exists)
Echo 3. Deletes the DetectionStartTime registry key (if it exists)
Echo 4. Deletes the NextDetectionTime registry key (if it exists)
Echo 5. Restart the Automatic Updates Service (wuauserv)
Echo 6. Force the detection
Pause
@echo on
net stop wuauserv
REG DELETE "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v LastWaitTimeout /f
REG DELETE "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v DetectionStartTime /f
Reg Delete "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v NextDetectionTime /f
net start wuauserv
wuauclt /detectnow
@echo off
Echo This AU client will now check for the Updates on the Local WSUS Server.
Pause
===================================================================

TCP/IP troubleshooting tools

TCP/IP troubleshooting tools

The following list shows some of the TCP/IP diagnostic tools that are included with Windows XP:

　

Basic tools

• Network Diagnostics in Help and Support


• Network Connections folder


• IPConfig command


• Ping command

Sends ICMP Echo Request messages to verify that TCP/IP is configured correctly and that a TCP/IP host is available.
Displays current TCP/IP network configuration values, updates, or releases, Dynamic Host Configuration Protocol (DHCP) allocated leases, and display, register, or flush Domain Name System (DNS) names.
Contains information and configuration for all network connections on the computer. To locate the Network Connections folder, click Start, click Control Panel, and then click Network and Internet Connections.
Contains detailed information about the network configuration and the results of automated tests.

Advanced tools

//

• Hostname command


• Nbtstat command


• PathPing command


• Route command


• Tracert command

Displays the path of a TCP/IP host.
Displays the IP routing table and adds or deletes IP routes.
Displays a path of a TCP/IP host and packet losses at each router along the way.
Displays the status of current NetBIOS over TCP/IP connections, updates the NetBIOS name cache, and displays the registered names and scope ID.
Displays the name of the host computer.

To view the correct command syntax to use with each of these tools, type -? at a command prompt after the name of the tool.

Windows XP Professional tools

// Windows XP Professional contains the following additional tools:

• Event viewer


• Computer Management

Changes network interface drivers and other components.
Records system errors and events.

http://mohanteli.wordpress.com/wp-admin/post.php?post=10&action=edit - topBack to the top

Troubleshooting

// The procedure that you use to troubleshoot TCP/IP issues depends on the type of network connection that you are using and the connectivity problem that you are experiencing.

Automated troubleshooting

// For most issues that involve Internet connectivity, start by using the Network Diagnostics tool to identify the source of the issue. To use Network Diagnostics, follow these steps:

1. Click Start, and then click Help and Support.


2. Click the link to Use Tools to view your computer information and diagnose problems, and then click Network Diagnostics in the list on the left.


3. When you click Scan your system, Network Diagnostics gathers configuration information and performs automated troubleshooting of the network connection.


4. When the process is completed, look for any items that are marked "FAILED" in red, expand those categories, and then view the additional details about what the testing showed.

You can either use that information to resolve the issue or you can provide the information to a network support professional for help. If you compare the tests that failed with the documentation in the Manual Troubleshooting section later in this article, you may be able to determine the source of the issue. To interpret the results for TCP/IP, expand the Network Adapters section of the results, and then expand the network adapter that failed the testing.

You can also start the Network Diagnostics interface directly by using the following command:

netsh diag gui

Manual troubleshooting

// To manually troubleshoot your TCP/IP connectivity, use the following methods in the order that they appear:

Method 1: Use the IPConfig tool to verify the configuration

// To use the IPConfig tool to verify the TCP/IP configuration on the computer that is experiencing the problem, click Start, click Run, and then type cmd. You can now use the ipconfig command to determine the host computer configuration information, including the IP address, the subnet mask, and the default gateway.

The /all parameter for IPConfig generates a detailed configuration report for all interfaces, including any remote access adapters. You can redirect IPConfig output to a file to paste the output into other documents. To do this, type: ipconfig > \folder_name\file_name

The output receives the specified file name and is stored in the specified folder.

You can review the IPConfig output to identify issues that exist in the computer network configuration. For example, if a computer is manually configured with an IP address that duplicates an existing IP address that is already detected, the subnet mask appears as 0.0.0.0.

If your local IP address is returned as 169.254.y.z with a subnet mask of 255.255.0.0, the IP address was assigned by the Automatic Private IP Addressing (APIPA) feature of Windows XP Professional. This assignment means that TCP/IP is configured for automatic configuration, that no DHCP server was found, and that no alternative configuration is specified. This configuration has no default gateway for the interface.

If your local IP address is returned as 0.0.0.0, the DHCP Media Sensing feature override turned on because the network adapter detected its lack of connection to a network, or TCP/IP detected an IP address that duplicates a manually configured IP address.

If you do not identify any issues in the TCP/IP configuration, go to Method 2.

Method 2: Use the Ping tool to test your connectivity

// If you do not identify any issues in the TCP/IP configuration, determine whether the computer can connect to other host computers on the TCP/IP network. To do this, use the Ping tool.

The Ping tool helps you verify IP-level connectivity. The ping command sends an ICMP Echo Request message to a destination host. Use Ping whenever you want to verify that a host computer can send IP packets to a destination host. You can also use Ping to isolate network hardware problems and incompatible configurations.

Note

ping IP address

Note

To use the ping command, follow these steps:

1. Ping the loopback address to verify that TCP/IP is installed and correctly configured on the local computer. To do this, type the following command:

ping 127.0.0.1

If the loopback test fails, the IP stack is not responding. This problem may occur if any one or more of the following conditions is true:

• The TCP drivers are corrupted.


• The network adapter is not working.


• Another service is interfering with IP.

1. Ping the IP address of the local computer to verify that the computer was correctly added to the network. If the routing table is correct, this procedure just forwards the packet to the loopback address of 127.0.0.1. To do this, type the following command:


ping IP address of local host
If the loopback test succeeds but you cannot ping the local IP address, there may be an issue with the routing table or with the network adapter driver.
2. Ping the IP address of the default gateway to verify that the default gateway is working and that you can communicate with a local host on the local network. To do this, type the following command:


ping IP address of default gateway
If the ping fails, you may have an issue with the network adapter, the router or gateway device, the cabling, or other connectivity hardware.
3. Ping the IP address of a remote host to verify that you can communicate through a router. To do this, type the following command:


ping IP address of remote host
If the ping fails, the remote host may not be responding, or there may be a problem with the network hardware between computers. To rule out an unresponsive remote host, use Ping again to a different remote host.
4. Ping the host name of a remote host to verify that you can resolve a remote host name. To do this, type the following command:

ping Host name of remote host

Ping uses name resolution to resolve a computer name into an IP address. Therefore, if you successfully ping an IP address but you cannot ping a computer name, there is a problem with host name resolution, not with network connectivity. Verify that DNS server addresses are configured for the computer, either manually in the properties of TCP/IP, or by automatic assignment. If DNS server addresses are listed when you type the ipconfig /all command, try to ping the server addresses to make sure that they are accessible.

If you cannot use Ping successfully at any point, verify the following configurations:

• Make sure that the local computer's IP address is valid and that it is correct on the General tab of the Internet Protocol (TCP/IP) Properties dialog box or when it is used with the Ipconfig tool.


• Make sure that a default gateway is configured and that the link between the host and the default gateway is working. For troubleshooting purposes, make sure that only one default gateway is configured. Although you can configure more than one default gateway, gateways after the first gateway are used only if the IP stack determines that the original gateway is not working. The purpose of troubleshooting is to determine the status of the first configured gateway. Therefore, you can delete all the other gateways to simplify your task.


• Make sure that Internet Protocol security (IPSec) is not turned on. Depending on the IPSec policy, Ping packets may be blocked or may require security. For more information about IPSec, go to Method 7: Verify Internet Protocol security (IPSec).

Important

If the remote computer that you are pinging is across a high-delay link such as a satellite link, response may take longer. You can use the -w (wait) parameter to specify a longer timeout period than the default timeout of four seconds.IP address is the IP address of the network host that you want to connect to. If you ran the ipconfig /all command, and the IP configuration appeared, you do not have to ping the loopback address and your own IP address. IPConfig has already performed these tasks to display the configuration. When you troubleshoot, verify that a route exists between the local computer and a network host. To do this, use the following command:

Method 3: Use the PathPing tool to verify a route

// The PathPing tool detects packet loss over multiple-hop paths. Run a PathPing analysis to a remote host to verify that the routers on the way to the destination are operating correctly. To do this, type the following command:

pathping IP address of remote host

Method 4: Use the Arp tool to clear the ARP cache

// If you can ping both the loopback address (127.0.0.1) and your IP address but you cannot ping any other IP addresses, use the Arp tool to clear out the Address Resolution Protocol (ARP) cache. To view the cache entries, type any one of the following commands:

arp -a

arp -g

To delete the entries, type the following command:

arp -d IP address

To flush the ARP cache, type the following command:

netsh interface ip delete arpcache

Method 5: Verify the default gateway

The gateway address must be on the same network as the local host. Otherwise, messages from the host computer cannot be forwarded outside the local network. If the gateway address is on the same network as the local host, make sure that the default gateway address is correct. Make sure that the default gateway is a router, not just a host. And make sure that the router is enabled to forward IP datagrams.

Method 6: Use the Tracert tool or the Route tool to verify communications

If the default gateway responds correctly, ping a remote host to make sure that network-to-network communications are working correctly. If communications are not working correctly, use the Tracert tool to trace the path of the destination. For IP routers that are Microsoft Windows 2000-based or Microsoft Windows NT 4.0-based computers, use the Route tool or the Routing and Remote Access snap-in to view the IP routing table. For other IP routers, use the vendor-designated appropriate tool or facility to examine the IP routing table.

Most frequently, you receive the following four error messages when you use Ping during troubleshooting:

TTL Expired in Transit

This error message means that the number of required hops exceeds the Time to Live (TTL). To increase TTL, by use the ping -i command. A routing loop may exist. Use the Tracert command to determine whether misconfigured routers have caused a routing loop.

Destination Host Unreachable

This error message means that no local or remote route exists for a destination host at the sending host or at a router. Troubleshoot the local host or the router's routing table.

Request Timed Out

This error message means that the Echo Reply messages were not received in the designated timeout period. By default, the designated timeout period is four seconds. Use the ping -w command to increase the timeout.

Ping request could not find host

This error message means that the destination host name cannot be resolved. Verify the name and the availability of DNS or WINS servers.

Method 7: Verify Internet Protocol security (Ipsec)

IPSec can improve security on a network, but changing network configurations or troubleshooting problems more difficult. Sometimes, IPSec policies require secured communication on a Windows XP Professional-based computer. These requirements can make it difficult to connect to a remote host. If IPSec is implemented locally, you can turn off the IPSEC Services service in the Services snap-in.

If the difficulties end when you stop the IPSec services, IPSec policies are either blocking the traffic or requiring security for the traffic. Ask the security administrator to modify the IPSec policy.

Method 8: Verify packet filtering

Because of mistakes in packet filtering, address resolution or connectivity may not work. To determine whether packet filtering is the source of a network problem, turn off TCP/IP packet filtering. To do this, follow these steps:

1. Click Start, click Control Panel, click Network and Internet Connections, and then click Network Connections.


2. Right-click the local area connection that you want to modify, and then click Properties.


3. On the General tab, in the This connection uses the following items list, click Internet Protocol (TCP/IP), and then click Properties.


4. Click Advanced, and then click the Options tab.


5. In the Optional Settings dialog box, click TCP/IP Filtering, and then click the Properties tab.


6. Click to clear the Enable TCP/IP Filtering (All adapters) check box, and then click OK.

To ping an address, use its DNS name, its NetBIOS computer name, or its IP address. If the ping succeeds, the packet filtering options may be misconfigured or too restrictive. For example, the filtering can allow the computer to act as a Web server, but, to do this, the filtering may turn off tools such as remote administration. To restore a wider range of permissible filtering options, change the permitted values for the TCP port, the UDP port, and the IP protocol.

Method 9: Verify the connection to a specific server

//

To determine the cause of connectivity problems when you are trying to connect to a specific server through NetBIOS-based connections, use the nbtstat -n command on the server to determine what name the server registered on the network.

The nbtstat -n output command lists several names that the computer has registered. The list will include a name that looks similar to the computer's name that is configured on the Computer Name tab under System in Control Panel. If not, try one of the other unique names that the nbtstat command displays.

The Nbtstat tool can also display the cached entries for remote computers from #PRE entries in the Lmhosts file or from recently resolved names. If the name that the remote computers are using for the server is the same, and the other computers are on a remote subnet, make sure that the other computers have the computer's name-to-address mapping in their Lmhosts files or WINS servers.

Method 10: Verify remote connections

To determine why a TCP/IP connection to a remote computer stops responding, use the netstat -a command to show the status of all activity for TCP and UDP ports on the local computer.

Typically, a good TCP connection shows 0 bytes in the Sent and Received queues. If data is blocked in either queue or the state of the queues is irregular, the connection may be faulty. If data is not blocked, and the state of the queues is typical, you may be experiencing network or program delay.

Method 11: Use the Route tool to examine the routing table

For two hosts to exchange IP datagrams, both hosts must have a route to each other, or they must use default gateways that have a route. To view the routing table on a Windows XP-based host, type the following command:

route print

Method 12: Use the Tracert tool to examine paths

Tracert sends ICMP Echo Request messages that have incrementally higher values in the IP header TTL field to determine the path from one host to another through a network. Then Tracert analyzes the ICMP messages that are returned. With Tracert, you can track the path from router to router for up to 30 hops. If a router has failed, or the packet is routed into a loop, Tracert reveals the problem. After you locate the problem router, you can contact the router administrator if the router is offsite, or you can restore the router to fully functional status if the router is under your control.

Method 13: Troubleshoot gateways

If you receive the following error message during configuration, determine whether the default gateway is located on the same logical network as the computer's network adapter:

Your default gateway does not belong to one of the configured interfaces

Compare the network ID part of the default gateway IP address with the network IDs of the computer's network adapters. Specifically, verify that the bitwise logical AND of the IP address and the subnet mask equals the bitwise logical AND of the default gateway and the subnet mask.

For example, a computer that has a single network adapter that is configured with an IP address of 172.16.27.139 and a subnet mask of 255.255.0.0 must use a default gateway of the form 172.16.y.z. The network ID for this IP interface is 172.16.0.0.

Reference : http://support.microsoft.com/kb/314067

Microsoft Licensing basics

Microsoft licensing is very difficult to understand, as it is different for every other product. below are the typers of licenses.

User CALs

With the User CAL, you purchase a CAL for every user who accesses the server to use services such as file storage or printing, regardless of the number of devices they use for that access. Purchasing a User CAL might make more sense if your company employees need to have roaming access to the corporate network using multiple devices, or from unknown devices, or simply have more devices than users in your organization.

Client Access License based on user

Device CALs

With a Device CAL, you purchase a CAL for every device that accesses your server, regardless of the number of users who use that device to access the server. Device CALs may make more economic and administrative sense if your company has workers who share devices, for example, on different work shifts.

Client Access License based on device

External Connectors

If you want external users—such as business partners, external contractors, or customers—to be able to access your network, you have two licensing options:

Acquire CALs for each of your external users.

Acquire External Connector (EC) licenses for each server that will be accessed by your external users.

　

The right to run instances of the server software is licensed separately; the EC, like the CAL, simply permits access. The decision on whether to acquire CALs or an EC for external users is primarily a financial one.

Server Licensing Not Requiring CALs

Some server products are available to be licensed on a "per processor" or "per instance" basis.

Per Processor Licensing

Under the Per Processor model, you acquire a Processor License for each processor in the server on which the software is running. A Processor License includes access for an unlimited number of users to connect from either inside the local area network (LAN) or wide area network (WAN), or outside the firewall (via the Internet). You do not need to purchase additional server licenses, CALs, or Internet Connector Licenses.

Software licensed by processor

Specialty Server Licensing

Specialty Server licensing is a commonly used model. Specialty Servers are server-only licenses that also do not require CALs. Specialty Servers require a server license for each instance of the server software running on a server. An example of this is Microsoft Office SharePoint Server for Internet Sites. You can run the instance in a physical or virtual operating system environment. By exception, some products provide more specific use rights.

Specialty Server licensing

Product Cals:

The following table provides information on a variety of Microsoft Server products and the CALs for those products.

　

　

　

　

　

　

　

　

　

　

　

　

　

　

　

　

　

Product	Per Processor CAL	Server CAL	Specialty Server CAL	Management Server CAL
Windows Server
SQL Server
Exchange Server
Office Communications Server
SharePoint Server
System Center

This Blog will help you to understand the basics of microsoft licensing concepts. I will continue sharing the knowledge with you.

An external user is a person who is not an employee or similar personnel of the company or its affiliates, and is not someone to whom you provide hosted services. An EC license assigned to a server permits access by any number of external users, as long as that access is for the benefit of the licensee and not the external user. Each physical server that external users access requires only one EC license regardless of the number of software instances running. An "instance" is an installed copy of software.

External Connector licensing

Install winxp with PEN Drive

First up, we need to prepare the flash drive.

1. Download and unzip this file (http://geniushackers.com/blog/wp-content/uploads/2009/06/flash-drive-prep.zip), which should contain 2 folders: 1 titled Bootsect, and the other USB_prep8.
2. Navigate to the USB_prep8 folder and click on usb_prep8.cmd. This will bring up a Windows console window.
3. Press any key to continue and a PeToUSB window will open.
4. Make sure your flash drive is selected.
5. Make sure that you have inserted the windows XP CD in your local CD drive.
6.  select the option to Copy the files and option to overwrite the files and click start to format your flash drive.
7. Give the Path to copy the file of your local CD drive.
8. When the format is complete, click OK, but do not close the PeToUSB window or the Windows Console.
9. Open a new console window by typing “cmd” into the run box in the Windows Start Menu.
10. Directed to the second folder – Bootsect folder (if you’re not used to DOS commands, you can type “dir” to list directories and files, type “cd foldername” to navigate to a folder name – called foldername in this example, and if there’s a long folder name you can save time by typing the “cd” and just the first few letters and then hitting the Tab key to fill in the rest of the name).
11. Once you’re in the Bootsect folder, type “bootsect.exe /nt52 g:” if “g” is the letter assigned to your flash drive. If it’s E, then change the letter to e. If it’s Z, make it z. Get it?
12. When this is done, you should see a message letting you know that the bootcode was updated, and you can close this console window (but not the other console window).
13. Close the PeToUSb Window, but make sure not to close the remaining console window yet
14. You should now see a list of 8 options in the console.
15. Select one and find the drive with your Windows installation disc.
16. Select 2 and pick a random drive letter (but not one that’s already on your PC, since this will be a virtual drive used for copying your files).
17. Select 3 and enter the drive letter for your USB flash drive.
18. Select 4 and follow the rest of the on-screen directions and you should be all set.

The process should take about 15-20 minutes. When it’s done, you should have a bootable USB stick that you can use to install Windows XP the same way you would if you had a CD/DVD drive.
A few notes here. First of all, there’s a chance you may get down to step 15 and the program will tell you that it can’t create the virtual drive. This may happen if you’ve already gone through the whole process and are trying to do it again to fix problems. The solution seems to be rebooting your computer and trying again. Or at least that’s what worked for me.
Second, if you use NLite to shrink/slipstream/otherwise modify your Windows XP installation file, make sure you do not remove “manual installation files,” or your USB stick will be pretty much useless.
Once your usb drive is ready, go to your bios and set USB to first position in boot order. Now plug the usb and restart.
Make sure you back up your important documents and files, firefox bookmarks, and drivers if you lost your drivers cd.

How to enable Active Directory event logging

Follow the Instructions to enable the  Active Directory event logging

1.Click Start, Run and enter regedit in the Run dialog box. Click OK

2. This opens the Registry Editor.

3. Click the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Diagnostics

registry key.

4. The entries that are displayed in the right pane are the types of events that can be logged. The

default logging level for each entry is 0 – None.

5. Open the entry for each type of event that you want to log by double-clicking it.

6. In the Value data box of each entry, enter the logging level.

7. Click OK.

How to use Active Directory Replication Monitor

How to use Active Directory Replication Monitor to monitor/troubleshoot replication

Replication Monitor (Replmon) is a graphical management tool included in the Windows Support Tools.

In order to open and use Replmon, it must be installed on a computer running. The computer can be adomain controller, member server, member workstation or stand-alone computer.

Replication Monitor can be used to perform the following activities:

To specify view options, open Replication Monitor, and select Options from the View menu. The options that can be selected on the General tab are:

• 􀁺


• 􀁺


• 􀁺


• 􀁺


• 􀁺


• The Replmon replica synchronization options that can be selected are listed below. These options can be configured by right-clicking a monitored server object, and then selecting Synchronize Each Directory Partition with All Servers. The synchronization options that you can select are:


• 􀁺


• 􀁺


• 􀁺
Cross Site Boundaries: When enabled, you can start intersite replication for RPC connections Push Mode: When enabled, push mode is enabled for replication and the DRA is no longer enabled to pull updates. Disable Transitive Replication: This option can be selected if you want to troubleshoot a failed replication process to a particular domain controller, and you want to manually start the replication process. Enable Debug Logging: This setting relates to debugging Replmon. Log Files: Settings under Log Files are used to change the default location for the log files. Notify When Replication Fails After This Number Of Attempts Show Transitive Replication Partners and Extended Data Show Retired Replication Partners

View the replication topology or replication information in a highly useful graphical format.

Determine whether domain controllers are replicating Active Directory information correctly.

Determine the status of Active Directory replication Manually force replication between domain controllers he information displayed in the main Replication Monitor window is listed below:

Naming contexts

Replication partners

particular naming context.

Server icons

Log entries

Once you have specified a domain controller for monitoring, you can set view options to suit your needs.

: The replication log entries for the connection are displayed in the right pane.: Server icons enable you to determine information at a glance.: Each naming context shows the inbound replication partners for that: All the naming contexts that a server contains are displayed here.

Troubleshooting Active Directory Replication

Troubleshooting Active Directory Replication

Although domain controllers generally automatically manage the replication process, there are instances when incorrect configuration settings or troublesome network connections can prevent Active Directory information from being replicated between domain controllers. There are quite a few mechanisms that can be used to monitor and troubleshoot the Active Directory replication process.

1. The tools available are:








You can also configure Active Directory event loggingThe Dsastat.exe command-line toolReplication Diagnostics Tool (Repadmin.exe)Active Directory Replication Monitor (Replmon.exe)

A few common methods that you can use to monitor or troubleshoot Active Directory replication are summarized below:

• 􀁺
Verify network connectivity in your environment: When Active Directory replication has stopped, verify your existing network connections. For replication to occur, your domain controllers have to be connected by capable LAN links. Using high speed links typically improves replication performance.

• Verify site links
: In order for domain controllers in different sites to exchange Active Directory data or information, you have to configure the appropriate site links. When replication is not occurring between sites, verify that a site link object does link the current site to a site which is connected to the remainder of the sites of the network.

• Verify the replication topology
: You can use the Active Directory Sites and Services console to check that your replication topology is reliable and constant. Errors are displayed in a dialog box in the console.

• Manually verify that Active Directory information has been synchronized. You should on a regular basis verify that information is synchronized between domain controllers within domains.

When replication errors are encountered, check the Directory Service event log in Event Viewer.

　

　

　

　

Active Directory replication errors are written to the Directory Service event log.

There may be instances when Active Directory replication is quite slow. A few methods of correcting this problem are summarized below:

If the configuration value specified for the frequency of intersite replication is set too low, you may experience large delays between when changes are made on one domain controller and when it is replicated on a domain controller in a different site. To fix this problem, consider changing the setting of the replication frequency.

When your existing network resources are unable to cope with the quantity of traffic being generated by Active Directory replication consider the following:

Create site link bridgesCreate site linksIf feasible, configure additional resources for Active Directory replicationIf realistic, modify the setting of the replication frequency

Having no site link bridge can result in Active Directory information taking quite a while to be replicated between domain controllers. You can create a site link bridge or you can bridge all sites. This is typically necessary when there are only site links in your network, but no site link bridges.

Understanding FSMO Roles

Windows 2000/2003 Multi-Master Model

A multi-master enabled database, such as the Active Directory, provides the flexibility of allowing changes to occur at any DC in the enterprise, but it also introduces the possibility of conflicts that can potentially lead to problems once the data is replicated to the rest of the enterprise. One way Windows 2000/2003 deals with conflicting updates is by having a conflict resolution algorithm handle discrepancies in values by resolving to the DC to which changes were written last (that is the last writer wins), while discarding the changes in all other DCs. Although this resolution method may be acceptable in some cases, there are times when conflicts are just too difficult to resolve using the "last writer wins" approach. In such cases, it is best to prevent the conflict from occurring rather than to try to resolve it after the fact.

Windows 2000/2003 Single-Master Model

To prevent conflicting updates in Windows 2000/2003, the Active Directory performs updates to certain objects in a single-master fashion.

In a single-master model, only one DC in the entire directory is allowed to process updates. This is similar to the role given to a primary domain controller (PDC) in earlier versions of Windows (such as Microsoft Windows NT 4.0), in which the PDC is responsible for processing all updates in a given domain.

In a forest, there are five FSMO roles that are assigned to one or more domain controllers.

The five FSMO roles are:

1) Schema Master:

The schema master domain controller controls all updates and modifications to the schema. Once the Schema update is complete, it is replicated from the schema master to all other DCs in the directory. To update the schema of a forest, you must have access to the schema master. There can be only one schema master in the whole forest.

2) Domain naming master:

The domain naming master domain controller controls the addition or removal of domains in the forest. This DC is the only one that can add or remove a domain from the directory. It can also add or remove cross references to domains in external directories. There can be only one domain naming master in the whole forest.

3)Infrastructure Master:

When an object in one domain is referenced by another object in another domain, it represents the reference by the GUID, the SID (for references to security principals), and the DN of the object being referenced. The infrastructure FSMO role holder is the DC responsible for updating an object's SID and distinguished name in a cross-domain object reference. At any one time, there can be only one domain controller acting as the infrastructure master in each domain.

Note: The Infrastructure Master (IM) role should be held by a domain controller that is not a Global Catalog server (GC). If the Infrastructure Master runs on a Global Catalog server it will stop updating object information because it does not contain any references to objects that it does not hold. This is because a Global Catalog server holds a partial replica of every object in the forest. As a result, cross-domain object references in that domain will not be updated and a warning to that effect will be logged on that DC's event log. If all the domain controllers in a domain also host the global catalog, all the domain controllers have the current data, and it is not important which domain controller holds the infrastructure master role.

4) Relative ID (RID) Master:

The RID master is responsible for processing RID pool requests from all domain controllers in a particular domain. When a DC creates a security principal object such as a user or group, it attaches a unique Security ID (SID) to the object. This SID consists of a domain SID (the same for all SIDs created in a domain), and a relative ID (RID) that is unique for each security principal SID created in a domain. Each DC in a domain is allocated a pool of RIDs that it is allowed to assign to the security principals it creates. When a DC's allocated RID pool falls below a threshold, that DC issues a request for additional RIDs to the domain's RID master. The domain RID master responds to the request by retrieving RIDs from the domain's unallocated RID pool and assigns them to the pool of the requesting DC. At any one time, there can be only one domain controller acting as the RID master in the domain.

5) PDC Emulator:

The PDC emulator is necessary to synchronize time in an enterprise. Windows 2000/2003 includes the W32Time (Windows Time) time service that is required by the Kerberos authentication protocol. All Windows 2000/2003-based computers within an enterprise use a common time. The purpose of the time service is to ensure that the Windows Time service uses a hierarchical relationship that controls authority and does not permit loops to ensure appropriate common time usage. The PDC emulator of a domain is authoritative for the domain. The PDC emulator at the root of the forest becomes authoritative for the enterprise, and should be configured to gather the time from an external source. All PDC FSMO role holders follow the hierarchy of domains in the selection of their in-bound time partner.

In a Windows 2000/2003 domain, the PDC emulator role holder retains the following functions:

􀁺

Password changes performed by other DCs in the domain are replicated preferentially to the PDC emulator.

􀁺

Authentication failures that occur at a given DC in a domain because of an incorrect password are forwarded to the PDC emulator before a bad password failure message is reported to the user.

􀁺

Account lockout is processed on the PDC emulator.

􀁺

Editing or creation of Group Policy Objects (GPO) is always done from the GPO copy found in the PDC Emulator's SYSVOL share, unless configured not to do so by the administrator.

• 􀁺

Author : - January 8, 2009
Daniel Petri The PDC emulator performs all of the functionality that a Microsoft Windows NT 4.0 Server based PDC or earlier PDC performs for Windows NT 4.0-based or earlier clients.